From nobody Mon Oct 02 08:29:22 2023 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RzYyp456Rz4vm9R for ; Mon, 2 Oct 2023 08:29:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RzYyp2BQYz4KP6; Mon, 2 Oct 2023 08:29:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696235362; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=r6GoQmgLpXYZtFeUkOkifsAfVBoBoX+dXnkQdJgl8yw=; b=jrlOEeBMUDcuk5ulTic16ZzlOiZ/8qTDn6fiby4sSp+uJ/5Ptz7yQqnkXANGoTUB6mbmho UWvP3OG8YPrXMX6hcYAlB+7mIUBi6UCUU3S6M+Hnr4a+2fpNd4DI7VOBtoR7qbfbXHYARW YKpthxrmGHin25EOSewSYWN75R4BqSBgO+Hw1nRN58P72gcy326qeiCQhVjRQ8cpWW2erN vCkT+bqfM5wcplnXAQTEGdavHkGIvBWCqbDMoGLfw/C71k1RLtc2HGRGoTzR+uiF+is4Mo +NVoQnIWh3BfeYm8L/qpZ2eWCnT1lDV9L5v35lFMTar9i8RjPMkbGcuuVTmjqQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1696235362; a=rsa-sha256; cv=none; b=mWUC2g0YxSLsjlo7MSvY1zON4XhIfxPeQZsrvUdEzqvt2x3bjlbGaIFFYBkaL2W0BOrPlI xQBlj64hM6IYiVZPd2pfexMrt/avd0LO7S5MRYIMlJbeGfSIN0+XbpUx1YAD3AmCl5jB3D CZDKtlraGa0qe5JJveAN8cJknuxLC5GlCwYIwXeLsnx1yL8vuTAdf/oD4FfDVsFYQNw6// +s0ORpXqd14ko/xBa4rrauNyHsfsSELj9DXkQ8DfbBCdFQIxz9CtFfJACP5i2jCkTxhbXh EDi7I6AglCGVYw8jtmd9d3HE/mtyfZ5ht5w/5DzwIrOON0p1MoXoABbSCYVWpw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696235362; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=r6GoQmgLpXYZtFeUkOkifsAfVBoBoX+dXnkQdJgl8yw=; b=EEOPPIcFQgiGdqgSaPmVZQFtuGoioWiG3HicLSBL3ssf3jGkxI6JJFpbrofkZMEKnn1dVV Wwtx5PSJiKKHCeGtZ3YxAbUb8uYo/kdUrOWcQYgzerzBFEBMs4VWsGOrW3Bq9K15cDgG8Y e7199j/0/yjuWy5ugmE1es4MUv6rSsOC7vWhuM6tlGC4NFA8Agit1A3ZjBYY51OHwig7CW jxhBamyRZqlwfU0hjwxkspnXUExO35gv/tuIY78x5o4EGL4WS5HilM9kZG6F72QQgw4wDL 1StyZg+FVwac3hOy42NPegfSG5rg05UqAzY+5+HXW1Fe9h6JM8D71Y0CmCaGjw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RzYyp0zFKz14Sx; Mon, 2 Oct 2023 08:29:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3928TMvb086337; Mon, 2 Oct 2023 08:29:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3928TMaD086334; Mon, 2 Oct 2023 08:29:22 GMT (envelope-from git) Date: Mon, 2 Oct 2023 08:29:22 GMT Message-Id: <202310020829.3928TMaD086334@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Lorenzo Salvadore Subject: git: 9ac7f30252 - main - Status/2023Q3/login_classes.adoc: Fixes List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-doc-all@freebsd.org X-BeenThere: dev-commits-doc-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: salvadore X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9ac7f30252a17829f9404455abdf3d61e5951b8e Auto-Submitted: auto-generated The branch main has been updated by salvadore: URL: https://cgit.FreeBSD.org/doc/commit/?id=9ac7f30252a17829f9404455abdf3d61e5951b8e commit 9ac7f30252a17829f9404455abdf3d61e5951b8e Author: Graham Perrin AuthorDate: 2023-10-02 08:25:53 +0000 Commit: Lorenzo Salvadore CommitDate: 2023-10-02 08:25:53 +0000 Status/2023Q3/login_classes.adoc: Fixes Pull Request: https://github.com/freebsd/freebsd-doc/pull/266 --- .../content/en/status/report-2023-07-2023-09/login_classes.adoc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/website/content/en/status/report-2023-07-2023-09/login_classes.adoc b/website/content/en/status/report-2023-07-2023-09/login_classes.adoc index d7158bcac7..c68fbbe13c 100644 --- a/website/content/en/status/report-2023-07-2023-09/login_classes.adoc +++ b/website/content/en/status/report-2023-07-2023-09/login_classes.adoc @@ -14,22 +14,22 @@ See man:login.conf[5] for more information. ==== Changes The `priority` and `umask` capabilities now accept the `inherit` special value to explicitly request property inheritance from the login process. -This is useful, e.g., when temporarily logging in as another user from a process with a non-default priority to ensure that processes launched by this user still have the same priority level. +This is useful, e.g., when temporarily logging in as another user from a process with a non-default priority to ensure that processes launched by this user still have the same priority level. Users can now override the global setting for the `priority` capability (in [.filename]#/etc/login.conf#) in their local configuration file ([.filename]#~/.login_conf#). -Note however that they cannot increase their priority if they are not privileged, and that using `inherit` in this context makes no sense since the global setting is always applied first. +Note however that they cannot increase their priority if they are not privileged, and that using `inherit` in this context makes no sense, since the global setting is always applied first. Fixes: - Fix a bug where, when the `priority` capability specifies a realtime priority, the final priority used was off-by-one (and the numerically highest priority in the real time class (31) could never be set). - Security: Prevent a setuid/setgid process from applying directives from some user's [.filename]#~/.login_conf# (directives there that cannot be applied because of a lack of privileges could suddenly become applicable in such a process). -We have also updated the relevant manual pages to reflect the new functionality and improved the description of the `priority` and `umask` capabilities in man:login.conf[5]. +We have also updated the relevant manual pages to reflect the new functionality, and improved the description of the `priority` and `umask` capabilities in man:login.conf[5]. ==== Status Some of the patches in the series have been reviewed thanks to mailto:kib@FreeBSD.org[Konstantin Belousov] and mailto:imp@FreeBSD.org[Warner Losh]. -Other patches are waiting for reviews (and reviewers, volunteers welcome!) which are not expected to be labored ones. +Other patches are waiting for reviews (and reviewers, volunteers welcome!), which are not expected to be labored. We plan to improve consistency by deprecating the priority reset to 0 when no value for the capability `priority` is explicitly specified, which has been the case for `umask` for 15+ years.