Permalink
Browse files

Merge branch 'stable/10' of https://github.com/freebsd/freebsd into s…

…table/10
  • Loading branch information...
2 parents 9f52f85 + 8964c3a commit 668303842dc94c2ed2f59ad29b29d083760ea807 @kmoore134 kmoore134 committed Nov 8, 2013
Showing with 2,531 additions and 2,441 deletions.
  1. +2 −2 etc/pkg/FreeBSD.conf
  2. +9 −10 lib/libc/capability/Makefile.inc
  3. +241 −0 lib/libc/capability/cap_rights_init.3
  4. +1 −0 lib/libc/gen/Makefile.inc
  5. +119 −0 lib/libc/gen/cap_rights_get.3
  6. +3 −3 lib/libc/sys/cap_ioctls_limit.2
  7. +54 −516 lib/libc/sys/cap_rights_limit.2
  8. +26 −34 release/doc/de_DE.ISO8859-1/early-adopter/article.xml
  9. +27 −38 release/doc/de_DE.ISO8859-1/errata/article.xml
  10. +3 −5 release/doc/de_DE.ISO8859-1/hardware/alpha/article.xml
  11. +17 −29 release/doc/de_DE.ISO8859-1/hardware/alpha/proc-alpha.xml
  12. +12 −5 release/doc/de_DE.ISO8859-1/hardware/common/artheader.xml
  13. +13 −17 release/doc/de_DE.ISO8859-1/hardware/common/dev.xml
  14. +3 −5 release/doc/de_DE.ISO8859-1/hardware/common/intro.xml
  15. +3 −5 release/doc/de_DE.ISO8859-1/hardware/i386/article.xml
  16. +3 −6 release/doc/de_DE.ISO8859-1/hardware/i386/proc-i386.xml
  17. +3 −15 release/doc/de_DE.ISO8859-1/hardware/ia64/article.xml
  18. +6 −9 release/doc/de_DE.ISO8859-1/hardware/ia64/proc-ia64.xml
  19. +3 −5 release/doc/de_DE.ISO8859-1/hardware/pc98/article.xml
  20. +1 −2 release/doc/de_DE.ISO8859-1/hardware/pc98/proc-pc98.xml
  21. +3 −5 release/doc/de_DE.ISO8859-1/hardware/sparc64/article.xml
  22. +9 −10 release/doc/de_DE.ISO8859-1/hardware/sparc64/dev-sparc64.xml
  23. +3 −4 release/doc/de_DE.ISO8859-1/hardware/sparc64/proc-sparc64.xml
  24. +0 −1 release/doc/de_DE.ISO8859-1/installation/alpha/Makefile
  25. +3 −6 release/doc/de_DE.ISO8859-1/installation/alpha/article.xml
  26. +1 −2 release/doc/de_DE.ISO8859-1/installation/common/abstract.xml
  27. +13 −6 release/doc/de_DE.ISO8859-1/installation/common/artheader.xml
  28. +0 −1 release/doc/de_DE.ISO8859-1/installation/common/install.ent
  29. +54 −76 release/doc/de_DE.ISO8859-1/installation/common/install.xml
  30. +3 −5 release/doc/de_DE.ISO8859-1/installation/common/layout.xml
  31. +6 −6 release/doc/de_DE.ISO8859-1/installation/common/trouble.xml
  32. +4 −5 release/doc/de_DE.ISO8859-1/installation/common/upgrade.xml
  33. +0 −1 release/doc/de_DE.ISO8859-1/installation/i386/Makefile
  34. +3 −6 release/doc/de_DE.ISO8859-1/installation/i386/article.xml
  35. +0 −1 release/doc/de_DE.ISO8859-1/installation/ia64/Makefile
  36. +3 −6 release/doc/de_DE.ISO8859-1/installation/ia64/article.xml
  37. +0 −1 release/doc/de_DE.ISO8859-1/installation/pc98/Makefile
  38. +3 −6 release/doc/de_DE.ISO8859-1/installation/pc98/article.xml
  39. +3 −6 release/doc/de_DE.ISO8859-1/installation/sparc64/article.xml
