Commit Graph

62887 Commits

Author SHA1 Message Date
iedowse
c3a46f829d Fix a few bugs, some of which I introduced in recent commits:
- clean_mtab():
    Actually use the strdup'd version of the host that we go to the
    trouble of creating.
- do_umntall/do_umount:
    Don't return success if clnt_create() fails.
    Don't access a client pointer after it has been destroyed.
    Remember to destroy the authentication information we created.
2001-08-02 21:46:21 +00:00
iedowse
7a1676d200 In getclnthandle(), if the address is found in the cache we need
to strdup() the address string before returning it via *targaddr
because the caller will free the string.

Change the comment at the top of getclnthandle() to clarify that
the caller is responsible for freeing *targaddr.

Noticed by:	sobomax
2001-08-02 21:31:21 +00:00
imp
fa1bb1c5a3 Make the fmt arguments to make_dev and make_dev_alias const char *.
Approved on IRC as long as it didn't cause a large number of warnings by: phk

MFC After: 700 hours
2001-08-02 20:35:35 +00:00
brian
f01347bec1 The wrong-last-byte bug on win98 chap responses is also in winME 2001-08-02 20:12:48 +00:00
jon
670106268f fix memory leak when error during opening of routing socket
PR:		kern/29336
Submitted by:	Richard Andrades <richard@xebeo.com>
MFC after:	1 month
2001-08-02 19:56:29 +00:00
markm
5bf270923d With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
markm
f09b041b98 Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
markm
0c9b41130a Add opieaccess(5) functionality under the INSECURE_OPIE .ifdef.
Asked for by:	ache
2001-08-02 18:58:52 +00:00
sobomax
31c22104eb exists(../../crypto) --> exists(${.CURDIR}/../../crypto)
MFC after:	1 month
2001-08-02 18:21:48 +00:00
jon
1754fe9739 fix for pkg_add to symlinked prefix directories that are more than 1 link deep.
PR:	bin/28274
Submitted by:	John Hein <jhein@timing.com>
MFC after:	1 month
2001-08-02 18:20:27 +00:00
ache
83b248acca Allow configTtys() be called several times - set VAR_CONSTERM to "NO" after
operation done.
2001-08-02 16:36:21 +00:00
sobomax
53d500cc02 Fix a cryptoless world by disconnecting libmp from the build when there is no
crypto bits installed and/or NOCRYPTO/NO_OPENSSL is defined. This unfortunately
meants that usr.bin/chkey, usr.bin/newkey and usr.sbin/keyserv have also to
be disconnected.

IMO it is merely a workaround, the proper solution is to move libmp to
src/crypto where it belongs and use libgmp for the cryptoless builds instead.

Missed by:	dd
2001-08-02 15:47:03 +00:00
yokota
c293b124d3 Include opt_splash.h. 2001-08-02 13:23:17 +00:00
yokota
276cc0360a Use #ifdef DEV_SPLASH (from opt_splash.h) rather than
#if NSPLASH > 0 (from splash.h) to test the presence
of the splash driver.
2001-08-02 13:22:33 +00:00
sobomax
51d8971325 Cosmetics: replace dozen instances of "(tmp = getenv(PKG_DBDIR) ? tmp : DEF_LOG_DIR)"
with macro.

MFC after:	1 month
2001-08-02 13:13:06 +00:00
sobomax
3a6c9cba5d Cosmetics: kill blank lines at the end of file.
MFC after:	1 month
2001-08-02 13:08:43 +00:00
dwmalone
438cb09b0d Remove duplicate ufsd entry. This seems to go back to the Sun's version
of the file.

PR:		29386
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
2001-08-02 12:55:37 +00:00
sobomax
d7aba5be65 Usability tweak:
Use '' quotes instead of `' to delimit names of files and packages in
  warning and error messages, because it is easier to cut-n-paste name in
  question that way (single click) without confusing the shell. And yes,
  I know that it is less eye-candy...

MFC after:	1 month
2001-08-02 12:38:29 +00:00
yar
74c0d13ff6 Document the deprecated `-w' option in the COMPATIBILITY section. 2001-08-02 12:38:23 +00:00
sobomax
e6961759ee When there is a file that can't be deleted due to checksum mismatch print name
of that file to stdout to simplify debugging. IMO it was a mistake to print
this warning only when `verbose' mode is on.

