* Fix a problem with files that have no CVS $Id's. Thanks to naddy for
spotting this one. It wasn't a _huge_ problem since almost all the files
we install (except motd) have one, but still, it's a bug.
* Add a divider between diff outputs, which is helpful both for logs,
and for giving a good visual clue for diffs that are smaller than
$LINES. Another helpful suggestion from Gary W. Swearingen, swear@blarg.net.
it clear that the recent PCI cards do not require firmware to be loaded,
unlike the completely different ISA cards that are branded with the same name.
buffers before reading the memory. Arguably, the failure modes here
are poor, but we can now read >2k EAs. Also, update the copyrights
and licenses while I'm here.
Note that getextattr has not yet been updated to dynamically allocate
a read buffer, although that can now be done.
Obtained from: TrustedBSD Project
Sponsored by: NAI Labs
all facilities that previously relied on /proc have been rewritten
to use ptrace(). procfs has presented a substantial security
hazard for years, with several user->root compromises in the last
few years. Procfs will continue to be available but will require
administrator intervention to use.
Reviewed by: scottl, jedgar, mike, tmm
now it is fixed. This should get us a working keyserv again, since
it depends on local transport for key exchange.
Since we do not have any KEYFILE name hardcoded anymore, set the
umask that way that the keyserver socket can be created with with
the appropriate permissions.
Re-add the accidently removed signal(SIGPIPE, SIG_IGN); to the code
which makes sense to avoid SIGPIPE when a disconnect on rpc socket
occurs.
Submitted by: mbr
the registering of the "unix" transport, now it is fixed.
Everywhere, rq_cred is taken to look what authentification we have.
We can not be sure that transp>xp_verf.oa_flavor is also filled in.
This seems to be the same for all sun source. they take the flavor
of rq_cred, instead of transp.
Submitted by: mbr
attention to the sub-optimal way that we deal with package
dependencies. Traditionally, for each package in an INDEX that the
user wants to add, we check all of the dependencies first even if the
package is already installed. With some GNOME packages, this can
cause package_extract to be called for 50 different dependencies when
we know the top level package is already installed.
The new behavior is to not check dependencies for packages that are
already installed. This fixes a bug where sysinstall gets itself into
a CPU intensive loop when trying to install sawfish gnome with the
most recent ports/INDEX. There is a bug somewhere in the ports INDEX,
but with over 6,400 ports we need to be a little more forgiving here.
/usr/share/examples/pppd.
Update pppd(8) documentation to reflect this, usr.sbin/pppd/pppd.8.
Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.
Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.
The files from etc/ppp, ppp.shells.sample and ppp.deny, were moved
with a repo copy. Note it in the logs with a forced commit to these
two.
Submitted by: Maxim Konovalov <maxim@macomnet.ru> provided the new samples.
less robust to possible errors of the user/admin while adduser(8)
had been intended to minimize their possibility.
An alternative way of introducing strange symbols into usernames
to be committed really soon.
uhub.c: revision 1.37
usb.4: revision 1.30
usb.c: revision 1.38
usb.h: revision 1.40
usb_port.h: revision 1.21
usb_subr.c: revision 1.65
usbdi.h: revision 1.40
Split the attach/detach events up into device, driver and controller
attach and detach events.
The commit message from NetBSD was:
date: 2000/02/02 07:34:00; author: augustss; state: Exp;
Change the USB event mechanism to include more information
about devices and drivers. Partly from FreeBSD.
Also rework usbd to take these new event types into account.
umask was less restrictive. This was caused by the use of mkstemp()
which internally passes a mode of 0600 to open(). Fix this by
explicitly chmod'ing the files to (0666 & ~umask).
PR: bin/16119
Submitted by: Sascha Blank <blank@uni-trier.de>
the skeleton directory are chown'd to the new user.
PR: bin/10601
Submitted by: Adrian Filipi-Martin <adrian2ubergeeks.com@gosub.cstone.net>
MFC after: 1 month
time_to_xxx() and xxx_to_time() functions. e.g. _time_to_xxx()
instead of time_to_xxx(), to make it more obvious that these are
stopgap functions & placemarkers and not meant to create a defacto
standard. They will eventually be replaced when a real standard
comes out of committee.
