Commit Graph

172 Commits

Author SHA1 Message Date
Robert Watson
2715ba4892 Add some strategic whitespace. 2003-04-26 03:32:18 +00:00
Robert Watson
8aa884cb01 Add FILES section to mac.3 and mac.conf.5. Properly Xref mac.conf.5
from mac.3; likewise, mac.conf.5 from mac_prepare.3.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-04-20 04:43:56 +00:00
Robert Watson
781a15a533 Add a man page for the mac.conf MAC library configuration file.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-04-20 03:18:44 +00:00
Robert Watson
23408b001b Add the mac_prepare{,_*}() functions to the high-level function list
in the mac.3 library man page.  They were already cross-referenced
at the end of the man page, just not explicitly listed here.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-04-20 02:56:16 +00:00
Robert Watson
ecf889825d Clarify the relationship between the MAC library APIs and POSIX.1e:
they resemble one another, but POSIX.1e interfaces were not sufficiently
expressive to do what we needed.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-04-16 20:40:34 +00:00
Jacques Vidrine
2bbd7cf820 Eliminate 19 warnings in libc (at level WARNS=2) of the
`implicit declaration of function' variety.
2003-02-27 13:40:01 +00:00
Ruslan Ermilov
ace5be682d mdoc(7) police: Scheduled sweep. 2003-02-24 22:53:26 +00:00
Ruslan Ermilov
0213c21b44 mdoc(7) police: kill self-xref. 2003-02-23 01:45:25 +00:00
Ruslan Ermilov
66d8bae40a Punctuation. 2003-02-23 01:44:59 +00:00
Ruslan Ermilov
02d753ca73 Typo. 2003-02-23 01:44:37 +00:00
Ruslan Ermilov
8b6eff89b0 Grammar. 2003-02-23 01:43:45 +00:00
Jacques Vidrine
6d7bd75a4e Whack 28 unused variables. 2003-02-18 13:39:52 +00:00
Jacques Vidrine
e0554a531f Eliminate 61 warnings emitted at WARNS=2 (leaving 53 to go).
Only warnings that could be fixed without changing the generated object
code and without restructuring the source code have been handled.

Reviewed by:	/sbin/md5
2003-02-16 17:29:11 +00:00
Philippe Charnier
d649825182 The .Fn function 2003-02-06 11:04:47 +00:00
Chris Costello
5bc8d71283 Actually add mac_prepare.3.
Sponsored by:	DARPA, Network Associates Laboratories
2003-01-15 03:05:21 +00:00
Chris Costello
8f8690e73b Cross-reference mac(4)
Sponsored by:	DARPA, Network Associates Laboratories
2003-01-15 03:03:05 +00:00
Chris Costello
c75fc22921 s/SEE_ALSO/SEE ALSO/
Cross-reference mac(4) and mac(9)

Sponsored by:	DARPA, Network Associates Laboratories
2003-01-15 03:02:30 +00:00
Chris Costello
76a829fd1d o Document mac_prepare() and associated functions
o Link mac_get_pid.3 to mac_get.3
o Update SEE ALSO to refer to mac_prepare, and added missing references
o Remove clause #3 on my work
o Update mac_get.3 for the updated MAC API

Sponsored by:	DARPA, Network Associates Laboratories
Obtained from:	TrustedBSD Project
2003-01-15 00:45:31 +00:00
Chris Costello
e4ee15b13f o Remove clause #3
o Document mac_set_link().

Sponsored by:	DARPA, Network Associates Labs
2003-01-14 23:20:40 +00:00
Robert Watson
e4c3e988a5 Remove BUGS section indicating that these calls are unimplemented.
Update copyrights.

Obtained from:	TrustedBSD Project
2002-12-29 20:52:42 +00:00
Robert Watson
93724388fc Update acl_set.3, missed in last round:
- Update BUGS: this stuff is implemented.
- Update last modified date.
- Document acl_set_link_np() call.

Obtained from:	TrustedBSD Project
2002-12-29 20:50:30 +00:00
Robert Watson
6394f703dc Update libc POSIX.1e code and documentation to reflect:
- Updated copyrights, modified dates
- Remove "BUGS" entry indicating that ACLs are unimplemented
- Implement acl_*_link() library wrapper variants for get, set,
  delete, aclvalid.
- Document acl_*_link() calls.

