mdoc(7) fixes.

This commit is contained in:
Ruslan Ermilov 2004-07-06 07:26:23 +00:00
parent 2c5470d09e
commit c8cbcbce5c
4 changed files with 42 additions and 32 deletions

View File

@ -26,9 +26,10 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd November 11, 2003
.Os
.Dt cr_seeothergids 9
.Dt CR_SEEOTHERGIDS 9
.Sh NAME
.Nm cr_seeothergids
.Nd determine visibility of objects given their group memberships
@ -37,7 +38,7 @@
.Fn cr_seeothergids "struct ucred *u1" "struct ucred *u2"
.Sh DESCRIPTION
This function determines the visibility of objects in the
kernel based on the group ids in the credentials
kernel based on the group IDs in the credentials
.Fa u1
and
.Fa u2
@ -45,11 +46,11 @@ associated with them.
.Pp
The visibility of objects is influenced by the
.Xr sysctl 8
tunable
variable
.Va security.bsd.see_other_gids .
If this tunable is non-zero, then all objects in the kernel
If this variable is non-zero then all objects in the kernel
are visible to each other irrespective of their group membership.
If this tunable is zero, then the object with credentials
If this variable is zero then the object with credentials
.Fa u2
is visible to the object with credentials
.Fa u1
@ -57,13 +58,13 @@ if either
.Fa u1
is the super-user credential, or if at least one of
.Fa u1 Ns 's
group ids is present in
group IDs is present in
.Fa u2 Ns 's
group set.
.Sh SYSCTL TUNABLES
.Sh SYSCTL VARIABLES
.Bl -tag -width indent
.It Va security.bsd.see_other_gids
must be non-zero if objects with unprivileged credentials are to be
Must be non-zero if objects with unprivileged credentials are to be
able to see each other.
.El
.Sh RETURN VALUES
@ -78,4 +79,4 @@ or
otherwise.
.Sh SEE ALSO
.Xr cr_seeotheruids 9 ,
.Xr p_candebug 9
.Xr p_candebug 9

View File

@ -26,9 +26,10 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd November 11, 2003
.Os
.Dt cr_seeotheruids 9
.Dt CR_SEEOTHERUIDS 9
.Sh NAME
.Nm cr_seeotheruids
.Nd determine visibility of objects given their user credentials
@ -37,7 +38,7 @@
.Fn cr_seeotheruids "struct ucred *u1" "struct ucred *u2"
.Sh DESCRIPTION
This function determines the visibility of objects in the
kernel based on the real user ids in the credentials
kernel based on the real user IDs in the credentials
.Fa u1
and
.Fa u2
@ -45,11 +46,11 @@ associated with them.
.Pp
The visibility of objects is influenced by the
.Xr sysctl 8
tunable
variable
.Va security.bsd.see_other_uids .
If this tunable is non-zero, then all objects in the kernel
are visible to each other irrespective of their user ids.
If this tunable is zero, then the object with credentials
If this variable is non-zero then all objects in the kernel
are visible to each other irrespective of their user IDs.
If this variable is zero then the object with credentials
.Fa u2
is visible to the object with credentials
.Fa u1
@ -59,11 +60,11 @@ is the super-user credential, or if
.Fa u1
and
.Fa u2
have the same real user id.
.Sh SYSCTL TUNABLES
have the same real user ID.
.Sh SYSCTL VARIABLES
.Bl -tag -width indent
.It Va security.bsd.see_other_uids
must be non-zero if objects with unprivileged credentials are to be
Must be non-zero if objects with unprivileged credentials are to be
able to see each other.
.El
.Sh RETURN VALUES
@ -78,4 +79,4 @@ or
otherwise.
.Sh SEE ALSO
.Xr cr_seeothergids 9 ,
.Xr p_candebug 9
.Xr p_candebug 9

View File

@ -26,9 +26,10 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd November 11, 2003
.Os
.Dt p_candebug 9
.Dt P_CANDEBUG 9
.Sh NAME
.Nm p_candebug
.Nd determine debuggability of a process
@ -41,28 +42,30 @@ This function can be used to determine if a given process
.Fa p
is debuggable by the thread
.Fa td .
.Sh SYSCTL TUNABLES
.Sh SYSCTL VARIABLES
The following
.Xr sysctl 8
tunables directly influence the behaviour of
variables directly influence the behaviour of
.Fn p_candebug :
.Bl -tag -width indent
.It Va kern.securelevel
debugging of the init process is not allowed if this tunable is
Debugging of the init process is not allowed if this variable is
.Li 1
or greater.
.It Va security.bsd.unprivileged_proc_debug
must be set to a non-zero value to allow unprivileged processes
Must be set to a non-zero value to allow unprivileged processes
access to the kernel's debug facilities.
.El
.Sh RETURN VALUES
The
.Fn p_candebug
function
returns
.Li 0
if the process denoted by
.Ar p
.Fa p
is debuggable by thread
.Ar td ,
.Fa td ,
or a non-zero error return value otherwise.
.Sh ERRORS
.Bl -tag -width Er
@ -78,7 +81,7 @@ Thread
.Fa td
lacks super-user credentials and process
.Fa p
is executing a set-user-id or set-group-id executable.
is executing a set-user-ID or set-group-ID executable.
.It Bq Er EPERM
Thread
.Fa td
@ -92,15 +95,17 @@ Thread
.Fa td
lacks super-user credentials and process
.Fa p Ns 's
user ids do not match thread
user IDs do not match thread
.Fa td Ns 's
effective user id.
effective user ID.
.It Bq Er EPERM
Process
.Fa p
denotes the initial process
.Fn initproc
and the sysctl tunable
and the
.Xr sysctl 8
variable
.Va kern.securelevel
is greater than zero.
.It Bq Er ESRCH

View File

@ -26,9 +26,10 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd December 11, 2003
.Os
.Dt prison_check 9
.Dt PRISON_CHECK 9
.Sh NAME
.Nm prison_check
.Nd determine if two credentials belong to the same jail
@ -43,7 +44,9 @@ and
.Fa cred2
belong to the same jail.
.Sh RETURN VALUES
The
.Fn prison_check
function
returns
.Er ESRCH
if
@ -57,4 +60,4 @@ In all other cases,
.Fn prison_check
returns zero.
.Sh SEE ALSO
.Xr jail 2
.Xr jail 2