svn commit: r327317 - in head/lib/libutil: . tests
Author: robak (ports committer)
Date: Thu Dec 28 22:57:34 2017
New Revision: 327317
URL: https://svnweb.freebsd.org/changeset/base/327317
Log:
humanize_number(3): fix math edge case in rounding large numbers
Fix for remainder overflow, when in rare cases adding remainder to divider
exceeded 1 and turned the total to 1000 in final formatting, taking up
the space for the unit character.
The fix continues the division of the original number if the above case
happens -- added the appropriate check to the for loop performing
the division. This lowers the value shown, to make it fit into the buffer
space provided (1.0M for 4+1 character buffer, as used by ls).
Add test case for the reported bug and extend test program to support
providing buffer length (ls -lh uses 5, tests hard-coded 4).
PR: 224498
Submitted by: Pawel Biernacki
Reported by: Masachika Ishizuka
Reviewed by: cem, kib
Approved by: cem, kib
MFC after:1 week
Sponsored by: Mysterious Code Ltd.
Differential Revision:D13578
Modified:
head/lib/libutil/humanize_number.3
head/lib/libutil/humanize_number.c
head/lib/libutil/tests/humanize_number_test.c
Modified: head/lib/libutil/humanize_number.3
==
--- head/lib/libutil/humanize_number.3 Thu Dec 28 22:56:30 2017
(r327316)
+++ head/lib/libutil/humanize_number.3 Thu Dec 28 22:57:34 2017
(r327317)
@@ -200,3 +200,9 @@ The
.Dv HN_IEC_PREFIXES
flag was introduced in
.Fx 9.0 .
+.Sh CAVEATS
+For numbers greater than 999 using buffer length of 4 and less can cause
+rounding errors.
+When using
+.Dv HN_IEC_PREFIXES
+the same error occurs for buffer length of 5 or less.
Modified: head/lib/libutil/humanize_number.c
==
--- head/lib/libutil/humanize_number.c Thu Dec 28 22:56:30 2017
(r327316)
+++ head/lib/libutil/humanize_number.c Thu Dec 28 22:57:34 2017
(r327317)
@@ -145,7 +145,8 @@ humanize_number(char *buf, size_t len, int64_t quotien
*/
for (i = 0;
(quotient >= max || (quotient == max - 1 &&
- remainder >= divisordeccut)) && i < maxscale; i++) {
+ (remainder >= divisordeccut || remainder >=
+ divisor / 2))) && i < maxscale; i++) {
remainder = quotient % divisor;
quotient /= divisor;
}
Modified: head/lib/libutil/tests/humanize_number_test.c
==
--- head/lib/libutil/tests/humanize_number_test.c Thu Dec 28 22:56:30
2017(r327316)
+++ head/lib/libutil/tests/humanize_number_test.c Thu Dec 28 22:57:34
2017(r327317)
@@ -49,333 +49,337 @@ static struct {
int64_t num;
int flags;
int scale;
+ size_t buflen;
} test_args[] = {
/* tests 0-13 test 1000 suffixes */
- { 2, "0 ", (int64_t)0L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "1 k", (int64_t)500L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "1 M", (int64_t)500*1000L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "1 G", (int64_t)500*1000*1000L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "1 T", (int64_t)500*1000*1000*1000L, HN_DIVISOR_1000, HN_AUTOSCALE
},
- { 3, "1 P", (int64_t)500*1000*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE },
- { 3, "1 E", (int64_t)500*1000*1000*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE },
- { 2, "1 ", (int64_t)1L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "2 k", (int64_t)1500L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "2 M", (int64_t)1500*1000L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "2 G", (int64_t)1500*1000*1000L, HN_DIVISOR_1000, HN_AUTOSCALE },
- { 3, "2 T", (int64_t)1500*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE },
- { 3, "2 P", (int64_t)1500*1000*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE },
- { 3, "2 E", (int64_t)1500*1000*1000*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE },
+ { 2, "0 ", (int64_t)0L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "1 k", (int64_t)500L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "1 M", (int64_t)500*1000L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "1 G", (int64_t)500*1000*1000L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "1 T", (int64_t)500*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE, 4 },
+ { 3, "1 P", (int64_t)500*1000*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE, 4 },
+ { 3, "1 E", (int64_t)500*1000*1000*1000*1000*1000L, HN_DIVISOR_1000,
HN_AUTOSCALE, 4 },
+ { 2, "1 ", (int64_t)1L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "2 k", (int64_t)1500L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "2 M", (int64_t)1500*1000L, HN_DIVISOR_1000, HN_AUTOSCALE, 4 },
+ { 3, "2 G", (int64_
svn commit: r320674 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Wed Jul 5 13:37:27 2017
New Revision: 320674
URL: https://svnweb.freebsd.org/changeset/base/320674
Log:
Add option to bsdinstall to disable insecure console, update stack guard
option
This patch adds new bsdinstall option to hardening section that allows users
to change this behaviour to secure one and updates stack guard option so it
would set the value of relevant sysctl to 512 (2MB)
Submitted by: Bartek Rutkowski
Reviewed by: adrian, bapt, emaste
Approved by: bapt, emaste
MFC after:1 day
Sponsored by: Pixeware LTD
Differential Revision:https://reviews.freebsd.org/D9700
Modified:
head/usr.sbin/bsdinstall/scripts/config
head/usr.sbin/bsdinstall/scripts/hardening
Modified: head/usr.sbin/bsdinstall/scripts/config
==
--- head/usr.sbin/bsdinstall/scripts/config Wed Jul 5 13:13:38 2017
(r320673)
+++ head/usr.sbin/bsdinstall/scripts/config Wed Jul 5 13:37:27 2017
(r320674)
