mac_partition and /sbin/init
Tom Rhodes
trhodes at FreeBSD.org
Thu Sep 25 17:02:50 GMT 2003
On Thu, 25 Sep 2003 12:23:13 -0400 (EDT)
Robert Watson <rwatson at FreeBSD.org> wrote:
>
> On Wed, 24 Sep 2003, Tom Rhodes wrote:
>
> > On Wed, 24 Sep 2003 20:41:24 -0400 (EDT)
> > Robert Watson <rwatson at FreeBSD.org> wrote:
> >
> > [SNIP]
> > > More traffic on trustedbsd-discuss
> > > would be welcome, of course, also :-).
> >
> > Ok, I have a thing or two we can discuss.
> >
> > From what I read, POSIX defines the following in sysconf(3):
> >
> > _SC_ACL for access control lists
> > _SC_INF for information labels
> > and
> > _SC_MAC for mandatory access control. Is enough support for these
> > available in FreeBSD at this time to warrant documenting these
> > values?
>
> I don't see specific references to those in POSIX.1eD17, but if you point
> me at the references I'd be happy to give my opinion :-). My guess is
> that _SC_ACL would be appropriate as our ACL implementation is pretty
> complete. _SC_INF isn't appropriate since we don't currently have an
> information label implementation. _SC_MAC might be appropriate, in that
> we do have a MAC implementation, but we don't follow the POSIX.1e API
> closely since it was inadequate to describe the semantics we required.
This is my own ignorance, and proves that I should investigate further
before taking the 'shout shout let it all out' approach.
This isn't really a POSIX requirement (according to functions/sysconf
in the susv3 spec. It seems to be more 'developer/manual author'
specific. IRIX documents them, lists them as POSIX, although
i'm not sure about Solaris as I don't have access to my sparc
right now. But in unistd.h we have:
#if __BSD_VISIBLE
#define _PC_ACL_EXTENDED 59
#define _PC_ACL_PATH_MAX 60
#define _PC_CAP_PRESENT 61
#define _PC_INF_PRESENT 62
#define _PC_MAC_PRESENT 63
#endif
So we are under no obligation to document them, and i'm off the
subject now.
--
Tom Rhodes
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list