README:update
This commit is contained in:
parent
a530104ae4
commit
93e04cb8b3
1 changed files with 11 additions and 10 deletions
21
README.md
21
README.md
|
@ -1,7 +1,7 @@
|
|||
## About
|
||||
|
||||
hbsdctl.rb is a C extension that binds libhbsdcontrol from the
|
||||
[hardenedbsd](https://hardenedbsd.org) project to Ruby. Through
|
||||
hbsdctl.rb provides Ruby bindings for libhbsdcontrol from the
|
||||
[hardenedbsd](https://hardenedbsd.org) project. Through
|
||||
this library, you can query what features are available and if
|
||||
root: enable, disable or query the status of a feature for a
|
||||
given file.
|
||||
|
@ -10,11 +10,12 @@ given file.
|
|||
|
||||
__Features__
|
||||
|
||||
As a regular user account, you can obtain a list of available features:
|
||||
As an unprivileged user or as a superuser, you can obtain a list of
|
||||
available features:
|
||||
|
||||
``` ruby
|
||||
#!/usr/bin/env ruby
|
||||
# As a regular user account
|
||||
# Required privileges: unprivileged user or superuser.
|
||||
require "hbsdctl"
|
||||
BSD::Control
|
||||
.available_features
|
||||
|
@ -25,12 +26,12 @@ end
|
|||
|
||||
__Enable__
|
||||
|
||||
As a superuser account, you can enable or disable a feature for a given file.
|
||||
As a superuser, you can enable or disable a feature for a given file.
|
||||
The example enables the mprotect feature for the emacs binary:
|
||||
|
||||
``` ruby
|
||||
#!/usr/bin/env ruby
|
||||
# As a superuser account
|
||||
# Required privileges: superuser.
|
||||
require "hbsdctl"
|
||||
BSD::Control
|
||||
.feature(:mprotect)
|
||||
|
@ -39,15 +40,15 @@ BSD::Control
|
|||
|
||||
__Status__
|
||||
|
||||
As a superuser account, you can query whether or not a feature is enabled or disabled
|
||||
for a given file. There are four statuses that can be returned: `conflict`, `sysdef`,
|
||||
As a superuser, you can query the status of a feature for a given file.
|
||||
There are four statuses that can be returned: `conflict`, `sysdef`,
|
||||
`enabled`, and `disabled`. The first status (conflict) is rare and indicates that a
|
||||
feature is both enabled and disabled. The other three are more common. The `sysdef`
|
||||
status indicates that a feature takes its settings from the system default (sysctl):
|
||||
|
||||
``` ruby
|
||||
#!/usr/bin/env ruby
|
||||
# As a superuser account
|
||||
# Required privileges: superuser.
|
||||
require "hbsdctl"
|
||||
BSD::Control
|
||||
.feature(:mprotect)
|
||||
|
@ -63,7 +64,7 @@ A complete API reference is available at
|
|||
|
||||
**Rubygems.org**
|
||||
|
||||
hbsdctl.rb can also be installed via rubygems.org.
|
||||
hbsdctl.rb can be installed via rubygems.org.
|
||||
|
||||
gem install hbsdctl.rb
|
||||
|
||||
|
|
Loading…
Reference in a new issue