| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
libjail: make allocation in jailparam_all() somewhat more robust.
Unsign some variables involved in allocation as they will never be
negative anyways. Provide some bounds checking through reallocarray(3).
This is all very unlikely to have any visible effect.
Reviewed by: jamie
|
| |
|
|
| |
Sponsored by: The FreeBSD Foundation
|
| |
|
|
| |
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
| |
This both avoids some dependencies on xinstall.host and allows
bootstrapping on older releases to work due to lack of at least 'install -l'
support.
Sponsored by: EMC / Isilon Storage Division
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.
This makes /lib being populated again.
Reported by: many
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
|
| | | |
|
| | |\
| |/
|/| |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |\ \ |
|
| | | |/
| |/|
| | |
| | | |
Requested by: Simon Gerraty <sjg@juniper.net>
|
| | |/
|/|
| |
| |
| |
| |
| |
| | |
Use __DECONST (instead of my own attempted re-invention) for the iov
parameters to jail_get/set(2). Similarly remove the decost-ish hack
from execvp's argv, except the __DECONST is only added at very end.
While I'm at it, remove an unused variable and fix a comment typo.
|
| |/
|
|
|
|
|
|
|
| |
* jail_setv will leak a parameter name if jailparam_import fails.
* jailparam_all loses the jailparam pointer on realloc error
(a clear freshman mistake).
* If jailparam_init fails, the caller doesn't need to jailparam_free
the buffer. That's not really clear, so set things to NULL allowing
jailparam_free to work without error (though it's still not required).
|
| |
|
|
| |
by testing for the right parameter name.
|
| |
|
|
|
| |
assume that the unnamed final component of "security.jail.param.foo." is
one less than the "foo" component. It might be one greater instead.
|
| |
|
|
|
| |
PR: bin/165515
MFC after: 2 weeks
|
| |
|
|
| |
existing uses. Rename sysctl_handle_quad() to sysctl_handle_64().
|
| |
|
|
|
|
| |
it's absolutely necessary.
MFC after: 1 week
|
| | |
|
| |
|
|
| |
MFC after: 3 days
|
| |
|
|
|
|
| |
Fix a little comment typo.
MFC after: 3 days
|
| |
|
|
|
|
| |
should be freed.
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Remove the internal jailparam_vlist, in favor of using variants of its
logic separately in jail_setv and jail_getv.
Free the temporary parameter list and exported values in jail_setv
and jail_getv.
Noted by: Stanislav Uzunchev
MFC after: 3 days
|
| |
|
|
| |
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
| |
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.
I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
|
| |
|
|
|
|
|
|
| |
jailparam_get.
PR: bin/141692
Submitted by: delphij
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
|
| |
restrictions) were found to be inadequately described by a boolean.
Define a new parameter type with three values (disable, new, inherit)
to handle these and future cases.
Approved by: re (kib), bz (mentor)
Discussed with: rwatson
|
| |
|
|
|
|
| |
Touch up jailparam_import a bit while I'm at it.
Approved by: bz (mentor)
|
|
|
system calls and the security.jail.param sysctls.
Approved by: bz (mentor)
|
