267654 |
20-Jun-2014 |
gjb |
Copy stable/9 to releng/9.3 as part of the 9.3-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
237216 |
18-Jun-2012 |
eadler |
MFC r233648: Remove trailing whitespace per mdoc lint warning
Approved by: cperciva (implicit)
|
235575 |
18-May-2012 |
gjb |
MFC r235286:
General mdoc(7) and typo fixes.
PR: 167734
|
225736 |
23-Sep-2011 |
kensmith |
Copy head to stable/9 as part of 9.0-RELEASE release cycle.
Approved by: re (implicit)
|
220465 |
09-Apr-2011 |
trasz |
Make it possible to use permission sets (full_set, modify_set, read_set and write_set) with setfacl(1).
PR: kern/154113 Submitted by: Shawn Webb <lattera at gmail dot com> (earlier version) MFC after: 1 month
|
219878 |
22-Mar-2011 |
trasz |
Move the code around so that libc behaviour does not depend on a variable that was supposed to be kernel-only. There should be no functional changes.
|
219268 |
04-Mar-2011 |
trasz |
Make acl_strip_np(3) use new trivial ACL format for NFSv4 ACls (three entries instead of six). This makes "setfacl -b" do the right thing for ACLs on ZFS. UFS recognizes both kinds of trivial ACLs; no change there.
MFC after: 2 months
|
216416 |
13-Dec-2010 |
trasz |
Bump manual page date.
|
216415 |
13-Dec-2010 |
trasz |
After PSARC/2010/029, "canonical six" no longer exists.
|
213573 |
08-Oct-2010 |
uqs |
mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
|
212906 |
20-Sep-2010 |
trasz |
First step at adopting FreeBSD to support PSARC/2010/029. This makes acl_is_trivial_np(3) properly recognize the new trivial ACLs. From the user point of view, that means "ls -l" no longer shows plus signs for all the files when running ZFS v28.
|
212379 |
09-Sep-2010 |
trasz |
Arrgh, tested wrong source tree _again_. Fix previous commit. Also, this and previous one are MFC candidate.
MFC after: 1 month
|
212376 |
09-Sep-2010 |
trasz |
Add minor optimization. It's less strict than its kernel counterpart due to upcoming ACL changes required by the new ZFS.
|
210772 |
02-Aug-2010 |
joel |
Spelling fixes.
|
209736 |
06-Jul-2010 |
trasz |
Fix acl_from_text(3) - and, therefore, setfacl(1) - for user and group names names starting with a digit.
MFC after: 1 month
|
209712 |
05-Jul-2010 |
trasz |
Remove comment which didn't match reality for a long time.
Reviewed by: rwatson
|
209147 |
14-Jun-2010 |
kientzle |
Separate _posix1e_acl_id_to_name() into a separate file, to break an unnecessary dependency on getpwuid() and getgrgid().
MFC after: 1 month
|
208811 |
05-Jun-2010 |
trasz |
Don't use pointer to 64 bit value (id_t) to point to 32 bit value (uid_t).
Found with: Coverity Prevent CID: 7466, 7467 MFC after: 2 weeks
|
208786 |
03-Jun-2010 |
trasz |
Don't forget to free the string in error case.
Found with: Coverity Prevent CID: 6585
|
208785 |
03-Jun-2010 |
trasz |
_posix1e_acl_sort() never returns anything other than 0; change its return type to void and update callers. This simplifies code and fixes one place where the returned value was not actually checked.
Found with: Coverity Prevent CID: 4791
|
208784 |
03-Jun-2010 |
trasz |
Fix usage of uninitialized variable.
Found with: Coverity Prevent CID: 7517 MFC after: 2 weeks
|
208783 |
03-Jun-2010 |
trasz |
The 'acl_cnt' field is unsigned; no point in checking if it's >= 0.
Found with: Coverity Prevent CID: 6192
|
208782 |
03-Jun-2010 |
trasz |
The 'acl_cnt' field is unsigned; no point in checking if it's >= 0.
Found with: Coverity Prevent CID: 6193
|
208437 |
23-May-2010 |
trasz |
Make acl_get_perm_np(3) work with NFSv4 ACLs.
Reviewed by: kientzle@ MFC after: 1 week
|
208034 |
13-May-2010 |
trasz |
Make branding less intrusive - in acl_set(3), in case ACL brand is ACL_BRAND_UNKNOWN, do what the programmer says instead of failing.
MFC after: 1 week
|
208033 |
13-May-2010 |
trasz |
Make it possible to actually use NFSv4 permission bits with acl_set_perm(3) and acl_delete_perm(3). It went undetected, because neither setfacl(1) nor Samba use this routines. D'oh.
MFC after: 1 week
|
206622 |
14-Apr-2010 |
uqs |
mdoc: order prologue macros consistently by Dd/Dt/Os
Although groff_mdoc(7) gives another impression, this is the ordering most widely used and also required by mdocml/mandoc.
Reviewed by: ru Approved by: philip, ed (mentors)
|
205796 |
28-Mar-2010 |
trasz |
Make acl_to_text_np(3) not crash on long group or user names in NFSv4 ACLs.
PR: amd64/145091 MFC after: 2 weeks
|
204819 |
07-Mar-2010 |
joel |
Switch to our preferred license text.
Approved by: jedgar
|
204725 |
04-Mar-2010 |
joel |
Use our standard license text. No more voices in the authors head. :-)
Approved by: trasz
|
203787 |
11-Feb-2010 |
trhodes |
s/APIS/APIs - not part of the original submission.
|
203778 |
11-Feb-2010 |
trhodes |
Correct two typoes.
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk>
|
201402 |
02-Jan-2010 |
ed |
Don't forget to clean up the file copied from the kernel sources.
MFC after: 1 week
|
200992 |
25-Dec-2009 |
markus |
Use a local copy of entry_d for finding matches. Otherwise, if entry_d pointed to an entry of 'acl', all ACL entries starting with entry_d would be deleted.
Reviewed by: trasz Approved by: emax (mentor) MFC after: 3 days
|
200142 |
05-Dec-2009 |
ed |
Don't let the C library depend on <utmp.h>.
The maximum length of a username has nothing to do with the size of the username in the utmp files. Use MAXLOGNAME, which is defined as 17 (UT_USERSIZE + 1).
|
199317 |
16-Nov-2009 |
brueffer |
Fix a memory leak in acl_from_text() in case the conversion succeeded.
