Prevent ALL protocol from being used with port specifications.
Allow 'via' keyword at any point in the options list. Disallow
multiple 'via' specifications.
of /0 to have the desired effect. Normalize IP addresses that
won't match a given mask (i.e. 1.2.3.4/24 becomes 1.2.3.0/24).
Submitted by R. Bezuidenhout <rbezuide@mikom.csir.co.za>
Code formatting and "frag" display fixes.
if statements, #if 0 some unused code, use off_t in calls to read/
write_disk, fix a printf format, remove unused variables, and
#include necessary files.
disklabel(8) to the kernel (dsopen()). Drivers should initialize the
hardware values (rpm, interleave, skews). Drivers currently don't do
this, but it usually doesn't matter since rotational position stuff is
normally disabled.
- Filter based on ICMP types.
- Accept interface wildcards (e.g. ppp*).
- Resolve service names with the -N option.
- Accept host names in 'from' and 'to' specifications
- Display chain entry time stamps with the -t option.
- Added URG to tcpflags.
- Print usage if an unknown tcpflag is used.
- Ability to zero individual accounting entries.
- Clarify usage of port ranges.
- Misc code cleanup.
Closes PRs: 1193, 1220, and 1266.
This covers the security problem descibed in SA-96:10 and Jeff says that
when we upgrade to Lite2 (which fixes this problem), mount no longer needs
to be setuid, so we'll never be going back.
Submitted by: hsu
Reviewed by: pst
mount_* programs. While we're at it, collapse the four now-identical
mount programs for devfs, fdesc, kernfs, and procfs into links to
a new mount_std(8) which can mount any really generic filesystem
such as these when called with the appropriate argv[0].
Also, convert the mount programs to use sysexits.h.
Subject: Fix for annoying fsck bug
Date: Wed, 24 Jan 1996 13:33:29 -0700 (MST)
The following small diff fixes the annoying fsck bug that causes it to
need to be run twice to end up with correct reference counts for inodes
for directories that had subdirectories relocated into the lost+found
directory.
I found the need to rerun *extremely* annoying. This fix causes the
count to be correctly adjusted later in pass 4 by correctly stating
the parent reference count.
Note that the parent reference count is incremented when the directory
entry is made (for ".."), but is not really there in the case of a
directory that does not make an entry in its parent dir.
This can be tested by waiting for the inode sync after cd'ing from a
shell into a test fs. Then you "mkdir xxx yyy zzz", wait a second,
and hit the machine reset button.
Reviewed by: nate (Tested lots of crashes :)
Submitted by: Terry Lambert <terry@lambert.org>
to int32_t. I only fixed the ones that I noticed the warnings for.
Perhaps most of the format strings are correct now because they were
wrong before. Except of course if int32_t isn't compatible with `int'.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
discussionn when they were initially added some time ago.
These programs are not needed before nfs is up and running to possibly
mount /usr so they dont need to be static and on the root fs.
- Use rpcgen to generate the unmodified boilerplate code rather than
having it in the repository.
- Eliminate the conflicting function names by changing them to their
"natural" rpcgen generated names
found when the user specifies "mount -t type". Instead of printing
out one message for each path element (/sbin, /usr/sbin), it prints
out:
mount: exec mount_type not found in /sbin, /usr/sbin: No such file or directory
The code is quite long for such a stupid little piece of aesthesism
but it is very straghtforward so I guess it's ok. Besides, I don't
want to do a "char foo[100];" and have malloc break down when someone
decides to add a few more paths to a variable that's far apart from
this code. :)
By the way, there is no malloc() off-by-one error for the '\0' at the
end of the string although I don't explicitly add 1 to the length.
The code allocates strlen(path element)+2 bytes for each path element,
and doesn't use the last two bytes (for the delimiting ", ").
Reviewed by: the list (I hope)
device file and the mount point. This prevents the "unexpected recursive
lock" panic from happening.
This is a temporary fix. A kernel fix would be much much more ugly than
this, and still wouldn't be the "right" way to fix it. After some
of Terry's file system rework is installed, it will be possible to
properly fix this problem in a clean manner. Until then,
this change should prevent use from getting a problem report
on this every month or so (and I just noticed that someone in
one of the freebsd news groups was complaining about this problem, too).
spit out two error lines for a bogus filesystem type, e.g:
root@time-> mount -t foo /dev/sd0a /mnt
mount: exec /sbin/mount_foo for /mnt: No such file or directory
mount: exec /usr/sbin/mount_foo for /mnt: No such file or directory
But I would submit that if you're even going to scan multiple directories
for a mount_foo (which I actually think is somewhat bogus - if it's not
in /sbin, you're probably in big trouble anyway), you should emit an error
for each one. I got multiple complaints (in addition to the PR) that the
existing behavior was very confusing.
