Commit Graph

10041 Commits

Author SHA1 Message Date
Cy Schubert
5568c8b2c5 ipfilter/ippool: Return error code when listing a pool fails
When an internal or other error occurs during the listing of a pool,
return an error code when extiting ippool(8). Printing an error to
stderr without returning an error code is useless in shell scripts.

MFC after:	2 weeks
2022-09-22 15:38:11 -07:00
Cy Schubert
7531c434a5 ipfilter/ippool: Dump a copy of ippool in ippool.conf format
Add an ippool(8) option to dump a copy of the inm-memory ippool tables
in an ippool(5) format so that it can be reloaded using ippool -f.

MFC after:	2 weeks
2022-09-22 15:38:11 -07:00
Bram Ton
06bfd0b914 setkey.8: Improve direction descriptions
Be more precise in the definition of policy directions
and policy levels.

PR:		250177
Reported by:	Bram Ton <bram at cbbg dot nl>
Reviewed by:	gbe, ae
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26719
2022-09-13 13:16:48 +02:00
Rick Macklem
9b436906fa mount_nfs.8: Update for NFSv4 use of "nolockd"
Commit 33721eb991 enabled use of "nolockd" for
NFSv4 mounts.  This was done primarily to allow its
use with the "intr" mount option.

This patch updates the man page for this.

This is a content change.

Reviewed by:	gbe (manpages), karels
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D36462
2022-09-07 14:07:20 -07:00
Kirk McKusick
2567b60f62 Fix for f4fc389.
Need to check for NULL pointer before using.

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-09-06 16:22:03 -07:00
Kirk McKusick
2ddf8cdbe0 Clarify error messages about bad inodes.
When something was found wrong with an inode the error message
was always "UNKNOWN FILE TYPE". This error is now used only when
the file type field is wrong. Other errors have their own messages:
"BAD FILE SIZE", "NEGATIVE FILE SIZE", "BAD SPECIAL-FILE RDEV",
"INVALID DIRECT BLOCK", and "INVALID INDIRECT BLOCK".

More complete information about the inode is also provided.

Sponsored by: The FreeBSD Foundation
2022-09-06 16:17:11 -07:00
Bjoern A. Zeeb
ac606903a8 ifconfig: print interface name on SIOCIFCREATE2 error
We have repeatedly gotten reports of unclassified SIOCIFCREATE2 errors
(usually "Device not configured").  This can happen if there is
configuration for interfaces in rc.conf which do not (yet) exist and
we try to configure.  I can, e.g., provoke this by configuring wlan
interfaces with their physical interface not installed.
In order to cut support (guesswork) down print the name of the
interface to be configured with the error message.
Hopefully this will help us in the future to improve other configuration
or driver problems.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2022-09-06 13:09:39 +00:00
Kristof Provost
cfa1a13087 pfctl: fix recrusive printing of ethernet anchors
Similar to the preceding fix for layer three rules, ensure that we
recursively list wildcard anchors for ethernet rules.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D36417
2022-09-06 13:19:10 +02:00
Kristof Provost
585a5ed0be pfctl: fix recrusive printing of anchors
Fix a couple of problems with printing of anchors, in particular recursive
printing, both of inline anchors and when requested explicitly with a '*'
in the anchor.
- Correct recursive printing of wildcard anchors (recurse into child anchors
rather than rules, which don't exist)
- Print multi-part anchor paths correctly (pr6065)
- Fix comments and prevent users from specifying multi-component names for
inline anchors.

tested by phessler
ok henning

Also fix the relevant pfctl test case to reflect the new (and now
correct) behaviour).

MFC after:	3 weeks
Obtained from:	OpenBSD (mcbride, f9a568a27c740528301ca3419316c85a9fc7f1de)
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D36416
2022-09-06 10:42:10 +02:00
Kristof Provost
ed5eb77e18 pfctl: fix printing anchors
Ensure that we pass the (base) anchorname to the kernel, not the '/*'
suffix.

MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D36415
2022-09-06 10:42:09 +02:00
Corvin Köhne
203f2c14c4 init: fix shutdown race
When calling shutdown, shutdown sends a signal to init and exits. This
causes a race condition for the waitpid function. If the signal wins the
race, wpid will be set to -1 and init calls death_single. If shutdown
wins the race, wpid will be set to the pid of the shutdown process and
the requested_transition will be ignored.