Submitted by: Jim Wilcoxson <prirun@gmail.com> MFC after: 1 week
|
196740 |
01-Sep-2009 |
trasz |
Fix regression introduced with NFSv4 ACL support - make acl_to_text(3) and acl_calc_mask(3) return error instead of crashing when acl passed to them is NULL.
Submitted by: markus Reviewed by: rwatson MFC after: 3 days
|
196638 |
29-Aug-2009 |
kientzle |
Style: Remove trailing whitespace.
|
196123 |
12-Aug-2009 |
rwatson |
Update posix1e-related man pages, especially as relates to MAC, to more accurately reflect the last ten years of work.
Approved by: re (kib)
|
195692 |
14-Jul-2009 |
trasz |
Add missing MLINKS for acl_{get,set}_link_fd(3).
Approved by: re (kib)
|
195004 |
25-Jun-2009 |
trasz |
Fix acl_set_fd(3) and acl_get_fd(3) for cases where the kernel doesn't know anything about _PC_ACL_NFS4.
|
194970 |
25-Jun-2009 |
trasz |
Manual page tweaks.
|
194957 |
25-Jun-2009 |
trasz |
Fix c194955 - somehow I managed all the new files, tripling their contents.
|
194956 |
25-Jun-2009 |
trasz |
Bump manual page timestamps.
|
194955 |
25-Jun-2009 |
trasz |
Add NFSv4 ACL support to libc.
This adds the following functions to the acl(3) API: acl_add_flag_np, acl_clear_flags_np, acl_create_entry_np, acl_delete_entry_np, acl_delete_flag_np, acl_get_extended_np, acl_get_flag_np, acl_get_flagset_np, acl_set_extended_np, acl_set_flagset_np, acl_to_text_np, acl_is_trivial_np, acl_strip_np, acl_get_brand_np. Most of them are similar to what Darwin does. There are no backward-incompatible changes.
Approved by: rwatson@
|
192966 |
28-May-2009 |
trasz |
Fix off by one error in acl_create_entry(3).
Reviewed by: rwatson@ MFC after: 2 weeks
|
192804 |
26-May-2009 |
trasz |
Change license to more bori^Wadul^Wcanonical.
Submitted by: rwatson@
|
192638 |
23-May-2009 |
trasz |
Improve API documentation.
Reviewed by: rwatson (earlier version)
|
192586 |
22-May-2009 |
trasz |
Make 'struct acl' larger, as required to support NFSv4 ACLs. Provide compatibility interfaces in both kernel and libc.
Reviewed by: rwatson
|
192410 |
19-May-2009 |
brueffer |
Since audit(4) isn't based on posix1e, remove the commented out audit.h header, xref libbsm(3).
Submitted by: rwatson MFC after: 3 days
|
191520 |
26-Apr-2009 |
trasz |
Fix typo.
|
184607 |
04-Nov-2008 |
imp |
Replace the non-standard disclaimer with the standard one from /COPYRIGHT
Approved by: jedgar@
|
180493 |
13-Jul-2008 |
rwatson |
The libc acl_valid(3) function validates the contents of a POSIX.1e ACL. This change removes the requirement that an ACL contain no ACL_USER entries with a uid the same as those of a file, or ACL_GROUP entries with a gid the same as those of a file. This requirement is not in the specification, and not enforced by the kernel's ACL implementation.
Reported by: Iustin Pop <iusty at k1024 dot org> MFC after: 1 week
|
176901 |
07-Mar-2008 |
rwatson |
Add __FBSDID() tags.
MFC after: 3 days
|
170154 |
31-May-2007 |
deischen |
Some libc symbol map cleanups.
net: endhostdnsent is named _endhostdnsent and is private to netdb family of functions.
posix1e: acl_size.c has been never compiled in, so there's no "acl_size".
rpc: "getnetid" is a static function.
stdtime: "gtime" is #ifdef'ed out in the source.
some symbols are specific only to some architectures, e.g., ___tls_get_addr is only defined on i386.
__htonl, __htons, __ntohl and __ntohs are no longer functions, they are now (internal) defines in <machine/endian.h>.
Submitted by: ru
|
169092 |
29-Apr-2007 |
deischen |
Use C comments since we now preprocess these files with CPP.
|
167006 |
26-Feb-2007 |
kientzle |
Move _posix1e_acl_name_to_id out of acl_support.c and into acl_from_text.c. Since acl_from_text.c is the only place it is used, we can now make this internal utility function "static."
As a bonus, acl_set_fd() no longer pulls in getpwuid() for no reason.
MFC after: 7 days
|
162841 |
30-Sep-2006 |
ru |
Revise markup in recently added manpages.
|
160154 |
07-Jul-2006 |
rwatson |
Following repo-copy of mac_is_present_np.3 to mac_is_present.3, remove old file, update references, etc. The C function is already named mac_is_present().
Obtained from: TrustedBSD Project
|
156613 |
13-Mar-2006 |
deischen |
Add each directory's symbol map file to SYM_MAPS.
|
156608 |
13-Mar-2006 |
deischen |
Add symbol maps and initial symbol version definitions to libc.
Reviewed by: davidxu
|
152718 |
23-Nov-2005 |
ru |
There's no longer^Wyet <sys/capability.h>.
|
152551 |
17-Nov-2005 |
ru |
-mdoc sweep.
|
150065 |
12-Sep-2005 |
stefanf |
Include a couple of headers to ensure consistency between the prototype and the function definition.
|
148580 |
31-Jul-2005 |
keramida |
Fix all the spelling mistakes I could find in the man pages for words that have at least 3 characters.
MFC after: 1 week Thanks to: Music band ``Chingon'' for keeping me company while searching for these.
|
147750 |
03-Jul-2005 |
delphij |
Minor grammar fix
Submitted by: Wojciech A. Koszek [dunstan at freebsd czest pl] Approved by: re (hrs)
|
146937 |
03-Jun-2005 |
imp |
Missed rwatson's redundancy
|
140664 |
23-Jan-2005 |
rwatson |
Minor white space tweak.
