Commit Graph

37189 Commits

Author SHA1 Message Date
David E. O'Brien
e53bca4f44 Rather than hack config/freebsd.h to contain our hacks for a native compiler,
just include them in tm.h (as built from cc/cc_tools/Makefile).

This will reduce the diffs from the vendor sources.

Excellent idea by:	jdp
1999-04-28 18:48:08 +00:00
Dmitrij Tejblum
9ade6e676b pmap_emulate_reference: don't ever lose PV_TABLE_MOD bit on page. If
PV_TABLE_REF cleared before PV_TABLE_MOD, the page may get fault on read again.

On fault on write, pmap_emulate_reference mark the page dirty with
vm_page_dirty. That decrease ill effects of the bug.

The problem probably become more serious after my rev.1.18 a week ago.
1999-04-28 15:52:09 +00:00
Poul-Henning Kamp
75c1354190 This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing.  The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.

For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact:  "real virtual servers".

Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.

Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.

It generally does what one would expect, but setting up a jail
still takes a little knowledge.

A few notes:

   I have no scripts for setting up a jail, don't ask me for them.

   The IP number should be an alias on one of the interfaces.

   mount a /proc in each jail, it will make ps more useable.

   /proc/<pid>/status tells the hostname of the prison for
   jailed processes.

   Quotas are only sensible if you have a mountpoint per prison.

   There are no privisions for stopping resource-hogging.

   Some "#ifdef INET" and similar may be missing (send patches!)

If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!

Tools, comments, patches & documentation most welcome.

Have fun...

Sponsored by:   http://www.rndassociates.com/
Run for almost a year by:       http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
Poul-Henning Kamp
02daf150a4 Add the jail system call. 1999-04-28 11:28:49 +00:00
Dmitrij Tejblum
604359cf9b s/static foo_devsw_installed = 0;/static int foo_devsw_installed;/.
(Edited automatically)
1999-04-28 10:54:24 +00:00
Jordan K. Hubbard
78e2e8ea35 Deal with new loader syntax in determining how/when to load a userconfig
script.

Submitted by:		"Daniel C. Sobral" <dcs@newsguy.com>
Avoided by:		jkh
Demanded by:		The Users
1999-04-28 10:51:01 +00:00
Joerg Wunsch
a44388523d Mention that you can only create a block or char special file using
mknod(2).
1999-04-28 10:04:48 +00:00
KATO Takenori
482f0be026 Sync with sys/i386/isa/clock.c revision 1.132. 1999-04-28 08:06:00 +00:00
KATO Takenori
8aef41e249 Sync with sys/i386/i386/machdep.c revision 1.332. 1999-04-28 08:03:54 +00:00
David E. O'Brien
0acc1823a4 \begin{bdemode}
sort tcpd* entries
\end{bdemode}
1999-04-28 08:00:50 +00:00
Foxfair Hu
9450e47e2c Correction of better display under chinese terminal.
Submitted by : Peter_Chen.bbs@bbs.csie.nctu.edu.tw
1999-04-28 07:27:04 +00:00
Jordan K. Hubbard
da95ac4842 Write config files to /usr/share/skel as well as root's profile. 1999-04-28 07:20:11 +00:00
Jordan K. Hubbard
86190e83a3 By popular request, add /usr/local/sbin to this list. 1999-04-28 06:43:08 +00:00
Jordan K. Hubbard
a5a953fc61 Do the right thing for windowmaker installation if it's picked. Add some
seat belts for failed desktop installations.
1999-04-28 06:39:25 +00:00
Warner Losh
09fcf3f9ea Add two recent developments:
pccard is busted
	The cool new SMP stuff
1999-04-28 05:18:46 +00:00
Joseph Koshy
7d64be00b2 Correct reference to '/dev/rst0' to the more correct "/dev/rsa0".
PR:		11347
Submitted by:	Christian Weisgerber
1999-04-28 05:08:13 +00:00
Guy Helmer
b67579bd36 Explain when packets are tesed by the firewall rules and what attributes
of packets can be tested.

