git: 9ac7f30252 - main - Status/2023Q3/login_classes.adoc: Fixes
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 02 Oct 2023 08:29:22 UTC
The branch main has been updated by salvadore:
URL: https://cgit.FreeBSD.org/doc/commit/?id=9ac7f30252a17829f9404455abdf3d61e5951b8e
commit 9ac7f30252a17829f9404455abdf3d61e5951b8e
Author: Graham Perrin <grahamperrin@gmail.com>
AuthorDate: 2023-10-02 08:25:53 +0000
Commit: Lorenzo Salvadore <salvadore@FreeBSD.org>
CommitDate: 2023-10-02 08:25:53 +0000
Status/2023Q3/login_classes.adoc: Fixes
Pull Request: https://github.com/freebsd/freebsd-doc/pull/266
---
.../content/en/status/report-2023-07-2023-09/login_classes.adoc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/website/content/en/status/report-2023-07-2023-09/login_classes.adoc b/website/content/en/status/report-2023-07-2023-09/login_classes.adoc
index d7158bcac7..c68fbbe13c 100644
--- a/website/content/en/status/report-2023-07-2023-09/login_classes.adoc
+++ b/website/content/en/status/report-2023-07-2023-09/login_classes.adoc
@@ -14,22 +14,22 @@ See man:login.conf[5] for more information.
==== Changes
The `priority` and `umask` capabilities now accept the `inherit` special value to explicitly request property inheritance from the login process.
-This is useful, e.g., when temporarily logging in as another user from a process with a non-default priority to ensure that processes launched by this user still have the same priority level.
+This is useful, e.g., when temporarily logging in as another user from a process with a non-default priority to ensure that processes launched by this user still have the same priority level.
Users can now override the global setting for the `priority` capability (in [.filename]#/etc/login.conf#) in their local configuration file ([.filename]#~/.login_conf#).
-Note however that they cannot increase their priority if they are not privileged, and that using `inherit` in this context makes no sense since the global setting is always applied first.
+Note however that they cannot increase their priority if they are not privileged, and that using `inherit` in this context makes no sense, since the global setting is always applied first.
Fixes:
- Fix a bug where, when the `priority` capability specifies a realtime priority, the final priority used was off-by-one (and the numerically highest priority in the real time class (31) could never be set).
- Security: Prevent a setuid/setgid process from applying directives from some user's [.filename]#~/.login_conf# (directives there that cannot be applied because of a lack of privileges could suddenly become applicable in such a process).
-We have also updated the relevant manual pages to reflect the new functionality and improved the description of the `priority` and `umask` capabilities in man:login.conf[5].
+We have also updated the relevant manual pages to reflect the new functionality, and improved the description of the `priority` and `umask` capabilities in man:login.conf[5].
==== Status
Some of the patches in the series have been reviewed thanks to mailto:kib@FreeBSD.org[Konstantin Belousov] and mailto:imp@FreeBSD.org[Warner Losh].
-Other patches are waiting for reviews (and reviewers, volunteers welcome!) which are not expected to be labored ones.
+Other patches are waiting for reviews (and reviewers, volunteers welcome!), which are not expected to be labored.
We plan to improve consistency by deprecating the priority reset to 0 when no value for the capability `priority` is explicitly specified, which has been the case for `umask` for 15+ years.