MFC after: 3 days
|
140505 |
20-Jan-2005 |
ru |
Sort sections.
|
140288 |
15-Jan-2005 |
ru |
Fixed markup bug.
|
140081 |
11-Jan-2005 |
ru |
Scheduled mdoc(7) sweep.
|
137865 |
18-Nov-2004 |
csjp |
-Add a note that currently two syntax styles for label element declaration is supported. -Document the new more preferred syntax -Add examples for the new syntax -Add a note that the old syntax will be deprecated in the future.
Reviewed by: rwatson
|
131635 |
05-Jul-2004 |
ru |
Fix the NAME section making whatis(1) happy in particular.
|
131539 |
03-Jul-2004 |
ru |
Eliminate double whitespace.
|
131504 |
02-Jul-2004 |
ru |
Mechanically kill hard sentence breaks.
|
131365 |
30-Jun-2004 |
ru |
Markup, grammar, and spelling fixes.
|
130636 |
17-Jun-2004 |
rwatson |
Add reference to mac_get_link() in man page, which was omitted when mac_get_link() and mac_set_link() were added.
|
124193 |
06-Jan-2004 |
nectar |
Adjust for brain outage that affected the previous commit.
Submitted by: Stefan Farfeleder <stefan@fafoe.narf.at>
|
124176 |
06-Jan-2004 |
nectar |
Avoid undefined behavior: foo[i] = bar[++i]; /* Which operator [] will be evaluated first? */
|
124174 |
06-Jan-2004 |
nectar |
Remove unused variables and function declarations. Add missing headers.
|
122868 |
17-Nov-2003 |
rwatson |
Staticize label_default_head to prevent it from leaking out of mac.c.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
122811 |
16-Nov-2003 |
rwatson |
Update mac_set.3 to account for new behavior of mac_set_fd() in the context of sockets, and document EINVAL as a possible failure mode based on the object selected, not just the label provided.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
122810 |
16-Nov-2003 |
rwatson |
Implement mac_get_peer(3) using getsockopt() with SOL_SOCKET and SO_PEERLABEL. This provides an interface to query the label of a socket peer without embedding implementation details of mac_t in the application. Previously, sizeof(*mac_t) had to be specified by an application when performing getsockopt().
Document mac_get_peer(3), and expand documentation of the other mac_get(3) functions. Note that it's possible to get EINVAL back from mac_get_fd(3) when pointing it at an inappropriate object.
NOTE: mac_get_fd() and mac_set_fd() support for sockets will follow shortly, so the documentation is slightly ahead of the code.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
122777 |
16-Nov-2003 |
rwatson |
Memory allocated by mac_to_text() must be freed using free(3) not mac_free(3), which is used only for variables of type mac_t in the FreeBSD implementation.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
122735 |
15-Nov-2003 |
rwatson |
Remove debugging printf that crept into the last commit.
|
122732 |
15-Nov-2003 |
rwatson |
/etc/mac.conf is implicitly read and parsed when the MAC configuration is accessed for the first time as a result of an application looking up label configuration information. Previously, the check and read were kicked off by mac_prepare_(typename)() functions; since mac_prepare_type() may now be directly employed by a user process, push the check and initialization into that function.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
121975 |
03-Nov-2003 |
rwatson |
When printing ACLs, truncate user and group names if they're too long, rather than generating an error. This is consistent with other tools printing user and group names, and means you can read the ACL using our tools rather than being up a creek.
PR: 56991 Submitted by: Michael Bretterklieber <mbretter@a-quadrat.at>
|
120010 |
12-Sep-2003 |
ru |
mdoc(7): Fix common mistakes made in the SEE ALSO section.
|
119588 |
30-Aug-2003 |
rwatson |
Return (-1) not (ENOENT) for mac_prepare_type(), and set errno to ENOENT instead.
Reported by: "Kenneth D. Merry" <ken@kdm.org> Submitted by: Bryan Liesner <bleez@comcast.net>
|
119321 |
22-Aug-2003 |
rwatson |
Add HISTORY sections to the remaining MAC library man pages.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
119320 |
22-Aug-2003 |
rwatson |
Update the mac_prepare(3) man page to reflect changes to the mac_prepare() APIs.
Add a HISTORY section.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
119317 |
22-Aug-2003 |
rwatson |
Make the elements argument to mac_prepare() be const.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
119314 |
22-Aug-2003 |
rwatson |
As new objects begin to support new labels, start to generalize the default label support in /etc/mac.conf. Rather than maintain each default label type in an explicit global variable in mac.c, keep a list of defaults loaded from the configuration file. Generalize the parsing so that we support both the older:
default_file_labels foo default_ifnet_labels foo default_process_labels foo
And also a new:
default_labels file foo default_labels ifnet foo default_labels process foo
We now accept arbitrary object classes in the first argument. If the same object is specified more than once, we discard the earlier definition in favor of the later one.
Add a new API, mac_prepare_type(), which accepts a mac_t to prepare, as well as an object name in the second argument, which will pull a default label set for the object out of the configuration loaded by mac_init_internal(). This permits the libc to adapt to new objects known about by applications but not by libc at compile-time.
Also liberalize the error handling a bit: if we're using implicit initialization (i.e., the application didn't explicitly initialize the MAC code), ignore syntax errors and only use valid lines. In the future, we may want to add explicit warnings and do this a bit more consistently.
While here, add support for a MAC_CONFFILE environmental variable, which may be used to specify an alternative mac.conf configuration file if the application isn't running with modified privilege (issetugid()).
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
117982 |
24-Jul-2003 |
rwatson |
Print group name in getfacl output when calculating an effective permission set based on a more restrictive mask.
Submitted by: Glen Gibb <grg@ridley.unimelb.edu.au>
|
115288 |
24-May-2003 |
ru |
mdoc(7) fixes.
Approved by: re (blanket)
|
115225 |
22-May-2003 |
ru |
Assorted mdoc(7) fixes.
