Changing a local passwd will now keep the encryption type that
was originally used to encrypt the password, so folks adding DES
to their systems will not be irritated/confused by having MD5'ed
passwords in their master.passwd. Coming later is an option to
allow the user to choose the encryption type.
2) Fix a bunch of compiler warnings announced by turning on -Wall.
I did not get them all, that will come a bit later.
Update rpcgen with the one from the TI-RPC 2.3 distribution.
Note that when built for FreeBSD, this version of rpcgen assumes
backwards compatibility mode by default. This means that it will produce
ONCRPC 4.0 compatible code unless otherwise instructed, instead of the
other way around.
One incompatibility has also been worked around: this rpcgen normally
always emits an '#include <stropts.h>' directive whether you select
backwards compatibility mode or not. We don't have STREAMS, so this
behavior has been changed: now it will only emit this line if run in TI-RPC
mode.
The 'generate output files in current directory instead of the
directory where the protocol definition file lives' hack from the
original rpcgen has been preserved.
Notable new features:
- Can be used to generate RPC servers that can be launched
from port monitors such as inetd(5).
- Can generate ANSI C code.
- Can generate sample client and server top-level programs and
makefiles in addition to the usual client and server stubs.
- Can generate inline XDR routines.
The #ifdef NEWSALT code doesn't NULL terminate the salt string..
We dont appear to use this code anymore, but it shouldn't hurt
Submitted by: Laurence Lopez <lopez@mv.mv.com>
quite right. (Thic causes you to get prompted for an 'Old Password' when
changing someone's NIS password even if your password isn't set yet.)
Do it like local_passwd.c does.
simplest thing is to just calculate the days using curtime - boottime / 86400.
The modification for this is less obtrusive anyway.
Suggested by: Bill Fenner <fenner@parc.xerox.com>
that if you do an rup on a machine that's been running longer than a year,
you get the wrong day count. Now we factor in 365 * (curtime.tm_year -
boottime.tm_year) to get the correct value. (I noticed this while running
rup on a SunOS machine I have that's been up 525 days. My FreeBSD
machines all said it had only been up for 160 (525-365) days. :)
- apply chmod to the targets, not to the sources.
- apply chown to the targets.
It is still bogus to install by building in the target directory. See
mklocale/data/Makefile for a better method.
27c27
< 11/29 Thanksgiving Day (Last Thursday in November)
---
> 11/23 Thanksgiving Day (4th Thursday in November)
it's not that the date was wrong for this year (it was the wrong year..
it was that the ALGORYTHM was wrong..
very confusing for non americans wondering why americans were going to be
on holiday on the 23rd..
style of error reporting (i prefer gcc style to be consistent with the
compiler) is left, plus a minor nit he's most likely been overlooking.
There are still problems with bootstrapping, and you should expect
troubles when linting libc...
This is just a vendor import by now. I'll wait until i'll get the
imported files back via CTM before applying the FreeBSD patches.
Don't use it yet.
Submitted by: Jochen Pohl <jpo.drs@sni.de>
Obtained from: (NetBSD -- this version is directly from Jochen)
broke. It's much easier to debug the symbol export lists in lkm makefiles
if you know what your errors are during the build process. :-)
Bleah.. symorder.c is *horrible*. :-(
to the description in the manpage. g flag means "replace every occurence
in each word", and its absence means "replace first occurence in each word".
Previously, absence of the g flag was implemented to mean "replace first
occurence found in all words, and then stop replacing", which was incorrect.
only, as it payes no attention to the relocation table (which
references the symbols).
As a result, running "symorder -c" to clean up the visibility of a LKM
".o" file (as is done in the new bsd.kmod.mk) totally screws up the
relocation table, making the LKM file unloadable. (ld: bogus
relocation record)
This is a pretty crude fix - I've changed symorder so that when
running in "cleanup" mode, it disables the reordering which was
screwing up the relocation table. I'm sure there is a better fix, but
I didn't have the energy. Feel free to fix this hack, probably by
renumbering the symbol indexes in the relocation table.
patches to merge the two IPX packages to work with each other and to
not break make-world :)
IPXrouted should be working now, (or at least compiling) :)
Submitted by: Mike Mitchell, supervisor@alb.asctmd.com
This is a bulk mport of Mike's IPX/SPX protocol stacks and all the
related gunf that goes with it..
it is not guaranteed to work 100% correctly at this time
but as we had several people trying to work on it
I figured it would be better to get it checked in so
they could all get teh same thing to work on..
