kernel - Add per-process capability-based restrictions

* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restricti

kernel - Add per-process capability-based restrictions

* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restrictions
are inherited by sub-processes recursively. Once set, restrictions cannot
be removed.

Basic restrictions that mimic an unadorned jail can be enabled without
creating a jail, but generally speaking real security also requires
creating a chrooted filesystem topology, and a jail is still needed
to really segregate processes from each other. If you do so, however,
you can (for example) disable mount/umount and most global root-only
features.

* Add new system calls and a manual page for syscap_get(2) and syscap_set(2)

* Add sys/caps.h

* Add the "setcaps" userland utility and manual page.

* Remove priv.9 and the priv_check infrastructure, replacing it with
a newly designed caps infrastructure.

* The intention is to add path restriction lists and similar features to
improve jailess security in the near future, and to optimize the
priv_check code.

show more ...

Move mailwrapper(8) examples from /etc/mail to /usr/share/examples.

Add the old libssl/libcrypto to TO_REMOVE_LATE

ldns: Adjust makefiles for ldns-1.8.3 update.

- Bump soname for api changes, 1.8.3 has major as 3.
- Update ldns/ headers and remove them from the vendor branch.
- Adjust lib/libssh Makefile to i

ldns: Adjust makefiles for ldns-1.8.3 update.

- Bump soname for api changes, 1.8.3 has major as 3.
- Update ldns/ headers and remove them from the vendor branch.
- Adjust lib/libssh Makefile to include the headers from ldns.
- Update READMES.

Currently only user of the libprivate_ldns is drill(1).
OpenSSH will be adjusted to use this lib next.

show more ...

Remove the old <sys/dir.h> compat header. Nothing needs it anymore.

The world has since switched over to <dirent.h>. Thanks to zrj for
confirming that with a full dports bulk build.

The libssh and

Remove the old <sys/dir.h> compat header. Nothing needs it anymore.

The world has since switched over to <dirent.h>. Thanks to zrj for
confirming that with a full dports bulk build.

The libssh and RPC examples adjustments are just cosmetics. libssh
includes it only on NeXTSTEP and the RPC examples don't build.

show more ...

Remove the ext2fs_freebsd.ko module via 'make upgrade'.

Some more adjustments regarding the recent switch to sys/vfs/ext2fs.

* Remove /usr/include/gnu via 'make upgrade'.

* Remove a no longer needed #undef in kdump and friends' ioctl.c.

kernel/libc: Remove the old vmm code.

Removes the kernel code and two system calls.

Bump __DragonFly_version too.

Reviewed-by: aly, dillon

Make stand/lib an internal one, i.e. don't install libstand anymore.

Nothing in dports needs it either.

Also, leave the manual page.

kernel: Remove ndis(4) and associated tools and stuff.

ndis(4) was a wrapper to allow running binary Windows network
drivers that conformed to the Network Driver Interface Specification,
i.e. NDIS.

kernel: Remove ndis(4) and associated tools and stuff.

ndis(4) was a wrapper to allow running binary Windows network
drivers that conformed to the Network Driver Interface Specification,
i.e. NDIS.

It only ever supported drivers from the days of Windows XP and
Windows Server 2003 (i.e. NDIS 5.1). And even if one was actually
able to extract the .sys and .inf files from the driver package and
successfully convert them to a building module, which both were
adventures in itself, it could be any result when trying to run it,
depending on the card and driver, from resonably working to not
working, even crashing. But it did work for some cards, so it had
some limited merit in its time.

NetBSD removed it in 2018, FreeBSD in January 2021, so let's follow
suit now.

show more ...

Revert "Remove tcsh emacs script which is obsolete due to the latest tcsh import."

This reverts commit f9a4cffb7a705afb85d8f082d55f89a7ec3f8809.

Not sure anymore why I poked Matthias to add this to

Revert "Remove tcsh emacs script which is obsolete due to the latest tcsh import."

This reverts commit f9a4cffb7a705afb85d8f082d55f89a7ec3f8809.

Not sure anymore why I poked Matthias to add this to 'make upgrade'.
Anyway, the file is useful because Emacs does not have a native
mode for csh(1) scripts.

show more ...

periodic: Rename 220.snapshot-hammer2 to 162.snapshot-hammer2.

160.clean-hammer does cleanup _and_ snapshots for hammer1.

161.clean-hammer2 does the cleanup part for hammer2, so putting the
snapsho

periodic: Rename 220.snapshot-hammer2 to 162.snapshot-hammer2.

160.clean-hammer does cleanup _and_ snapshots for hammer1.