Approved by: re (blanket)
|
114051 |
26-Apr-2003 |
rwatson |
Add some strategic whitespace.
|
113741 |
20-Apr-2003 |
rwatson |
Add FILES section to mac.3 and mac.conf.5. Properly Xref mac.conf.5 from mac.3; likewise, mac.conf.5 from mac_prepare.3.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
113737 |
20-Apr-2003 |
rwatson |
Add a man page for the mac.conf MAC library configuration file.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
113732 |
20-Apr-2003 |
rwatson |
Add the mac_prepare{,_*}() functions to the high-level function list in the mac.3 library man page. They were already cross-referenced at the end of the man page, just not explicitly listed here.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
113578 |
16-Apr-2003 |
rwatson |
Clarify the relationship between the MAC library APIs and POSIX.1e: they resemble one another, but POSIX.1e interfaces were not sufficiently expressive to do what we needed.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
111618 |
27-Feb-2003 |
nectar |
Eliminate 19 warnings in libc (at level WARNS=2) of the `implicit declaration of function' variety.
|
111447 |
24-Feb-2003 |
ru |
mdoc(7) police: Scheduled sweep.
|
111282 |
23-Feb-2003 |
ru |
mdoc(7) police: kill self-xref.
|
111281 |
23-Feb-2003 |
ru |
Punctuation.
|
111280 |
23-Feb-2003 |
ru |
Typo.
|
111278 |
23-Feb-2003 |
ru |
Grammar.
|
111082 |
18-Feb-2003 |
nectar |
Whack 28 unused variables.
|
111010 |
16-Feb-2003 |
nectar |
Eliminate 61 warnings emitted at WARNS=2 (leaving 53 to go). Only warnings that could be fixed without changing the generated object code and without restructuring the source code have been handled.
Reviewed by: /sbin/md5
|
110440 |
06-Feb-2003 |
charnier |
The .Fn function
|
109274 |
15-Jan-2003 |
chris |
Actually add mac_prepare.3.
Sponsored by: DARPA, Network Associates Laboratories
|
109273 |
15-Jan-2003 |
chris |
Cross-reference mac(4)
Sponsored by: DARPA, Network Associates Laboratories
|
109272 |
15-Jan-2003 |
chris |
s/SEE_ALSO/SEE ALSO/ Cross-reference mac(4) and mac(9)
Sponsored by: DARPA, Network Associates Laboratories
|
109263 |
15-Jan-2003 |
chris |
o Document mac_prepare() and associated functions o Link mac_get_pid.3 to mac_get.3 o Update SEE ALSO to refer to mac_prepare, and added missing references o Remove clause #3 on my work o Update mac_get.3 for the updated MAC API
Sponsored by: DARPA, Network Associates Laboratories Obtained from: TrustedBSD Project
|
109260 |
14-Jan-2003 |
chris |
o Remove clause #3 o Document mac_set_link().
Sponsored by: DARPA, Network Associates Labs
|
108412 |
29-Dec-2002 |
rwatson |
Remove BUGS section indicating that these calls are unimplemented. Update copyrights.
Obtained from: TrustedBSD Project
|
108411 |
29-Dec-2002 |
rwatson |
Update acl_set.3, missed in last round:
- Update BUGS: this stuff is implemented. - Update last modified date. - Document acl_set_link_np() call.
Obtained from: TrustedBSD Project
|
108410 |
29-Dec-2002 |
rwatson |
Update libc POSIX.1e code and documentation to reflect:
- Updated copyrights, modified dates - Remove "BUGS" entry indicating that ACLs are unimplemented - Implement acl_*_link() library wrapper variants for get, set, delete, aclvalid. - Document acl_*_link() calls.
Obtained from: TrustedBSD Project
|
108317 |
27-Dec-2002 |
schweikh |
english(4) police.
|
108087 |
19-Dec-2002 |
ru |
mdoc(7) police: "The .Fa argument.".
|
108037 |
18-Dec-2002 |
ru |
mdoc(7) police: "The .Fn function".
|
107826 |
13-Dec-2002 |
ru |
mdoc(7) police: sort xrefs in SEE ALSO.
|
107788 |
12-Dec-2002 |
ru |
Uniformly refer to a file system as "file system".
Approved by: re
|
107744 |
11-Dec-2002 |
ru |
mdoc(7) police: Added the missing .Os call; it's not strictly necessary nowadays, but is documented as "required", and may become so again in the future.
Approved by: re
|
107603 |
04-Dec-2002 |
ru |
mdoc(7) police: markup overhaul.
Approved by: re
|
107052 |
18-Nov-2002 |
ru |
libc_r wasn't so tied to libc for 22 months.
|
106629 |
08-Nov-2002 |
rwatson |
Update acl.3 to xref getfacl(1) and setfacl(1), the recommended tools for manipulating file ACLs. Update the status of the implementation a bit, update the copyright, etc.
Obtained from: TrustedBSD Project
|
106510 |
06-Nov-2002 |
chris |
o Make the COMPATIBILITY section a bit less redundant.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Labs
|
106509 |
06-Nov-2002 |
chris |
o Update man page to reflect the new prototypes for mac_{to,from}_text. o Remove a (currently) no-longer-pertinent entry from errors.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Labs
|
106482 |
06-Nov-2002 |
rwatson |
Hook up the userland wrapper for __mac_execve().
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
106436 |
05-Nov-2002 |
rwatson |
License update authorized by NAI: remove clause 3.
|
106432 |
04-Nov-2002 |
rwatson |
Clarify language relating to ACLs, Capabtilities, and MAC, since the implementation status of these services has changed substantially since this man page was last updated.
|
106430 |
04-Nov-2002 |
rwatson |
Update license, historical information.
|
106429 |
04-Nov-2002 |
rwatson |
Point out that the MAC Framework is considered experimental.
|
106104 |
28-Oct-2002 |
chris |
Scoop out examples illustrating the label text format and refer to maclabel(7) instead.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Labs
|
106053 |
27-Oct-2002 |
wollman |
Do not include <sys/syslimits.h> directly; it is not intended for general consumption.
|
105837 |
24-Oct-2002 |
chris |
Place mac_prepare() with the other mac_prepare*() functions.
|
105835 |
24-Oct-2002 |
chris |
mac_free() no longer accepts a void * parameter; only mac_t's are supposed to be passed. Point this out in a warning notice, which will eventually go away, sometime between now and -RELEASE.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
105830 |
23-Oct-2002 |
chris |
Remove superfluous empty "FILES" section.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
105829 |
23-Oct-2002 |
chris |
Remove hard sentence breaks.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
105698 |
22-Oct-2002 |
rwatson |
Reflect MAC kernel/user API changes into the libc MAC implementation. This removes a lot of complexity, since we basically just reserve space on a retrieval of a label, and pass around strings. Two new elements: (1) consumers of the API must now declare what label elements they are interested in retrieving, or (2) rely on the default provided in a new configuration file, mac.conf.
Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
105671 |
22-Oct-2002 |
rwatson |
.Xr mac.3 and posix1e.3 to mac.9. Point at sys/mac.h in posix1e.3.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
105605 |
21-Oct-2002 |
rwatson |
Unhook the per-policy parsing/printing MAC modules in libc to prepare to bring in the new MAC label management API. With the new API revision, we have only policy-agnostic code in libc and the base kernel.
Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
101555 |
09-Aug-2002 |
rwatson |
Update TE policy and MAC text conversion routines to support partial label updates. Biba and MLS already supported this. This permits the userland library to submit relative updates on MAC labels, rather than submitting an entire label to replace the current label. This also requires changes to the MAC modules, which are forthcoming.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
101554 |
09-Aug-2002 |
rwatson |
X-ref mac.3.
|
101242 |
02-Aug-2002 |
rwatson |
Introduce support for Mandatory Access Control and extensible kernel access control.
Extensions to libc to provide basic MAC label manipulation facilities for userland. These interface will be replaced in the next month or two with more flexible interfaces, but provide sufficient support to allow use of the Biba and MLS policies for user applications.
libc_r wrappers to follow.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
98196 |
13-Jun-2002 |
rwatson |
No POSIX.1e capabilities in the main tree yet.
|
97734 |
02-Jun-2002 |
schweikh |
Correct a bunch of typos. Translators can ignore this commit.
MFC after: 3 weeks
|
92986 |
22-Mar-2002 |
obrien |
Fix the style of the SCM ID's. I believe have made all of libc .c's as consistent as possible.
|
91428 |
27-Feb-2002 |
green |
Check if string is not NULL, not *string, before setting *string.
|
91035 |
21-Feb-2002 |
jedgar |
o style(9) and consistency fix: - if (!var) -> if (var == NULL) o spelling fix (althouh -> although)
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
91034 |
21-Feb-2002 |
jedgar |
o style(9) and consistency fixes: - if (!var) -> if (var == NULL) - return val; -> return (val);
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
91033 |
21-Feb-2002 |
jedgar |
Add more argument checking
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
91032 |
21-Feb-2002 |
jedgar |
static'ize and declare functions
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
90781 |
17-Feb-2002 |
jedgar |
o style and consistency fixes: - if (!var) -> if (var == NULL) - return val; -> return (val); o update copyright
|
89953 |
29-Jan-2002 |
jedgar |
Correct function's description.
Obtained from: TrustedBSD Project
|
89831 |
26-Jan-2002 |
jedgar |
o return EINVAL if acl_to_text() have been sent a NULL acl. o update copyright dates.
Reviewed by: rwatson
|
89028 |
07-Jan-2002 |
jedgar |
Correct phrase 'get an ACL' to 'set an ACL'.
PR: 33660 Submitted by: Rich Morin <rdm@cfcl.com>, Tom Rhodes <darklogik@pittgoth.com>
|
88430 |
23-Dec-2001 |
chris |
o Change the layout of the tagged lists to be like those in acl(3). o Document the following capabilities: CAP_NET_ADMIN, CAP_SYS_RAWIO, CAP_SYS_ADMIN, and CAP_SYS_TTY_CONFIG.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
86452 |
16-Nov-2001 |
rwatson |
o Reflect repo-copy of extattr.[c3] from libutil to libc, moving extattr namespace routines to the libc/posix1e directory. While the extattr calls are not strictly POSIX.1e, POSIX.1e wasn't strictly ever approved, so I think that's OK.
Obtained from: TrustedBSD Project
|
84423 |
03-Oct-2001 |
bde |
Fixed missing `const' in synopsis.
|
84422 |
03-Oct-2001 |
bde |
Fixed return type in synopsis.
|
84306 |
01-Oct-2001 |
ru |
mdoc(7) police: Use the new .In macro for #include statements.
|
84225 |
30-Sep-2001 |
dillon |
Add __FBSDID()s to libutil
|
83327 |
11-Sep-2001 |
ru |
mdoc(7) police: removed commas from the standard (split) AUTHORS block.
|
83079 |
05-Sep-2001 |
ru |
mdoc(7) police: markup and minor content fixes.
o Removed whitespace at EOL o Removed hard sentence breaks o Added cap_size() to the NAME section o Normalized .Nd descriptions o Fixed the abuses of .Nm and .Va o Fixed some DESCRIPTION texts o Fixed the RETURN VALUES and ERRORS texts to look more traditional
Reviewed by: tmm
|
83050 |
05-Sep-2001 |
rwatson |
Add Thomas Moestl and Chris Faulhaber to the author list for POSIX.1e support.
Obtained from: TrustedBSD Project
|
82828 |
02-Sep-2001 |
rwatson |
o Sync up prototypes for cap_size() and cap_copy_ext() with sys/capability.h--this compiled fine on i386 where (int) and (ssize_t) are the same, but broke on Alpha where they differ.
Submitted by: Mike Barcroft <mike@FreeBSD.org> Obtained from: TrustedBSD Project
|
82707 |
01-Sep-2001 |
rwatson |
o Attach cap_cmp.c and cap_copy.c to the build. o Attach cap_copy_ext.3 and cap_copy_int.3 to the install, and link cap_size.3 to cap_copy_ext.3.
Submitted by: tmm Obtained from: TrustedBSD Project
|
82642 |
31-Aug-2001 |
ru |
Use ``.Rv -std'' wherever possible.
Submitted by: yar
|
82617 |
31-Aug-2001 |
rwatson |
o Use .Fx to refer to FreeBSD
Submitted by: tmm Obtained from: TrustedBSD Project
|
82616 |
31-Aug-2001 |
rwatson |
o Remove definition of CAP_MAX_BUF_LEN since it is defined in sys/capability.h now.
Submitted by: tmm Obtained from: TrustedBSD Project
|
82614 |
31-Aug-2001 |
rwatson |
Introduce implementations of POSIX.1e non-portable form capability support functions: cap_subset_np() - Is cap1 a subset of cap2 cap_equal_np() - Is cap1 equal to cap2
o Introduce implementations of POSIX.1e capability support functions: cap_copy_ext() - Externalize capability cap_copy_int() - Internalize capability cap_size() - Determine size required for cap_copy_ext()
Submitted by: tmm Obtained from: TrustedBSD Project
|
82511 |
29-Aug-2001 |
rwatson |
o src/sys/capability.h provides a number of support macros that are not documented by POSIX.1e, and understand the opaque capability structures. Introduce support in the userland POSIX.1e library for a _CAPABILITY_NEEDMACROS define to remove these macros from the normal namespace, but allow the libc functions to use them.
