303 Commits

Author SHA1 Message Date
Sean Eric Fagan
237f4abc57 Remove some redundant code in _posix1e_acl_strip_np
This was discovered through examination -- acl_copy_entry() copies the
tag type and permset fields.

Reviewed by:	trasz, pfg
Sponsored by:	iXsystems Inc.
Differential Revision:	https://reviews.freebsd.org/D19240
2019-02-19 19:15:15 +00:00
Brad Davis
b6af74d289 Move mac.conf to lib/libc/posix1e/
This leverages CONFS to handle the install of the config file.

Approved by:	re (blanket, pkgbase), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D17162
2018-09-18 01:40:37 +00:00
Pedro F. Giffuni
d915a14ef0 libc: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-25 17:12:48 +00:00
Enji Cooper
7372d8148c acl_to_text(3): start sentences on new lines
Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:12:31 +00:00
Enji Cooper
5f19e26b75 acl_create_entry(3): separate .Nm entries with commas in SYNOPSIS
Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:11:15 +00:00
Enji Cooper
b4b5c4a602 posix1e(3): reference using the section (3) when referencing libbsm with .Xr
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:05:34 +00:00
Enji Cooper
d0fd0203fb Replace dot-dot relative pathing with SRCTOP-relative paths where possible
This reduces build output, need for recalculating paths, and makes it clearer
which paths are relative to what areas in the source tree. The change in
performance over a locally mounted UFS filesystem was negligible in my testing,
but this may more positively impact other filesystems like NFS.

LIBC_SRCTOP was left alone so Juniper (and other users) can continue to
manipulate lib/libc/Makefile (and other Makefile.inc's under lib/libc) as
include Makefiles with custom options.

Discussed with:	marcel, sjg
MFC after:	1 week
Reviewed by:	emaste
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9207
2017-01-20 03:23:24 +00:00
Pedro F. Giffuni
32223c1b7d libc: spelling fixes.
Mostly on comments.
2016-04-30 01:24:24 +00:00
Pedro F. Giffuni
513004a23d libc: replace 0 with NULL for pointers.
While here also cleanup some surrounding code; particularly
drop some malloc() casts.

Found with devel/coccinelle.

Reviewed by:	bde (previous version - all new bugs are mine)
2016-04-10 19:33:58 +00:00
Ed Maste
c38dac681d libc: don't build compat functions if building WITHOUT_SYMVER
WITHOUT_SYMVER necessarily implies building a system without symver
backwards compatability.

Sponsored by:	The FreeBSD Foundation
2016-03-15 19:26:32 +00:00
Edward Tomasz Napierala
de19f22681 Fix typos in .Xrs.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-02-29 16:52:06 +00:00
Mariusz Zaborski
c501d73c7e Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.

Discussed with:		pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by:	drysdale@google.com, bdrewery
Approved by:		pjd (mentor)
Differential Revision:	https://reviews.freebsd.org/D4277
2016-02-25 18:23:40 +00:00
Craig Rodrigues
8d7e1f1585 Remove names from some prototypes 2015-09-20 20:16:34 +00:00
Craig Rodrigues
9762525c95 Adding missing declarations to eliminate -Wmissing-prototypes warnings 2015-09-20 04:06:55 +00:00
Edward Tomasz Napierala
45d55945fd Make it possible to use acl_create_entry_np(3) to use first entry to an
empty ACL, and to append an entry to an ACL.

Submitted by:	sef@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-09-08 14:52:14 +00:00
Xin LI
28ffe927c2 Expose an interface to determine if an ACE is inherited.
Submitted by:	sef
Reviewed by:	trasz
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D3540
2015-09-04 00:14:20 +00:00
Edward Tomasz Napierala
8e6acc531a Fix acl_strip_np(3) breakage introduced in r279962.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-09-03 11:31:34 +00:00
Edward Tomasz Napierala
b0f957f94a Fix the way acl_init(3) uses posix_memalign(3) - the latter doesn't
set errno.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-09-03 11:30:39 +00:00
Xin LI
34103b3cac Instead of doing an no-op (|= 0), actually clear the flags in
acl_clear_flags_np.

MFC after:	2 weeks
2015-08-24 04:49:20 +00:00
Edward Tomasz Napierala
208a8b9532 Update Capsicum and Mandatory Access Control manual pages
to no longer claim they are experimental.

Reviewed by:	rwatson@, wblock@
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D2985
2015-07-25 15:56:49 +00:00
Pedro F. Giffuni
cf0f0b800c libc: plug memory leaks in edge cases for the posix1e code.
CID:	1016705
CID:	1016706
CID:	1016707

