From owner-p4-projects@FreeBSD.ORG Thu Jan 28 15:10:02 2010 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 0A4AC1065693; Thu, 28 Jan 2010 15:10:02 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BFA9B106568D for ; Thu, 28 Jan 2010 15:10:01 +0000 (UTC) (envelope-from jona@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id A65138FC0C for ; Thu, 28 Jan 2010 15:10:01 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o0SFA1i5064341 for ; Thu, 28 Jan 2010 15:10:01 GMT (envelope-from jona@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o0SFA1vI064339 for perforce@freebsd.org; Thu, 28 Jan 2010 15:10:01 GMT (envelope-from jona@FreeBSD.org) Date: Thu, 28 Jan 2010 15:10:01 GMT Message-Id: <201001281510.o0SFA1vI064339@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to jona@FreeBSD.org using -f From: Jonathan Anderson To: Perforce Change Reviews Precedence: bulk Cc: Subject: PERFORCE change 173842 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2010 15:10:02 -0000 http://p4web.freebsd.org/chv.cgi?CH=173842 Change 173842 by jona@jona-capsicum-kent64 on 2010/01/28 15:09:18 libcapability => libcapsicum Affected files ... .. //depot/projects/trustedbsd/capabilities/src/lib/Makefile#14 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/cap_enter.2#7 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/cap_new.2#12 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/Makefile#19 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.3#22 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.c#12 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#28 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_fdlist.c#2 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.3#9 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#24 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host_io.c#5 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_internal.h#5 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_sandbox.3#7 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_sandbox.c#9 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_sandbox_api.h#5 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_sandbox_io.c#5 delete .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.3#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.c#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.3#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host_io.c#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_internal.h#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_sandbox.3#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_sandbox.c#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_sandbox_api.h#1 add .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_sandbox_io.c#1 add .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/Makefile#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#3 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/Makefile#4 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/Makefile#3 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#4 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/Makefile#6 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#11 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/sandbox_qt.cpp#11 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/sandbox_qt.pro#6 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/Makefile#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/sandbox_world.c#6 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#8 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#10 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/lib/Makefile#14 (text+ko) ==== @@ -33,7 +33,7 @@ ncurses ${_libnetgraph} libradius librpcsvc libsbuf \ libtacplus libulog libutil ${_libypclnt} libalias libarchive \ ${_libatm} libbegemot ${_libbluetooth} ${_libbsnmp} libbz2 \ - libcalendar libcam libcapability libcompat \ + libcalendar libcam libcapsicum libcompat \ libdevinfo libdevstat \ libdisk \ libdwarf libedit libexpat libfetch libftpio libgeom ${_libgpib} \ ==== //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/cap_enter.2#7 (text+ko) ==== @@ -68,7 +68,7 @@ may be used to create kernel-enforced sandboxes in which