Submitted by: tmm Obtained from: TrustedBSD Project
|
82321 |
25-Aug-2001 |
rwatson |
o s/violate/override/ Capabilities are part of the system policy, not an exception to it.
Submitted by: tmm Obtained from: TrustedBSD Project
|
81969 |
20-Aug-2001 |
brian |
Handle snprintf() returning -1
MFC after: 2 weeks
|
81629 |
14-Aug-2001 |
yar |
Use the ".Rv" mdoc(7) macro where appropriate.
Reviewed by: ru
|
81352 |
09-Aug-2001 |
yar |
Use the ``.Rv -std'' mdoc(7) macro in appropriate cases.
Reviewed by: ru
|
79754 |
15-Jul-2001 |
dd |
Remove whitespace at EOL.
|
79531 |
10-Jul-2001 |
ru |
mdoc(7) police: removed HISTORY info from the .Os call.
|
79454 |
09-Jul-2001 |
dd |
mdoc(7) police: remove extraneous .Pp before and/or after .Sh.
|
79366 |
06-Jul-2001 |
ru |
mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2).
|
78748 |
25-Jun-2001 |
dd |
Add RETURN VALUES and ERRORS sections.
|
78738 |
24-Jun-2001 |
dd |
Add a manual page for extattr_string_to_namespace and extattr_namespace_to_string.
Reviewed by: rwatson
|
78686 |
24-Jun-2001 |
dd |
Remove duplicate words.
|
77973 |
10-Jun-2001 |
sobomax |
Fix cross-references: xntpd.8 --> ntpd.8 acl_delete_perms.3 --> acl_delete_perm.3 getname.2 --> getsockname.2
MFC after: 1 week
|
76673 |
16-May-2001 |
ru |
mdoc(7) police: fix markup.
|
76346 |
07-May-2001 |
jedgar |
Correct prototype (entry_p -> *entry_p)
Submitted by: Alex Zepeda <jazepeda@pacbell.net>
|
76055 |
26-Apr-2001 |
jedgar |
Document acl_get_entry(3)
Obtained from: TrustedBSD Project
|
75928 |
24-Apr-2001 |
jedgar |
o Separate acl_t into internal and external representations as required by POSIX.1e. This maintains the current 'struct acl' in the kernel while providing the generic external acl_t interface required to complete the ACL editing library. o Add the acl_get_entry() function. o Convert the existing ACL utilities, getfacl and setfacl, to fully make use of the ACL editing library.
Obtained from: TrustedBSD Project
|
75924 |
24-Apr-2001 |
tmm |
Remove bogus assignments of libc syscall stub return values to errno; the stubs do errno assignments and return -1 in this case, so that errno would end up with this value.
Approved by: rwatson
|
75670 |
18-Apr-2001 |
ru |
mdoc(7) police: normalize .Nd.
|
75660 |
18-Apr-2001 |
ru |
mdoc(7) police: use .Fx where appropriate.
|
75543 |
16-Apr-2001 |
ru |
mdoc(7) police: fix markup.
|
75526 |
15-Apr-2001 |
jedgar |
Correct a bogus cast in acl_get_qualifier() causing invalid ID's to be stored in the ACL.
Obtained from: TrustedBSD Project
|
75492 |
13-Apr-2001 |
jedgar |
Add acl_get_perm_np(3), a non-portable function to check if a permission is in a permission set, required for third-party applications such as Samba.
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
75490 |
13-Apr-2001 |
jedgar |
Add the remaining POSIX.1e ACL definitions: ACL_UNDEFINED_TAG, ACL_UNDEFINED_ID, ACL_FIRST_ENTRY, ACL_NEXT_ENTRY
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
75434 |
11-Apr-2001 |
jedgar |
Revamp acl_create_entry() so it actually works.
Obtained from: TrustedBSD Project
|
75404 |
11-Apr-2001 |
jedgar |
Correct the following defines to match the POSIX.1e spec:
ACL_PERM_EXEC -> ACL_EXECUTE ACL_PERM_READ -> ACL_READ ACL_PERM_WRITE -> ACL_WRITE
Obtained from: TrustedBSD
|
75224 |
05-Apr-2001 |
ru |
mdoc(7) police: add missing LIBRARY section.
|
75223 |
05-Apr-2001 |
ru |
Unbreak world.
Submitted by: jhay
|
75222 |
05-Apr-2001 |
ru |
Record -lposix1e merge with -lc.
|
75220 |
05-Apr-2001 |
ru |
mdoc(7) police rev 1.11: convert descriptions and cross-references for the ACL editing library functions to the plain tagged list.
|
75211 |
05-Apr-2001 |
jedgar |
- Add descriptions and cross-references for the ACL editing library functions. - Place the acl_dup() description in alphabetical order. - Move the POSIX.1e descriptions under the ENVIRONMENT section to the STANDARDS section.
Reviewed by: rwatson Obtained from: TrustedBSD Project
|
75209 |
05-Apr-2001 |
jedgar |
Install the acl_create_entry.3 man page
|
75185 |
04-Apr-2001 |
tmm |
Prepare for the inclusion of libposix1e into libc: retire the old Makefile, add Makefile.inc needed for libc build; add #include "namespace.h"/#include "un-namespace.h" pairs around the includes of sys/acl.h and sys/capability.h, and an additional underscore in front of the functions that will be overridden in libc_r.
Approved by: rwatson Obtained from: TrustedBSD Project
|
74973 |
29-Mar-2001 |
jedgar |
Correct function name: acl_clear_perm -> acl_clear_perms
|
74888 |
28-Mar-2001 |
rwatson |
o De-uglify IMPLEMENTATION NOTES section by removing unnecessary use of .Fx
|
74870 |
27-Mar-2001 |
ru |
MAN[1-9] -> MAN.
|
74832 |
26-Mar-2001 |
rwatson |
o Update copyright date o Revise description in light of commits over last month including: - ACL editing library is now implemented - ACLs are now implemented
Obtained from: TrustedBSD Project
|
74693 |
23-Mar-2001 |
ru |
mdoc(7) police: fix markup.
|
74686 |
23-Mar-2001 |
jedgar |
Correct the acl_set_permset and acl_set_tag_type man pages which somehow got mixed up with the acl_get_* man pages.
