Date: Mon, 19 Jan 2009 14:56:31 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 156387 for review Message-ID: <200901191456.n0JEuVEY081222@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=156387 Change 156387 by rwatson@rwatson_freebsd_capabilities on 2009/01/19 14:55:53 Teach procstat to print out the mask of rights on a capability in file descriptor mode. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/usr.bin/procstat/procstat_files.c#10 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/procstat/procstat_files.c#10 (text+ko) ==== @@ -27,6 +27,7 @@ */ #include <sys/param.h> +#include <sys/capability.h> #include <sys/socket.h> #include <sys/sysctl.h> #include <sys/un.h> @@ -131,6 +132,74 @@ printf("%s", addr); } +static struct cap_desc { + cap_rights_t cd_right; + const char *cd_desc; +} cap_desc[] = { + { CAP_READ, "rd" }, + { CAP_WRITE, "wr" }, + { CAP_SEEK, "se" }, + { CAP_GETPEERNAME, "pn" }, + { CAP_GETSOCKNAME, "sn" }, + { CAP_FCHFLAGS, "cf" }, + { CAP_IOCTL, "io" }, + { CAP_FSTAT, "fs" }, + { CAP_MMAP, "mm" }, + { CAP_FCNTL, "fc" }, + { CAP_EVENT, "ev" }, + { CAP_FSYNC, "fy" }, + { CAP_FCHOWN, "cn" }, + { CAP_FCHMOD, "cm" }, + { CAP_FTRUNCATE, "ft" }, + { CAP_FLOCK, "fl" }, + { CAP_FSTATFS, "sf" }, + { CAP_REVOKE, "rv" }, + { CAP_FEXECVE, "fe" }, + { CAP_FPATHCONF, "fp" }, + { CAP_FUTIMES, "fu" }, + { CAP_ACL_GET, "ag" }, + { CAP_ACL_SET, "as" }, + { CAP_ACL_DELETE, "ad" }, + { CAP_ACL_CHECK, "ac" }, + { CAP_EXTATTR_GET, "eg" }, + { CAP_EXTATTR_SET, "es" }, + { CAP_EXTATTR_DELETE, "ed" }, + { CAP_EXTATTR_LIST, "el" }, + { CAP_MAC_GET, "mg" }, + { CAP_MAC_SET, "ms" }, + { CAP_ACCEPT, "at" }, + { CAP_BIND, "bd" }, + { CAP_GETSOCKOPT, "gs" }, + { CAP_SETSOCKOPT, "ss" }, + { CAP_LISTEN, "ln" }, + { CAP_SHUTDOWN, "sh" }, + { CAP_PEELOFF, "pf" }, + { CAP_LOOKUP, "lo" }, + { CAP_SEM_POST, "sp" }, + { CAP_SEM_WAIT, "sw" }, + { CAP_SEM_GETVALUE, "sg" }, + { CAP_KEVENT, "ke" }, + { CAP_PDGETPID, "pg" }, + { CAP_PDWAIT, "pw" }, + { CAP_PDKILL, "pk" }, +}; +static const int cap_desc_count = sizeof(cap_desc) / + sizeof(cap_desc[0]); + +static void +print_capability(cap_rights_t rights) +{ + int count, i; + + count = 0; + for (i = 0; i < cap_desc_count; i++) { + if (rights & cap_desc[i].cd_right) { + printf("%s%s", count ? "," : "", cap_desc[i].cd_desc); + count++; + } + } +} + void procstat_files(pid_t pid, struct kinfo_proc *kipp) { @@ -323,6 +392,11 @@ } break; + case KF_TYPE_CAPABILITY: + printf("%-4s ", "-"); + print_capability(kif->kf_cap_rights); + break; + case KF_TYPE_PROCDESC: printf("%-3s %d", "-", kif->kf_pid); break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901191456.n0JEuVEY081222>