161.clean-hammer2 does the cleanup part for hammer2, so putting the
snapshot part of the job for hammer2 as 162 looks like the natural
choice.

show more ...

Makefile_upgrade.inc: Remove obsolete comment.

We stopped keeping formatted manual pages.

See 105f26b55c3c3ffc9913e781deca4c5973a4940c.

include/Makefile: Remove a 'make upgrade' predecessor.

A few days after we pushed RMHEADERS to include/Makefile, the 'upgrade'
target was added as a more general approach, but these two headers were

include/Makefile: Remove a 'make upgrade' predecessor.

A few days after we pushed RMHEADERS to include/Makefile, the 'upgrade'
target was added as a more general approach, but these two headers were
never added to it and removed from include's Makefile.

Add them at the top of Makefile_upgrade.inc.

show more ...

Remove /usr/share/examples/etc/bsd-style-copyright.

/usr/share/examples/etc is supposed to hold the contents of an
unchanged /etc directory only. Also, our template is in
/COPYRIGHT so there is no p

Remove /usr/share/examples/etc/bsd-style-copyright.

/usr/share/examples/etc is supposed to hold the contents of an
unchanged /etc directory only. Also, our template is in
/COPYRIGHT so there is no point to keep a different one. Examples
of n-clause BSD licenses are widely available online, when needed.

Clean up newvers.sh, which was using the file for vers.c generation.
There is no need to put a license on generated files, let alone such
simple ones.

show more ...

Remove obsolete dev_mkdb(8)

The devname(3) has long been updated to determine the device name via
the 'kern.devname' sysctl provided by devfs(5). The dev.db created by
dev_mkdb(8) is thus unused an

Remove obsolete dev_mkdb(8)

The devname(3) has long been updated to determine the device name via
the 'kern.devname' sysctl provided by devfs(5). The dev.db created by
dev_mkdb(8) is thus unused and obsolete. So remove dev_mkdb(8) as well
and update relevant parts.

show more ...

etc/Makefile: Install 'group' and 'master.passwd' to examples/etc

Add back installation of 'group' to '/usr/share/examples/etc'. In
addition, also install 'master.passwd' there.

The point is that

etc/Makefile: Install 'group' and 'master.passwd' to examples/etc

Add back installation of 'group' to '/usr/share/examples/etc'. In
addition, also install 'master.passwd' there.

The point is that '/usr/share/examples/etc' should have all config files
that the initial '/etc' have.

Suggested-by: swildner

show more ...

etc/Makefile: No need to try to install 'group' file

Similar to the 'master.passwd', no need to try to install the 'group'
file, because its update has already been handled by the 'pw-update.sh'
scr

etc/Makefile: No need to try to install 'group' file

Similar to the 'master.passwd', no need to try to install the 'group'
file, because its update has already been handled by the 'pw-update.sh'
script.

show more ...

zoneinfo: Update /etc/localtime when upgrading timezones.

* Add tzsetup(8) to the bootstrap-tools.

* Install the backward file to retain obsolete timezones as links
for backward compatibility. Re

zoneinfo: Update /etc/localtime when upgrading timezones.

* Add tzsetup(8) to the bootstrap-tools.

* Install the backward file to retain obsolete timezones as links
for backward compatibility. Remove all these timezones from
Makefile_upgrade.inc again. Also extend mtree/BSD.usr.dist for
this and remove the old 'dragonfly' file (which was only for UTC).

* After installing new timezones, run tzsetup -r to upgrade the user's
chosen timezone. Allow this to fail for quickworlders. It will start
working after the next full buildworld.

Taken-from: FreeBSD (with modifications)

show more ...

libressl: keep cms.h

Now, when we enabled CMS by default with LibreSSL 3.1.3, let's keep
/usr/include/priv/openssl/cms.h.

Pointed out by: Sascha Wildner

Fix 'make upgrade' for updated libressl.

Require -DREMOVE_DEPRECATED to remove old versions of libprivate_crypto
and libprivate_ssl, as pkg(8) may still be linked against them.

Remove fuse.ko via 'make upgrade'.

So the ever older module doesn't stay around.

Upgrade libressl. 2/2

Update README.{DELETED,DRAGONFLY} and adapt Makefiles to vendor changes.

Remove bsd.doc.mk via 'make upgrade'.

A little cleanup after recent dhcpcd(8) changes.

* Remove /var/chroot via 'make upgrade' for now.

* Use spaces for indenting in BSD.var.dist.

* Un-document dhcpcd_chrootdir and /var/chroot.