@@ -35,6 +35,11 @@ rm $BSDINSTALL_TMPETC/rc.conf.*
cat $BSDINSTALL_CHROOT/etc/sysctl.conf $BSDINSTALL_TMPETC/sysctl.conf.* >>
$BSDINSTALL_TMPETC/sysctl.conf
rm $BSDINSTALL_TMPETC/sysctl.conf.*
+if [ -f $BSDINSTALL_TMPTEC/ttys.hardening ]; then
+ cat $BSDINSTALL_TMPTEC/ttys.hardening > $BSDINSTALL_TMPTEC/ttys
+ rm $BSDINSTALL_TMPTEC/ttys.hardening
+fi
+
cp $BSDINSTALL_TMPETC/* $BSDINSTALL_CHROOT/etc
cat $BSDINSTALL_TMPBOOT/loader.conf.* >> $BSDINSTALL_TMPBOOT/loader.conf
Modified: head/usr.sbin/bsdinstall/scripts/hardening
==
--- head/usr.sbin/bsdinstall/scripts/hardening Wed Jul 5 13:13:38 2017
(r320673)
+++ head/usr.sbin/bsdinstall/scripts/hardening Wed Jul 5 13:37:27 2017
(r320674)
@@ -42,10 +42,11 @@ FEATURES=$( dialog --backtitle "FreeBSD Installer" \
"3 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-off} \
"4 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-off} \
"5 random_pid" "Randomize the PID of newly created processes"
${random_pid:-off} \
- "6 stack_guard" "Insert stack guard page ahead of the growable
segments" ${stack_guard:-off} \
+ "6 stack_guard" "Set stack guard buffer size to 2MB"
${stack_guard:-off} \
"7 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
"8 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
"9 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
+ "9 secure_console" "Enable console password prompt"
${secure_console:-off} \
2>&1 1>&3 )
exec 3>&-
@@ -69,7 +70,7 @@ for feature in $FEATURES; do
echo kern.randompid=$(jot -r 1 ) >>
$BSDINSTALL_TMPETC/sysctl.conf.hardening
fi
if [ "$feature" = "stack_guard" ]; then
- echo security.bsd.stack_guard_page=1 >>
$BSDINSTALL_TMPETC/sysctl.conf.hardening
+ echo security.bsd.stack_guard_page=512 >>
$BSDINSTALL_TMPETC/sysctl.conf.hardening
fi
if [ "$feature" = "clear_tmp" ]; then
echo 'clear_tmp_enable="YES"' >>
$BSDINSTALL_TMPETC/rc.conf.hardening
@@ -79,6 +80,9 @@ for feature in $FEATURES; do
fi
if [ "$feature" = "disable_sendmail" ]; then
echo 'sendmail_enable="NONE"' >>
$BSDINSTALL_TMPETC/rc.conf.hardening
+ fi
+ if [ "$feature" = "secure_console" ]; then
+ sed "s/unknown off secure/unknown off insecure/g"
$BSDINSTALL_CHROOT/etc/ttys > $BSDINSTALL_TMPETC/ttys.hardening
fi
done
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r320674 - head/usr.sbin/bsdinstall/scripts
> On 5 Jul 2017, at 18:15, Konstantin Belousov wrote: > > On Wed, Jul 05, 2017 at 01:37:27PM +0000, Bartek Rutkowski wrote: >> This patch adds new bsdinstall option to hardening section that allows users >> to change this behaviour to secure one and updates stack guard option so it >> would set the value of relevant sysctl to 512 (2MB) > What ?! What 'What?!'? Kind regards, Bartek Rutkowski ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r320674 - head/usr.sbin/bsdinstall/scripts
> On 5 Jul 2017, at 21:05, Konstantin Belousov wrote: > > On Wed, Jul 05, 2017 at 08:52:37PM +0100, Bartek Rutkowski wrote: >> >>> On 5 Jul 2017, at 18:15, Konstantin Belousov wrote: >>> >>> On Wed, Jul 05, 2017 at 01:37:27PM +, Bartek Rutkowski wrote: >>>> This patch adds new bsdinstall option to hardening section that allows >>>> users >>>> to change this behaviour to secure one and updates stack guard option so it >>>> would set the value of relevant sysctl to 512 (2MB) >>> What ?! >> >> What 'What?!'? > > This is absurd change. You are tweaking knobs which you have no idea about, > and you did not tested this. I welcome any constructive criticism, explanations, explanations. Feel free to send them anytime - discussing in such tone makes you less likely to be given proper attention. Kind regards, Bartek Rutkowski ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r320674 - head/usr.sbin/bsdinstall/scripts
> There are two options '9' now > > -- > Renato Botelho Yes, I am aware of it, something in my merge must have go wrong. I'll fix it first thing in the morning, because I've had a long day and I don't want to cause any more issues. If someone else feels like correcting it in meantime - you're more than welcome. Kind regards, Bartek Rutkowski ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r320732 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Thu Jul 6 12:19:15 2017
New Revision: 320732
URL: https://svnweb.freebsd.org/changeset/base/320732
Log:
usr.sbin/bsdinstall/scripts/hardening: fix options numbers
Submitted by: Bartek Rutkowski
Reviewed by: bapt
Approved by: bapt
MFC after:1 day
Differential Revision:https://reviews.freebsd.org/D11505
Modified:
head/usr.sbin/bsdinstall/scripts/hardening
Modified: head/usr.sbin/bsdinstall/scripts/hardening
==
--- head/usr.sbin/bsdinstall/scripts/hardening Thu Jul 6 11:45:13 2017
(r320731)
+++ head/usr.sbin/bsdinstall/scripts/hardening Thu Jul 6 12:19:15 2017
(r320732)
@@ -46,7 +46,7 @@ FEATURES=$( dialog --backtitle "FreeBSD Installer" \
"7 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
"8 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
"9 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
- "9 secure_console" "Enable console password prompt"
${secure_console:-off} \
+ "10 secure_console" "Enable console password prompt"
${secure_console:-off} \
2>&1 1>&3 )
exec 3>&-
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r308810 - head/bin/dd
Author: robak (ports committer)
Date: Fri Nov 18 21:09:57 2016
New Revision: 308810
URL: https://svnweb.freebsd.org/changeset/base/308810
Log:
Capsicum support for dd(1)
Adds Capsicum sandboxing to dd utility.
