We provide the hostid (which is the state creatorid) to the kernel as a
big endian number (see pfctl/pfctl.c pfctl_set_hostid()), so convert it
back to system endianness when we get it from the kernel.
This avoids a confusing mismatch between the value the user configures
and the value displayed in the state.
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33989
If an invalid (i.e. overly long) interface name is specified error out
immediately, rather than in expand_rule() so we point at the incorrect
line.
PR: 260958
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D34008
The "bg" option does not go background until the initial mount
attempt fails, which can take 60+ seconds.
This new "bgnow" option goes background immediately, avoiding
the 60+ second delay, if the NFS server is not yet available.
The man page update is a content change.
Tested by: jwb
Reviewed by: debdrup, emaste
PR: 260764
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D33733
Those can be returned by CHECK POWER MODE command (0xe5).
Note that some of the definitions duplicate definitions for Extended
Power Conditions.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D33646
We don't really use the scsi regexp for anything. The rescan was a
workaround that was fixed a long time ago and has been disabled for
ages. And the regexp was incomplete.
Sponsored by: Netflix
_PATH_LD32_HINTS is unused because it is a.out remnant.
_PATH_ELF32_HINTS is provided by rtld_paths.h already.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
ipfsync is a WIP sync daemon designed to be used in a failover scenario.
It was removed by 5ee61c7daa. This commit
restores its three files. ipfsync is in my work queue.
MFC after: 10 days
X-MFC with: 5ee61c7daa
Under some INET/INET6 src.conf configurations sbin/route previously
failed to build due to an unused variable warning. It was functionally
write-only anyway, so just remove it.
Reported by: melifaro
Reviewed by: melifaro
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33717
The function makevfslist is only called once in mount.c, but should
be save to be called more than once with different parameters.
The bin/df command links against this file, and will need this
possibility to allow -l and -t to be used together.
MFC after: 3 days
The work to ANSIfy and adjust returns to style(9) resulted in a mismerge
of a stash when ipfilter was moved from contrib to sbin. An older file
replaced WIP at the time, resulting in a regression.
The majority of this work was done in 2018 saved as git stashes within
a git-svn tree and migrated to the git tree. The regression occurred
when the various stashes were sequentially merged to create individual
commits, following the ipfilter move to netpfil and sbin.
Reported by: jrtc27
Fixes: 2582ae5740
Pointy hat to: cy
MFC after: 1 month
Replace the INLINE macro with inline. Some ancient compilers supported
__inline__ instead of inline. The INLINE hack compensated for it.
Ancient compilers are history.
Reported by: glebius
MFC after: 1 month
Convert ipfilter userland function declarations from K&R to ANSI. This
syncs our function declarations with NetBSD hg commit 75edcd7552a0
(apply our changes). Though not copied from NetBSD, this change was
partially inspired by NetBSD's work and inspired by style(9).
Reviewed by: glebius (for #network)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D33595
Extend the dnctl (dummynet config) tool to be able to read commands from
a file, just like ipfw already does.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33627
Shortlinks occupy the space of both di_db and di_ib when used. However,
everywhere that wants to read or write a shortlink takes a pointer do
di_db and promptly runs off the end of it into di_ib. This is fine on
most architectures, if a little dodgy. However, on CHERI, the compiler
can optionally restrict the bounds on pointers to subobjects to just
that subobject, in order to mitigate intra-object buffer overflows, and
this is enabled in CheriBSD's pure-capability kernels.
Instead, clean this up by inserting a union such that a new di_shortlink
can be added with the right size and element type, avoiding the need to
cast and allowing the use of the DIP macro to access the field. This
also mirrors how the ext2fs code implements extents support, with the
exact same structure other than having a uint32_t i_data[] instead of a
char di_shortlink[].
Reviewed by: mckusick, jhb
Differential Revision: https://reviews.freebsd.org/D33650
Move some needed binaries/libs from FreeBSD-utilities to FreeBSD_runtime.
This is everything needed to boot to multiuser with FreeBSD-rc installed.
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33435
Through fixes and improvements our ipfilter sources have diverged
enough to warrant move from contrib into sbin/ipf. Now that I'm
planning on implementing MSS clamping as in iptables it makes more
sense to move ipfilter to sbin.
