- if operating "as them" (su -l), use pam_{open,close}_session()
- allow PAM to override $HOME (pam_chroot needs this)
- chdir early, because later on we may be chrooted and chdir will fail
Also use pid_t instead of int where applicable.
FreeBSD. This method attempts to centralize all the necessary hacks
or work arounds in one of two places in the tree (src/Makefile.inc1
and src/tools/build). We build a small compatibility library
(libbuild.a) as well as selectively installing necessary include
files. We then include this directory when building host binaries.
This removes all the past release compatibilty hacks from various
places in the tree. We still build on tip of stable and current. I
will work with those that want to support more, although I anticipate
it will just work.
Many thanks to ru@, obrien@ and jhb@ for providing valuable input at
various stage of implementation, as well as for working together to
positively effect a change for the better.
print a warning, and set the idletime variable for the entry to -1;
then pick up the -1 later in sprint() and lprint() and ignore those
idle times by printing just whitespace. When third party applications,
such as kdm, insert utmp entries, they sometimes use strings like ":0",
which can't be stat()'d and currently result in warnings that are
not helpful to the user.
(See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt)
This fulfills the host requirements for userland support by
way of the setsockopt() IP_EVIL_INTENT message.
There are three sysctl tunables provided to govern system behavior.
net.inet.ip.rfc3514:
Enables support for rfc3514. As this is an
Informational RFC and support is not yet widespread
this option is disabled by default.
net.inet.ip.hear_no_evil
If set the host will discard all received evil packets.
net.inet.ip.speak_no_evil
If set the host will discard all transmitted evil packets.
The IP statistics counter 'ips_evil' (available via 'netstat') provides
information on the number of 'evil' packets recieved.
For reference, the '-E' option to 'ping' has been provided to demonstrate
and test the implementation.
signal never affects su directly, some shells changes its pgrp at running
or suspended time, so a broadcast SIGTSTP from child will mess up su's job
control.
Discussed with: bde
the child process, before executing the command. This is very useful
when you do stuff like ``find ... | xargs interactive_application''.
Without -o, the application would inherit the pipe as its stdin, and
you thus lose any control over it.
This flag has been carefully chosen to not conflit with other options
of other xargs utilities like GNU xargs.
Reviewed by: jmallett
careless users vulnerable to terminal control sequence attacks,
since they expect uudecode to just drop (or overwrite) a file in
the current directory. POSIX also says that the full pathname from
the input should be used when writing a file, which we only do if
the -s (shoot me in the foot) option is specified; therefore this
revision means that you now need to use -s for standard /dev/stdout
handling.
Kernel:
Change statistics to use the *uptime() timescale (ie: relative to
boottime) rather than the UTC aligned timescale. This makes the
device statistics code oblivious to clock steps.
Change timestamps to bintime format, they are cheaper.
Remove the "busy_count", and replace it with two counter fields:
"start_count" and "end_count", which are updated in the down and
up paths respectively. This removes the locking constraint on
devstat.
Add a timestamp argument to devstat_start_transaction(), this will
normally be a timestamp set by the *_bio() function in bp->bio_t0.
Use this field to calculate duration of I/O operations.
Add two timestamp arguments to devstat_end_transaction(), one is
the current time, a NULL pointer means "take timestamp yourself",
the other is the timestamp of when this transaction started (see
above).
Change calculation of busy_time to operate on "the salami principle":
Only when we are idle, which we can determine by the start+end
counts being identical, do we update the "busy_from" field in the
down path. In the up path we accumulate the timeslice in busy_time
and update busy_from.
Change the byte_* and num_* fields into two arrays: bytes[] and
operations[].
Userland:
Change the misleading "busy_time" name to be called "snap_time" and
make the time long double since that is what most users need anyway,
fill it using clock_gettime(CLOCK_MONOTONIC) to put it on the same
timescale as the kernel fields.
Change devstat_compute_etime() to operate on struct bintime.
Remove the version 2 legacy interface: the change to bintime makes
compatibility far too expensive.
Fix a bug in systat's "vm" page where boot relative busy times would
be bogus.
Bump __FreeBSD_version to 500107
Review & Collaboration by: ken
This option is present on most uuidgen(1) implementations even
though normal file redirection can be used to achieve the same.
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
int, long int or u_int32_t. This changes the interface of
all the CRC calculation and output functions from cksum.
- Print variables of type off_t as intmax_t using a cast and %jd.
- Use the standardized uint32_t type instead of u_int32_t.
To have uint32_t defined, include <stdint.h> where necessary.
Style(9):
- Move #include directives where they belong (esp. crc32.c).
- Add empty lines between #include directives of system headers,
standard library headers and local headers.
- Test a pointer value against NULL.
- Put a space after the return keyword.
PR: bin/48424
KTR_DROP set in its header, then we output an extra line to stdout to
indicate that events were dropped between the previous record and this
record. It is a bit trickier because we need to always notify the user
if events are dropped even if KTR_DROP is set on a record of a type that
we aren't interested in since kdump(8) doesn't know if the dropped events
were of the types that the user has requested. To avoid outputting
multiple events dropped notices in between actual event logs, a state
variable is set whenever a drop is logged and cleared whenever an actual
record is output.
Requested by: phk