Mikes been using it for a year or so
but on 2.0
more changes and stuff will be merged in from other developers now that this is in.
Mike Mitchell, Network Engineer
AMTECH Systems Corporation, Technology and Manufacturing
8600 Jefferson Street, Albuquerque, New Mexico 87113 (505) 856-8000
supervisor@alb.asctmd.com
strings describing the drive status and error bits are so deficient
that the pointer is always NULL.
Reported by: Philippe Charnier <charnier@lirmm.fr>
made other performance improving changes. This improves the performance
of last(1) by as much as 32 times in some cases, and in more typical cases
is about twice as fast.
Added a BUGS section to the manual page to describe the behavior of last(1)
when a login shell terminates abnormally (and thus doesn't write a logout
record to the wtmp file).
finger output from 80 to 79 characters to stop the syscons
every-second-line-is-blank problem.
Also, redo the TTY column mod so that it steals one of the (usually) two
blank spaces from the before the tty column rather than from the office
phone number.
This means the office phone field width in the short finger is back to 15
characters instead of 13.
time of the target if the target file is the same as the source),
-d (debug), and -p (same as -C except for preserving the modification
time of the source if the target doesn't exists or is different from
the source.
Use library err() functions instead of our own and pass them better
exit codes.
Submitted by: wollman (and changed a lot by me)
Our ld is derived from gnu ld which doesn't check the timestamp on
__.SYMDEF. gnu ld is designed to work with gnu ar which doesn't
even have a ranlib option (gnu ar updates __.SYMDEF automatically
if __.SYMDEF already exists, so gnu ld expects __.SYMDEF to be up
to date if it exists).
uncompression by the "proper" kernel. These changes also add a -v option
so you can see how much room you are using, and check to make sure you're
not going past the 4MB boundary.
This depends on the corresponding changes to sys/i386/boot/kzipboot.
Submitted by: Gary Jones(?) <gj@freefall>, and my code merged in.
Kerberos obtains a network address for the local host from the routing
tables and uses it consistently for all Kerberos transactions. This ensures
that packets only leave the *authenticated* interface. Clients who open
and use their own sockets for encrypted or authenticated correspondance
to kerberos services should bind their sockets to the same address as that
used by kerberos. krb_get_local_addr() and krb_bind_local_addr() allow
clients to obtain the local address or bind a socket to the local address
used by Kerberos respectively.
Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman>
Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
handling for the tools binaries. E.g., after libc.a is changed, it
previously took two `make' passes and one `make depend' pass following
one of the `make' passes to bring everything up to date. Now one `make'
pass followed by one `make depend' pass is sufficient.
Dependency handling seems to be difficult to handle cleanly when
interdependent things are built in different directories.
The filenames in SRCS must have one of the extensions .s, .S, .c, or .cc
if they are to be handled by bsd.dep.mk. Lex and yacc files must be
converted to C files and kept around for everything to work. This is
handled fairly automatically if the names of the generated C files are
put in SRCS. Unfortunately these names must be put in CLEANFILES too.
pcvt Makefiles:
Fix DPADD. It was missing.
Fix CLEANFILES. Some temporary files were missing.
Fix CFLAGS. There were some `-I dir' options.
There must be no whitespace separating -I and -D options from the
corresponding args if these options are to be handled by bsd.dep.mk.
the way it stores and handles "interface". The previous behavior resulted
in strange output from 'w' and 'ps' when an interface specification was
given to netstat.
[ Find to a file vs. to stdout ] produces different output because find
does not flush stdout when doing a -print.
Submitted by: Jeffrey Hsu <hsu@freefall.freebsd.org>
Obtained from: Gunther Schadow and Luigi Rizzo
control program for Trust AmiScan BW (GI1904 chipset)
ASC - A device driver for a handy scanner
This is a device driver for GI1904-based hand scanners, e.g. the Trust
Amiscan Grey and possibly others. The driver is based on the "gsc"
driver and, partly, on a Linux driver.
The driver has a working select().
-Luigi Rizzo (luigi@iet.unipi.it)
to the target login's shell. This allows for "su -c".
