Am 2024-04-24 02:29, schrieb Jake Freeland:
The branch main has been updated by jfree:URL: https://cgit.FreeBSD.org/src/commit/?id=f239db4800ee9e7ff8485f96b7a68e6c38178c3bcommit f239db4800ee9e7ff8485f96b7a68e6c38178c3b Author: Jake Freeland <jf...@freebsd.org> AuthorDate: 2024-04-24 00:26:14 +0000 Commit: Jake Freeland <jf...@freebsd.org> CommitDate: 2024-04-24 00:26:14 +0000 ktrace: Remove CAPFAIL from default trace points The CAPFAIL tracepoint was recently extended to report ECAPMODEcapability violations for processes that do not enter capability mode.This allows developers that are interested in Capsicumizing their programs to determine where violations are being raised.Previously, CAPFAIL only produced output for processes using Capsicum(4) capabilties. Thus, most ktrace users never received log output from thetrace point. With the recent changes, this is no longer the case.Having this trace point enabled by default will produce output for all processes that use syscalls that are not permitted in capability mode.This may lead to confusion for users that are not familiar with thefeature. Remove KTRFAC_CAPFAIL from ktrace's default points to avoidthis.
Thanks for the opt-in instead of the opt-out! I stumbled over this a few hours ago and I can confirm that I was confused at first look... until I remembered a commit message about adding more info in this regard.
Bye, Alexander. -- http://www.Leidinger.net alexan...@leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netch...@freebsd.org : PGP 0x8F31830F9F2772BF
signature.asc
Description: OpenPGP digital signature