This is the second of three commits of the ipfilter move.
Suggested by glebius on two occaions.
Suggested by and discussed with: glebius
Reviewed by: glebius, kp (for #network)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D33510
Through fixes and improvements our ipfilter sources have diverged
enough to warrant move from contrib into sys/netpil. Now that I'm
planning on implementing MSS clamping as in iptables it makes more
sense to move ipfilter to netpfil.
This is the first of three commits the ipfilter move.
Suggested by glebius on two occaions.
Suggested by and discussed with: glebius
Reviewed by: glebius, kp (for #network)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D33510
when the fstab(5) entry for the filesystem has the "failok" attribute.
Reviewed by: kib
PR: 246201
MFC after: 2 weeks
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D33424
We do not build the drivers for this arch so no need to build the
configuration tools.
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
also fix test sys/audit/administrative.c.
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33343
Declare how many cores we saved, and where we saved them to. Drop a
comment about emitting little information; it's obvious from the block
in question that we emit nothing without verbose.
Reviewed by: markj
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #65
Differential Revision: https://reviews.freebsd.org/D31393
When we exposed the PFSYNCF_OK flag to userspace in 5f5bf88949 we
unintentionally caused defer mode to always be enabled.
The ioctl check only looked for nonzero, not for the PFSYNCF_DEFER flag.
Fix this check and ensure ifconfig sets the flag.
Reviewed by: glebius
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33244
Add two underscore characters "__" to names of BIT_* and BITSET_*
macros to move them to the implementation name space and to prevent
a name space pollution due to BIT_* macros in 3rd party programs with
conflicting parameter signatures.
These prefixed macro names are used in kernel header files to define
macros in e.g. sched.h, sys/cpuset.h and sys/domainset.h.
If C programs are built with either -D_KERNEL (automatically passed
when building a kernel or kernel modules) or -D_WANT_FREENBSD_BITSET
(or this macros is defined in the source code before including the
bitset macros), then all macros are made visible with their previous
names, too. E.g., both __BIT_SET() and BIT_SET() are visible with
either of _KERNEL or _WANT_FREEBSD_BITSET defined.
The main reason for this change is that some 3rd party sources
including sched.h have been found to contain conflicting BIT_*
macros.
As a work-around, parts of shed.h have been made conditional and
depend on _WITH_CPU_SET_T being set when sched.h is included.
Ports that expect the full functionality provided by sched.h need
to be built with -D_WITH_CPU_SET_T. But this leads to conflicts if
BIT_* macros are defined in that program, too.
This patch set makes all of sched.h visible again without this
parameter being passed and without any name space pollution due
to BIT_* macros becoming visible when sched.h is included.
This patch set will be backported to the STABLE branches, but ports
will need to use -D_WITH_CPU_SET_T as long as there are supported
releases that do not contain these patches.
Reviewed by: kib, markj
MFC after: 1 month
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D33235
to force swapout by ignoring the heuristic that calculates amount of
allocated memory against total of RAM plus remaining swap.
Reviewed by: markj
Discussed with: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33165
It does not build (and serves no purpose) if neither is true (i.e.,
building WITHOUT_INET and WITHOUT_INET6). Also add an explicit error
in ping to make this case clear.
PR: 260082
Sponsored by: The FreeBSD Foundation
Default action for ldconfig is specified as -R AKA 'append', and for
no-args (without options changing default actions), ldconfig should
append empty list of directories to current list. But because the check
was done before options were parsed out, presence of any option turned
off default rescan.
As result, innocently-looked commands like `ldconfig -v' were interpreted
as setting directory hints list to one specified on the command line,
i.e. empty.
Reported by: https://github.com/mesonbuild/meson/issues/9592
Reviewed by: emaste
Tested by: jbeich
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33058
Remove the option from man page and summary. Silently ignore it when
parsing command line for backward compatibility.
Reviewed by: emaste
Tested by: jbeich
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33058
Use bool.
Use local variables instead of static.
Remove non-functional debugging override of hints file path.
Use explicit exit() instead of return from main.
Minor style tweaks.