MFC after:	1 month
2001-08-02 12:19:32 +00:00
dd
cc2e504043 When talking about new versions, use the word "updated" instead of
"upgraded" for consistency.  Prior to this commit, 9 of the entires
used the latter, and 51 used the former.
2001-08-02 12:16:17 +00:00
dd
9c1f2af6ca Note MFC or Binutils 2.11.2 (what we have is close enough to that
version that there's no need to talk about the snapshot business; all
it would do is serve to confuse).
2001-08-02 12:08:10 +00:00
yokota
51f24e05ac Add FBIO_BLANK ioctl support. Return ENODEV for yet-to-be-
supported ioctls for now.
2001-08-02 11:26:30 +00:00
yokota
15b2a0419e Add some definitions. Their actual support will be added
to video drivers later.
2001-08-02 11:17:38 +00:00
sheldonh
cfcb303fdd When building a debugging kernel with modules, build modules with
debugging support as well.

This relies on support added in rev 1.105 to kmod.mk.

Requested by:	peter
2001-08-02 10:56:59 +00:00
markm
21496a65d8 Repair the get/set UID() stuff so this works in both su(1) and login(1)
modes.
2001-08-02 10:35:41 +00:00
sobomax
909e491f4a - Deny detaching requests until device is still open, otherwise it is possible
to hang or panic kernel by detaching disk from which fs is mounted;
- replace "md" with MD_NAME in yet another place.

Reviewed by:	phk
Approved by:	phk
2001-08-02 10:19:13 +00:00
brian
101648b7a7 Add a ``nat punch_fw'' command for punching FTP and IRC DCC holes through
the firewall.
2001-08-02 10:16:32 +00:00
brian
0063462a65 Pack struct uniqtag declarations to stop our data field from being pushed
4 bytes to the right on the alpha.

Tested by:	Thomas Pornin <Thomas.Pornin@ens.fr>
MFC after:	1 week
2001-08-02 09:28:31 +00:00
sheldonh
0752cc9eee When building a debugging kernel with modules, build modules with
debugging support as well.  Debugging module support is handled
identically to kernel debugging support, right down to poor
choice of make variable names.
2001-08-02 09:22:18 +00:00
yokota
b7ee4929f8 Refine cursor type/shape control escape sequences and
ioctls. We can now add ve, vi and vs capabilities to
cons25 in termcap.

Discussed with and tested by: ache
2001-08-02 08:30:40 +00:00
alfred
671f6d6eb0 Fixups for the initial allocation by dillon:
1) allocate fewer buckets
  2) when failing to allocate swap zone, keep reducing the zone by
     a third rather than a half in order to reduce the chance of
     allocating way too little.

I also moved around some code for readability.

Suggested by: dillon
Reviewed by: dillon
2001-08-02 07:54:58 +00:00
imp
98e35a9cd0 Only try to allocated properly aligned I/O segments. This should stop
some of the config problems that we've been seeing (where wi0 tries to
allocate 0x138-0x198, for example).

Use err(1,"foo") rather than perror + exit while I'm here.
2001-08-02 07:06:32 +00:00
greid
e21f611af7 Fix thinko: FORCE_PKG_RESIDENT -> FORCE_PKG_REGISTER
Submitted by:	Raymond Kohler <ray.kohler@mail.com>
2001-08-02 04:25:06 +00:00
rwatson
bee1ebf3c4 Add the ability to modify /etc/ttys before first reboot during the
system installation process.  This allows users installing via serial
console to enable serial console login during the installation
process using an un-customized install.  The user is not prompted to
modify /etc/ttys during a normal install, but is offered the
opportunity during post-install configuration.

- Introduce configTTYs(), which describes the benefits of editing
  /etc/ttys, and asks for confirmation before spawning the editor.
- add configTTYs to the post-install configuration, as well as to
  the global configuration index.
2001-08-02 03:53:36 +00:00
rwatson
5c1a617eb7 Compensate for default disabling of network services in inetd.conf(5)
by providing the opportunity to edit inetd.conf during the system
installation process.  The following modifications were made:

(1) Expand the Anonymous FTP description dialog to indicate that inetd
    and ftpd must be enabled before it can be used.

(2) Introduce a new configInetd() pair of dialogs, the first describing
    inetd, giving a couple of examples of services that require it, and
    hinting at potential risk, then asking the user if they wish to
    enable it.  The second indicates that inetd.conf must be configured
    to enabled specific services, and asks if the user would like to
    load inetd.conf into the editor to modify it.  Add this
    configuration action to the index.

There are some further improvements that might be considered:

(1) Provide a more inetd.conf-specific configuration tool that speaks
    inetd.conf(5).  However, this is made difficult by the "yet another
    configuration format" nature of inetd.conf, as well as its use of
    commenting to disable services, rather than an in-syntax way to
    disable a service without commenting it out.  Submissions here
    would probably be welcome.

