next try over chroot (descriptor closed). getgrnam() used already handles
endgrent() properly and honors _gr_stayopen. Automatically call
setgroupent(1) when _pw_stayopen is set (for YP/NIS code).
-----------------------------
Most of the userland changes are in libc. For both the alpha
and the i386 setjmp has been changed to accomodate for the
new sigset_t. Internally, libc is mostly rewritten to use the
new syscalls. The exception is in compat-43/sigcompat.c
The POSIX thread library has also been rewritten to use the
new sigset_t. Except, that it currently only handles NSIG
signals instead of the maximum _SIG_MAXSIG. This should not
be a problem because current applications don't use any
signals higher than NSIG.
There are version bumps for the following libraries:
libdialog
libreadline
libc
libc_r
libedit
libftpio
libss
These libraries either a) have one of the modified structures
visible in the interface, or b) use sigset_t internally and
may cause breakage if new binaries are used against libraries
that don't have the sigset_t change. This not an immediate
issue, but will be as soon as applications start using the
new range to its fullest.
NOTE: libncurses already had an version bump and has not been
given one now.
NOTE: doscmd is a real casualty and has been disconnected for
the moment. Reconnection will eventually happen after
doscmd has been fixed. I'm aware that being the last one
to touch it, I'm automaticly promoted to being maintainer.
According to good taste this means that I will receive a
badge which either will be glued or mechanically stapled,
drilled or otherwise violently forced onto me :-)
NOTE: pcvt/vttest cannot be compiled with -traditional. The
change cause sys/types to be included along the way which
contains the const and volatile modifiers. I don't consider
this a solution, but more a workaround.
patch to stop the core dumps while others come up with a better
reviewed patch which may also fix other problems. We do illegal
pointer arithmetic, but it should be OK since FreeBSD only supports
machines with flat address spaces.
Submitted by: bde
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
- Sort xrefs
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlines in mdoc(7)
- Other misc mdoc cleanup.
PR: doc/13144
Submitted by: Alexy M. Zelkin <phantom@cris.net>
When fts_open is used with option FTS_NOCHDIR the full
path entry of type FTS_DP is returned with a trailing
'/' if the final directory is empty.
This fix coresponds to netbsd's __fts13.c v. 1.16
Note: you need to install the current groff tmac macros for these
man pages to format correctly. Specifically, rev 1.21 of
contrib_groff/tmac/doc-syms in -current, or rev 1.17.24 for 3.2-stable
(devname() returned "??" when the lookup failed, but callers expected it
to return NULL). This was fixed in Lite2, but until recently the changes
were only merged into devname.3. A day or two after devname.c was fixed,
devname.3 was made inconsistent again by backing out most of the Lite2
changes.
track.
The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
function. It was an ill-considered feature. It didn't solve the
problem I wanted it to solve. And it added Yet Another Version
Number that would have to be maintained at every release point.
I'm nuking it now before anybody grows too fond of it.
that counted the number of elements in argv. The counter is incremented
in the next-iteration section of the loop, not the body, so at termination
it's already "counted" the element that failed the continuation test - in
this case the NULL argv terminator.
Noted by: bde
call them. All the execX() libc functions should be vfork() safe now.
Specifically:
- execlp() does the argument count-and-build into a vector from alloca
(like the others) - buildargv() is no longer used (and gone).
- execvp() uses alloca/strcpy rather than strdup().
- the ENOEXEC handler uses alloca rather than malloc.
- a couple of free() calls removed - alloca works on the local stack and
the allocations are freed on function exit (which is why buildargv
wasn't useful - it's alloca() context would disappear on return).
Along the way:
- If alloca() fails (can it?), set errno = ENOMEM explicitly.
- The ENOEXEC recovery routine that trys again with /bin/sh appeared to
not be terminating the new argv[] array for /bin/sh, allowing it to
walk off the end of the list.
I dithered a bit about using alloca() even more as it's most commonly
associated with gcc. However, standalone portable (using malloc) and
machine-specific assembler alloca implementations appear to be available
on just about all the architectures we're likely to want to port to.
alloca will be the least of our problems if ever going to another compiler.
which ones cause us to fail. Now all open errors on the databse file
will cause the next file in the list to be tried.
Submitted by: Arne Henrik Juul <arnej@math.ntnu.no>
PR: 4585
- document that sysctl() and sysctlbyname() return 0 on success
- if the provided buffer is too small, set errno to ENOMEM and return -1
instead of returning ENOMEM.
is actually mounted on "/" can be determined using statfs() and is
in /dev. This fixes fsck operating on the wrong device when the
fs_spec entry is only an alias. The aliased case became more
dangerous when the ROOTSLICE_HUNT hack was committed in mount(8).
ROOTSLICE_HUNT may be unnecessary now.
an unimprovement here. I thought it would be an improvement, as in libkvm,
but here we can access the strings directly.
Use sysctlbyname() instead of sysctl() and trust it to give a nonzero
address if it succeeds.
they cannot mount a filesystem that they cannot see in getvfsbyname().
Part 1 of this is a hack, make vfsisloadable() always return true - the
ultimate decider of whether it's loadable or not is kldload() or mount().
Part 2 of this is to have vfsload() call kldload(2) and return success if
it works. This means that we will use a viable kld module in preference
to an LKM!
Ultimately, the thing to do is remove the hacks to do a vfsload in all the
mount_* commands and let the kernel do it by itself in mount(2).
vfork() can't be used. We could use alloca() in execl() so that
it can be called between vfork() and execve(), but a "portable"
popen() shouldn't depend on this. Calling execle() instead of
execl() should be fairly safe, since execle() is supposed to be
callable from signal handlers and signal handlers can't call
malloc(). However, execle() is broken.
PR: 7923
Submitted by: Archie Cobbs <archie@whistle.com>
The scandir() function returns -1 if it fails.
In many cases when this happens, it does not free
the memory that it allocated, resulting in a memory
leak, or close the directory opened with opendir().
BAD DOG, BAD!
In some cases replace if (a == null) a = malloc(x); else a =
realloc(a, x); with simple reallocf(a, x). Per ANSI-C, this is
guaranteed to be the same thing.
I've been running these on my system here w/o ill effects for some
time. However, the CTM-express is at part 6 of 34 for the CAM
changes, so I've not been able to do a build world with the CAM in the
tree with these changes. Shouldn't impact anything, but...
addresses by default.
Add a knob "icmp_bmcastecho" to "rc.network" to allow this
behaviour to be controlled from "rc.conf".
Document the controlling sysctl variable "net.inet.icmp.bmcastecho"
in sysctl(3).
Reviewed by: dg, jkh
Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
- Fix some style errors I made back in 1995.
- Add a new flavor of the err(3) family, which takes an explicit
errno argument rather than implicitly examining errno. This
will make it easier to use these functions in conjunction with
modern library interfaces that return an errno value explicitly.
standard places ("/etc/objformat", ${OBJFORMAT}, argv) for an
indication of the user's preferred object file format. This
consolidates some code that was starting to be duplicated in more
and more places.
Use the new function in ldconfig.
Note: I don't think that gcc should use getobjformat(), even though
it could. The compiler should limit itself to functions that are
widespread, to ease porting and cross-compilation.
