d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
203,746 Commits 72 Branches 135 Tags 3.2 GiB
60d978a75b
Commit Graph

16 Commits

Author SHA1 Message Date
Marcelo Araujo
a6c4189636 Remove unused variable flags reported by clang. The function zygote_clone() 
always receive the flags with value 0 and this flags is never checked on
zygote_main().

Differential Revision:	D2689
Reviewed by:		rodrigc, oshogbo
 2015-07-04 17:38:56 +00:00
Mariusz Zaborski
c36e54bb32 Let the nv.h and dnv.h includes be only in sys directory. 
Change consumers to include those files from sys.
Add duplicated files to ObsoleteFiles.

Approved by:	pjd (mentor)
 2015-07-02 21:58:10 +00:00
Mariusz Zaborski
bd1da0a002 Approved, oprócz użycie RESTORE_ERRNO() do ustawiania errno. 
Change the nvlist_recv() function to take additional argument that
specifies flags expected on the received nvlist. Receiving a nvlist with
different set of flags than the ones we expect might lead to undefined
behaviour, which might be potentially dangerous.

Update consumers of this and related functions and update the tests.

Approved by:	pjd (mentor)

Update man page for nvlist_unpack, nvlist_recv, nvlist_xfer, cap_recv_nvlist
and cap_xfer_nvlist.

Reviewed by:	AllanJude
Approved by:	pjd (mentor)
 2015-05-02 17:45:52 +00:00
Baptiste Daroussin
13eb765f2d Convert sbin/ to LIBADD 
Reduce overlinking
 2014-11-25 11:23:12 +00:00
Baptiste Daroussin
bd0891ceb3 use .Mt to mark up email addresses consistently (part1) 
PR:		191174
Submitted by:	Franco Fichtner  <franco@lastsummer.de>
 2014-06-20 09:40:43 +00:00
Xin LI
37c55e8558 Detach from controlling session of parent. This is similar 
to what is done in daemon(3), which we can not use directly
in this context.

Reviewed by:	pjd
MFC after:	2 weeks
 2014-04-03 22:14:18 +00:00
Jilles Tjoelker
a4986e9aea Fix statically-linked build (WITHOUT_DYNAMICROOT). 2014-03-16 13:43:06 +00:00
Robert Watson
b881b8be1d Update most userspace consumers of capability.h to use capsicum.h instead. 
auditdistd is not updated as I will make the change upstream and then do a
vendor import sometime in the next week or two.

MFC after:	3 weeks
 2014-03-16 11:04:44 +00:00
Pawel Jakub Dawidek
bf90d007d3 If the main casperd process exits, zygote process should exit as well 
instead of spinning.

Reported by:	Mikhail <mp@lenta.ru>
 2014-02-09 21:42:01 +00:00
Christian Brueffer
f613b2d3b1 Remove the .Ex macro that I used for testing. 
Pointy hat:	brueffer
 2014-02-01 12:33:58 +00:00
Christian Brueffer
30342ba61b Bring the exit status wording closer to what .Ex would produce. 
Fixes a typo in the process.

MFC after:	1 week
 2014-02-01 12:30:00 +00:00
Pawel Jakub Dawidek
796aef8d17 Always create /var/run/casper with correct permissions and don't depend on the 
calling process' umask.

Submitted by:	Mikhail <mp@lenta.ru>
 2014-01-09 09:19:59 +00:00
Pawel Jakub Dawidek
36492dd3f5 MFp4 @1189141: 
Change casperd's zygote process title.

MFC after:	1 week
 2013-12-15 22:59:34 +00:00
Pawel Jakub Dawidek
c1788b63ab Some improvements to the casperd manual page. 
Submitted by:	emaste
 2013-12-08 19:32:29 +00:00
Pawel Jakub Dawidek
9a2d4197a7 Initialize cookie before use. 
Reported by:	Coverity
Coverity CID:	1135292
 2013-12-03 13:28:05 +00:00
Pawel Jakub Dawidek
42a8595256 Please welcome casperd daemon. It (and its services) will be responsible for 
giving access to functionality that is not available in capability mode
sandbox. The functionality can be precisely restricted.

Start with the following services:
- system.dns - provides API compatible to:
	- gethostbyname(3),
	- gethostbyname2(3),
	- gethostbyaddr(3),
	- getaddrinfo(3),
	- getnameinfo(3),
- system.grp - provides getgrent(3)-compatible API,
- system.pwd - provides getpwent(3)-compatible API,
- system.random - allows to obtain entropy from /dev/random,
- system.sysctl - provides sysctlbyname(3-compatible API.

Sponsored by:	The FreeBSD Foundation
 2013-12-02 08:21:28 +00:00