From owner-p4-projects Mon May 6 11: 9:56 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id DD65837B409; Mon, 6 May 2002 11:09:46 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 0722537B408 for ; Mon, 6 May 2002 11:09:46 -0700 (PDT) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g46I9jf95848 for perforce@freebsd.org; Mon, 6 May 2002 11:09:45 -0700 (PDT) (envelope-from cvance@tislabs.com) Date: Mon, 6 May 2002 11:09:45 -0700 (PDT) Message-Id: <200205061809.g46I9jf95848@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to cvance@tislabs.com using -f From: Chris Vance Subject: PERFORCE change 10899 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=10899 Change 10899 by cvance@cvance_korben on 2002/05/06 11:09:20 Clean up extraneous printfs Break off SYSCTLs into a separate file, add a new node that prints out the list of SIDs active in the security server. Affected files ... ... //depot/projects/trustedbsd/mac/sys/conf/files#28 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#5 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_sysctl.c#1 add Differences ... ==== //depot/projects/trustedbsd/mac/sys/conf/files#28 (text+ko) ==== @@ -1300,6 +1300,7 @@ security/mac_none/mac_none.c optional mac_none security/sebsd/sebsd.c optional sebsd +security/sebsd/sebsd_sysctl.c optional sebsd security/sebsd/avc/avc.c optional sebsd security/sebsd/ss/avtab.c optional sebsd security/sebsd/ss/ebitmap.c optional sebsd ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#5 (text+ko) ==== @@ -48,59 +48,21 @@ #include #include #include -#include #include -#ifdef MAC - -SYSCTL_DECL(_security_mac); - -SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0, - "Security Enhanced BSD policy controls"); - -static int sebsd_enabled = 1; - -SYSCTL_INT(_security_mac_sebsd, OID_AUTO, enabled, CTLFLAG_RW, - &sebsd_enabled, 0, "Enforce Security Enhanced BSD policy"); - -TUNABLE_INT("security.mac.sebsd.enabled", &sebsd_enabled); - MALLOC_DEFINE(M_SEBSD, "sebsd", "Security Enhanced BSD"); -static int -sysctl_rule(SYSCTL_HANDLER_ARGS) -{ - u_int namelen; - int *name; - - name = (int *)arg1; - namelen = arg2; - - printf("bsdextended sysctl handler (namelen %d)\n", namelen); - - return (0); -} - -SYSCTL_NODE(_security_mac_sebsd, OID_AUTO, rules, - CTLFLAG_RW, sysctl_rule, "Security Enhanced BSD rules"); - static void sebsd_init(struct mac_policy_conf *mpc) { printf("sebsd:: init\n"); - - /* Initialize ruleset lock. */ - /* Register dynamic sysctl's for rules. */ } static void sebsd_destroy(struct mac_policy_conf *mpc) { - printf("sebsd:: destroy\n"); - /* Tear down sysctls. */ - /* Destroy ruleset lock. */ } /* @@ -110,7 +72,6 @@ static void sebsd_create_root_mount(struct ucred *cred, struct mount *mp) { - printf("sebsd hook:: create_root_mount\n"); if (security_init()) { panic("SEBSD: couldn't read policy file"); } @@ -125,5 +86,3 @@ MAC_POLICY_SET(sebsd_ops, trustedbsd_sebsd, "Security Enhanced BSD", MPC_LOADTIME_FLAG_NOTLATE, 1); - -#endif /* !MAC */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message