PR:		docs/7437
1999-04-28 02:49:29 +00:00
Luoqi Chen
d53bd1ea8d Make gdb work with kernel after the SMP vmspace sharing changes. 1999-04-28 01:27:55 +00:00
Mike Smith
f8dc47162a Allow loadable interface drivers with BPF support to be loaded into a kernel
that doesn't have it.  This is achieved by having minimal do-nothing stubs
enabled when there are no bpfilter devices configured.

Driver modules should be built with BPF enabled for maximum
convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
Luoqi Chen
5206bca10a Enable vmspace sharing on SMP. Major changes are,
- %fs register is added to trapframe and saved/restored upon kernel entry/exit.
- Per-cpu pages are no longer mapped at the same virtual address.
- Each cpu now has a separate gdt selector table. A new segment selector
  is added to point to per-cpu pages, per-cpu global variables are now
  accessed through this new selector (%fs). The selectors in gdt table are
  rearranged for cache line optimization.
- fask_vfork is now on as default for both UP and SMP.
- Some aio code cleanup.

Reviewed by:	Alan Cox	<alc@cs.rice.edu>
		John Dyson	<dyson@iquest.net>
		Julian Elischer	<julian@whistel.com>
		Bruce Evans	<bde@zeta.org.au>
		David Greenman	<dg@root.com>
1999-04-28 01:04:33 +00:00
Tim Vanderhoek
a261bdc7a2 .Xr chflags 1 , 1999-04-27 23:33:52 +00:00
Mike Smith
f4711b2df4 Simplify the tunefs example, since tunefs uses getfsfile(). Lots of
people complain about working out what device their filesystems are
mounted on.
1999-04-27 21:11:19 +00:00
David E. O'Brien
3f1ea226c9 Simplify the definition of FBSD_SWITCH_TAKES_ARG, and make sure
SWITCH_TAKES_ARG isn't defined (which svr4.h does) when we assign our
definition to it.
1999-04-27 19:29:44 +00:00
John Polstra
7c44ad261e Eliminate compiler warning about missing type in declaration.
Remove useless initialization of static variable to 0.

Move static variable declaration into the only function that uses
it.
1999-04-27 18:47:39 +00:00
John Polstra
b1f2f2d538 Fix the code that prints the "Initializing PC-card drivers" message
so that the list of drivers is correct.  This is a slightly
simplified version of the patch from the PR.

PR:		misc/10544
Submitted by:	Christophe Colle <colle@krtkg1.rug.ac.be>
1999-04-27 18:34:13 +00:00
David E. O'Brien
512a10fde7 Wait until EGCS 1.2 to use more efficient ``thunks'' to implement C++ vtables.
While I have yet to hear of any problems with us using thunks.  The EGCS
mailing list notes some have problems with it and not using them are a
safer default.  People wanting to use them, can set the appropiate
compiler flag.
1999-04-27 15:43:56 +00:00
Jordan K. Hubbard
4d24621b10 o Make package matching for specific package loading use the Latest/
feature of packages now so that no version info is embedded.

o Add a default X desktop menu offering afterstep, enlightenment, KDE, GNOME
  and Windowmaker desktops instead of the boring twm(1) based one if the
  user so chooses.  This will require a little testing.
1999-04-27 14:33:29 +00:00
Poul-Henning Kamp
1c308b817a Change suser_xxx() to suser() where it applies. 1999-04-27 12:21:16 +00:00
Jordan K. Hubbard
618aa782be 1. Remove the hateful EDITOR=ee from root's environment; it's one
thing to use it at startup, when you don't know if the user can
   handle vi or not, but yet another thing to leave it as a permanent
   land mine for root.

2. Put /usr/X11R6/bin in path; it makes getting the desktop up a lot easier.
1999-04-27 11:55:02 +00:00
Poul-Henning Kamp
0fc6acbfe4 bump __FreeBSD_version to 400005:
suser() API changed.
1999-04-27 11:20:54 +00:00
Poul-Henning Kamp
f711d546d2 Suser() simplification:
1:
  s/suser/suser_xxx/

2:
  Add new function: suser(struct proc *), prototyped in <sys/proc.h>.

3:
  s/suser_xxx(\([a-zA-Z0-9_]*\)->p_ucred, \&\1->p_acflag)/suser(\1)/

The remaining suser_xxx() calls will be scrutinized and dealt with
later.

There may be some unneeded #include <sys/cred.h>, but they are left
as an exercise for Bruce.

