Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge branch 'stable/10' of https://github.com/freebsd/freebsd into s…

…table/10
  • Loading branch information...
commit 668303842dc94c2ed2f59ad29b29d083760ea807 2 parents 9f52f85 + 8964c3a
@kmoore134 kmoore134 authored
Showing with 2,531 additions and 2,441 deletions.
  1. +2 −2 etc/pkg/FreeBSD.conf
  2. +9 −10 lib/libc/capability/Makefile.inc
  3. +241 −0 lib/libc/capability/cap_rights_init.3
  4. +1 −0  lib/libc/gen/Makefile.inc
  5. +119 −0 lib/libc/gen/cap_rights_get.3
  6. +3 −3 lib/libc/sys/cap_ioctls_limit.2
  7. +54 −516 lib/libc/sys/cap_rights_limit.2
  8. +26 −34 release/doc/de_DE.ISO8859-1/early-adopter/article.xml
  9. +27 −38 release/doc/de_DE.ISO8859-1/errata/article.xml
  10. +3 −5 release/doc/de_DE.ISO8859-1/hardware/alpha/article.xml
  11. +17 −29 release/doc/de_DE.ISO8859-1/hardware/alpha/proc-alpha.xml
  12. +12 −5 release/doc/de_DE.ISO8859-1/hardware/common/artheader.xml
  13. +13 −17 release/doc/de_DE.ISO8859-1/hardware/common/dev.xml
  14. +3 −5 release/doc/de_DE.ISO8859-1/hardware/common/intro.xml
  15. +3 −5 release/doc/de_DE.ISO8859-1/hardware/i386/article.xml
  16. +3 −6 release/doc/de_DE.ISO8859-1/hardware/i386/proc-i386.xml
  17. +3 −15 release/doc/de_DE.ISO8859-1/hardware/ia64/article.xml
  18. +6 −9 release/doc/de_DE.ISO8859-1/hardware/ia64/proc-ia64.xml
  19. +3 −5 release/doc/de_DE.ISO8859-1/hardware/pc98/article.xml
  20. +1 −2  release/doc/de_DE.ISO8859-1/hardware/pc98/proc-pc98.xml
  21. +3 −5 release/doc/de_DE.ISO8859-1/hardware/sparc64/article.xml
  22. +9 −10 release/doc/de_DE.ISO8859-1/hardware/sparc64/dev-sparc64.xml
  23. +3 −4 release/doc/de_DE.ISO8859-1/hardware/sparc64/proc-sparc64.xml
  24. +0 −1  release/doc/de_DE.ISO8859-1/installation/alpha/Makefile
  25. +3 −6 release/doc/de_DE.ISO8859-1/installation/alpha/article.xml
  26. +1 −2  release/doc/de_DE.ISO8859-1/installation/common/abstract.xml
  27. +13 −6 release/doc/de_DE.ISO8859-1/installation/common/artheader.xml
  28. +0 −1  release/doc/de_DE.ISO8859-1/installation/common/install.ent
  29. +54 −76 release/doc/de_DE.ISO8859-1/installation/common/install.xml
  30. +3 −5 release/doc/de_DE.ISO8859-1/installation/common/layout.xml
  31. +6 −6 release/doc/de_DE.ISO8859-1/installation/common/trouble.xml
  32. +4 −5 release/doc/de_DE.ISO8859-1/installation/common/upgrade.xml
  33. +0 −1  release/doc/de_DE.ISO8859-1/installation/i386/Makefile
  34. +3 −6 release/doc/de_DE.ISO8859-1/installation/i386/article.xml
  35. +0 −1  release/doc/de_DE.ISO8859-1/installation/ia64/Makefile
  36. +3 −6 release/doc/de_DE.ISO8859-1/installation/ia64/article.xml
  37. +0 −1  release/doc/de_DE.ISO8859-1/installation/pc98/Makefile
  38. +3 −6 release/doc/de_DE.ISO8859-1/installation/pc98/article.xml
  39. +3 −6 release/doc/de_DE.ISO8859-1/installation/sparc64/article.xml
  40. +23 −23 release/doc/de_DE.ISO8859-1/installation/sparc64/install.xml
  41. +36 −53 release/doc/de_DE.ISO8859-1/readme/article.xml
  42. +3 −5 release/doc/de_DE.ISO8859-1/relnotes/alpha/article.xml
  43. +42 −55 release/doc/de_DE.ISO8859-1/relnotes/common/new.xml
  44. +3 −6 release/doc/de_DE.ISO8859-1/relnotes/i386/article.xml
  45. +3 −4 release/doc/de_DE.ISO8859-1/relnotes/ia64/article.xml
  46. +3 −6 release/doc/de_DE.ISO8859-1/relnotes/pc98/article.xml
  47. +3 −5 release/doc/de_DE.ISO8859-1/relnotes/sparc64/article.xml
  48. +15 −20 release/doc/en_US.ISO8859-1/errata/article.xml
  49. +45 −54 release/doc/en_US.ISO8859-1/hardware/article.xml
  50. +47 −62 release/doc/en_US.ISO8859-1/readme/article.xml
  51. +37 −41 release/doc/en_US.ISO8859-1/relnotes/article.xml
  52. +14 −19 release/doc/fr_FR.ISO8859-1/early-adopter/article.xml
  53. +13 −18 release/doc/fr_FR.ISO8859-1/errata/article.xml
  54. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/alpha/article.xml
  55. +20 −30 release/doc/fr_FR.ISO8859-1/hardware/alpha/proc-alpha.xml
  56. +4 −6 release/doc/fr_FR.ISO8859-1/hardware/common/artheader.xml
  57. +13 −18 release/doc/fr_FR.ISO8859-1/hardware/common/dev.xml
  58. +1 −2  release/doc/fr_FR.ISO8859-1/hardware/common/intro.xml
  59. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/i386/article.xml
  60. +1 −1  release/doc/fr_FR.ISO8859-1/hardware/i386/proc-i386.xml
  61. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/ia64/article.xml
  62. +1 −1  release/doc/fr_FR.ISO8859-1/hardware/ia64/proc-ia64.xml
  63. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/pc98/article.xml
  64. +1 −1  release/doc/fr_FR.ISO8859-1/hardware/pc98/proc-pc98.xml
  65. +6 −8 release/doc/fr_FR.ISO8859-1/hardware/sparc64/article.xml
  66. +9 −9 release/doc/fr_FR.ISO8859-1/hardware/sparc64/dev-sparc64.xml
  67. +8 −8 release/doc/fr_FR.ISO8859-1/hardware/sparc64/proc-sparc64.xml
  68. +0 −1  release/doc/fr_FR.ISO8859-1/installation/alpha/Makefile
  69. +3 −6 release/doc/fr_FR.ISO8859-1/installation/alpha/article.xml
  70. +0 −17 release/doc/fr_FR.ISO8859-1/installation/common/abstract.xml
  71. +13 −7 release/doc/fr_FR.ISO8859-1/installation/common/artheader.xml
  72. +0 −1  release/doc/fr_FR.ISO8859-1/installation/common/install.ent
  73. +44 −61 release/doc/fr_FR.ISO8859-1/installation/common/install.xml
  74. +3 −5 release/doc/fr_FR.ISO8859-1/installation/common/layout.xml
  75. +7 −7 release/doc/fr_FR.ISO8859-1/installation/common/trouble.xml
  76. +5 −6 release/doc/fr_FR.ISO8859-1/installation/common/upgrade.xml
  77. +0 −1  release/doc/fr_FR.ISO8859-1/installation/i386/Makefile
  78. +3 −6 release/doc/fr_FR.ISO8859-1/installation/i386/article.xml
  79. +0 −1  release/doc/fr_FR.ISO8859-1/installation/pc98/Makefile
  80. +3 −6 release/doc/fr_FR.ISO8859-1/installation/pc98/article.xml
  81. +3 −12 release/doc/fr_FR.ISO8859-1/installation/sparc64/article.xml
  82. +34 −48 release/doc/fr_FR.ISO8859-1/installation/sparc64/install.xml
  83. +3 −5 release/doc/fr_FR.ISO8859-1/relnotes/alpha/article.xml
  84. +61 −66 release/doc/fr_FR.ISO8859-1/relnotes/common/new.xml
  85. +3 −5 release/doc/fr_FR.ISO8859-1/relnotes/i386/article.xml
  86. +15 −18 release/doc/ja_JP.eucJP/errata/article.xml
  87. +3 −5 release/doc/ja_JP.eucJP/hardware/alpha/article.xml
  88. +3 −5 release/doc/ja_JP.eucJP/hardware/amd64/article.xml
  89. +1 −2  release/doc/ja_JP.eucJP/hardware/amd64/proc-amd64.xml
  90. +12 −5 release/doc/ja_JP.eucJP/hardware/common/artheader.xml
  91. +24 −27 release/doc/ja_JP.eucJP/hardware/common/dev.xml
  92. +3 −4 release/doc/ja_JP.eucJP/hardware/common/intro.xml
  93. +3 −5 release/doc/ja_JP.eucJP/hardware/i386/article.xml
  94. +3 −4 release/doc/ja_JP.eucJP/hardware/i386/proc-i386.xml
  95. +3 −14 release/doc/ja_JP.eucJP/hardware/ia64/article.xml
  96. +4 −4 release/doc/ja_JP.eucJP/hardware/ia64/proc-ia64.xml
  97. +3 −5 release/doc/ja_JP.eucJP/hardware/pc98/article.xml
  98. +1 −1  release/doc/ja_JP.eucJP/hardware/pc98/proc-pc98.xml
  99. +3 −5 release/doc/ja_JP.eucJP/hardware/sparc64/article.xml
  100. +2 −2 release/doc/ja_JP.eucJP/hardware/sparc64/proc-sparc64.xml
  101. +3 −5 release/doc/ja_JP.eucJP/relnotes/alpha/article.xml
  102. +3 −5 release/doc/ja_JP.eucJP/relnotes/amd64/article.xml
  103. +52 −54 release/doc/ja_JP.eucJP/relnotes/common/new.xml
  104. +3 −5 release/doc/ja_JP.eucJP/relnotes/i386/article.xml
  105. +3 −5 release/doc/ja_JP.eucJP/relnotes/ia64/article.xml
  106. +3 −5 release/doc/ja_JP.eucJP/relnotes/pc98/article.xml
  107. +3 −5 release/doc/ja_JP.eucJP/relnotes/sparc64/article.xml
  108. +1 −7 release/doc/ja_JP.eucJP/share/xml/catalog.xml
  109. +15 −20 release/doc/ru_RU.KOI8-R/errata/article.xml
  110. +3 −5 release/doc/ru_RU.KOI8-R/hardware/alpha/article.xml
  111. +3 −5 release/doc/ru_RU.KOI8-R/hardware/amd64/article.xml
  112. +1 −2  release/doc/ru_RU.KOI8-R/hardware/amd64/proc-amd64.xml