Reviewed by: emaste
Tested by: jbeich
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33058
Add in all the variables set in the kenv variable devmatch_blocklist
too. This allows blocking autoloading from the boot loader.
Sponsored by: Netflix
Reviewed by: 0mp
Differential Revision: https://reviews.freebsd.org/D32171
For some cloud/virtualization use cases it can be convenient to grow the
filesystem on boot any time the disk/partition happens to be larger, but
not fail if it remains the same size.
Continue to emit a message if we have no action to take, but exit with
status 0 if the size remains the same.
Reviewed by: trasz
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32856
A quick grep through the kernel code shows network drivers compute the
changed bits of network capabilities after a SIOCSIFCAP IOCTL(2) by
using the bitwise exclusive or operation. When the set capabilities
are equal to the already read capabilities, no action will be taken.
Let ifconfig(8) predict this case and skip the SIOCSIFCAP IOCTL(2)
system call.
Discussed with: kib@ (revert change in case of issues)
MFC after: 1 week
Sponsored by: NVIDIA Networking
Add a postproc function for af_inet, and add interface flags as a
parameter. Check there if setting an address without a mask unless
the interface is loopback or point-to-point, where mask is not really
meaningful; warn if so. This will hopefully be an error in the future.
MFC after: 1 month
Reviewd by: bz
Differential Revision: https://reviews.freebsd.org/D32709
Allow users to set a number on rules which will be exposed as part of
the pflog header.
The intent behind this is to allow users to correlate rules across
updates (remember that pf rules continue to exist and match existing
states, even if they're removed from the active ruleset) and pflog.
Obtained from: pfSense
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D32750
As far as we know, there is no FAT implementation that supported hard
links, and our msdosfs driver assumed one cluster chain is only
referenced by one directory entry and clears it out when the file is
deleted. On the other hand, the current code would proceed with
checkchain() when the directory entry's head cluster is a valid numbered
cluster without checking if it was a valid head node of a cluster chain.
So if the cluster do not being a chain (e.g. CLUST_FREE, CLUST_BAD),
or was already referenced by another directory entry, this would
trigger an assertion in check_chain() at a later time.
Fix this by giving the user an option to truncate the directory entry
when the head cluster is an invalid cluster, an visited head node,
or not a head node.
Reported by: NetApp (kevans@)
Reviewed by: kevans, emaste (no objection)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D32699
I made a mistaking in merging the final commits for the devctl changes. This
adds the 'hushed' variable and has the correct dates for the manuals.
Pointy hat to: imp
Generate VT events when the bell beeps. When coupled with disabling the
bell,this allows custom bells to be rung when we'd otherwise beep.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D32656
Revision 9e9be081d8 introduced a new devfs rule devfsrules_jail_vnet. It
includes rule devfsrules_jail which include other rules. Unfortunately
devfs could not recursively parse the action include and thus
devfsrules_jail_vnet will expose all nodes.
PR: 255660
Reviewed by: kp
Obtained from: Gijs Peskens <gijs@peskens.net>
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D32814
Geom utilities (geli(8), glabel(8), gmirror(8), gpart(8), gmirror(8),
gmountver(8), etc) all use the geom(8) utility as their back end
to process their commands and pass them into the kernel. Creating
a new utility requires no more than filling out a template describing
the commands and arguments that the utility supports. Consider the
specification for the very simple gmountver(8) utility:
struct g_command class_commands[] = {
{ "create", G_FLAG_VERBOSE | G_FLAG_LOADKLD, NULL,
{
G_OPT_SENTINEL
},
"[-v] prov ..."
},
{ "destroy", G_FLAG_VERBOSE, NULL,
{
{ 'f', "force", NULL, G_TYPE_BOOL },
G_OPT_SENTINEL
},
"[-fv] name"
},
G_CMD_SENTINEL
};
It has just two commands of its own: "create" and "destroy" along
with the four standard commands "list", "status", "load", and
"unload" provided by the base geom(8) utility. The base geom(8)
utility allows each command to use the G_FLAG_VERBOSE flag to specify
that a command should accept the -v flag and when the -v flag is
given the utility prints "Done." if the command completes successfully.
