Date: Mon, 6 May 2002 11:09:45 -0700 (PDT) From: Chris Vance <cvance@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 10899 for review Message-ID: <200205061809.g46I9jf95848@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=10899 Change 10899 by cvance@cvance_korben on 2002/05/06 11:09:20 Clean up extraneous printfs Break off SYSCTLs into a separate file, add a new node that prints out the list of SIDs active in the security server. Affected files ... ... //depot/projects/trustedbsd/mac/sys/conf/files#28 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#5 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_sysctl.c#1 add Differences ... ==== //depot/projects/trustedbsd/mac/sys/conf/files#28 (text+ko) ==== @@ -1300,6 +1300,7 @@ security/mac_none/mac_none.c optional mac_none security/sebsd/sebsd.c optional sebsd +security/sebsd/sebsd_sysctl.c optional sebsd security/sebsd/avc/avc.c optional sebsd security/sebsd/ss/avtab.c optional sebsd security/sebsd/ss/ebitmap.c optional sebsd ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#5 (text+ko) ==== @@ -48,59 +48,21 @@ #include <sys/sysent.h> #include <sys/vnode.h> #include <sys/mac_policy.h> -#include <sys/sysctl.h> #include <security/sebsd/sebsd.h> -#ifdef MAC - -SYSCTL_DECL(_security_mac); - -SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0, - "Security Enhanced BSD policy controls"); - -static int sebsd_enabled = 1; - -SYSCTL_INT(_security_mac_sebsd, OID_AUTO, enabled, CTLFLAG_RW, - &sebsd_enabled, 0, "Enforce Security Enhanced BSD policy"); - -TUNABLE_INT("security.mac.sebsd.enabled", &sebsd_enabled); - MALLOC_DEFINE(M_SEBSD, "sebsd", "Security Enhanced BSD"); -static int -sysctl_rule(SYSCTL_HANDLER_ARGS) -{ - u_int namelen; - int *name; - - name = (int *)arg1; - namelen = arg2; - - printf("bsdextended sysctl handler (namelen %d)\n", namelen); - - return (0); -} - -SYSCTL_NODE(_security_mac_sebsd, OID_AUTO, rules, - CTLFLAG_RW, sysctl_rule, "Security Enhanced BSD rules"); - static void sebsd_init(struct mac_policy_conf *mpc) { printf("sebsd:: init\n"); - - /* Initialize ruleset lock. */ - /* Register dynamic sysctl's for rules. */ } static void sebsd_destroy(struct mac_policy_conf *mpc) { - printf("sebsd:: destroy\n"); - /* Tear down sysctls. */ - /* Destroy ruleset lock. */ } /* @@ -110,7 +72,6 @@ static void sebsd_create_root_mount(struct ucred *cred, struct mount *mp) { - printf("sebsd hook:: create_root_mount\n"); if (security_init()) { panic("SEBSD: couldn't read policy file"); } @@ -125,5 +86,3 @@ MAC_POLICY_SET(sebsd_ops, trustedbsd_sebsd, "Security Enhanced BSD", MPC_LOADTIME_FLAG_NOTLATE, 1); - -#endif /* !MAC */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205061809.g46I9jf95848>