| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
Reviewed by: green
Obtained from: TrustedBSD Project
Security audited by: imp, green
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
u_int64_t flag field, bounding the number of capabilities at 64,
but substantially cleaning up capability logic (there are currently
43 defined capabilities).
o Heads up to anyone actually using capabilities: the constant
assignments for various capabilities have been redone, so any
persistent binary capability stores (i.e., '$posix1e.cap' EA
backing files) must be recreated. If you have one of these,
you'll know about it, so if you have no idea what this means,
don't worry.
o Update libposix1e to reflect this new definition, fixing the
exposed functions that directly manipulate the flags fields.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
status of capabilities (library is complete, kernel work is maintained
outside the tree).
Obtained from: TrustedBSD Project
|
|
|
|
| |
developed and maintained.
|
|
|
|
|
|
|
| |
o Removal of unneeded enum
o Removal of commented out debugging printf()'s.
Obtained from: TrustedBSD Project
|
|
|
|
| |
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
| |
- Include <stdlib.h> and <string.h> as needed for prototypes
- Remove unneeded "error" variables
o Make cap_init() use cap_clear() instead of bzero()
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
o Implementations will remain in the seperately distributed capability
patch until the cap_t type changes are synchronized.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
| |
acl_from_text.3
o Minor whitespace cleanups relative to the TrustedBSD tree to reduce
content-free differences.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
| |
was CAP_CLEAR.
Obtained from: TrustedBSD Project
|
| |
|
|
|
|
|
|
| |
capability-related syscall wrappers.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
soon to be committed syscall stubs. These calls will be used to get
and set capability state associated with executables.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
error was introduced during the merge; fixing it corrects a (correct)
warning about types.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
| |
committed
Obtained from: TrustedBSD Project
|
|
|
|
|
|
| |
- Fix a typo: ``constrains'' -> ``constraints''
Reviewed by: rwatson
|
|
|
|
|
|
|
|
|
|
|
|
| |
.Pp
.Fn func
.Pp
Description ...
with a list (Bl ... Li ... El).
- Remove a superfluous ``.Sh ENVIRONMENT'' and replace it with a ``.Pp''
within the IMPLEMENTATION DETAILS section.
Reviewed by: rwatson
|
|
|
|
|
|
|
|
| |
standardized interface to the capability support in TrustedBSD.
o Not currently enabled in Makefile, as this code depends on syscalls
and include files that will be committed at a later date.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
| |
capabilities summary manpage, cap(3).
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
| |
o Add shared library version 2 to libposix1e given API changes, et al
o Commented out cap_*.c as that is not currently being compiled into
the library (pending syscalls being committed)
Obtained from: TrustedBSD Project
|
|
|
|
| |
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
|
| |
o Switch reference to www.trustedbsd.org instead of POSIX.1e implementation
page
o Add cross references to capabilities man pages
o Remove extended attribute not implemented "BUGS" entry
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
|
| |
- cap.3 describing library interface
- cap_*.3 describing specific API calls
APIs to follow relatively soon, code to follow later.
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
| |
o Remove "BUGS" entries indicating that there's nowhere to store ACLs as
we now have extended attributes.
Obtained from: TrustedBSD Project
|
|
|
|
|
| |
Sort some .Nm values
Decapitalize .Nd values
|
| |
|
|
|
|
| |
Reviewed by: rwatson
|
|
|
|
|
|
|
| |
Introduce ACL man pages en masse for library calls, and general introduction.
Also, fix acl_valid.c non-portable calls to include _np in their names,
making them standard-happy as well as consistent with acl.h
|
|
|
|
|
|
|
|
|
| |
- clean up unneeded AFS ID type
- Add Coda, NTFS, NWFS ACL types
- Add acl_dup() prototype
- Remove acl_calc_mask, which belongs in the editing library
- Introduce posix1e.3, a man page introducing POSIX.1e library calls
(more man pages to follow)
|
|
|
|
|
|
|
|
|
|
| |
adds _np to a couple of function prototypes that provided more broad/useful
interfaces than POSIX.1e interfaces included.
Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to
using different ACL types for non-POSIX.1e ACLs. This should clean up the
existing fuzzy logic that determined when acl_sort() should be applied
before kernel submission.
|
|
|
|
|
|
|
|
|
| |
prettier (?) names, adding some const's around here, et al.
This is commit 4 out of 3, updating the userland library to reflect kernel
interface changes.
Reviewed by: bde
|
| |
|
|
|
|
|
|
| |
problems.
Reviewed by: eivind
|
|
interface. This commit introduces the library, as well as a modest
subset of the ACL calls, with some modifications to support multiple
ACL semantics.
Reviewed by: eivind
|