In the above example, both of the commands set the G_FLAG_VERBOSE,
so have the -v option available. In addition the "destroy" command
accepts the -f boolean flag to force the destruction.
If the "destroy" command wanted to also print out verbose information,
it would need to explicitly declare its intent by adding a line:
{ 'v', "verbose", NULL, G_TYPE_BOOL },
Before this change, the geom utility would silently ignore the above
line in the configuration file, so it was impossible for the utility
to know that the -v flag had been set on the command. With this
change a geom command can explicitly specify a -v option with a
line as given above and handle it as it would any other option. If
both a -v option and G_FLAG_VERBOSE are specified for a command
then both types of verbose information will be output when that
command is run with -v.
MFC after: 1 week
Sponsored by: Netflix
The new iSCSI initiator iscsi(4) was introduced with FreeBSD 10.0, and
the old intiator was marked obsolete shortly thereafter (in commit
d32789d95c, MFC'd to stable/10 in ba54910169). Remove it now.
Reviewed by: jhb, mav
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32673
The last two drivers that required sppp are cp(4) and ce(4).
These devices are still produced and can be purchased
at Cronyx <http://cronyx.ru/hardware/wan.html>.
Since Roman Kurakin <rik@FreeBSD.org> has quit them, they no
longer support FreeBSD officially. Later they have dropped
support for Linux drivers to. As of mid-2020 they don't even
have a developer to maintain their Windows driver. However,
their support verbally told me that they could provide aid to
a FreeBSD developer with documentaion in case if there appears
a new customer for their devices.
These drivers have a feature to not use sppp(4) and create an
interface, but instead expose the device as netgraph(4) node.
Then, you can attach ng_ppp(4) with help of ports/net/mpd5 on
top of the node and get your synchronous PPP. Alternatively
you can attach ng_frame_relay(4) or ng_cisco(4) for HDLC.
Actually, last time I used cp(4) back in 2004, using netgraph(4)
instead of sppp(4) was already the right way to do.
Thus, remove the sppp(4) related part of the drivers and enable
by default the negraph(4) part. Further maintenance of these
drivers in the tree shouldn't be a big deal.
While doing that, remove some cruft and enable cp(4) compilation
on amd64. The ce(4) for some unknown reason marks its internal
DDK functions with __attribute__ fastcall, which most likely is
safe to remove, but without hardware I'm not going to do that, so
ce(4) remains i386-only.
Reviewed by: emaste, imp, donner
Differential Revision: https://reviews.freebsd.org/D32590
See also: https://reviews.freebsd.org/D23928
ping uses a two-pass option parser. The first pass determines whether
ipv4 or ipv6 is desired, and the second parses the rest of the options.
But the first pass wrongly detects a '4' or '6' in an option's value as
a request to use ipv6 or ipv6 respectively, for example in an invocation
like "ping -c6 1.2.3.4".
Fix this confusion by including all options in the first round of
parsing, but ignoring those unrelated to ipv4/ipv6 selection.
PR: 258048
Reported by: ghuckriede@blackberry.com
Submitted by: ghuckriede@blackberry.com
MFC after: 2 weeks
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D32344
Patch the manpage to remove references to devq_openings and devq_queued.
Document the allocated tag that has been added in the same commit. The
relevant code change was committed as r271588
(959ec2581b) by mav@.
PR: 223651
MFH after: 3 days
Reported by: Bertrand Petit <bsdpr@phoe.frmug.org>
We used to expand the $nr macro in labels into the rule number prior to
the optimisation step. This would occasionally produce incorrect rule
numbers in the labels.
Delay all macro expansion until after the optimisation step to ensure
that we expand the correct values.
MFC after: 1 week
Reported by: Özkan KIRIK <ozkan.kirik@gmail.com>
Differential Revision: https://reviews.freebsd.org/D32488
The ino_blkatoff() and indir_blkatoff() functions failed to release
the buffers holding second and third level indirect blocks. This
commit ensures that these buffers are now properly released.
MFC after: 1 week
Sponsored by: Netflix
Allow pf to use dummynet pipes and queues.