Alfred, I took a look at retry_blockingfilelocklist() and the
solution seemed simple enough. Please correct me if I am wrong.
It seems said routine doesn't take into account boundary conditions
when putting back file_lock entries into the blocked lock-list.
Specifically, it fails when the file_lock being put back is the
last element in the list, and when it is the only element in the
list. I've included a patch below.
Basically, it introduces another variable: pfl, which keeps track
of the list item before ifl. That way if nfl is NULL, ifl gets
inserted after pfl. If pfl is also NULL, then it gets inserted
at the head of the list (since it was the only element in the
list).
Submitted by: Mike Makonnen <mike_makonnen@yahoo.com>
Tested by: Thomas Quinot <thomas@cuivre.fr.eu.org>
Clean up "n to m" type options with "n-m" and some other improvements
suggested by Ruslan.
Change -C option to report the transmit key "4" if in "Home" mode.
Submitted by: ru
Approved by: imp, ru
block sizees larger than 8192 bytes have been resolved, as per the
following deltas:
rev 1.34 src/sys/boot/i386/boot2/boot2.c
rev 1.5 src/sys/boot/alpha/boot1/sys.c
Fixed bugs from previous delta:
- Removed duplicate -m and -o options from SYNOPSIS
- Added missing -L option to SYNOPSIS
- Removed duplicate -M option from DESCRIPTION
- Tidy up the markup
using the part after the ``\'' if the original name is not found.
This allows M$ clients to use domain\user as their authname.
Reviewed by: Ian West <ian@niw.com.au>
filesystem using a block size of 8192. Since this seems unlikely to
be fixed soon (specifically in time for 4.5-RELEASE on the RELENG_4
branch), fall back to the old default block and frag sizes of 8192 and
1024 in sysinstall on the alpha.
Reported by: jhb
to recover its space into the previous partition. Revert 'D'elete
to not attempt to recover any space.
Do not auto-create /home as per release engineers decision (though
I think this is a mistake). However, all of this code will be
replaced later on anyway either with Jordan's stuff or with
some other sort of templater, so it isn't a big deal.
Before, we were using
while (*p++ && --len > 0);
to do this. However, len doesn't get decremented for the NUL byte, so when
we used len later to see if we still have CIS left for some optional fields,
we'd run off the end of an array and dump core.
Instead, replace it with
len -= strlen(p) + 1;
p += strlen(p) + 1;
which is more correct. It is a little bogus to assume that p points to
a valid C string, but only a little. The PC Card SPEC mandates that it
does, and we already depend on that with the use of strdup a few lines
earlier. Since much of the rest of the cis parsing code isn't hyper
retentive about error checking, I'll leave that level of checking for
another time and/or another committer :-).
a) Convert all the remaining older Perl system() calls to the new,
more secure LIST format so they are robust to whitespace and
shell metacharacters in their arguments.
b) Add a new option: -force, which allows adding usernames containing
characters that are otherwise illegal.
PR: bin/22860 bin/31049
a packed array so sizeof work. This broke RFMON mode and passing
up 802.11 packets.
The Linux emulation code was derived from the open source Linux driver to
maintain compatibility.
LEAP support is added, hints from Richard Johnson. I've verified this
locally with PC350v42510.img firmware. More bug fixing from Marco to
fix long passwords.
Change DELAYs in flash part of driver to FLASH_DELAY which uses tsleep
so it doesn't look like your system died during a flash update.
Install header files in /usr/include/dev/an
Cleanup some ifmedia bugs add "Home" key mode to ifmedia and ancontrol.
This way you can manage 2 keys a little easier. Map the home mode into
key 5. Enhance ifconfig to dump the various configured SSIDs. I use
a bunch of different ones and roam between them. Use the syntax similar
to the WEP keys to deal with setting difference SSIDs.
