o Use obj->tlsinitsize to determine whether there's initialized data.
o If obj->tlssize > obj->tlsinitsize, then bzero uninitialized data.
o Don't exclude variant I from the work-around in free_tls_offset().
This makes it a little easier to figure out which application was
responsible for this log entry. Ideally we should add an ut_process or
something similar.
Suggested by: Vincent Poy <vincepoy gmail com>
Also perform a small cleanup to ftpd_logwtmp(). Just use a NULL
parameter for the username to indicate a logout, instead of an empty
string.
Reported by: Alexey Shuvaev <shuvaev physik uni-wuerzburg de>
The ttyslot() function was originally part for SUSv1, marked LEGACY in
SUSv2 and removed later on. This function only makes sense when using
utmp(5), because it was used to determine the offset of the record for
the controlling TTY. It makes little sense to keep it here, because the
new utmpx file format doesn't index based on TTY slots.
Unfortunately I have to partially wreck its functionality, though. ftpd
used to keep a file descriptor to the wtmp, which allowed it to work
from within a chroot. The current utmpx implementation doesn't offer a
way to do this. Maybe we can address this in the future, if it turns out
to be a real issue.
It seems comsat stats the utmpx database each 15 seconds to see whether
it has been changed. I am changing this behaviour to look at the utmpx
database upon processing. I don't want to allow direct interference with
the database files. I also wonder whether this optimization has any
measurable performance benefit nowadays.
- It shouldn't call logwtmp(). Applications like login(1) already make
sure both login and logout entries are written to the storage.
- There's no need to restore permissions on the pseudo-terminal, since
it should be garbage collected by the kernel.
Just like bin/ and sbin/, I think setting WARNS to the highest value
possible will make it more attractive for people to fix warnings.
- The WARNS variable is set in the Makefile in the directory of the
application itself, making it more likely that it will be removed out
of curiosity to see what happens.
- New applications will most likely build with WARNS=6 out of the box,
because the author would more likely fix the warnings during
development than lower WARNS.
Unfortunately almost all apps in libexec require a lowered value of
WARNS.
Because strings are now null-terminated, I've decided to just use an
array of utmpx structures, instead of the separated strings. This means
we just copy the entire utmpx structure and point to the strings within
the structures directly.
I increased the WARNS, but it looks like it breaks certain architectures
with more strict alignment requirements (mips, sparc64, ia64).
Pointy hat to: me
One of the things I really want to do, is to get rid of the limitations
of our current utmp(5) mechanism:
- It only allows 8 byte TTY device names.
- The hostname only allows 16 bytes of storage.
I'm not a big fan of <utmpx.h>, but I think we should at least try to
add parts of it. Unfortunately we cannot implement <utmpx.h>, because we
miss various fields, such as ut_id, ut_pid, etc. The API provided by
libulog shares some similarities with <utmpx.h>, so it shouldn't be too
hard to port these applications eventually. In most simple cases, it
should just be a matter of removing the ulog_ prefix everywhere.
As a bonus, it also implements a function called ulog_login_pseudo(),
which allows unprivileged applications to write log entries, provided
they have a valid file descriptor to a pseudo-terminal master device.
libulog will allow a smoother transition to a new file format by adding
a library interface to deal with utmp/wtmp/lastlog files. I initially
thought about adding the functionality to libutil, but because I'm not
planning on keeping this library around forever, we'd better keep it
separated.
Next items on the todo list:
1. Port applications in the base system (and ports) to libulog, instead
of letting them use <utmp.h>.
2. Remove <utmp.h>, implement <utmpx.h> and reimplement this library on
top.
3. Port as many applications as possible back to <utmpx.h>.
adjustment for all virtual addresses encoded into the ELF structures of
it. PIE binary could and should be loaded at non-zero mapbase.
For sym_zero pseudosymbol used as a return value from find_symdef()
for undefined weak symbols, st_value also should be adjusted, since
_rtld_bind corrects symbol values by relocbase.
Discussed with: bz
Reviewed by: kan
Tested by: bz (i386, amd64), bsam (linux)
MFC after: some time
ELF header from the front of the file. As all other I/O on the binary
is done using mmap(), this avoids the need for seek privileges on the
file descriptor during run-time linking.
MFC after: 1 month
Sponsored by: Google
it from the build.
If you are using the FTP daemon, please consider using the port ftp/tnftpd
which is the same FTP server, but newer and might have more/better
functionality.
This results in us providing only one ftp daemon by default.
Reviewed by: bz
Approved by: imp (mentor, implicit)
MFC after: 3 days
Silence from: obrien
is not equal to its memory size.
This eliminates unneeded clearing of the text segment that often
happens due to text end not being page-aligned.
For instance,
$ readelf -l /lib/libedit.so.6
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
LOAD 0x000000 0x00000000 0x00000000 0x139e1 0x139e1 R E 0x1000
LOAD 0x014000 0x00014000 0x00014000 0x00f04 0x00f14 RW 0x1000
DYNAMIC 0x014cc4 0x00014cc4 0x00014cc4 0x000d0 0x000d0 RW 0x4
$ procstat -v $$ (for /bin/sh)
68585 0x28097000 0x280aa000 r-x 6 0 21 14 CN vn /lib/libedit.so.6
68585 0x280aa000 0x280ab000 r-x 1 0 1 0 CN vn /lib/libedit.so.6 <==
68585 0x280ab000 0x280ac000 rwx 1 0 1 0 CN vn /lib/libedit.so.6
Note the splitted map entry marked by '<=='.
Reviewed by: kan
Approved by: re (kensmith)
MFC after: 1 month
compiled with stack protector.
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC
generates local calls to this function which result in absolute
relocations put into position-independent code segment, making dynamic
loader do extra work every time given shared library is being relocated
and making affected text pages non-shareable.
Reviewed by: kib
Approved by: re (kib)
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC generates
local calls to this function which result in absolute relocations put into
position-independent code segment, making dynamic loader do extra work everys
time given shared library is being relocated and making affected text pages
non-shareable.
Reviewed by: kib
Approved by: re (kensmith)
altered through their .init code. This might happen if init
vector calls dlopen on its own and that dlopen causes some not
yet initialized object to be initialized earlier as part of that
dlopened DAG.
Do not reset module reference counts to zero on final fini vector
run when process is exiting. Just add an additional parameter to
force fini vector invocation regardless of current reference count
value if object was not destructed yet. This allows dlclose called
from fini vector to proceed normally instead of failing with handle
validation error.
Reviewed by: kib
Reported by: venki kaps
dlsym seaches using this handle are expected to look for symbol
definitions in all objects loaded at the program start time along
with all objects currently in RTLD_GLOBAL scope.
Discussed with: kib
Reported by: Maho NAKATA
MFC after: 2 weeks