Submitted by: ru
|
74684 |
23-Mar-2001 |
ru |
mdoc(7) police: fix markup.
|
74683 |
23-Mar-2001 |
ru |
mdoc(7) police: fix markup, function prototype, and RETURN VALUES text.
|
74667 |
22-Mar-2001 |
jedgar |
Add the following ACL editing functions: acl_add_perm, acl_clear_perms, acl_copy_entry, acl_create_entry, acl_delete_perm, acl_get_permset, acl_get_qualifier, acl_get_tag_type, acl_set_permset, acl_set_qualifier, acl_set_tag_type
This brings us within 4 functions of a full ACL editing library.
Reviewed by: rwatson
|
74451 |
19-Mar-2001 |
ru |
mdoc(7) police:
- lowercase Nd argument - mark function arguments with Fa - mark defined values with Dv - simply copying POSIX text for RETURN VALUES and ERRORS sections is not always a good idea. POSIX uses the word "shall" indicating the behavior the correct implementation should follow.
|
74436 |
19-Mar-2001 |
rwatson |
o Rename "namespace" argument to "attrnamespace" as namespace is a C++ reserved word.
Submitted by: jkh Obtained from: TrustedBSD Project
|
74432 |
19-Mar-2001 |
jedgar |
Add the following POSIX 1003.1e functions and man pages: o acl_calc_mask(): calculates the ACL mask entry associated with the given ACL. o acl_delete_entry(): remove a specified ACL entry from the given ACL.
Approved by: rwatson
|
74274 |
15-Mar-2001 |
rwatson |
o To support new EA interface with explicit namespaces, introduce two utility functions which convert between string namespace names and numeric constants used by the interface. Right now, two namespaces are supported, EXTATTR_NAMESPACE_SYSTEM ("system") and EXTATTR_NAMESPACE_USER ("user"). These functions are used by various userland EA utilities, rather than hard coding the routines all over the place.
Obtained from: TrustedBSD Project
|
74191 |
13-Mar-2001 |
rwatson |
o Update copyright dates. o Rename internal library functions so that they are prefixed with _posix1e or _POSIX1E, removing them from the application namespace (and potential conflict with other ACL functions elsewhere in the system).
Obtained from: TrustedBSD Project
|
72089 |
06-Feb-2001 |
asmodai |
Fix typo: seperate -> separate.
Seperate does not exist in the english language.
Submitted to look at by: kris
|
72064 |
06-Feb-2001 |
bde |
Fixed C error(s) in synopsis.
|
71142 |
17-Jan-2001 |
rwatson |
o When returning NULL, return (NULL) instead of return (0).
Submitted by: jedgar Obtained from: TrustedBSD Project
|
70841 |
09-Jan-2001 |
rwatson |
o acl_from_text.c: - errno is already set to ENOMEM (as appropriate) when asprintf(), strdup(), or acl_init() fails o acl_to_text.c: - the return value of the initial strdup() is not checked - errno is already set to ENOMEM (as appropriate) when asprintf and acl_init() fails - let the the default: case use 'goto error_label' for consistency
Submitted by: jedgar
|
70840 |
09-Jan-2001 |
rwatson |
o bzero() the ACL structure only if malloc() returns non-NULL.
Submitted by: jedgar
|
70839 |
09-Jan-2001 |
rwatson |
o Correct spelling error from patch in previous commit.
|
70838 |
09-Jan-2001 |
rwatson |
o Add missing initialization of errno from error returns of cap_get_fd(), cap_get_file() and cap_get_proc().
Submitted by: jedgar
|
70781 |
08-Jan-2001 |
rwatson |
o Make acl_from_text() support uid's and gid's as well as usernames and groupnames, by adding appropriate support to acl_name_to_id() in acl_support.c
Submitted by: green
|
70768 |
07-Jan-2001 |
jedgar |
Correct check of getgrnam output
Approved by: rwatson
|
70481 |
29-Dec-2000 |
ru |
Prepare for mdoc(7)NG.
|
70015 |
14-Dec-2000 |
ru |
mdoc(7) police: removed history info from the .Os FreeBSD call.
|
69859 |
11-Dec-2000 |
rwatson |
o Introduce a pile more documentation about capabilities, including identification and descriptions of most capabilities, current inheritence rules, etc. More to follow.
Reviewed by: sheldonh Obtained from: TrustedBSD Project
|
69051 |
22-Nov-2000 |
ru |
mdoc(7) police: Er macro usage cleanup.
|
68716 |
14-Nov-2000 |
ru |
Use Fx macro wherever possible.
|
67088 |
13-Oct-2000 |
rwatson |
o Introduce cap_from_text() and cap_to_text() implementations.
Reviewed by: green Obtained from: TrustedBSD Project Security audited by: imp, green
|
67086 |
13-Oct-2000 |
rwatson |
o Simplify capability types away from an array of ints to a single u_int64_t flag field, bounding the number of capabilities at 64, but substantially cleaning up capability logic (there are currently 43 defined capabilities).
o Heads up to anyone actually using capabilities: the constant assignments for various capabilities have been redone, so any persistent binary capability stores (i.e., '$posix1e.cap' EA backing files) must be recreated. If you have one of these, you'll know about it, so if you have no idea what this means, don't worry.
o Update libposix1e to reflect this new definition, fixing the exposed functions that directly manipulate the flags fields.
Obtained from: TrustedBSD Project
|
67035 |
12-Oct-2000 |
rwatson |
o Update BUGS entry to indicate in a more precise manner the implementation status of capabilities (library is complete, kernel work is maintained outside the tree).
Obtained from: TrustedBSD Project
|
66566 |
02-Oct-2000 |
rwatson |
o Introduce a MAINTAINER entry for libposix1e, since it is actively developed and maintained.
|
66259 |
22-Sep-2000 |
rwatson |
o Minor whitespace, comment cleanups o Removal of unneeded enum o Removal of commented out debugging printf()'s.
Obtained from: TrustedBSD Project
|
66079 |
19-Sep-2000 |
rwatson |
o Whitespace reduction appled to FreeBSD CVS ID
Obtained from: TrustedBSD Project
|
66078 |
19-Sep-2000 |
rwatson |
o General warning fixing commit - Include <stdlib.h> and <string.h> as needed for prototypes - Remove unneeded "error" variables o Make cap_init() use cap_clear() instead of bzero()
Obtained from: TrustedBSD Project
|
66077 |
19-Sep-2000 |
rwatson |
o Add cap_from_text(3) and cap_to_text(3) man pages. o Implementations will remain in the seperately distributed capability patch until the cap_t type changes are synchronized.
