From owner-cvs-all@FreeBSD.ORG Fri Aug 22 10:36:24 2003 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E31F116A4C0; Fri, 22 Aug 2003 10:36:24 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8CBC343FCB; Fri, 22 Aug 2003 10:36:24 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h7MHaO0U027555; Fri, 22 Aug 2003 10:36:24 -0700 (PDT) (envelope-from rwatson@repoman.freebsd.org) Received: (from rwatson@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h7MHaO4i027554; Fri, 22 Aug 2003 10:36:24 -0700 (PDT) Message-Id: <200308221736.h7MHaO4i027554@repoman.freebsd.org> From: Robert Watson Date: Fri, 22 Aug 2003 10:36:24 -0700 (PDT) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Subject: cvs commit: src/lib/libc/posix1e mac.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Aug 2003 17:36:25 -0000 rwatson 2003/08/22 10:36:24 PDT FreeBSD src repository Modified files: lib/libc/posix1e mac.c Log: As new objects begin to support new labels, start to generalize the default label support in /etc/mac.conf. Rather than maintain each default label type in an explicit global variable in mac.c, keep a list of defaults loaded from the configuration file. Generalize the parsing so that we support both the older: default_file_labels foo default_ifnet_labels foo default_process_labels foo And also a new: default_labels file foo default_labels ifnet foo default_labels process foo We now accept arbitrary object classes in the first argument. If the same object is specified more than once, we discard the earlier definition in favor of the later one. Add a new API, mac_prepare_type(), which accepts a mac_t to prepare, as well as an object name in the second argument, which will pull a default label set for the object out of the configuration loaded by mac_init_internal(). This permits the libc to adapt to new objects known about by applications but not by libc at compile-time. Also liberalize the error handling a bit: if we're using implicit initialization (i.e., the application didn't explicitly initialize the MAC code), ignore syntax errors and only use valid lines. In the future, we may want to add explicit warnings and do this a bit more consistently. While here, add support for a MAC_CONFFILE environmental variable, which may be used to specify an alternative mac.conf configuration file if the application isn't running with modified privilege (issetugid()). Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Revision Changes Path 1.6 +192 -86 src/lib/libc/posix1e/mac.c