Date: Wed, 20 Jul 2005 16:25:23 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 80607 for review Message-ID: <200507201625.j6KGPNiQ083447@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=80607 Change 80607 by rwatson@rwatson_paprika on 2005/07/20 16:25:20 Add brief descriptions of a number of library calls and command line utilities. Affected files ... .. //depot/projects/trustedbsd/sedarwin7/docs/apiabi.txt#2 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/docs/apiabi.txt#2 (text+ko) ==== @@ -155,47 +155,168 @@ New System Library Interfaces - libextattr int extattr_namespace_to_string(); + +Convert an extended attribute name space identifier to a text string. + int extattr_string_to_namespace(); + +Convert an extended attribute name space string to a number identifier. + int extattrctl(); + +Manage extended attributes on a file system. + int extattr_delete_fd(); + +Delete an extended attribute on a file by file descriptor. + int extattr_delete_file(); + +Delete an extended attribute on a file by path. + int extattr_delete_link(); + +Delete an extended attribute on a file by path; do not follow symbolic links. + ssize_t extattr_get_fd(); + +Retrieve an extended attribute on a file by file descriptor. + ssize_t extattr_get_file(); + +Retrieve an extended attribute on a file by path. + ssize_t extattr_get_link(); + +Retrieve an extended attribute on a file by path; do not follow symbolic +links. + int extattr_set_fd(); + +Set an extended attribute on a file by file descriptor. + int extattr_set_file(); + +Set an extended attribute on a file by path. + int extattr_set_link(); + +Set an extended attribute on a file by path; do not follow symbolic links. + ssize_t extattr_list_file(); + +List extended attributes on a file by path. + ssize_t extattr_list_link(); + +List extended attributes on a file by path; do not follow symbolic links. + ssize_t extattr_list_fd(); +List extended attributes on a file by file descriptor. + New System Library Interfaces - libmac int mac_reload() + +Cause the user space MAC Framework to reload its label configuration from +mac.conf. + int mac_free() + +Free a user space MAC label. + int mac_from_text() + +Convert a text representation label to a user space MAC label. + int mac_to_text() + +Convert a user space MAC label to a text representation. + int mac_prepare() + +Prepare storage for a user space MAC label. + int mac_prepare_type() + +Prepare storage for a user space MAC label intended for use with a particular +object type. + int mac_prepare_ifnet_label() + +Deprecated: prepare storage for a user space MAC label intended for use with +network interface. + int mac_prepare_file_label() + +Deprecated: prepare storage for a user space MAC label intended for use with +a file. + int mac_prepare_packet_label() + +Deprecated: prepare storage for a user space MAC label intended for use with +a network packet. + int mac_prepare_process_label() + +Deprecated: prepare storage for a user space MAC label intenedd for use with +a process. + int mac_is_present() + +Check with MAC support is loaded, and if so, whether a specified policy is +present. + int mac_syscall() + +Multiplexor MAC policy system call. + int mac_execve() + +Execute a file and request a specific MAC label transition as part of +execution. + int mac_get_fd() + +Retrieve the MAC label on a file by file descriptor. + int mac_get_file() + +Retrieve the MAC label on a file by file path. + int mac_get_link() + +Retrieve the MAC label on a file by file path; do not follow symbolic links. + int mac_get_pid() + +Retrieve the MAC label on the current process. + int mac_get_proc() + +Retrieve the MAC label on another process. + int mac_get_peer() + +Retrieve the MAC label of the remote endpoint of a communications socket. + int mac_set_fd() + +Set the MAC label on a file by file descriptor. + int mac_set_file() + +Set the MAC label on a file by file path. + int mac_set_link() + +Set the MAC label on a file by file path; do not follow symbolic links. + int mac_set_proc() +Set the MAC label on the current process. + New System Library Interfaces - SEDarwin XXX @@ -203,18 +324,44 @@ New Command Line Utilities - extattr_cmds getextattr(8) + +Retrieve extended attributes on a file. + lsextattr(8) + +List extended attributes on a file. + rmextattr(8) + +Remove extended attributes from a file. + setextattr(8) +Set extended attributes on a file. + New Command Line Utilities - mac_cmds getfmac(8) + +Retrieve the MAC label of a file. + getpmac(8) + +Retrieve the MAC label of the current process. + mexec(8) + +Run a program and transition to the requested MAC label. + setfsmac(8) + +Set the MAC label of a file, optionally with using a label specification +database. + setpmac(8) +Set the MAC label of the current process, then execute a command. + New Command Line Utilities - SEDarwin checkpolicy(8) @@ -230,8 +377,13 @@ Modifications to Existing Command Line Utilities ls(1) + +File list utility; modified to query MAC labels when -Z is used. + ps(1) +Process list utility; modified to query MAC labels when -Z is used. + MAC Framework Policy Entry Points XXX
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507201625.j6KGPNiQ083447>