We re-use the currently unused IPFW_IS_DUMMYNET flag to allow dummynet
to tell us that a packet is being re-injected after being delayed. This
is needed to avoid endlessly looping the packet between pf and dummynet.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31904
Calling veriexec -i locked return the state of loaded and vice-versa.
Differential revision: https://reviews.freebsd.org/D30952
Reviewed by: sjg,imp
Obtained from: Stromshield
When fsck_ffs is running in preen mode and finds a zero-length directory,
it deletes that directory. In doing this operation, it unnecessary set
its internal flag saying that fsck_ffs needed to be rerun. This patch
deletes the rerun request for this case.
Reported by: Mark Johnson
PR: 246962
MFC after: 1 week
Sponsored by: Netflix
Determine if a device supports "Extended" or "Separate" metadata, and
what the current metadata setting is (None, Extended, Separate)
Also determine if the device supports:
- Sanitize Crypto Erase
- Sanitize Block Erase
- Sanitize Overwrite
Reviewed by: chuck
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #49
Differential Revision: https://reviews.freebsd.org/D31067
Implement and document the new depop command. This command manages drive elements
for drives that support it. Storage elements are typically heads. Element status
can be discovered. Elements may be removed or restored. And the status of any
current depop operation can be assessed.
depop -d elm will remove element elm and truncate available capacity.
depop -l will list the current drive elements and their current status.
depop -r elm will try to restore all retired elements and rebuild capacity.
Changing storage elements may reinitialize the drive. This operation will lose
data and may take hours to complete. Use the drive provided timeout for
operations by default.
Reviewed by: gbe (manpages)
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D29018
This adds an option to detect if hole-punching is implemented by the
underlying file system. If this flag is set, and if the underlying file
system does not support hole-punching, md(4) fails BIO_DELETE requests
with EOPNOTSUPP.
Sponsored by: The FreeBSD Foundation
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D31883
Introduce a link to the ipfw command, dnctl, for dummynet configuration.
dnctl only handles dummynet configuration, and is part of the effort to
support dummynet in pf.
/sbin/ipfw continues to accept pipe, queue and sched commands, but these can
now also be issued via the new dnctl command.
Reviewed by: donner
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D30465
795d78a467 pfctl: Don't use PRIu64 mistakenly changed these to be
printed as hexadecimal numbers.
Reported by: Florian Smeets
MFC after: 4 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Rather than PRIu64 we can just treat the data as uintmax_t, and use %jx
instead.
MFC after: 1 week
Suggested by: kib
Sponsored by: Rubicon Communications, LLC ("Netgate")
Use PRIu64 to printf(3) uint64_t quantities, otherwise this will result
in "error: format specifies type 'unsigned long' but the argument has
type 'uint64_t' (aka 'unsigned long long') [-Werror,-Wformat]" on 32-bit
architectures.
Fixes: 80078d9d38
MFC after: 1 week
Rather than call DIOCGETSTATUS ourselves use the new libpfctl functions.
MFC after: 1 week
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D31697
Since the conversion to the new DIOCKILLSTATESNV the kernel no longer
exists the id and creatorid to be big-endian.
As a result killing states by id (i.e. `pfctl -k id -k 12345`) no longer
worked.
Reported by: Özkan KIRIK
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
When invalid statement is found the next statement is skipped even if it
is valid.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31527
This allows the maximum value of 4294967295 (~4Gb/s) instead of previous
value of 2147483647 (~2Gb/s).
Reviewed by: np, scottl
Obtained from: pfSense
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31582
That commit moved key generation into a child process, including
a memory allocation referenced by a structure. The child wrote
the structure to the parent over a pipe, but did not write the
referenced allocation. The parent read the structure from the
child and used its pointer, which was bogus in the parent.
In the child, send both chunks of data to the parent. In the
parent, make a corresponding allocation and read both chunks.
Fixes: 372557d8c3
Reviewed by: bdrewery, markj
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D31452
When matching entries, we should ignore those with a name of '#'. It's
the standard way to skip elements and need to be present to have the
proper offsets to the fields that are observed. No bus has a pnp
attribute of '#' and that is now disallowed for future buses that are
written.
