From owner-p4-projects Wed Oct 23 18:40:37 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5895B37B406; Wed, 23 Oct 2002 18:40:30 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E2F5037B401 for ; Wed, 23 Oct 2002 18:40:29 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 91A9B43E8A for ; Wed, 23 Oct 2002 18:40:25 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9O1dhmV052419 for ; Wed, 23 Oct 2002 18:39:43 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9O1dhKE052414 for perforce@freebsd.org; Wed, 23 Oct 2002 18:39:43 -0700 (PDT) Date: Wed, 23 Oct 2002 18:39:43 -0700 (PDT) Message-Id: <200210240139.g9O1dhKE052414@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 20010 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://perforce.freebsd.org/chv.cgi?CH=20010 Change 20010 by rwatson@rwatson_tislabs on 2002/10/23 18:39:22 Integ various MAC changes from the TrustedBSD base tree to the TrustedBSD MAC tree. Includes ls, ps label support. Affected files ... .. //depot/projects/trustedbsd/mac/bin/ls/Makefile#6 integrate .. //depot/projects/trustedbsd/mac/bin/ls/lomac.c#9 delete .. //depot/projects/trustedbsd/mac/bin/ls/lomac.h#5 delete .. //depot/projects/trustedbsd/mac/bin/ls/ls.1#12 integrate .. //depot/projects/trustedbsd/mac/bin/ls/ls.c#16 integrate .. //depot/projects/trustedbsd/mac/bin/ls/ls.h#7 integrate .. //depot/projects/trustedbsd/mac/bin/ls/print.c#12 integrate .. //depot/projects/trustedbsd/mac/bin/ps/Makefile#7 integrate .. //depot/projects/trustedbsd/mac/bin/ps/extern.h#11 integrate .. //depot/projects/trustedbsd/mac/bin/ps/keyword.c#13 integrate .. //depot/projects/trustedbsd/mac/bin/ps/print.c#16 integrate .. //depot/projects/trustedbsd/mac/bin/ps/ps.1#12 integrate .. //depot/projects/trustedbsd/mac/bin/ps/ps.c#14 integrate .. //depot/projects/trustedbsd/mac/lib/libc/posix1e/posix1e.3#5 integrate .. //depot/projects/trustedbsd/mac/libexec/ftpd/Makefile#8 integrate .. //depot/projects/trustedbsd/mac/sys/modules/Makefile#47 integrate .. //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.c#17 integrate .. //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.h#2 integrate Differences ... ==== //depot/projects/trustedbsd/mac/bin/ls/Makefile#6 (text+ko) ==== @@ -1,5 +1,5 @@ # @(#)Makefile 8.1 (Berkeley) 6/2/93 -# $FreeBSD: src/bin/ls/Makefile,v 1.23 2002/02/04 03:06:50 kris Exp $ +# $FreeBSD: src/bin/ls/Makefile,v 1.24 2002/10/24 00:07:30 rwatson Exp $ PROG= ls SRCS= cmp.c ls.c print.c util.c ==== //depot/projects/trustedbsd/mac/bin/ls/ls.1#12 (text+ko) ==== @@ -33,7 +33,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)ls.1 8.7 (Berkeley) 7/29/94 -.\" $FreeBSD: src/bin/ls/ls.1,v 1.69 2002/08/21 17:32:34 trhodes Exp $ +.\" $FreeBSD: src/bin/ls/ls.1,v 1.70 2002/10/24 00:07:30 rwatson Exp $ .