try to fork() a child of its own, which could result in several children
ypservs running at once. I'm still not sure exactly what leads to this
condition, but these fixes should stop it from causing trouble. A new
function, yp_fork() checks to see if the current process is already a
child of the parent ypserv, and returns failure (and logs an error message)
rather than spawning another child.
In heavy-writing situations, QUEUE_LRU can contain a large number
of DELWRI buffers at its head. These buffers must be moved
to the tail if they cannot be written async in order to reduce
the scanning time required to skip past these buffers in later
getnewbuf() calls.
Submitted by: Matthew Dillon <dillon@apollo.backplane.com>
Enable MS-CHAP support.
release/Makefile:
Build a separate NOCRYPT version of pppd, to keep This Great
Nation's top-secret cryptographic tools out of the filthy hands
of those evil furriners.
from ever catching up to the transmit consumer index. We can't let this
happen because ti_txeof() depends on the assumption that producer == consumer
means the ring is empty, and producer != consumer means the ring has some
number of active descriptors in it.
This will allow software teletext/intercast/subtitles decoding
while watching a TV station.
Based on code from Hiroki Mori <mori@infocity.co.jp> but reworked by
myself.
Add new #ifdef. By defining BKTR_NO_MSP_RESET you can prevent the
MSP34xx being reset by the bt848 driver. This is handy
if you pre-initialise the MSP34xx stereo audio chip in another
operating system first (eg MS Windows).
Suggested by: Randal Hopper<aa8vb@ipass.net>
Suggested by: Yuri Gindin <yuri@xpert.com>
PV_TABLE_REF cleared before PV_TABLE_MOD, the page may get fault on read again.
On fault on write, pmap_emulate_reference mark the page dirty with
vm_page_dirty. That decrease ill effects of the bug.
The problem probably become more serious after my rev.1.18 a week ago.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
that doesn't have it. This is achieved by having minimal do-nothing stubs
enabled when there are no bpfilter devices configured.
Driver modules should be built with BPF enabled for maximum
convenience (but can be built without it for maximum performance).
- %fs register is added to trapframe and saved/restored upon kernel entry/exit.
- Per-cpu pages are no longer mapped at the same virtual address.
- Each cpu now has a separate gdt selector table. A new segment selector
is added to point to per-cpu pages, per-cpu global variables are now
accessed through this new selector (%fs). The selectors in gdt table are
rearranged for cache line optimization.
- fask_vfork is now on as default for both UP and SMP.
- Some aio code cleanup.
Reviewed by: Alan Cox <alc@cs.rice.edu>
John Dyson <dyson@iquest.net>
Julian Elischer <julian@whistel.com>
Bruce Evans <bde@zeta.org.au>
David Greenman <dg@root.com>
so that the list of drivers is correct. This is a slightly
simplified version of the patch from the PR.
PR: misc/10544
Submitted by: Christophe Colle <colle@krtkg1.rug.ac.be>
While I have yet to hear of any problems with us using thunks. The EGCS
mailing list notes some have problems with it and not using them are a
safer default. People wanting to use them, can set the appropiate
compiler flag.
feature of packages now so that no version info is embedded.
o Add a default X desktop menu offering afterstep, enlightenment, KDE, GNOME
and Windowmaker desktops instead of the boring twm(1) based one if the
user so chooses. This will require a little testing.
thing to use it at startup, when you don't know if the user can
handle vi or not, but yet another thing to leave it as a permanent
land mine for root.
2. Put /usr/X11R6/bin in path; it makes getting the desktop up a lot easier.
1:
s/suser/suser_xxx/
2:
Add new function: suser(struct proc *), prototyped in <sys/proc.h>.
3:
s/suser_xxx(\([a-zA-Z0-9_]*\)->p_ucred, \&\1->p_acflag)/suser(\1)/
The remaining suser_xxx() calls will be scrutinized and dealt with
later.
There may be some unneeded #include <sys/cred.h>, but they are left
as an exercise for Bruce.
More changes to the suser() API will come along with the "jail" code.