Page MenuHomeFreeBSD
Differential D48153

mac_do(4): Revamp manual page after MAC/do updates
ClosedPublic
Actions

Authored by olce on Dec 19 2024, 10:41 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sep 17 2025, 4:03 AM
Unknown Object (File)
Sep 16 2025, 12:08 PM
Unknown Object (File)
Sep 15 2025, 11:13 PM
Unknown Object (File)
Sep 15 2025, 2:24 PM
Unknown Object (File)
Sep 11 2025, 4:42 AM
Unknown Object (File)
Sep 10 2025, 6:15 AM
Unknown Object (File)
Aug 19 2025, 10:48 AM
Unknown Object (File)
Aug 18 2025, 9:05 PM
View All 53 Files
Subscribers
imp
otis
ziaee

Details

Reviewers
bapt
emaste
Group Reviewers
manpages
Commits
rGf74cd62b5c71: mac_do(4): Revamp manual page after MAC/do updates
rGbc201841d139: mac_do(4): Revamp manual page after MAC/do updates
Summary

The new manual page in particular describes MAC/do's new rules syntax
and the jail support, as well as security considerations explaining the
overall design and how to leverage it in the most secure fashion.

Sponsored by: The FreeBSD Foundation

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 61272
Build 58156: arc lint + arc unit

Event Timeline

olce created this revision.Dec 19 2024, 10:41 PM
Herald added a subscriber: imp. · View Herald TranscriptDec 19 2024, 10:41 PM
olce requested review of this revision.Dec 19 2024, 10:41 PM
Harbormaster completed remote builds in B61272: Diff 148263.Dec 19 2024, 10:41 PM
olce added a subscriber: otis.Dec 19 2024, 10:47 PM
otis added a comment.Dec 20 2024, 7:52 AM

It would be nice to have the rules syntax described in grammar-tyle, similarly to pf.conf(5).

Your thoughts?

bapt accepted this revision.Dec 20 2024, 8:01 AM

I love it!

This revision is now accepted and ready to land.Dec 20 2024, 8:01 AM
otis added a comment.Dec 20 2024, 10:58 AM

After proof-reading multiple times, LGTM, too.

ziaee added a subscriber: ziaee.Dec 20 2024, 3:15 PM
ziaee added inline comments.
share/man/man4/mac_do.4
19

Sorry, I didn't have time to do a whole review, but why change Nm?

otis added inline comments.Dec 20 2024, 3:27 PM
share/man/man4/mac_do.4
19

Sorry, I didn't have time to do a whole review, but why change Nm?

.Nm in .SYNOPSIS section behaves differently from other sections.

ziaee added inline comments.Dec 20 2024, 3:53 PM
share/man/man4/mac_do.4
19

I see. Thanks!

olce marked 3 inline comments as done.Dec 23 2024, 2:28 PM
olce added inline comments.
share/man/man4/mac_do.4
19

Yes, .Nm in the SYNOPSIS section forces the following text to be on the same line as the name. Not sure if there is a way to prevent that. It indeed would be more logical to use .Nm if this problem didn't exist.

Closed by commit rGbc201841d139: mac_do(4): Revamp manual page after MAC/do updates (authored by olce). · Explain WhyDec 23 2024, 2:41 PM
This revision was automatically updated to reflect the committed changes.
olce added a commit: rGbc201841d139: mac_do(4): Revamp manual page after MAC/do updates.
olce mentioned this in D48129: mac_do: Log credentials switching.Dec 23 2024, 3:05 PM
olce added a commit: rGf74cd62b5c71: mac_do(4): Revamp manual page after MAC/do updates.Apr 3 2025, 7:35 PM

Revision Contents
Changeset List

PathSize
share/
man/
man4/
462 lines

Diff 148263

View Options

share/man/man4/mac_do.4

Loading...