last night:
_gr_breakout_yp() doesn't check for badly formatted NIS group entries.
For example, a bogus entry like this:
bootp::user1,user2,user3
will lead to a null pointer dereference and a SEGV (note that the GID
field is missing -- this results in one of the strsep(&result, ":")
returning NULL). The symtpom of this problem is programs dumping
core left and right the moment you add a + entry to /etc/group.
Note that while this is similar to an earlier bug, it's caused by a
different set of circumstances.
The fix is to check for the NULL pointers and have _gr_breakout_yp()
punt and return a failure code if it catches one. This is more or
less the behavior of SunOS: if a bad NIS group entry is encountered,
it's silently ignored. I don't think our standard (non-NIS) group
parsing code behaves the same way. It doesn't crash though, so I'm
citing the 'it ain't broken, don't fix it' rule and leaving it alone.
I'll probably have to add similar checks to _pw_breakout_yp() in
getpwent.c to ward off the same problems. It's rare that bad NIS
map entries like this occur, but we should handle them gracefully
when they do.
when syscons stops mapping the console to minor MAXCONS. There is
usually no corresponding device in /dev, and the correct device has
minor 0.
cons.c:
Initialize cn_tty properly, so that CPU_CONSDEV can work.
Comment about too many variants of the console tty pointer.
machdep.c:
Return device NODEV and not error EFAULT when there is no console device.
ftp://ftp.freebsd.org/pub/FreeBSD/distfiles/
as our distribution point for distfiles and patches. Other than
cosmetic changes (freebsd.cdrom.com -> ftp.freebsd.org), the
omission of "ports" is important. I would like to move this
directory completely out of the ports tree (on the ftp site),
so that people who do "get ports.tar.gz" won't get a bogus distfiles
-> ../distfiles symlink (which will make "make fetch" fail).
Sometime around the 2.1 release, the distfiles link will be deleted.
cpio/copyout.c:
Don't output a file if the major, minor or totality of its rdev would be
truncated. Print a message about the skipped files to stderr but don't
report the error in the exit status. cpio's abysmal error handling doesn't
allow continuing after an error, and the rdev checks had to be misplaced
to avoid the problem of returning an error code from routines that return
void.
pax/pax.h:
Use the system macros for major(), minor() and makedev().
pax already checks _all_ output conversions for overflow. This has the
undesirable effect that failure to convert relatively useless fields
such as st_dev for regular files causes files not to be output. pax
doesn't report exactly which fields couldn't be converted.
tar/create.c:
Don't output a file if the major or minor its rdev would be truncated.
Print a message about the skipped files to stderr and report the error
in the exit status.
tar/tar.c:
For not immediately fatal errors, exit with status 1, not the error count
(mod 256).
All:
Minor numbers are limited to 21 bits in pax's ustar format and to 18
bits in archives created by gnu tar (gnu tar wastes 3 bits for padding).
pax's and cpio's ustar format is incompatible with gnu tar's ustar
format for other reasons (see cpio/README).
parameters are. You can use dumpfs, but that's not obvious which settings
are tuneable, and is far from clear to the non-guru (it's like using a
hexdump of a tar archive to get a table-of-contents).
There is also an undocumented option in the man page that can be dangerous.
Suppose your disk driver decides to scramble all writes while you tell
tunefs to update all backup superblocks.
This suggested change adds a '-p' (print) switch to bring it in
line with some SVR4 systems.
(Slightly changed by me, mostly for optics. - joerg)
Submitted by: peter@haywire.dialix.com
clearer. The "informational message" almost looks like an instruction to
the user to change settings on the card....
It's cosmetic, but...
Submitted by: peter@haywire.dialix.com
This first shot only incorporaties so much functionality that DOOM
can run (the X version), signal handling is VERY weak, so is many
other things. But it meets my milestone number one (you guessed it
- running DOOM).
Uses /compat/linux as prefix for loading shared libs, so it won't
conflict with our own libs.
Kernel must be compiled with "options COMPAT_LINUX" for this to work.
user has entered a bogus kernel name in the first place).
Also fix the broken #ifdef FORCE_COMCONSOLE, it has been disabled by
accident. (NB: the keyboard probe remains disabled however.)
Few cosmetic fixes (declare functions to be void instead of int),
while i've been at this.
Pointed out by: wosch@cs.tu-berlin.de (Wolfram Schneider), for the init bug
explicitly advise the users to reset the machine in case they have
done bogus things (to prevent `dset' from merging the changes into
/kernel), and it's also useful for machines with serial consoles that
are physically in another place.
set permissions and ownerships of PREFIX (usually /usr/local). This
is the default if USE_IMAKE or USE_X11 is set.
This should be useful for machines like thud, where we want to keep
the /usr/local subtree writable to a group ("ports" in our case). Anybody
who installs stuff in /usr/local should have this set in the environment.
Note this won't affect anything the pkg_* suite does.
no ports are active, provided there are no polled ports and no
`LOSESOUTINTS' ports. Do a little more in the interrupt handler instead.
This is a little less efficient if there are are many active ports but
a little more efficient otherwise. Polled ports are ones with no irq
specified (as before). `LOSESOUTINTS' ports are ones with 0x08 set in
their config flags. Unless this flag is set, it will now take up to one
second to recover from lost output interrupts, if any. Some 8250s and
16450s lose output interrupts.