Bump up up the Card capabilities RID since they added 2 bytes to it
in the latest firmware. Thankfully we changed it from a terminal
failure so the card still worked but the driver whined.
Some cleanup patches from Marco Molteni.
Submitted by: Richard Johnson <raj@cisco.com>
Marco Molteni <molter@tin.it>
and myself
Various checks: David Wolfskill <david@catwhisker.org>
Reviewed by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Approved by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Obtained from: Linux emulation API's from Aironet driver.
changes in the userland utilities. For fdcontrol(8), i now finally
keep my promise made more than 7 years ago that ``the fdcontrol
utility is currently under development and the user interface will
likely change''. :-)
o Move nfs_reserved_port_only out of security profiles (where it was
set somewhat improperly) to the Security options menu directly.
Previously, the variable was set to true for Moderate, but not for
Extreme, which is at best inconsistent.
o Update the Security Profiles help file to remove reference to the
NFS reserved port.
o Note that the kernel currently defaults the sysctl to '0', but
sysinstall has changed it to '1' as a default as of late; however,
rc.conf sets the value to NO as the default. This change brings
them relatively into sync.
Sponsored by: DARPA, NAI Labs
and pull configSecurityProfile under that menu. Add a menu option
to determine whether LOMAC is enabled at boot. Probably, eventually,
many of the 'Security Profile' menu choices should be pulled out
independently into the Security Menu, so as to make them individually
selectable.
Sponsored by: DARPA, NAI Labs
The user can still toggle it back off in the label editor (or post-install
for that matter) if they explicitly do not want soft updates to be used
for some reason.
Agreed to be a good thing by: kirk
"skimming thru" the printcap file looking for some common mistakes that
people make. These are the kinds of mistakes where the printcap file
probably looks correct to human eyes, but is wrong in some subtle way
which causes a problem in some queue definitions. The program treats
these as "warnings" not "errors".
Note that I'm flexible on the m.f.c. schedule, if people would rather
this waited until after 4.5-release.
Reviewed by: no screams from freebsd-audit freebsd-print@bostonradio.org
MFC after: 4 days
. The main device node now supports automatic density selection for
commonly used media densities. So you can stuff your 1.44 MB and
720 KB media into your drive and just access /dev/fd0, no questions
asked. It's all that easy, isn't it? :)
. Device density handling has been completely overhauled. The old way
of hardwired kernel density knowledge is no longer there. Instead,
the kernel now implements 16 subdevices per drive. The first
subdevice uses automatic density selection, while the remaining 15
devices are freely programmable. They can be assigned an arbitrary
name of the form /dev/fd[:digit]+.[:digit:]{1,4}, where the second
number is meant to either implement device names that are mnemonic
for their raw capacity (as it used to be), or they can alternatively
be created as "anonymous" devices like fd0.1 through fd0.15,
depending on the taste of the administrator. After creating a
subdevice, it is initialized to the maximal native density of the
respective drive type, so it needs to be customized for other
densities by using fdcontrol(8). Pseudo-partition devices (fd0a
through fd0h) are still supported as symlinks.
. The old hack to use flags 0x1 to always assume drive 0 were there is
no longer supported; this is now supposed to be done by wiring the
devices down from the loader via device flags. On IA32
architectures, the first two drives are looked up in the CMOS
configuration records though. On PCMCIA (i. e., the Y-E Data
controller of the Toshiba Libretto), a single drive is always
assumed.
. Other specialities like disabling the FIFO and not probing the drive
at boot-time are selected by per-controller or per-drive flags, too.
. Unit attentions (media has been changed) are supposed to be detected
now; density autoselection only occurs after a unit attention. (Can
be turned off by a per-drive flag, this will cause each Fdopen() to
perform the autoselection.)
. FM floppies can be handled now (on controllers that actually support
it -- not all do these days).
. Fdopen() can be told to avoid density selection by setting
O_NONBLOCK; this leaves the descriptor in a half-opened state where
only a few ioctls are accepted. This is necessary to run fdformat
on a device that uses automatic density selection (since you cannot
autoselect on an unformatted medium, obviously).
