Module Name: src
Committed By: jruoho
Date: Sat May 15 15:53:42 UTC 2010
Modified Files:
src/share/man/man5: veriexec.5
Log Message:
Minor markup improvements.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/share/man/man5/veriexec.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/man/man5/veriexec.5
diff -u src/share/man/man5/veriexec.5:1.1 src/share/man/man5/veriexec.5:1.2
--- src/share/man/man5/veriexec.5:1.1 Mon Feb 18 10:37:19 2008
+++ src/share/man/man5/veriexec.5 Sat May 15 15:53:42 2010
@@ -1,4 +1,4 @@
-.\" $NetBSD: veriexec.5,v 1.1 2008/02/18 10:37:19 elad Exp $
+.\" $NetBSD: veriexec.5,v 1.2 2010/05/15 15:53:42 jruoho Exp $
.\"
.\" Copyright (c) 1999
.\" Brett Lymn - bl...@baea.com.au, brett_l...@yahoo.com.au
@@ -29,9 +29,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $Id: veriexec.5,v 1.1 2008/02/18 10:37:19 elad Exp $
+.\" $Id: veriexec.5,v 1.2 2010/05/15 15:53:42 jruoho Exp $
.\"
-.Dd February 18, 2008
+.Dd May 15, 2010
.Dt VERIEXEC 5
.Os
.Sh NAME
@@ -57,12 +57,12 @@
.Dl path type fingerprint flags
.Pp
The description for each field is as follows:
-.Bl -tag -width XXXX
-.It path
+.Bl -tag -width "fingerprint"
+.It Em path
The full path to the file.
White-space characters can be escaped if prefixed with a
.Sq \e .
-.It type
+.It Em type
Type of fingerprinting algorithm used for the file.
.Pp
Requires kernel support for the specified algorithm.
@@ -71,17 +71,17 @@
.Bd -literal -offset indent
# sysctl kern.veriexec.algorithms
.Ed
-.It fingerprint
+.It Em fingerprint
The fingerprint for the file.
Can (usually) be generated using the following command:
.Bd -literal -offset indent
% cksum -a \*[Lt]algorithm\*[Gt] \*[Lt]file\*[Gt]
.Ed
-.It flags
+.It Em flags
Optional listing of entry flags, separated by a comma.
These may include:
-.Bl -tag -width XXXX
-.It direct
+.Bl -tag -width "untrusted"
+.It Em direct
Allow direct execution only.
.Pp
Execution of a program is said to be
@@ -90,18 +90,18 @@
etc.) via the
.Xr execve 2
syscall.
-.It indirect
+.It Em indirect
Allow indirect execution only.
.Pp
Execution of a program is said to be
.Dq indirect
if it is invoked by the kernel to interpret a script
.Pq Dq hash-bang .
-.It file
+.It Em file
Allow opening the file only, via the
.Xr open 2
syscall (no execution is allowed).
-.It untrusted
+.It Em untrusted
Indicate that the file is located on untrusted storage and its fingerprint
evaluation status should not be cached, but rather re-calculated each time
it is accessed.
@@ -113,19 +113,19 @@
.Pp
To improve readaibility of the signatures file, the following aliases are
provided:
-.Bl -tag -width XXXX
-.It program
+.Bl -tag -width "interpreter"
+.It Em program
An alias for
.Dq direct .
-.It interpreter
+.It Em interpreter
An alias for
.Dq indirect
-.It script
+.It Em script
An alias for both
.Dq direct
and
.Dq file .
-.It library
+.It Em library
An alias for both
.Dq file
and
@@ -151,5 +151,7 @@
first appeared in
.Nx 2.0 .
.Sh AUTHORS
+.An -nosplit
.An Brett Lymn Aq bl...@netbsd.org
+and
.An Elad Efrat Aq e...@netbsd.org