Submitted by: Pawel Biernacki
Reviewed by: allanjude, emaste, oshogbo
Approved by: oshogbo
Sponsored by: Mysterious Code Ltd.
Differential Revision:https://reviews.freebsd.org/D8543
Modified:
head/bin/dd/dd.c
Modified: head/bin/dd/dd.c
==
--- head/bin/dd/dd.cFri Nov 18 17:18:05 2016(r308809)
+++ head/bin/dd/dd.cFri Nov 18 21:09:57 2016(r308810)
@@ -48,10 +48,13 @@ __FBSDID("$FreeBSD$");
#include
#include
#include
+#include
#include
#include
+#include
#include
+#include
#include
#include
#include
@@ -92,6 +95,10 @@ main(int argc __unused, char *argv[])
jcl(argv);
setup();
+ caph_cache_catpages();
+ if (cap_enter() == -1 && errno != ENOSYS)
+ err(1, "unable to enter capability mode");
+
(void)signal(SIGINFO, siginfo_handler);
(void)signal(SIGINT, terminate);
@@ -125,6 +132,8 @@ static void
setup(void)
{
u_int cnt;
+ cap_rights_t rights;
+ unsigned long cmds[] = { FIODTYPE, MTIOCTOP };
if (in.name == NULL) {
in.name = "stdin";
@@ -133,13 +142,20 @@ setup(void)
in.fd = open(in.name, O_RDONLY, 0);
if (in.fd == -1)
err(1, "%s", in.name);
+ if (caph_limit_stdin() == -1)
+ err(1, "unable to limit capability rights");
}
getfdtype(&in);
+ cap_rights_init(&rights, CAP_READ, CAP_SEEK);
+ if (cap_rights_limit(in.fd, &rights) == -1 && errno != ENOSYS)
+ err(1, "unable to limit capability rights");
+
if (files_cnt > 1 && !(in.flags & ISTAPE))
errx(1, "files is not supported for non-tape devices");
+ cap_rights_set(&rights, CAP_WRITE, CAP_FTRUNCATE, CAP_IOCTL);
if (out.name == NULL) {
/* No way to check for read access here. */
out.fd = STDOUT_FILENO;
@@ -156,13 +172,27 @@ setup(void)
if (out.fd == -1) {
out.fd = open(out.name, O_WRONLY | OFLAGS, DEFFILEMODE);
out.flags |= NOREAD;
+ cap_rights_clear(&rights, CAP_READ);
}
if (out.fd == -1)
err(1, "%s", out.name);
+ if (caph_limit_stdout() == -1)
+ err(1, "unable to limit capability rights");
}
getfdtype(&out);
+ if (cap_rights_limit(out.fd, &rights) == -1 && errno != ENOSYS)
+ err(1, "unable to limit capability rights");
+ if (cap_ioctls_limit(out.fd, cmds, nitems(cmds)) == -1 &&
+ errno != ENOSYS)
+ err(1, "unable to limit capability rights");
+
+ if (in.fd != STDERR_FILENO && out.fd != STDERR_FILENO) {
+ if (caph_limit_stderr() == -1)
+ err(1, "unable to limit capability rights");
+ }
+
/*
* Allocate space for the input and output buffers. If not doing
* record oriented I/O, only need a single buffer.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r309735 - head/bin/dd
Author: robak (ports committer)
Date: Fri Dec 9 14:51:05 2016
New Revision: 309735
URL: https://svnweb.freebsd.org/changeset/base/309735
Log:
Capsicum support for dd(1)
Adds Capsicum sandboxing to dd utility.
Submitted by: Pawel Biernacki
Reviewed by: allanjude, emaste, oshogbo
Approved by: oshogbo
Sponsored by: Mysterious Code Ltd.
Differential Revision:https://reviews.freebsd.org/D8543
Modified:
head/bin/dd/dd.c
Modified: head/bin/dd/dd.c
==
--- head/bin/dd/dd.cFri Dec 9 14:06:22 2016(r309734)
+++ head/bin/dd/dd.cFri Dec 9 14:51:05 2016(r309735)
@@ -47,11 +47,14 @@ __FBSDID("$FreeBSD$");
#include
#include
+#include
#include
#include
#include
+#include
#include
+#include
#include
#include
#include
@@ -92,6 +95,10 @@ main(int argc __unused, char *argv[])
jcl(argv);
setup();
+ caph_cache_catpages();
+ if (cap_enter() == -1 && errno != ENOSYS)
+ err(1, "unable to enter capability mode");
+
(void)signal(SIGINFO, siginfo_handler);
(void)signal(SIGINT, terminate);
@@ -125,6 +132,8 @@ static void
setup(void)
{
u_int cnt;
+ cap_rights_t rights;
+ unsigned long cmds[] = { FIODTYPE, MTIOCTOP };
if (in.name == NULL) {
in.name = "stdin";
@@ -133,13 +142,20 @@ setup(void)
in.fd = open(in.name, O_RDONLY, 0);
if (in.fd == -1)
err(1, "%s", in.name);
+ if (caph_limit_stdin() == -1)
+ err(1, "unable to limit capability rights");
}
getfdtype(&in);
+ cap_rights_init(&rights, CAP_READ, CAP_SEEK);
+ if (cap_rights_limit(in.fd, &rights) == -1 && errno != ENOSYS)
+ err(1, "unable to limit capability rights");
+
if (files_cnt > 1 && !(in.flags & ISTAPE))
errx(1, "files is not supported for non-tape devices");
+ cap_rights_set(&rights, CAP_FTRUNCATE, CAP_IOCTL, CAP_WRITE);
if (out.name == NULL) {
/* No way to check for read access here. */
out.fd = STDOUT_FILENO;
@@ -156,13 +172,27 @@ setup(void)
if (out.fd == -1) {
out.fd = open(out.name, O_WRONLY | OFLAGS, DEFFILEMODE);
out.flags |= NOREAD;
+ cap_rights_clear(&rights, CAP_READ);
}
if (out.fd == -1)
err(1, "%s", out.name);
+ if (caph_limit_stdout() == -1)
+ err(1, "unable to limit capability rights");
}
getfdtype(&out);
+ if (cap_rights_limit(out.fd, &rights) == -1 && errno != ENOSYS)
+ err(1, "unable to limit capability rights");
+ if (cap_ioctls_limit(out.fd, cmds, nitems(cmds)) == -1 &&
+ errno != ENOSYS)
+ err(1, "unable to limit capability rights");
+
+ if (in.fd != STDERR_FILENO && out.fd != STDERR_FILENO) {
+ if (caph_limit_stderr() == -1)
+ err(1, "unable to limit capability rights");
+ }
+
/*
* Allocate space for the input and output buffers. If not doing
* record oriented I/O, only need a single buffer.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r309921 - head/bin/dd
Author: robak (ports committer)
Date: Mon Dec 12 18:56:40 2016
New Revision: 309921
URL: https://svnweb.freebsd.org/changeset/base/309921
Log:
Fix regression when stdin/out/err fds are are overridden by shell.
