mdoc(7) police: markup overhaul.

Approved by:	re

usr.sbin/ugidfw/ugidfw.8

@@ -1,12 +1,12 @@
 .\" Copyright (c) 2002 Networks Associates Technology, Inc.
 .\" All rights reserved.
-.\" 
+.\"
 .\" This software was developed for the FreeBSD Project by Chris
 .\" Costello at Safeport Network Services and NAI Labs, the Security
 .\" Research Division of Network Associates, Inc. under DARPA/SPAWAR
 .\" contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
 .\" research program.
-.\" 
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -18,7 +18,7 @@
 .\" 3. The names of the authors may not be used to endorse or promote
 .\"    products derived from this software without specific prior written
 .\"    permission.
-.\" 
+.\"
 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -30,14 +30,15 @@
 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
-.\" 
+.\"
 .\" $FreeBSD$
-.Dd OCTOBER 11, 2002
+.\"
-.Os
+.Dd October 11, 2002
 .Dt UGIDFW 8
+.Os
 .Sh NAME
 .Nm ugidfw
-.Nd firewall-like access controls for file system objects
+.Nd "firewall-like access controls for file system objects"
 .Sh SYNOPSIS
 .Nm
 .Cm list
@@ -46,8 +47,8 @@
 .Ar rulenum
 .Cm subject
 .Op Cm not
-.Op uid Ar uid
+.Op Cm uid Ar uid
-.Op gid Ar gid
+.Op Cm gid Ar gid
 .Cm object
 .Op Cm not
 .Op Cm uid Ar uid
@@ -60,16 +61,16 @@
 .Sh DESCRIPTION
 The
 .Nm
-command provides an
+utility provides an
 .Xr ipfw 8 Ns -like
 interface to manage accesses to file system objects by UID and GID,
 supported by the
-.Nm mac_bsdextended
+.Xr mac_bsdextended 4
 .Xr mac 9
 policy.
 .Pp
 The arguments are as follows:
-.Bl -tag -width 6n -offset indent
+.Bl -tag -width indent -offset indent
 .It Cm list
 Produces a list of all the current
 .Nm
@@ -78,8 +79,8 @@ rules in the system.
 .Cm set Ar rulenum
 .Cm subject
 .Op Cm not
-.Op uid Ar uid
+.Op Cm uid Ar uid
-.Op gid Ar gid
+.Op Cm gid Ar gid
 .Cm object
 .Op Cm not
 .Op Cm uid Ar uid
@@ -89,7 +90,7 @@ rules in the system.
 .Xc
 Add a new rule or modify an existing rule.
 The arguments are as follows:
-.Bl -tag -width 7n
+.Bl -tag -width ".Ar rulenum"
 .It Ar rulenum
 Rule number.
 Entries with a lower rule number
@@ -105,7 +106,7 @@ will yield a slight performance increase.
 .Xc
 Subjects performing an operation must match
 (or, if
-.Dq not
+.Cm not
 is specified, must
 .Em not
 match)
@@ -122,7 +123,7 @@ for the rule to be applied.
 .Xc
 Objects must be owned by
 (or, if
-.Dq not
+.Cm not
 is specified, must
 .Em not
 be owned by)
@@ -143,34 +144,37 @@ the rule will allow for the operation.
 Conversely, not including it will cause the operation
 to be denied.
 The definitions of each character are as follows:
-.Bl -tag -width 3n -compact -offset indent
+.Pp
-.It Sq a
+.Bl -tag -width ".Cm w" -compact -offset indent
-Administrative operations
+.It Cm a
-.It Sq r
+administrative operations
-Read access
+.It Cm r
-.It Sq s
+read access
-Access to file attributes
+.It Cm s
-.It Sq w
+access to file attributes
-Write access
+.It Cm w
-.It Sq x
+write access
-Execute access
+.It Cm x
-.It Sq n
+execute access
-None
+.It Cm n
+none
 .El
 .El
-.It Cd remove Ar rulenum
+.It Cm remove Ar rulenum
 Disable and remove the rule with the specified rule number.
 .El
 .Sh SEE ALSO
+.Xr mac_bsdextended 4 ,
 .Xr mac 9
 .Sh HISTORY
 The
 .Nm
-command first appeared in
+utility first appeared in
 .Fx 5.0 .
 .Sh AUTHORS
 This software was contributed to the
 .Fx
 Project by NAI Labs, the Security Research Division of Network Associates
-Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035
+.Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.