Do it right this time and also explain this behaviour in the man
page. :)
Obtained from: bsm's work in FreeBSD 1.1.5.1
This gives us more room to breath with tty names, especially with drivers
that support large numbers of ports.. eg: specialix and digiboard.
This does not actually change the current tty names, it just allows room
for reporting more characters if the drivers use them.
correctly whether a user is local or NIS (or both, or neither). If you
have a user that exists locally but not in NIS, passwd(1) could get
confused and try to submit the password change to NIS. (Fortunately,
yppasswdd is smart enough to spot the error and reject the change.)
Bug reported by: Charles Owens <owensc@enc.edu>
NIS (or both, or neither). Also add support for -l and -y flags to
force behavior to local or NIS. use_yp() also goes out of its way to
retrieve the correct password database information (local or NIS)
depending on what the situation since getpwent() & co. can't
necessarily be trusted in some cases.
Also document new flags in man page.
syntax is slightly changed: -format is now -f format.
New option: -i name
This is a switch to control marked sections in SGML documents. Useful
for multi-lingual documents.
the installation floppy (and in any references in new user docs for
editing files) since tossing a novice into vi with no help or clue as
to what the key bindings are is both cruel and in violation of the
Hague Convention. It's also much SMALLER than vi and even supports emacs
key bindings for those so inclined.
Submitted by: "Hugh F. Mahon" <hugh@nsmdserv.cnd.hp.com>
Telnet has nothing to do with this, it's telnetd and telnetd
doesn't use KLUDGELINEMODE so that theory is washed up. Anyway,
back out previous commit and slink away with red face.
and graft it into chpass.
Chpass can now tell when it's being asked to operate on an NIS
user and it displayes the appropriate message in the editor
template ("Changing NIS information for foo"). After the changes
have been made, chpass will promte the user for his NIS password.
If the password is correct, the changes are committed to yppasswdd.
Hopefully, this should make NIS more transparent to the end user.
Note that even the superuser needs to know a user's password before
he can change any NIS information (such is the nature of yppasswdd).
Also, changes to the password field are not permitted -- that's what
yppasswd is for. (The superuser may specify a new password, but
again, he needs to know the user's original password before he can
change it.)
I do some digging out on this subject and found that remote
rlogind may reduce big speeds to 38400 by itself and (as more often
rlogind variant) speed setting ioctl fails, so speed left on 9600.
In all cases it doesn't do any real harm.
Look at error return of kread() and stop on error.
Fix warning in kread() to not output "kvm_read:" twice.
Killed PCB cache misses stat as we no longer have it.
at install time. This will allow `install -C' to avoid replacing the
installed copy if the new copy is the same. `install -C' would actually
work right if `strip' is already installed, but the Makefile doesn't
know that and has to work for plain `install'.
Stripping should be done by default at link time, but complications
would still be required for installing `strip' in case the default is
overridden.
>Description:
A machine with uptime >1 year appears wrong in the ruptime list
Fixes bin/626: ruptime doesn't like big ...
Reviewed by:
Submitted by: root@xaa.stack.urc.tue.nl
Obtained from:
their ambiguity and makes the output more consistent with other
calendars (e.g. cal in Emacs).
Reviewed by:
Submitted by: wosch@cs.tu-berlin.de (Wolfram Schneider)
Obtained from:
a gethostbyname() on it. That can take a long time... (especially
if the reason the IP address is in there in the first place is because
login/rlogind/telnetd couldn't find it either....)
This patch reduces the gethostbyaddr lookup time to 2 seconds, the idea being
that if the local nameserver knows the answer, it'll answer within that time,
otherwise we dont care... :-)
This change doesn't do anything about whether or not w should do this in the
first place, but at least it will make the current behavior less painful.
Reviewed by: David Greenman
but usually got confused with "eom". It didn't ring the warning bell
saying: "You are probably going to mark your whole tape as deleted
right now."
A warning message pointing to "weof" and "eom" is issued instead.
to su to root by authenticating as themselves (using a password or S/Key)
rather than by using the root password. This is useful in contexts like
ours, where a large group of people need root access to a set of machines.
(However, the security implications are such that this should not be
enabled by default.)