Submitted by: Pawel Biernacki
Reported by: ngie
Approved by: ngie
Sponsored by: Mysterious Code Ltd.
Differential Revision:https://reviews.freebsd.org/D8543
Modified:
head/bin/dd/dd.c
Modified: head/bin/dd/dd.c
==
--- head/bin/dd/dd.cMon Dec 12 18:55:41 2016(r309920)
+++ head/bin/dd/dd.cMon Dec 12 18:56:40 2016(r309921)
@@ -142,8 +142,6 @@ setup(void)
in.fd = open(in.name, O_RDONLY, 0);
if (in.fd == -1)
err(1, "%s", in.name);
- if (caph_limit_stdin() == -1)
- err(1, "unable to limit capability rights");
}
getfdtype(&in);
@@ -176,8 +174,6 @@ setup(void)
}
if (out.fd == -1)
err(1, "%s", out.name);
- if (caph_limit_stdout() == -1)
- err(1, "unable to limit capability rights");
}
getfdtype(&out);
@@ -188,6 +184,16 @@ setup(void)
errno != ENOSYS)
err(1, "unable to limit capability rights");
+ if (in.fd != STDIN_FILENO && out.fd != STDIN_FILENO) {
+ if (caph_limit_stdin() == -1)
+ err(1, "unable to limit capability rights");
+ }
+
+ if (in.fd != STDOUT_FILENO && out.fd != STDOUT_FILENO) {
+ if (caph_limit_stdout() == -1)
+ err(1, "unable to limit capability rights");
+ }
+
if (in.fd != STDERR_FILENO && out.fd != STDERR_FILENO) {
if (caph_limit_stderr() == -1)
err(1, "unable to limit capability rights");
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r325516 - in head: lib/libc/gen sys/kern
Author: robak (ports committer)
Date: Tue Nov 7 15:13:32 2017
New Revision: 325516
URL: https://svnweb.freebsd.org/changeset/base/325516
Log:
Make sysctl_kern_proc_umask execute fast path when requested pid in
curproc->p_pid or 0, avoiding unnecessary locking. Update libc consumer
to skip calling getpid().
Submitted by: Pawel Biernacki
Reviewed by: mjg, robak
Approved by: mjg
Sponsored by: Mysterious Code Ltd.
Differential Revision:D12972
Modified:
head/lib/libc/gen/setmode.c
head/sys/kern/kern_proc.c
Modified: head/lib/libc/gen/setmode.c
==
--- head/lib/libc/gen/setmode.c Tue Nov 7 15:01:38 2017(r325515)
+++ head/lib/libc/gen/setmode.c Tue Nov 7 15:13:32 2017(r325516)
@@ -356,7 +356,7 @@ getumask(void)
* security.bsd.unprivileged_proc_debug is set to 0.
*/
len = sizeof(smask);
- if (sysctl((int[4]){ CTL_KERN, KERN_PROC, KERN_PROC_UMASK, getpid() },
+ if (sysctl((int[4]){ CTL_KERN, KERN_PROC, KERN_PROC_UMASK, 0 },
4, &smask, &len, NULL, 0) == 0)
return (smask);
Modified: head/sys/kern/kern_proc.c
==
--- head/sys/kern/kern_proc.c Tue Nov 7 15:01:38 2017(r325515)
+++ head/sys/kern/kern_proc.c Tue Nov 7 15:13:32 2017(r325516)
@@ -2770,18 +2770,25 @@ sysctl_kern_proc_umask(SYSCTL_HANDLER_ARGS)
struct proc *p;
int error;
u_short fd_cmask;
+ pid_t pid;
if (namelen != 1)
return (EINVAL);
- error = pget((pid_t)name[0], PGET_WANTREAD, &p);
+ pid = (pid_t)name[0];
+ p = curproc;
+ if (pid == p->p_pid || pid == 0) {
+ fd_cmask = p->p_fd->fd_cmask;
+ goto out;
+ }
+
+ error = pget(pid, PGET_WANTREAD, &p);
if (error != 0)
return (error);
- FILEDESC_SLOCK(p->p_fd);
fd_cmask = p->p_fd->fd_cmask;
- FILEDESC_SUNLOCK(p->p_fd);
PRELE(p);
+out:
error = SYSCTL_OUT(req, &fd_cmask, sizeof(fd_cmask));
return (error);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r325727 - head/usr.sbin/bhyve
Author: robak (ports committer)
Date: Sat Nov 11 22:50:14 2017
New Revision: 325727
URL: https://svnweb.freebsd.org/changeset/base/325727
Log:
bhyve: avoid applying capsicum capabilities to file that was not opened
When using -l option targeting file that can't be opened (ie. nmdm module
is not loaded and /dev/nmdm* is specified) bhyve tries to apply capsicum
capabilities to a file that was not opened.
Enclose that code in an if statement and only run it on correctly opened
descriptor also providing meaningful message in case of an error.
Submitted by: Pawel Biernacki
Reviewed by: grehan, emaste
Sponsoied by: Mysterious Code Ltd.
