svn commit: r296047 - in head: . contrib/mdocml contrib/tcpdump etc/defaults etc/mtree etc/rc.d gnu/usr.bin/groff/tmac lib lib/libc/posix1e lib/libcapsicum lib/libcasper lib/libcasper/libcasper lib...
Shawn Webb
shawn.webb at hardenedbsd.org
Fri Feb 26 15:55:10 UTC 2016
On Thu, Feb 25, 2016 at 06:23:40PM +0000, Mariusz Zaborski wrote:
> Author: oshogbo
> Date: Thu Feb 25 18:23:40 2016
> New Revision: 296047
> URL: https://svnweb.freebsd.org/changeset/base/296047
>
> Log:
> Convert casperd(8) daemon to the libcasper.
> After calling the cap_init(3) function Casper will fork from it's original
> process, using pdfork(2). Forking from a process has a lot of advantages:
> 1. We have the same cwd as the original process.
> 2. The same uid, gid and groups.
> 3. The same MAC labels.
> 4. The same descriptor table.
> 5. The same routing table.
> 6. The same umask.
> 7. The same cpuset(1).
> From now services are also in form of libraries.
> We also removed libcapsicum at all and converts existing program using Casper
> to new architecture.
>
> Discussed with: pjd, jonathan, ed, drysdale at google.com, emaste
> Partially reviewed by: drysdale at google.com, bdrewery
> Approved by: pjd (mentor)
> Differential Revision: https://reviews.freebsd.org/D4277
This commit breaks `cd /usr/src/release; make real-release`.
Log of failed build here:
http://jenkins.hardenedbsd.org:8180/jenkins/job/HardenedBSD-CURRENT-amd64/lastFailedBuild/console
Reverting this commit makes everything happy again.
Thanks,
--
Shawn Webb
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20160226/46aaffbf/attachment.sig>
More information about the svn-src-head
mailing list