  40. +23 −23 release/doc/de_DE.ISO8859-1/installation/sparc64/install.xml
  41. +36 −53 release/doc/de_DE.ISO8859-1/readme/article.xml
  42. +3 −5 release/doc/de_DE.ISO8859-1/relnotes/alpha/article.xml
  43. +42 −55 release/doc/de_DE.ISO8859-1/relnotes/common/new.xml
  44. +3 −6 release/doc/de_DE.ISO8859-1/relnotes/i386/article.xml
  45. +3 −4 release/doc/de_DE.ISO8859-1/relnotes/ia64/article.xml
  46. +3 −6 release/doc/de_DE.ISO8859-1/relnotes/pc98/article.xml
  47. +3 −5 release/doc/de_DE.ISO8859-1/relnotes/sparc64/article.xml
  48. +15 −20 release/doc/en_US.ISO8859-1/errata/article.xml
  49. +45 −54 release/doc/en_US.ISO8859-1/hardware/article.xml
  50. +47 −62 release/doc/en_US.ISO8859-1/readme/article.xml
  51. +37 −41 release/doc/en_US.ISO8859-1/relnotes/article.xml
  52. +14 −19 release/doc/fr_FR.ISO8859-1/early-adopter/article.xml
  53. +13 −18 release/doc/fr_FR.ISO8859-1/errata/article.xml
  54. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/alpha/article.xml
  55. +20 −30 release/doc/fr_FR.ISO8859-1/hardware/alpha/proc-alpha.xml
  56. +4 −6 release/doc/fr_FR.ISO8859-1/hardware/common/artheader.xml
  57. +13 −18 release/doc/fr_FR.ISO8859-1/hardware/common/dev.xml
  58. +1 −2 release/doc/fr_FR.ISO8859-1/hardware/common/intro.xml
  59. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/i386/article.xml
  60. +1 −1 release/doc/fr_FR.ISO8859-1/hardware/i386/proc-i386.xml
  61. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/ia64/article.xml
  62. +1 −1 release/doc/fr_FR.ISO8859-1/hardware/ia64/proc-ia64.xml
  63. +3 −5 release/doc/fr_FR.ISO8859-1/hardware/pc98/article.xml
  64. +1 −1 release/doc/fr_FR.ISO8859-1/hardware/pc98/proc-pc98.xml
  65. +6 −8 release/doc/fr_FR.ISO8859-1/hardware/sparc64/article.xml
  66. +9 −9 release/doc/fr_FR.ISO8859-1/hardware/sparc64/dev-sparc64.xml
  67. +8 −8 release/doc/fr_FR.ISO8859-1/hardware/sparc64/proc-sparc64.xml
  68. +0 −1 release/doc/fr_FR.ISO8859-1/installation/alpha/Makefile
  69. +3 −6 release/doc/fr_FR.ISO8859-1/installation/alpha/article.xml
  70. +0 −17 release/doc/fr_FR.ISO8859-1/installation/common/abstract.xml
  71. +13 −7 release/doc/fr_FR.ISO8859-1/installation/common/artheader.xml
  72. +0 −1 release/doc/fr_FR.ISO8859-1/installation/common/install.ent
  73. +44 −61 release/doc/fr_FR.ISO8859-1/installation/common/install.xml
  74. +3 −5 release/doc/fr_FR.ISO8859-1/installation/common/layout.xml
  75. +7 −7 release/doc/fr_FR.ISO8859-1/installation/common/trouble.xml
  76. +5 −6 release/doc/fr_FR.ISO8859-1/installation/common/upgrade.xml
  77. +0 −1 release/doc/fr_FR.ISO8859-1/installation/i386/Makefile
  78. +3 −6 release/doc/fr_FR.ISO8859-1/installation/i386/article.xml
  79. +0 −1 release/doc/fr_FR.ISO8859-1/installation/pc98/Makefile
