import sdiff(1) from GSoC 2012
Import sdiff(1) from the diff version written by Raymond Lai, improved during GSoC 2012 by Jesse Hagewood. Compared to the version done in during that summer of code: - Remove the zlib frontend: zsdiff - Compatible output (column size and separators) with GNU sdiff Compared to GNU sdiff in ports: - The only difference is padding using spaces vs tabs Compared to OpenBSD and NetBSD import: - Implement missing options (including long options) from GNU sdiff - Improved support for the edition mode (signal handling) - Output visually compatible with GNU sdiff: size of columns While here import regression tests from NetBSD adapted to fit the output as expected by GNU sdiff Reviewed by: emaste (in part) Obtained from: OpenBSD, NetBSD, GSoC 2012 Relnotes: yes Differential Revision: https://reviews.freebsd.org/D5981 Differential Revision: https://reviews.freebsd.org/D6032 (diff with NetBSD version) Differential Revision: https://reviews.freebsd.org/D6033 (diff with OpenBSD version)
This commit is contained in:
Baptiste Daroussin
parent
5763d9db58
commit
13b5b54865
@ -13,7 +13,6 @@ SUBDIR= ${_binutils} \
|
||||
grep \
|
||||
${_groff} \
|
||||
${_rcs} \
|
||||
sdiff \
|
||||
${_tests}
|
||||
|
||||
SUBDIR_DEPEND_gdb= ${_binutils}
|
||||
|
||||
@ -1,28 +0,0 @@
|
||||
# $FreeBSD$
|
||||
|
||||
DIFFSRC=${.CURDIR}/../../../contrib/diff/src
|
||||
.PATH: ${DIFFSRC} \
|
||||
${.CURDIR}/../../../contrib/diff/lib \
|
||||
${.CURDIR}/../../../contrib/diff/man
|
||||
|
||||
PROG= sdiff
|
||||
SRCS= sdiff.c version-etc.c \
|
||||
error.c xmalloc.c c-stack.c basename.c strtoumax.c \
|
||||
exitfail.c
|
||||
|
||||
# Important for ctype macros!
|
||||
CFLAGS+=-funsigned-char
|
||||
|
||||
CFLAGS+=-I${.CURDIR}/../../../contrib/diff
|
||||
CFLAGS+=-I${.CURDIR}/../../../contrib/diff/src
|
||||
CFLAGS+=-I${.CURDIR}/../../../contrib/diff/lib
|
||||
CFLAGS+=-DHAVE_CONFIG_H
|
||||
CFLAGS+=-DDEFAULT_DIFF_PROGRAM=\"/usr/bin/diff\"
|
||||
|
||||
.for f in sdiff.c
|
||||
${f}: ${DIFFSRC}/${f} ${.CURDIR}/${f}.diff
|
||||
patch -s -o ${.TARGET} < ${.CURDIR}/${f}.diff ${DIFFSRC}/${f}
|
||||
CLEANFILES+= ${f}
|
||||
.endfor
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
@ -1,18 +0,0 @@
|
||||
# $FreeBSD$
|
||||
# Autogenerated - do NOT edit!
|
||||
|
||||
DIRDEPS = \
|
||||
gnu/lib/csu \
|
||||
gnu/lib/libgcc \
|
||||
include \
|
||||
include/xlocale \
|
||||
lib/${CSU_DIR} \
|
||||
lib/libc \
|
||||
lib/libcompiler_rt \
|
||||
|
||||
|
||||
.include <dirdeps.mk>
|
||||
|
||||
.if ${DEP_RELDIR} == ${_DEP_RELDIR}
|
||||
# local dependencies - needed for -jN in clean tree
|
||||
.endif
|
||||
@ -1,11 +0,0 @@
|
||||
$FreeBSD$
|
||||
--- sdiff.c.orig 2004-04-12 15:44:35.000000000 +0800
|
||||
+++ sdiff.c 2007-06-15 14:53:08.790433972 +0800
|
||||
@@ -455,7 +455,6 @@
|
||||
initialize_main (&argc, &argv);
|
||||
program_name = argv[0];
|
||||
setlocale (LC_ALL, "");
|
||||
- bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
textdomain (PACKAGE);
|
||||
c_stack_action (cleanup);
|
||||
|
||||
@ -134,6 +134,7 @@ SUBDIR= alias \
|
||||
rusers \
|
||||
rwall \
|
||||
script \
|
||||
sdiff \
|
||||
sed \
|
||||
send-pr \
|
||||
seq \
|
||||
|
||||
16
usr.bin/sdiff/Makefile
Normal file
16
usr.bin/sdiff/Makefile
Normal file
@ -0,0 +1,16 @@
|
||||
# $FreeBSD$
|
||||
|
||||
.include <src.opts.mk>
|
||||
|
||||
PROG= sdiff
|
||||
SRCS= common.c edit.c sdiff.c
|
||||
WARNS= 3
|
||||
|
||||
LIBADD= util
|
||||
MAN1= sdiff.1
|
||||
|
||||
.if ${MK_TESTS} != "no"
|
||||
SUBDIR+= tests
|
||||
.endif
|
||||
|
||||
.include <bsd.progs.mk>
|
||||
24
usr.bin/sdiff/common.c
Normal file
24
usr.bin/sdiff/common.c
Normal file
@ -0,0 +1,24 @@
|
||||
/* $OpenBSD: common.c,v 1.4 2006/05/25 03:20:32 ray Exp $ */
|
||||
|
||||
/*
|
||||
* Written by Raymond Lai <ray@cyth.net>.
|
||||
* Public domain.
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include <err.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "common.h"
|
||||
|
||||
void
|
||||
cleanup(const char *filename)
|
||||
{
|
||||
|
||||
if (unlink(filename))
|
||||
err(2, "could not delete: %s", filename);
|
||||
exit(2);
|
||||
}
|
||||
9
usr.bin/sdiff/common.h
Normal file
9
usr.bin/sdiff/common.h
Normal file
@ -0,0 +1,9 @@
|
||||
/* $OpenBSD: common.h,v 1.2 2006/05/25 03:20:32 ray Exp $ */
|
||||
/* $FreeBSD$ */
|
||||
|
||||
/*
|
||||
* Written by Raymond Lai <ray@cyth.net>.
|
||||
* Public domain.
|
||||
*/
|
||||
|
||||
void cleanup(const char *) __dead2;
|
||||
209
usr.bin/sdiff/edit.c
Normal file
209
usr.bin/sdiff/edit.c
Normal file
@ -0,0 +1,209 @@
|
||||
/* $OpenBSD: edit.c,v 1.19 2009/06/07 13:29:50 ray Exp $ */
|
||||
|
||||
/*
|
||||
* Written by Raymond Lai <ray@cyth.net>.
|
||||
* Public domain.
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
#include <ctype.h>
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#include <paths.h>
|
||||
#include <signal.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "common.h"
|
||||
#include "extern.h"
|
||||
|
||||
int editit(const char *);
|
||||
|
||||
/*
|
||||
* Execute an editor on the specified pathname, which is interpreted
|
||||
* from the shell. This means flags may be included.
|
||||
*
|
||||
* Returns -1 on error, or the exit value on success.
|
||||
*/
|
||||
int
|
||||
editit(const char *pathname)
|
||||
{
|
||||
char *argp[] = {"sh", "-c", NULL, NULL}, *ed, *p;
|
||||
sig_t sighup, sigint, sigquit, sigchld;
|
||||
pid_t pid;
|
||||
int saved_errno, st, ret = -1;
|
||||
|
||||
ed = getenv("VISUAL");
|
||||
if (ed == NULL || ed[0] == '\0')
|
||||
ed = getenv("EDITOR");
|
||||
if (ed == NULL || ed[0] == '\0')
|
||||
ed = _PATH_VI;
|
||||
if (asprintf(&p, "%s %s", ed, pathname) == -1)
|
||||
return (-1);
|
||||
argp[2] = p;
|
||||
|
||||
sighup = signal(SIGHUP, SIG_IGN);
|
||||
sigint = signal(SIGINT, SIG_IGN);
|
||||
sigquit = signal(SIGQUIT, SIG_IGN);
|
||||
sigchld = signal(SIGCHLD, SIG_DFL);
|
||||
if ((pid = fork()) == -1)
|
||||
goto fail;
|
||||
if (pid == 0) {
|
||||
execv(_PATH_BSHELL, argp);
|
||||
_exit(127);
|
||||
}
|
||||
while (waitpid(pid, &st, 0) == -1)
|
||||
if (errno != EINTR)
|
||||
goto fail;
|
||||
if (!WIFEXITED(st))
|
||||
errno = EINTR;
|
||||
else
|
||||
ret = WEXITSTATUS(st);
|
||||
|
||||
fail:
|
||||
saved_errno = errno;
|
||||
(void)signal(SIGHUP, sighup);
|
||||
(void)signal(SIGINT, sigint);
|
||||
(void)signal(SIGQUIT, sigquit);
|
||||
(void)signal(SIGCHLD, sigchld);
|
||||
free(p);
|
||||
errno = saved_errno;
|
||||
return (ret);
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse edit command. Returns 0 on success, -1 on error.
