| #
b3e76948 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: two-line .h pattern
Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
|
| #
b30c6ac9 |
|
07-Apr-2020 |
Conrad Meyer <cem@FreeBSD.org> |
libcasper(3): Export functions to C++
We must wrap C declarations in __BEGIN / __END_DECLS to avoid C++ name-mangling
of the declaration when including the C header; name-mangling causes the linker
to attempt to locate the wrong (C++ ABI) symbol name.
Reviewed by: markj, oshogbo (earlier version both)
Differential Revision: https://reviews.freebsd.org/D24323
|
| #
4468cd1a |
|
18-Mar-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
The gids argument can be declared as const.
We don't modified it in this function.
|
| #
ca28b8ee |
|
30-Oct-2017 |
Enji Cooper <ngie@FreeBSD.org> |
Add `static` to `cap_setgrent` prototype in !WITH_CASPER case
This unbreaks the default powerpc/sparc64 build configuration after r325062.
|
| #
ceb36bc9 |
|
28-Oct-2017 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Introduce caspermocks.
The idea behinds mocks is that we don't need to ifdef a lot of code in
tools itself but those defines are hidden in the casper library.
Right now the mocks are implemented as define/inlines functions.
There was a very long discussion how this should be implemented.
This approach has some advantages like we don't need to link to any additional
libraries. Unfortunately there are also some disadvantages for example it is
easy to get library out of sync between two versions of functions or that we
need extra define to compile program with casper support.
This isn't an ideal solution but it's good enough for now and should simplify
capsicumizing programs. This also doesn't close us any other ways to do those
mocks and this should evolve in time.
Discussed with: pjd, emaste, ed, rwatson, bapt, cem, bdrewery
Differential Revision: https://reviews.freebsd.org/D8753
|
| #
c501d73c |
|
25-Feb-2016 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
|