Document better this file, updating the URL to the IANA registry and closely
match the official services.
For system ports (0 to 1023) we now try to follow the registry closely, noting
some historical differences where applicable.
For the User ports (1024 - 49151) we try to keep some sensible balance only
of services that are likely to be found on FreeBSD/UNIX systems. This attempts
to strike a balance between complexity and usefulness.
As a side effect: drop references to unofficial Kerberos IV which was EOL'ed
on Oct 2006[1]. While it is conceivable some people may still use it in some
very old FreeBSD machines that can't be replaced easily, the use of it is
considered a security risk. Also drop the unofficial netatalk, which we
supported long ago in the kernel but was dropped long ago.
[1] https://web.mit.edu/kerberos/krb4-end-of-life.html
MFC after: 3 weeks (likely to 12-stable only)
Differential Revision: https://reviews.freebsd.org/D23621
environ(7) was in AT&T Version 7
ac(8): Add a HISTORY section
sa(8): Add a HISTORY section
sqrt(3): Add the actual sqrt function to the HISTORY section
Obtained from: OpenBSD
Submitted by: gbergling@gmail.com
Approved by: bcr@(mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23693
ACPI Control Method Batteries have a _BIF and/or _BIX object which
provide static properties of the battery. FreeBSD acpi_cmbat module
supported _BIF object only, which was deprecated as of ACPI 4.0.
_BIX is an extended version of _BIF defined in ACPI 4.0 or later.
As of writing, _BIX has two revisions. One is in ACPI 4.0 (rev.0) and
another is in ACPI 6.0 (rev.1). It seems that hardware vendors still
stick to _BIF only or _BIX rev.0 + _BIF for the maximum compatibility.
Microsoft requires _BIX rev.0 for Windows machines, so there are some
laptop machines with _BIX rev.0 only. In this case, FreeBSD does not
recognize the battery information.
After this change, the acpi_cmbat module gets battery information from
_BIX or _BIF object and internally uses _BIX rev.1 data structure as
the primary information store in the kernel. ACPIIO_BATT_GET_BI[FX]
returns an acpi_bi[fx] structure built by using information obtained
from a _BIF or a _BIX object found on the system. The revision number
field can be used to check which field is available. The acpiconf(8)
utility will show additional information if _BIX is available.
Although ABIs of ACPIIO_BATT_* were changed, the existing APIs for
userland utilities are not changed and the backward-compatible ABIs
are provided. This means that older versions of acpiconf(8) can also
work with the new kernel. The (union acpi_battery_ioctl_arg) was
padded to 256 byte long to avoid another ABI change in the future.
A _BIX object with its revision number >1 will be treated as
compatible with the rev.1 _BIX format.
Reviewed by: takawata
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23728
"Oops" - ln(1) is fine and dandy, but when you're using DESTDIR...it's not-
the path will almost certainly be invalid once the root you've just
installed to is relocated, perhaps to /.
Switch to install(1) using `-l rs` to calculate the relative symlink between
the two, which should work just fine in all cases.
MFC after: 1 week
Some ids are redundand because the list_ecaps() function decodes them
by explicit switch case. But listing them all makes it easier to not
miss ecaps, while not changing the functionality.
Initial submission by: Dmitry Luhtionov <dmitryluhtionov@gmail.com>
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
services: Add PROFInet and EtherCAT.
Both are admitedly very niche features and no known users exist currently.
I am doing a further review/update of the services file (see D23621) and
both of these are not likely to be considered.
This patch cleans up the API between the net frontends (e1000,
virtio-net) and the net backends (tap and netmap).
We move the virtio-net header stripping/prepending to the
virtio-net code, where this functionality belongs.
In this way, the netbe_send() and netbe_recv() signatures
can have const struct iov * rather than struct iov *.
Reviewed by: grehan, bcr, aleksandr.fedorov@itglobal.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23342
For historical reasons the "remote magtape protocol module" rmt gets
invoked as /etc/rmt, which is a symlink to /usr/sbin/rmt. Put it in the
utilities package, as /usr/sbin/rmt is.
Sponsored by: The FreeBSD Foundation
The previous expression borked if a username had a plus or hyphen in it.
This is needlessly restrictive- at leSt a hyphen in the middle is valid.
Instead of playing this game, let's just assume the username can't contain a
colon and mask out the second field.
Submitted by: sigsys gmail com
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D23548
This command was only ever for sparc64, so remove it. Remove
usr.sbin/Makeiile.sparc64 as well since it only references ofwdump
(cross platform) and eeprom.
Reivewed by: cy@, bcr@
Differential Revision: https://reviews.freebsd.org/D23593
Now we default to setting the hardware clock to UTC
everywhere. sparc64 was the old odd-man out before.
