| #
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
| #
4d846d26 |
|
10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
|
| #
d9c2248d |
|
04-Nov-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
libcasper: using explicit_bzero in cap_grp service
Please notice that we still don't clean information in nvlist structures.
Submitted by: David CARLIER <devnexen@gmail.com>
Differential Revision: https://reviews.freebsd.org/D16777
|
| #
4468cd1a |
|
18-Mar-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
The gids argument can be declared as const.
We don't modified it in this function.
|
| #
4fc0a279 |
|
16-Feb-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Introduce channel flags in libcasper.
Instead of passing flags (which describe a type of nvlist)
every send/recv we remember them in channel.
It's enough for use to extract them only during unwrap.
This simplify use of Casper.
Reviewed by: bruffer@, bcr@ (both man page)
Differential Revision: https://reviews.freebsd.org/D14196 (man page)
|
| #
28b6f7c8 |
|
26-Jan-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Add SPDX tags for libcasper(3) and services.
MFC after: 2 weeks
|
| #
920be817 |
|
07-Jun-2016 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Add flags to the Casper services.
CASPER_SERVICE_STDIO - Casper will not close the first three descriptors (stdin,
stdout and stderr) this can be helpful for debugging.
CASPER_SERVICE_FD - Capser will not close all other descriptors, this can
be useful for a filesystem service.
|
| #
2ca9ffa9 |
|
01-Jun-2016 |
Ed Schouten <ed@FreeBSD.org> |
Don't call setgrent() in an unportable way.
For FreeBSD 12, I'm considering updating setgrent() to have a function
prototype that conforms to POSIX. FreeBSD seems to be the only operating
system that lets setgrent() return an integer. It's also inconsistent
with setpwent().
It looks like our libcasper depends on setgrent() returning an integer.
Get rid of that.
Reviewed by: oshogbo
Differential Revision: https://reviews.freebsd.org/D6659
|
| #
c501d73c |
|
25-Feb-2016 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
|