  113. +12 −5 release/doc/ru_RU.KOI8-R/hardware/common/artheader.xml
  114. +26 −31 release/doc/ru_RU.KOI8-R/hardware/common/dev.xml
  115. +3 −4 release/doc/ru_RU.KOI8-R/hardware/common/intro.xml
  116. +3 −5 release/doc/ru_RU.KOI8-R/hardware/i386/article.xml
  117. +3 −6 release/doc/ru_RU.KOI8-R/hardware/i386/proc-i386.xml
  118. +3 −12 release/doc/ru_RU.KOI8-R/hardware/ia64/article.xml
  119. +4 −5 release/doc/ru_RU.KOI8-R/hardware/ia64/proc-ia64.xml
  120. +3 −5 release/doc/ru_RU.KOI8-R/hardware/pc98/article.xml
  121. +1 −2  release/doc/ru_RU.KOI8-R/hardware/pc98/proc-pc98.xml
  122. +3 −5 release/doc/ru_RU.KOI8-R/hardware/sparc64/article.xml
  123. +3 −5 release/doc/ru_RU.KOI8-R/hardware/sparc64/proc-sparc64.xml
  124. +0 −1  release/doc/ru_RU.KOI8-R/installation/alpha/Makefile
  125. +3 −6 release/doc/ru_RU.KOI8-R/installation/alpha/article.xml
  126. +0 −1  release/doc/ru_RU.KOI8-R/installation/amd64/Makefile
  127. +3 −6 release/doc/ru_RU.KOI8-R/installation/amd64/article.xml
  128. +0 −17 release/doc/ru_RU.KOI8-R/installation/common/abstract.xml
  129. +13 −6 release/doc/ru_RU.KOI8-R/installation/common/artheader.xml
  130. +0 −1  release/doc/ru_RU.KOI8-R/installation/common/install.ent
  131. +64 −80 release/doc/ru_RU.KOI8-R/installation/common/install.xml
  132. +3 −4 release/doc/ru_RU.KOI8-R/installation/common/layout.xml
  133. +7 −7 release/doc/ru_RU.KOI8-R/installation/common/trouble.xml
  134. +4 −5 release/doc/ru_RU.KOI8-R/installation/common/upgrade.xml
  135. +0 −1  release/doc/ru_RU.KOI8-R/installation/i386/Makefile
  136. +3 −6 release/doc/ru_RU.KOI8-R/installation/i386/article.xml
  137. +0 −1  release/doc/ru_RU.KOI8-R/installation/ia64/Makefile
  138. +3 −6 release/doc/ru_RU.KOI8-R/installation/ia64/article.xml
  139. +0 −1  release/doc/ru_RU.KOI8-R/installation/pc98/Makefile
  140. +3 −6 release/doc/ru_RU.KOI8-R/installation/pc98/article.xml
  141. +0 −1  release/doc/ru_RU.KOI8-R/installation/sparc64/Makefile
  142. +3 −6 release/doc/ru_RU.KOI8-R/installation/sparc64/article.xml
  143. +47 −64 release/doc/ru_RU.KOI8-R/readme/article.xml
  144. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/alpha/article.xml
  145. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/amd64/article.xml
  146. +64 −71 release/doc/ru_RU.KOI8-R/relnotes/common/new.xml
  147. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/i386/article.xml
  148. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/ia64/article.xml
  149. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/pc98/article.xml
  150. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/sparc64/article.xml
  151. +1 −7 release/doc/ru_RU.KOI8-R/share/xml/catalog.xml
  152. +8 −8 release/doc/share/misc/man2hwnotes.pl
  153. +2 −10 release/doc/share/xml/catalog.xml
  154. +15 −20 release/doc/zh_CN.GB2312/errata/article.xml
  155. +45 −51 release/doc/zh_CN.GB2312/hardware/article.xml
  156. +45 −62 release/doc/zh_CN.GB2312/readme/article.xml
  157. +37 −39 release/doc/zh_CN.GB2312/relnotes/article.xml
  158. +4 −0 release/release.sh
  159. +1 −0  share/man/man4/Makefile
  160. +11 −5 share/man/man4/capsicum.4
  161. +674 −0 share/man/man4/rights.4
  162. +2 −2 usr.sbin/pkg/pkg.7
View
4 etc/pkg/FreeBSD.conf
@@ -1,8 +1,8 @@
# $FreeBSD$
FreeBSD: {
- url: "pkg+http://pkg.freebsd.org/${ABI}/latest",
+ url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
mirror_type: "srv",
- signature_type: "none",
+ signature_type: "fingerprints",
fingerprints: "/usr/share/keys/pkg",
enabled: "yes"
}
View
19 lib/libc/capability/Makefile.inc
@@ -1,19 +1,18 @@
# $FreeBSD$
# capability sources
-.PATH: ${.CURDIR}/../../sys/kern
+.PATH: ${.CURDIR}/../../sys/kern ${.CURDIR}/capability
SRCS+= subr_capability.c
SYM_MAPS+= ${.CURDIR}/capability/Symbol.map
-#MAN+= cap_rights_init.3
-
-#MLINKS+=cap_rights_init.3 cap_rights_set.3
-#MLINKS+=cap_rights_init.3 cap_rights_clear.3
-#MLINKS+=cap_rights_init.3 cap_rights_is_set.3
-#MLINKS+=cap_rights_init.3 cap_rights_is_valid.3
-#MLINKS+=cap_rights_init.3 cap_rights_merge.3
-#MLINKS+=cap_rights_init.3 cap_rights_remove.3
-#MLINKS+=cap_rights_init.3 cap_rights_contains.3
+MAN+= cap_rights_init.3
+MLINKS+=cap_rights_init.3 cap_rights_set.3
+MLINKS+=cap_rights_init.3 cap_rights_clear.3
+MLINKS+=cap_rights_init.3 cap_rights_is_set.3
+MLINKS+=cap_rights_init.3 cap_rights_is_valid.3
+MLINKS+=cap_rights_init.3 cap_rights_merge.3
+MLINKS+=cap_rights_init.3 cap_rights_remove.3
+MLINKS+=cap_rights_init.3 cap_rights_contains.3
View
241 lib/libc/capability/cap_rights_init.3
@@ -0,0 +1,241 @@
+.\"
+.\" Copyright (c) 2013 The FreeBSD Foundation
+.\" All rights reserved.
+.\"
+.\" This documentation was written by Pawel Jakub Dawidek under sponsorship
+.\" from the FreeBSD Foundation.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd September 23, 2013
+.Dt CAP_RIGHTS_INIT 3
+.Os
+.Sh NAME
+.Nm cap_rights_init ,
+.Nm cap_rights_set ,
+.Nm cap_rights_clear ,
+.Nm cap_rights_is_set ,
+.Nm cap_rights_is_valid ,
+.Nm cap_rights_merge ,
+.Nm cap_rights_remove ,
+.Nm cap_rights_contains
+.Nd manage cap_rights_t structure
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/capability.h
+.Ft cap_rights_t *
+.Fn cap_rights_init "cap_rights_t *rights" "..."
+.Ft cap_rights_t *
+.Fn cap_rights_set "cap_rights_t *rights" "..."
+.Ft cap_rights_t *
+.Fn cap_rights_clear "cap_rights_t *rights" "..."
+.Ft bool
+.Fn cap_rights_is_set "const cap_rights_t *rights" "..."
+.Ft bool
+.Fn cap_rights_is_valid "const cap_rights_t *rights"
+.Ft cap_rights_t *
+.Fn cap_rights_merge "cap_rights_t *dst" "const cap_rights_t *src"
+.Ft cap_rights_t *
+.Fn cap_rights_remove "cap_rights_t *dst" "const cap_rights_t *src"
+.Ft bool
+.Fn cap_rights_contains "const cap_rights_t *big" "const cap_rights_t *little"
+.Sh DESCRIPTION
+The functions documented here allow to manage the
+.Vt cap_rights_t
+structure.
+.Pp
+Capability rights should be separated with comma when passed to the
+.Fn cap_rights_init ,
+.Fn cap_rights_set ,
+.Fn cap_rights_clear
+and
+.Fn cap_rights_is_set
+functions.
+For example:
+.Bd -literal
+cap_rights_set(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT, CAP_SEEK);
+.Ed
+.Pp
+The complete list of the capability rights can be found in the
+.Xr rights 4
+manual page.
+.Pp
+The
+.Fn cap_rights_init
+function initialize provided
+.Vt cap_rights_t
+structure.
+Only properly initialized structure can be passed to the remaining functions.
+For convenience the structure can be filled with capability rights instead of
+calling the
+.Fn cap_rights_set
+function later.
+For even more convenience pointer to the given structure is returned, so it can
+be directly passed to
+.Xr cap_rights_limit 2 :
+.Bd -literal
+cap_rights_t rights;
+
+if (cap_rights_limit(fd, cap_rights_init(&rights, CAP_READ, CAP_WRITE)) < 0)
+ err(1, "Unable to limit capability rights");
+.Ed
+.Pp
+The
+.Fn cap_rights_set
+function adds the given capability rights to the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_clear
+function removes the given capability rights from the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_is_set
+function checks if all the given capability rights are set for the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_is_valid
+function verifies if the given
+.Vt cap_rights_t
+structure is valid.
+.Pp
+The
+.Fn cap_rights_merge
+function merges all capability rights present in the
+.Fa src
+structure into the
+.Fa dst
+structure.
+.Pp
+The
+.Fn cap_rights_remove
+function removes all capability rights present in the
+.Fa src
+structure from the
+.Fa dst
+structure.
+.Pp
+The
+.Fn cap_rights_contains
+function checks if the
+.Fa big
+structure contains all capability rights present in the
+.Fa little
+structure.
