[src/trunk]: src/sbin/veriexecctl Add and document some convenience aliases f...

[blymn <blymn%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/12ef5ef75c83
branches:  trunk
changeset: 583428:12ef5ef75c83
user:      blymn <blymn%NetBSD.org@localhost>
date:      Sat Aug 06 09:00:20 2005 +0000

description:
Add and document some convenience aliases for commonly required option
combinations.

diffstat:

 sbin/veriexecctl/veriexecctl.8       |  21 +++++++++++++++++----
 sbin/veriexecctl/veriexecctl_parse.y |  10 +++++++++-
 2 files changed, 26 insertions(+), 5 deletions(-)

diffs (75 lines):

diff -r 1d637424d976 -r 12ef5ef75c83 sbin/veriexecctl/veriexecctl.8
--- a/sbin/veriexecctl/veriexecctl.8    Fri Aug 05 16:23:36 2005 +0000
+++ b/sbin/veriexecctl/veriexecctl.8    Sat Aug 06 09:00:20 2005 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: veriexecctl.8,v 1.15 2005/08/02 18:06:14 elad Exp $
+.\" $NetBSD: veriexecctl.8,v 1.16 2005/08/06 09:00:20 blymn Exp $
 .\"
 .\" Copyright (c) 1999
 .\"    Brett Lymn - blymn%baea.com.au@localhost, brett_lymn%yahoo.com.au@localhost
@@ -29,7 +29,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"    $Id: veriexecctl.8,v 1.15 2005/08/02 18:06:14 elad Exp $
+.\"    $Id: veriexecctl.8,v 1.16 2005/08/06 09:00:20 blymn Exp $
 .\"
 .Dd August 2, 2005
 .Dt VERIEXECCTL 8
@@ -78,9 +78,9 @@
 The field
 .Em options
 contains the associated options for the file.
-Currently there are three valid options:
+Currently there are seven valid options:
 .Pp
-.Bl -tag -width INDIRECT -compact
+.Bl -tag -width INTERPRETER -compact
 .It Dv DIRECT
 Allow direct execution only.
 .It Dv INDIRECT
@@ -94,6 +94,19 @@
 and are automatically made read only.
 This option may be used to verify shared libraries have not been
 tampered with.
+.It Dv PROGRAM
+An alias for DIRECT, allow direct execution only.
+.It Dv INTERPRETER
+An alias for INDIRECT, the executable may only be used as an interpreter
+for shell scripts.
+.It Dv SCRIPT
+The file is a shell script.
+For correct operation of veriexec, a script must have both FILE and
+DIRECT attributes set.
+This option is a shorthand way of setting the options for correct
+operation of shell scripts.
+.It Dv LIBRARY
+The file is a library, this option is an alias of the FILE option.
 .El
 .Pp
 There must be only one executable/fingerprint pair per line.
diff -r 1d637424d976 -r 12ef5ef75c83 sbin/veriexecctl/veriexecctl_parse.y
--- a/sbin/veriexecctl/veriexecctl_parse.y      Fri Aug 05 16:23:36 2005 +0000
+++ b/sbin/veriexecctl/veriexecctl_parse.y      Sat Aug 06 09:00:20 2005 +0000
@@ -1,5 +1,5 @@
 %{
-/*     $NetBSD: veriexecctl_parse.y,v 1.11 2005/08/02 16:14:10 elad Exp $      */
+/*     $NetBSD: veriexecctl_parse.y,v 1.12 2005/08/06 09:00:20 blymn Exp $     */
 
 /*-
  * Copyright 2005 Elad Efrat <elad%bsd.org.il@localhost>
@@ -160,6 +160,14 @@
                        params.type |= VERIEXEC_INDIRECT;
                } else if (strcasecmp($1, "file") == 0) {
                        params.type |= VERIEXEC_FILE;
+               } else if (strcasecmp($1, "program") == 0) {
+                       params.type |= VERIEXEC_DIRECT;
+               } else if (strcasecmp($1, "interpreter") == 0) {
+                       params.type |= VERIEXEC_INDIRECT;
+               } else if (strcasecmp($1, "script") == 0) {
+                       params.type |= (VERIEXEC_FILE | VERIEXEC_DIRECT);
+               } else if (strcasecmp($1, "library") == 0) {
+                       params.type |= VERIEXEC_FILE;
                } else {
                        yyerror("Bad flag");
                        YYERROR;