Casper library should not use exit(3) function because before setting it up
applications may register it. Casper doesn't depend on any registered exit
function, so it safe to change this.
Reported by: jceel
MFC after: 2 weeks
Some external tools like tcpdump(1) have upstream the changes with old limits
name. Because of that provide compatibility with the old names.
Reported by: emaste
cap_fileargs is a Casper service which helps to sandbox applications that need
access to the filesystem namespace. The main purpose of the service is to make
easy to capsicumize applications that works on multiple files passed in argv.
We have a couple example of using it but we still treat this service as an
experimental one.
Reviewed by: emsate (previous version), jonathan (partially)
Discussed with: many
Differential Revision: https://reviews.freebsd.org/D14407
Please notice that we still don't clean information in nvlist structures.
Submitted by: David CARLIER <devnexen@gmail.com>
Differential Revision: https://reviews.freebsd.org/D16777
The getaddrinfo(3) and gethostbyname(3) are used to return the address for a
given hostname. The getnameinfo(3) and gethostbyaddr(3) are used to return
hostname for a given address. Right now in casper, we have two limitations:
- NAME which allows resolving DNS names.
- ADDR which allows to do revert DNS lookups.
Before this change the rights was mixed up:
NAME - getnameinfo(3) and gethostbyname(3)
ADDR - gethostbyaddr(3) and getaddrinfo(3)
Which no matters on limitation allowed us to resolve DNS names and do DNS
lookups basically by using a different set of functions.
Now the NAME type allows getaddrinfo(3) and gethostbyname (3)functions,
and the ADDR names allow to use gethostbyaddr(3) and getnameinfo(3) functions.
Reviewed by: pjd, bcr
MFC after: 3 weeks
Discussed with: hrs
Differential Revision: https://reviews.freebsd.org/D16930
Remove obsolete example. All services has they own example.
This example also show old type of limiting method which is
not recommended to use.
Reviewed by: bcr@
Differential Revision: https://reviews.freebsd.org/D14607
Instead of passing flags (which describe a type of nvlist)
every send/recv we remember them in channel.
It's enough for use to extract them only during unwrap.
This simplify use of Casper.
Reviewed by: bruffer@, bcr@ (both man page)
Differential Revision: https://reviews.freebsd.org/D14196 (man page)
syslog in libc secretly reconnects to the daemon.
Another issue is that we don't have any information from openlog(3) if we
succeeded to open log or not so we don't know if we are ready
to enter cabability mode.
Because all of that we decided we need a syslog service for Caspser.
Reviewed by: bapt@
Differential Revision: https://reviews.freebsd.org/D12824
function, so check if cap_chanel_t is NULL is not enough.
Casper with a normal libc will still fail in capability mote so let's not
enter capability mode without casper support when we need to resolve DNS.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D12823
respected.
Please notice that libcasper is already in ObsoleteFiles so we don't add it
again.
Reported by: Herbert J. Skuhra <herbert@mailbox.org>
Reviewed by: bdrewery@
Differential Revision: https://reviews.freebsd.org/D12918
