src - FreeBSD source tree

	Commit message (Collapse)	Author	Age	Files	Lines
*	tools/regression/priv: Don't call setgroups() with the effective GID	Olivier Certner	2025-09-17	1	-4/+2
\| \| \| \| \| \| \| \| \| \| \|	The 'setgroups(0, NULL);' stance works the same on all versions of FreeBSD, getting rid of all supplementary groups. The replaced code would force the effective GID to also be a supplementary group. Fixes: 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms") MFC after: 5 days Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D52289
*	Remove $FreeBSD$: one-line sh pattern	Warner Losh	2023-08-16	1	-1/+0
\| \| \| \|	Remove /^\s#[#!]?\s\$FreeBSD\$.*$\n/
*	Remove $FreeBSD$: two-line .h pattern	Warner Losh	2023-08-16	40	-80/+0
\| \| \| \|	Remove /^\s\\n \*\s+\$FreeBSD\$$\n/
*	Fix LDADD/DPADD that should be LIBADD.	Bryan Drewery	2015-12-04	1	-2/+1
\| \| \| \| \| \| \|	Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=291738
*	Use src.opts.mk in preference to bsd.own.mk except where we need stuff	Warner Losh	2014-05-06	1	-1/+1
\| \| \| \| \| \| \|	from the latter. Notes: svn path=/head/; revision=265420
*	errx prepends the program name to the message; don't do it by hand.	Julio Merino	2014-03-19	1	-1/+1
\| \| \| \|	Notes: svn path=/head/; revision=263353
*	Make the priv test program exit with non-zero if any failures are detected.	Julio Merino	2014-03-19	1	-8/+33
\| \| \| \| \| \| \|	And, mind you, this already returns a failure :-/ Notes: svn path=/head/; revision=263352
*	Use MAN= instead of NO_MAN=	Kevin Lo	2013-07-16	1	-1/+1
\| \| \| \| \| \| \| \|	For some reason it still tries to install a priv.1 when using NO_MAN, even though there isn't one yet. Notes: svn path=/head/; revision=253385
*	Spelling fixes for tools/	Ulrich Spörlein	2011-12-30	1	-1/+1
\| \| \| \| \| \| \|	Add some $FreeBSD$ tags so svn will allow the commit. Notes: svn path=/head/; revision=228975
*	Always assign WARNS using ?=	Ulrich Spörlein	2010-03-02	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	- fix some nearby style bugs - include Makefile.inc where it makes sense and reduces duplication Approved by: ed (co-mentor) Notes: svn path=/head/; revision=204585
*	Start respecting WITHOUT_INET6.	Bjoern A. Zeeb	2009-08-13	4	-7/+40
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Make regression/priv compile again after the multi-IP jail changes. Note that we are still using the legacy jail(2) rather than the jail_set(2)/jail(3) syscall. Add an IPv4, and an IPv6 loopback address in case we compile with INET6 enabled. Make the priv_vfs_extattr_system compile on amd64 as well using the proper length modifier to printf(3) for ssize_t. Reviewed by: rwatson Approved by: re (kib) Notes: svn path=/head/; revision=196172
*	Remove empty setup and cleanup functions for the pfkey test.	Bjoern A. Zeeb	2007-11-16	4	-6/+268
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add regression tests for privileged and supposedly unprivileged IP_IPSEC_POLICY,IPV6_IPSEC_POLICY setsockopt cases. We may need to review the current 'good' results to make sure they reflect what we really want. Discussed with: rwatson Reviewed by: rwatson Notes: svn path=/head/; revision=173679
*	In sys/netipsec/keysock.c rev. 1.19 a missing priv check was added.	Bjoern A. Zeeb	2007-11-13	4	-0/+93
\| \| \| \| \| \| \| \| \| \|	Before that non-su users were able to open pfkey sockets as well. Add a regression test so we can detect such problems in an automated way in the future. Notes: svn path=/head/; revision=173578
*	Enhance and expand kernel privilege regression tests in support of	Robert Watson	2007-09-09	42	-2194/+3832
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	work present in FreeBSD 7.0 to refine the kernel privilege model: - Introduce support for jail as a testing variable, in order to confirm that privileges are properly restricted in the jail environment. - Restructure overall testing approach so that privilege and jail conditions are set in the testing infrastructure before tests are invoked, and done so in a custom-created process to isolate the impact of tests from each other in a more consistent way. - Tests now provide setup and cleanup hooks that occur before and after the test runs. - New privilege tests are now present for several audit privileges, several credential management privileges, dmesg buffer reading privilege, and netinet raw socket creation. - Other existing tests are restructured and generally improved as a result of better framework structure and jail as a variable. For exampe, we now test that certain sysctls are writable only outside jail, while others are writable within jail. On a similar note, privileges relating to setting UFS file flags are now better exercised, as with the right to chmod and utimes files. Approved by: re (bmah) Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=172106
*	dd a series of regression tests to validate that privilege requirements are	Robert Watson	2006-09-13	32	-0/+4026
	implemented properly for a number of kernel subsystems. In general, they try to exercise the privilege first as the root user, then as a test user, in order to determine when privilege is being checked. Currently, these tests do not compare inside/outside jail, and probably should be enhanced to do that. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=162271