Obtained from:	TrustedBSD Project
2002-12-29 20:47:05 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00
Ruslan Ermilov
2efeeba554 mdoc(7) police: "The .Fa argument.". 2002-12-19 09:40:28 +00:00
Ruslan Ermilov
1fae73b137 mdoc(7) police: "The .Fn function". 2002-12-18 12:45:11 +00:00
Ruslan Ermilov
c8d40b7d34 mdoc(7) police: sort xrefs in SEE ALSO. 2002-12-13 16:53:51 +00:00
Ruslan Ermilov
8d5d039f80 Uniformly refer to a file system as "file system".
Approved by:	re
2002-12-12 17:26:04 +00:00
Ruslan Ermilov
051bb54bd3 mdoc(7) police: Added the missing .Os call; it's not strictly
necessary nowadays, but is documented as "required", and may
become so again in the future.

Approved by:	re
2002-12-11 15:55:29 +00:00
Ruslan Ermilov
3b29692060 mdoc(7) police: markup overhaul.
Approved by:	re
2002-12-04 16:28:45 +00:00
Ruslan Ermilov
c51d717f0c libc_r wasn't so tied to libc for 22 months. 2002-11-18 09:50:57 +00:00
Robert Watson
963b8cdcc8 Update acl.3 to xref getfacl(1) and setfacl(1), the recommended tools for
manipulating file ACLs.  Update the status of the implementation a bit,
update the copyright, etc.

Obtained from:	TrustedBSD Project
2002-11-08 15:01:28 +00:00
Chris Costello
2834b91a8d o Make the COMPATIBILITY section a bit less redundant.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Labs
2002-11-06 17:38:18 +00:00
Chris Costello
baae0d7638 o Update man page to reflect the new prototypes for mac_{to,from}_text.
o Remove a (currently) no-longer-pertinent entry from errors.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Labs
2002-11-06 17:34:29 +00:00
Robert Watson
ce311c66ec Hook up the userland wrapper for __mac_execve().
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-06 03:38:47 +00:00
Robert Watson
f8d0815040 License update authorized by NAI: remove clause 3. 2002-11-05 01:42:35 +00:00
Robert Watson
1ccff0f490 Clarify language relating to ACLs, Capabtilities, and MAC, since the
implementation status of these services has changed substantially
since this man page was last updated.
2002-11-04 20:52:09 +00:00
Robert Watson
ec05f17e38 Update license, historical information. 2002-11-04 20:45:44 +00:00
Robert Watson
443ab2a0fd Point out that the MAC Framework is considered experimental. 2002-11-04 20:42:58 +00:00
Chris Costello
311e43248d Scoop out examples illustrating the label text format and refer to
maclabel(7) instead.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Labs
2002-10-28 23:06:04 +00:00
Garrett Wollman
688dfe4533 Do not include <sys/syslimits.h> directly; it is not intended for general
consumption.
2002-10-27 17:44:33 +00:00
Chris Costello
4bae1674ce Place mac_prepare() with the other mac_prepare*() functions. 2002-10-24 01:16:56 +00:00
Chris Costello
0d511a4ea7 mac_free() no longer accepts a void * parameter; only mac_t's are supposed
to be passed.  Point this out in a warning notice, which will eventually
go away, sometime between now and -RELEASE.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-10-24 01:01:29 +00:00
Chris Costello
3261668c1d Remove superfluous empty "FILES" section.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-10-23 23:56:15 +00:00
Chris Costello
b90b17d351 Remove hard sentence breaks.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-10-23 23:55:23 +00:00
Robert Watson
391b1d758d Reflect MAC kernel/user API changes into the libc MAC implementation.
This removes a lot of complexity, since we basically just reserve
space on a retrieval of a label, and pass around strings.  Two new
elements: (1) consumers of the API must now declare what label
elements they are interested in retrieving, or (2) rely on the default
provided in a new configuration file, mac.conf.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:36:11 +00:00
Robert Watson
19eab74a6c .Xr mac.3 and posix1e.3 to mac.9. Point at sys/mac.h in posix1e.3.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 01:52:53 +00:00
Robert Watson
803bf0837b Unhook the per-policy parsing/printing MAC modules in libc to prepare
to bring in the new MAC label management API.  With the new API
revision, we have only policy-agnostic code in libc and the base
kernel.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-21 03:54:24 +00:00
Robert Watson
ecfbf7e46d Update TE policy and MAC text conversion routines to support partial
label updates.  Biba and MLS already supported this.  This permits the
userland library to submit relative updates on MAC labels, rather
than submitting an entire label to replace the current label.  This
also requires changes to the MAC modules, which are forthcoming.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-09 03:09:38 +00:00
Robert Watson
1355f6d016 X-ref mac.3. 2002-08-09 03:03:08 +00:00
Robert Watson
d97fcfce27 Introduce support for Mandatory Access Control and extensible
kernel access control.

Extensions to libc to provide basic MAC label manipulation facilities
for userland.  These interface will be replaced in the next month
or two with more flexible interfaces, but provide sufficient support
to allow use of the Biba and MLS policies for user applications.

libc_r wrappers to follow.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 21:14:42 +00:00