Sponsored by: Netflix
Reviewed by: kbowling
Differential Revision: https://reviews.freebsd.org/D31482
Felix switch found in LS1028A supports stripping VLAN tag on
ingress, instead of egress. The striptag flag excepts the latter
behaviour.
Add a new flag to support the feature.
Obtained from: Semihalf
Sponsored by: Alstom Group
Differential Revision: https://reviews.freebsd.org/D30922
SO_RERROR indicates that receive buffer overflows should be handled as
errors. Historically receive buffer overflows have been ignored and
programs could not tell if they missed messages or messages had been
truncated because of overflows. Since programs historically do not
expect to get receive overflow errors, this behavior is not the
default.
This is really really important for programs that use route(4) to keep
in sync with the system. If we loose a message then we need to reload
the full system state, otherwise the behaviour from that point is
undefined and can lead to chasing bogus bug reports.
Reviewed by: philip (network), kbowling (transport), gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26652
This allows the use of VLAN PCP in dhclient, which is required for
certain ISPs (such as Orange.fr).
Reviewed by: bcr (man page)
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31263
Netdump has its own configuration tracking such that
ioctl(/dev/null, DIOCSKERNELDUMP) does a dumper_remove() but does not
notify netdump about the removal. Simply sending the same ioctl to
/dev/netdump handles the situation.
Reviewed by: markj, cem
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D31300
If -v is specified when adding a new device then a full listing of
configured devices is displayed. This requires sysctl access which
genkey()'s use of capability mode was blocking permission to access.
This leads to both confusing console spam but also incorrectly returning
an error status even if no other had been encountered.
dumpon: Sysctl get 'kern.shutdown.dumpdevname': Operation not permitted
Fix this by generating the key in a child process.
Reviewed by: markj
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D31266
This can be useful for, e.g., unmounting filesystems that were needed
for shutdown.
Reviewed by: kib
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #63
Differential Revision: https://reviews.freebsd.org/D31230
Support the 'match' keyword.
Note that support is limited to adding queuing information, so without
ALTQ support in the kernel setting match rules is pointless.
For the avoidance of doubt: this is NOT full support for the match
keyword as found in OpenBSD's pf. That could potentially be built on top
of this, but this commit is NOT that.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31115
Since bsd.prog.mk includes bsd.obj.mk, and thus bsd.subdir.mk, we must
ensure all our bsd.subdir.mk-affecting variables are set before
including bsd.prog.mk. Since sbin's various Makefile.arch files add to
SUBDIR this results in those not taking effect, and presumably we also
end up not having buildworld as parallel as it should be due to the fact
that SUBDIR_PARALLEL was not being set before including bsd.prog.mk.
MFC with: 0a0f748641
Reviewed by: olivier
Differential Revision: https://reviews.freebsd.org/D31125
Background checks are only allowed for mounted filesystems - don't try
to open the device for writing when performing a background check.
While here, remove a debugging printf that's commented out.
PR: 256746
Fixes: 5cc52631b3
Reviewed by: mckusick
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D30880
Commit 1e0a518d65 added a new NFS mount option "nconnect".
This patch adds information on this option to the man page.
It also adds an IMPLEMENTATION section that explains how
the default I/O size is determined and that "nfsstat -m" can
be used to find out what option settings are actually in use.
This is a content change.
Reviewed by: gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D31135
The description of the power command is missing. While the synopsis is
present, there's no explanation. Add one.
Reviewed by: mav, chuck
PR: 237866
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D31122
These were all incorrectly labeled as 2-clause BSD licenses by a
semi-automated process, when in fact they are 3-clause.
Discussed with: pfg, imp
MFC after: 2 weeks
Sponsored by: Axcient
Xen VMs get a simulated serial device meant for use as a console. Often
an xterm or other advanced terminal is used, so use xterm as the type.
Depending on configuration, FreeBSD on Xen for amd64 may instead use an
emulated serial port, but the virtual console may also be available.
Submitted by: Elliott Mitchell <ehem+freebsd@m5p.com>
Reviewed by: imp (slightly earlier version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29873
The tty lists were already pretty similar and there hadn't been any real
need for them to remain distinct for some time. As such, merge to a
single file.
