| #
2b3f93ea |
| 13-Oct-2023 |
Matthew Dillon <dillon@apollo.backplane.com> |
kernel - Add per-process capability-based restrictions
* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restricti
kernel - Add per-process capability-based restrictions
* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restrictions
are inherited by sub-processes recursively. Once set, restrictions cannot
be removed.
Basic restrictions that mimic an unadorned jail can be enabled without
creating a jail, but generally speaking real security also requires
creating a chrooted filesystem topology, and a jail is still needed
to really segregate processes from each other. If you do so, however,
you can (for example) disable mount/umount and most global root-only
features.
* Add new system calls and a manual page for syscap_get(2) and syscap_set(2)
* Add sys/caps.h
* Add the "setcaps" userland utility and manual page.
* Remove priv.9 and the priv_check infrastructure, replacing it with
a newly designed caps infrastructure.
* The intention is to add path restriction lists and similar features to
improve jailess security in the near future, and to optimize the
priv_check code.
show more ...
|
|
Revision tags: v6.4.0, v6.4.0rc1, v6.5.0, v6.2.2, v6.2.1, v6.3.0, v6.0.1, v6.0.0, v6.0.0rc1, v6.1.0 |
|
| #
6b921297 |
| 01-Jan-2021 |
Aaron LI <aly@aaronly.me> |
Remove obsolete dev_mkdb(8)
The devname(3) has long been updated to determine the device name via
the 'kern.devname' sysctl provided by devfs(5). The dev.db created by
dev_mkdb(8) is thus unused an
Remove obsolete dev_mkdb(8)
The devname(3) has long been updated to determine the device name via
the 'kern.devname' sysctl provided by devfs(5). The dev.db created by
dev_mkdb(8) is thus unused and obsolete. So remove dev_mkdb(8) as well
and update relevant parts.
show more ...
|
|
Revision tags: v5.8.3, v5.8.2, v5.8.1, v5.8.0, v5.9.0, v5.8.0rc1, v5.6.3, v5.6.2, v5.6.1, v5.6.0, v5.6.0rc1, v5.7.0, v5.4.3, v5.4.2, v5.4.1, v5.4.0, v5.5.0, v5.4.0rc1, v5.2.2, v5.2.1, v5.2.0, v5.3.0, v5.2.0rc |
|
| #
d84a3b8d |
| 13-Mar-2018 |
Sascha Wildner <saw@online.de> |
ps.1: Update FILES section a bit.
|
|
Revision tags: v5.0.2, v5.0.1, v5.0.0, v5.0.0rc2, v5.1.0, v5.0.0rc1, v4.8.1, v4.8.0, v4.6.2, v4.9.0, v4.8.0rc, v4.6.1 |
|
| #
779c5f44 |
| 31-Aug-2016 |
Matthew Dillon <dillon@apollo.backplane.com> |
ps - Adjust STATUS formatting
* Remove the leading space for (%s) command display. The leading space
was causing indented output via -R to be incorrectly indented.
* Remove the 'L' STATUS flag,
ps - Adjust STATUS formatting
* Remove the leading space for (%s) command display. The leading space
was causing indented output via -R to be incorrectly indented.
* Remove the 'L' STATUS flag, it hasn't been meaningful for a long time.
The status is more likely to fit in its 6-char slot, which we need now
that many systems have >= 10 cpus.
show more ...
|
| #
4e30bdab |
| 23-Aug-2016 |
Sascha Wildner <saw@online.de> |
Add/fix some HISTORY sections in bin/ manual pages.
Submitted-by: Sevan Janiyan
Dragonfly-bugs: 2937-2945
|
|
Revision tags: v4.6.0, v4.6.0rc2, v4.6.0rc, v4.7.0 |
|
| #
0c880be6 |
| 16-Jun-2016 |
Sascha Wildner <saw@online.de> |
ps(1): Add -A option, as specified by POSIX.
