Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE
cycle.

Prune svn:mergeinfo from the new branch, and rename it to RC1.

Update __FreeBSD_version.

Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and
the dvd1.iso packages population.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.

Additional commits post-branch will follow.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

- Use standard RETURN VALUES section.

Approved by: kib (mentor)
MFC after: 1 week

Document the fact that chroot(2) is no longer part of POSIX since SUSv3
and add a SECURITY CONSIDERATIONS section for recommended practices.

Per Regents of the University of Calfornia letter, remove advertising
clause.

# If I've done so improperly on a file, please let me know.

Mechanically kill hard sentence breaks.

Document a bug in our chroot(2) implementation: if access control
checks, including the "open directory" check or a MAC check fail,
after the working directory of the process has been changed, then
the cwd of the process will be left as the target directory rather
than the original directory.

At some point, this bug might be fixable by performing the directory
change only after permission is granted for the change. In the
mean time document it (it's been there for a while).

mdoc(7) police: "The .Fa argument.".

mdoc(7) police: Tidy up the syscall language.

Stop calling system calls "function calls".

Use "The .Fn system call" a-la "The .Nm utility".

When referring to a non-BSD implementation in
the HISTORY section, call syscall a function,
to be safe.

Fixed the parameter's name.

PR: docs/46183
Submitted by: Dirk Gouders <gouders@et.bocholt.fh-ge.de>
Approved by: re

The .Fn function.

Add xref to jail(2).

PR: docs/33177
Submitted by: Tom Rhodes <darklogik@pittgoth.com>

mdoc(7) police: Use the new .In macro for #include statements.

Remove whitespace at EOL.

mdoc(7) police: removed HISTORY info from the .Os call.

mdoc(7) police: Er macro usage cleanup.

Use `Er' variable to define first column width in ERRORS section. It was
initially suggested by mdoc(7) style, but was broken over the years

Introduce ".Lb" macro to libc manpages.

More libraries manpages updates following.

$Id$ -> $FreeBSD$

Add $Id$, to make it simpler for members of the translation teams to
track.

The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;

.\" $Id$
.\"

If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.

Approved by: bde

Add a sysctl variable which can help stop chroot(2) escapes.

kern.chroot_allow_open_directories = 0
chroot(2) fails if there are open directories.

kern.chroot_allow_open_directories = 1 (default)
chroot(2) fails if there are open directories and the process
is subject of a previous chroot(2).

kern.chroot_allow_open_directories = anything else
filedescriptors are not checked. (old behaviour).

I'm very interested in reports about software which breaks when
running with the default setting.

Remove the EINVAL error from the ERRORS sections that
say is means that a pathname had the high-order bit
set, since this is no longer an error.

Update a bunch of man pages to use .Fn instead
of .Nm when referencing funciton names.

Document the possible EPERM return.

Submitted by: imp@village.org (Warner Losh)

This commit was generated by cvs2svn to compensate for changes in r1573,
which included commits to RCS files with non-trunk default branches.

BSD 4.4 Lite Lib Sources