. Just differentiate between a plain old NE765 and the enhanced chips,
but don't try more; the existing code was wrong and only misdetected
the chips anyway.
BUGS and TODOs:
. All documentation update still needs to be done.
. Formatting not-so-standard format yields unpredictable results; i
have yet to figure out why this happens. "Standard" formats like
720 and 1440 KB do work, however.
. rc scripts are needed to setup device nodes with nonstandard
densities (like the old /dev/fdN.MMM we used to have).
. Obtaining device flags from the kernel environment doesn't work yet,
thus currently only drives that are present in (IA32) CMOS are
really detected. Someone who knows the odds and ends about device
flags is needed here, i can't figure out what i'm doing wrong.
. 2.88 MB still needs to be done.
(which somehow now seems to be the default for compiling -current).
This error popped up while doing a PicoBSD cross-compile on a 4.3-ish system,
it may well be that there are other apps which have similar problems,
but I did not spot them as they are not included in my picobsd config.
Whether adding prototypes for main() is the correct solution or not
I have no idea, a request to -current on the matter went basically
unanswered. Those who have better ideas are welcome to back this out
and replace it with the correct fix.
16384/2048.
Following recent discussions on the -arch mailing list, involving dillon
and mckusick, this change parallels the one made over a decade ago when
the default was bumped up from 4096/512.
This should provide significant performance improvements for most
folks, less significant performance losses for a few folks and
wasted space lost to large fragments for many folks.
For discussion, please see the following thread in the -arch archive:
Subject: Using a larger block size on large filesystems
The discussion ceases to be relevant when the issue of partitioning
schemes is raised.
have a USB mouse. Here's the deal on how this works: USB mouse have
moused run for them automatically by usbd so we don't need to setup moused
for them. We do need to setup moused for other mice though, so if the
user has a USB mouse, we don't need to do anything. Hence the wording
"Do you have a non-USB mouse installed?" for the question. The question
can be reworded as "Do you have a PS/2 or Serial mouse installed?" instead
if that is preferred.
(1) We don't need compat3x and compat4x as we build the bits on the proper
release now (vs. getting them from the XFree people).
(2) We handle the compat2x needs thru proper port dependancies now.
sysinstall will automatically expand the previous partition to take up
the freed up space. So you can 'D'elete /home and /usr will get the
combined space, or you can 'D'elete /tmp and /var will get the combined space.
This gives the user, developer, or lay person a huge amount of flexibility
in constructing partitions from an 'A'uto base. It takes only 3 or 4
keystrokes to achieve virtually any combination of having or not having
a /tmp and/or /home after doing an 'A'uto create.
Change 'A'uto creation of /var/tmp to 'A'uto creation /tmp, which should
be less controversial.
MFC after: 6 days
and SIGQUIT during shutdown", but rpc.umntall is also run at boot
time, so ignoring these signals is a really bad idea: it makes it
impossible to ^C the process as it waits for a server response. I
can't see any reason to block these signals during shutdown either.
MFC after: 3 days
defaults both in regards to the size of the partitions that are created
and in regards to safety and functional separation.
Still TODO: extend the previous partition to cover a deleted partition
if the previous partiton was auto-created, and supply some sort of
solution for /tmp.
Reviewed by: Just about everyone
Approved by: Nobody except maybe my pet mouse fred
Obtained from: God, so complain to HIM
MFC after: 1 week
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.
Reviewed by: ru
Approved by: ru
for a remote print job. This change comes from OpenBSD (who got it from
Sebastian Krahmer of SuSE). In OpenBSD this avoids a tiny theoretical
security issue, but that security issue does not exist in FreeBSD's lpr
due to the changes which added 'ctl_renametf()' just before 4.4-release.
This change is still worth doing in our version, but it isn't fixing a
security issue.
MFC after: 4 days
It is still nessesary to supply the tracks as individual files, burncd
can't read .cue files yet, but now the infrastructure to do it is
present we just need a .cue file parser (hint hint)...
o prototype usage()
o move BUFSIZE define above the functions
o nuke externs that are defined in unistd.h
Approved by: rwatson
Obtained from: TrustedBSD Project
1) Use devfs to mount filesystems. If mounting devfs is fail,
fallback to old code.
