bfb202c455 addresses the CTRL-EVENT-SCAN-FAILED. Upstream d807e289d
caused FreeBSD regression in driver_bsd.c, which this rc.d patch
worked around. As of bfb202c455 this workaround is no longer needed.
Reviewed by: bz (for wireless)
MFC after: 10 days
X-MFC with: bfb202c455
Differential Revision: https://reviews.freebsd.org/D39257
Now that commit cbbb22031f is in main,
it is possible to run nfsd(8), nfsuserd(8), mountd(8),
gssd(8) and rpc.tlsservd(8) in an appropriately configured vnet
prison if the "allow.nfsd" option is specified in jail.conf.
This patch fixes the rc scripts for this.
Mostly just replaces the "nojail" KEYWORD with "nojailvnet",
but also avoids setting vfs.nfsd.srvmaxio in a prison, since it
must be set outside of the prisons and applies to all
nfsd(8) instances.
Reviewed by: jamie
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D38809
Just like stdin and stdout, stderr is a copy of the listen socket inherited from inetd. We need to close it so inetd can process further requests, be restarted, etc.
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D38968
We've already consumed one request, which is sufficient to prevent inetd from endlessly restarting us in this particular and extremely unlikely case.
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D38967
While there, don't log an error when timing out waiting for a possible retransmit after a successful transfer.
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D38966
rc.d/hostid_save saves a UUID generated by rc.d/hostid in /etc/hostid.
Store the same UUID, without hyphens, in /etc/machine-id. The hypĥens
are removed with a shell function because hostid_save runs before file
systems are mounted so other tools may not be available yet.
This eliminates some duplication between hostid and machine-id and for
virtual machines machine-id now contains the UUID configured in the
hypervisor like it does on Linux.
Reviewed by: delphij
Discussed with: bapt
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D38811
The growfs_fstab script has been testing dumpdev, and if it is AUTO,
enables dumps on the newly-added swap device for the initial boot.
However, dumpdev defaults to AUTO on main, but NO on stable/13 and
release branches. On the other hand, bsdinstall adds dumpdev="AUTO"
by default (controlled by a menu item). bsdinstall is not used when
booting an SD card or other disk image. Adopt the default from
bsdinstall, and set dumpdev to AUTO in /etc/rc.conf in the
growfs_fstab script if a swap partition has been added, along with
the explanatory comment added by bsdinstall.
Differential Revision: https://reviews.freebsd.org/D38751
Use it instead of defining IN_RTLD by base sources that want P_OSREL_
defines in userspace, but are not rtld.
This allows to remove abuse of IN_RTLD from userspace.
Reviewed by: dchagin, markj, imp
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D38585
The cleanvar script uses find -delete to remove stale files under /var,
which could lead to unwanted removal of files in some unusual scenarios.
For example, when a mounted fdescfs(5) is present under /var/run/samba/fd,
find(1) could descend into a directory that is out of /var/run and remove
files that should not be removed.
To mitigate this, modify the script to use find -x, which restricts the
find scope to one file system only instead of descending into mounted
file systems.
PR: 269213
MFC after: 1 week
Changing cursor, screenmap and setting blanktime doesn't work when booted
with vt(4) and UEFI so add a special case for those depending on machdep.bootmethods.
I have no way to test if this can work with vt(4) and bios boot so just in case
keep calling those for this.
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38293
Make it possible to not run utx at boot.
Default to yes so this is a no-op for everyone.
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38292
And put in it:
- kbdcontrol
- vidcontrol
- moused
- kbdmap
Those aren't useful in a jail or for a modern desktop.
While here, split the devd.conf part into some new files.
Reviewed by: bapt
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38321
Remove the hard-coded dependency on HYPERV being only x86. Instead, 100%
rely on MK_HYPERV. It's always right (since it's marked BROKEN (so set
to "no") on architectures we don't support).
Sponsored by: Netflix
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D38306
There's no separate man page for dma.conf, but the format is documented
in dma.8.
Reviewed by: bapt
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37944
After the removal of ia64 and sparc64, all current architectures
support executable stacks at an architectural level.
This reverts commit 1290d38ac5.
Reviewed by: kib
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D37904
- awk sometimes formatted swapbase as floating point, which gpart
does not accept; force int.
- Fix typo in code for checking vm.max_swap_pages.
- While here, do not set kernel env if "gpart add" fails.
- Add "gpart show" before modification to verbose output.