  80. +3 −6 release/doc/fr_FR.ISO8859-1/installation/pc98/article.xml
  81. +3 −12 release/doc/fr_FR.ISO8859-1/installation/sparc64/article.xml
  82. +34 −48 release/doc/fr_FR.ISO8859-1/installation/sparc64/install.xml
  83. +3 −5 release/doc/fr_FR.ISO8859-1/relnotes/alpha/article.xml
  84. +61 −66 release/doc/fr_FR.ISO8859-1/relnotes/common/new.xml
  85. +3 −5 release/doc/fr_FR.ISO8859-1/relnotes/i386/article.xml
  86. +15 −18 release/doc/ja_JP.eucJP/errata/article.xml
  87. +3 −5 release/doc/ja_JP.eucJP/hardware/alpha/article.xml
  88. +3 −5 release/doc/ja_JP.eucJP/hardware/amd64/article.xml
  89. +1 −2 release/doc/ja_JP.eucJP/hardware/amd64/proc-amd64.xml
  90. +12 −5 release/doc/ja_JP.eucJP/hardware/common/artheader.xml
  91. +24 −27 release/doc/ja_JP.eucJP/hardware/common/dev.xml
  92. +3 −4 release/doc/ja_JP.eucJP/hardware/common/intro.xml
  93. +3 −5 release/doc/ja_JP.eucJP/hardware/i386/article.xml
  94. +3 −4 release/doc/ja_JP.eucJP/hardware/i386/proc-i386.xml
  95. +3 −14 release/doc/ja_JP.eucJP/hardware/ia64/article.xml
  96. +4 −4 release/doc/ja_JP.eucJP/hardware/ia64/proc-ia64.xml
  97. +3 −5 release/doc/ja_JP.eucJP/hardware/pc98/article.xml
  98. +1 −1 release/doc/ja_JP.eucJP/hardware/pc98/proc-pc98.xml
  99. +3 −5 release/doc/ja_JP.eucJP/hardware/sparc64/article.xml
  100. +2 −2 release/doc/ja_JP.eucJP/hardware/sparc64/proc-sparc64.xml
  101. +3 −5 release/doc/ja_JP.eucJP/relnotes/alpha/article.xml
  102. +3 −5 release/doc/ja_JP.eucJP/relnotes/amd64/article.xml
  103. +52 −54 release/doc/ja_JP.eucJP/relnotes/common/new.xml
  104. +3 −5 release/doc/ja_JP.eucJP/relnotes/i386/article.xml
  105. +3 −5 release/doc/ja_JP.eucJP/relnotes/ia64/article.xml
  106. +3 −5 release/doc/ja_JP.eucJP/relnotes/pc98/article.xml
  107. +3 −5 release/doc/ja_JP.eucJP/relnotes/sparc64/article.xml
  108. +1 −7 release/doc/ja_JP.eucJP/share/xml/catalog.xml
  109. +15 −20 release/doc/ru_RU.KOI8-R/errata/article.xml
  110. +3 −5 release/doc/ru_RU.KOI8-R/hardware/alpha/article.xml
  111. +3 −5 release/doc/ru_RU.KOI8-R/hardware/amd64/article.xml
  112. +1 −2 release/doc/ru_RU.KOI8-R/hardware/amd64/proc-amd64.xml
  113. +12 −5 release/doc/ru_RU.KOI8-R/hardware/common/artheader.xml
  114. +26 −31 release/doc/ru_RU.KOI8-R/hardware/common/dev.xml
  115. +3 −4 release/doc/ru_RU.KOI8-R/hardware/common/intro.xml
  116. +3 −5 release/doc/ru_RU.KOI8-R/hardware/i386/article.xml
  117. +3 −6 release/doc/ru_RU.KOI8-R/hardware/i386/proc-i386.xml
  118. +3 −12 release/doc/ru_RU.KOI8-R/hardware/ia64/article.xml
  119. +4 −5 release/doc/ru_RU.KOI8-R/hardware/ia64/proc-ia64.xml
  120. +3 −5 release/doc/ru_RU.KOI8-R/hardware/pc98/article.xml
  121. +1 −2 release/doc/ru_RU.KOI8-R/hardware/pc98/proc-pc98.xml
  122. +3 −5 release/doc/ru_RU.KOI8-R/hardware/sparc64/article.xml
