head	1.8;
access;
symbols
	RELENG_8_4:1.7.0.2
	RELENG_9_1_0_RELEASE:1.6.2.1.4.2
	RELENG_9_1:1.6.2.1.0.4
	RELENG_9_1_BP:1.6.2.1
	RELENG_8_3_0_RELEASE:1.4.2.2.8.1
	RELENG_8_3:1.4.2.2.0.8
	RELENG_8_3_BP:1.4.2.2
	RELENG_9_0_0_RELEASE:1.6.2.1.2.1
	RELENG_9_0:1.6.2.1.0.2
	RELENG_9_0_BP:1.6.2.1
	RELENG_9:1.6.0.2
	RELENG_9_BP:1.6
	RELENG_7_4_0_RELEASE:1.2.12.1
	RELENG_8_2_0_RELEASE:1.4.2.2.6.1
	RELENG_7_4:1.2.0.12
	RELENG_7_4_BP:1.2
	RELENG_8_2:1.4.2.2.0.6
	RELENG_8_2_BP:1.4.2.2
	RELENG_8_1_0_RELEASE:1.4.2.2.4.1
	RELENG_8_1:1.4.2.2.0.4
	RELENG_8_1_BP:1.4.2.2
	RELENG_7_3_0_RELEASE:1.2.10.1
	RELENG_7_3:1.2.0.10
	RELENG_7_3_BP:1.2
	RELENG_8_0_0_RELEASE:1.4.2.2.2.1
	RELENG_8_0:1.4.2.2.0.2
	RELENG_8_0_BP:1.4.2.2
	RELENG_8:1.4.0.2
	RELENG_8_BP:1.4
	RELENG_7_2_0_RELEASE:1.2.8.1
	RELENG_7_2:1.2.0.8
	RELENG_7_2_BP:1.2
	RELENG_7_1_0_RELEASE:1.2.6.1
	RELENG_7_1:1.2.0.6
	RELENG_7_1_BP:1.2
	RELENG_7_0_0_RELEASE:1.2
	RELENG_7_0:1.2.0.4
	RELENG_7_0_BP:1.2
	RELENG_7:1.2.0.2
	RELENG_7_BP:1.2;
locks; strict;
comment	@# @;


1.8
date	2013.07.17.00.28.29;	author svnexp;	state Exp;
branches;
next	1.7;

1.7
date	2012.11.17.01.53.55;	author svnexp;	state Exp;
branches
	1.7.2.1;
next	1.6;

1.6
date	2010.03.02.16.58.04;	author uqs;	state Exp;
branches
	1.6.2.1;
next	1.5;

1.5
date	2009.08.13.09.11.47;	author bz;	state Exp;
branches;
next	1.4;

1.4
date	2007.11.16.21.24.45;	author bz;	state Exp;
branches
	1.4.2.1;
next	1.3;

1.3
date	2007.11.13.08.59.29;	author bz;	state Exp;
branches;
next	1.2;

1.2
date	2007.09.09.23.08.39;	author rwatson;	state Exp;
branches
	1.2.2.1
	1.2.6.1
	1.2.8.1
	1.2.10.1
	1.2.12.1;
next	1.1;

1.1
date	2006.09.13.09.05.39;	author rwatson;	state Exp;
branches;
next	;

1.7.2.1
date	2012.11.17.01.53.55;	author svnexp;	state dead;
branches;
next	1.7.2.2;

1.7.2.2
date	2013.03.28.13.05.52;	author svnexp;	state Exp;
branches;
next	;

1.6.2.1
date	2011.09.23.00.51.37;	author kensmith;	state Exp;
branches
	1.6.2.1.2.1
	1.6.2.1.4.1;
next	1.6.2.2;

1.6.2.2
date	2012.11.17.11.37.30;	author svnexp;	state Exp;
branches;
next	;

1.6.2.1.2.1
date	2011.11.11.04.20.22;	author kensmith;	state Exp;
branches;
next	1.6.2.1.2.2;

1.6.2.1.2.2
date	2012.11.17.08.37.27;	author svnexp;	state Exp;
branches;
next	;