Reported by: marklmi at yahoo dot com
Tested by: marklmi at yahoo dot com
When setting up carp tunnel, using a password consisting of only the
characters used as hexadecimal characters, i.e. abc-def, there will be
an infinite loop in the shell function ifalias_af_common_handler().
To circumvent this we test for " pass ".
PR: 268378
Reported by: jyoung15@gmail.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D37748
"[[:space:]]" is easier to read than "\ " and is conisitent with
clone_up().
Reported by: eugen
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D37748
Pass `-vv` to pytest in order to always get the full output.
While here, enforce the modeline.
Differential Revision: https://reviews.freebsd.org/D37894
MFC after: 2 weeks
This new default-enabled rc will generate a /etc/machine-id file if it
does not exist, and pre-fill it with a newly generated UUID of version 4
[2].
The file is generated in /var/db/machine-id and symlinked to
/etc/machine-id to allow for read-only root partitions.
This file is amongst other things used by libraries like GLib.
Bump FreeBSD version 1400076 to be able to easily add support for older
version of FreeBSD via a package.
[1] Linux machine-id(5): https://www.man7.org/linux/man-pages/man5/machine-id.5.html
[2] f176fe8e7f
Approved by: bapt
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D37722
Add comments analogous to those that are in the sendmail mailer.conf,
including a pointer to /usr/share/examples/sendmail/mailer.conf.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D37711
Add new growfs_swap_size variable with a default value of the empty
string, along with comments on other settings. Used by the growfs
script.
Differential Revision: https://reviews.freebsd.org/D37464
The growfs_fstab script is a helper for the growfs script to add any
new swap partition to /etc/fstab on first boot. If growfs adds a
swap partition, it sets growfs_swap_pdev in the kenv. In this case,
after the root file system is read/write, if there is no swap partition
in the fstab, growfs_fstab adds growfs_swap as a swap partition to the
fstab. Also, it runs dumpon to add the swap partition (as this
happened earlier in the startup sequence).
Discussed with: cperciva
Differential Revision: https://reviews.freebsd.org/D37463
Add the ability to create a swap partition in the course of growing
the root file system on first boot, enabling by default. The default
rules are: add swap if the disk is at least 15 GB (decimal), and the
existing root is less than 40% of the disk. The default size is 10%
of the disk, but is limited by the memory size. The limit is twice
memory size up to 4 GB, 8 GB up to 8 GB memory, and memory size over
8 GB memory. Swap size is clamped at vm.swap_maxpages/2 as well.
The new swap partition is labeled as "growfs_swap".
The default behavior can be overridden by setting growfs_swap_size in
/etc/rc.conf or in the kernel environment, with kenv taking priority.
A value of 0 inhibits the addition of swap, an empty value specifies
the default, and other values indicate a swap size in bytes.
By default, addition of swap is inhibited if a swap partition is found
in the output of the sysctl kern.geom.conftxt before the current root
partition, usually meaning that there is another disk present.
Swap space is not added if one is already present in /etc/fstab.
The root partition is read-only when growfs runs, so /etc/fstab can
not be modified. That step is handled by a new growfs_fstab script,
added in a separate commit. Set the value "growfs_swap_pdev" in kenv
to indicate that this should be done, as well as for internal use.
There is optional verbose output meant for debugging; it can only be
enabled by modifying the script (in two places, for sh and awk).
This should be removed before release, after testing on -current.
Discussed with: cperciva
Reviewed by: imp (previous version)
Differential Revision: https://reviews.freebsd.org/D37462
The NONE parameter has been deprecated for more than 20 years
but was never removed, its useful to simplify the sendmail
management.
This reverts commit 7cadc52638.
GCC 12 defaults to C++17 which removes (not just deprecates)
std::auto_ptr<>. Trying to use CXXSTD of c++03 doesn't work with
libc++ headers, but c++11 does.
Reviewed by: brooks, imp, emaste
Differential Revision: https://reviews.freebsd.org/D37531
The main difference with the chown in luaposix, is that it checks
and reports if a user or a group do exist when a string is passed
as arguments
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D37479
GCC warns about the non-literal format string passed to strftime(). A
warning here seems a bit odd as strftime() does not take varargs so
there is not a risk of missing args.
As PF now also supports dummynet but can not configure it on its own,
the service which configures pipes, queues and schedulers is needed.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D37451
othermta (along with mta_start_script configuration entry in rc.conf)
was a mechanism used to be able to run another mta than sendmail(8) before
"rcng" time 20 years ago.
othermta has not been used since.
similar to the same token in glibc.