+.Sh RETURN VALUES
+The functions never fail.
+In case an invalid capability right or an invalid
+.Vt cap_rights_t
+structure is given as an argument, the program will be aborted.
+.Pp
+The
+.Fn cap_rights_init ,
+.Fn cap_rights_set
+and
+.Fn cap_rights_clear
+functions return pointer to the
+.Vt cap_rights_t
+structure given in the
+.Fa rights
+argument.
+.Pp
+The
+.Fn cap_rights_merge
+and
+.Fn cap_rights_remove
+functions return pointer to the
+.Vt cap_rights_t
+structure given in the
+.Fa dst
+argument.
+.Pp
+The
+.Fn cap_rights_is_set
+returns
+.Va true
+if all the given capability rights are set in the
+.Fa rights
+argument.
+.Pp
+The
+.Fn cap_rights_is_valid
+function performs various checks to see if the given
+.Vt cap_rights_t
+structure is valid and returns
+.Va true
+if it is.
+.Pp
+The
+.Fn cap_rights_contains
+function returns
+.Va true
+if all capability rights set in the
+.Fa little
+structure are also present in the
+.Fa big
+structure.
+.Sh EXAMPLES
+The following example demonstrates how to prepare a
+.Vt cap_rights_t
+structure to be passed to the
+.Xr cap_rights_limit 2
+system call.
+.Bd -literal
+cap_rights_t rights;
+int fd;
+
+fd = open("/tmp/foo", O_RDWR);
+if (fd < 0)
+ err(1, "open() failed");
+
+cap_rights_init(&rights, CAP_FSTAT, CAP_READ);
+
+if (allow_write_and_seek)
+ cap_rights_set(&rights, CAP_WRITE, CAP_SEEK);
+
+if (dont_allow_seek)
+ cap_rights_clear(&rights, CAP_SEEK);
+
+if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
+ err(1, "cap_rights_limit() failed");
+.Ed
+.Sh SEE ALSO
+.Xr cap_rights_limit 2 ,
+.Xr open 2 ,
+.Xr capsicum 4 ,
+.Xr rights 4
+.Sh HISTORY
+Support for capabilities and capabilities mode was developed as part of the
+.Tn TrustedBSD
+Project.
+.Sh AUTHORS
+This family of functions was created by
+.An Pawel Jakub Dawidek Aq pawel@dawidek.net
+under sponsorship from the FreeBSD Foundation.
View
1  lib/libc/gen/Makefile.inc
@@ -170,6 +170,7 @@ SYM_MAPS+=${.CURDIR}/gen/Symbol.map
MAN+= alarm.3 \
arc4random.3 \
basename.3 \
+ cap_rights_get.3 \
cap_sandboxed.3 \
check_utility_compat.3 \
clock.3 \
View
119 lib/libc/gen/cap_rights_get.3
@@ -0,0 +1,119 @@
+.\"
+.\" Copyright (c) 2013 The FreeBSD Foundation
+.\" All rights reserved.
+.\"
+.\" This documentation was written by Pawel Jakub Dawidek under sponsorship
+.\" from the FreeBSD Foundation.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd September 23, 2013
+.Dt CAP_RIGHTS_GET 3
+.Os
+.Sh NAME
+.Nm cap_rights_get
+.Nd obtain capability rights
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/capability.h
+.Ft int
+.Fn cap_rights_get "int fd" "cap_rights_t *rights"
+.Sh DESCRIPTION
+The
+.Nm cap_rights_get
+function allows to obtain current capability rights for the given descriptor.
+The function will fill the
+.Fa rights
+argument with all capability rights if they were not limited or capability
+rights configured during the last successful call of
+.Xr cap_rights_limit 2
+on the given descriptor.
+.Pp
+The
+.Fa rights
+argument can be inspected using
+.Xr cap_rights_init 3
+family of functions.
+.Pp
+The complete list of the capability rights can be found in the
+.Xr rights 4
+manual page.
+.Sh RETURN VALUES
+.Rv -std
+.Sh EXAMPLES
+The following example demonstrates how to limit file descriptor capability
+rights and how to obtain them.
+.Bd -literal
+cap_rights_t setrights, getrights;
+int fd;
+
+memset(&setrights, 0, sizeof(setrights));
+memset(&getrights, 0, sizeof(getrights));
+
+fd = open("/tmp/foo", O_RDONLY);
+if (fd < 0)
+ err(1, "open() failed");
+
+cap_rights_init(&setrights, CAP_FSTAT, CAP_READ);
+if (cap_rights_limit(fd, &setrights) < 0 && errno != ENOSYS)
+ err(1, "cap_rights_limit() failed");
+
+if (cap_rights_get(fd, &getrights) < 0 && errno != ENOSYS)
+ err(1, "cap_rights_get() failed");
+
+assert(memcmp(&setrights, &getrights, sizeof(setrights)) == 0);
+.Ed
+.Sh ERRORS
+.Fn cap_rights_get
+succeeds unless:
+.Bl -tag -width Er
+.It Bq Er EBADF
+The
+.Fa fd
+argument is not a valid active descriptor.
+.It Bq Er EFAULT
+The
+.Fa rights
+argument points at an invalid address.
+.El
+.Sh SEE ALSO
+.Xr cap_rights_limit 2 ,
+.Xr cap_rights_init 3 ,
+.Xr errno 2 ,
+.Xr open 2 ,
+.Xr assert 3 ,
+.Xr err 3 ,
+.Xr memcmp 3 ,
+.Xr memset 3 ,
+.Xr capsicum 4 ,
+.Xr rights 4
+.Sh HISTORY
+Support for capabilities and capabilities mode was developed as part of the
+.Tn TrustedBSD
+Project.
+.Sh AUTHORS
+This function was created by
+.An Pawel Jakub Dawidek Aq pawel@dawidek.net
+under sponsorship of the FreeBSD Foundation.
View
6 lib/libc/sys/cap_ioctls_limit.2
@@ -58,7 +58,7 @@ argument is an array of
commands and the
.Fa ncmds
argument specifies the number of elements in the array.
-There might be up to
+There can be up to
.Va 256
elements in the array.
.Pp
@@ -92,7 +92,7 @@ system call was never called for this file descriptor), the
.Fn cap_ioctls_get
system call will return
.Dv CAP_IOCTLS_ALL
-and won't modify the buffer pointed out by the
+and won't modify the buffer pointed to by the
.Fa cmds
argument.
.Sh RETURN VALUES
@@ -100,7 +100,7 @@ argument.
.Pp
The
.Fn cap_ioctls_get
-function, if successfull, returns the total number of allowed ioctl commands or
+function, if successful, returns the total number of allowed ioctl commands or
the value
.Dv CAP_IOCTLS_ALL
if all ioctls commands are allowed.
View
570 lib/libc/sys/cap_rights_limit.2
@@ -36,19 +36,18 @@
.Dt CAP_RIGHTS_LIMIT 2
.Os
.Sh NAME
-.Nm cap_rights_limit ,
-.Nm cap_rights_get
-.Nd manage capability rights
+.Nm cap_rights_limit
+.Nd limit capability rights
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In sys/capability.h
.Ft int
-.Fn cap_rights_limit "int fd" "cap_rights_t rights"
-.Ft int
-.Fn cap_rights_get "int fd" "cap_rights_t *rightsp"
+.Fn cap_rights_limit "int fd" "const cap_rights_t *rights"
.Sh DESCRIPTION
When a file descriptor is created by a function such as
+.Xr accept 2 ,
+.Xr accept4 2 ,
.Xr fhopen 2 ,
.Xr kqueue 2 ,
.Xr mq_open 2 ,
@@ -57,7 +56,7 @@ When a file descriptor is created by a function such as
.Xr pdfork 2 ,
.Xr pipe 2 ,
.Xr shm_open 2 ,
-.Xr socket 2 ,
+.Xr socket 2
or
.Xr socketpair 2 ,
it is assigned all capability rights.
@@ -68,429 +67,48 @@ Once capability rights are reduced, operations on the file descriptor will be
limited to those permitted by
.Fa rights .
.Pp
-A bitmask of capability rights assigned to a file descriptor can be obtained with
-the
-.Fn cap_rights_get
-system call.
-.Sh RIGHTS
-The following rights may be specified in a rights mask:
-.Bl -tag -width CAP_EXTATTR_DELETE
-.It Dv CAP_ACCEPT
-Permit
-.Xr accept 2
-and
-.Xr accept4 2 .
-.It Dv CAP_ACL_CHECK
-Permit checking of an ACL on a file descriptor; there is no cross-reference
-for this system call.
-.It Dv CAP_ACL_DELETE
-Permit
-.Xr acl_delete_fd_np 3 .
-.It Dv CAP_ACL_GET
-Permit
-.Xr acl_get_fd 3
-and
-.Xr acl_get_fd_np 3 .
-.It Dv CAP_ACL_SET
-Permit
-.Xr acl_set_fd 3
-and
-.Xr acl_set_fd_np 3 .
-.It Dv CAP_BIND
-Permit
-.Xr bind 2 .
-Note that sockets can also become bound implicitly as a result of
-.Xr connect 2
-or
-.Xr send 2 ,
-and that socket options set with
-.Xr setsockopt 2
-may also affect binding behavior.
-.It Dv CAP_BINDAT
-Permit
-.Xr bindat 2 .
-This right has to be present on the directory descriptor.
-.It Dv CAP_CONNECT
-Permit
-.Xr connect 2 ;
-also required for
-.Xr sendto 2
-with a non-NULL destination address.
-.It Dv CAP_CONNECTAT
-Permit
-.Xr connectat 2 .
-This right has to be present on the directory descriptor.
-.It Dv CAP_CREATE
-Permit
-.Xr openat 2
-with the
-.Dv O_CREAT
-flag.
-.\" XXXPJD: Doesn't exist anymore.
-.It Dv CAP_EVENT
-Permit
-.Xr select 2 ,
-.Xr poll 2 ,
-and
-.Xr kevent 2
-to be used in monitoring the file descriptor for events.
-.It Dv CAP_FEXECVE
-Permit
-.Xr fexecve 2
-and
-.Xr openat 2
-with the
-.Dv O_EXEC
-flag;
-.Dv CAP_READ
-will also be required.