Differential Revision:D12985
Modified:
head/usr.sbin/bhyve/uart_emul.c
Modified: head/usr.sbin/bhyve/uart_emul.c
==
--- head/usr.sbin/bhyve/uart_emul.c Sat Nov 11 22:39:33 2017
(r325726)
+++ head/usr.sbin/bhyve/uart_emul.c Sat Nov 11 22:50:14 2017
(r325727)
@@ -678,20 +678,24 @@ uart_set_backend(struct uart_softc *sc, const char *op
if (retval == 0)
retval = fcntl(sc->tty.fd, F_SETFL, O_NONBLOCK);
+ if (retval == 0) {
#ifndef WITHOUT_CAPSICUM
- cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ, CAP_WRITE);
- if (cap_rights_limit(sc->tty.fd, &rights) == -1 && errno != ENOSYS)
- errx(EX_OSERR, "Unable to apply rights for sandbox");
- if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 && errno !=
ENOSYS)
- errx(EX_OSERR, "Unable to apply rights for sandbox");
- if (!uart_stdio) {
- if (caph_limit_stdin() == -1 && errno != ENOSYS)
+ cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ,
+ CAP_WRITE);
+ if (cap_rights_limit(sc->tty.fd, &rights) == -1 &&
+ errno != ENOSYS)
errx(EX_OSERR, "Unable to apply rights for sandbox");
- }
+ if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 &&
+ errno != ENOSYS)
+ errx(EX_OSERR, "Unable to apply rights for sandbox");
+ if (!uart_stdio) {
+ if (caph_limit_stdin() == -1 && errno != ENOSYS)
+ errx(EX_OSERR,
+ "Unable to apply rights for sandbox");
+ }
#endif
-
- if (retval == 0)
uart_opentty(sc);
+ }
return (retval);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r315447 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Fri Mar 17 11:45:46 2017
New Revision: 315447
URL: https://svnweb.freebsd.org/changeset/base/315447
Log:
Revert changes introduced in r314036 on demand by jhb and bapt.
Approved by: bapt, jhb
Modified:
head/usr.sbin/bsdinstall/scripts/hardening
Modified: head/usr.sbin/bsdinstall/scripts/hardening
==
--- head/usr.sbin/bsdinstall/scripts/hardening Fri Mar 17 11:45:16 2017
(r315446)
+++ head/usr.sbin/bsdinstall/scripts/hardening Fri Mar 17 11:45:46 2017
(r315447)
@@ -36,15 +36,15 @@ FEATURES=$( dialog --backtitle "FreeBSD
--title "System Hardening" --nocancel --separate-output \
--checklist "Choose system security hardening options:" \
0 0 0 \
- "0 hide_uids" "Hide processes running as other users" ${hide_uids:-on} \
- "1 hide_gids" "Hide processes running as other groups" ${hide_gids:-on}
\
- "2 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-on} \
- "3 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-on} \
- "4 random_pid" "Randomize the PID of newly created processes"
${random_pid:-on} \
- "5 stack_guard" "Insert stack guard page ahead of the growable
segments" ${stack_guard:-on} \
- "6 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-on} \
- "7 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-on} \
- "8 disable_sendmail" "Disable Sendmail service" ${disable_sendmail:-on}
\
+ "0 hide_uids" "Hide processes running as other users" ${hide_uids:-off}
\
+ "1 hide_gids" "Hide processes running as other groups"
${hide_gids:-off} \
+ "2 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-off} \
+ "3 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-off} \
+ "4 random_pid" "Randomize the PID of newly created processes"
${random_pid:-off} \
+ "5 stack_guard" "Insert stack guard page ahead of the growable
segments" ${stack_guard:-off} \
+ "6 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
+ "7 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
+ "8 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
2>&1 1>&3 )
exec 3>&-
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r313727 - in head: lib/libvmmapi usr.sbin/bhyve
Author: robak (ports committer)
Date: Tue Feb 14 13:35:59 2017
New Revision: 313727
URL: https://svnweb.freebsd.org/changeset/base/313727
Log:
Capsicum support for bhyve(8).
Adds Capsicum sandboxing to bhyve.
Submitted by: Pawel Biernacki
Reviewed by: grehan, oshogbo
Approved by: emaste, grehan
Sponsored by: Mysterious Code Ltd.