(2) There's some overlap between settings in the somewhat obtuse
    Security Profile mechanism and other settings, including the inetd
    setting, and NFS server configuration.  As features become
    individually tunable, they should probably be removed from the
    security profile mechanism.  Otherwise, somewhat counter-intuitively,
    sysinstall (in practice) queries multiple times whether inetd, nfsd,
    etc, should be enabled/disabled.  A possible future direction might
    be to drive profiles not by degree of paranoia, rather, the set
    of services desired.  Or simply to remove the Security Profile
    mechanism and resort to feature-driven configuration.

Reviewed by:	imp, chris, jake, nate, -arch, -stable
2001-08-02 03:25:16 +00:00
rwatson
94944fe1ac Default to disabling all inetd.conf entries, in particular, telnetd
and ftpd.  This more conservative default reduces the exposure of
freshly installed machines, which is especially valuable for machines
that receive minimal further configuration before being put into
production.  Generally speaking, SSH has superseded the use of both
telnet and ftp in many environments.  In light of recent remotely
exploitable security holes in both telnetd and ftpd, this choice
retains flexibility (both telnetd and ftpd daemons remain installed
and easily enableable) while protecting users who don't need the
additional risk.  This change brings our configuration into line with
the majority of other UNIX vendors, including OpenBSD and NetBSD.

To address the concerns of those requiring remote access via telnet
from first install, changes will shortly be committed to sysinstall
to provide the ability to edit inetd.conf during the installation
process, allowing telnetd and ftp to be re-enabled during the
installation process.

While I'm at it, slightly improve commenting for inetd.conf so that
it's more clear to users how to enable and disable services.
Further commenting to indicate the functions of various columns would
probably also be useful.

Reviewed by:	imp, chris, jake, nate, -arch, -stable
2001-08-02 02:19:56 +00:00
mjacob
adf7db76a0 Oops- don't set 'goal' twice when you mean to set 'nvrm' as well.
This breaks bogus NVRAM boards.

MFC after:	1 day
2001-08-02 00:34:56 +00:00
kris
4d5e995904 A good sysadmin always carries around a few feet of fiber. If he ever
gets lost, he simply drops the fiber on the ground, waits ten minutes,
then asks the backhoe operator for directions.
                -- Bill Bradford <mrbill@mrbill.net>

Submitted by:	Kris Kirby <kris@catonic.net>
2001-08-01 22:51:09 +00:00
mjacob
0678b82ae7 Revert part of previous- I misunderstood the use of 'ncpus'- I thought it'd
been hack to keep clocks from being reinitialized.
2001-08-01 20:35:42 +00:00
peter
0de87998a0 Temporarily back out kern_sig.c rev 1.125 and kern_exit.c rev 1.131.
This paniced my one of my machines one time too many :-( and there is
no sign of a solution in the pipeline.  The deltas are still easily
available in cvs.  The problem is that if the parent has been swapped
out, the child process cannot grope around in the parent's UPAGES to
see the sigact[] array or it will fault.  This probably is a showstopper
for this implementation anyway.
2001-08-01 20:35:24 +00:00
dd
4d237c9e09 Fix grammar nit. 2001-08-01 20:16:12 +00:00
dougb
822a6993fd Scratch an itch of long standing by adding entries for the most
commonly used x11 ports
2001-08-01 20:13:49 +00:00
dd
09073e5891 Oops, note MFC of UFS_DIRHASH. 2001-08-01 20:08:37 +00:00
dd
f1220ba73d Fix previous commit: actually move the UFS_DIRHAS stuff, not the
ddb(4) stuff.  I have *no* idea how I managed to screw that up.
2001-08-01 20:07:51 +00:00
dd
8a8c43fd3a Move the UFS_DIRHASH paragraph to 'filesystems' and note its MFC. 2001-08-01 20:05:36 +00:00
dd
9b1b8d230a Note MFCs: WARNS, GCC_OPTIONS, and GNATS. 2001-08-01 20:04:19 +00:00
dougb
2c928a33be I could have sworn I did this already, but obviously I didn't. So,
take another stab at updating the IANA web page.
2001-08-01 19:48:12 +00:00
imp
47a8510abe TI cardbus bridges, 12xx and newer, have an interesting register. It
is the diagnostics register at offset 0x93.  When bit 5 is set in this
register, bits 4-7 in ExCA register 0x5 being 0000 are required for
pci interrupt routing.  When it is clear, then bit 4 of ExCA register
0x3 is used to enable it.

The only other issue is that when you route interrupts this way, you
must read ExCA register 0x4 in order to clear the interrupt, else you
get an interrupt storm.

Deal with this requirement by setting things up.  It is believed that
this won't hurt other chipsets, but other chipsets may require their
own work arounds.
2001-08-01 19:41:56 +00:00
mjacob
624d979e94 Don't initialize a clock twice (it's not a function of number of
cpus).
2001-08-01 19:40:11 +00:00