The code is conditionalized on WHEELSU.
isn't used in systat or in the kernel (it was replaced by a sysctl()
call involving VM_METER) and will go away when I clean up bogus
common variables in the kernel.
> The command:
>
> touch -t 199504011200 testfile
>
> gives the error message:
>
> touch: out of range or illegal time specification: [[CC]YY]MMDDhhmm[.SS]
Submitted by: mpp@legarto.minn.net (Mike Pritchard)
complain about an 'illegal line count' becuase it's looking
at the wrong end pointer (ep) to detect any extra characters
after the NNN.
Submitted by: Rich Murphey <rich@freebsd.org>
This should probably get pulled into 2.0.6 and 2.1.0
symbolic links for each cross reference label in the source file, thus
allowing external documents to link to a more or less fixed target,
rather that the numbered files which can change whenever the target
document is modified.
Bug fix: warn when a reference is made to a nonexistant label.
The version 2 support has been tested (client+server) against FreeBSD-2.0,
IRIX 5.3 and FreeBSD-current (using a loopback mount). The version 2 support
is stable AFAIK.
The version 3 support has been tested with a loopback mount and minimally
against an IRIX 5.3 server. It needs more testing and may have problems.
I have patched amd to support the new variable length filehandles although
it will still only use version 2 of the protocol.
Before booting a kernel with these changes, nfs clients will need to at least
build and install /usr/sbin/mount_nfs. Servers will need to build and
install /usr/sbin/mountd.
NFS diskless support is untested.
Obtained from: Rick Macklem <rick@snowhite.cis.uoguelph.ca>
Change things slightly so this message says "local" or "YP" as needed
so we can use it for both NIS and local password changes without
confusing people.
password strings when DES isn't used; somehow the encrypted password
is corrupted and it winds up containing control chars, which yppasswdd
subsequently rejects. This breaks yppasswd on non-DES FreeBSD systems
using NIS.
Fix: scrap getnewyppasswd() entirely and use getnewpasswd() from
local_password.c, since it already works properly and is virtually
identical to getnewyppasswd() anyway. (Wish I'd noticed this sooner.)
This fixes a problem just reported on comp.unix.bsd.freebsd.misc.
type instead of int all over the place. (Cosmetic, enhances
debugging.)
Point out that a date specification _must_ follow the time of day
spec, in the man page. This clarifies the last point PR # of bin/483:
"at doesn't seem to ..." (the remainder has already been fixed with
version 1.3 of parsetime.c).
restricted. Am I the only one who sees the absurdity of having chfn be
a link to chpass, and then denying users permission to use chpass to
change their full names?
Of course, chpass has a much more severe bug in it, which is that it
allows users to change their password database info without first
asking them for their password. I hope to fix this at some point
so that I can merge ypchpass, ypchfn, ypchsh and chpass into one
program (password authentication is required for changing NIS data).
order, prevent suffix rule, if direct or children dependances exists,
forget to free v->name in var.c
My fixes: fix famous ^\t\n bug, correct free order in str_end
Reviewed by: bde
Obtained from: NetBSD, me
that it can't contact an NIS server when asked to change the password
of an invalid user. It should say 'unknown user' instead.
The fix is to check for the _PW_KEYYPENABLED flag in the password
database and only roll over into the yppasswd stuff if the flag
is enabled (this means passwd will not behave as yppasswd if
there are no +::::::::: entries in /etc/master.passwd). If
NIS is enabled but the user says 'passwd -l foouser' where
foouser exists in the NIS maps, but not in /etc/master.passwd,
we also say 'unknown user.' This is so we don't outsmart ourselves:
specifying the -l flag restricts passwd to the local password database
even if NIS is enabled.
This change should probably be merged into 2.1.
- Moved to a more client-driven model. We aggressively attempt to keep
the default domain bound (as before) but we give up on non-default
domains if we lose contact with a server and fail to get a response
after one round of broadcasting. This helps drastically reduce the
amount of network bandwitdh that ypbind consumes: if a client references
the secondary domain at some later point, this will prod ypbind into
establishing a new binding anyway, so continuously broadcasting without
need is pointless.
Note that we still actively seek out a binding for our default domain
even if no client program has queried us yet. I'm not exactly sure if
this matches SunOS's behavior or not, but I decided to do it this way
since we can get into all sorts of trouble if our default domain comes
unbound. Even so, we're still much quieter than we used to be.