This solves the problem of being unable to use shared libraries with dots
in their names before the ".so.<version>" code.
This should be brought into -stable.
There are more changes from Paul that look like they should be included,
but they change the format of the hints file, so I'm not going to bring them
in now (but we should in the future).
Obtained from: pk@netbsd.org
and an unknown uid/gid is found in the file system. This is useful
if you wind up with a file in your file system that has a uid
that is extremely large, since quotacheck will wind up running
a very very long time due to it not handling large gaps in uids
very well (this is a problem that should be addressed some day).
Update the man page to reflect that fact the the -v flag now prints
some additional diagnostic messages.
stub lockd.
This implements just the protocol, but does not interact with the kernel.
It says "Yes!" to all requests. This is useful if you have people using
tools that do locking for no reason (eg: some PC NFS systems running some
Microsoft products) and will happily report they couldn't lock the file
and merrily proceed anyway. Running this will not change the reliability of
sharing files, it'll just keep it out of everybody's face.
Corrected some bogus cross references to man pages that we don't/won't
have and either deleted them, or found a more appropriate man page
that we do have. Various other minor changes to silence manck.
Manck is currently down to about 200 lines of errors, down from
the 500 - 600+ when I started all this.
required information from the driver, and produce a virgin disklabel
for it. The latter might be further edited with `disklabel -e' to
satisfy the user's need.
The magic sequence is:
disklabel -r -w sdX auto
disklabel -e sdX
left to do (e.g. it doesn't yet run on systems with aliased addresses)
but this should work for simple configurations.
I don't plan to enable the rdisc directory in the sbin/ makefile until
I get feedback on this and add the missing features, so please, if you
have routers that perform router discovery, or if your FreeBSD box is
itself a router, give this a try.
I discovered that when asking for the IFLIST via sysctl(), if you
specify only AF_INET address, it actually gives you only AF_INET..
(suprise, suprise..!)
Now, it should "do the right thing" in just about all cases... The only
problem, is that "the right thing" isn't exactly clear in all cases.
ifconfig would segfault on "ifconfig ed0 ether up" and the like).
The main reason for this commit was that an "ifconfig -a" would also show
the AF_INET addresses in AF_IPX form (if the kernel was configured for IPX)
due to insufficient AF checking in my "new way" of doing it.
and the ethernet address for non-root users.
I apologise to the world for propagating the ugliness of some of the code
constructs within ifconfig... Fixing them would just abou mean rewriting
most of the function call interfaces, something I didn't have the stomach
for. :-)
LKM loading if it was not configured into the system.
Note that the LKM for MFS is not enabled by default, but I got it working on
my machine.. I'll see what I did..
the argv array, causing parts of the argv[0] to be picked up several times
by libkvm, causing strange ps results for the nfs-server and nfs-master
processes.. :-]
(How many copies of setproctitle() do we need anyway? NetBSD has it in
libc and BSDI have it in libutil.)
actually retrieves all the information no matter how many interfaces
there are. (Probably there are other utilities which need similar
modification.)
Submitted by: Andrew Webster <awebster@dataradio.com>
changes and one addition by me.
. Use reasonable defaults for the tape drive (/dev/rst0) instead of
something we actually don't have.
. Add a summary line displaying the alapsed time and the total throughput.
. Replace "rmt" for the remote location of rmt(8) by "/etc/rmt", since this
is the historical protocol, and relying on the $PATH causes a big pain.
Make it adjustable via an environmental variable though.
Reviewed by: joerg (for Andreas' part)
Submitted by: andreas@knobel.gun.de (Andreas Klemm)
1: generate the outfile in /tmp if it's not specified explicitly.
2: if the outfile was implicitly placed in /tmp, automatically remove it.
This means that you can type: modload /lkm/ipfw_mod.o and it'll work, it
wont try and write to /lkm, and it wont leave the (normally) useless
symbol file.
This should not interfere with things like ibcs2 and atapi, which
export some symbols from one LKM to the other by leaving the symbol file.
of the recent changes to bsd.kmod.mk, which enforces that the entry
point be <modname>_mod, unless overridden.
This means that when modloading "/lkm/foo_mod.o", it'll use "foo_mod"
as the default entry point (instead of xxxinit) unless you specify
another via the -e option.
patches to merge the two IPX packages to work with each other and to
not break make-world :)
IPXrouted should be working now, (or at least compiling) :)
Submitted by: Mike Mitchell, supervisor@alb.asctmd.com
This is a bulk mport of Mike's IPX/SPX protocol stacks and all the
related gunf that goes with it..
it is not guaranteed to work 100% correctly at this time
but as we had several people trying to work on it
I figured it would be better to get it checked in so
they could all get teh same thing to work on..