Improve output buffering: copy the clist buffer to 2 linear buffers if
necessary and possible instead of to 1. Handle an arbitrary queue of
buffers in the interrupt handler. Check for waking up sleepers after
copying characters out of the clist buffer instead of before.
Delay translation of TIOCM_DTR to MCR_DTR etc. so that the top level
routines are more machine independent.
Fix bogus device register in unused code.
Change things slightly so this message says "local" or "YP" as needed
so we can use it for both NIS and local password changes without
confusing people.
password strings when DES isn't used; somehow the encrypted password
is corrupted and it winds up containing control chars, which yppasswdd
subsequently rejects. This breaks yppasswd on non-DES FreeBSD systems
using NIS.
Fix: scrap getnewyppasswd() entirely and use getnewpasswd() from
local_password.c, since it already works properly and is virtually
identical to getnewyppasswd() anyway. (Wish I'd noticed this sooner.)
This fixes a problem just reported on comp.unix.bsd.freebsd.misc.
type instead of int all over the place. (Cosmetic, enhances
debugging.)
Point out that a date specification _must_ follow the time of day
spec, in the man page. This clarifies the last point PR # of bin/483:
"at doesn't seem to ..." (the remainder has already been fixed with
version 1.3 of parsetime.c).
claims multiple times to have failed. The problem is a off_t is
converted into a int and checked for a negative. A true lseek check
should be checking if the off_t is equal to -1 for failure.
(Suggested fix from PR #bin/461)
Submitted by: mark tinguely <tinguely@opus.cs.ndsu.NoDak.edu>
Note that the two "touch"s I took out from do-patch shouldn't have
been there in the first place.
This target may give incorrent results if two separate patches deal
with the same file, and their hunks overlap. (But having those kinds
of patches are bad, and they should be merged anyway.)
Reviewed by: hsu
now safely add a line like
ldconfig -m ${PREFIX}/lib
in ports' Makefiles and packing lists without throwing away some
directories the user may have added.
Submitted by: Mostly by Paul Kranenburg <pk@cs.few.eur.nl>
restricted. Am I the only one who sees the absurdity of having chfn be
a link to chpass, and then denying users permission to use chpass to
change their full names?
Of course, chpass has a much more severe bug in it, which is that it
allows users to change their password database info without first
asking them for their password. I hope to fix this at some point
so that I can merge ypchpass, ypchfn, ypchsh and chpass into one
program (password authentication is required for changing NIS data).
'cycle in netgroup check too greedy').
PR #508 is apparently due to an inconsistency in the way the 4.4BSD
netgroup code deals with bad netgroups. When 4.4BSD code encounters
a badly formed netgroup entry (e.g. (somehost,-somedomain), which,
because of the missing comma between the '-' and 'somedomain,' has
only 2 fields instead of 3), it generates an error message and
then bails out without doing any more processing on the netgroup
containing the bad entry. Conversely, every other *NIX in the world
that usees netgroups just tries to parse the entry as best it can
and then silently continues on its way.
The result is that two bad things happen: 1) we ignore other valid entries
within the netgroup containing the bogus entry, which prevents
us from interoperating with other systems that don't behave this way,
and 2) by printing an error to stderr from inside libc, we hose certain
programs, in this case rlogind. In the problem report, Bill Fenner
noted that the 'B' from 'Bad' was missing, and that rlogind exited
immediately after generating the error. The missing 'B' is apparently
not caused by any problem in getnetgrent.c; more likely it's getting
swallowed up by rlogind somehow, and the error message itself causes
rlogind to become confused. I was able to duplicate this problem and
discovered that running a simple test program on my FreeBSD system
resulted in a properly formatted (if confusing) error, whereas triggering
the error by trying to rlogin to the machine yielded the missing 'B'
problem.
Anyway, the fixes for this are as follows:
- The error message has been reformatted so that it prints out more useful
information (e.g. Bad entry (somehost,-somedomain) in netgroup "foo").
We check for NULL entries so that we don't print '(null)' anymore too. :)
- Rearranged things in parse_netgrp() so that we make a best guess at
what bad entries are supposed to look like and then continue processing
instead of bailing out.
- Even though the error message has been cleaned up, it's wrapped inside
a #ifdef DEBUG. This way we match the behavior of other systems. Since we
now handle the error condition better anyway, this error message becomes
less important.
PR #507 is another case of inconsistency. The code that handles
duplicate/circular netgroup entries isn't really 'too greedy; -- it's
just too noisy. If you have a netgroup containing duplicate entries,
the code actually does the right thing, but it also generates an error
message. As with the 'Bad netgroup' message, spewing this out from
inside libc can also hose certain programs (like rlogind). Again, no
other system generates an error message in this case.
The only change here is to hide the error message inside an #ifdef DEBUG.
Like the other message, it's largely superfluous since the code handles
the condition correctly.
Note that PR #510 (+@netgroup host matching in /etc/hosts.equiv) is still
being investigated. I haven't been able to duplicate it myself, and I
strongly suspect it to be a configuration problem of some kind. However,
I'm leaving all three PRs open until I get 510 resolved just for the
sake of paranoia.