Reivewed by: cy@, bcr@
Differential Revision: https://reviews.freebsd.org/D23593
vfork() is error-prone, and the usage here definitely grew to not be
clearly OK given vfork-semantics; e.g. setusercontext(3) within the child.
Rip out vfork() and the rest of the references to it. fork is heavier, but
it's unclear that the difference will be all that obvious.
Reported by: Andrew Gierth and sigsys@gmail.com
in the sysctl block for the driver. mpsutil/mprutil needs this so it can
know how big of a buffer to allocate when requesting the IOCFacts from the
controller. This eliminates the kernel console messages about wrong
allocation sizes.
Reported by: imp
- Mention bootconfig target in TARGETS section.
- Document PARTITIONS variable, which is only mentioned in the examples,
but doesn't have its own point.
Submitted by: arrowd@
Reviewed by: bcr
Approved by: bcr (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22927
The set_empty_value test has a cleanup function, but is not called.
Fix it
Reviewed by: 0mp
Approved by: kp
Differential Revision: https://reviews.freebsd.org/D23498
Prior to processing environment variable set in the crontab file as those
should be of higher precedent, pull in the user or login class environment.
This is another supporting feature for allowing one to configure system-wide
settings that may affect both regular cron jobs as well as services.
This is the final part of D21481.
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
As mentioned in r357562, this gives the user a single place to configure
environment variables that need to be used for various services -- the
"daemon" class -- for, e.g., configuring a system-wide HTTP proxy.
This is a part of D21481.
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
simple_httpd was granted a reprieve from the picobsd removal based on having
some reported user; it turns out this user isn't actually using the version
in base and merging their changes would be difficult at this point, so the
version in base will simply continue to rot. Retire it now, it may make a
comeback to ports with the improved version.
No notice issued because its current visibility has only been for ~3
months, and a notice has been previously issued about picobsd removal.
Fix the following -Werror warning from clang 10.0.0 in bsnmpd:
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c:1661:4: error: misleading indentation; statement is not part of the previous 'else' [-Werror,-Wmisleading-indentation]
return (-1);
^
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c:1658:5: note: previous statement is here
} else
^
The intent was to group the return statement with the previous syslog()
call.
MFC after: 3 days
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c:1661:4: error: misleading indentation; statement is not part of the previous 'else' [-Werror,-Wmisleading-indentation]
return (-1);
^
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c:1658:5: note: previous statement is here
} else
^
The intent was to group the return statement with the previous syslog()
call.
MFC after: 3 days
usr.sbin/bsnmpd/modules/snmp_bridge/bridge_port.c:1235:43: error: overlapping comparisons always evaluate to true [-Werror,-Wtautological-overlap-compare]
begemotBridgeStpPortEnable_enabled ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
Work around it by casting the enum values to the type of val->v.integer.
MFC after: 3 days
In this path, we used va_start() without pairing it with va_end(). Add the
va_end(). (va_start() without paired va_end() is undefined behavior per the C
standard.)
"In many implementations, [va_end] is a do-nothing operation; but those
implementations that need it probably need it badly." - Rationale for the ANSI
C Programming Language, § 4.8.1.3.
Reported by: Coverity
CID: 1340539
Includes commentary of when ZFS works well by default (>= 8GB RAM),
and where to go for information on ZFS tuning if required.
Also hoist the options text to the top of script as variables
(will help with future international translations).
Reviewed by: philip, dteske, karels, imp, emaste
Approved by: rgrimes
Differential Revision: https://reviews.freebsd.org/D23224
In order to do so we need to install the msdosfs headers to the bootstrap
sysroot and avoid includes of kernel headers that may not exist on every
host (e.g. sys/lockmgr.h). This change should allow bootstrapping of makefs
on FreeBSD 11+ as well as Linux and macOS.
We also have to avoid using the IO_SYNC macro since that may not be
available. In makefs it is only used to switch between calling
bwrite() and bdwrite() which both call the same function. Therefore we
can simply always call bwrite().
For our CheriBSD builds we always bootstrap makefs by setting
LOCAL_XTOOL_DIRS='lib/libnetbsd usr.sbin/makefs' and use the makefs binary
from the build tree to create a bootable disk image.
Reviewed By: brooks
Differential Revision: https://reviews.freebsd.org/D23201
Most of ntpd still handles MK_OPENSSL ok, but the libevent import brought
in the SSL bufferevent routines without checking MK_OPENSSL.
This doesn't completely fix WITHOUT_CRYPTO=YES building, but hey, it's one
less broken thing.
The build failure was discoved by Michael Dexter's recent Build Options
Survey run, at https://callfortesting.org/results/bos-2020-01-16/\
WITHOUT_WPA_SUPPLICANT_EAPOL-small.txt.
Reported by: Michael Dexter <editor@callfortesting.org> via emaste
MFC after: 2 weeks
This resulted in the partitioning step failing if either of the
"Auto (UFS)" or "Manual" options were selected.