-.It Dv CAP_EXTATTR_DELETE
-Permit
-.Xr extattr_delete_fd 2 .
-.It Dv CAP_EXTATTR_GET
-Permit
-.Xr extattr_get_fd 2 .
-.It Dv CAP_EXTATTR_LIST
-Permit
-.Xr extattr_list_fd 2 .
-.It Dv CAP_EXTATTR_SET
-Permit
-.Xr extattr_set_fd 2 .
-.It Dv CAP_FCHDIR
-Permit
-.Xr fchdir 2 .
-.It Dv CAP_FCHFLAGS
-Permit
-.Xr fchflags 2
-and
-.Xr chflagsat 2 .
-.It Dv CAP_CHFLAGSAT
-An alias to
-.Dv CAP_FCHFLAGS .
-.It Dv CAP_FCHMOD
-Permit
-.Xr fchmod 2
-and
-.Xr fchmodat 2 .
-.It Dv CAP_FCHMODAT
-An alias to
-.Dv CAP_FCHMOD .
-.It Dv CAP_FCHOWN
-Permit
-.Xr fchown 2
-and
-.Xr fchownat 2 .
-.It Dv CAP_FCHOWNAT
-An alias to
-.Dv CAP_FCHOWN .
-.It Dv CAP_FCNTL
-Permit
-.Xr fcntl 2 .
-Note that only the
-.Dv F_GETFL ,
-.Dv F_SETFL ,
-.Dv F_GETOWN
-and
-.Dv F_SETOWN
-commands require this capability right.
-Also note that the list of permitted commands can be further limited with the
-.Xr cap_fcntls_limit 2
-system call.
-.It Dv CAP_FLOCK
-Permit
-.Xr flock 2 ,
-.Xr fcntl 2
-(with
-.Dv F_GETLK ,
-.Dv F_SETLK
-or
-.Dv F_SETLKW
-flag) and
-.Xr openat 2
-(with
-.Dv O_EXLOCK
-or
-.Dv O_SHLOCK
-flag).
-.It Dv CAP_FPATHCONF
-Permit
-.Xr fpathconf 2 .
-.It Dv CAP_FSCK
-Permit UFS background-fsck operations on the descriptor.
-.It Dv CAP_FSTAT
-Permit
-.Xr fstat 2
-and
-.Xr fstatat 2 .
-.It Dv CAP_FSTATAT
-An alias to
-.Dv CAP_FSTAT .
-.It Dv CAP_FSTATFS
-Permit
-.Xr fstatfs 2 .
-.It Dv CAP_FSYNC
-Permit
-.Xr aio_fsync 2 ,
-.Xr fsync 2
-and
-.Xr openat 2
-with
-.Dv O_FSYNC
-or
-.Dv O_SYNC
-flag.
-.It Dv CAP_FTRUNCATE
-Permit
-.Xr ftruncate 2
-and
-.Xr openat 2
-with the
-.Dv O_TRUNC
-flag.
-.It Dv CAP_FUTIMES
-Permit
-.Xr futimes 2
-and
-.Xr futimesat 2 .
-.It Dv CAP_FUTIMESAT
-An alias to
-.Dv CAP_FUTIMES .
-.It Dv CAP_GETPEERNAME
-Permit
-.Xr getpeername 2 .
-.It Dv CAP_GETSOCKNAME
-Permit
-.Xr getsockname 2 .
-.It Dv CAP_GETSOCKOPT
-Permit
-.Xr getsockopt 2 .
-.It Dv CAP_IOCTL
-Permit
-.Xr ioctl 2 .
-Be aware that this system call has enormous scope, including potentially
-global scope for some objects.
-The list of permitted ioctl commands can be further limited with the
-.Xr cap_ioctls_limit 2
-system call.
-.\" XXXPJD: Doesn't exist anymore.
-.It Dv CAP_KEVENT
-Permit
-.Xr kevent 2 ;
-.Dv CAP_EVENT
-is also required on file descriptors that will be monitored using
-.Xr kevent 2 .
-.It Dv CAP_LINKAT
-Permit
-.Xr linkat 2
-and
-.Xr renameat 2 .
-This right is required for the destination directory descriptor.
-.It Dv CAP_LISTEN
-Permit
-.Xr listen 2 ;
-not much use (generally) without
-.Dv CAP_BIND .
-.It Dv CAP_LOOKUP
-Permit the file descriptor to be used as a starting directory for calls such as
-.Xr linkat 2 ,
-.Xr openat 2 ,
-and
-.Xr unlinkat 2 .
-.It Dv CAP_MAC_GET
-Permit
-.Xr mac_get_fd 3 .
-.It Dv CAP_MAC_SET
-Permit
-.Xr mac_set_fd 3 .
-.It Dv CAP_MKDIRAT
-Permit
-.Xr mkdirat 2 .
-.It Dv CAP_MKFIFOAT
-Permit
-.Xr mkfifoat 2 .
-.It Dv CAP_MKNODAT
-Permit
-.Xr mknodat 2 .
-.It Dv CAP_MMAP
-Permit
-.Xr mmap 2
-with the
-.Dv PROT_NONE
-protection.
-.It Dv CAP_MMAP_R
-Permit
-.Xr mmap 2
-with the
-.Dv PROT_READ
-protection.
-This also implies
-.Dv CAP_READ
-and
-.Dv CAP_SEEK
-rights.
-.It Dv CAP_MMAP_W
-Permit
-.Xr mmap 2
-with the
-.Dv PROT_WRITE
-protection.
-This also implies
-.Dv CAP_WRITE
-and
-.Dv CAP_SEEK
-rights.
-.It Dv CAP_MMAP_X
-Permit
-.Xr mmap 2
-with the
-.Dv PROT_EXEC
-protection.
-This also implies
-.Dv CAP_SEEK
-right.
-.It Dv CAP_MMAP_RW
-Implies
-.Dv CAP_MMAP_R
-and
-.Dv CAP_MMAP_W .
-.It Dv CAP_MMAP_RX
-Implies
-.Dv CAP_MMAP_R
-and
-.Dv CAP_MMAP_X .
-.It Dv CAP_MMAP_WX
-Implies
-.Dv CAP_MMAP_W
-and
-.Dv CAP_MMAP_X .
-.It Dv CAP_MMAP_RWX
-Implies
-.Dv CAP_MMAP_R ,
-.Dv CAP_MMAP_W
-and
-.Dv CAP_MMAP_X .
-.It Dv CAP_PDGETPID
-Permit
-.Xr pdgetpid 2 .
-.It Dv CAP_PDKILL
-Permit
-.Xr pdkill 2 .
-.It Dv CAP_PDWAIT
-Permit
-.Xr pdwait4 2 .
-.It Dv CAP_PEELOFF
-Permit
-.Xr sctp_peeloff 2 .
-.\" XXXPJD: Not documented.
-.It Dv CAP_POLL_EVENT
-.\" XXXPJD: Not documented.
-.It Dv CAP_POST_EVENT
-.It Dv CAP_PREAD
-Implies
-.Dv CAP_SEEK
-and
-.Dv CAP_READ .
-.It Dv CAP_PWRITE
-Implies
-.Dv CAP_SEEK
-and
-.Dv CAP_WRITE .
-.It Dv CAP_READ
-Allow
-.Xr aio_read 2 ,
-.Xr openat
-with the
-.Dv O_RDONLY flag,
-.Xr read 2 ,
-.Xr recv 2 ,
-.Xr recvfrom 2 ,
-.Xr recvmsg 2
-and related system calls.
-.It Dv CAP_RECV
-An alias to
-.Dv CAP_READ .
-.It Dv CAP_RENAMEAT
-Permit
-.Xr renameat 2 .
-This right is required for the source directory descriptor.
-.It Dv CAP_SEEK
-Permit operations that seek on the file descriptor, such as
-.Xr lseek 2 ,
-but also required for I/O system calls that can read or write at any position
-in the file, such as
-.Xr pread 2
-and
-.Xr pwrite 2 .
-.It Dv CAP_SEM_GETVALUE
-Permit
-.Xr sem_getvalue 3 .
-.It Dv CAP_SEM_POST
-Permit
-.Xr sem_post 3 .
-.It Dv CAP_SEM_WAIT
-Permit
-.Xr sem_wait 3
-and
-.Xr sem_trywait 3 .
-.It Dv CAP_SEND
-An alias to
-.Dv CAP_WRITE .
-.It Dv CAP_SETSOCKOPT
-Permit
-.Xr setsockopt 2 ;
-this controls various aspects of socket behavior and may affect binding,
-connecting, and other behaviors with global scope.
-.It Dv CAP_SHUTDOWN
-Permit explicit
-.Xr shutdown 2 ;
-closing the socket will also generally shut down any connections on it.
-.It Dv CAP_SYMLINKAT
-Permit
-.Xr symlinkat 2 .
-.It Dv CAP_TTYHOOK
-Allow configuration of TTY hooks, such as
-.Xr snp 4 ,
-on the file descriptor.
-.It Dv CAP_UNLINKAT
-Permit
-.Xr unlinkat 2
-and
-.Xr renameat 2 .
-This right is only required for
-.Xr renameat 2
-on the destination directory descriptor if the destination object already
-exists and will be removed by the rename.
-.It Dv CAP_WRITE
-Allow
-.Xr aio_write 2 ,
-.Xr openat 2
-with
-.Dv O_WRONLY
-and
-.Dv O_APPEND
-flags,
-.Xr send 2 ,
-.Xr sendmsg 2 ,
-.Xr sendto 2 ,
-.Xr write 2 ,
-and related system calls.
-For
-.Xr sendto 2
-with a non-NULL connection address,
-.Dv CAP_CONNECT
-is also required.
-For
-.Xr openat 2
-with the
-.Dv O_WRONLY
-flag, but without the
-.Dv O_APPEND
-flag,
-.Dv CAP_SEEK
-is also required.
-.El
+The
+.Fa rights
+argument should be prepared using
+.Xr cap_rights_init 3
+family of functions.
+.Pp
+Capability rights assigned to a file descriptor can be obtained with the
+.Xr cap_rights_get 3
+function.
+.Pp
+The complete list of the capability rights can be found in the
+.Xr rights 4
+manual page.
.Sh RETURN VALUES
.Rv -std
+.Sh EXAMPLES
+The following example demonstrates how to limit file descriptor capability
+rights to allow reading only.