|
||||
*/
|
||||
int
|
||||
eparse(const char *cmd, const char *left, const char *right)
|
||||
{
|
||||
FILE *file;
|
||||
size_t nread;
|
||||
int fd;
|
||||
char *filename;
|
||||
char buf[BUFSIZ], *text;
|
||||
|
||||
/* Skip whitespace. */
|
||||
while (isspace(*cmd))
|
||||
++cmd;
|
||||
|
||||
text = NULL;
|
||||
switch (*cmd) {
|
||||
case '\0':
|
||||
/* Edit empty file. */
|
||||
break;
|
||||
|
||||
case 'b':
|
||||
/* Both strings. */
|
||||
if (left == NULL)
|
||||
goto RIGHT;
|
||||
if (right == NULL)
|
||||
goto LEFT;
|
||||
|
||||
/* Neither column is blank, so print both. */
|
||||
if (asprintf(&text, "%s\n%s\n", left, right) == -1)
|
||||
err(2, "could not allocate memory");
|
||||
break;
|
||||
|
||||
case 'l':
|
||||
LEFT:
|
||||
/* Skip if there is no left column. */
|
||||
if (left == NULL)
|
||||
break;
|
||||
|
||||
if (asprintf(&text, "%s\n", left) == -1)
|
||||
err(2, "could not allocate memory");
|
||||
|
||||
break;
|
||||
|
||||
case 'r':
|
||||
RIGHT:
|
||||
/* Skip if there is no right column. */
|
||||
if (right == NULL)
|
||||
break;
|
||||
|
||||
if (asprintf(&text, "%s\n", right) == -1)
|
||||
err(2, "could not allocate memory");
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
return (-1);
|
||||
}
|
||||
|
||||
/* Create temp file. */
|
||||
if (asprintf(&filename, "%s/sdiff.XXXXXXXXXX", tmpdir) == -1)
|
||||
err(2, "asprintf");
|
||||
if ((fd = mkstemp(filename)) == -1)
|
||||
err(2, "mkstemp");
|
||||
if (text != NULL) {
|
||||
size_t len;
|
||||
ssize_t nwritten;
|
||||
|
||||
len = strlen(text);
|
||||
if ((nwritten = write(fd, text, len)) == -1 ||
|
||||
(size_t)nwritten != len) {
|
||||
warn("error writing to temp file");
|
||||
cleanup(filename);
|
||||
}
|
||||
}
|
||||
close(fd);
|
||||
|
||||
/* text is no longer used. */
|
||||
free(text);
|
||||
|
||||
/* Edit temp file. */
|
||||
if (editit(filename) == -1) {
|
||||
warn("error editing %s", filename);
|
||||
cleanup(filename);
|
||||
}
|
||||
|
||||
/* Open temporary file. */
|
||||
if (!(file = fopen(filename, "r"))) {
|
||||
warn("could not open edited file: %s", filename);
|
||||
cleanup(filename);
|
||||
}
|
||||
|
||||
/* Copy temporary file contents to output file. */
|
||||
for (nread = sizeof(buf); nread == sizeof(buf);) {
|
||||
size_t nwritten;
|
||||
|
||||
nread = fread(buf, sizeof(*buf), sizeof(buf), file);
|
||||
/* Test for error or end of file. */
|
||||
if (nread != sizeof(buf) &&
|
||||
(ferror(file) || !feof(file))) {
|
||||
warnx("error reading edited file: %s", filename);
|
||||
cleanup(filename);
|
||||
}
|
||||
|
||||
/*
|
||||
* If we have nothing to read, break out of loop
|
||||
* instead of writing nothing.
|
||||
*/
|
||||
if (!nread)
|
||||
break;
|
||||
|
||||
/* Write data we just read. */
|
||||
nwritten = fwrite(buf, sizeof(*buf), nread, outfp);
|
||||
if (nwritten != nread) {
|
||||
warnx("error writing to output file");
|
||||
cleanup(filename);
|
||||
}
|
||||
}
|
||||
|
||||
/* We've reached the end of the temporary file, so remove it. */
|
||||
if (unlink(filename))
|
||||
warn("could not delete: %s", filename);
|
||||
fclose(file);
|
||||
|
||||
free(filename);
|
||||
|
||||
return (0);
|
||||
}
|
||||
12
usr.bin/sdiff/extern.h
Normal file
12
usr.bin/sdiff/extern.h
Normal file
@ -0,0 +1,12 @@
|
||||
/* $OpenBSD: extern.h,v 1.5 2009/06/07 13:29:50 ray Exp $ */
|
||||
/* $FreeBSD$ */
|
||||
|
||||
/*
|
||||
* Written by Raymond Lai <ray@cyth.net>.
|
||||
* Public domain.
|
||||
*/
|
||||
|
||||
extern FILE *outfp; /* file to save changes to */
|
||||
extern const char *tmpdir;
|
||||
|
||||
int eparse(const char *, const char *, const char *);
|
||||
174
usr.bin/sdiff/sdiff.1
Normal file
174
usr.bin/sdiff/sdiff.1
Normal file
@ -0,0 +1,174 @@
|
||||
.\" $FreeBSD$
|
||||
.\" $OpenBSD: sdiff.1,v 1.15 2007/06/29 14:48:07 jmc Exp $
|
||||
.\"
|
||||
.\" Written by Raymond Lai <ray@cyth.net>.
|
||||
.\" Public domain.
|
||||
.\"
|
||||
.Dd $Mdocdate: July 5 2012 $
|
||||
.Dt SDIFF 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm sdiff
|
||||
.Nd side-by-side diff
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl abdilstW
|
||||
.Op Fl I Ar regexp
|
||||
.Op Fl o Ar outfile
|
||||
.Op Fl w Ar width
|
||||
.Ar file1
|
||||
.Ar file2
|
||||
.Sh DESCRIPTION
|
||||
.Nm
|
||||
displays two files side by side,
|
||||
with any differences between the two highlighted as follows:
|
||||
new lines are marked with
|
||||
.Sq \*(Gt ;
|
||||
deleted lines are marked with
|
||||
.Sq \*(Lt ;
|
||||
and changed lines are marked with
|
||||
.Sq \*(Ba .
|
||||
.Pp
|
||||
.Nm
|
||||
can also be used to interactively merge two files,
|
||||
prompting at each set of differences.
|
||||
See the
|
||||
.Fl o
|
||||
option for an explanation.
|
||||
.Pp
|
||||
The options are:
|
||||
.Bl -tag -width Ds
|
||||
.It Fl l -left-column
|
||||
Only print the left column for identical lines.
|
||||
.It Fl o -output Ar outfile
|
||||
Interactively merge
|
||||
.Ar file1
|
||||
and
|
||||
.Ar file2
|
||||
into
|
||||
.Ar outfile .
|
||||
In this mode, the user is prompted for each set of differences.
|
||||
See
|
||||
.Ev EDITOR
|
||||
and
|
||||
.Ev VISUAL ,
|
||||
below,
|
||||
for details of which editor, if any, is invoked.
|
||||
.Pp
|
||||
The commands are as follows:
|
||||
.Bl -tag -width Ds
|
||||
.It Cm l | 1
|
||||
Choose left set of diffs.
|
||||
.It Cm r | 2
|
||||
Choose right set of diffs.
