Add two sub-sections to the MAC Framework userland architecture section

of the Developer's Handbook: text on the APIs to access and manipulate labels on objects, and a brief description of how labels may currently be set on users using login.conf. This text could also use some more work, but is probably an improvement over the previous lack of text. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
svn path=/head/; revision=16610
2003-04-20 03:53:49 +00:00 · 2003-04-20 03:53:49 +00:00 · e51825dea9 · 2020-12-08 03:00:23 +00:00
commit e51825dea9
parent 8bb593ce7b
2 changed files with 138 additions and 0 deletions
--- a/en_US.ISO8859-1/books/arch-handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/arch-handbook/mac/chapter.sgml
@ -268,6 +268,75 @@
      monitor and modify labels on processes, files, and network
      interfaces.  More details on the user architecture will
      be added to this section in the near future.</para>
+
+    <sect2 id="mac-userland-labels">
+      <title>APIs for Policy-Agnostic Label Management</title>
+
+      <para>The TrustedBSD MAC Framework provides a number of
+	library and system calls permitting applications to
+	manage MAC labels on objects using a poloicy-agnostic
+	interface.  This permits applications to manipulate
+	labels for a variety of policies without being
+	written to support specific policies.  These interfaces
+	are used by general-purpose tools such as &man.ifconfig.8;,
+	&man.ls.1; and &man.ps.1; to view labels on network
+	interfaces, files, and processes.  The APIs also support
+	MAC management tools including &man.getfmac.8;,
+	&man.getpmac.8;, &man.setfmac.8;, &man.setfsmac.8;,
+	and &man.setpmac.8;.  The MAC APIs are documented in
+	&man.mac.3;.</para>
+
+      <para>Applications handle MAC labels in two forms: an
+	internalized form used to return and set labels on
+	processes and objects (<literal>mac_t</literal>),
+	and externalized form based on C strings appropriate for
+	storage in configuration files, display to the user, or
+	input from the user.  Each MAC label contains a number of
+	elements, each consisting of a name and value pair.
+	Policy modules in the kernel bind to specific names
+	and interpret the values in policy-specific ways.  In
+	the externalized string form, labels are represented
+	by a comma-delimited list of name and value pairs separated
+	by the <literal>/</literal> character.  Labels may be
+	directly converted to and from text using provided APIs;
+	when retrieving labels from the kernel, internalized
+	label storage must first be prepared for the desired
+	label element set.  Typically, this is done in one of
+	two ways: using &man.mac.prepare.3; and an arbitrary
+	list of desired label elements, or one of the variants
+	of the call that loads a default element set from the
+	&man.mac.conf.5; configuration file.  Per-object
+	defaults permit application writers to usefully display
+	labels associated with objects without being aware of
+	the policies present in the system.</para>
+
+      <note><para>Currently, direct manipulation of label elements
+	other than by conversion to a text string, string editing,
+	and conversion back to an internalized label is not supported
+	by the MAC library.  Such interfaces may be added in the
+	future if they prove necessary for application
+	writers.</para></note>
+    </sect2>
+
+    <sect2 id="mac-userland-credentials">
+      <title>Binding of Labels to Users</title>
+
+      <para>The standard user context management interface,
+	&man.setusercontext.3;, has been modified to retrieve
+	MAC labels associated with a user's class from
+	&man.login.conf.5;.  These labels are then set along
+	with other user context when either
+	<literal>LOGIN_SETALL</literal> is specified, or when
+	<literal>LOGIN_SETMAC</literal> is explicitly
+	specified.</para>
+
+      <note><para>It is expected that, in a future version of FreeBSD,
+	the MAC label database will be separated from the
+	<filename>login.conf</filename> user class abstraction,
+	and be maintained in a separate database.  However, the
+	&man.setusercontext.3; API should remain the same
+	following such a change.</para></note>
+    </sect2>
  </sect1>
  
  <sect1 id="mac-entry-point">
--- a/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml
@ -268,6 +268,75 @@
      monitor and modify labels on processes, files, and network
      interfaces.  More details on the user architecture will
      be added to this section in the near future.</para>
+
+    <sect2 id="mac-userland-labels">
+      <title>APIs for Policy-Agnostic Label Management</title>
+
+      <para>The TrustedBSD MAC Framework provides a number of
+	library and system calls permitting applications to
+	manage MAC labels on objects using a poloicy-agnostic
+	interface.  This permits applications to manipulate
+	labels for a variety of policies without being
+	written to support specific policies.  These interfaces
+	are used by general-purpose tools such as &man.ifconfig.8;,
+	&man.ls.1; and &man.ps.1; to view labels on network
+	interfaces, files, and processes.  The APIs also support
+	MAC management tools including &man.getfmac.8;,
+	&man.getpmac.8;, &man.setfmac.8;, &man.setfsmac.8;,
+	and &man.setpmac.8;.  The MAC APIs are documented in
+	&man.mac.3;.</para>
+
+      <para>Applications handle MAC labels in two forms: an
+	internalized form used to return and set labels on
+	processes and objects (<literal>mac_t</literal>),
+	and externalized form based on C strings appropriate for
+	storage in configuration files, display to the user, or
+	input from the user.  Each MAC label contains a number of
+	elements, each consisting of a name and value pair.
+	Policy modules in the kernel bind to specific names
+	and interpret the values in policy-specific ways.  In
+	the externalized string form, labels are represented
+	by a comma-delimited list of name and value pairs separated
+	by the <literal>/</literal> character.  Labels may be
+	directly converted to and from text using provided APIs;
+	when retrieving labels from the kernel, internalized
+	label storage must first be prepared for the desired
+	label element set.  Typically, this is done in one of
+	two ways: using &man.mac.prepare.3; and an arbitrary
+	list of desired label elements, or one of the variants
+	of the call that loads a default element set from the
+	&man.mac.conf.5; configuration file.  Per-object
+	defaults permit application writers to usefully display
+	labels associated with objects without being aware of
+	the policies present in the system.</para>
+
+      <note><para>Currently, direct manipulation of label elements
+	other than by conversion to a text string, string editing,
+	and conversion back to an internalized label is not supported
+	by the MAC library.  Such interfaces may be added in the
+	future if they prove necessary for application
+	writers.</para></note>
+    </sect2>
+
+    <sect2 id="mac-userland-credentials">
+      <title>Binding of Labels to Users</title>
+
+      <para>The standard user context management interface,
+	&man.setusercontext.3;, has been modified to retrieve
+	MAC labels associated with a user's class from
+	&man.login.conf.5;.  These labels are then set along
+	with other user context when either
+	<literal>LOGIN_SETALL</literal> is specified, or when
+	<literal>LOGIN_SETMAC</literal> is explicitly
+	specified.</para>
+
+      <note><para>It is expected that, in a future version of FreeBSD,
+	the MAC label database will be separated from the
+	<filename>login.conf</filename> user class abstraction,
+	and be maintained in a separate database.  However, the
+	&man.setusercontext.3; API should remain the same
+	following such a change.</para></note>
+    </sect2>
  </sect1>
  
  <sect1 id="mac-entry-point">