in the mac.3 library man page. They were already cross-referenced
at the end of the man page, just not explicitly listed here.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
they resemble one another, but POSIX.1e interfaces were not sufficiently
expressive to do what we needed.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Only warnings that could be fixed without changing the generated object
code and without restructuring the source code have been handled.
Reviewed by: /sbin/md5
o Link mac_get_pid.3 to mac_get.3
o Update SEE ALSO to refer to mac_prepare, and added missing references
o Remove clause #3 on my work
o Update mac_get.3 for the updated MAC API
Sponsored by: DARPA, Network Associates Laboratories
Obtained from: TrustedBSD Project
to be passed. Point this out in a warning notice, which will eventually
go away, sometime between now and -RELEASE.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
This removes a lot of complexity, since we basically just reserve
space on a retrieval of a label, and pass around strings. Two new
elements: (1) consumers of the API must now declare what label
elements they are interested in retrieving, or (2) rely on the default
provided in a new configuration file, mac.conf.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
to bring in the new MAC label management API. With the new API
revision, we have only policy-agnostic code in libc and the base
kernel.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
label updates. Biba and MLS already supported this. This permits the
userland library to submit relative updates on MAC labels, rather
than submitting an entire label to replace the current label. This
also requires changes to the MAC modules, which are forthcoming.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
kernel access control.
Extensions to libc to provide basic MAC label manipulation facilities
for userland. These interface will be replaced in the next month
or two with more flexible interfaces, but provide sufficient support
to allow use of the Biba and MLS policies for user applications.
libc_r wrappers to follow.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
o Document the following capabilities: CAP_NET_ADMIN, CAP_SYS_RAWIO,
CAP_SYS_ADMIN, and CAP_SYS_TTY_CONFIG.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
extattr namespace routines to the libc/posix1e directory. While
the extattr calls are not strictly POSIX.1e, POSIX.1e wasn't
strictly ever approved, so I think that's OK.
Obtained from: TrustedBSD Project
o Removed whitespace at EOL
o Removed hard sentence breaks
o Added cap_size() to the NAME section
o Normalized .Nd descriptions
o Fixed the abuses of .Nm and .Va
o Fixed some DESCRIPTION texts
o Fixed the RETURN VALUES and ERRORS texts to look more traditional
Reviewed by: tmm
sys/capability.h--this compiled fine on i386 where (int) and (ssize_t)
are the same, but broke on Alpha where they differ.
Submitted by: Mike Barcroft <mike@FreeBSD.org>
Obtained from: TrustedBSD Project
support functions:
cap_subset_np() - Is cap1 a subset of cap2
cap_equal_np() - Is cap1 equal to cap2
o Introduce implementations of POSIX.1e capability support functions:
cap_copy_ext() - Externalize capability
cap_copy_int() - Internalize capability
cap_size() - Determine size required for cap_copy_ext()
Submitted by: tmm
Obtained from: TrustedBSD Project
documented by POSIX.1e, and understand the opaque capability structures.
Introduce support in the userland POSIX.1e library for a
_CAPABILITY_NEEDMACROS define to remove these macros from the normal
namespace, but allow the libc functions to use them.
Submitted by: tmm
Obtained from: TrustedBSD Project
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.
Obtained from: TrustedBSD Project
functions.
- Place the acl_dup() description in alphabetical order.
- Move the POSIX.1e descriptions under the ENVIRONMENT section to the
STANDARDS section.
Reviewed by: rwatson
Obtained from: TrustedBSD Project
Makefile, add Makefile.inc needed for libc build; add
#include "namespace.h"/#include "un-namespace.h" pairs around the
includes of sys/acl.h and sys/capability.h, and an additional underscore
in front of the functions that will be overridden in libc_r.
Approved by: rwatson
Obtained from: TrustedBSD Project
o Revise description in light of commits over last month including:
- ACL editing library is now implemented
- ACLs are now implemented
Obtained from: TrustedBSD Project
acl_add_perm, acl_clear_perms, acl_copy_entry, acl_create_entry,
acl_delete_perm, acl_get_permset, acl_get_qualifier, acl_get_tag_type,
acl_set_permset, acl_set_qualifier, acl_set_tag_type
This brings us within 4 functions of a full ACL editing library.
Reviewed by: rwatson
- lowercase Nd argument
- mark function arguments with Fa
- mark defined values with Dv
- simply copying POSIX text for RETURN VALUES and ERRORS sections is not
always a good idea. POSIX uses the word "shall" indicating the behavior
the correct implementation should follow.
o acl_calc_mask(): calculates the ACL mask entry associated with
the given ACL.
o acl_delete_entry(): remove a specified ACL entry from the given
ACL.
Approved by: rwatson
utility functions which convert between string namespace names and
numeric constants used by the interface. Right now, two namespaces
are supported, EXTATTR_NAMESPACE_SYSTEM ("system") and
EXTATTR_NAMESPACE_USER ("user"). These functions are used by
various userland EA utilities, rather than hard coding the routines
all over the place.
Obtained from: TrustedBSD Project
o Rename internal library functions so that they are prefixed with
_posix1e or _POSIX1E, removing them from the application namespace (and
potential conflict with other ACL functions elsewhere in the system).
Obtained from: TrustedBSD Project
- errno is already set to ENOMEM (as appropriate) when asprintf(),
strdup(), or acl_init() fails
o acl_to_text.c:
- the return value of the initial strdup() is not checked
- errno is already set to ENOMEM (as appropriate) when asprintf
and acl_init() fails
- let the the default: case use 'goto error_label' for consistency
Submitted by: jedgar
identification and descriptions of most capabilities, current inheritence
rules, etc. More to follow.
Reviewed by: sheldonh
Obtained from: TrustedBSD Project
u_int64_t flag field, bounding the number of capabilities at 64,
but substantially cleaning up capability logic (there are currently
43 defined capabilities).
o Heads up to anyone actually using capabilities: the constant
assignments for various capabilities have been redone, so any
persistent binary capability stores (i.e., '$posix1e.cap' EA
backing files) must be recreated. If you have one of these,
you'll know about it, so if you have no idea what this means,
don't worry.
o Update libposix1e to reflect this new definition, fixing the
exposed functions that directly manipulate the flags fields.
Obtained from: TrustedBSD Project
- Include <stdlib.h> and <string.h> as needed for prototypes
- Remove unneeded "error" variables
o Make cap_init() use cap_clear() instead of bzero()
Obtained from: TrustedBSD Project
o Implementations will remain in the seperately distributed capability
patch until the cap_t type changes are synchronized.
Obtained from: TrustedBSD Project
soon to be committed syscall stubs. These calls will be used to get
and set capability state associated with executables.
Obtained from: TrustedBSD Project