|
||||
.It Cm s
|
||||
Silent mode \(en identical lines are not printed.
|
||||
.It Cm v
|
||||
Verbose mode \(en identical lines are printed.
|
||||
.It Cm e
|
||||
Start editing an empty file, which will be merged into
|
||||
.Ar outfile
|
||||
upon exiting the editor.
|
||||
.It Cm e Cm l
|
||||
Start editing file with left set of diffs.
|
||||
.It Cm e Cm r
|
||||
Start editing file with right set of diffs.
|
||||
.It Cm e Cm b
|
||||
Start editing file with both sets of diffs.
|
||||
.It Cm q
|
||||
Quit
|
||||
.Nm .
|
||||
.El
|
||||
.It Fl s -suppress-common-lines
|
||||
Skip identical lines.
|
||||
.It Fl w -width Ar width
|
||||
Print a maximum of
|
||||
.Ar width
|
||||
characters on each line.
|
||||
The default is 130 characters.
|
||||
.El
|
||||
.Pp
|
||||
Options passed to
|
||||
.Xr diff 1
|
||||
are:
|
||||
.Bl -tag -width Ds
|
||||
.It Fl a -text
|
||||
Treat
|
||||
.Ar file1
|
||||
and
|
||||
.Ar file2
|
||||
as text files.
|
||||
.It Fl b -ignore-space-change
|
||||
Ignore trailing blank spaces.
|
||||
.It Fl d -minimal
|
||||
Minimize diff size.
|
||||
.It Fl I -ignore-matching-lines Ar regexp
|
||||
Ignore line changes matching
|
||||
.Ar regexp .
|
||||
All lines in the change must match
|
||||
.Ar regexp
|
||||
for the change to be ignored.
|
||||
.It Fl i -ignore-case
|
||||
Do a case-insensitive comparison.
|
||||
.It Fl t -expand-tabs
|
||||
Expand tabs to spaces.
|
||||
.It Fl W -ignore-all-space
|
||||
Ignore all spaces.
|
||||
.It Fl B -ignore-blank-lines
|
||||
Ignore blank lines.
|
||||
.It Fl E -ignore-tab-expansion
|
||||
Treat tabs and eight spaces as the same.
|
||||
.It Fl t -ignore-tabs
|
||||
Ignore tabs.
|
||||
.It Fl H -speed-large-files
|
||||
Assume scattered small changes in a large file.
|
||||
.It Fl -ignore-file-name-case
|
||||
Ignore the case of file names.
|
||||
.It Fl -no-ignore-file-name-case
|
||||
Do not ignore file name case.
|
||||
.It Fl -strip-trailing-cr
|
||||
Skip identical lines.
|
||||
.It Fl -tabsize Ar NUM
|
||||
Change the size of tabs (default is 8.)
|
||||
.El
|
||||
.Sh ENVIRONMENT
|
||||
.Bl -tag -width Ds
|
||||
.It Ev EDITOR , VISUAL
|
||||
Specifies an editor to use with the
|
||||
.Fl o
|
||||
option.
|
||||
If both
|
||||
.Ev EDITOR
|
||||
and
|
||||
.Ev VISUAL
|
||||
are set,
|
||||
.Ev VISUAL
|
||||
takes precedence.
|
||||
If neither
|
||||
.Ev EDITOR
|
||||
nor
|
||||
.Ev VISUAL
|
||||
are set,
|
||||
the default is
|
||||
.Xr vi 1 .
|
||||
.It Ev TMPDIR
|
||||
Specifies a directory for temporary files to be created.
|
||||
The default is
|
||||
.Pa /tmp .
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr cmp 1 ,
|
||||
.Xr diff 1 ,
|
||||
.Xr diff3 1 ,
|
||||
.Xr vi 1 ,
|
||||
.Xr re_format 7
|
||||
.Sh AUTHORS
|
||||
.Nm
|
||||
was written from scratch for the public domain by
|
||||
.An Ray Lai Aq ray@cyth.net .
|
||||
.Sh CAVEATS
|
||||
.Pp
|
||||
Tabs are treated as anywhere from one to eight characters wide,
|
||||
depending on the current column.
|
||||
Terminals that treat tabs as eight characters wide will look best.
|
||||
|
||||
1184
usr.bin/sdiff/sdiff.c
Normal file
1184
usr.bin/sdiff/sdiff.c
Normal file
File diff suppressed because it is too large
Load Diff
38
usr.bin/sdiff/tests/Makefile
Normal file
38
usr.bin/sdiff/tests/Makefile
Normal file
@ -0,0 +1,38 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PACKAGE= tests
|
||||
FILEGROUPS= TESTS
|
||||
TESTPACKAGE= ${PACKAGE}
|
||||
TESTDIR= ${TESTSBASE}/usr.bin/sdiff
|
||||
|
||||
ATF_TESTS_SH= sdiff
|
||||
|
||||
FILESDIR= ${TESTDIR}
|
||||
FILES= d_dot.in \
|
||||
d_flags_l.out \
|
||||
d_flags_s.out \
|
||||
d_flags_w.out \
|
||||
d_iflags_a1.out \
|
||||
d_iflags_a2.out \
|
||||
d_iflags_b1.out \
|
||||
d_iflags_b2.out \
|
||||
d_iflags_c1.out \
|
||||
d_iflags_c2.out \
|
||||
d_iflags_d1.out \
|
||||
d_iflags_d2.out \
|
||||
d_input1 \
|
||||
d_input2 \
|
||||
d_oneline.in \
|
||||
d_oneline_a.out \
|
||||
d_oneline_b.out \
|
||||
d_same.out \
|
||||
d_short.out \
|
||||
d_tabends.in \
|
||||
d_tabends_a.out \
|
||||
d_tabends_b.out \
|
||||
d_tabends_c.out \
|
||||
d_tabs.out \
|
||||
d_tabs1.in \
|
||||
d_tabs2.in
|
||||
|
||||
.include <bsd.test.mk>
|
||||
1
usr.bin/sdiff/tests/d_dot.in
Normal file
1
usr.bin/sdiff/tests/d_dot.in
Normal file
@ -0,0 +1 @@
|
||||
.