1.6.2.1.4.1
date	2012.08.05.23.54.33;	author kensmith;	state Exp;
branches;
next	1.6.2.1.4.2;

1.6.2.1.4.2
date	2012.11.17.08.48.18;	author svnexp;	state Exp;
branches;
next	;

1.4.2.1
date	2009.08.03.08.13.06;	author kensmith;	state Exp;
branches;
next	1.4.2.2;

1.4.2.2
date	2009.08.13.09.17.07;	author bz;	state Exp;
branches
	1.4.2.2.2.1
	1.4.2.2.4.1
	1.4.2.2.6.1
	1.4.2.2.8.1;
next	1.4.2.3;

1.4.2.3
date	2012.11.17.10.37.12;	author svnexp;	state Exp;
branches;
next	;

1.4.2.2.2.1
date	2009.10.25.01.10.29;	author kensmith;	state Exp;
branches;
next	;

1.4.2.2.4.1
date	2010.06.14.02.09.06;	author kensmith;	state Exp;
branches;
next	;

1.4.2.2.6.1
date	2010.12.21.17.09.25;	author kensmith;	state Exp;
branches;
next	;

1.4.2.2.8.1
date	2012.03.03.06.15.13;	author kensmith;	state Exp;
branches;
next	1.4.2.2.8.2;

1.4.2.2.8.2
date	2012.11.17.08.25.46;	author svnexp;	state Exp;
branches;
next	;

1.2.2.1
date	2012.11.17.08.08.05;	author svnexp;	state Exp;
branches;
next	;

1.2.6.1
date	2008.11.25.02.59.29;	author kensmith;	state Exp;
branches;
next	;

1.2.8.1
date	2009.04.15.03.14.26;	author kensmith;	state Exp;
branches;
next	;

1.2.10.1
date	2010.02.10.00.26.20;	author kensmith;	state Exp;
branches;
next	;

1.2.12.1
date	2010.12.21.17.10.29;	author kensmith;	state Exp;
branches;
next	1.2.12.2;

1.2.12.2
date	2012.11.17.08.17.39;	author svnexp;	state Exp;
branches;
next	;


desc
@@


1.8
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253385
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@#
# $FreeBSD: head/tools/regression/priv/Makefile 253385 2013-07-16 09:38:51Z kevlo $
#

.include <bsd.own.mk>

PROG=	priv
SRCS=	main.c				\
	priv_acct.c			\
	priv_adjtime.c			\
	priv_audit_control.c		\
	priv_audit_getaudit.c		\
	priv_audit_setaudit.c		\
	priv_audit_submit.c		\
	priv_clock_settime.c		\
	priv_cred.c			\
	priv_io.c			\
	priv_kenv_set.c			\
	priv_kenv_unset.c		\
	priv_msgbuf.c			\
	priv_netinet_ipsec.c		\
	priv_netinet_raw.c		\
	priv_proc_setlogin.c		\
	priv_proc_setrlimit.c		\
	priv_sched_rtprio.c		\
	priv_sched_setpriority.c	\
	priv_settimeofday.c		\
	priv_sysctl_write.c		\
	priv_vfs_chflags.c		\
	priv_vfs_chmod.c		\
	priv_vfs_chown.c		\
	priv_vfs_chroot.c		\
	priv_vfs_clearsugid.c		\
	priv_vfs_extattr_system.c	\
	priv_vfs_fhopen.c		\
	priv_vfs_fhstat.c		\
	priv_vfs_fhstatfs.c		\
	priv_vfs_generation.c		\
	priv_vfs_getfh.c		\
	priv_vfs_read_write.c		\
	priv_vfs_setgid.c		\
	priv_vfs_stickyfile.c		\
	priv_vfs_utimes.c		\
	priv_vm_madv_protect.c		\
	priv_vm_mlock.c			\
	priv_vm_munlock.c