Still missing: -d, -G and -n.
|
|
Revision tags: v4.4.3 |
|
| #
c5625a2e |
| 13-Mar-2016 |
Peeter Must <karu.pruun@gmail.com> |
Include alias "args" in /bin/ps.
* Include alias "args" required by SUSv3.
* Improve argument handling of aliases: allows specification
of different heading as in "ps -o args=MOM".
This will ma
Include alias "args" in /bin/ps.
* Include alias "args" required by SUSv3.
* Improve argument handling of aliases: allows specification
of different heading as in "ps -o args=MOM".
This will make some ports happier.
Changes obtained from OpenBSD.
show more ...
|
|
Revision tags: v4.4.2, v4.4.1, v4.4.0, v4.5.0, v4.4.0rc, v4.2.4, v4.3.1, v4.2.3, v4.2.1, v4.2.0, v4.0.6, v4.3.0, v4.2.0rc, v4.0.5, v4.0.4, v4.0.3, v4.0.2, v4.0.1, v4.0.0, v4.0.0rc3, v4.0.0rc2, v4.0.0rc, v4.1.0, v3.8.2, v3.8.1, v3.6.3, v3.8.0, v3.8.0rc2, v3.9.0, v3.8.0rc, v3.6.2, v3.6.1 |
|
| #
5d556fd4 |
| 13-Jan-2014 |
Sascha Wildner <saw@online.de> |
ps.1: Remove info about the no longer existing 'M' process state.
|
|
Revision tags: v3.6.0 |
|
| #
2c8ebde5 |
| 08-Nov-2013 |
Matthew Dillon <dillon@apollo.backplane.com> |
ps - Remove display of the 'M'P state
* Remove display of the 'M' flag, which used to mean that the process was
running MPSAFE w/regards to the kernel's mp_lock. Well, pretty much
all processes
ps - Remove display of the 'M'P state
* Remove display of the 'M' flag, which used to mean that the process was
running MPSAFE w/regards to the kernel's mp_lock. Well, pretty much
all processes are MPSAFE now, so the flag just clutters the output.
show more ...
|
|
Revision tags: v3.7.1, v3.6.0rc |
|
| #
d1dda676 |
| 16-Oct-2013 |
Matthew Dillon <dillon@apollo.backplane.com> |
ps - Allow a pid specification in combination with -R
* e.g. 'ps R23434' will output the specified process plus also output
all children (recursively) of that process.
|
|
Revision tags: v3.4.3 |
|
| #
dc71b7ab |
| 31-May-2013 |
Justin C. Sherrill <justin@shiningsilence.com> |
Correct BSD License clause numbering from 1-2-4 to 1-2-3.
Apparently everyone's doing it:
http://svnweb.freebsd.org/base?view=revision&revision=251069
Submitted-by: "Eitan Adler" <lists at eitanadl
Correct BSD License clause numbering from 1-2-4 to 1-2-3.
Apparently everyone's doing it:
http://svnweb.freebsd.org/base?view=revision&revision=251069
Submitted-by: "Eitan Adler" <lists at eitanadler.com>
show more ...
|
|
Revision tags: v3.4.2 |
|
| #
3170ffd7 |
| 06-May-2013 |
Justin C. Sherrill <justin@shiningsilence.com> |
Remove advertising header from man pages.
By: Eitan Adler <lists@eitanadler.com>
|
|
Revision tags: v3.4.1, v3.4.0, v3.4.0rc, v3.5.0, v3.2.2 |
|
| #
77153909 |
| 26-Oct-2012 |
Matthew Dillon <dillon@apollo.backplane.com> |
Merge branch 'master' of ssh://crater.dragonflybsd.org/repository/git/dragonfly
|
| #
f5fa7250 |
| 26-Oct-2012 |
Sascha Wildner <saw@online.de> |
ps.1: Adjust info regarding SMP systems.