Reviewed by:		imp
Differential Revision:	https://reviews.freebsd.org/D36356
MFC after:		1 week
Sponsored by:		Beckhoff Automation GmbH & Co. KG
2022-09-06 09:06:51 +02:00
Kirk McKusick
4b4cc78a76 Formatting cleanups and debugging fix.
Sponsored by: The FreeBSD Foundation
2022-09-05 12:07:48 -07:00
Gordon Bergling
eec35f1fb3 ping(8): Correct a typo in source code comment
- s/occured/occurred/

MFC after:	3 days
2022-09-04 13:26:34 +02:00
Gordon Bergling
b89592a9ef ipf.4: Correct a typo in the manual page
- s/occured/occurred/

MFC after:	3 days
2022-09-04 12:55:42 +02:00
Kirk McKusick
2aa6ed881d Fix printf formating.
Fix for f4fc389.

Reported by:  Jenkins
Sponsored by: The FreeBSD Foundation
2022-09-03 15:39:45 -07:00
Kirk McKusick
f4fc389524 Properly handle the replacement of a partially allocated root directory.
If the root directory exists but has a bad block number Pass1 will
accept it and setup an inoinfo structure for it. When Pass2 runs
and cannot read the root inode's content because of a bad (or
duplicate) block number, it removes the bad root inode and replaces
it. As part of creating the replacement root inode, it creates an
inoinfo entry for it. But Pass2 did delete the inoinfo entry that
Pass1 had set up for the root inode so ended up with two inoinfo
structures for it. The final step of Pass2 checks that all the ".."
entries are correct adding them if they are missing which resulted
in a second ".." entry being added to the root directory which
definitely did not go over well in the kernel name cache!

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-09-03 14:48:34 -07:00
Kirk McKusick
cf17c2ff11 Flush and close getnextino cache when done using it in Pass 1b.
Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-09-03 14:15:50 -07:00
Gordon Bergling
2f2cf766b2 ifconfig(8): Fix a typo in source code comment
- s/overriden/overridden/

MFC after:	3 days
2022-09-03 14:55:54 +02:00
Rick Macklem
f46bea05fe mount_nfs.8: Reword sentence so .Pa macro works
Commit 603677334a added a sentence with a file path
in it. However, it did not use .Pa since it would leave
a space after it, where ('s) was supposed to go.

This patch rewords the sentence so that .Pa can
be used.

This is a content change.

Suggested by:	mkarels
2022-08-31 16:19:22 -07:00
Gleb Smirnoff
1df08e905a natd: use PF_DIVERT/SOCK_RAW instead of PF_INET/SOCK_RAW/IPPROTO_DIVERT 2022-08-30 16:24:37 -07:00
Rick Macklem
603677334a mount_nfs.8: Note that NFSv4 requires unique /etc/hostid's
Recent problems related to NFSv4 mounts has been traced
to multiple NFSv4 clients using the same /etc/hostid
(or kern.hostuuid, if you prefer).

This patch adds a sentence to the man page noting that
clients must have unique /etc/hostid's.

This is a content change.

Reviewed by:	gbe (manpages)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D36392
2022-08-30 07:57:27 -07:00
Kirk McKusick
827622937e Correct calculation of inode location in getnextino cache.
Fix for 345bfec.

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-28 23:47:17 -07:00
Kirk McKusick
2e4da012d5 Correct calculation of inode location in getnextino cache.
Fix for 345bfec.

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-28 23:09:29 -07:00
Kirk McKusick
27c6009e72 Correct diagnostic messages for bad cylinder groups.
Fix for 495b1ba.

Reported by:  Mike Karels
Sponsored by: The FreeBSD Foundation
2022-08-26 00:31:44 -07:00
Kirk McKusick
495b1baac3 Provide better diagnostic messages for bad cylinder groups.
Like the detailed diagnostics produced when a bad superblock
is read, provide similar detailed diagnostics when bad
cylinder groups are read.