\" .Dd May 19, 2002 .Dt LS 1 ==== //depot/projects/trustedbsd/mac/bin/ls/ls.c#16 (text+ko) ==== @@ -46,7 +46,7 @@ #endif /* not lint */ #endif #include -__FBSDID("$FreeBSD: src/bin/ls/ls.c,v 1.67 2002/10/18 10:59:45 tjr Exp $"); +__FBSDID("$FreeBSD: src/bin/ls/ls.c,v 1.68 2002/10/24 00:07:30 rwatson Exp $"); #include #include ==== //depot/projects/trustedbsd/mac/bin/ls/ls.h#7 (text+ko) ==== @@ -35,7 +35,7 @@ * SUCH DAMAGE. * * from: @(#)ls.h 8.1 (Berkeley) 5/31/93 - * $FreeBSD: src/bin/ls/ls.h,v 1.18 2002/05/19 02:51:36 tjr Exp $ + * $FreeBSD: src/bin/ls/ls.h,v 1.19 2002/10/24 00:07:30 rwatson Exp $ */ #define NO_PRINT 1 ==== //depot/projects/trustedbsd/mac/bin/ls/print.c#12 (text+ko) ==== @@ -40,7 +40,7 @@ #endif /* not lint */ #endif #include -__FBSDID("$FreeBSD: src/bin/ls/print.c,v 1.60 2002/10/23 10:20:01 markm Exp $"); +__FBSDID("$FreeBSD: src/bin/ls/print.c,v 1.61 2002/10/24 00:07:30 rwatson Exp $"); #include #include ==== //depot/projects/trustedbsd/mac/bin/ps/Makefile#7 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/bin/ps/Makefile,v 1.21 2002/07/08 15:48:39 jmallett Exp $ +# $FreeBSD: src/bin/ps/Makefile,v 1.22 2002/10/24 00:00:57 rwatson Exp $ # @(#)Makefile 8.1 (Berkeley) 6/2/93 PROG= ps ==== //depot/projects/trustedbsd/mac/bin/ps/extern.h#11 (text+ko) ==== @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)extern.h 8.3 (Berkeley) 4/2/94 - * $FreeBSD: src/bin/ps/extern.h,v 1.27 2002/10/02 20:32:50 jhb Exp $ + * $FreeBSD: src/bin/ps/extern.h,v 1.28 2002/10/24 00:00:57 rwatson Exp $ */ struct kinfo; ==== //depot/projects/trustedbsd/mac/bin/ps/keyword.c#13 (text+ko) ==== @@ -37,7 +37,7 @@ #endif /* not lint */ #endif #include -__FBSDID("$FreeBSD: src/bin/ps/keyword.c,v 1.57 2002/10/02 20:32:50 jhb Exp $"); +__FBSDID("$FreeBSD: src/bin/ps/keyword.c,v 1.58 2002/10/24 00:00:57 rwatson Exp $"); #include #include ==== //depot/projects/trustedbsd/mac/bin/ps/print.c#16 (text+ko) ==== @@ -37,7 +37,7 @@ #endif /* not lint */ #endif #include -__FBSDID("$FreeBSD: src/bin/ps/print.c,v 1.74 2002/10/02 20:32:50 jhb Exp $"); +__FBSDID("$FreeBSD: src/bin/ps/print.c,v 1.75 2002/10/24 00:00:57 rwatson Exp $"); #include #include ==== //depot/projects/trustedbsd/mac/bin/ps/ps.1#12 (text+ko) ==== @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)ps.1 8.3 (Berkeley) 4/18/94 -.\" $FreeBSD: src/bin/ps/ps.1,v 1.58 2002/10/02 20:32:50 jhb Exp $ +.\" $FreeBSD: src/bin/ps/ps.1,v 1.59 2002/10/24 00:00:57 rwatson Exp $ .\" .Dd April 18, 1994 .Dt PS 1 ==== //depot/projects/trustedbsd/mac/bin/ps/ps.c#14 (text+ko) ==== @@ -43,7 +43,7 @@ #endif /* not lint */ #endif #include -__FBSDID("$FreeBSD: src/bin/ps/ps.c,v 1.58 2002/09/03 05:44:00 jmallett Exp $"); +__FBSDID("$FreeBSD: src/bin/ps/ps.c,v 1.59 2002/10/24 00:00:57 rwatson Exp $"); #include #include ==== //depot/projects/trustedbsd/mac/lib/libc/posix1e/posix1e.3#5 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/lib/libc/posix1e/posix1e.3,v 1.22 2002/10/22 01:52:53 rwatson Exp $ +.\" $FreeBSD: src/lib/libc/posix1e/posix1e.3,v 1.24 2002/10/23 23:56:15 chris Exp $ .\" .Dd January 17, 2000 .Dt POSIX1E 3 @@ -41,14 +41,15 @@ .In sys/mac.h .Sh DESCRIPTION The IEEE POSIX.1e specification never left draft form, but the interfaces -it describes are now widely used despite inherent limitations. Currently, -only a few of the interfaces and features are implemented in +it describes are now widely used despite inherent limitations. +Currently, only a few of the interfaces and features are implemented in .Fx , although efforts are underway to