| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
label updates. Biba and MLS already supported this. This permits the
userland library to submit relative updates on MAC labels, rather
than submitting an entire label to replace the current label. This
also requires changes to the MAC modules, which are forthcoming.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kernel access control.
Extensions to libc to provide basic MAC label manipulation facilities
for userland. These interface will be replaced in the next month
or two with more flexible interfaces, but provide sufficient support
to allow use of the Biba and MLS policies for user applications.
libc_r wrappers to follow.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
| |
MFC after: 3 weeks
|
|
|
|
| |
I believe have made all of libc .c's as consistent as possible.
|
| |
|
|
|
|
|
|
|
|
| |
- if (!var) -> if (var == NULL)
o spelling fix (althouh -> although)
Reviewed by: rwatson
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
| |
- if (!var) -> if (var == NULL)
- return val; -> return (val);
Reviewed by: rwatson
Obtained from: TrustedBSD Project
|
|
|
|
|
| |
Reviewed by: rwatson
Obtained from: TrustedBSD Project
|
|
|
|
|
| |
Reviewed by: rwatson
Obtained from: TrustedBSD Project
|
|
|
|
|
|
| |
- if (!var) -> if (var == NULL)
- return val; -> return (val);
o update copyright
|
|
|
|
| |
Obtained from: TrustedBSD Project
|
|
|
|
|
|
| |
o update copyright dates.
Reviewed by: rwatson
|
|
|
|
|
| |
PR: 33660
Submitted by: Rich Morin <rdm@cfcl.com>, Tom Rhodes <darklogik@pittgoth.com>
|
|
|
|
|
|
|
|
| |
o Document the following capabilities: CAP_NET_ADMIN, CAP_SYS_RAWIO,
CAP_SYS_ADMIN, and CAP_SYS_TTY_CONFIG.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
|
|
| |
extattr namespace routines to the libc/posix1e directory. While
the extattr calls are not strictly POSIX.1e, POSIX.1e wasn't
strictly ever approved, so I think that's OK.
Obtained from: TrustedBSD Project
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Removed whitespace at EOL
o Removed hard sentence breaks
o Added cap_size() to the NAME section
o Normalized .Nd descriptions
o Fixed the abuses of .Nm and .Va
o Fixed some DESCRIPTION texts
o Fixed the RETURN VALUES and ERRORS texts to look more traditional
Reviewed by: tmm
|
|
|
|
|
|
| |
support.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
| |
sys/capability.h--this compiled fine on i386 where (int) and (ssize_t)
are the same, but broke on Alpha where they differ.
Submitted by: Mike Barcroft <mike@FreeBSD.org>
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
| |
o Attach cap_copy_ext.3 and cap_copy_int.3 to the install, and link
cap_size.3 to cap_copy_ext.3.
Submitted by: tmm
Obtained from: TrustedBSD Project
|
|
|
|
| |
Submitted by: yar
|
|
|
|
|
| |
Submitted by: tmm
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
sys/capability.h now.
Submitted by: tmm
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
support functions:
cap_subset_np() - Is cap1 a subset of cap2
cap_equal_np() - Is cap1 equal to cap2
o Introduce implementations of POSIX.1e capability support functions:
cap_copy_ext() - Externalize capability
cap_copy_int() - Internalize capability
cap_size() - Determine size required for cap_copy_ext()
Submitted by: tmm
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
|
|
| |
documented by POSIX.1e, and understand the opaque capability structures.
Introduce support in the userland POSIX.1e library for a
_CAPABILITY_NEEDMACROS define to remove these macros from the normal
namespace, but allow the libc functions to use them.
Submitted by: tmm
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
an exception to it.
Submitted by: tmm
Obtained from: TrustedBSD Project
|
|
|
|
| |
MFC after: 2 weeks
|
|
|
|
| |
Reviewed by: ru
|
|
|
|
| |
Reviewed by: ru
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
extattr_namespace_to_string.
Reviewed by: rwatson
|
| |
|
|
|
|
|
|
|
|
| |
xntpd.8 --> ntpd.8
acl_delete_perms.3 --> acl_delete_perm.3
getname.2 --> getsockname.2
MFC after: 1 week
|
| |
|
|
|
|
| |
Submitted by: Alex Zepeda <jazepeda@pacbell.net>
|
|
|
|
| |
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
|
|
|
| |
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
the stubs do errno assignments and return -1 in this case, so that errno
would end up with this value.
Approved by: rwatson
|
| |
|
| |
|