appropriately-crafted applications or application components may be run. Most sandboxes will be created and managed using the -.Xr libcapability +.Xr libcapsicum library, rather than using system calls directly. .Pp .Fn cap_getmode @@ -97,7 +97,7 @@ .Sh SEE ALSO .Xr cap_new 2 , .Xr fexecve 2 , -.Xr libcapability 3 +.Xr libcapsicum 3 .Sh HISTORY Support for capabilities and capabilities mode was developed as part of the .Tn TrustedBSD ==== //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/cap_new.2#12 (text+ko) ==== @@ -88,7 +88,7 @@ Many applications will prefer to use the .Xr cap_limitfd 3 library call, part of -.Xr libcapability 3 , +.Xr libcapsicum 3 , as it offers a more convenient interface. .Pp .Fn cap_getrights @@ -455,7 +455,7 @@ .Xr unlinkat 2 , .Xr write 2 , .Xr cap_limitfd 3 , -.Xr libcapability 3 , +.Xr libcapsicum 3 , .Xr sem_getvalue 3 , .Xr sem_post 3 , .Xr sem_trywait 3 , ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/Makefile#2 (text+ko) ==== @@ -3,6 +3,6 @@ CFLAGS=-Wall -Werror -g -rdynamic DPADD= ${LIBCAPABILITY} ${LIBSBUF} -LDADD= -lcapability -lsbuf +LDADD= -lcapsicum -lsbuf .include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#3 (text+ko) ==== @@ -39,7 +39,7 @@ #include #include #include -#include +#include #include #include #include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/Makefile#4 (text+ko) ==== @@ -3,6 +3,6 @@ CFLAGS=-Wall -g -rdynamic DPADD= ${LIBCAPABILITY} ${LIBSBUF} -LDADD= -lcapability -lsbuf +LDADD= -lcapsicum -lsbuf .include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#7 (text+ko) ==== @@ -40,7 +40,7 @@ #include #include #include -#include +#include #include #include #include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/Makefile#3 (text+ko) ==== @@ -3,6 +3,6 @@ CFLAGS=-Wall -g -rdynamic DPADD= ${LIBCAPABILITY} ${LIBSBUF} -LDADD= -lcapability -lsbuf +LDADD= -lcapsicum -lsbuf .include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#4 (text+ko) ==== @@ -41,7 +41,7 @@ #include #include #include -#include +#include #include #include #include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/Makefile#6 (text+ko) ==== @@ -3,6 +3,6 @@ CFLAGS=-Wall -g -rdynamic DPADD= ${LIBCAPABILITY} ${LIBSBUF} -LDADD= -lcapability -lsbuf +LDADD= -lcapsicum -lsbuf .include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#11 (text+ko) ==== @@ -39,7 +39,7 @@ #include #include -#include +#include #include #include #include @@ -103,8 +103,8 @@ * requests to it. Otherwise, service the requests in this sandbox. */ if (argc > 1 && strcmp(argv[1], "nested") == 0) { - if (ld_caplibindex_lookup(MYNAME, &fd) < 0) - err(-10, "ld_caplibindex_lookup(%s)", MYNAME); + if (ld_libcache_lookup(MYNAME, &fd) < 0) + err(-10, "ld_libcache_lookup(%s)", MYNAME); if (lch_startfd(fd, MYNAME, sandbox_argv, LCH_PERMIT_STDERR, &lcsp) < 0) ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/sandbox_qt.cpp#11 (text+ko) ==== @@ -56,7 +56,7 @@ #include #include -#include +#include #include #include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_qt/sandbox_qt.pro#6 (text+ko) ==== @@ -5,7 +5,7 @@ DEPENDPATH += . INCLUDEPATH += . -LIBS += -lcapability -luserangel -lsbuf +LIBS += -lcapsicum -luserangel -lsbuf QMAKE_LFLAGS += -rdynamic # Input ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/Makefile#2 (text+ko) ==== @@ -3,6 +3,6 @@ CFLAGS=-Wall -g -rdynamic DPADD= ${LIBCAPABILITY} ${LIBSBUF} -LDADD= -lcapability -lsbuf +LDADD= -lcapsicum -lsbuf .include ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/sandbox_world.c#6 (text+ko) ==== @@ -39,7 +39,7 @@ #include #include -#include +#include #include #include #include ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#8 (text+ko) ==== @@ -8,7 +8,7 @@ SRCS= gzip.c gzsandbox.c DPADD= ${LIBZ} ${LIBCAPABILITY} -LDADD= -lz -lcapability +LDADD= -lz -lcapsicum CFLAGS+= -rdynamic # For sandbox cap_main .if ${MK_BZIP2_SUPPORT} != "no" ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#10 (text+ko) ==== @@ -41,7 +41,7 @@ #include #include #include -#include +#include #include #include #include @@ -361,7 +361,7 @@ size_t len; if (lcs_get(&lchp) < 0) - errx(-1, "libcapability sandbox binary"); + errx(-1, "libcapsicum sandbox binary"); while (1) { fdcount = 2;