|
||||
102
usr.bin/sdiff/tests/d_flags_l.out
Normal file
102
usr.bin/sdiff/tests/d_flags_l.out
Normal file
@ -0,0 +1,102 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native (
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
native-__sysctl: permit (
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-close: permit (
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit (
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
native-fsread: filename eq "/tmp" then permit (
|
||||
> native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit (
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit (
|
||||
native-fsread: filename eq "/usr/bin" then permit (
|
||||
native-fsread: filename eq "/usr/games" then permit (
|
||||
native-fsread: filename eq "/usr/include" then permit (
|
||||
native-fsread: filename eq "/usr/lib" then permit (
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p <
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t <
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" <
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then <
|
||||
native-fsread: filename eq "/usr/libdata" then permit (
|
||||
native-fsread: filename eq "/usr/libexec" then permit (
|
||||
native-fsread: filename eq "/usr/lkm" then permit (
|
||||
native-fsread: filename eq "/usr/local" then permit (
|
||||
native-fsread: filename eq "/usr/mdec" then permit (
|
||||
native-fsread: filename eq "/usr/obj" then permit | native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit | native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then | native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename match "/<non-existent filename>:
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca (
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t (
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" (
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit (
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-poll: permit (
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK (
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK (
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
79
usr.bin/sdiff/tests/d_flags_s.out
Normal file
79
usr.bin/sdiff/tests/d_flags_s.out
Normal file
@ -0,0 +1,79 @@
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
> native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p <
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t <
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" <
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then <
|
||||
native-fsread: filename eq "/usr/obj" then permit | native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit | native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then | native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename match "/<non-existent filename>:
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
102
usr.bin/sdiff/tests/d_flags_w.out
Normal file
102
usr.bin/sdiff/tests/d_flags_w.out
Normal file
@ -0,0 +1,102 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
native-__sysctl: permit native-__sysctl: permit
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-close: permit native-close: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit
|
||||
> native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p <
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t <
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" <
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then <
|
||||
native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/obj" then permit | native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit | native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then | native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename match "/<non-existent filename>:
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca native-fsread: filename eq "/usr/obj/bin/systrace/.mailca
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" native-fsread: filename eq "/usr/share/misc/terminfo.db"
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-poll: permit native-poll: permit
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
100
usr.bin/sdiff/tests/d_iflags_a1.out
Normal file
100
usr.bin/sdiff/tests/d_iflags_a1.out
Normal file
@ -0,0 +1,100 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
native-__sysctl: permit native-__sysctl: permit
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-close: permit native-close: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
) native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename match "/<non-existent filename>:
|
||||
native-fsread: filename eq "/usr/obj" then permit native-fsread: filename eq "/usr/obj/bin/systrace/.mailca
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca (
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t (
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" native-fsread: filename eq "/usr/share/misc/terminfo.db"
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-poll: permit native-poll: permit
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
96
usr.bin/sdiff/tests/d_iflags_a2.out
Normal file
96
usr.bin/sdiff/tests/d_iflags_a2.out
Normal file
@ -0,0 +1,96 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native
|
||||
native-issetugid: permit <
|
||||
native-mprotect: permit <
|
||||
native-mmap: permit <
|
||||
native-__sysctl: permit native-__sysctl: permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe <
|
||||
native-fstat: permit <
|
||||
native-close: permit native-close: permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then | native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
native-read: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t | native-exit: permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" | native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p | native-fsread: filename eq "/" then permit
|
||||
native-munmap: permit | native-fsread: filename match "/<non-existent filename>:
|
||||
native-sigprocmask: permit | native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-getpid: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
> native-fsread: filename eq "/etc/utmp" then permit
|
||||
> native-fsread: filename eq "/home" then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
> native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit (
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit <
|
||||
native-fsread: filename eq "/" then permit <
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then <
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit <
|
||||
native-fcntl: permit <
|
||||
native-getdirentries: permit <
|
||||
native-lseek: permit <
|
||||
native-fsread: filename eq "/usr/obj" then permit <
|
||||
native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/usr/local" then permit native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/home" then permit native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/obj" then permit native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename match "/<non-existent filename>: native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
) native-fsread: filename eq "/usr/obj/bin/systrace/.mailca
|
||||
) native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-sigaction: permit <
|
||||
native-ioctl: permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" native-fsread: filename eq "/usr/share/misc/terminfo.db"
|
||||
native-pread: permit <
|
||||
native-write: permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit | native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
native-poll: permit | native-fstat: permit
|
||||
native-nanosleep: permit | native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
> native-getdirentries: permit
|
||||
> native-getpid: permit
|
||||
native-gettimeofday: permit native-gettimeofday: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-ioctl: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK | native-issetugid: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-lseek: permit
|
||||
native-sendto: true then permit | native-mmap: permit
|
||||
native-select: permit | native-mprotect: prot eq "PROT_READ" then permit
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC"
|
||||
> native-munmap: permit
|
||||
> native-nanosleep: permit
|
||||
> native-poll: permit
|
||||
> native-pread: permit
|
||||
> native-read: permit
|
||||
native-recvfrom: permit native-recvfrom: permit
|
||||
> native-select: permit
|
||||
> native-sendto: true then permit
|
||||
> native-sigaction: permit
|
||||
> native-sigprocmask: permit
|
||||
> native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-write: permit
|
||||
native-exit: permit <
|
||||
69
usr.bin/sdiff/tests/d_iflags_b1.out
Normal file
69
usr.bin/sdiff/tests/d_iflags_b1.out
Normal file
@ -0,0 +1,69 @@
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
65
usr.bin/sdiff/tests/d_iflags_b2.out
Normal file
65
usr.bin/sdiff/tests/d_iflags_b2.out
Normal file
@ -0,0 +1,65 @@
|
||||
native-issetugid: permit <
|
||||
native-mprotect: permit <
|
||||
native-mmap: permit <
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe <
|
||||
native-fstat: permit <
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then | native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
native-read: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t | native-exit: permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" | native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p | native-fsread: filename eq "/" then permit
|
||||
native-munmap: permit | native-fsread: filename match "/<non-existent filename>:
|
||||
native-sigprocmask: permit | native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-getpid: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
> native-fsread: filename eq "/etc/utmp" then permit
|
||||
> native-fsread: filename eq "/home" then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
> native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit <
|
||||
native-fsread: filename eq "/" then permit <
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then <
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit <
|
||||
native-fcntl: permit <
|
||||
native-getdirentries: permit <
|
||||
native-lseek: permit <
|
||||
native-fsread: filename eq "/usr/obj" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-sigaction: permit <
|
||||
native-ioctl: permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-pread: permit <
|
||||
native-write: permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "/etc/utmp" then permit | native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
native-poll: permit | native-fstat: permit
|
||||
native-nanosleep: permit | native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
> native-getdirentries: permit
|
||||
> native-getpid: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-ioctl: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK | native-issetugid: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-lseek: permit
|
||||
native-sendto: true then permit | native-mmap: permit
|
||||
native-select: permit | native-mprotect: prot eq "PROT_READ" then permit
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC"
|
||||
> native-munmap: permit
|
||||
> native-nanosleep: permit
|
||||
> native-poll: permit
|
||||
> native-pread: permit
|
||||
> native-read: permit
|
||||
> native-select: permit
|
||||
> native-sendto: true then permit
|
||||
> native-sigaction: permit
|
||||
> native-sigprocmask: permit
|
||||
> native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-write: permit
|
||||
native-exit: permit <
|
||||
99
usr.bin/sdiff/tests/d_iflags_c1.out