More changes to the suser() API will come along with the "jail" code.
1999-04-27 11:18:52 +00:00
Jordan K. Hubbard
d5483ddfba lpd tries to be clever and checks if RM == my_hostname.
However, it doesn't check if the remote printer name it
is sending it to is the same as the local printer name,
and so chokes 'cos "laser" is not a real printer.

PR:		7081
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-04-27 07:09:18 +00:00
Masafumi Max NAKANE
f7a6848306 echo ^G^G -> echo \007\007 in loader.rc in kern.flp. 1999-04-27 05:09:43 +00:00
Tim Vanderhoek
e21de373a2 Mention that set-id bits are not honoured for shell scripts and
filesystems with the "nosuid" option.  Mention that syscall tracing
is disabled sometimes.

PR:		misc/11328
1999-04-27 03:56:10 +00:00
Jordan K. Hubbard
c89686d6b7 If pkg_info is run with no args, default to "-aI". 1999-04-27 02:30:27 +00:00
Luoqi Chen
e07fcb3e2e Make options like NO_F00F_HACK work (with context sensitive lexical rules). 1999-04-27 01:37:01 +00:00
Brian Somers
24de4f3b19 Specify the ssh command to use for a VPN inline. 1999-04-27 00:25:22 +00:00
Brian Somers
a8d7acdc03 Change ``set device'' so that it parses its arguments as one
device per argument rather than the old way of concatenating
everything then splitting the result at commas and whitespace.

Old syntax of ``set device /dev/cuaa0, /dev/cuaa1''
may no longer contain the comma, but syntax such as
``set device "!ssh host ppp -direct label"'' is now
possible.
1999-04-27 00:23:57 +00:00
Kenneth D. Merry
5007fcb30f Fix from Justin for transfer negotiations for targets up to target ID 7. 1999-04-26 22:03:44 +00:00
Luigi Rizzo
0024d1db07 Add support for printing bridging statistics with ``-p bdg '' .
If someone has a better flag to use I'll be glad to change it.
1999-04-26 16:11:50 +00:00
Luigi Rizzo
1e83f7627b Make one pass through the firewall the default.
Multiple pass (which only affects dummynet) is too confusing.
1999-04-26 14:57:24 +00:00
Kris Kennaway
d662d4b701 Move an option outside of a nested list and up a bit to live free among
its brothers and sisters.
1999-04-26 14:08:04 +00:00
Peter Wemm
3bfdd012d8 Only call kvtop on non-null id_maddr's... 1999-04-26 12:49:39 +00:00
Peter Wemm
e306e8ea66 Temporary hack. The radix code shouldn't need this, it should be
able to expand the zeros, ones etc masks on the fly.  It seems a good
number of domains don't set the rn_maxkey variable anyway, and because
this is a domain itself, there is no guarantee we've been called after
a protocol that actually has set it (ie: inet), so start with a maxkey
of a relatively sane size as a base point until it can adapt on the fly.
1999-04-26 09:05:31 +00:00
Peter Wemm
8ba5bdae2a Protect the ifinit() function's internals with splimp() for safety since
it used to be that way. I'm not sure that it's needed, but it does
walk the ifp list..

Incidently, there's nothing to sanity check the ifq_maxlen on loaded
interfaces..
1999-04-26 09:02:40 +00:00
Peter Wemm
61a6c2e81d Minor seatbelt tweak. The init code used to be splimp() protected,
maintain that in case.
1999-04-26 09:00:47 +00:00
Peter Wemm
10cd8cf48b Register the netisr's via SYSINIT rather than linker sets. 1999-04-26 08:57:51 +00:00
Peter Wemm
b6ad3506f3 Register the local (unix domain) sockets ourselves. 1999-04-26 08:56:53 +00:00
Peter Wemm
5b23857d22 Redo domain registration to use SYSINITS rather than linker sets.
Get rid of the spl wrapper kludge, it doesn't seem to be needed between
init calls since all that's running is the domain/protocol timers and they
are safe since domain list modifications are splnet() protected (which
blocks the timers)
1999-04-26 08:56:09 +00:00
Brian Somers
7884358fdd Add support for NetBSD 1999-04-26 08:54:34 +00:00