+.Bd -literal
+cap_rights_t rights;
+char buf[1];
+int fd;
+
+fd = open("/tmp/foo", O_RDWR);
+if (fd < 0)
+ err(1, "open() failed");
+
+if (cap_enter() < 0)
+ err(1, "cap_enter() failed");
+
+cap_rights_init(&setrights, CAP_READ);
+if (cap_rights_limit(fd, &setrights) < 0)
+ err(1, "cap_rights_limit() failed");
+
+buf[0] = 'X';
+
+if (write(fd, buf, sizeof(buf)) > 0)
+ errx(1, "write() succeeded!");
+
+if (read(fd, buf, sizeof(buf)) < 0)
+ err(1, "read() failed");
+.Ed
.Sh ERRORS
.Fn cap_rights_limit
succeeds unless:
@@ -503,106 +121,32 @@ argument is not a valid active descriptor.
An invalid right has been requested in
.Fa rights .
.It Bq Er ENOTCAPABLE
-.Fa rights
-contains requested rights not present in the current rights mask associated
-with the given file descriptor.
-.El
-.Pp
-.Fn cap_rights_get
-succeeds unless:
-.Bl -tag -width Er
-.It Bq Er EBADF
The
-.Fa fd
-argument is not a valid active descriptor.
-.It Bq Er EFAULT
-The
-.Fa rightsp
-argument points at an invalid address.
+.Fa rights
+argument contains capability rights not present for the given file descriptor.
+Capability rights list can only be reduced, never expanded.
.El
.Sh SEE ALSO
.Xr accept 2 ,
-.Xr aio_fsync 2 ,
-.Xr aio_read 2 ,
-.Xr aio_write 2 ,
-.Xr bind 2 ,
-.Xr bindat 2 ,
+.Xr accept4 2 ,
.Xr cap_enter 2 ,
-.Xr cap_fcntls_limit 2 ,
-.Xr cap_ioctls_limit 2 ,
-.Xr cap_rights_limit 2 ,
-.Xr connect 2 ,
-.Xr connectat 2 ,
-.Xr dup 2 ,
-.Xr dup2 2 ,
-.Xr extattr_delete_fd 2 ,
-.Xr extattr_get_fd 2 ,
-.Xr extattr_list_fd 2 ,
-.Xr extattr_set_fd 2 ,
-.Xr fchflags 2 ,
-.Xr fchown 2 ,
-.Xr fcntl 2 ,
-.Xr fexecve 2 ,
.Xr fhopen 2 ,
-.Xr flock 2 ,
-.Xr fpathconf 2 ,
-.Xr fstat 2 ,
-.Xr fstatfs 2 ,
-.Xr fsync 2 ,
-.Xr ftruncate 2 ,
-.Xr futimes 2 ,
-.Xr getpeername 2 ,
-.Xr getsockname 2 ,
-.Xr getsockopt 2 ,
-.Xr ioctl 2 ,
-.Xr kevent 2 ,
.Xr kqueue 2 ,
-.Xr linkat 2 ,
-.Xr listen 2 ,
-.Xr mmap 2 ,
.Xr mq_open 2 ,
.Xr open 2 ,
.Xr openat 2 ,
.Xr pdfork 2 ,
-.Xr pdgetpid 2 ,
-.Xr pdkill 2 ,
-.Xr pdwait4 2 ,
.Xr pipe 2 ,
-.Xr poll 2 ,
-.Xr pread 2 ,
-.Xr pwrite 2 ,
.Xr read 2 ,
-.Xr recv 2 ,
-.Xr recvfrom 2 ,
-.Xr recvmsg 2 ,
-.Xr renameat 2 ,
-.Xr sctp_peeloff 2 ,
-.Xr select 2 ,
-.Xr send 2 ,
-.Xr sendmsg 2 ,
-.Xr sendto 2 ,
-.Xr setsockopt 2 ,
.Xr shm_open 2 ,
-.Xr shutdown 2 ,
.Xr socket 2 ,
.Xr socketpair 2 ,
-.Xr symlinkat 2 ,
-.Xr unlinkat 2 ,
.Xr write 2 ,
-.Xr acl_delete_fd_np 3 ,
-.Xr acl_get_fd 3 ,
-.Xr acl_get_fd_np 3 ,
-.Xr acl_set_fd_np 3 ,
-.Xr cap_limitfd 3 ,
-.Xr libcapsicum 3 ,
-.Xr mac_get_fd 3 ,
-.Xr mac_set_fd 3 ,
-.Xr sem_getvalue 3 ,
-.Xr sem_post 3 ,
-.Xr sem_trywait 3 ,
-.Xr sem_wait 3 ,
+.Xr cap_rights_get 3 ,
+.Xr cap_rights_init 3 ,
+.Xr err 3 ,
.Xr capsicum 4 ,
-.Xr snp 4
+.Xr rights 4
.Sh HISTORY
Support for capabilities and capabilities mode was developed as part of the
.Tn TrustedBSD
@@ -611,9 +155,3 @@ Project.
This function was created by
.An Pawel Jakub Dawidek Aq pawel@dawidek.net
under sponsorship of the FreeBSD Foundation.
-.Sh BUGS
-This man page should list the set of permitted system calls more specifically
-for each capability right.
-.Pp
-Capability rights sometimes have unclear indirect impacts, which should be
-documented, or at least hinted at.
View
60 release/doc/de_DE.ISO8859-1/early-adopter/article.xml
@@ -1,13 +1,12 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
-<!ENTITY release.4x "4.<replaceable>X</replaceable>">
-<!ENTITY release.5x "5.<replaceable>X</replaceable>">
+<!ENTITY release.4x "4.<replaceable xmlns='http://docbook.org/ns/docbook'>X</replaceable>">
+<!ENTITY release.5x "5.<replaceable xmlns='http://docbook.org/ns/docbook'>X</replaceable>">
]>
-
<!--
The FreeBSD Documentation Project
The FreeBSD German Documentation Project
@@ -15,14 +14,13 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/early-adopter/article.xml,v 1.24 2003/05/25 12:44:41 mheinen Exp $
basiert auf: 1.15
-->
-
-<article lang="de">
- <articleinfo>
- <title>Hinweise f&uuml;r die ersten Anwender von &os;
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
+ <info><title>Hinweise f&uuml;r die ersten Anwender von &os;
&release.current;</title>
+
<authorgroup>
- <corpauthor>The &os; Release Engineering Team</corpauthor>
+ <author><orgname>The &os; Release Engineering Team</orgname></author>
</authorgroup>
<pubdate>$FreeBSD$</pubdate>
@@ -48,9 +46,9 @@
ein paar Hinweise f&uuml;r die Aktualisierung bestehender
Systeme.</para>
</abstract>
- </articleinfo>
+ </info>
- <sect1 id="intro">
+ <sect1 xml:id="intro">
<title>Einf&uuml;hrung</title>
<para>Nach &uuml;ber zwei Jahren steht mit &os; &release.5x;
@@ -101,7 +99,7 @@
&release.4x; Systems auf 5.0 beachtet werden mu&szlig;.</para>
</sect1>
- <sect1 id="release-overview">
+ <sect1 xml:id="release-overview">
<title>Ver&ouml;ffentlichung neuer &os;-Versionen</title>
<para>Das Prinzip der &os;-Entwicklung ist die Verwendung mehrerer
@@ -157,17 +155,14 @@
<para>Weitere Informationen &uuml;ber den Ablauf bei der
Ver&ouml;ffentlichung einer neuen &os; Version finden Sie auf
- den <ulink
- url="http://www.FreeBSD.org/releng/index.html">Release
- Engineering Web pages</ulink> und im Artikel <ulink
- url="http://www.freebsd.org/doc/en_US.ISO8859-1/articles/releng/index.html">&os;
- Release Engineering</ulink>. Informationen &uuml;ber den
- geplanten Entwicklungszweig 5-STABLE finden Sie auf der <ulink
- url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/articles/5-roadmap/index.html"><quote>The
- Roadmap for 5-STABLE</quote></ulink>.</para>
+ den <link xlink:href="http://www.FreeBSD.org/releng/index.html">Release
+ Engineering Web pages</link> und im Artikel <link xlink:href="http://www.freebsd.org/doc/en_US.ISO8859-1/articles/releng/index.html">&os;
+ Release Engineering</link>. Informationen &uuml;ber den
+ geplanten Entwicklungszweig 5-STABLE finden Sie auf der <link xlink:href="http://www.FreeBSD.org/doc/en_US.ISO8859-1/articles/5-roadmap/index.html"><quote>The
+ Roadmap for 5-STABLE</quote></link>.</para>
</sect1>
- <sect1 id="new">
+ <sect1 xml:id="new">
<title>Neuerungen</title>
<para>Die Glanzpunkte von &os; &release.5x; sind die vielen Neuerungen.
