Commit Briefs
portable: add support for landlock
landlock is a new set of linux APIs that is conceptually similar to unveil(2): the idea is to restrict what a process can do on a specified part of the filesystem. There are some differences in the behaviour: the major one being that the landlock ruleset is inherited across execve(2). This just restricts the libexec helpers by completely revoking ANY filesystem access; after all they are the biggest attack surface. got send/fetch/clone *may* end up spawning ssh(1), so at the moment is not possible to landlock the main process. From Omar Polo.
portable: add FreeBSD support
This adds the capability to compile got-portable on FreeBSD.
portable: initial Linux compilation
This commit modifies the GoT main branch to be able to compile it under linux.
tweak implementation of separate send {} and fetch {} conf blocks
Tweak man page. Factor out repeated code in if/else branches in send_gotconfig_remotes(). ok stsp@
provide separate send {} and fetch {} configuration blocks in got.conf
Feature requested by naddy. ok naddy, who also suggested some tweaks that will arrive shortly
add a 'reference' directive to remote repositories in got.conf(5)
Make use of this in 'got clone' to persist -R option arguments given on the command line in the cloned repository's got.conf(5) file.
add a 'fetch-all-branches' configuration setting to got.conf(5)
Set fetch-all-branches in the got.conf(5) file created by 'got clone -a' in order to make a future 'got fetch' act like 'got fetch -a' by default.
Stop including <sys/syslimits.h> directly.
POSIX says the limits defined there are available from <limits.h>, which almost all affected source files already included anyway. ok millert stsp
add got.conf(5) configuration file
ok tracey