Normal file
99
usr.bin/sdiff/tests/d_iflags_c1.out
Normal file
@ -0,0 +1,99 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native (
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
native-__sysctl: permit (
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-close: permit (
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit (
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
native-fsread: filename eq "/tmp" then permit (
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit (
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit (
|
||||
native-fsread: filename eq "/usr/bin" then permit (
|
||||
native-fsread: filename eq "/usr/games" then permit (
|
||||
native-fsread: filename eq "/usr/include" then permit (
|
||||
native-fsread: filename eq "/usr/lib" then permit (
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p (
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t (
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" (
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then (
|
||||
native-fsread: filename eq "/usr/libdata" then permit (
|
||||
native-fsread: filename eq "/usr/libexec" then permit (
|
||||
native-fsread: filename eq "/usr/lkm" then permit (
|
||||
native-fsread: filename eq "/usr/local" then permit (
|
||||
native-fsread: filename eq "/usr/mdec" then permit (
|
||||
native-fsread: filename eq "/usr/obj" then permit (
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit (
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then (
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca (
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t (
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" (
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit (
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-poll: permit (
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK (
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK (
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
94
usr.bin/sdiff/tests/d_iflags_c2.out
Normal file
94
usr.bin/sdiff/tests/d_iflags_c2.out
Normal file
@ -0,0 +1,94 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native (
|
||||
native-issetugid: permit <
|
||||
native-mprotect: permit <
|
||||
native-mmap: permit <
|
||||
native-__sysctl: permit (
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe <
|
||||
native-fstat: permit <
|
||||
native-close: permit (
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then | native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
native-read: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t | native-exit: permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" | native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p | native-fsread: filename eq "/" then permit
|
||||
native-munmap: permit | native-fsread: filename match "/<non-existent filename>:
|
||||
native-sigprocmask: permit | native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit (
|
||||
native-getpid: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
> native-fsread: filename eq "/etc/utmp" then permit
|
||||
> native-fsread: filename eq "/home" then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
> native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/tmp" then permit (
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit (
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit (
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit <
|
||||
native-fsread: filename eq "/" then permit <
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then <
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit <
|
||||
native-fcntl: permit <
|
||||
native-getdirentries: permit <
|
||||
native-lseek: permit <
|
||||
native-fsread: filename eq "/usr/obj" then permit <
|
||||
native-fsread: filename eq "/usr" then permit (
|
||||
native-fsread: filename eq "/usr/bin" then permit (
|
||||
native-fsread: filename eq "/usr/games" then permit (
|
||||
native-fsread: filename eq "/usr/include" then permit (
|
||||
native-fsread: filename eq "/usr/lib" then permit (
|
||||
native-fsread: filename eq "/usr/libdata" then permit (
|
||||
native-fsread: filename eq "/usr/libexec" then permit (
|
||||
native-fsread: filename eq "/usr/lkm" then permit (
|
||||
native-fsread: filename eq "/usr/local" then permit (
|
||||
native-fsread: filename eq "/usr/mdec" then permit (
|
||||
native-fsread: filename eq "/home" then permit (
|
||||
native-fsread: filename eq "/obj" then permit (
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit (
|
||||
native-fsread: filename match "/<non-existent filename>: (
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca (
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit (
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t (
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-sigaction: permit <
|
||||
native-ioctl: permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" (
|
||||
native-pread: permit <
|
||||
native-write: permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit (
|
||||
native-fsread: filename eq "/etc/utmp" then permit | native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
native-poll: permit | native-fstat: permit
|
||||
native-nanosleep: permit | native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
> native-getdirentries: permit
|
||||
> native-getpid: permit
|
||||
native-gettimeofday: permit (
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-ioctl: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK | native-issetugid: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-lseek: permit
|
||||
native-sendto: true then permit | native-mmap: permit
|
||||
native-select: permit | native-mprotect: prot eq "PROT_READ" then permit
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC"
|
||||
> native-munmap: permit
|
||||
> native-nanosleep: permit
|
||||
> native-poll: permit
|
||||
> native-pread: permit
|
||||
> native-read: permit
|
||||
native-recvfrom: permit (
|
||||
> native-select: permit
|
||||
> native-sendto: true then permit
|
||||
> native-sigaction: permit
|
||||
> native-sigprocmask: permit
|
||||
> native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK (
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-write: permit
|
||||
native-exit: permit <
|
||||
69
usr.bin/sdiff/tests/d_iflags_d1.out
Normal file
69
usr.bin/sdiff/tests/d_iflags_d1.out
Normal file
@ -0,0 +1,69 @@
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
> native-fstat: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/<non-existent filename>: | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
> native-exit: permit
|
||||
65
usr.bin/sdiff/tests/d_iflags_d2.out
Normal file
65
usr.bin/sdiff/tests/d_iflags_d2.out
Normal file
@ -0,0 +1,65 @@
|
||||
native-issetugid: permit <
|
||||
native-mprotect: permit <
|
||||
native-mmap: permit <
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe <
|
||||
native-fstat: permit <
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then | native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
native-read: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t | native-exit: permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" | native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p | native-fsread: filename eq "/" then permit
|
||||
native-munmap: permit | native-fsread: filename match "/<non-existent filename>:
|
||||
native-sigprocmask: permit | native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-getpid: permit | native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
> native-fsread: filename eq "/etc/utmp" then permit
|
||||
> native-fsread: filename eq "/home" then permit
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
> native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
> native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit <
|
||||
native-fsread: filename eq "/" then permit <
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then <
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit <
|
||||
native-fcntl: permit <
|
||||
native-getdirentries: permit <
|
||||
native-lseek: permit <
|
||||
native-fsread: filename eq "/usr/obj" then permit <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi <
|
||||
native-sigaction: permit <
|
||||
native-ioctl: permit <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit <
|
||||
native-pread: permit <
|
||||
native-write: permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per <
|
||||
native-fsread: filename eq "/etc/utmp" then permit | native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
native-poll: permit | native-fstat: permit
|
||||
native-nanosleep: permit | native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
> native-getdirentries: permit
|
||||
> native-getpid: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit | native-ioctl: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK | native-issetugid: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-lseek: permit
|
||||
native-sendto: true then permit | native-mmap: permit
|
||||
native-select: permit | native-mprotect: prot eq "PROT_READ" then permit
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm
|
||||
> native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC"
|
||||
> native-munmap: permit
|
||||
> native-nanosleep: permit
|
||||
> native-poll: permit
|
||||
> native-pread: permit
|
||||
> native-read: permit
|
||||
> native-select: permit
|
||||
> native-sendto: true then permit
|
||||
> native-sigaction: permit
|
||||
> native-sigprocmask: permit
|
||||
> native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-write: permit
|
||||
native-exit: permit <
|
||||
72
usr.bin/sdiff/tests/d_input1
Normal file
72
usr.bin/sdiff/tests/d_input1
Normal file
@ -0,0 +1,72 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native
|
||||
native-__sysctl: permit
|
||||
native-close: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then permit
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then permit
|
||||
native-exit: permit
|
||||
native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename eq "/" then permit
|
||||
native-fsread: filename match "/<non-existent filename>: *" then permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "$HOME" then permit
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then permit
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then permit
|
||||
native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/tmp" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then permit
|
||||
native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.types" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" then permit
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then permit
|
||||
native-fstat: permit
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-getdirentries: permit
|
||||
native-getpid: permit
|
||||
native-gettimeofday: permit
|
||||
native-ioctl: permit
|
||||
native-issetugid: permit
|
||||
native-lseek: permit
|
||||
native-mmap: permit
|
||||
native-mprotect: prot eq "PROT_READ" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" then permit
|
||||
native-munmap: permit
|
||||
native-nanosleep: permit
|
||||
native-poll: permit
|
||||
native-pread: permit
|
||||
native-read: permit
|
||||
native-recvfrom: permit
|
||||
native-select: permit
|
||||
native-sendto: true then permit
|
||||
native-sigaction: permit
|
||||
native-sigprocmask: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_DGRAM" then permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_STREAM" then permit
|
||||
native-write: permit
|
||||
69
usr.bin/sdiff/tests/d_input2
Normal file
69
usr.bin/sdiff/tests/d_input2
Normal file