Requested and reviewed by: bapt
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D37329
dma accepts mail from a local Mail User Agent (MUA) and delivers it
locally or to a smarthost for delivery. dma does not accept inbound
mail (i.e., it does not listen on port 25) and is not intended to
provide the same functionality as a full MTA like postfix or sendmail.
It is intended for use cases such as delivering cron(8) mail. which
is the default configuration and usage of sendmail in the default
setup of the base system.
In order to switch the default from sendmail to dma, we teach
mailwrapper to fallback on dma directly if the mailer.conf file cannot
be opened.
We install by default a mailer.conf file which points at dma
We install a mailer.conf file for sendmail in the examples.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D37035
If a zpool is created by makefs(8), its version is 5000, i.e., all
feature flags are off. Introduce an rc script to run `zpool upgrade`
over the assigned zpools on the first boot. This is useful to the
ZFS based VM images built from release(7).
Reviewed by: imp, markj, mav
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37282
* Avoid unnecessary use of `unsigned char *`
* Use explicit casts when assigning `unsigned char *` to `char *` or vice versa
* Drop unused global variables (and fix memory leak in `gettable()`)
* Use `snprintf()` instead of `strcpy()` + `strcat()`
* Drop spurious braces in switch
Sponsored by: Klara, Inc.
Obtained from: Apple OSS Distributions (in part)
Differential Revision: https://reviews.freebsd.org/D37263
Mostly remove from the SEE ALSO section, adding a mention of the port
where not removed. Elsewhere, remove as appropriate and change from .Xr
to .Nm where a mention of telnetd continues to make sense (or removing
it would require significant reworking of the surrounding text).
Reviewed by: imp, delphij, emaste
Differential Revision: https://reviews.freebsd.org/D36785
The telnetd codebase is unmaintained and has a number of quality
issues. Telnet has been largely supplanted by ssh. If needed, a port is
available (net/freebsd-telnetd), but a more maintained implementation
should be prefered.
While the telnet client suffers from the same issues, it is deemed
to be of lower risk and is required to connect to legacy devices, so
it remains.
Reviewed by: emaste, imp
Differential Revision: https://reviews.freebsd.org/D36620
for the default output. For '-a' (per-object needed printout) the
[preloaded] banner is kept.
Instead, use special format2 for printing the preloaded objects (and
vdso), which does not include DT_NEEDED, since there is no object
needing the printed one.
In this way, the output is more compatible with glibc.
Example:
LD_PRELOAD=/lib/libthr.so.3 LD_TRACE_LOADED_OBJECTS=1 /libexec/ld-elf.so.1 /bin/ls
libutil.so.9 => /lib/libutil.so.9 (0x801099000)
libncursesw.so.9 => /lib/libncursesw.so.9 (0x8010b0000)
libc.so.7 => /lib/libc.so.7 (0x801123000)
[vdso] (0x7ffffffff000)
/lib/libthr.so.3 (0x80106c000)
Note the absense of the part before and including '=>' for preloaded
libthr.so.3, and for vdso.
PR: 265750
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D36616
The "shutdown" keyword invokes rcorder with the -k flag, for rc scripts
with the keyword at shutdown.
Reported by: bdrewery
Fixes: 27b9777c28
MFC after: 3 days
Differential Revision:
Users with a tmpfs /var/run will lose the directory tree state of
/var/run at reboot. This rc script will optionally (by default)
capture the state of the directory structure in /var/run prior to
shutdown and recreate it at system boot.
Alternatively a user can save the state of the /var/run directories
manually using service var_run save and disable the autosaving of
/var/run state using the var_run_autosave variable, for those
paranoid SSD users.
PR: 259585, 259699
Reported by: freebsd@walstatt-de.de,
Reviewed by: philip, gbe (previous version)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36386
Rtld locks from libthr defer signals delivery, which means that binding
is not possible while a signal handler is executed.
Binding might upgrade read-locked rtld_bind_lock to write-lock, if
symbol resolution requires loading filters. If a signal would be delivered
while rtld is in read-locked section, and signal handler needs binding
which upgrades the lock, for non-threaded image that uses default rtld
locks, we get the rtld data structures modified under the top-level
active rtld frame.
To correct the problem, mask signals for read-locking of default locks
in addition to the write-locking. It is very cheap now with
sigfastblock(2).
