HEADS UP: Rewrite of {,lib}hbsdcontrol to land soon
10 views
Skip to first unread message
Shawn Webb
Mar 28, 2024, 3:09:28 PMMar 28
to HardenedBSD Users
Hey all,
I've rewritten from scratch the hbsdcontrol(8) utility and its
library, libhbsdcontrol. I'm currently doing a small package build on
my laptop to test the change. If there are no issues to resolve, I
plan to merge the work into hardened/current/master.
Regardless of issues, it should land in hardened/current/master no
later than the end of this coming weekend.
The arguments passed to the hbsdcontrol(8) utility remain the same.
Meaning, this rewrite is completely transparent to consumers of the
hbsdcontrol(8) application and this notice is a "much ado about
nothing."
However, Application developers who have custom integrations with
libhbsdcontrol will need to be updated to take into account the new
API and ABI.
After the feature lands, I will work on documentation, including a new
manual page for libhbsdcontrol. In the meantime, the
/usr/include/libhbsdcontrol.h header file is easy to understand.
For those who want to follow along, here are some handy links:
1. Browse the hardened/current/hbsdcontrol-v2 feature branch:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/tree/hardened/current/hbsdcontrol-v2?ref_type=heads
2. The libhbsdcontrol source:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/tree/hardened/current/hbsdcontrol-v2/lib/libhbsdcontrol?ref_type=heads
3. The hbsdcontrol program source:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/tree/hardened/current/hbsdcontrol-v2/usr.sbin/hbsdcontrol?ref_type=heads
Once a fix is in for this ZFS + Capsicum bug, I plan to enable
Capsicum for hbsdcontrol(8):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277908
With this feature landing before the 01 Apr 2024 automated builds, I
plan to merge into 13-STABLE and 14-STABLE in June. This will ensure
that the work is tested for at least two build cycles (two months).
Please let me know if you have any questions, comments, or concerns.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
I've rewritten from scratch the hbsdcontrol(8) utility and its
library, libhbsdcontrol. I'm currently doing a small package build on
my laptop to test the change. If there are no issues to resolve, I
plan to merge the work into hardened/current/master.
Regardless of issues, it should land in hardened/current/master no
later than the end of this coming weekend.
The arguments passed to the hbsdcontrol(8) utility remain the same.
Meaning, this rewrite is completely transparent to consumers of the
hbsdcontrol(8) application and this notice is a "much ado about
nothing."
However, Application developers who have custom integrations with
libhbsdcontrol will need to be updated to take into account the new
API and ABI.
After the feature lands, I will work on documentation, including a new
manual page for libhbsdcontrol. In the meantime, the
/usr/include/libhbsdcontrol.h header file is easy to understand.
For those who want to follow along, here are some handy links:
1. Browse the hardened/current/hbsdcontrol-v2 feature branch:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/tree/hardened/current/hbsdcontrol-v2?ref_type=heads
2. The libhbsdcontrol source:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/tree/hardened/current/hbsdcontrol-v2/lib/libhbsdcontrol?ref_type=heads
3. The hbsdcontrol program source:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/tree/hardened/current/hbsdcontrol-v2/usr.sbin/hbsdcontrol?ref_type=heads
Once a fix is in for this ZFS + Capsicum bug, I plan to enable
Capsicum for hbsdcontrol(8):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277908
With this feature landing before the 01 Apr 2024 automated builds, I
plan to merge into 13-STABLE and 14-STABLE in June. This will ensure
that the work is tested for at least two build cycles (two months).
Please let me know if you have any questions, comments, or concerns.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
Shawn Webb
Mar 29, 2024, 3:04:13 PMMar 29
to HardenedBSD Users
hardened/current/master, so it will land in the next monthly build on
01 Apr 2024.
My next goal is to write the libhbsdcontrol manual page.
Reply all
Reply to author
Forward
0 new messages