Reported by:  Peter Holm
Tested by:    Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-25 23:57:56 -07:00
Kirk McKusick
345bfec109 Provide cache coherency between getnextinode() and ginode()
The fsck_ffs(8) utility has two subsystems for reading and writing
inodes. The getnextinode() interface is used in Pass 1 (and Pass
1b if needed) to sequentially walk through all the inodes in the
filesystem. The ginode() interface is used to read and write
individual inodes. Pass 1 uses a mix of both interfaces. This
change ensures that ginode() returns a pointer to the inode in the
cache maintained by getnextinode() when that interface holds the
requested inode so that all modifications to the inode are made in
a single place and are all written to the disk together.

Reported by:  Peter Holm
Tested by:    Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-23 23:48:40 -07:00
Kirk McKusick
be639cc8ee Update standard superblock when successful using an alternate superblock.
Historically fsck_ffs(8) would only use alternate superblocks when
running in manual mode. When the standard superblock fails, it now
tries to find and use a backup superblocks even when running in `preen'
mode. If an alternate superblock is found and the filesystem is
successfully cleaned up using it, write the alternate superblock
back to the standard superblock so that the filesystem can be
subsequently mounted and used.

Reported by:  Peter Holm
Tested by:    Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-23 23:29:17 -07:00
Kirk McKusick
6bae6625e0 Improve handling of missing '.' and '..' in UFS directories.
The UFS filesystem expects to find '.' and '..' as the first two entries
in a directory. The kernel's UFS name cache can become quite confused
when these two entries are not present as the first two entries.

Prior to this change, when the fsck_ffs(8) utility detected that
'.' and/or '..' were missing, it would report them, but only offered
to replace them if the space at the beginning of the directory was
available. Otherwise it was left to the system administrator to
move the offending file(s) out of the way and then rerun fsck_ffs(8)
to create the '.' and '..' entries.

With this change, fsck_ffs(8) will always be able to create the '.'
and/or '..' entries. It moves any files in the way elsewhere in the
directory block. If there is no room in the directory block to which
to move them, they are placed in the lost+found directory.

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-17 14:19:59 -07:00
Kirk McKusick
4f9606c9a6 When reading backup UFS superblocks, report reason if they cannot be used.
When either searching for backup UFS superblocks or when explicitly asked
to use one with the -b option, report the reason for failure if it cannot
be used.

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-17 13:54:07 -07:00
Jens Schweikhardt
3c405c7e83 Indicate which port gdb.1 and kgdb.1 come from. 2022-08-17 19:13:22 +02:00
Gleb Smirnoff
05b9737f10 ipfw: make it possible to specify MTU for "unreach needfrag" action
Reviewed by:		ae, pauamma
Differential revision:	https://reviews.freebsd.org/D36140
2022-08-17 08:24:11 -07:00
Kirk McKusick
128b0398a1 Update date in tunefs(8) manual page.
Requested by: Li-Wen Hsu
PR:           261944
Sponsored by: The FreeBSD Foundation
2022-08-16 16:46:59 -07:00
Emmanuel Vadot
4efb514b70 pkgbase: Put mount_nfs in the FreeBSD-nfs package 2022-08-16 21:15:04 +02:00
Kirk McKusick
82493ff700 Add a description of soft updates journaling to tunefs(8).
Add a descrition to the tunefs(8) -j (journal enablement) flag
that explains what soft updates journaling does, the tradeoffs
to using it, and the limitations that it imposes.

Requested by: Graham Perrin
PR:           261944
Sponsored by: The FreeBSD Foundation
2022-08-15 13:45:48 -07:00
Jens Schweikhardt
016aeb7ca0 The fdformat man page is in section 8 (not 1). 2022-08-14 18:14:52 +02:00
Jens Schweikhardt
8b55a4718c Indicate that racoon.8 is in ports/security/ipsec-tools. 2022-08-14 15:55:34 +02:00
Jens Schweikhardt
e67af79c4b Delete xref to suidperl(1) which has long since been removed in perl5.12. 2022-08-14 15:43:27 +02:00
Jens Schweikhardt
4ee44ffcca Indicate that kgdb.1 is from ports/devel/gdb. 2022-08-14 15:17:29 +02:00
Jens Schweikhardt
7c20397b72 In man page cross refs to sudo, indicate it comes from ports/security/sudo. 2022-08-14 11:44:43 +02:00
Kirk McKusick
6e821c35d6 Correctness cleanups in fsck_ffs(8).
Allocation or I/O failures in fsck_ffs(8) could cause segment
faults because of missing checks or not-yet-initialized data
structures. Correct these issues.