The RISC-V console is preserved. For systems where it doesn't exist, its
presence in /etc/ttys is harmless. The uncommented version of the
ttyv8/XDM line from ttys.amd64 was the one chosen.
Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D30256
Add an option to dumpfs, `-s`, that only prints the super block information.
Reviewed by: chs, imp
Differential Revision: https://reviews.freebsd.org/D30881
As for example pfctl -ss keeps calling it, it saves a lot of overhead
from elided parsing of /etc/nsswitch.conf and /etc/protocols.
Sample result when running a pre-nvlist binary with nfs root and dumping
7 mln states:
before: 24.817u 62.993s 1:28.52 99.1%
after: 8.064u 1.117s 0:18.87 48.5%
Idea by Jim Thompson
Reviewed by: kp
Sponsored by: Rubicon Communications, LLC ("Netgate")
Building and installing architecture-specific man pages only raises a number of
problems:
* The https://www.freebsd.org/cgi/man.cgi is incomplete. As an
example, it does not show results for pae(4). The reason for this is
that the cgi interface runs on FreeBSD amd64.
* In FreeBSD amd64 some manual pages have broken X-refs. See hptrr(4)
for an example.
* Also, we have broken links in our Release Notes. This is a
consequence of the first point. See
https://www.freebsd.org/releases/13.0R/hardware/#proc-i386.
Make MAN_ARCH default to 'all' so we build all the man pages for all the
architectures. The difference in disk space is negligible. Also link
architecture-specific man pages to their own section while keeping their own
namespace.
PR: 212290
Reported by: mj@bsdops.com
Approved by: ceri@, wosch@
MFC after: 4 weeks
The previous changes that added support for the coreutils -c option
modified the output generated by passing -r to match that of the
coreutils versions. The difference is that coreutils separates the
hash from the file name by two blanks " " (or a blank followed by
an asterisk " *" with the -b option denoting).
While most scripts or users will not notice the difference, it might
be considered a violation of POLA and this commit reverts the change
for the non-sum programs. These will print a single blank " " as the
separator, as they die before the previous commit.
In order to still generate output that is identical to that of the
coreutils programs, this commit generates the " " or " *" separator
used by them for the -sum versions, depending on the presence of the
-b option.
MFC after: 3 days
The NFSv4 client now uses the highest minor version of NFSv4
by default instead of minor version 0, for NFSv4 mounts.
The "minorversion" mount option may be used to override this default.
This patch updates the man page to reflect this change. While here,
fix nfsstat(8) to be nfsstat(1).
Reviewed by: otis
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D30768
The directory for the tests was missing in BSD.tests.dist, causing
build failures in "make distribute".
Li-Wen Hsu fixed this issue in commit cb194afef5, allowing me to
re-enable installation of the tests.
MFC after: 3 days
Testing with buildworld/installworld had succeeded, but it appears
that a path is not correctly set for the distribute target in the
tests directory.
Commenting out HAS_TESTS should make the build succeed again and give
time to resolve the "make distribute" issue.
The tests have been locally run to verify that the recent changes to
add a coreutils compatible -c option does not lead to any regressions.
The bsd-p-test did create files 1.out .. 8.out in the test directory.
This has been fixed and the temporary output files are now written
to the temporary directory.
MFC after: 3 days
The -c option expects a digest file in either BSD or coreutils format.
The output for matched and mismatched files is identical to that
of the coreutils version.
The review of these changes included test cases that have already
been committed for the functionality that existed before.
Another test script is added to cover the coreutils compatible
extension implemented by this patch.
This commit contains a tests/Makefile that has been cleaned up
compared to the review version, using an implicit rule to apply the
TESTBASE path at build time (and the scripts have been renamed to
have an extension of .SH instead of .sh to trigger this rule).
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D30812
While the correctness of the supported hash algorithms can be tested
with the built-in self-test feature, these test cases are meant to
detect changes in the output format.
A follow-up commit will improve the compatibility with the coreutils
versions of the hash programs, and these tests should detect any
unintended side-effects of such a change on existing functionality.
Add devd event on network iface address add/remove. Can be used to
automate actions on any address change.
Reviewed by: imp@ (and minor style tweaks)
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D30840
