git: 4f2ada0d8821 - main - ktrace: Describe CAPFAIL trace point in man page
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 24 Apr 2024 00:29:03 UTC
The branch main has been updated by jfree: URL: https://cgit.FreeBSD.org/src/commit/?id=4f2ada0d88219746fdfbc0907c28b0950ad18725 commit 4f2ada0d88219746fdfbc0907c28b0950ad18725 Author: Jake Freeland <jfree@FreeBSD.org> AuthorDate: 2024-04-24 00:25:16 +0000 Commit: Jake Freeland <jfree@FreeBSD.org> CommitDate: 2024-04-24 00:25:16 +0000 ktrace: Describe CAPFAIL trace point in man page Update the ktrace(1) man page to describe the recently improved capability failure tracing. Approved by: markj (mentor) Reviewed by: markj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D44886 --- usr.bin/ktrace/ktrace.1 | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/usr.bin/ktrace/ktrace.1 b/usr.bin/ktrace/ktrace.1 index 7167ad1e646a..5ccb206456b8 100644 --- a/usr.bin/ktrace/ktrace.1 +++ b/usr.bin/ktrace/ktrace.1 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd August 26, 2019 +.Dd April 20, 2024 .Dt KTRACE 1 .Os .Sh NAME @@ -151,6 +151,21 @@ The and .Ar command options are mutually exclusive. +.Sh CAPABILITY VIOLATION TRACING +When the +.Cm p +trace point is specified, +.Nm +will record +.Xr capsicum 4 +capability mode violations made by the traced process. +Violations will be logged regardless of whether the process has actually +entered capability mode. +.Pp +For developers that are interested in Capsicumizing their programs, the +.Cm c , n , p +trace points can help quickly identify any system calls and path lookups that +are triggering violations. .Sh EXAMPLES Run "make", then trace it and any child processes: .Dl $ ktrace -i make @@ -183,7 +198,8 @@ Disable tracing of all user-owned processes: .Xr kdump 1 , .Xr truss 1 , .Xr ktrace 2 , -.Xr utrace 2 +.Xr utrace 2 , +.Xr capsicum 4 .Sh HISTORY The .Nm