|
List Info
Thread: CVS commit: src
|
|
| CVS commit: src |
|
2006-12-16 11:55:47 |
On Wed, Sep 20, 2006 at 08:19:23AM +1000, Daniel Carosone
wrote:
> On Wed, Sep 20, 2006 at 01:03:17AM +0200, Elad Efrat
wrote:
> > >> Remove securelevel-related text from
init(8) man-page as they're now in
> > >> secmodel_bsd44(9).
> > >
> > > That was not documentation for kernel
programmers. Please fix this commit
> > > so the documentation remains available for
those who don't have comp.tgz
> > > installed.
> > >
> > > (maybe move the man page to secmodel_bsd44.7
?)
> >
> > Let's wait for others voice in; I don't really
mind.
>
> init(8) was always a kind of odd / non-obvious place
for securelevel
> to be documented, but I agree with Pavel too - this is
not programmer
> info in section 9 either. Wherever it ends up, the
most important
> thing is that it's well cross-referenced from
sysctl(8), init(8) (for
> historical reasons), secmodel(9), etc. so that people
can find it.
I have finally got to this. Here is a proposed patch to
secmodel_bsd44.9
The file will also move to man7/secmodel_bsd44.7 and a
securelevel.7 link
to it will be created. I will also update xrefs in other man
pages.
I have removed the list of include files, because the man
page does not
talk about programming at all, is it OK?
Index: secmodel_bsd44.9
============================================================
=======
RCS file: /cvsroot/src/share/man/man9/secmodel_bsd44.9,v
retrieving revision 1.8
diff -u -p -r1.8 secmodel_bsd44.9
--- secmodel_bsd44.9 22 Nov 2006 21:00:30 -0000 1.8
+++ secmodel_bsd44.9 16 Dec 2006 11:45:11 -0000
 -29,18
+29,15
." THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
OF SUCH DAMAGE.
."
.Dd November 22, 2006
-.Dt SECMODEL_BSD44 9
+.Dt SECMODEL_BSD44 7
.Os
.Sh NAME
-.Nm secmodel_bsd44
+.Nm secmodel_bsd44 ,
+.Nm securelevel
.Nd traditional
.Nx
security model (based on
.Bx 4.4 )
-.Sh SYNOPSIS
-.In secmodel/bsd44/bsd44.h
-.In secmodel/bsd44/securelevel.h
-.In secmodel/bsd44/suser.h
.Sh DESCRIPTION
.Nm
is the default security model in
-205,6
+202,8 interpreter, through any mechanism) and
that run while the security level is 0" and must be
considered part of
the TCB.
.Sh SEE ALSO
+.Xr sysctl 7 ,
+.Xr init 8 ,
.Xr kauth 9 ,
.Xr secmodel 9
.Sh AUTHORS
|
|
| CVS commit: src |
|
2006-12-16 14:53:51 |
personally I object because the secmodel man-pages *are* for
programmers
in case they want to implement an overlay model.
-e.
Pavel Cahyna wrote:
> I have finally got to this. Here is a proposed patch to
secmodel_bsd44.9
> The file will also move to man7/secmodel_bsd44.7 and a
securelevel.7 link
> to it will be created. I will also update xrefs in
other man pages.
>
> I have removed the list of include files, because the
man page does not
> talk about programming at all, is it OK?
>
>
> Index: secmodel_bsd44.9
>
============================================================
=======
> RCS file:
/cvsroot/src/share/man/man9/secmodel_bsd44.9,v
> retrieving revision 1.8
> diff -u -p -r1.8 secmodel_bsd44.9
> --- secmodel_bsd44.9 22 Nov 2006 21:00:30 -0000 1.8
> +++ secmodel_bsd44.9 16 Dec 2006 11:45:11 -0000
> -29,18 +29,15
> ." THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
> ."
> .Dd November 22, 2006
> -.Dt SECMODEL_BSD44 9
> +.Dt SECMODEL_BSD44 7
> .Os
> .Sh NAME
> -.Nm secmodel_bsd44
> +.Nm secmodel_bsd44 ,
> +.Nm securelevel
> .Nd traditional
> .Nx
> security model (based on
> .Bx 4.4 )
> -.Sh SYNOPSIS
> -.In secmodel/bsd44/bsd44.h
> -.In secmodel/bsd44/securelevel.h
> -.In secmodel/bsd44/suser.h
> .Sh DESCRIPTION
> .Nm
> is the default security model in
> -205,6 +202,8 interpreter, through any mechanism) and
> that run while the security level is 0" and must
be considered part of
> the TCB.
> .Sh SEE ALSO
> +.Xr sysctl 7 ,
> +.Xr init 8 ,
> .Xr kauth 9 ,
> .Xr secmodel 9
> .Sh AUTHORS
|
|
| CVS commit: src |
|
2006-12-16 17:10:21 |
On Sat, Dec 16, 2006 at 04:53:51PM +0200, Elad Efrat wrote:
> personally I object because the secmodel man-pages
*are* for programmers
> in case they want to implement an overlay model.
Is it okay to move the manpage while leaving the #includes ?
It just seems strange to list #include files in a manpage
which does not
document any declaration or macro from those headers,
regardless of the
section which the manpage belongs to. What is the programmer
supposed to
do with the headers besides #including them?
If you plan to supply some programming documentation later,
would it make
sense to have both secmodel_bsd44.9 and secmodel_bsd44.7 ?
Pavel
|
|
| CVS commit: src |
|
2006-12-17 04:17:34 |
the plan was to eventually, after the code work is done,
have the
man-page for secmodel_bsd44.9 list the listeners and
describe further
how they should be used in e.g. overlay model.
however, I guess we can have two man-pages for each model,
with one
describing the implications etc. and the other being a
kernel programmer
guide. these belong in sections 8 and 9, not 7, though.
if you're going to do that work for secmodel_bsd44, please
do it for
secmodel_overlay (it's ~nop) and don't create a symlink to a
"securelevel" man-page. we never had one.
-e.
Pavel Cahyna wrote:
> On Sat, Dec 16, 2006 at 04:53:51PM +0200, Elad Efrat
wrote:
>> personally I object because the secmodel man-pages
*are* for programmers
>> in case they want to implement an overlay model.
>
> Is it okay to move the manpage while leaving the
#includes ?
>
> It just seems strange to list #include files in a
manpage which does not
> document any declaration or macro from those headers,
regardless of the
> section which the manpage belongs to. What is the
programmer supposed to
> do with the headers besides #including them?
>
> If you plan to supply some programming documentation
later, would it make
> sense to have both secmodel_bsd44.9 and
secmodel_bsd44.7 ?
>
> Pavel
|
|
[1-4]
|
|