  123. +3 −5 release/doc/ru_RU.KOI8-R/hardware/sparc64/proc-sparc64.xml
  124. +0 −1 release/doc/ru_RU.KOI8-R/installation/alpha/Makefile
  125. +3 −6 release/doc/ru_RU.KOI8-R/installation/alpha/article.xml
  126. +0 −1 release/doc/ru_RU.KOI8-R/installation/amd64/Makefile
  127. +3 −6 release/doc/ru_RU.KOI8-R/installation/amd64/article.xml
  128. +0 −17 release/doc/ru_RU.KOI8-R/installation/common/abstract.xml
  129. +13 −6 release/doc/ru_RU.KOI8-R/installation/common/artheader.xml
  130. +0 −1 release/doc/ru_RU.KOI8-R/installation/common/install.ent
  131. +64 −80 release/doc/ru_RU.KOI8-R/installation/common/install.xml
  132. +3 −4 release/doc/ru_RU.KOI8-R/installation/common/layout.xml
  133. +7 −7 release/doc/ru_RU.KOI8-R/installation/common/trouble.xml
  134. +4 −5 release/doc/ru_RU.KOI8-R/installation/common/upgrade.xml
  135. +0 −1 release/doc/ru_RU.KOI8-R/installation/i386/Makefile
  136. +3 −6 release/doc/ru_RU.KOI8-R/installation/i386/article.xml
  137. +0 −1 release/doc/ru_RU.KOI8-R/installation/ia64/Makefile
  138. +3 −6 release/doc/ru_RU.KOI8-R/installation/ia64/article.xml
  139. +0 −1 release/doc/ru_RU.KOI8-R/installation/pc98/Makefile
  140. +3 −6 release/doc/ru_RU.KOI8-R/installation/pc98/article.xml
  141. +0 −1 release/doc/ru_RU.KOI8-R/installation/sparc64/Makefile
  142. +3 −6 release/doc/ru_RU.KOI8-R/installation/sparc64/article.xml
  143. +47 −64 release/doc/ru_RU.KOI8-R/readme/article.xml
  144. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/alpha/article.xml
  145. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/amd64/article.xml
  146. +64 −71 release/doc/ru_RU.KOI8-R/relnotes/common/new.xml
  147. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/i386/article.xml
  148. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/ia64/article.xml
  149. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/pc98/article.xml
  150. +3 −5 release/doc/ru_RU.KOI8-R/relnotes/sparc64/article.xml
  151. +1 −7 release/doc/ru_RU.KOI8-R/share/xml/catalog.xml
  152. +8 −8 release/doc/share/misc/man2hwnotes.pl
  153. +2 −10 release/doc/share/xml/catalog.xml
  154. +15 −20 release/doc/zh_CN.GB2312/errata/article.xml
  155. +45 −51 release/doc/zh_CN.GB2312/hardware/article.xml
  156. +45 −62 release/doc/zh_CN.GB2312/readme/article.xml
  157. +37 −39 release/doc/zh_CN.GB2312/relnotes/article.xml
  158. +4 −0 release/release.sh
  159. +1 −0 share/man/man4/Makefile
  160. +11 −5 share/man/man4/capsicum.4
  161. +674 −0 share/man/man4/rights.4
  162. +2 −2 usr.sbin/pkg/pkg.7
@@ -1,8 +1,8 @@
# $FreeBSD$
FreeBSD: {
- url: "pkg+http://pkg.freebsd.org/${ABI}/latest",
+ url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
mirror_type: "srv",
- signature_type: "none",
+ signature_type: "fingerprints",
fingerprints: "/usr/share/keys/pkg",
enabled: "yes"
}
@@ -1,19 +1,18 @@