Differential Revision:https://reviews.freebsd.org/D8290
Modified:
head/lib/libvmmapi/vmmapi.c
head/lib/libvmmapi/vmmapi.h
head/usr.sbin/bhyve/bhyverun.c
head/usr.sbin/bhyve/block_if.c
head/usr.sbin/bhyve/consport.c
head/usr.sbin/bhyve/dbgport.c
head/usr.sbin/bhyve/mevent.c
head/usr.sbin/bhyve/pci_e82545.c
head/usr.sbin/bhyve/pci_passthru.c
head/usr.sbin/bhyve/pci_virtio_console.c
head/usr.sbin/bhyve/pci_virtio_net.c
head/usr.sbin/bhyve/pci_virtio_rnd.c
head/usr.sbin/bhyve/rfb.c
head/usr.sbin/bhyve/uart_emul.c
Modified: head/lib/libvmmapi/vmmapi.c
==
--- head/lib/libvmmapi/vmmapi.c Tue Feb 14 04:52:24 2017(r313726)
+++ head/lib/libvmmapi/vmmapi.c Tue Feb 14 13:35:59 2017(r313727)
@@ -1416,3 +1416,45 @@ vm_restart_instruction(void *arg, int vc
return (ioctl(ctx->fd, VM_RESTART_INSTRUCTION, &vcpu));
}
+
+int
+vm_get_device_fd(struct vmctx *ctx)
+{
+
+ return (ctx->fd);
+}
+
+const cap_ioctl_t *
+vm_get_ioctls(size_t *len)
+{
+ cap_ioctl_t *cmds;
+ /* keep in sync with machine/vmm_dev.h */
+ static const cap_ioctl_t vm_ioctl_cmds[] = { VM_RUN, VM_SUSPEND,
VM_REINIT,
+ VM_ALLOC_MEMSEG, VM_GET_MEMSEG, VM_MMAP_MEMSEG, VM_MMAP_MEMSEG,
+ VM_MMAP_GETNEXT, VM_SET_REGISTER, VM_GET_REGISTER,
+ VM_SET_SEGMENT_DESCRIPTOR, VM_GET_SEGMENT_DESCRIPTOR,
+ VM_INJECT_EXCEPTION, VM_LAPIC_IRQ, VM_LAPIC_LOCAL_IRQ,
+ VM_LAPIC_MSI, VM_IOAPIC_ASSERT_IRQ, VM_IOAPIC_DEASSERT_IRQ,
+ VM_IOAPIC_PULSE_IRQ, VM_IOAPIC_PINCOUNT, VM_ISA_ASSERT_IRQ,
+ VM_ISA_DEASSERT_IRQ, VM_ISA_PULSE_IRQ, VM_ISA_SET_IRQ_TRIGGER,
+ VM_SET_CAPABILITY, VM_GET_CAPABILITY, VM_BIND_PPTDEV,
+ VM_UNBIND_PPTDEV, VM_MAP_PPTDEV_MMIO, VM_PPTDEV_MSI,
+ VM_PPTDEV_MSIX, VM_INJECT_NMI, VM_STATS, VM_STAT_DESC,
+ VM_SET_X2APIC_STATE, VM_GET_X2APIC_STATE,
+ VM_GET_HPET_CAPABILITIES, VM_GET_GPA_PMAP, VM_GLA2GPA,
+ VM_ACTIVATE_CPU, VM_GET_CPUS, VM_SET_INTINFO, VM_GET_INTINFO,
+ VM_RTC_WRITE, VM_RTC_READ, VM_RTC_SETTIME, VM_RTC_GETTIME,
+ VM_RESTART_INSTRUCTION };
+
+ if (len == NULL) {
+ cmds = malloc(sizeof(vm_ioctl_cmds));
+ if (cmds == NULL)
+ return (NULL);
+ bcopy(vm_ioctl_cmds, cmds, sizeof(vm_ioctl_cmds));
+ return (cmds);
+ }
+
+ *len = nitems(vm_ioctl_cmds);
+ return (NULL);
+}
+
Modified: head/lib/libvmmapi/vmmapi.h
==
--- head/lib/libvmmapi/vmmapi.h Tue Feb 14 04:52:24 2017(r313726)
+++ head/lib/libvmmapi/vmmapi.h Tue Feb 14 13:35:59 2017(r313727)
@@ -36,7 +36,7 @@
* API version for out-of-tree consumers like grub-bhyve for making compile
* time decisions.
*/
-#defineVMMAPI_VERSION 0102/* 2 digit major followed by 2 digit
minor */
+#defineVMMAPI_VERSION 0103/* 2 digit major followed by 2 digit
minor */
struct iovec;
struct vmctx;
@@ -102,6 +102,7 @@ int vm_mmap_memseg(struct vmctx *ctx, vm
vm_ooffset_t segoff, size_t len, int prot);
intvm_create(const char *name);
+intvm_get_device_fd(struct vmctx *ctx);
struct vmctx *vm_open(const char *name);
void vm_destroy(struct vmctx *ctx);
intvm_parse_memsize(const char *optarg, size_t *memsize);
@@ -162,6 +163,8 @@ int vm_setup_pptdev_msix(struct vmctx *c
intvm_get_intinfo(struct vmctx *ctx, int vcpu, uint64_t *i1, uint64_t *i2);
intvm_set_intinfo(struct vmctx *ctx, int vcpu, uint64_t exit_intinfo);
+const cap_ioctl_t *vm_get_ioctls(size_t *len);
+
/*
* Return a pointer to the statistics buffer. Note that this is not MT-safe.
*/
Modified: head/usr.sbin/bhyve/bhyverun.c
==
--- head/usr.sbin/bhyve/bhyverun.c Tue Feb 14 04:52:24 2017
(r313726)
+++ head/usr.sbin/bhyve/bhyverun.c Tue Feb 14 13:35:59 2017
(r313727)
@@ -30,16 +30,23 @@
__FBSDID("$FreeBSD$");
#include
+#ifndef WITHOUT_CAPSICUM
+#include
+#endif
#include
#include
#include
#include
+#ifndef WITHOUT_CAPSICUM
+#include
+#endif
#include
#include
#include
#include
+#include
#include
#include
#include
@@ -50,6 +57,9 @@ __FBSDID("$FreeBSD$");
#include
#include
+#ifndef WITHOUT_CAPSICUM
+#include
+#endif
#include
#include "bhyverun.h"
@@ -706,6 +716,11 @@ do_open(const char *vmname)
struct
svn commit: r313815 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Thu Feb 16 19:58:02 2017
New Revision: 313815
URL: https://svnweb.freebsd.org/changeset/base/313815
Log:
Add 0-8 as shortcuts for jumping to menu items in the hardening menu.