MAN=
WARNS?=	3

DPADD+= ${LIBIPSEC}
LDADD+= -lipsec

.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif

.include <bsd.prog.mk>
@


1.7
log
@Switching exporter and resync
@
text
@d2 1
a2 1
# $FreeBSD: head/tools/regression/priv/Makefile 204585 2010-03-02 16:58:04Z uqs $
d48 1
a48 1
NO_MAN=
@


1.7.2.1
log
@file Makefile was added on branch RELENG_8_4 on 2013-03-28 13:05:52 +0000
@
text
@d1 58
@


1.7.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 58
#
# $FreeBSD: releng/8.4/tools/regression/priv/Makefile 196173 2009-08-13 09:17:07Z bz $
#

.include <bsd.own.mk>

PROG=	priv
SRCS=	main.c				\
	priv_acct.c			\
	priv_adjtime.c			\
	priv_audit_control.c		\
	priv_audit_getaudit.c		\
	priv_audit_setaudit.c		\
	priv_audit_submit.c		\
	priv_clock_settime.c		\
	priv_cred.c			\
	priv_io.c			\
	priv_kenv_set.c			\
	priv_kenv_unset.c		\
	priv_msgbuf.c			\
	priv_netinet_ipsec.c		\
	priv_netinet_raw.c		\
	priv_proc_setlogin.c		\
	priv_proc_setrlimit.c		\
	priv_sched_rtprio.c		\
	priv_sched_setpriority.c	\
	priv_settimeofday.c		\
	priv_sysctl_write.c		\
	priv_vfs_chflags.c		\
	priv_vfs_chmod.c		\
	priv_vfs_chown.c		\
	priv_vfs_chroot.c		\
	priv_vfs_clearsugid.c		\
	priv_vfs_extattr_system.c	\
	priv_vfs_fhopen.c		\
	priv_vfs_fhstat.c		\
	priv_vfs_fhstatfs.c		\
	priv_vfs_generation.c		\
	priv_vfs_getfh.c		\
	priv_vfs_read_write.c		\
	priv_vfs_setgid.c		\
	priv_vfs_stickyfile.c		\
	priv_vfs_utimes.c		\
	priv_vm_madv_protect.c		\
	priv_vm_mlock.c			\
	priv_vm_munlock.c

NO_MAN=
WARNS=	3

DPADD+= ${LIBIPSEC}
LDADD+= -lipsec

.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif

.include <bsd.prog.mk>
@


1.6
log
@SVN rev 204585 on 2010-03-02 16:58:04Z by uqs

Always assign WARNS using ?=

- fix some nearby style bugs
- include Makefile.inc where it makes sense and reduces duplication

Approved by:	ed (co-mentor)
@
text
@d2 1
a2 1
# $FreeBSD$
@


1.6.2.1
log
@SVN rev 225736 on 2011-09-23 00:51:37Z by kensmith

Copy head to stable/9 as part of 9.0-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.6.2.2
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242902
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242902 | dteske | 2012-11-11 23:29:45 +0000 (Sun, 11 Nov 2012) | 10 lines
## SVN ##
## SVN ## Fix a regression introduced by SVN r211417 that saw the breakage of a feature
## SVN ## documented in usr.sbin/sysinstall/help/shortcuts.hlp (reproduced below):
## SVN ##
## SVN ## If /usr/sbin/sysinstall is linked to another filename, say
## SVN ## `/usr/local/bin/configPackages', then the basename will be used
## SVN ## as an implicit command name.
## SVN ##
## SVN ## Reviewed by:	adrian (co-mentor)
## SVN ## Approved by:	adrian (co-mentor)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d2 1
a2 1
# $FreeBSD: stable/9/tools/regression/priv/Makefile 204585 2010-03-02 16:58:04Z uqs $
@


1.6.2.1.4.1
log
@SVN rev 239080 on 2012-08-05 23:54:33Z by kensmith

Copy stable/9 to releng/9.1 as part of the 9.1-RELEASE release process.

Approved by:	re (implicit)
@
text
@@


1.6.2.1.4.2
log
@Switch importer
@
text
@d2 1
a2 1
# $FreeBSD: releng/9.1/tools/regression/priv/Makefile 204585 2010-03-02 16:58:04Z uqs $
@


1.6.2.1.2.1
log
@SVN rev 227445 on 2011-11-11 04:20:22Z by kensmith

Copy stable/9 to releng/9.0 as part of the FreeBSD 9.0-RELEASE release
cycle.