@ -0,0 +1,69 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native
|
||||
native-issetugid: permit
|
||||
native-mprotect: permit
|
||||
native-mmap: permit
|
||||
native-__sysctl: permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then permit
|
||||
native-fstat: permit
|
||||
native-close: permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then permit
|
||||
native-read: permit
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then permit
|
||||
native-munmap: permit
|
||||
native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-getpid: permit
|
||||
native-fsread: filename eq "/tmp" then permit
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
native-fsread: filename eq "$HOME" then permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
native-fcntl: permit
|
||||
native-getdirentries: permit
|
||||
native-lseek: permit
|
||||
native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
native-fsread: filename match "/<non-existent filename>: *" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailcap" then permit
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.types" then permit
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permit
|
||||
native-sigaction: permit
|
||||
native-ioctl: permit
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" then permit
|
||||
native-pread: permit
|
||||
native-write: permit
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then permit
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-poll: permit
|
||||
native-nanosleep: permit
|
||||
native-gettimeofday: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_DGRAM" then permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then permit
|
||||
native-sendto: true then permit
|
||||
native-select: permit
|
||||
native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_STREAM" then permit
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then permit
|
||||
native-exit: permit
|
||||
1
usr.bin/sdiff/tests/d_oneline.in
Normal file
1
usr.bin/sdiff/tests/d_oneline.in
Normal file
@ -0,0 +1 @@
|
||||
abcd
|
||||
1
usr.bin/sdiff/tests/d_oneline_a.out
Normal file
1
usr.bin/sdiff/tests/d_oneline_a.out
Normal file
@ -0,0 +1 @@
|
||||
> abcd
|
||||
1
usr.bin/sdiff/tests/d_oneline_b.out
Normal file
1
usr.bin/sdiff/tests/d_oneline_b.out
Normal file
@ -0,0 +1 @@
|
||||
abcd <
|
||||
72
usr.bin/sdiff/tests/d_same.out
Normal file
72
usr.bin/sdiff/tests/d_same.out
Normal file
@ -0,0 +1,72 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native
|
||||
native-__sysctl: permit native-__sysctl: permit
|
||||
native-close: permit native-close: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then p native-connect: sockaddr match "inet-\\\[*\\\]:80" then p
|
||||
native-exit: permit native-exit: permit
|
||||
native-fcntl: cmd eq "F_SETFD" then permit native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename eq "/" then permit native-fsread: filename eq "/" then permit
|
||||
native-fsread: filename match "/<non-existent filename>: native-fsread: filename match "/<non-existent filename>:
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fsread: filename eq "/home" then permit native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "$HOME" then permit native-fsread: filename eq "$HOME" then permit
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then per native-fsread: filename eq "$HOME/.lynx-keymaps" then per
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permi native-fsread: filename eq "$HOME/.mime.types" then permi
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then perm native-fsread: filename eq "$HOME/.terminfo.db" then perm
|
||||
native-fsread: filename eq "/obj" then permit native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then p native-fsread: filename match "/usr/lib/libc.so.*" then p
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" t native-fsread: filename match "/usr/lib/libcrypto.so.*" t
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" native-fsread: filename match "/usr/lib/libncurses.so.*"
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then native-fsread: filename match "/usr/lib/libssl.so.*" then
|
||||
native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/obj" then permit native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then native-fsread: filename eq "/usr/obj/bin/systrace/." then
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailca native-fsread: filename eq "/usr/obj/bin/systrace/.mailca
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" native-fsread: filename eq "/usr/share/misc/terminfo.db"
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then pe native-fsread: filename eq "/var/run/ld.so.hints" then pe
|
||||
native-fstat: permit native-fstat: permit
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-getdirentries: permit native-getdirentries: permit
|
||||
native-getpid: permit native-getpid: permit
|
||||
native-gettimeofday: permit native-gettimeofday: permit
|
||||
native-ioctl: permit native-ioctl: permit
|
||||
native-issetugid: permit native-issetugid: permit
|
||||
native-lseek: permit native-lseek: permit
|
||||
native-mmap: permit native-mmap: permit
|
||||
native-mprotect: prot eq "PROT_READ" then permit native-mprotect: prot eq "PROT_READ" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC"
|
||||
native-munmap: permit native-munmap: permit
|
||||
native-nanosleep: permit native-nanosleep: permit
|
||||
native-poll: permit native-poll: permit
|
||||
native-pread: permit native-pread: permit
|
||||
native-read: permit native-read: permit
|
||||
native-recvfrom: permit native-recvfrom: permit
|
||||
native-select: permit native-select: permit
|
||||
native-sendto: true then permit native-sendto: true then permit
|
||||
native-sigaction: permit native-sigaction: permit
|
||||
native-sigprocmask: permit native-sigprocmask: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK
|
||||
native-write: permit native-write: permit
|
||||
15
usr.bin/sdiff/tests/d_short.out
Normal file
15
usr.bin/sdiff/tests/d_short.out
Normal file
@ -0,0 +1,15 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native
|
||||
native-issetugid: permit
|
||||
native-mprotect: permit
|
||||
native-mmap: permit
|
||||
native-__sysctl: permit
|
||||
native-close: permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then permit
|
||||
native-read: permit
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then permit
|
||||
native-munmap: permit
|
||||
native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
17
usr.bin/sdiff/tests/d_tabends.in
Normal file
17
usr.bin/sdiff/tests/d_tabends.in
Normal file
@ -0,0 +1,17 @@
|
||||
|
||||
0
|
||||
01
|
||||
012
|
||||
0123
|
||||
01234
|
||||
012345
|
||||
0123456
|
||||
01234567
|
||||
012345670
|
||||
0123456701
|
||||
01234567012
|
||||
012345670123
|
||||
0123456701234
|
||||
01234567012345
|
||||
012345670123456
|
||||
0123456701234567
|
||||
17
usr.bin/sdiff/tests/d_tabends_a.out
Normal file
17
usr.bin/sdiff/tests/d_tabends_a.out
Normal file
@ -0,0 +1,17 @@
|
||||
<
|
||||
0 <
|
||||
01 <
|
||||
012 <
|
||||
0123 <
|
||||
01234 <
|
||||
012345 <
|
||||
0123456 <
|
||||
01234567 <
|
||||
012345670 <
|
||||
0123456701 <
|
||||
01234567012 <
|
||||
012345670123 <
|
||||
0123456701234 <
|
||||
0123456701234 <
|
||||
0123456701234 <
|
||||
0123456701234 <
|
||||
17
usr.bin/sdiff/tests/d_tabends_b.out
Normal file
17
usr.bin/sdiff/tests/d_tabends_b.out
Normal file
@ -0,0 +1,17 @@
|
||||
>
|
||||
> 0
|
||||
> 01
|
||||
> 012
|
||||
> 0123
|
||||
> 01234
|
||||
> 012345
|
||||
> 0123456
|
||||
> 01234567
|
||||
> 012345670
|
||||
> 0123456701
|
||||
> 01234567012
|
||||
> 012345670123
|
||||
> 0123456701234
|
||||
> 0123456701234
|
||||
> 0123456701234
|
||||
> 0123456701234
|
||||
17
usr.bin/sdiff/tests/d_tabends_c.out
Normal file
17
usr.bin/sdiff/tests/d_tabends_c.out
Normal file
@ -0,0 +1,17 @@
|
||||
<
|
||||
0 <
|
||||
01 <
|
||||
012 <
|
||||
0123 <
|
||||
01234 <
|
||||
012345 <
|
||||
0123456 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
01234567 <
|
||||
102
usr.bin/sdiff/tests/d_tabs.out
Normal file
102
usr.bin/sdiff/tests/d_tabs.out
Normal file
@ -0,0 +1,102 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native
|
||||
> native-issetugid: permit
|
||||
> native-mprotect: permit
|
||||
> native-mmap: permit
|
||||
native-__sysctl: permit native-__sysctl: permit
|
||||
> native-fsread: filename eq "/var/run/ld.so.hints" the
|
||||
> native-fstat: permit
|
||||
native-close: permit native-close: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" the | native-fsread: filename match "/usr/lib/libssl.so.*"
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" th | native-read: permit
|
||||
native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.
|
||||
native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so
|
||||
native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" th
|
||||
native-fsread: filename match "/<non-existent filenam | native-munmap: permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permi | native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then pe native-fsread: filename eq "/etc/malloc.conf" then pe
|
||||
native-fsread: filename eq "/etc/resolv.conf" then pe | native-getpid: permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit <
|
||||
native-fsread: filename eq "/home" then permit <
|
||||
native-fsread: filename eq "$HOME" then permit <
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then <
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permi <
|
||||
native-fsread: filename eq "$HOME/.mailcap" then perm <
|
||||
native-fsread: filename eq "$HOME/.mime.types" then p <
|
||||
native-fsread: filename eq "$HOME/.terminfo" then per <
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then <
|
||||
native-fsread: filename eq "/obj" then permit <
|
||||
native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit
|
||||
> native-fswrite: filename match "/tmp/lynx-*" then per
|
||||
native-fsread: filename match "/tmp/lynx-*/." then pe native-fsread: filename match "/tmp/lynx-*/." then pe
|
||||
> native-fsread: filename eq "$HOME" then permit
|
||||
> native-fsread: filename eq "/etc/lynx.cfg" then permi
|
||||
> native-fsread: filename eq "/" then permit
|
||||
> native-fsread: filename eq "/usr/obj/bin/systrace/."
|
||||
> native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
> native-fcntl: permit
|
||||
> native-getdirentries: permit
|
||||
> native-lseek: permit
|
||||
> native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" th <
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so. <
|
||||
native-fsread: filename match "/usr/lib/libncurses.so <
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" <
|
||||
native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/obj" then permit | native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit | native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." | native-fsread: filename eq "$HOME/.lynxrc" then permi
|
||||
> native-fsread: filename match "/<non-existent filenam
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.ma native-fsread: filename eq "/usr/obj/bin/systrace/.ma
|
||||
> native-fsread: filename eq "$HOME/.mailcap" then perm
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mi native-fsread: filename eq "/usr/obj/bin/systrace/.mi
|
||||
> native-fsread: filename eq "$HOME/.mime.types" then p
|
||||
> native-sigaction: permit
|
||||
> native-ioctl: permit
|
||||
> native-fsread: filename eq "$HOME/.terminfo.db" then
|
||||
> native-fsread: filename eq "$HOME/.terminfo" then per
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo. native-fsread: filename eq "/usr/share/misc/terminfo.
