Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 23 Apr 2006 17:06:18 +0000 (UTC)
From:      David Malone <dwmalone@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/lib/libugidfw libugidfw.3 ugidfw.c ugidfw.h src/sys/security/mac_bsdextended mac_bsdextended.c mac_bsdextended.h src/tools/regression/mac/mac_bsdextended test_matches.sh test_ugidfw.c src/usr.sbin/ugidfw ugidfw.8 ugidfw.c
Message-ID:  <200604231706.k3NH6I95038014@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help 
dwmalone    2006-04-23 17:06:18 UTC

  FreeBSD src repository

  Modified files:
    lib/libugidfw        libugidfw.3 ugidfw.c ugidfw.h 
    sys/security/mac_bsdextended mac_bsdextended.c 
                                 mac_bsdextended.h 
    tools/regression/mac/mac_bsdextended test_ugidfw.c 
    usr.sbin/ugidfw      ugidfw.8 ugidfw.c 
  Added files:
    tools/regression/mac/mac_bsdextended test_matches.sh 
  Log:
  Add some new options to mac_bsdestended. We can now match on:
  
          subject: ranges of uid, ranges of gid, jail id
          objects: ranges of uid, ranges of gid, filesystem,
                  object is suid, object is sgid, object matches subject uid/gid
                  object type
  
  We can also negate individual conditions. The ruleset language is
  a superset of the previous language, so old rules should continue
  to work.
  
  These changes require a change to the API between libugidfw and the
  mac_bsdextended module. Add a version number, so we can tell if
  we're running mismatched versions.
  
  Update man pages to reflect changes, add extra test cases to
  test_ugidfw.c and add a shell script that checks that the the
  module seems to do what we expect.
  
  Suggestions from: rwatson, trhodes
  Reviewed by: trhodes
  MFC after: 2 months
  
  Revision  Changes    Path
  1.8       +0 -10     src/lib/libugidfw/libugidfw.3
  1.11      +729 -167  src/lib/libugidfw/ugidfw.c
  1.5       +0 -3      src/lib/libugidfw/ugidfw.h
  1.29      +158 -25   src/sys/security/mac_bsdextended/mac_bsdextended.c
  1.6       +52 -10    src/sys/security/mac_bsdextended/mac_bsdextended.h
  1.1       +167 -0    src/tools/regression/mac/mac_bsdextended/test_matches.sh (new)
  1.3       +50 -8     src/tools/regression/mac/mac_bsdextended/test_ugidfw.c
  1.9       +195 -44   src/usr.sbin/ugidfw/ugidfw.8
  1.6       +1 -0      src/usr.sbin/ugidfw/ugidfw.c

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604231706.k3NH6I95038014>