so that we're more useful in multi-user mode. This is still not
100%, but it pulls in a lot more than it used to. Some of the "composite"
variables in /etc/sysconfig are going to take more work.
o Always write /etc/resolv.conf and /etc/hosts if it makes sense to do
so.
o Reset media properly when reselecting. Longstanding bogon.
o Pull SIGPIPE handling out of package.c; I'm actually hoping to handle
this differently shortly.
o Fix bug where cancel in TCP setup dialog still checked data fields.
I think this closes a PR, but I will have to go look.
- servers should be the first target listed in 'all:' in order for slave
servers to be updated correctly: yppush reads the ypservers map to figure
out where all the slaves are, so it needs to be loaded onto the master
ASAP.
- Fixed small bogon in publickey target which nobody has noticed since
we're not using the publickey.byname map yet.
Rev 1.4 deraadt: (partial from full commit, other files not done yet)
proactive bounds checking; help from millert
Rev 1.5 millert:
Possible buf oflow.
Plus minor style nits to keep the style police happy (I hope)
Obtained from: OpenBSD
server to bind to. This works until you send it a SIGHUP with a
new service defined ... the new service is bound to INADDR_ANY.
This patch fixes this bug (in both RELENG_2_2 and -current).
This is a 2.2 candidate..(i.e. pure bug fix)
Submitted by: Archie Cobbs (archie@whistle.com)
at the time, but on further reflection..." bucket with these changes.
1. Checking the media before frobbing the disks was a fine idea, and
I wish it could have worked, but that leads to a rather difficult
situation when you need to mount the media someplace and you're about
to:
a) Chroot away from your present root.
b) Newfs the root to be.
You're basically screwed since there's no place to stick the mount
point where it will be found following the newfs/chroot (and eliminating
the chroot in favor of just using the "root bias" feature would work
great for the distributions but not the pkg_add calls done by the
package installer).
2. Automatic timeout handling. I don't know why, but alarm() frequently
returns no residual even when the alarm didn't go off, which defies
the man page but hey, since when was that so unusual? Take out timeouts
but retain the code which temporarily replaces the SIGINT handler in
favor of a more media-specific handler. This way, at least, if it's hanging
you can at least whap it. I think the timeout code would have been losing
over *really slow* links anyway, so it's probably best that it go.
This should fix NFS, tape & CDROM installs again (serves me right for getting
complacent and using just the FTP installs in my testing).
more consistant in our use of the terms for differentiation between PC
partitions and traditional BSD partitions.
Submitted-By: obrien@cs.ucdavis.edu (David O'Brien)
section was a good thing, since it made it possible to detect media problems
*before* the installation started, but it also caused various things to
be mounted BEFORE the chroot() call, which definitely messes things up.
Fix this by detecting the pre-chroot() case and mounting into a subdir.
This will probably need to go away again someday when distributions get
folded into packages and there are no more dist files to check, but knowing
how long we've been waiting on THAT, this will be a welcome tool for the
interim.
Submitted by: Robert Nordier <rnordier@iafrica.com>
We could also make this stuff only come out when getpid() != 1
and thus avoid the install case (where it really is just too verbose,
and people have complained), but this seems less messy and no one
complained when tzsetup didn't print the final "things went fine!"
messages (which sort of contravene the UNIX spirit of only yelling
when you need to anyway).
Use setusercontext() rather than setuid()/setgid()/setlogin()/initgroups()
which is all handled. Login environment is NOT set by this call as crontab
provides its own means of doing so.
yp_next_record() is called without a key (from xdr_my_ypresp_all()),
in which case it returns the first key in the map. When doing this,
it also needs to update the key index in the map queue entry. Without
this, ypproc_all_2_svc() (and hence ypcat) don't work correctly.
Noticed by: Michael L. Hench <hench@watt.cae.uwm.edu>
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
going into SLIP mode, useful for scripts that can automatically
grok IP addresses ala Trumpet Winsock.
Closes PR#2293
Submitted-By: andrew@fortress.org
bogus path and FTP I/O errors much earlier, offer retry possibilities
at steps along the way so you don't have to resume from the very beginning
again on a hard error.
