Date: Wed, 25 Feb 2004 08:52:58 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 47630 for review Message-ID: <200402251652.i1PGqwVE065208@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=47630 Change 47630 by rwatson@rwatson_tislabs on 2004/02/25 08:52:45 Loop back support for 'ugidfw add' from the FreeBSD CVS HEAD to TrustedBSD base branch. Affected files ... .. //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.8#4 integrate .. //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.c#2 integrate Differences ... ==== //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.8#4 (text+ko) ==== @@ -1,4 +1,4 @@ -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2002, 2004 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by Chris @@ -15,9 +15,6 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. -.\" 3. The names of the authors may not be used to endorse or promote -.\" products derived from this software without specific prior written -.\" permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -31,9 +28,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/usr.sbin/ugidfw/ugidfw.8,v 1.5 2002/12/12 14:09:25 ru Exp $ +.\" $FreeBSD: src/usr.sbin/ugidfw/ugidfw.8,v 1.6 2004/02/25 03:59:56 rwatson Exp $ .\" -.Dd October 11, 2002 +.Dd February 24, 2004 .Dt UGIDFW 8 .Os .Sh NAME @@ -41,6 +38,18 @@ .Nd "firewall-like access controls for file system objects" .Sh SYNOPSIS .Nm +.Cm add +.Cm subject +.Op Cm not +.Op Cm uid Ar uid +.Op Cm gid Ar gid +.Cm object +.Op Cm not +.Op Cm uid Ar uid +.Op Cm gid Ar gid +.Cm mode +.Ar arswxn +.Nm .Cm list .Nm .Cm set @@ -71,6 +80,27 @@ .Pp The arguments are as follows: .Bl -tag -width indent -offset indent +.It Cm add +Add a new +.Nm +rule. +.It Xo +.Cm add +.Cm subject +.Op Cm not +.Op Cm uid Ar uid +.Op Cm gid Ar gid +.Cm object +.Op Cm not +.Op Cm uid Ar uid +.Op Cm gid Ar gid +.Cm mode +.Ar arswxn +.Xc +Add a new rule, automatically selecting the rule number. +See the description of +.Cm set +for syntax information. .It Cm list Produces a list of all the current .Nm ==== //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.c#2 (text+ko) ==== @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2002 Networks Associates Technology, Inc. + * Copyright (c) 2002, 2004 Networks Associates Technology, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by NAI Labs, the @@ -15,9 +15,6 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. The names of the authors may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -31,7 +28,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/usr.sbin/ugidfw/ugidfw.c,v 1.1 2002/08/02 07:14:22 rwatson Exp $ + * $FreeBSD: src/usr.sbin/ugidfw/ugidfw.c,v 1.2 2004/02/25 03:59:56 rwatson Exp $ */ #include <sys/param.h> #include <sys/errno.h> @@ -50,6 +47,9 @@ usage(void) { + fprintf(stderr, "ugidfw add [subject [not] [uid uid] [gid gid]]" + " [object [not] [uid uid] \\\n"); + fprintf(stderr, " [gid gid]] mode arswxn\n"); fprintf(stderr, "ugidfw list\n"); fprintf(stderr, "ugidfw set rulenum [subject [not] [uid uid] [gid gid]]" " [object [not] \\\n"); @@ -60,6 +60,29 @@ } void +add_rule(int argc, char *argv[]) +{ + char errstr[BUFSIZ]; + struct mac_bsdextended_rule rule; + long value; + int error, rulenum; + char *endp; + + error = bsde_parse_rule(argc, argv, &rule, BUFSIZ, errstr); + if (error) { + fprintf(stderr, "%s\n", errstr); + return; + } + + error = bsde_add_rule(&rulenum, &rule, BUFSIZ, errstr); + if (error) { + fprintf(stderr, "%s\n", errstr); + return; + } + printf("Added rule %d\n", rulenum); +} + +void list_rules(void) { char errstr[BUFSIZ], charstr[BUFSIZ]; @@ -168,7 +191,9 @@ if (argc < 2) usage(); - if (strcmp("list", argv[1]) == 0) { + if (strcmp("add", argv[1]) == 0) { + add_rule(argc-2, argv+2); + } else if (strcmp("list", argv[1]) == 0) { if (argc != 2) usage(); list_rules();
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402251652.i1PGqwVE065208>