standardized interface to the capability support in TrustedBSD.
o Not currently enabled in Makefile, as this code depends on syscalls
and include files that will be committed at a later date.
Obtained from: TrustedBSD Project
o Add shared library version 2 to libposix1e given API changes, et al
o Commented out cap_*.c as that is not currently being compiled into
the library (pending syscalls being committed)
Obtained from: TrustedBSD Project
o Switch reference to www.trustedbsd.org instead of POSIX.1e implementation
page
o Add cross references to capabilities man pages
o Remove extended attribute not implemented "BUGS" entry
Obtained from: TrustedBSD Project
needed to add into ether_input) and finally sorting IFF_RUNNING through
whole driver.
As part of the IFF_RUNNING stuff, we've added an extra flag so callers
can request that runq routines should check IFF_RUNNING before executing.
Remove BPF taps as this is now done by ether_input.
Resurrect multicast code, moving the multicast list stuff to the runq
routine.
Dump ray_promisc_user as all flag changes are now handled by ray_init, and
add a couple of checks to ray_promisc.
In uppparams_user, allow changes before the card is running (need to
fix some breakage with _download here later). In addition, don't
assume that the current n/w parameters are valid - they are only valid
in the runq.
Fix a nasty flag bug - runq_add cleared all the flags on the last command!
Remove the hacks for setting the memory flags - problems were down
to buggy versions of pccardd. For some reason pccardd only dtrt with
the "right" debug_level.
Fix typo.
Fix description.
VFS_FHTOVP.9:
Fix order in which the manpage says the calls should be made.
PR: 18590
Submitted by: Anatoly Vorobey <mellon@pobox.com>
if an FFS partition returns EOPNOTSUPP, as it just means extended
attributes weren't enabled on that partition. Prevents spurious
warning per-partition at shutdown.
TCP/IP (v4) sockets, and routing sockets. Previously, interaction
with IPv6 was not well-defined, and might be inappropriate for some
environments. Similarly, sysctl MIB entries providing interface
information also give out only addresses from those protocol domains.
For the time being, this functionality is enabled by default, and
toggleable using the sysctl variable jail.socket_unixiproute_only.
In the future, protocol domains will be able to determine whether or
not they are ``jail aware''.
o Further limitations on process use of getpriority() and setpriority()
by jailed processes. Addresses problem described in kern/17878.
Reviewed by: phk, jmg
This may break some scripts, but with the number of ways users can damage
a system with this tool, it's important to make sure they specify which
device they want to talk to.
Suggested by: joerg
lets unprivileged installworld: almost work first try and always work second.
BINOWN isn't quite right for this, but it's not really worth creating
a MAILOWN for this.
can be viewed more easily with a pager.
Regular (i.e. short) usage output is still sent to stderr.
PR: bin/12358
Submitted by: Christian Weisgerber <naddy@mips.rhein-neckar.de>
apparently-intended micro-optimization ("testb" is equivalent and smaller)
and added a style bug (the size suffix for "testl" was missing).
linux-2.3.35 already had the correct fix.
Brian Feldman <green@FreeBSD.org>
* Remove the gratuitous dependency on OpenSSL 0.9.5a (preparation for MFC)
* Disable agent forwarding by default in the client (security risk)
Submitted by: green
Obtained from: OpenBSD
