Page MenuHomeFreeBSD
Differential D40633

cr_canseeothergids(9): Revamp, mark as internal
ClosedPublic
Actions

Authored by olce.freebsd_certner.fr on Jun 20 2023, 1:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sep 28 2023, 4:54 PM
Unknown Object (File)
Sep 11 2023, 1:34 PM
Unknown Object (File)
Sep 5 2023, 10:34 PM
Unknown Object (File)
Aug 27 2023, 2:49 PM
Unknown Object (File)
Aug 27 2023, 2:49 PM
Unknown Object (File)
Aug 27 2023, 2:49 PM
Unknown Object (File)
Aug 27 2023, 2:49 PM
Unknown Object (File)
Aug 27 2023, 2:49 PM
View All 16 Files
Subscribers
emaste
imp
mhorne
pauamma_gundo.com
manpages

Details

Reviewers
mjg
kib
dchagin
mhorne
Commits
rGb6b628ed96b3: cr_canseeothergids(9): Revamp, mark as internal
rGad1486b625ed: cr_canseeothergids(9): Revamp, mark as internal
rG3fe9ea4d2d04: cr_canseeothergids(9): Revamp, mark as internal
Summary

Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to
cr_bsd_visible(9).

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

olce.freebsd_certner.fr created this revision.Jun 20 2023, 1:44 PM
Herald added a subscriber: imp. · View Herald TranscriptJun 20 2023, 1:44 PM
olce.freebsd_certner.fr requested review of this revision.Jun 20 2023, 1:44 PM
Harbormaster completed remote builds in B52168: Diff 123499.Jun 20 2023, 1:44 PM
olce.freebsd_certner.fr added a parent revision: D40632: cr_bsd_visible(9): New man page.Jun 20 2023, 2:11 PM
olce.freebsd_certner.fr added a child revision: D40634: groupmember(9): Detail which groups are considered, simplify.
olce.freebsd_certner.fr added reviewers: mjg, kib, dchagin.Jun 20 2023, 9:03 PM
emaste added subscribers: manpages, emaste.Jun 29 2023, 3:56 PM
olce.freebsd_certner.fr updated this revision to Diff 124007.Jun 29 2023, 8:53 PM

Change the one-line description. New sentences on new lines.

Harbormaster completed remote builds in B52344: Diff 124007.Jun 29 2023, 8:53 PM
olce.freebsd_certner.fr updated this revision to Diff 124008.Jun 29 2023, 8:55 PM

Wrong previous diff.

Harbormaster completed remote builds in B52345: Diff 124008.Jun 29 2023, 8:55 PM
pauamma_gundo.com added a subscriber: pauamma_gundo.com.Jun 29 2023, 9:35 PM

English LGTM.

olce.freebsd_certner.fr updated this revision to Diff 124668.Jul 14 2023, 10:23 AM
olce.freebsd_certner.fr edited the summary of this revision. (Show Details)

Rename cr_bsd_visibility() to cr_bsd_visible().

Harbormaster completed remote builds in B52645: Diff 124668.Jul 14 2023, 10:23 AM
olce.freebsd_certner.fr added a comment.Jul 14 2023, 10:44 AM

And also addressed similar issues as reported in https://reviews.freebsd.org/D40639.

olce.freebsd_certner.fr updated this revision to Diff 124899.Jul 20 2023, 10:15 AM
olce.freebsd_certner.fr retitled this revision from cr_seeothergids(9): Revamp, mark as internal to cr_canseeothergids(9): Revamp, mark as internal.
olce.freebsd_certner.fr edited the summary of this revision. (Show Details)

'cr_see*' => 'cr_cansee*' (suppressed a rename in the stack).

Harbormaster completed remote builds in B52736: Diff 124899.Jul 20 2023, 10:15 AM
olce.freebsd_certner.fr updated this revision to Diff 124916.Jul 20 2023, 3:37 PM

Fix inverted description of when the policy is enabled.

Harbormaster completed remote builds in B52746: Diff 124916.Jul 20 2023, 3:37 PM
mhorne added a subscriber: mhorne.Aug 7 2023, 8:49 PM

It is unusual to have a man page for a static function; I cannot think of any other example. Given the history of this page and its siblings, I think it is fine to keep it, but an argument could be made to only keep cr_bsd_visible(9).

share/man/man9/cr_canseeothergids.9
51

Only a suggestion.

52
71–77

I see the inaccuracy of the previous description, but what you have written is not a complete sentence. Even though it is a sensible short-hand, the prevailing style for this section is to be explicit.

My suggestion:

The
.Fn cr_canseeothergids
function returns 0 if the policy is disabled, the credentials share at least one common group, or if
.Fa u1
has privilege exempting it from the policy.
Otherwise, it returns
.Er ESRCH .
mhorne mentioned this in D40635: cr_canseeotheruids(9): Revamp, mark as internal.Aug 7 2023, 8:50 PM
mhorne mentioned this in D40631: cr_canseejailproc(9): New man page.Aug 7 2023, 8:54 PM
olce.freebsd_certner.fr updated this revision to Diff 125810.Aug 10 2023, 3:22 PM
olce.freebsd_certner.fr retitled this revision from cr_canseeothergids(9): Revamp, mark as internal to cr_canseeothergids(9): Revamp, mark as internal Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to cr_bsd_visible(9)..

Address (most) @mhorne's comments.

Updating D40633: cr_canseeothergids(9): Revamp, mark as internal

Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to
cr_bsd_visible(9).

Harbormaster completed remote builds in B53026: Diff 125810.Aug 10 2023, 3:22 PM
olce.freebsd_certner.fr marked 3 inline comments as done.Aug 10 2023, 3:31 PM
In D40633#941566, @mhorne wrote:

It is unusual to have a man page for a static function; I cannot think of any other example. Given the history of this page and its siblings, I think it is fine to keep it, but an argument could be made to only keep cr_bsd_visible(9).

I understand, but given that these man pages have been around for 20+ years, maybe keeping them for now is the less disruptive path. We could remove them in a few releases.

share/man/man9/cr_canseeothergids.9
51

I'd prefer to leave that out, for several reasons. First, static is a C implementation detail, rather than the intent itself. Second, it works only for functions defined and used in the same translation unit, so applies almost always to functions defined and used in a single one. If that state changes, we would need to change the manpage as well. Granted, that's not a big one, but given the frequency with which this page has been updated in the past...

olce.freebsd_certner.fr retitled this revision from cr_canseeothergids(9): Revamp, mark as internal Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to cr_bsd_visible(9). to cr_canseeothergids(9): Revamp, mark as internal.Aug 10 2023, 3:33 PM
mhorne accepted this revision.Sep 27 2023, 3:30 PM
This revision is now accepted and ready to land.Sep 27 2023, 3:30 PM
Closed by commit rG3fe9ea4d2d04: cr_canseeothergids(9): Revamp, mark as internal (authored by olce.freebsd_certner.fr, committed by mhorne). · Explain WhySep 28 2023, 3:12 PM
This revision was automatically updated to reflect the committed changes.
mhorne added a commit: rG3fe9ea4d2d04: cr_canseeothergids(9): Revamp, mark as internal.
mhorne added a commit: rGad1486b625ed: cr_canseeothergids(9): Revamp, mark as internal.Oct 17 2023, 7:44 PM
mhorne added a commit: rGb6b628ed96b3: cr_canseeothergids(9): Revamp, mark as internal.Oct 18 2023, 6:04 PM

Revision Contents
Changeset List

PathSize
share/
man/
man9/
77 lines

Diff 127917

View Options

share/man/man9/cr_canseeothergids.9

Loading...