Mikes been using it for a year or so
but on 2.0
more changes and stuff will be merged in from other developers now that this is in.
Mike Mitchell, Network Engineer
AMTECH Systems Corporation, Technology and Manufacturing
8600 Jefferson Street, Albuquerque, New Mexico 87113 (505) 856-8000
supervisor@alb.asctmd.com
Make a link from boot_${ARCH}.8 to boot.8, so people will get what
they expect when asking "man boot".
I think David will lynch me when i'm requesting this to go into 2.1... :-)
to return ECHILD, which causes the while loop to run forever.
(eg: when accidently running nfsiod on a slow system with a kernel
without NFS support...)
Obtained from: NetBSD; Frank van den Linden <frank@struis.fwi.uva.nl>
current unit number, and the "new" unit number of -1. This allows the
script to actually deconfigure the SLIP interface (e.g. by running
"ifconfig delete") which has been impossible previously.
This is most likely a candidate for 2.1, too.
slattach always exited early because fd is not open in acquire_line().
Other (trivial) changes that I've been neglecting for some time:
- Turn off O_NONBLOCK so that `chat' doesn't need to worry about it
(`chat' actually does worry about it).
- Really set speeds POSIXly :-). cfsetspeed() isn't POSIX.
- Fix spelling error in comment.
- Gripe about bad programming of doing everything from signal handlers.
slattach should be written to do everything from the sigsuspend() loop,
but I don't want to do it :-).
From me:
Use .PATH to find uucplock.c
Submitted by: bde
-K #: set SLIP keepalive timeout
-O #: set SLIP outfil timeout
-U #: set SLIP unit number
sighup handler now sets tty disc for non-redial case too.
Implement SIGURG handling (from keepalive).
POSIXing speed settings.
-K: set keepalive SLIP timeout
-O: set outfill SLIP timeout
Handle SIGURG from keepalive like SIGHUP now, i.e. reconnect.
Back out background scription change, cause some synchro problems.
Now works with dialin devices too.
Add new option in slattach style -l: dont use modem control.
Add new option -W: specify max number of dial tries for one phone.
Remove -p option, this ugly hack not needed.
Fix script timeout expires.
Some code cleanups.
Add -t to specify login script timeout.
Add -w to specify retry wait time.
Describe -p option.
Now understand several -s sections (for several host phone numbers).
Remove -F sw (software flow control), it is impossible with slip.
Change -F hw (hardware flow control) option to -h as in slattach,
we don't need option with argument for only one case.
Call downscript on SIGTERM.
Improve debug diagnostic.
Allow startslip work with several slip lines without killing each other.
Unlink pid file on exit.
Skip \r and \0 in login script parsing instead making them \n.
Use absolute path to default script (/sbin/ifconfig).
Call up/down script in background to prevent hang on them.
understand why it can become a null pointer under some circumstances,
but i've got a pile of tapes where this happens, and running it thru a
debugger proved that simply ending the loop in this case did the right
thing.
Anyway, it cannot make it worse than now, where restore kills itself
with "Memory fault".
/dev/rfoo0d.
Scan a list of devices instead of insisting on all the world
being wd0.
Allow for disk names to be specified (e.g. `sd0') instead of full
path names only.
Sync the man page with the reality.
from not coming up multiuser just because you have a CD mount in fstab
but no CD in the drive.
Submitted by: "Full Name Not Supplied" <simon@masi.ibp.fr>
- getnetgrent.c: address some NIS compatibility problems. We really need
to use the netgroup.byuser and netgroup.byhost maps to speed up innetgr()
when using NIS. Also, change the NIS interaction in the following way:
If /etc/netgroup does not exist or is empty (or contains only the
NIS '+' token), we now use NIS exclusively. This lets us use the
'reverse netgroup' maps and is more or less the behavior of other
platforms.
If /etc/netgroup exists and contains local netgroup data (but no '+').
we use only lthe local stuff and ignore NIS.
If /etc/netgroup exists and contains both local data and the '+',
we use the local data nd the netgroup map as a single combined
database (which, unfortunately, can be slow when the netgroup
database is large). This is what we have been doing up until now.
Head off a potential NULL pointer dereference in the old innetgr()
matching code.
Also fix the way the NIS netgroup map is incorporated into things:
adding the '+' is supposed to make it seem as though the netgroup
database is 'inserted' wherever the '+' is placed. We didn't quite
do it that way before.
(The NetBSD people apparently use a real, honest-to-gosh, netgroup.db
database that works just like the password database. This is
actually a neat idea since netgroups is the sort of thing that
can really benefit from having multi-key search capability,
particularly since reverse lookups require more than a trivial
amount of processing. Should we do something like this too?)
