|
Revision tags: release/14.0.0 |
|
| #
d0b2dbfa |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0, release/12.3.0, release/13.0.0, release/12.2.0, release/11.4.0, release/12.1.0, release/11.3.0 |
|
| #
04e9edb5 |
| 05-Jan-2019 |
Mark Johnston <markj@FreeBSD.org> |
Capsicumize rtsol(8) and rtsold(8).
These programs parse ND6 Router Advertisement messages; rtsold(8) has
required an SA, SA-14:20.rtsold, for a bug in this code. Thus, they
are good candidates for
Capsicumize rtsol(8) and rtsold(8).
These programs parse ND6 Router Advertisement messages; rtsold(8) has
required an SA, SA-14:20.rtsold, for a bug in this code. Thus, they
are good candidates for sandboxing.
The approach taken is to run the main executable in capability mode
and use Casper services to provide functionality that cannot be
implemented within the sandbox. In particular, several custom services
were required.
- A Casper service is used to send Router Solicitation messages on a
raw ICMP6 socket. Initially I took the approach of creating a
socket for each interface upon startup, and connect(2)ing it to
the all-routers multicast group for the interface. This permits
the use of sendmsg(2) in capability mode, but only works if the
interface's link is up when rtsol(d) starts. So, instead, the
rtsold.sendmsg service is used to transmit RS messages on behalf
of the main process. One could alternately define a service
which simply creates and connects a socket for each destination
address, and returns the socket to the sandboxed process. However,
to implement rtsold's -m option we also need to read the ND6 default
router list, and this cannot be done in capability mode.
- rtsold may execute resolvconf(8) in response to RDNSS and DNSSL
options in received RA messages. A Casper service is used to
fork and exec resolvconf(8), and to reap the child process.
- A service is used to determine whether a given interface's
link-local address is useable (i.e., not duplicated or undergoing
DAD). This information is supplied by getifaddrs(3), which reads
a sysctl not available in capability mode. The SIOCGIFCONF socket
ioctl provides equivalent information and can be used in capability
mode, but I decided against it for now because of some limitations
of that interface.
In addition to these new services, cap_syslog(3) is used to send
messages to syslogd.
Reviewed by: oshogbo
Tested by: bz (previous versions)
MFC after: 2 months
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D17572
show more ...
|
|
Revision tags: release/12.0.0, release/11.2.0, release/10.4.0, release/11.1.0, release/11.0.1, release/11.0.0, release/10.3.0 |
|
| #
11d38a57 |
| 28-Oct-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
Sponsored by: Gandi.net
|
| #
becbad1f |
| 13-Oct-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
|
| #
a997b777 |
| 13-Oct-2015 |
Navdeep Parhar <np@FreeBSD.org> |
Sync up with head up to r289211.
|
| #
9be27fdc |
| 10-Oct-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
|
| #
56160b2e |
| 07-Oct-2015 |
Xin LI <delphij@FreeBSD.org> |
Now that we own the code, use arc4random(3) unconditionally
and remove the corresponding HAVE_ARC4RANDOM conditions.
MFC after: 2 weeks
|
| #
0f405ee7 |
| 28-Sep-2015 |
Navdeep Parhar <np@FreeBSD.org> |
Sync up with head (up to r288341).
|
| #
f94594b3 |
| 12-Sep-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Finish merging from head, messed up in previous attempt
|
| #
0e1e5c22 |
| 11-Sep-2015 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r287527 through r287679.
|
| #
f74237f5 |
| 10-Sep-2015 |
Hiroki Sato <hrs@FreeBSD.org> |
- Remove #ifdef HAVE_POLL_H.
- Use nitems().
MFC after: 3 days
|
|
Revision tags: release/10.2.0 |
|
| #
416ba5c7 |
| 22-Jun-2015 |
Navdeep Parhar <np@FreeBSD.org> |
Catch up with HEAD (r280229-r284686).
|
| #
98e0ffae |
| 27-May-2015 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge sync of head
|
| #
7757a1b4 |
| 03-May-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
|
| #
7263c8c0 |
| 22-Apr-2015 |
Glen Barber <gjb@FreeBSD.org> |
MFH: r280643-r281852
Sponsored by: The FreeBSD Foundation
|
| #
933095de |
| 09-Apr-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
rtsold does not need to link to libkvm
|
| #
d899be7d |
| 19-Jan-2015 |
Glen Barber <gjb@FreeBSD.org> |
Reintegrate head: r274132-r277384
Sponsored by: The FreeBSD Foundation
|
| #
8f0ea33f |
| 13-Jan-2015 |
Glen Barber <gjb@FreeBSD.org> |
Reintegrate head revisions r273096-r277147
Sponsored by: The FreeBSD Foundation
|
| #
840e7092 |
| 29-Nov-2014 |
Enji Cooper <ngie@FreeBSD.org> |
MFHead @ r275232
|
| #
2c97f721 |
| 25-Nov-2014 |
Dimitry Andric <dim@FreeBSD.org> |
r274961 through r275075
|
| #
c6db8143 |
| 25-Nov-2014 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Convert usr.sbin to LIBADD
Reduce overlinking
|
|
Revision tags: release/10.1.0, release/9.3.0, release/10.0.0, release/9.2.0, release/8.4.0, release/9.1.0, release/8.3.0_cvs, release/8.3.0, release/9.0.0 |
|
| #
5e9857e7 |
| 07-Jun-2011 |
Attilio Rao <attilio@FreeBSD.org> |
MFC
|
| #
1d90532a |
| 07-Jun-2011 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Lower WARNS level to 3 to eliminate alignment warnings related to
casting inherent in CMSG_DATA().
|
| #
81c02539 |
| 06-Jun-2011 |
Attilio Rao <attilio@FreeBSD.org> |
MFC
|
| #
48a16a34 |
| 06-Jun-2011 |
Ed Schouten <ed@FreeBSD.org> |
Remove redundant assignments to WARNS.
For these directories, WARNS is already implied to be 6.
|