@@ -252,7 +247,7 @@
f&uuml;r &os; &release.prev; und &release.current;.</para>
</sect1>
- <sect1 id="drawbacks">
+ <sect1 xml:id="drawbacks">
<title>Nachteile f&uuml;r fr&uuml;he Anwender</title>
<para>Ein Nachteil der Neuerungen in &os; &release.5x; ist,
@@ -334,10 +329,8 @@
</listitem>
<listitem>
- <para>Die Dokumentation (wie z.B. das &os; <ulink
- url="http://www.FreeBSD.org/doc/de_DE.ISO8859-1/books/handbook/index.html">Handbuch</ulink>
- und der <ulink
- url="http://www.FreeBSD.org/doc/de_DE.ISO8859-1/books/faq/index.html">FAQ</ulink>)
+ <para>Die Dokumentation (wie z.B. das &os; <link xlink:href="http://www.FreeBSD.org/doc/de_DE.ISO8859-1/books/handbook/index.html">Handbuch</link>
+ und der <link xlink:href="http://www.FreeBSD.org/doc/de_DE.ISO8859-1/books/faq/index.html">FAQ</link>)
ist teilweise noch nicht auf dem Stand von
&os; &release.5x;.</para>
</listitem>
@@ -351,7 +344,7 @@
geworden sind.</para>
</sect1>
- <sect1 id="plans-stable">
+ <sect1 xml:id="plans-stable">
<title>Die Zukunft des Entwicklungszweiges 4-STABLE</title>
<para>Die Ver&ouml;ffentlichung von &os; 5.0 bedeutete nicht das
@@ -380,9 +373,8 @@
<para>Neue Versionen auf Basis des Entwicklungszweiges 4-STABLE
werden vom &a.security-officer; im &uuml;blichen Rahmen
unterst&uuml;tzt werden, genauere Informationen dazu finden Sie
- auf der <ulink
- url="http://www.FreeBSD.org/security/index.html">Security
- page</ulink> auf der &os; Webseite. In der Regel werden die
+ auf der <link xlink:href="http://www.FreeBSD.org/security/index.html">Security
+ page</link> auf der &os; Webseite. In der Regel werden die
letzten beiden Versionen jedes Entwicklungszweiges durch die
Ver&ouml;ffentlichung von Sicherheitshinweisen und Patches
unterst&uuml;tzt; dem Team ist es allerdings freigestellt, diese
@@ -390,7 +382,7 @@
auszudehnen.</para>
</sect1>
- <sect1 id="upgrade">
+ <sect1 xml:id="upgrade">
<title>Hinweise f&uuml;r die Aktualisierung von &os; &release.4x;</title>
<para>Dieses Kapitel enth&auml;lt Hinweise f&uuml;r Anwender, die
@@ -498,7 +490,7 @@
<filename>/usr/include</filename> zu l&ouml;schen. Im
allgemeinen ist es ausreichend, dieses Verzeichnis vor der
Installation bzw. vor dem
- <maketarget>installworld</maketarget> zu entfernen. Wird das
+ <buildtarget>installworld</buildtarget> zu entfernen. Wird das
Verzeichnis nicht entfernt, kann es zu Problemen kommen
(speziell mit C++-Programmen), da der Compiler dann einen Mix
aus alten und neuen Headerdateien verwendet.</para>
@@ -527,7 +519,7 @@
</sect2>
</sect1>
- <sect1 id="summary">
+ <sect1 xml:id="summary">
<title>Zusammenfassung</title>
<para>&os; &release.current; enth&auml;lt zwar viele interessante
View
65 release/doc/de_DE.ISO8859-1/errata/article.xml
@@ -1,10 +1,9 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
]>
-
<!--
FreeBSD errata document. Unlike some of the other RELNOTESng
files, this file should remain as a single SGML file, so that
@@ -18,14 +17,13 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/errata/article.xml,v 1.39 2003/05/24 13:23:46 ue Exp $
basiert auf: 1.38
-->
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
+ <info><title>&os; &release; Errata</title>
-<article lang="de">
- <articleinfo>
-
- <title>&os; &release; Errata</title>
+
<authorgroup>
- <corpauthor>Das &os; Projekt</corpauthor>
+ <author><orgname>Das &os; Projekt</orgname></author>
</authorgroup>
<pubdate>$FreeBSD$</pubdate>
@@ -44,7 +42,6 @@
<year>2003</year>
<holder role="mailto:de-bsd-translators@de.FreeBSD.org">The FreeBSD German Documentation Project</holder>
</copyright>
- </articleinfo>
<abstract>
<para>Dieses Dokument enth&auml;lt die Errata f&uuml;r &os; &release;,
@@ -61,8 +58,9 @@
Erscheinen von &os; 5.1-RELEASE weiter aktualisiert
werden.</para>
</abstract>
+ </info>
- <sect1 id="intro">
+ <sect1 xml:id="intro">
<title>Einleitung</title>
<para>Diese Errata enthalten <quote>brandhei&szlig;e</quote>
@@ -78,7 +76,7 @@
CDROM) ist per Definition veraltet. Allerdings sind im Internet
aktualisierte Versionen verf&uuml;gbar, die die <quote>aktuellen
Errata</quote> f&uuml;r diese Version sind. Diese Versionen
- sind bei <ulink url="http://www.FreeBSD.org/releases/"></ulink>
+ sind bei <uri xlink:href="http://www.FreeBSD.org/releases/">http://www.FreeBSD.org/releases/</uri>
und allen aktuellen Mirrors dieser Webseite
verf&uuml;gbar.</para>
@@ -89,19 +87,17 @@
Dokumentes.</para>
<para>Die Liste der &os; CERT security advisories finden Sie bei
- <ulink url="http://www.FreeBSD.org/security/"></ulink> oder
- <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>
+ <uri xlink:href="http://www.FreeBSD.org/security/">http://www.FreeBSD.org/security/</uri> oder
+ <uri xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</uri>.</para>
</sect1>
- <sect1 id="security">
+ <sect1 xml:id="security">
<title>Sicherheitshinweise</title>
<para>Ein &uuml;ber das Netzwerk nutzbarer Fehler in
<application>CVS</application> k&ouml;nnte dazu f&uuml;hren,
da&szlig; ein Angreifer beliebige Programme auf dem CVS Server
- ausf&uuml;hren kann. Weitere Informationen finden Sie in <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:01.cvs.asc">FreeBSD-SA-03:01</ulink>.</para>
+ ausf&uuml;hren kann. Weitere Informationen finden Sie in <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:01.cvs.asc">FreeBSD-SA-03:01</link>.</para>
<para>Durch Auswertung der Antwortzeiten von
<application>OpenSSL</application> w&auml;re es einem Angreifer
@@ -113,8 +109,7 @@
den f&uuml;r Sicherheitsprobleme unterst&uuml;tzten
Entwicklungszweigen wurde der Fehler durch die neue
<application>OpenSSL</application> Version 0.9.6i behoben.
- Weitere Informationen finden Sie in <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:02.openssl.asc">FreeBSD-SA-03:02</ulink></para>
+ Weitere Informationen finden Sie in <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:02.openssl.asc">FreeBSD-SA-03:02</link></para>
<para>Es ist theoretisch m&ouml;glich, da&szlig; ein Angreifer den
geheimen Schl&uuml;ssel ermittelt, der von der Erweiterung
@@ -122,8 +117,7 @@
Effektivit&auml;t beim Schutz vor TCP SYN Flood
Denial-of-Service Angriffen. Hinweise, wie sie das Problem
umgehen k&ouml;nnen und weitere Informationen finden Sie in
- <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para>
+ <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</link>.</para>
<para>Durch diverse Puffer-&Uuml;berl&auml;ufe in den von
<application>sendmail</application> genutzten Routinen zum
@@ -132,26 +126,22 @@
und so beliebige Programme ausf&uuml;hren zu lassen. Diese
Programme verf&uuml;gten &uuml;ber die Rechte des Benutzers,
unter dessen Kennung &man.sendmail.8; lief, also typischerweise
- <username>root</username>. Weitere Informationen und Verweise
- auf Patches finden Sie in <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>
- und <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</ulink>.</para>
+ <systemitem class="username">root</systemitem>. Weitere Informationen und Verweise
+ auf Patches finden Sie in <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</link>
+ und <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</link>.</para>
<para>Durch einen Puffer-&Uuml;berlauf im XDR Kodierer/Dekodierer
war es einem Angreifer m&ouml;glich, den Service zum Absturz zu
bringen. Informationen, wie Sie den Fehler beheben, finden Sie
- in <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:05.xdr.asc">FreeBSD-SA-03:05</ulink>.</para>
+ in <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:05.xdr.asc">FreeBSD-SA-03:05</link>.</para>
<para><application>OpenSSL</application> enth&auml;lt zwei
Schwachstellen, die erst vor kurzer Zeit bekannt gemacht wurden.
Informationen, wie Sie die Probleme umgehen k&ouml;nnen und
- weitere Informationen finden Sie in <ulink
- url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:06.openssl.asc">FreeBSD-SA-03:06</ulink>.</para>
+ weitere Informationen finden Sie in <link xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:06.openssl.asc">FreeBSD-SA-03:06</link>.</para>
</sect1>
- <sect1 id="late-news">
+ <sect1 xml:id="late-news">
<title>Aktuelle Informationen</title>
<bridgehead renderas="sect3">GEOM</bridgehead>
@@ -294,11 +284,11 @@
<para>&os; &release.prev; enth&auml;lt einen kleinen Fehler im
Bereich der Berechtigungen von <filename>/dev/tty</filename>.
