From owner-freebsd-hackers@FreeBSD.ORG Thu Jun 13 06:20:57 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id B117CBB8; Thu, 13 Jun 2013 06:20:57 +0000 (UTC) (envelope-from hps@bitfrost.no) Received: from mta.bitpro.no (mta.bitpro.no [92.42.64.202]) by mx1.freebsd.org (Postfix) with ESMTP id 7001E1A6A; Thu, 13 Jun 2013 06:20:54 +0000 (UTC) Received: from mail.bitfrost.no (mail.bitfrost.no [46.29.221.36]) by mta.bitpro.no (Postfix) with ESMTP id 7FD177A346; Thu, 13 Jun 2013 08:20:46 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at bitfrost.no Received: from laptop015.hselasky.homeunix.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: hanspetter) by mail.bitfrost.no (Postfix) with ESMTPSA id A170E20685; Thu, 13 Jun 2013 08:20:42 +0200 (CEST) Message-ID: <51B9650D.1050601@bitfrost.no> Date: Thu, 13 Jun 2013 08:22:05 +0200 From: Hans Petter Selasky Organization: Bitfrost A/S MIME-Version: 1.0 To: Alexander Leidinger Subject: Re: priv_check/make_dev/devfs.rules: What is preventing a device to show up in a jail? References: <20130509110718.0000528e@unknown> <518C060E.8040301@gmail.com> <20130510121133.00001e2a@unknown> <518CDD73.9090405@uffe.org> <20130510213303.00005078@unknown> In-Reply-To: <20130510213303.00005078@unknown> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: usb@FreeBSD.org, freebsd-hackers@freebsd.org, Uffe Jakobsen X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Jun 2013 06:20:57 -0000 On 05/10/13 21:33, Alexander Leidinger wrote: > On Fri, 10 May 2013 13:43:47 +0200 > Uffe Jakobsen wrote: > >> On 2013-05-10 12:11, Alexander Leidinger wrote: >>> >>> I worry about what is going on. We have something which is supposed >>> to provide security as required, but is does not seem to work as >>> described. We either need to fix the documentation, or a bug in the >>> code. To do the later it needs to be debugged. >>> >> >> It seems to me that you are struggeling with this - or a related - >> problem: >> >> http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/122838 > > Indeed, this is the problem. I have all entries visible now. Anyone > interested to have this changed (as suggested by Andriy in the PR) > should voice his opinion. I voiced mine already. > > Bye, > Alexander. > Hi, Can we introduce a new syntax while keeping the old behaviour? path zvol/* hide-r path zvol/* unhide-r I think this will be more accepted than changing existing behaviour! Is this stack element really needed? + char specname[SPECNAMELEN + 1]; --HPS