Reported by:  Peter Holm
Sponsored by: The FreeBSD Foundation
2022-08-13 13:28:31 -07:00
Kirk McKusick
e688661642 Move the ability to search for alternate UFS superblocks from fsck_ffs(8)
into ffs_sbsearch() to allow use by other parts of the system.

Historically only fsck_ffs(8), the UFS filesystem checker, had code
to track down and use alternate UFS superblocks. Since fsdb(8) used
much of the fsck_ffs(8) implementation it had some ability to track
down alternate superblocks.

This change extracts the code to track down alternate superblocks
from fsck_ffs(8) and puts it into a new function ffs_sbsearch() in
sys/ufs/ffs/ffs_subr.c. Like ffs_sbget() and ffs_sbput() also found
in ffs_subr.c, these functions can be used directly by the kernel
subsystems. Additionally they are exported to the UFS library,
libufs(8) so that they can be used by user-level programs. The new
functions added to libufs(8) are sbfind(3) that is an alternative
to sbread(3) and sbsearch(3) that is an alternative to sbget(3).
See their manual pages for further details.

The utilities that have been changed to search for superblocks are
dumpfs(8), fsdb(8), ffsinfo(8), and fsck_ffs(8). Also, the prtblknos(8)
tool found in tools/diag/prtblknos searches for superblocks.

The UFS specific mount code uses the superblock search interface
when mounting the root filesystem and when the administrator doing
a mount(8) command specifies the force flag (-f). The standalone UFS
boot code (found in stand/libsa/ufs.c) uses the superblock search
code in the hope of being able to get the system up and running so
that fsck_ffs(8) can be used to get the filesystem cleaned up.

The following utilities have not been changed to search for
superblocks: clri(8), tunefs(8), snapinfo(8), fstyp(8), quot(8),
dump(8), fsirand(8), growfs(8), quotacheck(8), gjournal(8), and
glabel(8). When these utilities fail, they do report the cause of
the failure. The one exception is the tasting code used to try and
figure what a given disk contains. The tasting code will remain
silent so as not to put out a slew of messages as it trying to taste
every new mass storage device that shows up.

Reviewed by: kib
Reviewed by: Warner Losh
Tested by:   Peter Holm
Differential Revision: https://reviews.freebsd.org/D36053
Sponsored by: The FreeBSD Foundation
2022-08-13 12:43:40 -07:00
Jens Schweikhardt
14e3d3248a Fix wrong capitalization in man page references. 2022-08-13 20:46:59 +02:00
Franco Fichtner
28b64169ea pf: stop resolving hosts as dns that use ":" modifier
When the interface does not exist avoid passing host with special pf
modifiers to DNS resolution as they come up empty anyway.

Reviewed by:	kp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D35429
2022-08-08 18:31:52 +02:00
Kristof Provost
63167eb48c pfctl tests: test case for the POM_STICKYADDRESS fix
In 1e73fbd8b we fixed an issue with POM_STICKYADDRESS being checked in
the wrong struct.
Add a basic test case for this fix.

MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2022-08-08 09:30:42 +02:00
Franco Fichtner
1e73fbd8b2 pfctl: fix FOM_ICMP/POM_STICKYADDRESS clash
pass inet proto icmp icmp-type {unreach}
	pass route-to (if0 127.0.0.1/8) sticky-address inet

The wrong struct was being tested. The parser tries to prevent
"sticky-address sticky-address" syntax but was actually cross-rule
enforcing that ICMP filter cannot be before the use of "sticky-address"
in next rule.

