diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-02-21 10:32:03 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-02-21 10:32:03 +0000 |
commit | 74bf41b149bacbb9c41cd49e28a27658d11313c2 (patch) | |
tree | 782d39521988bce78816770d9563d67dc6a5efab /share/man/man9/priv.9 | |
parent | c4321353f52fd00cc6dfa587b90de82bc604b19c (diff) | |
download | FreeBSD-src-74bf41b149bacbb9c41cd49e28a27658d11313c2.zip FreeBSD-src-74bf41b149bacbb9c41cd49e28a27658d11313c2.tar.gz |
Refine implementation notes for priv(9): clarify ABI comments, mention
updating Jail's list of privileges.
Diffstat (limited to 'share/man/man9/priv.9')
-rw-r--r-- | share/man/man9/priv.9 | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/share/man/man9/priv.9 b/share/man/man9/priv.9 index 6a82ec0..1a0bec8 100644 --- a/share/man/man9/priv.9 +++ b/share/man/man9/priv.9 @@ -77,9 +77,14 @@ list of current privileges in to see if one already exists for the class of privilege required. Only if there is not an exact match should a new privilege be added to the privilege list. -As the privilege number becomes encoded in the kernel module ABI, privileges -should only be appended to the list, not inserted in the list, and the list -sort order should not be changed. +As privilege numbers becomes encoded in the kernel module ABI, privilege +constants must not be changed as any kernel modules depending on privileges +will then need to be recompiled. +When adding a new privilege, be certain to also determine whether it should +be listed in +.Fn prison_priv_check , +which includes a complete list of privileges granted to the root user in +.Xr jail 2. .Pp Certain catch-all privileges exist, such as .Dv PRIV_DRIVER , |