Approved by:	re (implicit)
@
text
@@


1.6.2.1.2.2
log
@Switch importer
@
text
@d2 1
a2 1
# $FreeBSD: releng/9.0/tools/regression/priv/Makefile 204585 2010-03-02 16:58:04Z uqs $
@


1.5
log
@SVN rev 196172 on 2009-08-13 09:11:47Z by bz

Start respecting WITHOUT_INET6.

Make regression/priv compile again after the multi-IP jail
changes.  Note that we are still using the legacy jail(2)
rather than the jail_set(2)/jail(3) syscall.
Add an IPv4,  and an IPv6 loopback address in case we compile
with INET6 enabled.

Make the priv_vfs_extattr_system compile on amd64 as well using the
proper length modifier to printf(3) for ssize_t.

Reviewed by:	rwatson
Approved by:	re (kib)
@
text
@d49 1
a49 1
WARNS=	3
@


1.4
log
@Remove empty setup and cleanup functions for the pfkey test.

Add regression tests for privileged and supposedly unprivileged
IP_IPSEC_POLICY,IPV6_IPSEC_POLICY setsockopt cases.

We may need to review the current 'good' results to make
sure they reflect what we really want.

Discussed with:	rwatson
Reviewed by:	rwatson
@
text
@d5 2
d54 4
@


1.4.2.1
log
@SVN rev 196045 on 2009-08-03 08:13:06Z by kensmith

Copy head to stable/8 as part of 8.0 Release cycle.

Approved by:	re (Implicit)
@
text
@@


1.4.2.2
log
@SVN rev 196173 on 2009-08-13 09:17:07Z by bz

MFC r196172:
  Start respecting WITHOUT_INET6.

  Make regression/priv compile again after the multi-IP jail
  changes.  Note that we are still using the legacy jail(2)
  rather than the jail_set(2)/jail(3) syscall.
  Add an IPv4,  and an IPv6 loopback address in case we compile
  with INET6 enabled.

  Make the priv_vfs_extattr_system compile on amd64 as well using the
  proper length modifier to printf(3) for ssize_t.

  Reviewed by:  rwatson

Approved by:	re (kib)
@
text
@a4 2
.include <bsd.own.mk>

a51 4
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif

@


1.4.2.3
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242909
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242909 | dim | 2012-11-12 07:47:19 +0000 (Mon, 12 Nov 2012) | 20 lines
## SVN ##
## SVN ## MFC r242625:
## SVN ##
## SVN ## Remove duplicate const specifiers in many drivers (I hope I got all of
## SVN ## them, please let me know if not).  Most of these are of the form:
## SVN ##
## SVN ## static const struct bzzt_type {
## SVN ##       [...list of members...]
## SVN ## } const bzzt_devs[] = {
## SVN ##       [...list of initializers...]
## SVN ## };
## SVN ##
## SVN ## The second const is unnecessary, as arrays cannot be modified anyway,
## SVN ## and if the elements are const, the whole thing is const automatically
## SVN ## (e.g. it is placed in .rodata).
## SVN ##
## SVN ## I have verified this does not change the binary output of a full kernel
## SVN ## build (except for build timestamps embedded in the object files).
## SVN ##
## SVN ## Reviewed by:	yongari, marius
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d2 1
a2 1
# $FreeBSD: stable/8/tools/regression/priv/Makefile 196173 2009-08-13 09:17:07Z bz $
@


1.4.2.2.8.1
log
@SVN rev 232438 on 2012-03-03 06:15:13Z by kensmith

Copy stable/8 to releng/8.3 as part of 8.3-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.4.2.2.8.2
log
@Switch importer
@
text
@d2 1
a2 1
# $FreeBSD: releng/8.3/tools/regression/priv/Makefile 196173 2009-08-13 09:17:07Z bz $
@


1.4.2.2.6.1
log
@SVN rev 216617 on 2010-12-21 17:09:25Z by kensmith

Copy stable/8 to releng/8.2 in preparation for FreeBSD-8.2 release.