Reason: partedit was attempting to open a directory (TMPDIR) read/write,
which resulted in errno(2) 21 - EISDIR - Is a directory.
Reported by: Clay Daniels <clay.daniels.jr@gmail.com>
Reviewed by: Ryan Moeller <ryan@freqlabs.com>
Approved by: emaste, bcran
Differential Revision: https://reviews.freebsd.org/D23232
When _a is empty we end up with an invalid invocation of pfctl, and no output.
We must add quotes to make it clear to pfctl that we're passing an empty anchor
name.
PR: 224415
Submitted by: sigsys AT gmail.com
MFC after: 2 weeks
Extended attribute values can potentially be quite large. One test for ZFS
is supposed to set a 200MB xattr. However, the buffer size for reading
values from stdin with setextattr -i is so small that the test times out
waiting for tiny chunks of data to be buffered and appended to an sbuf.
Increasing the buffer size should help alleviate some of the burden of
reallocating larger sbufs when writing large extended attributes.
Submitted by: Ryan Moeller <ryan@freqlabs.com>
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D23211
Use strlcpy to guarantee NUL termination. Due to this, there is
no need for strncmp; simply use strcmp.
Reported by: Coverity
CID: 1412242
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D23159
config.h as a guide. In practice contributed software maintains a copy
of config.h within its build directory tree containing its Makefile.
usr.sbin/unbound is the home for its config.h.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22983
GCC9 points out that devs may be used initialized after the bailout label;
in-fact, if num_io_opts != 2 then it is. Move the initialization up a little
bit.
Reviewed by: ken
MFC after: 3 days
If inetd is compiled without inet6 support, we need to error out on
rpc+inet6 services rather than attempting to call into rpc bits with an
uninitialized netid.
v4bind is only used with INET6 support, so move it under the proper #ifdefs
with v6bind.
Reported by: Pavel Timofeev <timp87 gmail com>
MFC after: 3 days
Add printf() wrapper to use CR/CRLF terminators depending on whether
stdio is mapped to a tty open in raw mode.
Try to use the wrapper everywhere.
For now we leave the custom DPRINTF/WPRINTF defined by device
models, but we may remove them in the future.
Reviewed by: grehan, jhb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22657
After increasing WARNS, building WITHOUT_TCP_WRAPPERS failed because of
some unused variables.
Reported by: Cirrus-CI (against my WIP branch)
MFC with: r356248
Sponsored by: The FreeBSD Foundation
command line option. Thanks to the removal of unnecessary information and
the organization into columns, this helps the output be more legible on
both 80 column displays and non-80 column displays. imp@ provided the
idea on this.
Highlights:
- Use MAX() for maxsock raising; small readability improvement IMO
- malloc(3) + memset(3) -> calloc(3) where appropriate
- stop casting the return value of malloc(3)
- mallloc(3) -> reallocarray(3) where appropriate
A future change may enter capability mode when forking for some of the
built-in handlers.
This change is purely in the name of noise reduction from static analyzers
that want to complain that bzero(3) is obsolete in favor of memset(3).
With this, clang-analyze at least is now noise free. WARNS= 6 also appears
to have been OK for some time now, so drop the current setting and opt for
the default.
Currently, child pids are only tracked if maxchildren is specified. As a
consequence, without a maxchild limit we do not get a notice in syslog on
children aborting abnormally. This turns out to be a great debugging aide at
times.
Children are now tracked in a LIST; the management interface is decidedly
less painful when there's no upper bound on the number of entries we may
have at the cost of one small allocation per connection.
PR: 70335
The main point here is capturing the maxchild > 0 check. A future change to
inetd will start tracking all of the child pids so that it can give proper
and consistent notification of process exit/signalling.
chargen_dg: clang-analyze is convinced that endring could be non-NULL at
entry, and thus wants to assume that rs == NULL. Just independently
initialize rs if it's NULL to appease the analyzer.
getconfigent: policy leaks on return
free_connlist: reorganize the loop to make it clear that we're not going to
access `conn` after it's been freed.
cpmip/hashval: left-shifts performed will result in UB as we take
signed 0xABC3D20F and left shift it by 5.
sep->se_policy gets a strdup'd version of policy, so we don't need it to
stick around afterwards.
While here, remove a couple of NULL checks prior to free(policy).
CID: 1006865
MFC after: 3 days
While the mailer is normally opened/set if the mailto is set, this is not
the case if the grandchild actually didn't produce any output. This change
corrects the situation to only attempt to kill/close the mail process if it
was actually opened in the first place.
The reporter initially stumbled on the -n (suppress mail on success) flag
leading to a SIGKILL of the process group, but simultaneously
discovered/reported the behavior with !-n jobs if MAILTO was set and no
output happened.