Dieser Fehler tritt auf, wenn sich ein Benutzer einloggt, der
- weder <username>root</username> noch Mitglied der Gruppe
- <groupname>tty</groupname> ist. Wechselt dieser Benutzer nun mit
+ weder <systemitem class="username">root</systemitem> noch Mitglied der Gruppe
+ <systemitem class="groupname">tty</systemitem> ist. Wechselt dieser Benutzer nun mit
&man.su.1; zu einer anderen Benutzerkennung, die ebenfalls
- weder <username>root</username> noch Mitglied der Gruppe
- <groupname>tty</groupname> ist, kann er &man.ssh.1; nicht
+ weder <systemitem class="username">root</systemitem> noch Mitglied der Gruppe
+ <systemitem class="groupname">tty</systemitem> ist, kann er &man.ssh.1; nicht
nutzen, da es <filename>/dev/tty</filename> nicht &ouml;ffnen
kann. Dieser Fehler wurde in &release.current; bereits
behoben.</para>
@@ -364,8 +354,7 @@
<para>Die &os; Mailinglisten werden jetzt mit Mailman und nicht
mehr mit Majordomo verwaltet. Weitere Informationen finden sie
- auf der <ulink
- url="http://www.FreeBSD.org/mailman/listinfo/">FreeBSD Mailman
- Info Page</ulink>.</para>
+ auf der <link xlink:href="http://www.FreeBSD.org/mailman/listinfo/">FreeBSD Mailman
+ Info Page</link>.</para>
</sect1>
</article>
View
8 release/doc/de_DE.ISO8859-1/hardware/alpha/article.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
<!ENTITY % sections SYSTEM "../common/hw.ent"> %sections;
@@ -10,14 +10,12 @@
<!ENTITY arch "alpha">
<!ENTITY arch.print "Alpha/AXP">
]>
-
<!--
$FreeBSD$
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/alpha/article.xml,v 1.5 2002/10/12 18:02:21 ue Exp $
basiert auf: 1.4
-->
-
-<article lang="de">
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
&artheader;
&sect.intro;
&sect.proc.alpha;
View
46 release/doc/de_DE.ISO8859-1/hardware/alpha/proc-alpha.xml
@@ -4,21 +4,14 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/alpha/proc-alpha.xml,v 1.35 2003/05/24 19:11:43 ue Exp $
basiert auf: 1.60
-->
-
-<sect1 id="support-proc">
- <sect1info>
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="support-proc">
+ <info><title>Unterst&uuml;tzte Prozessoren und Mainboards</title>
<authorgroup>
- <author>
- <firstname>Wilko</firstname>
-
- <surname>Bulte</surname>
-
- <contrib>Gepflegt von </contrib>
- </author>
+ <author><personname><firstname>Wilko</firstname><surname>Bulte</surname></personname><contrib>Gepflegt von </contrib></author>
</authorgroup>
- </sect1info>
+ </info>
- <title>Unterst&uuml;tzte Prozessoren und Mainboards</title>
+
<para>Wir freuen uns &uuml;ber Erg&auml;nzungen, Korrekturen und
konstruktive Kritik. Informationen &uuml;ber Fehlverhalten von
@@ -75,9 +68,8 @@
<para>Compaq stellt auf seinen Webseiten Informationen f&uuml;r
Linux-Entwickler bereit. Auch f&uuml;r &os; Anwender sind
diese durchaus n&uuml;tzlich. Werfen Sie einmal einen Blick
- auf <ulink
- url="http://www.support.compaq.com/alpha-tools/">Linux Alpha
- Power tools</ulink>.</para>
+ auf <link xlink:href="http://www.support.compaq.com/alpha-tools/">Linux Alpha
+ Power tools</link>.</para>
</note>
</sect2>
@@ -538,9 +530,8 @@
<quote>DIN</quote>-Variante sollte aber f&uuml;r &os;
ausreichend sein.</para>
- <para>Lesen Sie nach M&ouml;glichkeit das <ulink
- url="ftp://ftp.digital.com/pub/DEC/axppci/design_guide.ps">
- OEM manual</ulink>.</para>
+ <para>Lesen Sie nach M&ouml;glichkeit das <link xlink:href="ftp://ftp.digital.com/pub/DEC/axppci/design_guide.ps">
+ OEM manual</link>.</para>
<para>Die Konfigurationsdatei f&uuml;r den Kernel einer NoName
mu&szlig; die folgenden Zeilen enthalten:</para>
@@ -734,8 +725,7 @@ cpu EV4</programlisting>
mit voller Drehzahl (und Lautst&auml;rke) betrieben.
H&uuml;ten Sie sich vor PCI-Karten, die sehr viel Strom
brauchen. Falls Ihr System trotzdem sterben sollten,
- k&ouml;nnten Ihnen die Multia-Heat-Death Seiten auf der <ulink
- url="http://www.netbsd.org/">Website von NetBSD</ulink> bei
+ k&ouml;nnten Ihnen die Multia-Heat-Death Seiten auf der <link xlink:href="http://www.netbsd.org/">Website von NetBSD</link> bei
der Reparatur weiterhelfen.</para>
<para>Die Intel 82378ZB PCI to ISA Bridge erm&ouml;glicht es,
@@ -779,11 +769,10 @@ cpu EV4</programlisting>
<programlisting>options DEC_AXPPCI_33
cpu EV4</programlisting>
- <para>Wichtige Informationen zur Multia finden Sie unter <ulink
- url="http://www.netbsd.org/Ports/alpha/multiafaq.html">
- http://www.netbsd.org/Ports/alpha/multiafaq.html</ulink> und
- <ulink url="http://www.brouhaha.com/~eric/computers/udb.html">
- http://www.brouhaha.com/~eric/computers/udb.html</ulink>.</para>
+ <para>Wichtige Informationen zur Multia finden Sie unter <link xlink:href="http://www.netbsd.org/Ports/alpha/multiafaq.html">
+ http://www.netbsd.org/Ports/alpha/multiafaq.html</link> und
+ <link xlink:href="http://www.brouhaha.com/~eric/computers/udb.html">
+ http://www.brouhaha.com/~eric/computers/udb.html</link>.</para>
</sect3>
<sect3>
@@ -959,7 +948,7 @@ cpu EV4</programlisting>
<para>Der vollst&auml;ndige Befehl lautet:</para>
- <screen><prompt>&gt;&gt;&gt;</prompt> <userinput>SET PCI_DEVICE_OVERRIDE <replaceable>&lt;vendor_id&gt;</replaceable><replaceable>&lt;device_id&gt;</replaceable></userinput></screen>
+ <screen><prompt>&gt;&gt;&gt;</prompt> <userinput>SET PCI_DEVICE_OVERRIDE &lt;vendor_id&gt;&lt;device_id&gt;</userinput></screen>
<para>Zum Beispiel:</para>
@@ -1078,8 +1067,7 @@ device sbc</programlisting>
<para>sollten Sie die SRM Firmware auf V7.2-1 (oder neuer)
aktualisieren. Diese Version erschien zuerst auf der
<quote>Firmware Update CD V5.7</quote>, ist aber auch auf
- <ulink
- url="http://www.compaq.com/">http://www.compaq.com/</ulink>
+ <link xlink:href="http://www.compaq.com/">http://www.compaq.com/</link>
erh&auml;ltlich. Damit wird dieser Fehler des SRM sowohl bei
der Miata MX5 als auch bei der Miata GL behoben.</para>
@@ -3771,7 +3759,7 @@ cpu EV5</programlisting>
<para>Um dieses Dokument zusammenzustellen, wurden viele Quellen
genutzt; aber die wichtigste und wertvollste Quelle waren die
- <ulink url="http://www.netbsd.org/">NetBSD Webseiten</ulink>.
+ <link xlink:href="http://www.netbsd.org/">NetBSD Webseiten</link>.
Ohne NetBSD/alpha g&auml;be es kein &os;/alpha.</para>
<para>Die folgenden Personen haben mich bei der Arbeit an diesem
View
17 release/doc/de_DE.ISO8859-1/hardware/common/artheader.xml
@@ -3,11 +3,10 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/common/artheader.xml,v 1.4 2003/01/09 12:14:47 ue Exp $
basiert auf: 1.4
-->
+<info xmlns="http://docbook.org/ns/docbook" version="5.0"><title>&os;/&arch; &release.current; Hardware Information</title>
+
-<articleinfo>
- <title>&os;/&arch; &release.current; Hardware Information</title>
-
- <corpauthor>The FreeBSD German Documentation Project</corpauthor>
+ <author><orgname>The FreeBSD German Documentation Project</orgname></author>
<copyright>
<year>2000</year>
@@ -30,4 +29,12 @@
<holder role="mailto:de-bsd-translators@de.FreeBSD.org">The
FreeBSD German Documentation Project</holder>
</copyright>
-</articleinfo>
+
+<abstract xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
+ <para>Dieser Artikel enth&auml;lt eine kurze Anleitung f&uuml;r die
+ Installation von &os;/&arch; &release.current;, dabei wird
+ besonderen Wert auf den Bezug einer &os; gelegt. Au&szlig;erdem
+ enth&auml;lt er einige Tips zur Fehlersuche sowie Antworten zu
+ einigen h&auml;ufig gestellten Fragen.</para>
+</abstract>
+</info>
View
30 release/doc/de_DE.ISO8859-1/hardware/common/dev.xml
@@ -32,13 +32,12 @@
this file to fix "missed" conversions are likely to break the
build.
-->
-
-<sect1 id="support">
- <sect1info>
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="support">
+ <info><title>Unterst&uuml;tzte Ger&auml;te</title>
<pubdate>$FreeBSD$</pubdate>
- </sect1info>
+ </info>
- <title>Unterst&uuml;tzte Ger&auml;te</title>
+
<para>Dieses Kapitel enth&auml;lt alle Ger&auml;te, die auf jeden
Fall von &os; auf &arch; Systemen unterst&uuml;tzt werden. Andere
@@ -1112,7 +1111,7 @@
</para>
</sect2>
- <sect2 id="ethernet">
+ <sect2 xml:id="ethernet">
<title>Netzwerkkarten</title>
<para arch="i386,pc98,alpha">Adaptec Duralink PCI Fast Ethernet
@@ -3710,7 +3709,7 @@
(&man.meteor.4; Treiber)</para>
</sect2>
- <sect2 id="usb">
+ <sect2 xml:id="usb">
<title>USB Ger&auml;te</title>
<para arch="alpha,i386,pc98">&os; unterst&uuml;tzt viele verschiedene Arten von
@@ -3724,8 +3723,7 @@
<note arch="alpha,i386,pc98">
<para>USB Netzwerkkarten finden Sie in einem eigenen Abschnitt
- im Kapitel <link
- linkend="ethernet">Netzwerkkarten</link>.</para>
+ im Kapitel <link linkend="ethernet">Netzwerkkarten</link>.</para>
</note>
<note arch="alpha,i386,pc98">
@@ -4227,7 +4225,7 @@
</para>
</sect2>
- <sect2 id="firewire">
+ <sect2 xml:id="firewire">
<title>IEEE 1394 (Firewire) Ger&auml;te</title>
<para arch="i386,sparc64">Host Controller (&man.fwohci.4;
@@ -4269,7 +4267,7 @@
</para>
</sect2>
- <sect2 id="bluetooth">
+ <sect2 xml:id="bluetooth">
<title>Bluetooth Ger&auml;te</title>
<para arch="i386,pc98">PCCARD Host Kontroller (&man.ng.bt3c.4;
@@ -4371,8 +4369,7 @@
<note>
<para>Informationen &uuml;ber spezielle Grafikkarten und ihre
Kompatibilit&auml;t mit <application>XFree86</application>
- k&ouml;nnen Sie bei <ulink
- url="http://www.xfree86.org/"></ulink> finden.</para>
+ k&ouml;nnen Sie bei <uri xlink:href="http://www.xfree86.org/">http://www.xfree86.org/</uri> finden.</para>
</note>
</para>
@@ -4429,8 +4426,7 @@
<para>In &man.moused.8; finden Sie weitere Informationen zur
Nutzung von M&auml;usen in &os;. Informationen &uuml;ber
die Nutzung von M&auml;usen in
- <application>XFree86</application> erhalten Sie bei <ulink
- url="http://www.xfree86.org/"></ulink>.</para>
+ <application>XFree86</application> erhalten Sie bei <uri xlink:href="http://www.xfree86.org/">http://www.xfree86.org/</uri>.</para>
</note>
</para>
@@ -4463,8 +4459,8 @@
</para>
<para arch="i386">Karten auf Basis des Xilinx XC6200, die mit dem
- HOT1 von <ulink url="http://www.vcc.com/">Virtual
- Computers</ulink> kompatibel sind (xrpu Treiber).</para>
+ HOT1 von <link xlink:href="http://www.vcc.com/">Virtual
+ Computers</link> kompatibel sind (xrpu Treiber).</para>
<para arch="pc98">Power Management Controller im NEC PC-98 Note
(pmc Treiber)</para>
View
8 release/doc/de_DE.ISO8859-1/hardware/common/intro.xml
@@ -3,8 +3,7 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/common/intro.xml,v 1.6 2003/05/24 21:35:15 ue Exp $
basiert auf: 1.6
-->
-
-<sect1 id="intro">
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="intro">
<title>Einf&uuml;hrung</title>
<para>Dieses Dokument enth&auml;lt die Liste der unterst&uuml;tzen
@@ -24,7 +23,6 @@
</note>
<para arch="ia64">Weitergehende Informationen &uuml;ber &os;/&arch;
- finden Sie auf den Webseiten des <ulink
- url="http://www.FreeBSD.org/platforms/ia64/index.html">&os;/&arch;
- Project</ulink>.</para>
+ finden Sie auf den Webseiten des <link xlink:href="http://www.FreeBSD.org/platforms/ia64/index.html">&os;/&arch;
+ Project</link>.</para>
</sect1>
View
8 release/doc/de_DE.ISO8859-1/hardware/i386/article.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
<!ENTITY % sections SYSTEM "../common/hw.ent"> %sections;
@@ -10,14 +10,12 @@
<!ENTITY arch "i386">
<!ENTITY arch.print "i386">
]>
-
<!--
$FreeBSD$
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/i386/article.xml,v 1.5 2002/12/07 21:09:09 ue Exp $
basiert auf: 1.4
-->
-
-<article lang="de">
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
&artheader;
&sect.intro;
&sect.proc.i386;
View
9 release/doc/de_DE.ISO8859-1/hardware/i386/proc-i386.xml
@@ -3,8 +3,7 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/i386/proc-i386.xml,v 1.13 2003/05/24 21:49:22 ue Exp $
basiert auf: 1.11
-->
-
-<sect1 id="proc">
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="proc">
<title>Unterst&uuml;tzte Prozessoren und Mainboards</title>
<para>&os;/i386 kann auf vielen <quote>IBM PC kompatiblen</quote>
@@ -107,10 +106,8 @@
Descriptor Table (DSDT), die vom BIOS bereitgestellt wird. Einige
Systemen haben fehlerhafte oder unvollst&auml;ndige DSDTs, daher
kann ACPI auf diesen Maschinen nicht korrekt funktionieren.