Approved by:	re (implicit)
@
text
@@


1.4.2.2.4.1
log
@SVN rev 209145 on 2010-06-14 02:09:06Z by kensmith

Copy stable/8 to releng/8.1 in preparation for 8.1-RC1.

Approved by:	re (implicit)
@
text
@@


1.4.2.2.2.1
log
@SVN rev 198460 on 2009-10-25 01:10:29Z by kensmith

Copy stable/8 to releng/8.0 as part of 8.0-RELEASE release procedure.

Approved by:	re (implicit)
@
text
@@


1.3
log
@In sys/netipsec/keysock.c rev. 1.19 a missing priv check was added.
Before that non-su users were able to open pfkey sockets as well.

Add a regression test so we can detect such problems in an automated way
in the future.
@
text
@d49 3
@


1.2
log
@Enhance and expand kernel privilege regression tests in support of
work present in FreeBSD 7.0 to refine the kernel privilege model:

- Introduce support for jail as a testing variable, in order to
  confirm that privileges are properly restricted in the jail
  environment.

- Restructure overall testing approach so that privilege and jail
  conditions are set in the testing infrastructure before tests
  are invoked, and done so in a custom-created process to isolate
  the impact of tests from each other in a more consistent way.

- Tests now provide setup and cleanup hooks that occur before and
  after the test runs.

- New privilege tests are now present for several audit
  privileges, several credential management privileges, dmesg
  buffer reading privilege, and netinet raw socket creation.

- Other existing tests are restructured and generally improved as
  a result of better framework structure and jail as a variable.
  For exampe, we now test that certain sysctls are writable only
  outside jail, while others are writable within jail.  On a
  similar note, privileges relating to setting UFS file flags are
  now better exercised, as with the right to chmod and utimes
  files.

Approved by:	re (bmah)
Obtained from:	TrustedBSD Project
@
text
@d19 1
@


1.2.2.1
log
@Switch importer
@
text
@d2 1
a2 1
# $FreeBSD: stable/7/tools/regression/priv/Makefile 172106 2007-09-09 23:08:39Z rwatson $
@


1.2.12.1
log
@SVN rev 216618 on 2010-12-21 17:10:29Z by kensmith

Copy stable/7 to releng/7.4 in preparation for FreeBSD-7.4 release.

Approved by:	re (implicit)
@
text
@@


1.2.12.2
log
@Switch importer
@
text
@d2 1
a2 1
# $FreeBSD: releng/7.4/tools/regression/priv/Makefile 172106 2007-09-09 23:08:39Z rwatson $
@


1.2.10.1
log
@SVN rev 203736 on 2010-02-10 00:26:20Z by kensmith

Copy stable/7 to releng/7.3 as part of the 7.3-RELEASE process.

Approved by:	re (implicit)
@
text
@@


1.2.8.1
log
@SVN rev 191087 on 2009-04-15 03:14:26Z by kensmith

Create releng/7.2 from stable/7 in preparation for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@@


1.2.6.1
log
@SVN rev 185281 on 2008-11-25 02:59:29Z by kensmith

Create releng/7.1 in preparation for moving into RC phase of 7.1 release
cycle.

Approved by:	re (implicit)
@
text
@@


1.1
log
@dd a series of regression tests to validate that privilege requirements are
implemented properly for a number of kernel subsystems.  In general, they
try to exercise the privilege first as the root user, then as a test user,
in order to determine when privilege is being checked.

Currently, these tests do not compare inside/outside jail, and probably
should be enhanced to do that.

Sponsored by:	nCircle Network Security, Inc.
Obtained from:	TrustedBSD Project
@
text
@d5 1
a5 1
PROG=	main
d9 4
d14 1
d18 2
d26 2
a27 1
	priv_vfs_admin.c		\
d40 2
d43 2
a44 4
	priv_vm_munlock.c		\
	priv_vm_madv_protect.c		\
					\
	test_utimes.c
@