Obtained from: TrustedBSD Project
|
66076 |
19-Sep-2000 |
rwatson |
o EACCES is not a possible error for acl_from_text(), so fix acl_from_text.3 o Minor whitespace cleanups relative to the TrustedBSD tree to reduce content-free differences.
Obtained from: TrustedBSD Project
|
66049 |
19-Sep-2000 |
rwatson |
o cap_set_flag() was not correctly clearing capabilities when value was CAP_CLEAR.
Obtained from: TrustedBSD Project
|
63139 |
14-Jul-2000 |
asmodai |
Fix typo, teh -> the.
|
62611 |
05-Jul-2000 |
rwatson |
o Enable building of libposix1e capability state utility functions and capability-related syscall wrappers.
Obtained from: TrustedBSD Project
|
62610 |
05-Jul-2000 |
rwatson |
o Introduce cap_{get,set}_{file,fd}() syscall wrappers, associated with soon to be committed syscall stubs. These calls will be used to get and set capability state associated with executables.
Obtained from: TrustedBSD Project
|
62609 |
05-Jul-2000 |
rwatson |
o When calling the syscall, use &cap instead of cap. Apparently this error was introduced during the merge; fixing it corrects a (correct) warning about types.
Obtained from: TrustedBSD Project
|
62608 |
05-Jul-2000 |
rwatson |
o Comment out <sys/audit.h> and <sys/mac.h> since they are not yet committed
Obtained from: TrustedBSD Project
|
61436 |
09-Jun-2000 |
chris |
- Replace ``.Va (cap_t)NULL'' with ``.Dv NULL'' - Fix a typo: ``constrains'' -> ``constraints''
Reviewed by: rwatson
|
61435 |
09-Jun-2000 |
chris |
- Replace .Pp .Fn func .Pp Description ... with a list (Bl ... Li ... El). - Remove a superfluous ``.Sh ENVIRONMENT'' and replace it with a ``.Pp'' within the IMPLEMENTATION DETAILS section.
Reviewed by: rwatson
|
61264 |
04-Jun-2000 |
rwatson |
o Introduce libposix1e capability support routines, which provide a standardized interface to the capability support in TrustedBSD. o Not currently enabled in Makefile, as this code depends on syscalls and include files that will be committed at a later date.
Obtained from: TrustedBSD Project
|
61263 |
04-Jun-2000 |
rwatson |
o Fix incorrect descriptions of cap_get_flag() and cap_set_flag() in capabilities summary manpage, cap(3).
Obtained from: TrustedBSD Project
|
61259 |
04-Jun-2000 |
rwatson |
o Build and install POSIX.1e capabilities man pages o Add shared library version 2 to libposix1e given API changes, et al o Commented out cap_*.c as that is not currently being compiled into the library (pending syscalls being committed)
Obtained from: TrustedBSD Project
|
61258 |
04-Jun-2000 |
rwatson |
o Add posix1e(3) references to acl.3 and cap.3
Obtained from: TrustedBSD Project
|
61257 |
04-Jun-2000 |
rwatson |
o Add mention of capabilities documentation + APIs o Switch reference to www.trustedbsd.org instead of POSIX.1e implementation page o Add cross references to capabilities man pages o Remove extended attribute not implemented "BUGS" entry
Obtained from: TrustedBSD Project
|
61256 |
04-Jun-2000 |
rwatson |
o Introduce man pages for POSIX.1e capability API - cap.3 describing library interface - cap_*.3 describing specific API calls
APIs to follow relatively soon, code to follow later.
Obtained from: TrustedBSD Project
|
61253 |
04-Jun-2000 |
rwatson |
o Remove extra cross reference from acl.3 to acl.3 o Remove "BUGS" entries indicating that there's nowhere to store ACLs as we now have extended attributes.
Obtained from: TrustedBSD Project
|
59514 |
22-Apr-2000 |
phantom |
Introduce .Lb macro to libposix1e manpages Sort some .Nm values Decapitalize .Nd values
|
57707 |
03-Mar-2000 |
bde |
Fixed wrong function return types in synopsis.
|
56791 |
29-Jan-2000 |
mpp |
Fix various typos and mdoc style issues.
Reviewed by: rwatson
|
56760 |
28-Jan-2000 |
rwatson |
Introduce ACL man pages en masse for library calls, and general introduction.
Introduce ACL man pages en masse for library calls, and general introduction.
Also, fix acl_valid.c non-portable calls to include _np in their names, making them standard-happy as well as consistent with acl.h
|
56638 |
26-Jan-2000 |
rwatson |
A few more touchups: - clean up unneeded AFS ID type - Add Coda, NTFS, NWFS ACL types - Add acl_dup() prototype - Remove acl_calc_mask, which belongs in the editing library - Introduce posix1e.3, a man page introducing POSIX.1e library calls (more man pages to follow)
|
56625 |
26-Jan-2000 |
rwatson |
Minor fixes to library interface to improve POSIX.1e compliance. This adds _np to a couple of function prototypes that provided more broad/useful interfaces than POSIX.1e interfaces included.
Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to using different ACL types for non-POSIX.1e ACLs. This should clean up the existing fuzzy logic that determined when acl_sort() should be applied before kernel submission.
|
56274 |
19-Jan-2000 |
rwatson |
Fix bde'isms in acl/extattr syscall interface, renaming syscalls to prettier (?) names, adding some const's around here, et al.
This is commit 4 out of 3, updating the userland library to reflect kernel interface changes.
Reviewed by: bde
|
56197 |
17-Jan-2000 |
rwatson |
acl_delete_default_file() changed to acl_delete_def_file()
|
56075 |
15-Jan-2000 |
rwatson |
Oops, didn't commit the Makefile for libposix1e--this should fix build problems.
Reviewed by: eivind
|
56055 |
15-Jan-2000 |
rwatson |
libposix1e provides userland library calls for the POSIX.1e security interface. This commit introduces the library, as well as a modest subset of the ACL calls, with some modifications to support multiple ACL semantics.
Reviewed by: eivind
|