- Korrigierte DSDTs f&uuml;r einige Maschinen sind im Bereich <ulink
- url="http://acpi.sourceforge.net/dsdt/index.php">DSDT</ulink> der
- Webseiten des <ulink
- url="http://acpi.sourceforge.net/">ACPI4Linux</ulink> Projekts
+ Korrigierte DSDTs f&uuml;r einige Maschinen sind im Bereich <link xlink:href="http://acpi.sourceforge.net/dsdt/index.php">DSDT</link> der
+ Webseiten des <link xlink:href="http://acpi.sourceforge.net/">ACPI4Linux</link> Projekts
verf&uuml;gbar. &os; kann diese DSDTs an Stelle der vom BIOS
bereitgestellten DSDT nutzen, weitere Informationen dazu finden
Sie in der Onlinehilfe zu &man.acpi.4;</para>
View
18 release/doc/de_DE.ISO8859-1/hardware/ia64/article.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
<!ENTITY % sections SYSTEM "../common/hw.ent"> %sections;
@@ -10,25 +10,13 @@
<!ENTITY arch "ia64">
<!ENTITY arch.print "IA-64">
]>
-
<!--
$FreeBSD$
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/ia64/article.xml,v 1.6 2003/05/24 21:52:46 ue Exp $
basiert auf: 1.3
-->
-
-<article lang="de">
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
&artheader;
-
- <abstract>
- <para>Dieses Dokument befindet sich noch in einem sehr fr&uuml;hen
- Stadium. Die Angaben sind unvollst&auml;ndig und m&uuml;ssen
- dringend erweitert werden. Wenn Sie Informationen &uuml;ber
- &os; &arch.print; Prozessoren, Mainboards und andere Ger&auml;te
- haben, die mit &os; funktionieren, senden Sie sie bitte an die
- &a.ia64; Mailingliste.</para>
- </abstract>
-
&sect.intro;
&sect.proc.ia64;
&sect.dev;
View
15 release/doc/de_DE.ISO8859-1/hardware/ia64/proc-ia64.xml
@@ -3,22 +3,19 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/ia64/proc-ia64.xml,v 1.5 2003/05/24 22:16:24 ue Exp $
basiert auf: 1.7
-->
-<sect1 id="proc-ia64">
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="proc-ia64">
<title>Unterst&uuml;tzte Prozessoren und Mainboards</title>
- <para>Zur Zeit werden die <ulink
- url="http://www.intel.com/design/itanium/itanium/index.htm">Itanium</ulink>
- und <ulink
- url="http://www.intel.com/design/itanium2/index.htm">Itanium
- 2</ulink> Prozessoren unterst&uuml;tzt. Die folgenden
+ <para>Zur Zeit werden die <link xlink:href="http://www.intel.com/design/itanium/itanium/index.htm">Itanium</link>
+ und <link xlink:href="http://www.intel.com/design/itanium2/index.htm">Itanium
+ 2</link> Prozessoren unterst&uuml;tzt. Die folgenden
Mainboard-Chips&auml;tze werden unterst&uuml;tzt:</para>
<itemizedlist>
<listitem>
<para>HP zx1 (nur auf dem Entwicklungszweig, weitere
- Informationen finden Sie im <ulink
- url="http://perforce.freebsd.org/">Perforce
- repository</ulink>) </para>
+ Informationen finden Sie im <link xlink:href="http://perforce.freebsd.org/">Perforce
+ repository</link>) </para>
</listitem>
<listitem>
View
8 release/doc/de_DE.ISO8859-1/hardware/pc98/article.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
<!ENTITY % sections SYSTEM "../common/hw.ent"> %sections;
@@ -10,14 +10,12 @@
<!ENTITY arch "pc98">
<!ENTITY arch.print "NEC PC-98x1">
]>
-
<!--
$FreeBSD$
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/pc98/article.xml,v 1.2 2002/10/12 18:02:22 ue Exp $
basiert auf: 1.1
-->
-
-<article lang="de">
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
&artheader;
&sect.intro;
&sect.proc.pc98;
View
3  release/doc/de_DE.ISO8859-1/hardware/pc98/proc-pc98.xml
@@ -3,8 +3,7 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/pc98/proc-pc98.xml,v 1.3 2003/01/13 20:30:49 ue Exp $
basiert auf: 1.4
-->
-
-<sect1 id="support-sys">
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="support-sys">
<title>Unterst&uuml;tzte Systeme</title>
<para>NEC PC-9801/9821 Systeme mit fast allen i386-kompatiblen
View
8 release/doc/de_DE.ISO8859-1/hardware/sparc64/article.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd" [
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
<!ENTITY % sections SYSTEM "../common/hw.ent"> %sections;
@@ -10,14 +10,12 @@
<!ENTITY arch "sparc64">
<!ENTITY arch.print "UltraSPARC">
]>
-
<!--
$FreeBSD$
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/sparc64/article.xml,v 1.7 2003/01/09 12:46:28 ue Exp $
basiert auf: 1.3
-->
-
-<article lang="de">
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="de">
&artheader;
&sect.intro;
&sect.proc.sparc64;
View
19 release/doc/de_DE.ISO8859-1/hardware/sparc64/dev-sparc64.xml
@@ -3,13 +3,12 @@
$Id: dev-sparc64.xml,v 1.4 2002/03/10 15:37:16 ue Exp $
basiert auf: 1.3
-->
-
-<sect1 id="support-dev">
- <sect1info>
+<sect1 xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="support-dev">
+ <info><title>Unterst&uuml;tzte Ger&auml;te</title>
<pubdate>$FreeBSD$</pubdate>
- </sect1info>
+ </info>
- <title>Unterst&uuml;tzte Ger&auml;te</title>
+
<para>Dieses Kapitel enth&auml;lt alle Ger&auml;te, die auf jeden
Fall von &os; auf &arch; Systemen unterst&uuml;tzt werden. Andere
@@ -50,13 +49,13 @@
</listitem>
<listitem>
- <para>&man.ata.4;, <devicename>atadisk</devicename>,
- <devicename>atapicd</devicename> (allerdings weder atapift
+ <para>&man.ata.4;, <filename>atadisk</filename>,
+ <filename>atapicd</filename> (allerdings weder atapift
noch atapist)</para>
</listitem>
<listitem>
- <para><devicename>gem</devicename> (Sun GEM/ERI Ethernet, ist
+ <para><filename>gem</filename> (Sun GEM/ERI Ethernet, ist
in der Blade 100 eingebaut)</para>
</listitem>
@@ -150,7 +149,7 @@
<listitem>
<para>Graphikkarten/Bildschirmspeicher, Tastatur (au&szlig;er
der indirekten Unterst&uuml;tzung im Textmodus durch den
- <devicename>ofw_console</devicename> Treiber)</para>
+ <filename>ofw_console</filename> Treiber)</para>
</listitem>
<listitem>
@@ -164,7 +163,7 @@
<listitem>
<para>serielle Tastaturen (au&szlig;er der indirekten
Unterst&uuml;tzung durch den
- <devicename>ofw_console</devicename> Treiber)</para>
+ <filename>ofw_console</filename> Treiber)</para>
</listitem>
<listitem>
View
7 release/doc/de_DE.ISO8859-1/hardware/sparc64/proc-sparc64.xml
@@ -3,15 +3,14 @@
$FreeBSDde: de-docproj/relnotes/de_DE.ISO8859-1/hardware/sparc64/proc-sparc64.xml,v 1.10 2003/02/08 07:43:14 ue Exp $
basiert auf: 1.11