- netgroup.5: document all this stuff.
- rcmd.c: some sleuthing with some test programs linked with my own
version of innetgr() has revealed that SunOS always passes the NIS
domain name to innetgr() in the 'domain' argument. We might as well
do the same (if YP is defined).
- ether_addr.c: also fix the NIS interaction so that placing the
'+' token in the /etc/ethers file makes it seem like the NIS
ethers data is 'inserted' at that point. (Chances are nobody will
notice the effect of this change, which is just te way I like it. :)
1024 that used to remain on a line of its own after savecore completed
its job will be overwritten later in the /etc/rc process.
Reviewed by:
Submitted by: graichen@sirius.physik.fu-berlin.de (Thomas Graichen)
Obtained from:
fclosed twice and this didn't seem to cause any problems, but when
/var/crash was on an an unwritable nfs-mounted partition, fclose(NULL)
caused a core dump.
The version 2 support has been tested (client+server) against FreeBSD-2.0,
IRIX 5.3 and FreeBSD-current (using a loopback mount). The version 2 support
is stable AFAIK.
The version 3 support has been tested with a loopback mount and minimally
against an IRIX 5.3 server. It needs more testing and may have problems.
I have patched amd to support the new variable length filehandles although
it will still only use version 2 of the protocol.
Before booting a kernel with these changes, nfs clients will need to at least
build and install /usr/sbin/mount_nfs. Servers will need to build and
install /usr/sbin/mountd.
NFS diskless support is untested.
Obtained from: Rick Macklem <rick@snowhite.cis.uoguelph.ca>
parameters are. You can use dumpfs, but that's not obvious which settings
are tuneable, and is far from clear to the non-guru (it's like using a
hexdump of a tar archive to get a table-of-contents).
There is also an undocumented option in the man page that can be dangerous.
Suppose your disk driver decides to scramble all writes while you tell
tunefs to update all backup superblocks.
This suggested change adds a '-p' (print) switch to bring it in
line with some SVR4 systems.
(Slightly changed by me, mostly for optics. - joerg)
Submitted by: peter@haywire.dialix.com
claims multiple times to have failed. The problem is a off_t is
converted into a int and checked for a negative. A true lseek check
should be checking if the off_t is equal to -1 for failure.
(Suggested fix from PR #bin/461)
Submitted by: mark tinguely <tinguely@opus.cs.ndsu.NoDak.edu>
now safely add a line like
ldconfig -m ${PREFIX}/lib
in ports' Makefiles and packing lists without throwing away some
directories the user may have added.
Submitted by: Mostly by Paul Kranenburg <pk@cs.few.eur.nl>
quotacheck -a will fail after the first partition (because
dev_bsize is 512 and is messes up the superblock read of the second
partition)
Submitted by: dillon@best.com (Mattew Dillon)
when the single user shell was terminated. These changes disallow mounting
or R/W upgrading filesystems that are dirty unless "-f" (force) option
is used with mount. /etc/rc has been modified to abort the startup if
one or more non-nfs partitions fail to mount.
Reviewed by: Poul-Henning Kamp, Rod Grimes
- in mount_portal.c: included catching of SIGHUP to get portald to
re-read the config file.
- in mount_portal.c: in SIGCHLD handler the return values checked from
waitpid were wrong. Note. this routine was written correclty according
to the manual page for 4.4BSD, but waitpid does not exhibit this
behaviour. It is not returning 0 when WNOHANG is specified. I havent
checked this properly.
- in mount_portal.c: initialized the fdset for the select properly.
- in mount_portal.c: corrected poor casting in the select.
- in mount_portal.c: changed a break; to exit (0); so that the
children die after doing the hard work, this stops the select: bad
file descriptor messages.
- in pt_file.c: the kernel passes kernel style open flags to the
portal code which aren't compatible with "normal" O_ flags. I have
adjusted these in pt_file.c. In general I think the portal fs code
and portal_cred structure need changing to pass to the portald
the right style of flags _and_ the permissions.
- in pt_tcp.c: a few mistakes in typing of the socket structures,
getservbyname returns the port number as an int but sockaddr wants
the port number as an u_short.
- in pt_tcp.c: someone wrote this on a VAX/Sun whatever and forget
about byte ordering!! I've included a few htons about the place.
- in all the above I have sprinkled a few more debugging printf's.
Submitted by: "Duncan McL Barclay" <dmlb@ohm.york.ac.uk
in a couple of cases, and it doesn't do much anyway. It used to save only
the newfs params (block/frag/cgroup.. and nothing more. Something that
don't belong in a disklabel in the first place.