1. Bus mouse selection didn't show up properly in mouse menu.
2. U&G management screen didn't respect cancel properly.
3. Novice not prompted to add users or set root password during installation.
4. Username length changes screw up user management form.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
terminate(). This makes doubly sure we don't trip the SIGTERM handler
in a child process. Suggested by: phk.
- It's int main(argc, argv), not void main(argc, argv), gosh darn it.
- If a child receives a SIGTERM, it will call the terminate() function
and end up doing the shutdown procedurs that should really only be
done by the parent. Set the SIGTERM behavior back to SIG_DLT in the
child after fork()ing.
- If the parent fails to read data back from the child because the
child has exited, it will call rpc_received() with bogus tdata that
can cause the parent to SEGV. Make handle_children() detect this
condition correctly and handle it sanely.
*sigh* Another 2.2 candidate.
This has the effect of making every link a "passthrough" which means the
TCP or UDP port won't be freed after link deletion -- so there could be
eventual port exhaustion if the program were allowed to operate long
enough.
Submitted by: Charles Mott <cmott@srv.net>
to be used to expand things beyond the size of the buffer passed in. Also
do a general cleanup of sprintf -> snprintf as well as strcpy and strncat
safety. Also expand some buffers to allow for the largest possible data
that might be used.
This is a 2.2 candidate. However, it needs to be vetted on -current
since little testing has been done on this due to my lack of PPP on
this machine.
Reviewed by: Jordan Hubbard, Peter Wemm, Guido van Rooij
- Fail YPPROC_ALL requests when we hit the child process limit. This
is a little harsh, but it helps prevent the parent from blocking
and causing other requests to time out.
yp_dnslookup.c:
- Check for duplicate RPC transaction IDs that indicate duplicate
requests sent due to RPC retransmissions. We don't want to send
a second DNS request for the same data while an existing request
is in progress.
- Fix small formatting bogon in snprintf() in yp_async_lookup_addr().
Use consistent spelling throughout.
Remove unmount in fixit_common() since that's bogus in the CDROM case and
properly "shut down" the media device instead.
- Try to have all output go through the routines in util.c [logerr(),
log_1s(), die()]
- Add *some* code in util.c to allow pccardd to run out of sysinstall.
Submitted by: Mostly me, but some by Tatsumi Hosokawa <hosokawa@jp.FreeBSD.org>
Disable saving of SCSI device parameters in userconfig saving in hopes
of working around a reported problem in the no-device case; there's no
point in saving this information here anyway.
2nd patch submitted-by: "Eric L. Hernes" <erich@lodgenet.com>
bug in syslogd which causes it to die after random amounts of time (widely
reported), this at least allows the administrator to easily restart it
without wondering why it simply exits again each time.
if wrong version.
2. Make sure network device is initialized in ftpInit
3. Eliminate bogus size values in the menus. For now, we'll have to admit
that nobody's added it up yet. In the future, these menus should be
build dynamically anyway, not declared static.
4. Add more debugging to networking code to chase the mystery ppp device
problem.
assume that the timeval will be preserved. As the man page says:
".. it is unwise to assume that the timeout value will be unmodified
by the select() call." This happens on Linux and on my system at least.
useradd -m or useradd -D -b are used.
2) Hyphen allowed in username if not first character. Fix trivial
bug in error fmt string.
3) /etc/skeykeys updating changed to do 'inplace' update, commenting
out a username rather than removing it completely.
into /etc during the sendmail build. Not for the feint hearted.
(I have been using something like this for some time since I only ever
edit my system's .mc file)
able to be exploited, or might not. However, it is better to be safe
than sorry.
Definitely a 2.2 fix, and a -stable if there is someone to commit it.
Reviewed by: Jordan Hubbard <jkh@freebsd.org>
Submitted by: Marc Slemko
- yp_main.c: Always add the resolver socket to the set of fds
monitored by select(). It can happen that pending == 0 but we
still have some data in the socket buffer from an old query.
This way, the data will be flushed in a timely manner.
- yp_extern.h: remove proto for yp_dns_pending() since we don't need
it anynmore.
