vasilito
24289bf93f
Kernel (3 files, 32 lines):
- Context.groups: Vec<u32> — supplementary group storage
- CallerCtx.groups — exposed to schemes for access control
- Proc scheme Groups handle — auth-{fd}-groups read/write path
- Fork inheritance — new-context copies parent groups to child
Relibc (4 files, 82 insertions, 84 deletions):
- posix_setgroups()/posix_getgroups() in redox-rt sys.rs
- DynamicProcInfo.groups cache in lib.rs
- setgroups() real impl via thr_fd.dup(auth-{fd}-groups)
- getgroups() kernel-only (no /etc/group fallback)
- initgroups() functional via setgroups()
- getrlimit/setrlimit userspace stubs with defaults
Patches:
- local/patches/kernel/P4-supplementary-groups.patch
- local/patches/relibc/P4-setgroups-getgroups.patch
Docs updated:
- COMPREHENSIVE-OS-ASSESSMENT: credential blocker → RESOLVED
- KERNEL-IPC-CREDENTIAL-PLAN: marked Phases K1-K2,K4 complete
- local/AGENTS.md: credential gap section → RESOLVED
Unblocks: polkit, dbus-daemon, logind, sudo/su, redbear-authd
64 lines
2.9 KiB
TOML
64 lines
2.9 KiB
TOML
[source]
|
|
git = "https://gitlab.redox-os.org/redox-os/relibc.git"
|
|
patches = [
|
|
"../../../local/patches/relibc/redox.patch",
|
|
"../../../local/patches/relibc/P0-strtold-cpp-linkage-and-compat.patch",
|
|
"../../../local/patches/relibc/P3-signalfd.patch",
|
|
"../../../local/patches/relibc/P3-signalfd-header.patch",
|
|
"../../../local/patches/relibc/P3-timerfd-relative.patch",
|
|
|
|
"../../../local/patches/relibc/P3-waitid.patch",
|
|
"../../../local/patches/relibc/P3-semaphore-fixes.patch",
|
|
"../../../local/patches/relibc/P3-socket-cred.patch",
|
|
"../../../local/patches/relibc/P3-elf64-types.patch",
|
|
"../../../local/patches/relibc/P3-open-memstream.patch",
|
|
"../../../local/patches/relibc/P3-ifaddrs-net_if.patch",
|
|
"../../../local/patches/relibc/P3-fd-event-tests.patch",
|
|
"../../../local/patches/relibc/P3-fcntl-dupfd-cloexec.patch",
|
|
|
|
"../../../local/patches/relibc/P3-netdb-lookup-retry-fix.patch",
|
|
"../../../local/patches/relibc/P3-exec-root-bypass.patch",
|
|
"../../../local/patches/relibc/P3-tcp-nodelay.patch",
|
|
"../../../local/patches/relibc/P3-select-not-epoll-timeout.patch",
|
|
"../../../local/patches/relibc/P3-tls-get-addr-panic-fix.patch",
|
|
"../../../local/patches/relibc/P3-pthread-yield.patch",
|
|
"../../../local/patches/relibc/P3-secure-getenv.patch",
|
|
"../../../local/patches/relibc/P3-getentropy.patch",
|
|
"../../../local/patches/relibc/P3-dup3.patch",
|
|
"../../../local/patches/relibc/P3-vfork.patch",
|
|
"../../../local/patches/relibc/P3-clock-nanosleep.patch",
|
|
"../../../local/patches/relibc/P3-socket-flags.patch",
|
|
"../../../local/patches/relibc/P3-waitid-header.patch",
|
|
"../../../local/patches/relibc/P3-inet6-pton-ntop.patch",
|
|
"../../../local/patches/relibc/P3-tcp-sockopt-forward.patch",
|
|
"../../../local/patches/relibc/P3-dns-aaaa-getaddrinfo-ipv6.patch",
|
|
"../../../local/patches/relibc/P3-dns-resolver-hardening.patch",
|
|
"../../../local/patches/relibc/P3-getrlimit-getdtablesize.patch",
|
|
"../../../local/patches/relibc/P3-in6-pktinfo.patch",
|
|
"../../../local/patches/relibc/P3-header-mod-spawn-threads.patch",
|
|
"../../../local/patches/relibc/P3-spawn.patch",
|
|
"../../../local/patches/relibc/P3-threads.patch",
|
|
"../../../local/patches/relibc/P3-sysv-ipc.patch",
|
|
"../../../local/patches/relibc/P3-sysv-sem-impl.patch",
|
|
"../../../local/patches/relibc/P3-sysv-shm-impl.patch",
|
|
"../../../local/patches/relibc/P4-setgroups-getgroups.patch",
|
|
]
|
|
|
|
[build]
|
|
template = "custom"
|
|
script = """
|
|
# rustup workaround https://github.com/rust-lang/rustup/issues/988
|
|
if [ "${COOKBOOK_HOST_SYSROOT}" = "/usr" ] && command -v rustup >/dev/null 2>&1; then
|
|
pushd ${COOKBOOK_SOURCE}
|
|
${RUSTUP:-rustup} install
|
|
popd
|
|
fi
|
|
|
|
export CARGO=${CARGO:-env -u CARGO cargo}
|
|
"${COOKBOOK_MAKE}" \
|
|
-C "${COOKBOOK_SOURCE}" \
|
|
-j"${COOKBOOK_MAKE_JOBS}" \
|
|
DESTDIR="${COOKBOOK_STAGE}/usr" \
|
|
install
|
|
"""
|