# $FreeBSD$
# capability sources
-.PATH: ${.CURDIR}/../../sys/kern
+.PATH: ${.CURDIR}/../../sys/kern ${.CURDIR}/capability
SRCS+= subr_capability.c
SYM_MAPS+= ${.CURDIR}/capability/Symbol.map
-#MAN+= cap_rights_init.3
-
-#MLINKS+=cap_rights_init.3 cap_rights_set.3
-#MLINKS+=cap_rights_init.3 cap_rights_clear.3
-#MLINKS+=cap_rights_init.3 cap_rights_is_set.3
-#MLINKS+=cap_rights_init.3 cap_rights_is_valid.3
-#MLINKS+=cap_rights_init.3 cap_rights_merge.3
-#MLINKS+=cap_rights_init.3 cap_rights_remove.3
-#MLINKS+=cap_rights_init.3 cap_rights_contains.3
+MAN+= cap_rights_init.3
+MLINKS+=cap_rights_init.3 cap_rights_set.3
+MLINKS+=cap_rights_init.3 cap_rights_clear.3
+MLINKS+=cap_rights_init.3 cap_rights_is_set.3
+MLINKS+=cap_rights_init.3 cap_rights_is_valid.3
+MLINKS+=cap_rights_init.3 cap_rights_merge.3
+MLINKS+=cap_rights_init.3 cap_rights_remove.3
+MLINKS+=cap_rights_init.3 cap_rights_contains.3
@@ -0,0 +1,241 @@
+.\"
+.\" Copyright (c) 2013 The FreeBSD Foundation
+.\" All rights reserved.
+.\"
+.\" This documentation was written by Pawel Jakub Dawidek under sponsorship
+.\" from the FreeBSD Foundation.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd September 23, 2013
+.Dt CAP_RIGHTS_INIT 3
+.Os
+.Sh NAME
+.Nm cap_rights_init ,
+.Nm cap_rights_set ,
+.Nm cap_rights_clear ,
+.Nm cap_rights_is_set ,
+.Nm cap_rights_is_valid ,
+.Nm cap_rights_merge ,
+.Nm cap_rights_remove ,
+.Nm cap_rights_contains
+.Nd manage cap_rights_t structure
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/capability.h
+.Ft cap_rights_t *
+.Fn cap_rights_init "cap_rights_t *rights" "..."
+.Ft cap_rights_t *
+.Fn cap_rights_set "cap_rights_t *rights" "..."
+.Ft cap_rights_t *
+.Fn cap_rights_clear "cap_rights_t *rights" "..."
+.Ft bool
+.Fn cap_rights_is_set "const cap_rights_t *rights" "..."
+.Ft bool
+.Fn cap_rights_is_valid "const cap_rights_t *rights"
+.Ft cap_rights_t *
+.Fn cap_rights_merge "cap_rights_t *dst" "const cap_rights_t *src"
+.Ft cap_rights_t *
+.Fn cap_rights_remove "cap_rights_t *dst" "const cap_rights_t *src"
+.Ft bool
+.Fn cap_rights_contains "const cap_rights_t *big" "const cap_rights_t *little"
+.Sh DESCRIPTION
+The functions documented here allow to manage the
+.Vt cap_rights_t
+structure.
+.Pp
+Capability rights should be separated with comma when passed to the
+.Fn cap_rights_init ,
+.Fn cap_rights_set ,
+.Fn cap_rights_clear
+and
+.Fn cap_rights_is_set
+functions.
+For example:
+.Bd -literal
+cap_rights_set(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT, CAP_SEEK);
+.Ed
+.Pp
+The complete list of the capability rights can be found in the
+.Xr rights 4
+manual page.
+.Pp
+The
+.Fn cap_rights_init
+function initialize provided
+.Vt cap_rights_t
+structure.
+Only properly initialized structure can be passed to the remaining functions.
