diff options
| author | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2016-02-25 18:23:40 +0000 |
|---|---|---|
| committer | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2016-02-25 18:23:40 +0000 |
| commit | c501d73c7e2d5c843583084b84bd3e6f68a0047e (patch) | |
| tree | faa5b7886c70249c03078cb4861e837c2d0f6582 /targets/pseudo/userland | |
| parent | 6fb8946b7f6dedbf17fd19c10f1adf9a98ec6fe7 (diff) | |
| download | src-c501d73c7e2d5c843583084b84bd3e6f68a0047e.tar.gz src-c501d73c7e2d5c843583084b84bd3e6f68a0047e.zip | |
Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
Notes
Notes:
svn path=/head/; revision=296047
Diffstat (limited to 'targets/pseudo/userland')
| -rw-r--r-- | targets/pseudo/userland/Makefile.depend | 4 | ||||
| -rw-r--r-- | targets/pseudo/userland/lib/Makefile.depend | 12 | ||||
| -rw-r--r-- | targets/pseudo/userland/libexec/Makefile.depend | 5 |
3 files changed, 11 insertions, 10 deletions
diff --git a/targets/pseudo/userland/Makefile.depend b/targets/pseudo/userland/Makefile.depend index cebce7cdc24f..dcb870656f6a 100644 --- a/targets/pseudo/userland/Makefile.depend +++ b/targets/pseudo/userland/Makefile.depend @@ -894,10 +894,6 @@ DIRDEPS.powerpc= \ DIRDEPS+= usr.bin/dtc .endif -.if ${MK_CASPER} == "yes" -DIRDEPS+= sbin/casperd -.endif - DIRDEPS+= ${DIRDEPS.${MACHINE}:U} diff --git a/targets/pseudo/userland/lib/Makefile.depend b/targets/pseudo/userland/lib/Makefile.depend index 1b2c35b56b59..bfd444f96a66 100644 --- a/targets/pseudo/userland/lib/Makefile.depend +++ b/targets/pseudo/userland/lib/Makefile.depend @@ -33,7 +33,6 @@ DIRDEPS = \ lib/libc++ \ lib/libcalendar \ lib/libcam \ - lib/libcasper \ lib/libcom_err/doc \ lib/libcompat \ lib/libcompiler_rt \ @@ -187,4 +186,15 @@ DIRDEPS+= \ DIRDEPS+= lib/libnandfs .endif +.if ${MK_CASPER} != "no" +DIRDEPS+= \ + lib/libcasper \ + lib/libcasper/services/cap_dns \ + lib/libcasper/services/cap_grp \ + lib/libcasper/services/cap_pwd \ + lib/libcasper/services/cap_random \ + lib/libcasper/services/cap_sysctl \ + +.endif + .include <dirdeps.mk> diff --git a/targets/pseudo/userland/libexec/Makefile.depend b/targets/pseudo/userland/libexec/Makefile.depend index 427268ce93fe..6bdd31e64225 100644 --- a/targets/pseudo/userland/libexec/Makefile.depend +++ b/targets/pseudo/userland/libexec/Makefile.depend @@ -10,11 +10,6 @@ DIRDEPS = \ libexec/bootpd/bootpgw \ libexec/bootpd/tools/bootpef \ libexec/bootpd/tools/bootptest \ - libexec/casper/dns \ - libexec/casper/grp \ - libexec/casper/pwd \ - libexec/casper/random \ - libexec/casper/sysctl \ libexec/comsat \ libexec/fingerd \ libexec/ftpd \ |