PERFORCE change 47630 for review

Robert Watson rwatson at FreeBSD.org
Wed Feb 25 16:52:58 GMT 2004 

http://perforce.freebsd.org/chv.cgi?CH=47630

Change 47630 by rwatson at rwatson_tislabs on 2004/02/25 08:52:45

	Loop back support for 'ugidfw add' from the FreeBSD CVS HEAD
	to TrustedBSD base branch.

Affected files ...

.. //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.8#4 integrate
.. //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.c#2 integrate

Differences ...

==== //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.8#4 (text+ko) ====

@@ -1,4 +1,4 @@
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2002, 2004 Networks Associates Technology, Inc.
 .\" All rights reserved.
 .\"
 .\" This software was developed for the FreeBSD Project by Chris
@@ -15,9 +15,6 @@
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
 .\"    documentation and/or other materials provided with the distribution.
-.\" 3. The names of the authors may not be used to endorse or promote
-.\"    products derived from this software without specific prior written
-.\"    permission.
 .\"
 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -31,9 +28,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $FreeBSD: src/usr.sbin/ugidfw/ugidfw.8,v 1.5 2002/12/12 14:09:25 ru Exp $
+.\" $FreeBSD: src/usr.sbin/ugidfw/ugidfw.8,v 1.6 2004/02/25 03:59:56 rwatson Exp $
 .\"
-.Dd October 11, 2002
+.Dd February 24, 2004
 .Dt UGIDFW 8
 .Os
 .Sh NAME
@@ -41,6 +38,18 @@
 .Nd "firewall-like access controls for file system objects"
 .Sh SYNOPSIS
 .Nm
+.Cm add
+.Cm subject
+.Op Cm not
+.Op Cm uid Ar uid
+.Op Cm gid Ar gid
+.Cm object
+.Op Cm not
+.Op Cm uid Ar uid
+.Op Cm gid Ar gid
+.Cm mode
+.Ar arswxn
+.Nm
 .Cm list
 .Nm
 .Cm set
@@ -71,6 +80,27 @@
 .Pp
 The arguments are as follows:
 .Bl -tag -width indent -offset indent
+.It Cm add
+Add a new
+.Nm
+rule.
+.It Xo
+.Cm add
+.Cm subject
+.Op Cm not
+.Op Cm uid Ar uid
+.Op Cm gid Ar gid
+.Cm object
+.Op Cm not
+.Op Cm uid Ar uid
+.Op Cm gid Ar gid
+.Cm mode
+.Ar arswxn
+.Xc
+Add a new rule, automatically selecting the rule number.
+See the description of
+.Cm set
+for syntax information.
 .It Cm list
 Produces a list of all the current
 .Nm

==== //depot/projects/trustedbsd/base/usr.sbin/ugidfw/ugidfw.c#2 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2002 Networks Associates Technology, Inc.
+ * Copyright (c) 2002, 2004 Networks Associates Technology, Inc.
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project by NAI Labs, the
@@ -15,9 +15,6 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. The names of the authors may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -31,7 +28,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD: src/usr.sbin/ugidfw/ugidfw.c,v 1.1 2002/08/02 07:14:22 rwatson Exp $
+ * $FreeBSD: src/usr.sbin/ugidfw/ugidfw.c,v 1.2 2004/02/25 03:59:56 rwatson Exp $
  */
 #include <sys/param.h>
 #include <sys/errno.h>
@@ -50,6 +47,9 @@
 usage(void)
 {
 
+	fprintf(stderr, "ugidfw add [subject [not] [uid uid] [gid gid]]"
+	    " [object [not] [uid uid] \\\n");
+	fprintf(stderr, "    [gid gid]] mode arswxn\n");
 	fprintf(stderr, "ugidfw list\n");
 	fprintf(stderr, "ugidfw set rulenum [subject [not] [uid uid] [gid gid]]"
 	    " [object [not] \\\n");
@@ -60,6 +60,29 @@
 }
 
 void
+add_rule(int argc, char *argv[])
+{
+	char errstr[BUFSIZ];
+	struct mac_bsdextended_rule rule;
+	long value;
+	int error, rulenum;
+	char *endp;
+
+	error = bsde_parse_rule(argc, argv, &rule, BUFSIZ, errstr);
+	if (error) {
+		fprintf(stderr, "%s\n", errstr);
+		return;
+	}
+
+	error = bsde_add_rule(&rulenum, &rule, BUFSIZ, errstr);
+	if (error) {
+		fprintf(stderr, "%s\n", errstr);
+		return;
+	}
+	printf("Added rule %d\n", rulenum);
+}
+
+void
 list_rules(void)
 {
 	char errstr[BUFSIZ], charstr[BUFSIZ];
@@ -168,7 +191,9 @@
 	if (argc < 2)
 		usage();
 
-	if (strcmp("list", argv[1]) == 0) {
+	if (strcmp("add", argv[1]) == 0) {
+		add_rule(argc-2, argv+2);
+	} else if (strcmp("list", argv[1]) == 0) {
 		if (argc != 2)
 			usage();
 		list_rules();
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list