|
||||
> native-pread: permit
|
||||
> native-write: permit
|
||||
> native-fsread: filename eq "$HOME/.lynx-keymaps" then
|
||||
native-fsread: filename eq "/var/run/dev.db" then per native-fsread: filename eq "/var/run/dev.db" then per
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" the | native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fstat: permit <
|
||||
native-fswrite: filename match "/tmp/lynx-*" then per <
|
||||
native-getdirentries: permit <
|
||||
native-getpid: permit <
|
||||
native-gettimeofday: permit <
|
||||
native-ioctl: permit <
|
||||
native-issetugid: permit <
|
||||
native-lseek: permit <
|
||||
native-mmap: permit <
|
||||
native-mprotect: prot eq "PROT_READ" then permit <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then p <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then <
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_E <
|
||||
native-munmap: permit <
|
||||
native-nanosleep: permit <
|
||||
native-poll: permit native-poll: permit
|
||||
native-pread: permit | native-nanosleep: permit
|
||||
native-read: permit | native-gettimeofday: permit
|
||||
native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then pe
|
||||
native-select: permit <
|
||||
native-sendto: true then permit <
|
||||
native-sigaction: permit <
|
||||
native-sigprocmask: permit <
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq " native-socket: sockdom eq "AF_INET" and socktype eq "
|
||||
> native-connect: sockaddr eq "inet-[127.0.0.1]:53" the
|
||||
> native-sendto: true then permit
|
||||
> native-select: permit
|
||||
> native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq " native-socket: sockdom eq "AF_INET" and socktype eq "
|
||||
native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" th
|
||||
> native-exit: permit
|
||||
72
usr.bin/sdiff/tests/d_tabs1.in
Normal file
72
usr.bin/sdiff/tests/d_tabs1.in
Normal file
@ -0,0 +1,72 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native
|
||||
native-__sysctl: permit
|
||||
native-close: permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then permit
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then permit
|
||||
native-exit: permit
|
||||
native-fcntl: cmd eq "F_SETFD" then permit
|
||||
native-fsread: filename eq "/" then permit
|
||||
native-fsread: filename match "/<non-existent filename>: *" then permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "$HOME" then permit
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then permit
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then permit
|
||||
native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "/tmp" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then permit
|
||||
native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.types" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" then permit
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then permit
|
||||
native-fstat: permit
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-getdirentries: permit
|
||||
native-getpid: permit
|
||||
native-gettimeofday: permit
|
||||
native-ioctl: permit
|
||||
native-issetugid: permit
|
||||
native-lseek: permit
|
||||
native-mmap: permit
|
||||
native-mprotect: prot eq "PROT_READ" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE" then permit
|
||||
native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" then permit
|
||||
native-munmap: permit
|
||||
native-nanosleep: permit
|
||||
native-poll: permit
|
||||
native-pread: permit
|
||||
native-read: permit
|
||||
native-recvfrom: permit
|
||||
native-select: permit
|
||||
native-sendto: true then permit
|
||||
native-sigaction: permit
|
||||
native-sigprocmask: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_DGRAM" then permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_STREAM" then permit
|
||||
native-write: permit
|
||||
69
usr.bin/sdiff/tests/d_tabs2.in
Normal file
69
usr.bin/sdiff/tests/d_tabs2.in
Normal file
@ -0,0 +1,69 @@
|
||||
Policy: /usr/bin/lynx, Emulation: native
|
||||
native-issetugid: permit
|
||||
native-mprotect: permit
|
||||
native-mmap: permit
|
||||
native-__sysctl: permit
|
||||
native-fsread: filename eq "/var/run/ld.so.hints" then permit
|
||||
native-fstat: permit
|
||||
native-close: permit
|
||||
native-fsread: filename match "/usr/lib/libssl.so.*" then permit
|
||||
native-read: permit
|
||||
native-fsread: filename match "/usr/lib/libcrypto.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libncurses.so.*" then permit
|
||||
native-fsread: filename match "/usr/lib/libc.so.*" then permit
|
||||
native-munmap: permit
|
||||
native-sigprocmask: permit
|
||||
native-fsread: filename eq "/etc/malloc.conf" then permit
|
||||
native-getpid: permit
|
||||
native-fsread: filename eq "/tmp" then permit
|
||||
native-fswrite: filename match "/tmp/lynx-*" then permit
|
||||
native-fsread: filename match "/tmp/lynx-*/." then permit
|
||||
native-fsread: filename eq "$HOME" then permit
|
||||
native-fsread: filename eq "/etc/lynx.cfg" then permit
|
||||
native-fsread: filename eq "/" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/." then permit
|
||||
native-fsread: filename eq "/usr/obj/bin" then permit
|
||||
native-fcntl: permit
|
||||
native-getdirentries: permit
|
||||
native-lseek: permit
|
||||
native-fsread: filename eq "/usr/obj" then permit
|
||||
native-fsread: filename eq "/usr" then permit
|
||||
native-fsread: filename eq "/usr/bin" then permit
|
||||
native-fsread: filename eq "/usr/games" then permit
|
||||
native-fsread: filename eq "/usr/include" then permit
|
||||
native-fsread: filename eq "/usr/lib" then permit
|
||||
native-fsread: filename eq "/usr/libdata" then permit
|
||||
native-fsread: filename eq "/usr/libexec" then permit
|
||||
native-fsread: filename eq "/usr/lkm" then permit
|
||||
native-fsread: filename eq "/usr/local" then permit
|
||||
native-fsread: filename eq "/usr/mdec" then permit
|
||||
native-fsread: filename eq "/home" then permit
|
||||
native-fsread: filename eq "/obj" then permit
|
||||
native-fsread: filename eq "$HOME/.lynxrc" then permit
|
||||
native-fsread: filename match "/<non-existent filename>: *" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mailcap" then permit
|
||||
native-fsread: filename eq "$HOME/.mailcap" then permit
|
||||
native-fsread: filename eq "/usr/obj/bin/systrace/.mime.types" then permit
|
||||
native-fsread: filename eq "$HOME/.mime.types" then permit
|
||||
native-sigaction: permit
|
||||
native-ioctl: permit
|
||||
native-fsread: filename eq "$HOME/.terminfo.db" then permit
|
||||
native-fsread: filename eq "$HOME/.terminfo" then permit
|
||||
native-fsread: filename eq "/usr/share/misc/terminfo.db" then permit
|
||||
native-pread: permit
|
||||
native-write: permit
|
||||
native-fsread: filename eq "$HOME/.lynx-keymaps" then permit
|
||||
native-fsread: filename eq "/var/run/dev.db" then permit
|
||||
native-fsread: filename eq "/etc/utmp" then permit
|
||||
native-poll: permit
|
||||
native-nanosleep: permit
|
||||
native-gettimeofday: permit
|
||||
native-fsread: filename eq "/etc/resolv.conf" then permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_DGRAM" then permit
|
||||
native-connect: sockaddr eq "inet-[127.0.0.1]:53" then permit
|
||||
native-sendto: true then permit
|
||||
native-select: permit
|
||||
native-recvfrom: permit
|
||||
native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_STREAM" then permit
|
||||
native-connect: sockaddr match "inet-\\\[*\\\]:80" then permit
|
||||
native-exit: permit
|
||||
207
usr.bin/sdiff/tests/sdiff.sh
Executable file
207
usr.bin/sdiff/tests/sdiff.sh
Executable file
@ -0,0 +1,207 @@
|
||||
# $NetBSD: t_sdiff.sh,v 1.1 2012/03/17 16:33:15 jruoho Exp $
|
||||
# $FreeBSD$
|
||||
#
|
||||
# Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
# modification, are permitted provided that the following conditions
|
||||
# are met:
|
||||
# 1. Redistributions of source code must retain the above copyright
|
||||
# notice, this list of conditions and the following disclaimer.
|
||||
# 2. Redistributions in binary form must reproduce the above copyright
|
||||
# notice, this list of conditions and the following disclaimer in the
|
||||
# documentation and/or other materials provided with the distribution.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