- Removed a bunch of no-longer pertinent comments and a couple of
chunks of #ifdef 0'ed code that no longer fit in to the new layout.
- Theo deRaadt must have become frustrated with the callback mechanism
in clnt_broadcast(), because he shamelessly stole the clnt_broadcast()
code right out of the RPC library and hacked it up to suit his needs.
(Comments and all! :)
I can understand why: clnt_broadcast() blocks while awaiting replies.
Changing this behavior requires surgery. However, you can work around
this: fork the broadcast into a child process and relay the results
back to the parent via a pipe. (Careful obervation has shown that the
SunOS ypbind forks children for broadcasting too, though I can only
guess what sort of interprocess communication it uses. pipe() seems to
do the job well enough.)
This may seem like the long way around, but it's not really that
hard to implement, and I'd prefer to use documented RPC library functions
wherever possible. We're careful to limit the number of simultaneous
broadcasters to avoid swamping the system (the current limit is 5).
Each clnt_broadcast() call only sends out a small number of packets
at increasing intervals. We're also careful not to spawn more than one
bradcaster for a given domain.
- Used clntudp_bufcreate() and clnt_call() to implement a ping()
function for directly querying a particular server so that we can
check if it's still alive. This lets me completely remove the old
bradcasting code and use actual RPC library calls instead, at the
cost of more than a few handfulls of torn-out hair. (Make no mistake
folks: I *HATE* RPC.) Currently, the ping interval is one minute.
- Fixed another potential 'nfds too big for select()' bug: use
_rpc_dtablesize() instead of getdtablesize().
- Quieted gcc -Wall a bit.
- Probably a bunch of other stuff that I've forgotten.
ypbind.8:
- Updated man page to reflect modifications.
ypwhich.c:
- Small mind-o fix from last time: decode error results from
ypbind correctly (*groan*)
yplib.c:
- same as above
- Change behavior of _yp_dobind() a little: if we get back a 'Domain
not bound' error for a given domain, retry a few times before giving
up and passing the error back to the caller. We have to sleep for a
few seconds between tries since the 'Domain not bound' error comes
back immediately (by repeatedly looping, we end up pounding on ypbind).
We retry at most 20 times at 5 second intervals. This gives us a full
minute to get a response. This seems to deviate a bit from SunOS
behavior -- it appears to wait forever -- but I don't like the idea
of perpetually hanging inside a library call.
Note that this should fix the problems some people have with bindings
not being established fast enough at boot time; sometimes amd is started
in /etc/rc after ypbind has run but before it gets a binding set up. The
automounter gets annoyed at this and tends to exit. By pausing ther YP
calls until a binding is ready, we avoid this situation.
- Another _yp_dobind() change: if we determine that our binding files
are unlocked or nonexistent, jump directly to code that pokes ypbind
into restablishing the binding. Again, if it fails, we'll time out
eventually and return.
seperate exit values depending on the error. (The error values are
#defined and commented near the top of the file for clarity). This
is to help write a small bit of shell script for /etc/rc that calls
ypwhich a few times after ypbind is invoked to make sure we're
actually bound to a server before proceeding (if we aren't, the
automounter can fail if it's using NIS maps).
ypbind.c: if a client program asks ypbind for the name of the server
for a particular domain, and there isn't a binding for that domain
available yet, ypbind needs to supply a status value along with its
failure message. Set yprespbody.ypbind_error before returning from
a ypbindproc_domain request.
yplib.c: properly handle the error status messages ypbind now has the
ability to send us. Add a ypbinderr_string() function to decode the
error values.
ypwhich.c: handle ypbind errors correctly: yperr_string() can't handle
ypbind_status messages -- use ypbinderr_string instead.
some (hopefully) less offensive stupidity:
If we detect that a user has loaded a module that fails to initialize
itself correctly, panic. There really isn't a safe way to recover from
something like this; we can't know that the module is bad until after
the entry point is called, by which time it's too late to do anything
about it.
covered now, and i've attempted to give textual representations
instead of magic numbers.
The st(4) driver still misses some pieces; i'm going to implement the
EOM functionality RSN.
Any takers for the MTCOMP command? Seems to have never been implemented.