Differential Revision:	https://reviews.freebsd.org/D2023
2015-03-13 18:42:43 +00:00
Christian Brueffer
0aee91e1fb Various mdoc fixes and a few EOL whitespace removals.
Found with:	mandoc -Tlint
2014-12-21 12:36:36 +00:00
Edward Tomasz Napierala
c07b9c32f0 Remove acl_size.c; apparently it was never used.
PR:		194398
Submitted by:	ngie@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2014-11-19 19:43:39 +00:00
Edward Tomasz Napierala
62bf353355 Update acl(3) to expand on NFSv4 ACL support.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2014-10-30 10:56:38 +00:00
Edward Tomasz Napierala
02c55812ad Make it clear that ACL flags are NFSv4-only.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2014-10-30 10:49:50 +00:00
Baptiste Daroussin
8fbf3d50e3 use .Mt to mark up email addresses consistently (part4)
PR:		191174
Submitted by:	Franco Fichtner  <franco at lastsummer.de>
2014-06-23 08:25:03 +00:00
Christian Brueffer
fb50471ca9 Correct sorting. 2014-04-15 16:31:23 +00:00
Christian Brueffer
e27a4d582f Mention Capsicum.
MFC after:	1 week
2014-04-15 16:29:21 +00:00
Marcel Moolenaar
8876613dc5 Replace use of ${.CURDIR} by ${LIBC_SRCTOP} and define ${LIBC_SRCTOP}
if not already defined. This allows building libc from outside of
lib/libc using a reach-over makefile.

A typical use-case is to build a standard ILP32 version and a COMPAT32
version in a single iteration by building the COMPAT32 version using a
reach-over makefile.

Obtained from:	Juniper Networks, Inc.
2014-03-04 02:19:39 +00:00
Edward Tomasz Napierala
af2b4c05e2 Fix typo.
Sponsored by:	The FreeBSD Foundation
2013-11-12 12:23:54 +00:00
Edward Tomasz Napierala
d5767efd88 Fix description to actually make sense.
Sponsored by:	The FreeBSD Foundation
2013-11-12 12:22:52 +00:00
Edward Tomasz Napierala
ce157d5c55 Mention acl_get_brand_np(3).
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2013-11-12 10:44:41 +00:00
Jilles Tjoelker
a93705b06e libc: Make various internal file descriptors from fopen() close-on-exec. 2013-08-23 13:59:47 +00:00
Eitan Adler
a164074fc4 Fix several typos
PR:		kern/176054
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
MFC after:	3 days
2013-05-12 16:43:26 +00:00
Joel Dahl
35471bf8ef Minor mdoc nits. 2012-05-13 14:16:04 +00:00
Glen Barber
a3fb6da9ba General mdoc(7) and typo fixes.
PR:		167734
Submitted by:	Nobuyuki Koganemaru (kogane!jp.freebsd.org)
MFC after:	3 days
2012-05-11 20:06:46 +00:00
Joel Dahl
288eac5aed mandoc complains loudly when <TAB>s are misused in columnated lists. Fix
this syntax violation and while I'm here also convert <TAB> to Ta and adjust
quotation marks in order to prevent this problem in the future.
2012-03-29 16:02:40 +00:00
Eitan Adler
50d675f7a9 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
Joel Dahl
41949a1ed5 Remove superfluous paragraph macro. 2012-03-25 12:13:24 +00:00
Edward Tomasz Napierala
181b4eebb9 Make it possible to use permission sets (full_set, modify_set, read_set
and write_set) with setfacl(1).

PR:		kern/154113
Submitted by:	Shawn Webb <lattera at gmail dot com> (earlier version)
MFC after:	1 month
2011-04-09 07:42:25 +00:00
Edward Tomasz Napierala
cdec385674 Move the code around so that libc behaviour does not depend on a variable
that was supposed to be kernel-only.  There should be no functional changes.
2011-03-22 17:44:07 +00:00
Edward Tomasz Napierala
e43af6d3b6 Make acl_strip_np(3) use new trivial ACL format for NFSv4 ACls (three
entries instead of six).  This makes "setfacl -b" do the right thing
for ACLs on ZFS.  UFS recognizes both kinds of trivial ACLs; no change
there.

MFC after:	2 months
2011-03-04 17:23:10 +00:00
Edward Tomasz Napierala
2506c55201 Bump manual page date. 2010-12-13 19:03:10 +00:00
Edward Tomasz Napierala
eda09cb3ff After PSARC/2010/029, "canonical six" no longer exists. 2010-12-13 19:01:23 +00:00
Ulrich Spörlein
0d9deed52c mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
Edward Tomasz Napierala
4089cc8aa1 First step at adopting FreeBSD to support PSARC/2010/029. This makes
acl_is_trivial_np(3) properly recognize the new trivial ACLs.  From
the user point of view, that means "ls -l" no longer shows plus signs
for all the files when running ZFS v28.
2010-09-20 17:10:06 +00:00
Edward Tomasz Napierala
781413510d Arrgh, tested wrong source tree _again_. Fix previous commit. Also,
this and previous one are MFC candidate.

MFC after:	1 month
2010-09-09 20:37:19 +00:00
Edward Tomasz Napierala
7eaa29b5d8 Add minor optimization. It's less strict than its kernel counterpart
due to upcoming ACL changes required by the new ZFS.
2010-09-09 20:07:40 +00:00
Joel Dahl
edfa427cf1 Spelling fixes. 2010-08-02 16:01:45 +00:00
Edward Tomasz Napierala
f59646c2af Fix acl_from_text(3) - and, therefore, setfacl(1) - for user and group
names names starting with a digit.

MFC after:	1 month
2010-07-06 17:20:08 +00:00