Note that the global state is used to track pre-locked state of either
sigfastblock(2) or signal mask (if sigfastblock(2) is administratively
disabled). It is fine for non-threaded images since there are no other
threads. But I believe that it is fine for threaded images using libc_r
as well, since masking signals disables preemption (I did not tested
it).
NetBSD PR: https://gnats.netbsd.org/56979
Reported by: tmunro
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D36396
Certain configurations need to use a different path for pidfile.
Allow rc.conf to overwrite it.
Reviewed by: cy, 0mp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D36141
None of tools working with login classes change umask(1)
and we had no ways to specify non-default umask for a service
not touching its startup script. This change makes in possible.
Some file-sharing services that create new files may benefit from it.
Differential: https://reviews.freebsd.org/D36309
MFC-after: 3 days
Run a service-based setup script before running the start command.
Useful for automatic configuration file generation.
Reviewed by: https://reviews.freebsd.org/D36006
Commit 24d0c9c1f5 introduced the following regression:
% ldd /bin/ls
/bin/ls:
libutil.so.9 => /lib/libutil.so.9 (0x1021000)
libncursesw.so.9 => /lib/libncursesw.so.9 (0x1021000)
libc.so.7 => /lib/libc.so.7 (0x1021000)
Note that the base address is the same for all displayed libraries.
Fix it by passing correct object to trace_print_obj().
Fixes: 24d0c9c1f5
Reviewed by: jrtc27
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Differential revision: https://reviews.freebsd.org/D36198
The first time a FreeBSD system boots, it obtains a hostuuid and hostid
from the smbios.system.uuid kernel environment variable. If this value
is found to be invalid, a warning is printed and the boot pauses for
two seconds to give the user a chance to read it.
If the FreeBSD kernel is launched directly in a virtual machine rather
than via the FreeBSD boot loader, the smbios.system.uuid environment
variable might not be set; in this case, there's no need to alert the
user and delay the boot process since the lack of a "hardware" uuid is
entirely expected.
Distinguish between the cases of "invalid UUID" and "no UUID", warning
and delaying the boot only in the former case. In both cases we still
generate a random UUID in software.
Reviewed by: delphij
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D36185
This change adds 2 tests to make sure that the *_oomprotect variable
sets the protection against OOM killer properly within rc(8) scripts.
This is also adding the first tests for the rc(8) framework. More tests
will be added as we go.
PR: 256148
Approved by: des
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D35745
55abf23dd3 inverted the value passed to origin_subst_one when rolling
up the existing code into a loop. If the first token is found ($ORIGIN),
this results in a wild free of part of strtab. Processing the second
token works fine and will act how the first should have regardless of
whether found, allocating memory for the string without freeing.
Processing subsequent tokens however will then leak, regardless of
whether found, as they will also believe they need to allocate memory
and can't free the string.
Found by: CHERI
Reviewed by: kib, markj
Fixes: 55abf23dd3 ("rtld: make token substitution table-driven")
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D35792
The rc(8) framework support protecting services from OOM killer.
The current implementation applies the protection after the service has
already started. This works fine if only the main process is to be
protected (*_oomprotect=yes). However, the current implementation fails
to protect existing children when children are also to be protected
(*_oomprotect=all). This patch fixes that.
Note: it is not easy to apply the protectoin earlier because we want to
support both the services which use the "command" variable and those
that use the "start_cmd" variable.
PR: 256148
Approved by: adrian, osogbo
Tested by: Jamie Landeg-Jones <jamie@catflap.org>
Fixes: 3bead71e95 - Add a global option where we can protect
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35747
atf format does not provide any way of signalling any error message
back to the atf runner when listing tests. Work this around by
reporting "__test_cases_list_pytest_binary_not_found__" test instead.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D35721
The mountd script in rc.d sets vfs.nfsd.server_max_nfsvers correctly
when it is run at system startup, relying on the kernel default.
However, if NFSv4 was enabled in /etc/rc.conf later, and the script
was re-run to restart mountd, the sysctl was still set to 3.
Set the sysctl to the right value in all cases.
Reviewed by: rmacklem
MFC after: 1 week
This change is a continuation of 9c42645a1e workaround.
Apparently pytest argument parser is not happy when parsing values
with spaces or just more than one --atf-var argument.
Switch wrapper to send these kv pairs as env variables. Specifically,
use _ATF_VAR_key=value format to distinguish from the other vars.
Add the `atf_vars` fixture returning all passed kv pairs as a dict.
Reviewed by: lwhsu
Differential Revision: https://reviews.freebsd.org/D35625
MFC after: 2 weeks