MFC after:	2 weeks
Reviewed by:	kp
Differential Revision:	https://reviews.freebsd.org/D36050
2022-08-06 14:22:42 +02:00
Kirk McKusick
23c8b19c1d Drop checks with last alternate superblock in fsck_ffs(8).
The fsck_ffs(8) utility made sanity checks of critical superblock
fields by comparing the values of those fields in the standard
superblock againt the values of those fields in the last alternate
superblock. The code for validating a superblock now cover all the
checked fields as well as many more. Further the checks done are
far more comprehensive. So we now drop the alternate superblock
checks as they no longer provide value. Dropping these checks also
eliminates the need to read the alternate superblock.
2022-08-04 16:08:18 -07:00
Kirk McKusick
b21582ee03 Add a flags parameter to the ffs_sbget() function that reads UFS superblocks.
Rather than trying to shoehorn flags into the requested superblock
address, create a separate flags parameter to the ffs_sbget()
function in sys/ufs/ffs/ffs_subr.c. The ffs_sbget() function is
used both in the kernel and in user-level utilities through export
to the sbget() function in the libufs(3) library (see sbget(3)
for details). The kernel uses ffs_sbget() when mounting UFS
filesystems, in the glabel(8) and gjournal(8) GEOM utilities,
and in the standalone library used when booting the system
from a UFS root filesystem.

The ffs_sbget() function reads the superblock located at the byte
offset specified by its sblockloc parameter. The value UFS_STDSB
may be specified for sblockloc to request that the standard
location for the superblock be read.

The two existing options are now flags:

UFS_NOHASHFAIL will note if the check hash is wrong but will still
   return the superblock. This is used by the bootstrap code to
   give the system a chance to come up so that fsck can be run to
   correct the problem.

UFS_NOMSG indicates that superblock inconsistency error messages
   should not be printed. It is used by programs like fsck that
   want to print their own error message and programs like glabel(8)
   that just want to know if a UFS filesystem exists on a partition.

One additional flag is added:

UFS_NOCSUM causes only the superblock itself to be returned, but does
   not read in any auxiliary data structures like the cylinder group
   summary information. It is used by clients like glabel(8) that
   just want to check for possible filesystem types. Using UFS_NOCSUM
   skips the superblock checks for csum data which allows superblocks
   that have corrupted csum data to be read and used.

The validate_sblock() function checks that the superblock has not
been corrupted in a way that can crash or hang the system. Unless
the UFS_NOMSG flag is specified, it will print out any errors that
it finds. Prior to this commit, validate_sblock() returned as soon
as it found an inconsistency so would print at most one message.
It now does all its checks so when UFS_NOMSG has not been specified
will print out everything that it finds inconsistent.

Sponsored by: The FreeBSD Foundation
2022-07-30 22:51:38 -07:00
Kirk McKusick
58cb362676 Fix for 90e2971 that caused some geli commands to return the wrong exit status.
The reported problem is that some geli commands exit with a
success status when they should exit with a failed status.

The gctl_error() function is defined differently in the kernel
(in sys/geom/geom_ctl.c) versus in the geom user facilities (in
sbin/geom/misc/subr.c). In the kernel, calling gctl_error() causes
an error return to be set while in the user version it does not.
It was only by a quirk that had been added to the user geom return
processing that I "cleaned up" that the lack of the user implementaion
to set the error return showed up.

This patch adds the missing setting of the error code when calling
the user facility gctl_error().

Reported by:  Jenkins
Debugging by: Alan Somers
Debugging by: Cy Schubert
Debugging by: Li-Wen Hsu
2022-07-29 11:11:46 -07:00
Stefan Eßer
9f3aa538e3 sbin/md5.c: fix -q -c for BSD style versions
The BSD style commands (with names not ending in "sum") ignored the -c
options and the passed digest value when invoked with -q.

The man page stated that -q causes only the calculated digest to be
printed, but did not consider the case of both the -q and -c being
used in combination.

Since there is no warning that -c will be ignored when the -q option
is used, users night (and did) expect that the exit code would reflect
the matching of the calculated digest and the argument passed with -c.

This update implements and documents this expected behavior.

PR:		265461
Reported by:	Dmitrij <bugs.freebsd@1fff.net>
MFC after:	2 weeks
2022-07-26 23:04:57 +02:00
Kirk McKusick
bf24d17fda Have dumpfs(8) ignore superblock check-hash failures.
Set the STDSB_NOHASHFAIL request so that dumpfs(8) can print out
filesystem details even when the superblock checksum is incorrect.
2022-07-24 18:12:24 -07:00