+For convenience the structure can be filled with capability rights instead of
+calling the
+.Fn cap_rights_set
+function later.
+For even more convenience pointer to the given structure is returned, so it can
+be directly passed to
+.Xr cap_rights_limit 2 :
+.Bd -literal
+cap_rights_t rights;
+
+if (cap_rights_limit(fd, cap_rights_init(&rights, CAP_READ, CAP_WRITE)) < 0)
+ err(1, "Unable to limit capability rights");
+.Ed
+.Pp
+The
+.Fn cap_rights_set
+function adds the given capability rights to the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_clear
+function removes the given capability rights from the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_is_set
+function checks if all the given capability rights are set for the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_is_valid
+function verifies if the given
+.Vt cap_rights_t
+structure is valid.
+.Pp
+The
+.Fn cap_rights_merge
+function merges all capability rights present in the
+.Fa src
+structure into the
+.Fa dst
+structure.
+.Pp
+The
+.Fn cap_rights_remove
+function removes all capability rights present in the
+.Fa src
+structure from the
+.Fa dst
+structure.
+.Pp
+The
+.Fn cap_rights_contains
+function checks if the
+.Fa big
+structure contains all capability rights present in the
+.Fa little
+structure.
+.Sh RETURN VALUES
+The functions never fail.
+In case an invalid capability right or an invalid
+.Vt cap_rights_t
+structure is given as an argument, the program will be aborted.
+.Pp
+The
+.Fn cap_rights_init ,
+.Fn cap_rights_set
+and
+.Fn cap_rights_clear
+functions return pointer to the
+.Vt cap_rights_t
+structure given in the
+.Fa rights
+argument.
+.Pp
+The
+.Fn cap_rights_merge
+and
+.Fn cap_rights_remove
+functions return pointer to the
+.Vt cap_rights_t
+structure given in the
+.Fa dst
+argument.
+.Pp
+The
+.Fn cap_rights_is_set
+returns
+.Va true
+if all the given capability rights are set in the
+.Fa rights
+argument.
+.Pp
+The
+.Fn cap_rights_is_valid
+function performs various checks to see if the given
+.Vt cap_rights_t
+structure is valid and returns
+.Va true
+if it is.
+.Pp
+The
+.Fn cap_rights_contains
+function returns
+.Va true
+if all capability rights set in the
+.Fa little
+structure are also present in the
+.Fa big
+structure.
+.Sh EXAMPLES
+The following example demonstrates how to prepare a
+.Vt cap_rights_t
+structure to be passed to the
+.Xr cap_rights_limit 2
+system call.
+.Bd -literal
+cap_rights_t rights;
+int fd;
+
+fd = open("/tmp/foo", O_RDWR);
+if (fd < 0)
+ err(1, "open() failed");
+
+cap_rights_init(&rights, CAP_FSTAT, CAP_READ);
+
+if (allow_write_and_seek)
+ cap_rights_set(&rights, CAP_WRITE, CAP_SEEK);
+
+if (dont_allow_seek)
+ cap_rights_clear(&rights, CAP_SEEK);
+
+if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
+ err(1, "cap_rights_limit() failed");
+.Ed
+.Sh SEE ALSO
+.Xr cap_rights_limit 2 ,
+.Xr open 2 ,
+.Xr capsicum 4 ,
+.Xr rights 4
+.Sh HISTORY
+Support for capabilities and capabilities mode was developed as part of the
+.Tn TrustedBSD
+Project.
+.Sh AUTHORS
+This family of functions was created by
+.An Pawel Jakub Dawidek Aq pawel@dawidek.net
+under sponsorship from the FreeBSD Foundation.
@@ -170,6 +170,7 @@ SYM_MAPS+=${.CURDIR}/gen/Symbol.map
MAN+= alarm.3 \
arc4random.3 \
basename.3 \
+ cap_rights_get.3 \
cap_sandboxed.3 \
check_utility_compat.3 \
clock.3 \
Oops, something went wrong.

0 comments on commit 6683038

Please sign in to comment.