|
Revision tags: release/14.0.0 |
|
| #
9d6049d5 |
| 22-Aug-2023 |
Mike Karels <karels@FreeBSD.org> |
etc: remove leftover leading empty comments, blank lines
Remove leftover empty leading comments/blank lines that had been
spacers between $FreeBSD$ and the following content in config files
in src/e
etc: remove leftover leading empty comments, blank lines
Remove leftover empty leading comments/blank lines that had been
spacers between $FreeBSD$ and the following content in config files
in src/etc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D41548
show more ...
|
| #
d0b2dbfa |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0 |
|
| #
d0f1f382 |
| 18-Feb-2022 |
Ed Maste <emaste@FreeBSD.org> |
Reserve u2f group for FIDO/U2F key support (SSH, etc.)
We have FIDO/U2F support in the base system now, so reserve a group ID
for it (maching the security/u2f-devd port).
Sponsored by: The FreeBSD
Reserve u2f group for FIDO/U2F key support (SSH, etc.)
We have FIDO/U2F support in the base system now, so reserve a group ID
for it (maching the security/u2f-devd port).
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34341
show more ...
|
| #
a9545eed |
| 10-Dec-2021 |
Florian Walpen <dev@submerge.ch> |
Add idle priority scheduling privilege group to MAC/priority
Add an idletime user group that allows non-root users to run processes
with idle scheduling priority. Privileges are granted by a MAC pol
Add idle priority scheduling privilege group to MAC/priority
Add an idletime user group that allows non-root users to run processes
with idle scheduling priority. Privileges are granted by a MAC policy in
the mac_priority module. For this purpose, the kernel privilege
PRIV_SCHED_IDPRIO was added to sys/priv.h (kernel module ABI change).
Deprecate the system wide sysctl(8) knob
security.bsd.unprivileged_idprio which lets any user run idle priority
processes, regardless of context. While the knob is still working, it is
marked as deprecated in the description and in the man pages.
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D33338
show more ...
|
| #
bf2fa8d9 |
| 04-Dec-2021 |
Florian Walpen <dev@submerge.ch> |
MAC/priority module for realtime privilege group
This is a MAC policy module that grants scheduling privileges based on
group membership. Users or processes in the group realtime (gid 47) are
allow
MAC/priority module for realtime privilege group
This is a MAC policy module that grants scheduling privileges based on
group membership. Users or processes in the group realtime (gid 47) are
allowed to run threads and processes with realtime scheduling priority.
For timing-sensitive, low-latency software like audio/jack, running with
realtime priority helps to avoid stutter and gaps.
PR: 239125
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D33191
show more ...
|
|
Revision tags: release/12.3.0, release/13.0.0, release/12.2.0, release/11.4.0 |
|
| #
cfe7aad9 |
| 27-Mar-2020 |
Brooks Davis <brooks@FreeBSD.org> |
Create and use a tests group for the tests user.
No user (except nobody) should be a member of the nobody group.
Reported by: rgrimes
Reviewed by: rgrimes
MFC after: 3 days
Sponsored by: DARPA
Diff
Create and use a tests group for the tests user.
No user (except nobody) should be a member of the nobody group.
Reported by: rgrimes
Reviewed by: rgrimes
MFC after: 3 days
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D24199
show more ...
|
|
Revision tags: release/12.1.0, release/11.3.0 |
|
| #
45a13fd8 |
| 23-May-2019 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Move back group, master.passwd and shells to etc directory
Use the .PATH mechanism instead so keep installing them from lib/libc/gen
While here revert 347961 and 347893 which are no longer needed
Move back group, master.passwd and shells to etc directory
Use the .PATH mechanism instead so keep installing them from lib/libc/gen
While here revert 347961 and 347893 which are no longer needed
Discussed with: manu
Tested by: manu
ok manu@
show more ...
|
|
Revision tags: release/12.0.0 |
|
| #
3496c981 |
| 20-Jul-2018 |
Ian Lepore <ian@FreeBSD.org> |
Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting
Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.
This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.
Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.
Differential Revision: https://reviews.freebsd.org/D16281
show more ...
|
|
Revision tags: release/11.2.0, release/10.4.0, release/11.1.0, release/11.0.1, release/11.0.0, release/10.3.0 |
|
| #
2414e864 |
| 03-Feb-2016 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
MfH @r295202
Expect to see panics in routing code at least now.
|
| #
752d0060 |
| 27-Jan-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r294777 through r294960.
|
| #
0e186c0a |
| 27-Jan-2016 |
Glen Barber <gjb@FreeBSD.org> |
MFH
Sponsored by: The FreeBSD Foundation
|
| #
1cf38d9e |
| 27-Jan-2016 |
Marcelo Araujo <araujo@FreeBSD.org> |
Fix regression introduced on r293801.
The UID/GID 93 is in using by jaber on PORTS, we will use
UID/GID 160 for ypldap(8).
Reported by: antoine
Approved by: bapt (mentor)
Differential Revision: http
Fix regression introduced on r293801.
The UID/GID 93 is in using by jaber on PORTS, we will use
UID/GID 160 for ypldap(8).
Reported by: antoine
Approved by: bapt (mentor)
Differential Revision: https://reviews.freebsd.org/D5062
show more ...
|
| #
11d38a57 |
| 28-Oct-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
Sponsored by: Gandi.net
|
| #
f94594b3 |
| 12-Sep-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Finish merging from head, messed up in previous attempt
|
| #
23a32822 |
| 25-Aug-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from HEAD
|
| #
ab875b71 |
| 14-Aug-2015 |
Navdeep Parhar <np@FreeBSD.org> |
Catch up with head, primarily for the 1.14.4.0 firmware.
|
| #
f98ee844 |
| 12-Aug-2015 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r286422 through r286684.
|
|
Revision tags: release/10.2.0 |
|
| #
34c7eb57 |
| 09-Aug-2015 |
Koop Mast <kwm@FreeBSD.org> |
Add a new group named 'video' with the id of 44. And make drm create
devices in /dev/dri/ with this new group.
This will allow ports and users to more easily access to these devices
for OpenGL and O
Add a new group named 'video' with the id of 44. And make drm create
devices in /dev/dri/ with this new group.
This will allow ports and users to more easily access to these devices
for OpenGL and OpenCL support.
Reviewed by: dumbbell@
Approved by: dumbbell@
Differential Revision: https://reviews.freebsd.org/D1260
show more ...
|
|
Revision tags: release/10.1.0, release/9.3.0 |
|
| #
3b8f0845 |
| 28-Apr-2014 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge head
|
| #
84e51a1b |
| 23-Apr-2014 |
Alan Somers <asomers@FreeBSD.org> |
IFC @264767
|
| #
485ac45a |
| 04-Feb-2014 |
Peter Grehan <grehan@FreeBSD.org> |
MFC @ r259205 in preparation for some SVM updates. (for real this time)
|
|
Revision tags: release/10.0.0 |
|
| #
0bfd163f |
| 18-Oct-2013 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Merge head r233826 through r256722.
|
| #
3caf0790 |
| 13-Oct-2013 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge head@256284
|
| #
0e325afd |
| 12-Oct-2013 |
Mark Murray <markm@FreeBSD.org> |
MFC - tracking commit
|
| #
ec0e2ac6 |
| 12-Oct-2013 |
Rui Paulo <rpaulo@FreeBSD.org> |
Remove most of the ATF tools and the _atf user.
This is necessary because ATF is deprecated and it will be replaced by Kyua.
Submitted by: jmmv@netbsd.org
Reviewed by: Garrett Cooper
Approved by: re
|