- yp_server.c: call yp_async_lookup_name()/yp_async_lookup_addr()
functions with the svc_req pointer as an arg instead of the xprt.
(The svc_req struct includes a pointer to the transport handle,
and it also has the service version number which the async DNS
code will need. (see below))
- yp_dnslookup.c:
o Nuke yp_dns_pending() since we don't need it anymore.
o In yp_run_dnsq(), swallow up and ignore replies if no requests
are pending or the ID doesn't match any of the IDs in the queue.
o In yp_send_dns_reply(), we assume that we will always be
replying to an NIS v2 client. While this will probably always
be the case, we do support the v1 'match' procedure, and it
has a different result struct than v2. For completeness,
support replying to both NIS v1 and v2 clients.
o Update the queue entry structure to include a member to
keep track of the NIS version number.
o Have yp_async_lookup_name/addr() extract the version number
from the svc_req structure and save it with the queue entry
for yp_send_dns_reply() to inspect later.
o Add some comments.
- Don't dereference a NULL hostent pointer (if T_PTR lookup fails).
- Today I asked myself: "Self, you wrote this nifty async resolver
that does a great job handling delayed replies to clients using
the UDP transport, and the yplib code in libc always uses UDP
(except for yp_all()). But what if some dork makes a DNS lookup using
TCP?" Being the only dork on hand at the time, I tried it and was
enlightened. As I suspected, my transaction ID frobbing hacks cause
fireworks if called on a TCP transport handle (duh: the structures
are different). Fix: check the type of socket in xprt->xp_sock using
getsockopt() and don't use svcudp_get_xid() and svcudp_set_xid() for
anything except SOCK_DGRAM sockets. (Since accept() gives you a
new socket for each connection, the transaction ID munging isn't
needed for TCP anyway.)
- yp_dblookup.c: Create non-DB specific database access functions.
Using these allows access to the underlying database functions without
needing explicit knowledge of Berkeley DB. (These are used only
when DB_CACHE is #defined. Other programs that use the non-caching
functions (yp_mkdb, ypxfr, yppush, rpc.yppasswdd) shouldn't notice
the difference.)
- yp_dnslookup: Implement async DNS lookups. We send our own DNS
requests using UDP and put the request in a queue. When the response
arrives, we use the ID in the header to find the corresponsing queue
entry and then send the response to the client. We can go about our
business and handle other YP requests in the meantime. This way, we
can deal with time consuming DNS requests without blocking and without
forking.
- yp_server.c: Convert to using new non-DB-specific database access
functions. This simplifies the code a bit and removes the need for
this module to know anything about Berkeley DB. Also convert the
ypproc_match_2_svc() function to use the async DNS lookup routines.
- yp_main.c: tweak yp_svc_run() to add the resolver socket to the
set of descriptors monitored in the select() loop. Also add a
timeout to select(); we may get stale DNS requests stuck in the
queue which we want to invalidate after a while. If the timeout
hits, we decrement the ttl on all pending DNS requests and nuke
those requests that aren't handled before ttl hits zero.
- yp_extern.h: Add prototypes for new stuff.
- yp_svc_udp.c (new file): The async resolver code needs to be able
to rummage around inside the RPC UDP transport handle in order to
work correcty. There's basically one transport handle, and each time
a request comes in, the transaction ID in the handle is changed.
This means that if we queue a DNS request, then we handle some other
unrelated requests, we will be unable to send the DNS response because
the transaction ID and remote address of the client that made the DNS
request will have been lost. What we need to do is save the client
address and transaction ID in the queue entry for the DNS request,
then put the transaction ID and address back in the transport handle
when we're ready to reply. (And then we have to undo the change so
as not to confuse any other part of the server.) The trouble is that
the transaction ID is hidden in an opaque part of the transport handle,
and only the code in the svc_udp module in the RPC library knows how
to handle it. This file contains a couple of functions that let us
read and set the transaction ID in spite of this. This is really a
dirty trick and I should be taken out and shot for even thinking about
it, but there's no other way to get this stuff to work.
- Makefile: add yp_svc_udp.c to SRCS.
connecting to a host immediately in the foreground.