Submitted by: skreuzer
Reviewed by: allanjude, robak
Approved by: allanjude
Differential Revision:https://reviews.freebsd.org/D6826
Modified:
head/usr.sbin/bsdinstall/scripts/hardening
Modified: head/usr.sbin/bsdinstall/scripts/hardening
==
--- head/usr.sbin/bsdinstall/scripts/hardening Thu Feb 16 19:41:13 2017
(r313814)
+++ head/usr.sbin/bsdinstall/scripts/hardening Thu Feb 16 19:58:02 2017
(r313815)
@@ -33,18 +33,18 @@ echo -n > $BSDINSTALL_TMPETC/sysctl.conf
exec 3>&1
FEATURES=$( dialog --backtitle "FreeBSD Installer" \
---title "System Hardening" --nocancel --notags --separate-output \
+--title "System Hardening" --nocancel --separate-output \
--checklist "Choose system security hardening options:" \
0 0 0 \
- "hide_uids" "Hide processes running as other users" ${hide_uids:-off} \
- "hide_gids" "Hide processes running as other groups" ${hide_gids:-off} \
- "read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-off} \
- "proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-off} \
- "random_pid" "Randomize the PID of newly created processes"
${random_pid:-off} \
- "stack_guard" "Insert stack guard page ahead of the growable segments"
${stack_guard:-off} \
- "clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
- "disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
- "disable_sendmail" "Disable Sendmail service" ${disable_sendmail:-off} \
+ "0 hide_uids" "Hide processes running as other users" ${hide_uids:-off}
\
+ "1 hide_gids" "Hide processes running as other groups"
${hide_gids:-off} \
+ "2 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-off} \
+ "3 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-off} \
+ "4 random_pid" "Randomize the PID of newly created processes"
${random_pid:-off} \
+ "5 stack_guard" "Insert stack guard page ahead of the growable
segments" ${stack_guard:-off} \
+ "6 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
+ "7 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
+ "8 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
2>&1 1>&3 )
exec 3>&-
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r314036 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Tue Feb 21 09:37:33 2017
New Revision: 314036
URL: https://svnweb.freebsd.org/changeset/base/314036
Log:
Enable bsdinstall hardening options by default.
As discussed previously, in order to introduce new OS hardening
defaults, we've added them to bsdinstall in 'off by default' mode.
It has been there for a while, so the next step is to change them
to 'on by defaul' mode, so that in future we could simply enable
them in base OS.
Reviewed by: brd
Approved by: adrian
Differential Revision:https://reviews.freebsd.org/D9641
Modified:
head/usr.sbin/bsdinstall/scripts/hardening
Modified: head/usr.sbin/bsdinstall/scripts/hardening
==
--- head/usr.sbin/bsdinstall/scripts/hardening Tue Feb 21 09:33:21 2017
(r314035)
+++ head/usr.sbin/bsdinstall/scripts/hardening Tue Feb 21 09:37:33 2017
(r314036)
@@ -36,15 +36,15 @@ FEATURES=$( dialog --backtitle "FreeBSD
--title "System Hardening" --nocancel --separate-output \
--checklist "Choose system security hardening options:" \
0 0 0 \
- "0 hide_uids" "Hide processes running as other users" ${hide_uids:-off}
\
- "1 hide_gids" "Hide processes running as other groups"
${hide_gids:-off} \
- "2 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-off} \
- "3 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-off} \
- "4 random_pid" "Randomize the PID of newly created processes"
${random_pid:-off} \
- "5 stack_guard" "Insert stack guard page ahead of the growable
segments" ${stack_guard:-off} \
- "6 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
- "7 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
- "8 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
+ "0 hide_uids" "Hide processes running as other users" ${hide_uids:-on} \
+ "1 hide_gids" "Hide processes running as other groups" ${hide_gids:-on}
\
+ "2 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-on} \
+ "3 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-on} \
+ "4 random_pid" "Randomize the PID of newly created processes"
${random_pid:-on} \
+ "5 stack_guard" "Insert stack guard page ahead of the growable
segments" ${stack_guard:-on} \
+ "6 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-on} \
+ "7 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-on} \
+ "8 disable_sendmail" "Disable Sendmail service" ${disable_sendmail:-on}
\
2>&1 1>&3 )
exec 3>&-
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r321326 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Fri Jul 21 08:50:22 2017
New Revision: 321326
URL: https://svnweb.freebsd.org/changeset/base/321326
Log:
Remove stack guard option from hardening menu.
Since kib's change the stack guard is now ON by default,
this option in hardening menu of bsdinstall is no longer needed.
Submitted by: Bartlomiej Rutkowski
Reviewed by: bapt
Approved by: bapt
MFC after:1 day
Sponsored by: Pixeware LTD
Differential Revision:https://reviews.freebsd.org/D11686
Modified:
head/usr.sbin/bsdinstall/scripts/hardening
Modified: head/usr.sbin/bsdinstall/scripts/hardening
==
--- head/usr.sbin/bsdinstall/scripts/hardening Fri Jul 21 07:44:43 2017
(r321325)
+++ head/usr.sbin/bsdinstall/scripts/hardening Fri Jul 21 08:50:22 2017
(r321326)
@@ -42,11 +42,10 @@ FEATURES=$( dialog --backtitle "FreeBSD Installer" \
"3 read_msgbuf" "Disable reading kernel message buffer for unprivileged
users" ${read_msgbuf:-off} \
"4 proc_debug" "Disable process debugging facilities for unprivileged
users" ${proc_debug:-off} \
"5 random_pid" "Randomize the PID of newly created processes"
${random_pid:-off} \
- "6 stack_guard" "Set stack guard buffer size to 2MB"
${stack_guard:-off} \
- "7 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
- "8 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
