Obtained from: Whistle Communications tree
Add an option to the way UFS works dependent on the SUID bit of directories
This changes makes things a whole lot simpler on systems running as
fileservers for PCs and MACS. to enable the new code you must
1/ enable option SUIDDIR on the kernel.
2/ mount the filesystem with option suiddir.
hopefully this makes it difficult enough for people to
do this accidentally.
see the new chmod(2) man page for detailed info.
o start function names in column 1
o sort order of flags in getopt and switch
o don't try to reference progname
o unspam some changes introduced by a 2.2.1-R build box instead of a
-current build box
doc changes:
o document when these commands first appeared
o put email address in angle brakets
o minor mdoc clean up
permissions centrally and a setuid root mount utility just breaks
its security. There was no new breakage in practice because
mfdosfs_mount() still checks the ruid.
fix a few problems with missing headers, warn called with an exit
value, and undeclared getopt vars
these programs now compile -Wall clean (and yes, I know I should use
more than just -Wall) :)
like PAP and CHAP secrets with sppp(4). This is the first utility
using the new SIOC[SG]IFGENERIC ioctls (and the reason for inventing
them in the first place).
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
higher up in memory (0x0800000 upwards) rather than near zero (0x1000
for our qmagic a.out format). The method that mount_mfs uses to allocate
the memory within data size rlimits for the ram disk is entirely too much
of a kludge for my liking. I mean, if it's run as root, surely it makes
sense to just raise the resource limits to infinity or something, and if
it's a non-root user mount (do these work? with mfs?) it could just fail
if it's outside limits.
an export line) is unresolvable, make a note of it via syslog and skip
that individual host instead of skipping the entire line.
PR: 1981, 815
Perused by: joerg
file based on the previous list of directories stored there which
should overcome a weakness of the '-m' switch which can only add
libs. This is an ideal way of updating the hints list after adding
or removing a shlib since it will remove entries that are gone and
doesn't need to have all the directories spelled out each time.
(eg: rm -f /usr/lib/libtcl75*; ldconfig -R) This only works for
version 2 hints files (which we've been generating for a year or
so) which store the path.
fixed. Natd now waits with select(2) for buffer space
to become available if write fails.
- Packet aliasing library upgraded to 2.2.
Submitted by: Ari Suutari <suutari@iki.fi>
non-directory file with more than one link to it, but in a level M > N
dump, the file with the inode number X is a plain file, "restore", when
restoring the level M dump, won't remove all the hard links to the old
file.
Submitted by: guy@netapp.com (Guy Harris)
accommodate the expanded name, the ICMP types bitmap has been
reduced from 256 bits to 32.
A recompile of kernel and user level ipfw is required.
To be merged into 2.2 after a brief period in -current.
PR: bin/4209
Reviewed by: Archie Cobbs <archie@whistle.com>
This isn't necessarily the best statistic, but it is by far the easiest to
calculate. Update the man page to be more explicit about precisely which
statistics are printed out. Revert some of jmg's bogus man page changes from
rev 1.11.
The answer is not really, but almost.
it sent data that was ok, though it was a hack,
but it was bug-compatible with the kernel on receiving them. This also
had been fixed with a hack.. I hacked it better I think.
to do with netmasks.. we fed totally bogus data into the kernel
to do with default routes and it just believed us. this led to:
1/ kernel panics
2/ the default route refusing to be deleted or added
(depending on a number of factors, usually it worked ok.)
better hack in ffs_vfsops.c. The hack here restricted the maximum file
size to 2^39 bytes (512GB). fs_bsize * 2^31 - 1 (16TB for the default
blocksize of 8K) would have been better. There is no good way to remove
this limit on old BSD4.4 file systems.
unreachable hosts. Note that most of this consists of telling SIGINT
and SIGALRM to interrupt the system call, instead of restarting them.
Also try to get rid of some potential races Bruce didn't like; hopefully
they aren't a problem (potential or otherwise) now.
Reviewed by: julian
this is a NO-NO
re-arange to just set a "please die immediatly" flag in the signal handler
and handle this in the normal thread.
also handle ping -f better on slow links by backing off a bit when
we get a ENOBUFFS from the sendto().
to the session list. If the device comes back as unconfigured, just
ignore that line in /etc/ttys. If someone HUP's init, we'll try again.
This change stops getty's from hanging on vty and sio ports that don't
exist, either due to LKM drivers not being loaded, or probes failing.
Reviewed by: bde
This makes configuration of mfs /tmp on diskless clients more intuitive
for people like me, that have used this feature on NetBSD and SunOS.
Using the -T option and /dev/null, while already supported,
is neither intuitive nor documented in the handbook.
Obtained from: NetBSD
- use new getvfsbyname() interface.
- new -A option, like -a except only mounted file systems are unmounted.
All non-cosmetic FreeBSD changes in umount.c, except ignoring of
realpath() failures, went away because they are done better in Lite2.
realpath() failures must be ignored so that non-pathnames like
"<above>:/foo" and "host:/bar" get as far as mount(2).
Reviewed by: dfr
Any existing config files (using the -f option) will need
to be changed although using the old files will usually result
in an error (partition 0 is invalid).
these are quite extensive additions to the ipfw code.
they include a change to the API because the old method was
broken, but the user view is kept the same.
The new code allows a particular match to skip forward to a particular
line number, so that blocks of rules can be
used without checking all the intervening rules.
There are also many more ways of rejecting
connections especially TCP related, and
many many more ...
see the man page for a complete description.
place rather than updating the main loop's index variables from within
a subroutine and other revolting things like that. Move some more
globals into local variables.
program and it's use of global variables. Somehow, I managed to miss the
most obvious case.. "ifconfig ed0 10.0.0.1" failed (no "inet")
Submitted by: dfr
family inet if not specified. (eg: "ifconfig ed0" down would fail because
no family was specified, even though the up/down status is not per family)
Pointed out by: Wolfgang Helbig <helbig@MX.BA-Stuttgart.De>