I would like to be able to run ppp from a script so that my script can be
sure that it is connected to the 'net before it continues running:
# Dial up the internet.
ppp -background myprovider || exit 1
do-some-net-command
# Hang up the modem.
kill -HUP `cat /var/run/ppp.tun0.pid`
Another problem is that the current ppp calls its process id file
`/var/run/PPP.server', which may conflict if you have more than one IP
tunnel interface available.
Closes PR#1469
Submitted by: Gord Matzigkeit <gord@enci.ucalgary.ca>
new 'aliased' packets. Note, if the original packet has a bogus cksum,
we will *NOT* re-compute the cksum, therefore the new packet will also
be wrong (but passed on).
Found by: MartinRenters@awfulhak.demon.co.uk
Reviewed by: Brian Somers <brian@awfulhak.demon.co.uk>
Submitted by: Charles Mott <cmott@srv.net>
will handle lines of any length in /etc/group.
2) Fixed bug with usermod -d not updating user's home
directory.
3) Minor formatting display changes/fixes with *show -P.
(/dev/urandom used by default under FreeBSD), and implemented a
"portable" but less secure generator for other systems.
Add display of expiry/password change dates in -P user display.
used by OpenBSD. (Quite frankly, I think it's perfectly reasonable to
use snprintf to copy strings, given that the semantics for strncpy()
are utterly idiotic and there is no POSIX sstrncpy().)
While I'm at it, incorporate some of OpenBSD's bugfixes to cron.
NOT for 2.2
version of strdup() by a macro, killed many calls to strdup(), thus
potentially wasting less malloc'ed space (their args were never be
free()ed desptie despite of being malloc'ed). Probably still a huge
memory leak at all... Also killed two totally useless variables.
I've tested it as i could, but wouldn't be surprised if unexpected
problems showed up. So watch out this space!
conservative part of the tidyup, like fixing potential buffer overflow
conditions. It is believed to be safe to go into 2.2.
Pointed out by: lozenko@cc.acnit.ac.ru (Evgeny A. Lozenko)
I went over the code.
Add shortcuts for addUser and addGroup, documenting same.
Add a password field for adduser and use no-echo string field for it.
This requires my latest libdialog changes (in RELENG_2_2 or -current) to work.
the profiling level in config and decide what to do in makefiles.
Makefile.i386:
Align functions to 16-byte boundaries if profiling is enabled. This
will allow a fourfold reduction in the size of the profiling buffers.
(otherwise ppp's behavior remains unchanged) and documented by myself,
Steve Sims, Nate Williams, Martin Renters and god-only-knows who else. :-)
Submitted by: nate
Obtained from: Charles Mott <cmott@srv.net>
1. Don't use the MSDOSFS code for accessing FreeBSD distribution data.
Use Robert Nordier's stand-alone DOS I/O library for the purpose.
It this works as well as Robert says it does, it should drastically reduce
(or even eliminate) our "I can't install from my DOS partition!" calls.
2. As a result of the above, go to stdio file descriptors for all
media types.
3. Taking advantage of #2, start using libftpio for FTP transfers instead
of maintaining our own parallel version of the FTP transfer code.
Yay! I ripped something out for a change!
#1 Submitted-By: Robert Nordier <rnordier@iafrica.com>
has always held an open file descriptor. This allowed logging to
spare virtual consoles and being able to switch to them.
My previous change removed this since all writes were done with ttymsg()
which opens it's own fd, and hence syslogd didn't need it's own fd to
send messages on... but this caused an unexpected behavior change.
This should close PR#2176
do it themselves. (Some of these programs actually depended on this
beyond compiling the definition of struct ifinfo!) Also fix up some
other #include messes while we're at it.
obvious effects are that most of the automagically chosen defaults
will now be displayed while going through the menu, and an improved
error handling thanks to the more detailed error status reporting.
2.2 fodder, but i'll leave it to Jordan's review.
sysinstall's new User&group menu will use it, hence it's a 2.2
candidate despite of providing new functionality.
Submitted by: David L. Nugent, <davidn@blaze.net.au>
bogus or overly complex and really needed to be done more consistently
and sanely throughout - no question about it. Done.
Suggested-By: Paul Traina <pst@Shockwave.COM>