All of these places that are checking mailto should actually be checking
whether mail is set, so do that for consistency+correctness.
This set of bugs were introduced by r352668.
Submitted by: sigsys@gmail.com
Reported by: sigsys@gmail.com
This is based on DragonFly's implementation from about 2019-09-13. It
only contains the basic code and header information to identify the
disks.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D13369
exfat is fundamentally the same design as fat32. The superblock differs
marginally, and there are some additional optional features irrelevant to
fstype(8); the structure of dirents has changed slightly to enable, among
other things, larger files; the directory entries are no longer DOS 8.3
ASCII or local 8-bit encoding, but instead explicitly UCS-2-LE.
(As a result, this change uses iconv to convert a found exfat volume label
to the user's locale.)
Locating the volume label is identical to FAT32: locate the root directory
and walk through dirents until you find a volume label. Like FAT32, follow
the FAT chain between root directory clusters as necessary.
PR: 242225
Reported by: Victor Sudakov <vas AT sibptus.ru>
Update all the references to NFSv4.1, so that they apply to NFSv4.1 and
NFSv4.2. Also, change the MDS->DS mounts to use NFSv4.2, so that both
versions of the protocol can be used against the server with pNFS enabled.
This is a content change.
Include references to NFSv4.2 and Flexible File layout, plus clarify
when vfs.nfsd.flexlinuxhack needs to be set for Linux pNFS clients.
Also update the man page to reflect the addition of SpaceUsed to the
attributes stored in the extended attribute on the MDS (r354158).
This is a content change.
Include references to NFSv4.2 and associated RFCs.
Also clarify when a Linux client needs to set vfs.nfsd.flexlinuxhack if
a pNFS server is in use.
This is a content change.
Parse out the VSEC. If the user invokes a second -c command line option,
do a hex dump of the vendor data.
Reviewed by: imp
MFC after: 3 days
Sponsored by: Intel
Differential Revision: http://reviews.freebsd.org/D22808
- Allow the userland hypervisor to intercept breakpoint exceptions
(BP#) in the guest. A new capability (VM_CAP_BPT_EXIT) is used to
enable this feature. These exceptions are reported to userland via
a new VM_EXITCODE_BPT that includes the length of the original
breakpoint instruction. If userland wishes to pass the exception
through to the guest, it must be explicitly re-injected via
vm_inject_exception().
- Export VMCS_ENTRY_INST_LENGTH as a VM_REG_GUEST_ENTRY_INST_LENGTH
pseudo-register. Injecting a BP# on Intel requires setting this to
the length of the breakpoint instruction. AMD SVM currently ignores
writes to this register (but reports success) and fails to read it.
- Rework the per-vCPU state tracked by the debug server. Rather than
a single 'stepping_vcpu' global, add a structure for each vCPU that
tracks state about that vCPU ('stepping', 'stepped', and
'hit_swbreak'). A global 'stopped_vcpu' tracks which vCPU is
currently reporting an event. Event handlers for MTRAP and
breakpoint exits loop until the associated event is reported to the
debugger.
Breakpoint events are discarded if the breakpoint is not present
when a vCPU resumes in the breakpoint handler to retry submitting
the breakpoint event.
- Maintain a linked-list of active breakpoints in response to the GDB
'Z0' and 'z0' packets.
Reviewed by: markj (earlier version)
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D20309
The !USE_OPENSSL_CRYPTO_RAND path uses arc4random_buf() correctly.
In general, we should prefer to avoid things OpenSSL does poorly when a good
alternative exists in libc.
This doesn't appear to have some active upstream (and it's a steaming pile of
bad 90s crypto design). Rip out the completely horrible bits and leave the
only mildly less horrible bits. The whole thing should probably be deleted; to
the extent it purports to provide a security feature: it doesn't.
<sys.mk> defines ECHO=echo when not using make -s, and ECHO=true when using
make -s.
export ECHO for ntp products and use it in the mkver script to echo the
version. This suppresses the output as appropriate. ECHO is given a default
value to make sure things still work as expected for anyone that isn't
redefining ECHO.
Reviewed by: cy
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22101
VFs return zero for the memory enable bit even if it has been set by a
prior write. After r348779 this caused the annoying behavior that a
guest OS would unintentionally disable memory decoding on a future
read-modify-write operation on the command register. Instead, return
the shadow value of the command register for reads. This ensures that
the guest will only toggle the state of the memory enable bit when it
specifically intends to do so.
MFC after: 2 weeks
Sponsored by: Chelsio Communications
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22494
Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend
DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options
See share/mk/dirdeps-options.mk
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22469
Previously kbdmap had a localized menu heading ("Choose your keyboard
layout") but not the dialog title ("Keyboard Menu").
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
All Rights Reserved on same line as other copyright holders (but not
me). Other such holders are also listed last where it's clear.
