Provide more robust parameter parsing in veriexec. Do a little cleanup as well.
Can you please use the @brief format
This would break all our usage of veriexec for past 15+ years.
again the requirement to fully spell out debug vs 'd' is a step backwards.
Well, veriexec(8) do not document it as the expected usage:
The possible states are: loaded set automatically when first manifest has been loaded. active mac_veriexec(4) will begin checking files. This state can only be entered from the loaded state. enforce mac_veriexec(4) will fail attempts to exec(2) or open(2) files with O_VERIFY unless verified. locked prevent loading of any more manifests.
And, to be honest, this behavior is quite surprising (for example, mtree(8) wants keywords, not keyword-abbreviations) that's why we felt it would need to be adjusted. Could we agree on something in-between like strcmp(arg_text, "a") == 0 || strcmp(arg_text, "active") == 0 (and adjust the man accordingly)?
I'm happy to update the man page to explain that a non-ambiguous prefix match is sufficient.
Note strcmp would never be a suitable method of matching, if more than a single character is needed, then strncmp would be useful eg.
if (strncmp("active", arg_text, strlen(arg_text) == 0)
I believe this parameter parsing should be improved:
Personally I find the unambiguous prefix matching a bit overkill for such a small program. I suggest the following: each status can be matched either by a long string ("activate", "locked") or a shortcut string ("a" for "activate", "lock" for "locked", etc...).
FWIW the 'locked' state is something we have never used, it is a hold over from the original NetBSD implementation which relied on manifests loaded during single user and then state locked - the only way to update was to reboot.
The use of strncmp as I described earlier is a simple way to allow better matching without breaking backwards compatability.
ie. current state Is?