- "9 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
- "10 secure_console" "Enable console password prompt"
${secure_console:-off} \
+ "6 clear_tmp" "Clean the /tmp filesystem on system startup"
${clear_tmp:-off} \
+ "7 disable_syslogd" "Disable opening Syslogd network socket (disables
remote logging)" ${disable_syslogd:-off} \
+ "8 disable_sendmail" "Disable Sendmail service"
${disable_sendmail:-off} \
+ "9 secure_console" "Enable console password prompt"
${secure_console:-off} \
2>&1 1>&3 )
exec 3>&-
@@ -68,9 +67,6 @@ for feature in $FEATURES; do
fi
if [ "$feature" = "random_pid" ]; then
echo kern.randompid=$(jot -r 1 ) >>
$BSDINSTALL_TMPETC/sysctl.conf.hardening
- fi
- if [ "$feature" = "stack_guard" ]; then
- echo security.bsd.stack_guard_page=512 >>
$BSDINSTALL_TMPETC/sysctl.conf.hardening
fi
if [ "$feature" = "clear_tmp" ]; then
echo 'clear_tmp_enable="YES"' >>
$BSDINSTALL_TMPETC/rc.conf.hardening
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r267635 - head/share/misc
Author: robak (ports committer) Date: Thu Jun 19 06:31:27 2014 New Revision: 267635 URL: http://svnweb.freebsd.org/changeset/base/267635 Log: Add Bartek Rutkowski (myself) to committers-ports.dot file with swills and marino as mentors. Approved by: swills (mentor) Modified: head/share/misc/committers-ports.dot Modified: head/share/misc/committers-ports.dot == --- head/share/misc/committers-ports.dotThu Jun 19 05:45:17 2014 (r267634) +++ head/share/misc/committers-ports.dotThu Jun 19 06:31:27 2014 (r267635) @@ -183,6 +183,7 @@ rene [label="Rene Ladan\nr...@freebsd.or riggs [label="Thomas Zander\nri...@freebsd.org\n2014/01/09"] rm [label="Ruslan Makhmatkhanov\n...@freebsd.org\n2011/11/06"] rnoland [label="Robert Noland\nrnol...@freebsd.org\n2008/07/21"] +robak [label="Bartek Rutkowski\ro...@freebsd.org\n2014/06/10"] rodrigo [label="Rodrigo Osorio\nrodr...@freebsd.org\n2014/01/15"] romain [label="Romain Tartiere\nrom...@freebsd.org\n2010/01/24"] sahil [label="Sahil Tandon\nsa...@freebsd.org\n2010/04/11"] @@ -416,6 +417,8 @@ marcus -> bland marcus -> eik marcus -> jmallett +marino -> robak + makc -> bf makc -> jhale makc -> rakuco @@ -524,6 +527,7 @@ steve -> netchild swills -> feld swills -> milki swills -> pclin +swills -> robak swills -> xmj tabthorpe -> ashish ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302897 - head/usr.sbin/bsdinstall/scripts
Author: robak (ports committer)
Date: Fri Jul 15 15:07:24 2016
New Revision: 302897
URL: https://svnweb.freebsd.org/changeset/base/302897
Log:
Add new System Hardening menu and options to bsdinstall.
This patch add new 'hardening' file responsible for new bsdinstall
'System Hardening' menu allowing users to set some sane and carefully
picked system security options (like random process id's, hiding
other users/groups processes and others).
All options are OFF by default in this patch due to POLA principle
with intention to turn change some of them to ON by default in future.
Reviewed by: adrian, allanjude, bdrewery, nwhitehorn
Approved by: adrian, allanjude
MFC after:7 days
Added:
head/usr.sbin/bsdinstall/scripts/hardening (contents, props changed)
Modified:
head/usr.sbin/bsdinstall/scripts/Makefile
head/usr.sbin/bsdinstall/scripts/auto
head/usr.sbin/bsdinstall/scripts/config
Modified: head/usr.sbin/bsdinstall/scripts/Makefile
==
--- head/usr.sbin/bsdinstall/scripts/Makefile Fri Jul 15 13:25:47 2016
(r302896)
+++ head/usr.sbin/bsdinstall/scripts/Makefile Fri Jul 15 15:07:24 2016
(r302897)
@@ -1,6 +1,6 @@
# $FreeBSD$
-SCRIPTS= auto adduser checksum config docsinstall entropy hostname jail \
+SCRIPTS= auto adduser checksum config docsinstall entropy hardening hostname
jail \
keymap mirrorselect mount netconfig netconfig_ipv4 netconfig_ipv6 \
rootpass script services time umount wlanconfig zfsboot
BINDIR= ${LIBEXECDIR}/bsdinstall
Modified: head/usr.sbin/bsdinstall/scripts/auto
==
--- head/usr.sbin/bsdinstall/scripts/auto Fri Jul 15 13:25:47 2016
(r302896)
+++ head/usr.sbin/bsdinstall/scripts/auto Fri Jul 15 15:07:24 2016
(r302897)
@@ -385,6 +385,7 @@ if [ "$NETCONFIG_DONE" != yes ]; then
fi
bsdinstall time
bsdinstall services
+bsdinstall hardening
dialog --backtitle "FreeBSD Installer" --title "Add User Accounts" --yesno \
"Would you like to add users to the installed system now?" 0 0 && \
@@ -401,6 +402,7 @@ finalconfig() {
"Hostname" "Set system hostname" \
"Network" "Networking configuration" \
"Services" "Set daemons to run on startup" \
+ "System Hardening" "Set security options" \
"Time Zone" "Set system timezone" \
"Handbook" "Install FreeBSD Handbook (requires network)" 2>&1
1>&3)
exec 3>&-
@@ -426,6 +428,10 @@ finalconfig() {
bsdinstall services
finalconfig
;;
+ "System Hardening")
+ bsdinstall hardening
+ finalconfig
+ ;;
"Time Zone")
bsdinstall time
finalconfig
Modified: head/usr.sbin/bsdinstall/scripts/config
==
--- head/usr.sbin/bsdinstall/scripts/config Fri Jul 15 13:25:47 2016
(r302896)
+++ head/usr.sbin/bsdinstall/scripts/config Fri Jul 15 15:07:24 2016
(r302897)
@@ -32,6 +32,9 @@
cat $BSDINSTALL_TMPETC/rc.conf.* >> $BSDINSTALL_TMPETC/rc.conf
rm $BSDINSTALL_TMPETC/rc.conf.*
+cat $BSDINSTALL_CHROOT/etc/sysctl.conf
$BSDINSTALL_TMPETC/sysctl.conf.hardening >> $BSDINSTALL_TMPETC/sysctl.conf
+rm $BSDINSTALL_TMPETC/sysctl.conf.*
+
cp $BSDINSTALL_TMPETC/* $BSDINSTALL_CHROOT/etc
cat $BSDINSTALL_TMPBOOT/loader.conf.* >> $BSDINSTALL_TMPBOOT/loader.conf
Added: head/usr.sbin/bsdinstall/scripts/hardening
======
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/usr.sbin/bsdinstall/scripts/hardening Fri Jul 15 15:07:24 2016
(r302897)
@@ -0,0 +1,79 @@
+#!/bin/sh
+#-
+# Copyright (c) 2016 Bartek Rutkowski
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#notice, this list of conditions and the following disclaimer in the
+#documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AN
