emo/ndhc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documentation updates.

Browse Source
This commit is contained in:
Nicholas J. Kain 2014-04-24 18:29:52 -04:00
parent 6af0d26351
commit 3721cc926b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README
View File

@ -55,7 +55,7 @@ chroot.
Robust. ndhc performs no runtime heap allocations -- malloc() (more Robust. ndhc performs no runtime heap allocations -- malloc() (more
specifically, brk(), mmap(), etc) is never called after initialization (libc specifically, brk(), mmap(), etc) is never called after initialization (libc
behavior during initialization time will vary) , and ndhc never performs behavior during initialization time will vary), and ndhc never performs
recursive calls and only stack-allocates fixed-length types, so stack depth is recursive calls and only stack-allocates fixed-length types, so stack depth is
bounded, too. bounded, too.
@ -154,7 +154,7 @@ USAGE
3) At this point the jail is usable; ndhc is ready to be used. An example 3) At this point the jail is usable; ndhc is ready to be used. An example
of invoking ndhc: of invoking ndhc:
# ndhc -i wan0 -u dhcp -U dhcpifch -D dhcpsockd -C /var/lib/ndhc -l /var/state/wan0.lease # ndhc -i wan0 -u dhcp -U dhcpifch -D dhcpsockd -C /var/lib/ndhc
4o) If you encounter problems, I suggest running ndhc in the foreground and 4o) If you encounter problems, I suggest running ndhc in the foreground and
examining the printed output. examining the printed output.
@ -283,8 +283,8 @@ I had already rewritten before, and some of those were rewritten, too.
Eventually ifchd was rewritten to extensively use a Ragel-generated DFA-based Eventually ifchd was rewritten to extensively use a Ragel-generated DFA-based
parser to make it easier to verify correct behavior for all possible inputs. parser to make it easier to verify correct behavior for all possible inputs.
Quite a while later, I eventually merged ifchd into the same binary as Quite a while later, I eventually merged ifchd into the same binary as ndhc
ndhc and instead rely on forking subprocesses and using pipes for IPC. This and instead rely on forking subprocesses and using socketpairs for IPC. This
brought a lot of simplifications, particularly for user configuration. brought a lot of simplifications, particularly for user configuration.
Afterwards, privilege seperation was applied to the remaining capabilities, Afterwards, privilege seperation was applied to the remaining capabilities,