system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-22 00:04:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
freebsd-src/sys
History
Christian S.J. Peron 06399e90bc Mark the audit system calls as being un-implemented in jails. Currently we do 
not trust jails enough to execute audit related system calls. An example of
this is with su(1), or login(1) within prisons. So, if the syscall request
comes from a jail return ENOSYS. This will cause these utilities to operate
as if audit is not present in the kernel.

Looking forward, this problem will be remedied by allowing non privileged
users to maintain and their own audit streams, but the details on exactly how
this will be implemented needs to be worked out.

This change should fix situations when options AUDIT has been compiled into
the kernel, and utilities like su(1), or login(1) fail due to audit system
call failures within jails.

This is a RELENG_6 candidate.

Reported by:	Christian Brueffer
Discussed with:	rwatson
MFC after:	3 days
2006-10-10 15:49:10 +00:00
..
amd64 - Remove SCHED_ULE from GENERIC to better avoid foot-shooting by 2006-10-05 20:31:58 +00:00
arm PR: 2006-10-04 21:37:10 +00:00
boot more sun4v fallout - missed add 2006-10-09 07:00:59 +00:00
bsm Merge OpenBSM 1.0 alpha 12 import changes into src/sys/bsm. New events 2006-09-25 12:22:07 +00:00
cam Add a SCSI da(4) quirk for Rekam USB Camera. 2006-10-07 19:04:23 +00:00
coda Since DELAY() was moved, most <machine/clock.h> #includes have been 2006-05-16 14:37:58 +00:00
compat - change if (cond) panic() to KASSERT. 2006-10-08 17:10:34 +00:00
conf kernel clean up to make the sun4v kernel build 2006-10-09 04:45:19 +00:00
contrib Workaround bad locking design: 2006-10-05 09:48:25 +00:00
crypto Less magic. 2006-09-15 10:44:55 +00:00
ddb The powerpc and sparc64 MD `reboot' commands should never have existed 2006-10-10 07:26:54 +00:00
dev correct diag request to fetch isr state on fatal interrupts 2006-10-09 23:45:26 +00:00
fs Use utc_offset() where applicable, and hide the internals of it 2006-10-02 18:23:37 +00:00
gdb Convert to new console api 2006-05-26 13:54:27 +00:00
geom Guard against invalid metadata. 2006-10-10 15:01:47 +00:00
gnu Add mnt_noasync counter to better handle interleaved calls to nmount(), 2006-09-26 04:15:59 +00:00
i4b Extend i4b to support CAPI manager based ISDN controllers (CAPI manager is part of 2006-07-09 21:16:06 +00:00
i386 - Remove SCHED_ULE from GENERIC to better avoid foot-shooting by 2006-10-05 20:31:58 +00:00
ia64 Include freebsd32_signal.h now that signal-related definitions are 2006-10-06 19:33:44 +00:00
isa Use calendaric calculation support from subr_clock.c instead of home-rolled. 2006-10-02 16:18:40 +00:00
isofs/cd9660 Use mount interlock to protect all changes to mnt_flag and mnt_kern_flag. 2006-09-26 04:12:49 +00:00
kern Implement 32bit umtx_lock and umtx_unlock system calls, these two system 2006-10-06 08:22:08 +00:00
libkern Add strstr() function to the libkern. 2006-08-12 15:28:39 +00:00
modules A GEOM cache can speed up read performance by sending fixed size 2006-10-06 08:27:07 +00:00
net Use LIST_FOREACH_SAFE instead of a hand rolled version. 2006-10-09 00:49:57 +00:00
net80211 Now that we have COMPAT_FREEBSD6 officially, use it from opt_compat.h. 2006-09-26 12:41:13 +00:00
netatalk Since soisdisconnected() is no longer called in pru_detach(), call it 2006-08-05 14:14:34 +00:00
netatm Change semantics of socket close and detach. Add a new protocol switch 2006-07-21 17:11:15 +00:00
netgraph Don't use data after free. 2006-09-30 12:37:43 +00:00
netinet Various mdoc and grammar fixes. 2006-10-08 13:53:45 +00:00
netinet6 Hopefully the last tweak in trying to make it possible to add ipv6 direct 2006-10-02 19:15:10 +00:00
netipsec Fix build breakage from previous commit which confused key_abort and key_close. 2006-07-22 09:18:02 +00:00
netipx Change semantics of socket close and detach. Add a new protocol switch 2006-07-21 17:11:15 +00:00
netkey With exception of the if_name() macro, all definitions in net_osdep.h 2006-08-04 21:27:40 +00:00
netnatm Change semantics of socket close and detach. Add a new protocol switch 2006-07-21 17:11:15 +00:00
netncp - Fix ncp_poll() to not panic if the socket doesn't have any pending data. 2006-08-03 15:31:52 +00:00
netsmb Fix misalignment bugs caused by invalid type casts of pointers 2006-08-22 03:05:51 +00:00
nfs
nfs4client Fixes up the handling of shared vnode lock lookups in the NFS client, 2006-09-13 18:39:09 +00:00
nfsclient First part of a little cleanup in the calendar/timezone/RTC handling. 2006-10-02 12:59:59 +00:00
nfsserver - Add a new function nfsrv_destroycache() to tear down the server request 2006-08-01 16:27:14 +00:00
opencrypto When DIAGNOSTIC is defined, verify if we don't free crypto requests from 2006-06-06 15:04:52 +00:00
pc98 - Remove SCHED_ULE from GENERIC to better avoid foot-shooting by 2006-10-05 20:31:58 +00:00
pccard
pci Fix style(9) nits. 2006-10-09 20:26:32 +00:00
posix4 Backout the feature which can change thread's scheduling option, I really 2006-07-13 06:41:26 +00:00
powerpc The powerpc and sparc64 MD `reboot' commands should never have existed 2006-10-10 07:26:54 +00:00
rpc
security Mark the audit system calls as being un-implemented in jails. Currently we do 2006-10-10 15:49:10 +00:00
sparc64 The powerpc and sparc64 MD `reboot' commands should never have existed 2006-10-10 07:26:54 +00:00
sun4v kernel clean up to make the sun4v kernel build 2006-10-09 04:45:19 +00:00
sys Move some declaration of 32-bit signal structures into file 2006-10-05 01:56:11 +00:00
tools Check for errors when registering and unregistering firmware modules. This 2006-06-16 21:06:03 +00:00
ufs Do not translate the IN_ACCESS inode flag into the IN_MODIFIED while filesystem 2006-10-10 09:20:54 +00:00
vm Change vnode_pager_generic_getpages() so that it does not panic if the 2006-10-08 20:26:16 +00:00
Makefile Don't need to special case arm here anymore 2006-08-10 06:29:43 +00:00