2) When fscking filesystems, use 'fsck_ffs' explicitly. As a
result, we no longer need 'fsck' the wrapper program.
Reviewed by: jkh
Since userconfig feature is implemented by tweaking variables (hint.*)
with loader(8), we can put back an equivalent feature. Maybe the first
step for this is to commit yokota-san's patch (add userconfig command
for loader).
Approved by: jkh
to the routing socket.
The local address on a point-to-point interface is not actually a
gateway address - despite it appearing in the second column of
netstat -r's output. Providing a gateway to an RTM_CHANGE will
currently change the route's interface so that it's using the
specified gateway - not what we want.
Patiently explained to me by: ru
control-files will always start with 'cfA*'. It turns out that some
implementations of lpd (such as solaris) may send a control file which
starts with 'cfB*', or really 'cf<anyLetter>*'. Although such filenames
are very odd, we did used to accept them. This changes ctl_renametf to
work correctly with them, and fixes up 'lpc clean' to match.
PR: bin/32183
MFC after: 10 days
with the old behavior available via the -o option (it might still be
useful if one has many kernels and cares which messages came from
which). If the boot file is not used as the prefix, it is still
logged once at startup.
This change is prompted by the fact that the boot file is now much
longer ("/boot/kernel/kernel" vs. "/kernel"), which significanlty
bloats the syslogd output.
Reviewed by: peter
o remove extraneous extern's
o prototype functions
o combine multiple return (0)'s into a single return (0) at the
end of main()
Approved by: rwatson
Obtained from: TrustedBSD Project
'l' ("plain text which includes control characters") is somewhat more
appropriate for 'o' ("postscript files"), and in fact some printers treat
'l' as a request to print a postscript file.
MFC after: 1 week
with 'HEAD' method.
Actually, when http.c was born, it used 'GET' method. This was changed
with revision 1.4 (which was submitted as PR: 21449). I've confirmed
to Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>,
the submitter of PR: 21449, and it's absolutely OK that we can use
GET method.
Add missing 'FreeBSD' tag, and copyright notice. This file is originally
submitted by PR: 11316; I've contacted to the PR originator to submit it.
PR: 32238
Submitted by: Christoph Weber-Fahr <christoph.weber-fahr@arcor.de> (patch),
and Philipp Mergenthaler <un1i@rz.uni-karlsruhe.de> (copyright)
MFC after: 1 week
was never technically true (it's snp(4) that required root, not
watch(8)), and after snp.c 1.64, isn't even effectively true, since
who can run watch(8) depends on the permissions of the snp device(s).
Sort options in SYNOPSIS and DESCRIPTION while I'm here.
Previously, watch would always use the first device it could
successfully open, but this isn't always desired. Specifically, it
may not be desired during debugging (of snp), or if a particular snp
device has different permissions (which makes since after snp.c 1.64).
up in the same way that we expect them to be when we read them.
This is a no-op on i386 and probably on alphas, as we currently
only support AF_INET and AF_INET6.
of 0.0.0.0.
The OpenBSD PF_ROUTE/NET_RT_DUMP sysctl is sending back routes with
RTAX_NETMASK set, but the corresponding sockaddr being 4 zero bytes
(with an address family of zero). ppp was getting confused by this
and ending up interpreting it as a 0.0.0.0/32 routing table
destination and subsequently failing to do anything with the route.
Specifically, after this fix, ppp under OpenBSD can successfully
change and delete the default route again !
ncprange structure.
Don't write() the netmask for IPv6 sockaddrs to the routing socket if
the prefixlen is 128.
It seems that messages written to the routing socket with the scopeid
set for link local addresses are not understood. Instead, we have to
put the scopeid in the 5th and 6th bytes of the address (see
adjust_linklocal() in ncpaddr.c). I think this may be a bug in the
KAME implementation - it should really understand both forms.