From owner-cvs-src@FreeBSD.ORG Mon Jul 19 14:29:08 2004 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A88AC16A4CE; Mon, 19 Jul 2004 14:29:08 +0000 (GMT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A0C043D48; Mon, 19 Jul 2004 14:29:08 +0000 (GMT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.11/8.12.11) with ESMTP id i6JESbi8050420; Mon, 19 Jul 2004 10:28:37 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)i6JESbqF050417; Mon, 19 Jul 2004 10:28:37 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 19 Jul 2004 10:28:37 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: John Baldwin In-Reply-To: <200407190921.45189.jhb@FreeBSD.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: cvs-all@FreeBSD.org cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: Colin Percival cc: Colin Percival Subject: Re: cvs commit: src/sys/kern kern_prot.c src/sys/sys systm.h X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jul 2004 14:29:08 -0000 On Mon, 19 Jul 2004, John Baldwin wrote: > On Friday 16 July 2004 05:44 pm, Colin Percival wrote: > > At 12:42 16/07/2004, John Baldwin wrote: > > >On Friday 16 July 2004 11:57 am, Colin Percival wrote: > > >> Log: > > >> Add a SUSER_RUID flag to suser_cred. This flag indicates that we want > > >> to check if the *real* user is the superuser (vs. the normal behaviour, > > >> which checks the effective user). > > > > > >Could we rename PRISON_ROOT to SUSER_PRISONOK or some such to be > > > consistent? > > > > I'd be happy to do this; should I simply add the new name, or should I > > make the substitution across the entire tree? > > I would ask Robert's opinion. :) I would vote for adding the new name > and changing it across the tree and add in a #define for the old name > that is inside #ifdef OBSOLETE_IN_6 or some such so it is deprecated for > 5.x and gone in 6.0. I think it would be reasonable to even remove the old name for 5.x -- it's fairly unusual for device drivers, etc, to need to know about Jails, and we've already changed the API for super user checks between 4.x and 5.x anyway. I'd be willing to go with the flag change across the entire tree (as long as it's done carefully :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research