# POSSIBILITY OF SUCH DAMAGE.
|
||||
#
|
||||
|
||||
atf_test_case flags
|
||||
flags_head()
|
||||
{
|
||||
atf_set "descr" "Checks -l, -s and -w flags"
|
||||
}
|
||||
flags_body()
|
||||
{
|
||||
atf_check -o file:$(atf_get_srcdir)/d_flags_l.out -s eq:1 \
|
||||
sdiff -l "$(atf_get_srcdir)/d_input1" "$(atf_get_srcdir)/d_input2"
|
||||
|
||||
atf_check -o file:$(atf_get_srcdir)/d_flags_s.out -s eq:1 \
|
||||
sdiff -s "$(atf_get_srcdir)/d_input1" "$(atf_get_srcdir)/d_input2"
|
||||
|
||||
atf_check -o file:$(atf_get_srcdir)/d_flags_w.out -s eq:1 \
|
||||
sdiff -w 125 "$(atf_get_srcdir)/d_input1" "$(atf_get_srcdir)/d_input2"
|
||||
}
|
||||
|
||||
atf_test_case iflags
|
||||
iflags_head()
|
||||
{
|
||||
atf_set "descr" "Checks flags -l, -s and -w combined with -I"
|
||||
}
|
||||
iflags_body()
|
||||
{
|
||||
tail1="-w 125 -I .*filename.* $(atf_get_srcdir)/d_input1 $(atf_get_srcdir)/d_input2"
|
||||
tail2="-w 125 -I .*filename.* $(atf_get_srcdir)/d_input2 $(atf_get_srcdir)/d_input1"
|
||||
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_a1.out -s eq:1 sdiff ${tail1}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_a2.out -s eq:1 sdiff ${tail2}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_b1.out -s eq:1 sdiff -s ${tail1}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_b2.out -s eq:1 sdiff -s ${tail2}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_c1.out -s eq:1 sdiff -l ${tail1}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_c2.out -s eq:1 sdiff -l ${tail2}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_d1.out -s eq:1 sdiff -s ${tail1}
|
||||
atf_check -o file:$(atf_get_srcdir)/d_iflags_d2.out -s eq:1 sdiff -s ${tail2}
|
||||
}
|
||||
|
||||
atf_test_case tabs
|
||||
tabs_head()
|
||||
{
|
||||
atf_set "descr" "Checks comparing files containing tabs"
|
||||
}
|
||||
tabs_body()
|
||||
{
|
||||
atf_check -o file:$(atf_get_srcdir)/d_tabs.out -s eq:1 \
|
||||
sdiff "$(atf_get_srcdir)/d_tabs1.in" "$(atf_get_srcdir)/d_tabs2.in"
|
||||
}
|
||||
|
||||
atf_test_case tabends
|
||||
tabends_head()
|
||||
{
|
||||
atf_set "descr" "Checks correct handling of lines ended with tabs"
|
||||
}
|
||||
tabends_body()
|
||||
{
|
||||
atf_check -o file:$(atf_get_srcdir)/d_tabends_a.out -s eq:1 \
|
||||
sdiff -w30 "$(atf_get_srcdir)/d_tabends.in" /dev/null
|
||||
|
||||
atf_check -o file:$(atf_get_srcdir)/d_tabends_b.out -s eq:1 \
|
||||
sdiff -w30 /dev/null "$(atf_get_srcdir)/d_tabends.in"
|
||||
|
||||
atf_check -o file:$(atf_get_srcdir)/d_tabends_c.out -s eq:1 \
|
||||
sdiff -w19 "$(atf_get_srcdir)/d_tabends.in" /dev/null
|
||||
}
|
||||
|
||||
atf_test_case merge
|
||||
merge_head()
|
||||
{
|
||||
atf_set "descr" "Checks interactive merging"
|
||||
}
|
||||
merge_body()
|
||||
{
|
||||
merge_tail="-o merge.out $(atf_get_srcdir)/d_input1 \
|
||||
$(atf_get_srcdir)/d_input2 >/dev/null ; cat merge.out"
|
||||
|
||||
cp $(atf_get_srcdir)/d_input* .
|
||||
|
||||
atf_check -o file:d_input1 -x "yes l | sdiff ${merge_tail}"
|
||||
atf_check -o file:d_input2 -x "yes r | sdiff ${merge_tail}"
|
||||
|
||||
atf_check -o file:d_input1 -x \
|
||||
"yes el | EDITOR=cat VISUAL=cat sdiff ${merge_tail}"
|
||||
atf_check -o file:d_input2 -x \
|
||||
"yes er | EDITOR=cat VISUAL=cat sdiff ${merge_tail}"
|
||||
|
||||
atf_check -o file:d_input1 -x "yes l | sdiff -s ${merge_tail}"
|
||||
atf_check -o file:d_input2 -x "yes r | sdiff -s ${merge_tail}"
|
||||
atf_check -o file:d_input1 -x "yes l | sdiff -l ${merge_tail}"
|
||||
atf_check -o file:d_input2 -x "yes r | sdiff -l ${merge_tail}"
|
||||
atf_check -o file:d_input1 -x "yes l | sdiff -ls ${merge_tail}"
|
||||
atf_check -o file:d_input2 -x "yes r | sdiff -ls ${merge_tail}"
|
||||
|
||||
atf_check -o file:d_input1 -x "{ while :; do echo s; echo l; \
|
||||
echo v; echo l; done; } | sdiff ${merge_tail}"
|
||||
|
||||
atf_check -o file:d_input2 -x "{ while :; do echo s; echo r; \
|
||||
echo v; echo r; done; } | sdiff ${merge_tail}"
|
||||
}
|
||||
|
||||
atf_test_case same
|
||||
same_head()
|
||||
{
|
||||
atf_set "descr" "Checks comparing file with itself"
|
||||
}
|
||||
same_body()
|
||||
{
|
||||
atf_check -o file:$(atf_get_srcdir)/d_same.out \
|
||||
sdiff "$(atf_get_srcdir)/d_input1" "$(atf_get_srcdir)/d_input1"
|
||||
}
|
||||
|
||||
atf_test_case oneline
|
||||
oneline_head()
|
||||
{
|
||||
atf_set "descr" "Checks comparing one-line files"
|
||||
}
|
||||
oneline_body()
|
||||
{
|
||||
atf_check -o file:$(atf_get_srcdir)/d_oneline_a.out -s eq:1 \
|
||||
sdiff /dev/null "$(atf_get_srcdir)/d_oneline.in"
|
||||
|
||||
atf_check -o file:$(atf_get_srcdir)/d_oneline_b.out -s eq:1 \
|
||||
sdiff "$(atf_get_srcdir)/d_oneline.in" /dev/null
|
||||
}
|
||||
|
||||
atf_test_case dot
|
||||
dot_head()
|
||||
{
|
||||
atf_set "descr" "Checks comparing with file containing only one character"
|
||||
}
|
||||
dot_body()
|
||||
{
|
||||
echo ". <" > expout
|
||||
atf_check -o file:expout -s eq:1 sdiff "$(atf_get_srcdir)/d_dot.in" /dev/null
|
||||
|
||||
echo " > ." > expout
|
||||
atf_check -o file:expout -s eq:1 sdiff /dev/null "$(atf_get_srcdir)/d_dot.in"
|
||||
}
|
||||
|
||||
atf_test_case stdin
|
||||
stdin_head()
|
||||
{
|
||||
atf_set "descr" "Checks reading data from stdin"
|
||||
}
|
||||
stdin_body()
|
||||
{
|
||||
echo " > stdin" > expout
|
||||
atf_check -o file:expout -s eq:1 -x \
|
||||
"echo stdin | sdiff /dev/null /dev/stdin"
|
||||
|
||||
echo "stdin <" > expout
|
||||
atf_check -o file:expout -s eq:1 -x \
|
||||
"echo stdin | sdiff /dev/stdin /dev/null"
|
||||
}
|
||||
|
||||
atf_test_case short
|
||||
short_head()
|
||||
{
|
||||
atf_set "descr" "Checks premature stop of merging"
|
||||
}
|
||||
short_body()
|
||||
{
|
||||
atf_check -o file:$(atf_get_srcdir)/d_short.out -x \
|
||||
"printf \"r\\nl\\nr\\nl\" | sdiff -o merge.out $(atf_get_srcdir)/d_input1 \
|
||||
$(atf_get_srcdir)/d_input2 >/dev/null ; cat merge.out"
|
||||
}
|
||||
|
||||
atf_init_test_cases()
|
||||
{
|
||||
atf_add_test_case flags
|
||||
atf_add_test_case iflags
|
||||
atf_add_test_case tabs
|
||||
atf_add_test_case tabends
|
||||
atf_add_test_case merge
|
||||
atf_add_test_case same
|
||||
atf_add_test_case oneline
|
||||
atf_add_test_case dot
|
||||
atf_add_test_case stdin
|
||||
atf_add_test_case short
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user