Date: Sat, 27 Feb 2016 14:03:06 +0100 From: Mariusz Zaborski <oshogbo@FreeBSD.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r296047 - in head: . contrib/mdocml contrib/tcpdump etc/defaults etc/mtree etc/rc.d gnu/usr.bin/groff/tmac lib lib/libc/posix1e lib/libcapsicum lib/libcasper lib/libcasper/libcasper lib... Message-ID: <CAGOYWV_ELNFEoz=4_4jRXEYcPw%2B0kWDCRO%2BYEDtDby1bQJ-WZg@mail.gmail.com> In-Reply-To: <20160226155505.GC6148@mutt-hardenedbsd> References: <201602251823.u1PINe3W036719@repo.freebsd.org> <20160226155505.GC6148@mutt-hardenedbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you. I on it. On 26 February 2016 at 16:55, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > On Thu, Feb 25, 2016 at 06:23:40PM +0000, Mariusz Zaborski wrote: > > Author: oshogbo > > Date: Thu Feb 25 18:23:40 2016 > > New Revision: 296047 > > URL: https://svnweb.freebsd.org/changeset/base/296047 > > > > Log: > > Convert casperd(8) daemon to the libcasper. > > After calling the cap_init(3) function Casper will fork from it's > original > > process, using pdfork(2). Forking from a process has a lot of > advantages: > > 1. We have the same cwd as the original process. > > 2. The same uid, gid and groups. > > 3. The same MAC labels. > > 4. The same descriptor table. > > 5. The same routing table. > > 6. The same umask. > > 7. The same cpuset(1). > > From now services are also in form of libraries. > > We also removed libcapsicum at all and converts existing program using > Casper > > to new architecture. > > > > Discussed with: pjd, jonathan, ed, drysdale@google.com, > emaste > > Partially reviewed by: drysdale@google.com, bdrewery > > Approved by: pjd (mentor) > > Differential Revision: https://reviews.freebsd.org/D4277 > > This commit breaks `cd /usr/src/release; make real-release`. > > Log of failed build here: > > > http://jenkins.hardenedbsd.org:8180/jenkins/job/HardenedBSD-CURRENT-amd64/lastFailedBuild/console > > Reverting this commit makes everything happy again. > > Thanks, > > -- > Shawn Webb > HardenedBSD > > GPG Key ID: 0x6A84658F52456EEE > GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGOYWV_ELNFEoz=4_4jRXEYcPw%2B0kWDCRO%2BYEDtDby1bQJ-WZg>