complete the integration at this time. .Pp POSIX.1e describes five security extensions to the base POSIX.1 API: Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access -Control, and Information Flow Labels. Of these, the ACL interfaces are +Control, and Information Flow Labels. +Of these, the ACL interfaces are currently included with .Fx , Auditing, Capabilities, and Mandatory @@ -57,7 +58,8 @@ .Pp POSIX.1e defines both syntax and semantics for these features, but fairly substantial changes are required to implement these features in the -operating system. As shipped, +operating system. +As shipped, .Fx 4.0 permits file systems to export Access Control Lists via the VFS, and provides a library for userland @@ -69,7 +71,8 @@ .Fx currently provides documentation and APIs for fine-grained capability support, but implementation is currently not included in the base -system. Documentation of these API calls is provided in +system. +Documentation of these API calls is provided in .Xr cap 3 . .Pp Additional patches supporting POSIX.1e features are provided by the @@ -82,15 +85,17 @@ development at this time. .Sh ENVIRONMENT POSIX.1e assigns security labels to all objects, extending the security -functionality described in POSIX.1. These additional labels provide +functionality described in POSIX.1. +These additional labels provide fine-grained discretionary access control, fine-grained capabilities, -and labels necessary for mandatory access control. POSIX.2c describes -a set of userland utilities for manipulating these labels. These userland +and labels necessary for mandatory access control. +POSIX.2c describes +a set of userland utilities for manipulating these labels. +These userland utilities are not bundled with .Fx 4.0 so as to discourage their use in the short term. -.Sh FILES .Sh SEE ALSO .Xr acl 3 , .Xr cap 3 , @@ -100,9 +105,11 @@ .Xr extattr 9 , .Xr mac 9 .Sh STANDARDS -POSIX.1e is described in IEEE POSIX.1e draft 17. Discussion -of the draft continues on the cross-platform POSIX.1e implementation -mailing list. To join this list, see the +POSIX.1e is described in IEEE POSIX.1e draft 17. +Discussion of the draft continues +on the cross-platform POSIX.1e implementation +mailing list. +To join this list, see the .Fx POSIX.1e implementation page for more information. ==== //depot/projects/trustedbsd/mac/libexec/ftpd/Makefile#8 (text+ko) ==== @@ -1,5 +1,5 @@ # @(#)Makefile 8.2 (Berkeley) 4/4/94 -# $FreeBSD: src/libexec/ftpd/Makefile,v 1.50 2002/06/28 10:36:14 markm Exp $ +# $FreeBSD: src/libexec/ftpd/Makefile,v 1.51 2002/10/24 00:07:30 rwatson Exp $ PROG= ftpd MAN= ftpd.8 ==== //depot/projects/trustedbsd/mac/sys/modules/Makefile#47 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/modules/Makefile,v 1.273 2002/10/23 15:53:09 jhb Exp $ +# $FreeBSD: src/sys/modules/Makefile,v 1.274 2002/10/23 23:36:26 rwatson Exp $ .if exists(${.CURDIR}/../opencrypto) && !defined(NOCRYPT) _crypto= crypto ==== //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.c#17 (text+ko) ==== ==== //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.h#2 (text+ko) ==== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message