From owner-svn-src-head@freebsd.org Fri Feb 26 15:55:10 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 264BCAB5DC7 for ; Fri, 26 Feb 2016 15:55:10 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D2A5110D9 for ; Fri, 26 Feb 2016 15:55:09 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-qk0-x229.google.com with SMTP id s5so33204036qkd.0 for ; Fri, 26 Feb 2016 07:55:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=KIhNk1Aezl0tYHel3NavILql6m5SFz0CAc823xwkcP4=; b=M1Rs4rYZhEgkwozV6QeMS3WBdtk8LLOheL6Dhy+QpsgDgTFitOZXYNkU9md2OupU6S F2imJ924eSyCGbnXKzdx47JoYV6mUf6gesevL9SqwdiGNc9oyMlOIcHgMc9I+TLgbrmq RDIhj7QYMzwFviBmOB9QKfPCzOglGFCPNnCFvPxPTKqnOAuCdX05L4gax2YDbZ3N8yQD 2Inqaem+hQZsw2Aai7t6I9jGEYacROaAZ4f6XY6AFQKBduxac3qw18fJkuPxjNQ1ohCm 1WLgR5735+ublTDH869Y6xB3aw0L0T2jlIm6GS/zvSYDkZgMTKEa3/8J3u+s91AYacKH sRxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=KIhNk1Aezl0tYHel3NavILql6m5SFz0CAc823xwkcP4=; b=GQwogOe91PM3Jon9OAMXv50ZM/N/YvVd8cWUKzQGm2XmYkiZ7HBm0Abkfmd4JayEex aG5skM6NW+uFoO10VUOBZxBzBCe3l8Zh6L6V6HaevYGi/HKW/pVE2VshATcI8bR3xGwj ZQ997Qf1L7IXt7nM9jrHoR1iDzw3R9GNbsPxBXtOMnPLi7/fNDto0/krZPOMjg8zczhv KelCQCkQe5yw19rY6mIDWd6LhgJZbUZAN1yaEl4edMDGSqmazDhP87LLukiHM2B1fqo3 BpQcicy/s+Ibyr/8lXeaql72DvygDlbZASWOOXDUvuD6WOnC4pZaGNURkqs/Tj12+OaU l5Cw== X-Gm-Message-State: AD7BkJJ0KF4A1G16UX/MyDXXPoAh535Q/+qliFB/xpe9rAnBYyTyO03oFNtyPNWHNFU19JLN X-Received: by 10.55.72.135 with SMTP id v129mr2835702qka.72.1456502109048; Fri, 26 Feb 2016 07:55:09 -0800 (PST) Received: from mutt-hardenedbsd (c-73-135-80-144.hsd1.md.comcast.net. [73.135.80.144]) by smtp.gmail.com with ESMTPSA id s75sm5538127qge.17.2016.02.26.07.55.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 Feb 2016 07:55:07 -0800 (PST) Date: Fri, 26 Feb 2016 10:55:05 -0500 From: Shawn Webb To: Mariusz Zaborski Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r296047 - in head: . contrib/mdocml contrib/tcpdump etc/defaults etc/mtree etc/rc.d gnu/usr.bin/groff/tmac lib lib/libc/posix1e lib/libcapsicum lib/libcasper lib/libcasper/libcasper lib... Message-ID: <20160226155505.GC6148@mutt-hardenedbsd> References: <201602251823.u1PINe3W036719@repo.freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Sr1nOIr3CvdE5hEN" Content-Disposition: inline In-Reply-To: <201602251823.u1PINe3W036719@repo.freebsd.org> X-Operating-System: FreeBSD mutt-hardenedbsd 11.0-CURRENT-HBSD FreeBSD 11.0-CURRENT-HBSD X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x6A84658F52456EEE User-Agent: Mutt/1.5.24 (2015-08-30) X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Feb 2016 15:55:10 -0000 --Sr1nOIr3CvdE5hEN Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 25, 2016 at 06:23:40PM +0000, Mariusz Zaborski wrote: > Author: oshogbo > Date: Thu Feb 25 18:23:40 2016 > New Revision: 296047 > URL: https://svnweb.freebsd.org/changeset/base/296047 >=20 > Log: > Convert casperd(8) daemon to the libcasper. > After calling the cap_init(3) function Casper will fork from it's origi= nal > process, using pdfork(2). Forking from a process has a lot of advantage= s: > 1. We have the same cwd as the original process. > 2. The same uid, gid and groups. > 3. The same MAC labels. > 4. The same descriptor table. > 5. The same routing table. > 6. The same umask. > 7. The same cpuset(1). > From now services are also in form of libraries. > We also removed libcapsicum at all and converts existing program using = Casper > to new architecture. > =20 > Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste > Partially reviewed by: drysdale@google.com, bdrewery > Approved by: pjd (mentor) > Differential Revision: https://reviews.freebsd.org/D4277 This commit breaks `cd /usr/src/release; make real-release`. Log of failed build here: http://jenkins.hardenedbsd.org:8180/jenkins/job/HardenedBSD-CURRENT-amd64/l= astFailedBuild/console Reverting this commit makes everything happy again. Thanks, --=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --Sr1nOIr3CvdE5hEN Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW0HVYAAoJEGqEZY9SRW7uz6UP/3eeHU8DjQKj9KbKl91qAlsR WXB6Zoxei3+xuaypzoUzLQPWYFdgPmgkjQqewYLS0T6duy5c7p2KACpm2DBYDQSN Z22YdGI32s2dhofq01iLug4jSUVAX/wrIyf3SLNVA8w01Q8Pb6UfYfXee518q/Dg 3K2uiajOLIEedzh1bWESVvtApiOn8d5DHF+o0FmHlpr3KbRlkxL0o2fI+B0/b7hz u9zGhs7Jtaj9ZKAOgRZ1aaoiDBrTYCS17AAZ4yFkP+b91T5VdcEfzd18e9bsdj8m QKB2/TTRV1kYDeUhUXCntoltz9EBuyMbtrMhBhEDUrS/3KGgMctx8BJRY/etJzjW Sq+wgELPfvQF6GqIv5aYkoI/LjghgsbBLyKBt0bRPYIfU0WMJ0LjqPSf7R0OmxG9 IyXNXIah+c04Eh/SbIfbbXUoNhGnQBBwVY4A7c/xWfuiOVQQrXcP7pOCdrCmMwJY fVGU6QEAGotn/FHOd9JuJ/7bDTyx4bydElHwui9GB8v0ao7FxWExM01V0oomqr2u RYP7uK9J1gzVAsTPmkZhmpnd6mUaVaOJ7kmfpHUampjw5KpPRr6v33zEep4jvWcm LoWsi/cDZAN5/tvemQIjUJ36Q5F+2g5Us/lDkejEtpWQA8cjy2YAAO41mkPk1n2Y dLWVr0Tc+fwC44PIuY9P =m9h4 -----END PGP SIGNATURE----- --Sr1nOIr3CvdE5hEN--