|
|
Revision tags: v3.2.1, v3.2.0, v3.3.0, v3.0.3, v3.0.2, v3.0.1, v3.1.0, v3.0.0 |
|
| #
86d7f5d3 |
| 26-Nov-2011 |
John Marino <draco@marino.st> |
Initial import of binutils 2.22 on the new vendor branch
Future versions of binutils will also reside on this branch rather
than continuing to create new binutils branches for each new version.
|
|
Revision tags: v2.12.0, v2.13.0, v2.10.1, v2.11.0, v2.10.0, v2.9.1, v2.8.2, v2.8.1, v2.8.0, v2.9.0, v2.6.3, v2.7.3, v2.6.2, v2.7.2, v2.7.1, v2.6.1, v2.7.0, v2.6.0, v2.5.1, v2.4.1, v2.5.0, v2.4.0, v2.3.2, v2.3.1, v2.2.1, v2.2.0, v2.3.0, v2.1.1, v2.0.1 |
|
| #
8e1c6f81 |
| 02-Sep-2008 |
Matthias Schmidt <matthias@dragonflybsd.org> |
Rename /kernel and /module to /boot/kernel and /boot/module where appropriate.
|
| #
c49ea21f |
| 04-Jan-2008 |
Matthias Schmidt <matthias@dragonflybsd.org> |
Renamed kern.ps_showallprocs to security.ps_showallprocs
|
| #
2b0645c3 |
| 14-Aug-2007 |
Matthew Dillon <dillon@dragonflybsd.org> |
Add '-H', 'nlwp', and 'tid' options to ps(1) to display some LWP data (inspired
from FreeBSD options). Clean up the kernel's initialization of the kl_tid
field.
Submitted-by: "Nicolas Thery" <nther
Add '-H', 'nlwp', and 'tid' options to ps(1) to display some LWP data (inspired
from FreeBSD options). Clean up the kernel's initialization of the kl_tid
field.
Submitted-by: "Nicolas Thery" <nthery@gmail.com>
show more ...
|
| #
fac25122 |
| 25-May-2007 |
Matthew Dillon <dillon@dragonflybsd.org> |
Update documentation.
Nudged in the back by: Sascha Wildner <saw@online.de>, Ouch!
|
| #
92a93b69 |
| 23-Mar-2007 |
Sascha Wildner <swildner@dragonflybsd.org> |
The R state is followed by the CPU number.
|
| #
0e1ac0a4 |
| 25-Feb-2007 |
Sascha Wildner <swildner@dragonflybsd.org> |
Fix comments.
|
| #
9a379a4a |
| 18-Feb-2007 |
Simon Schubert <corecode@dragonflybsd.org> |
1:1 Userland threading stage 2.13/4:
Move P_SINTR and P_BREAKTSLEEP into lwp_flag.
Introduce proc_stop and proc_unstop to handle the transition of a complete proc
to and from stopped state. This i
1:1 Userland threading stage 2.13/4:
Move P_SINTR and P_BREAKTSLEEP into lwp_flag.
Introduce proc_stop and proc_unstop to handle the transition of a complete proc
to and from stopped state. This is influenced by NetBSD.
show more ...
|
| #
e690c43b |
| 16-Feb-2007 |
Simon Schubert <corecode@dragonflybsd.org> |
Document and correctly name fields.
Sig now is the pending signals for a process, tsig the pending signals
for a lwp.
Remove non-existing fields from the documentation.
Prodded-by: swildner@
|
| #
7bbde2b7 |
| 28-May-2006 |
Matthew Dillon <dillon@dragonflybsd.org> |
Get rid -y/-Y (sort by interactive measure). The interactive measure has
been removed.
|
| #
3867d280 |
| 17-Apr-2006 |
Sascha Wildner <swildner@dragonflybsd.org> |
Assorted .Xr fixes:
* Add section numbers and fix wrong ones.
* Use .Em, .Nm and .Pa instead of .Xr where appropriate.
* Fix obsolete references.
* Fix typos.
|