on directories.
o Allow privileged processes in jail() to create inodes with the
setgid bit set even if they are not a member of the group denoted
by the file creation gid. This occurs due to inherited gid's from
parent directories on file creation, allowing a user to create a
file with a gid that is not in the creating process's credentials.
Obtained from: TrustedBSD Project
and UFS file flags. Here's what the comment says, for reference:
Privileged processes in jail() are permitted to modify
arbitrary user flags on files, but are not permitted
to modify system flags.
In other words, privilege does allow a process in jail to modify user
flags for objects that the process does not own, but privilege will
not permit the setting of system flags on the file.
Obtained from: TrustedBSD Project
remove the setuid/setgid bits by virtue of a change to a file with those
bits set, even if the process doesn't own the file, or isn't a group
member of the file's gid.
Obtained from: TrustedBSD Project
safe as suser() no longer sets ASU.
o Note that in some cases, the PRISON_ROOT flag is used even though no
process structure is passed, to indicate that if a process structure
(and hence jail) was available, it would be ok. In the long run,
the jail identifier should probably be moved to ucred, as the uidinfo
information was.
o Some uid 0 checks remain relating to the quota code, which I'll leave
for another day.
Reviewed by: phk, eivind
Obtained from: TrustedBSD Project
- The ability to specify elements by volume tag instead of their actual
physical location. e.g., instead of:
chio move slot 3 slot 4
you would now use:
chio move voltag FOO slot 4
- The ability to return an element to its previous location, as specified
by the source element. e.g., instead of:
chio move drive 0 slot 4
you would now use:
chio return drive 0
or
chio return voltag FOO
These features will obviously only work with changers that support volume
tags and/or source element IDs. chio(1) should fail gracefully if the user
attempts to use these new features and the source element ID or volume tag
are not found.
PR: bin/21178
Submitted by: "C. Stephen Gunn" <csg@waterspout.com>
Reviewed by: ken
If a user decides to forego a make depend during "make buildkernel",
they should get what they deserve if no previous make depend has
been run for that kernel. Instead, the build process includes
special instructions to unconditionally rebuild aicasm. When aicasm
moved to its own directory, this hack broke.
Correct the hack until a get buy off on killing it.
other schedsoft*() functions since they have never been used.
Removed confused comment about not needing these functions. The
functions delay scheduling of SWIs until the next hardclock tick.
For devices that only deliver a few characters per interrupt, this
reduces the number of calls to the scheduler by a large factor (about
115 for each sio port at 115200 bps).
the 128-bit sigset_t changes by moving conditionally (rarely) executed
code to the beginning where it is always executed, and since this code
now involves 3 128-bit operations, the pessimization was relatively
large. This change speeds up lmbench's pipe latency benchmark by
3.5%.
Fixed style bugs in CURSIG().
very bloated, first with 128-bit sigset_t's, then with locking in the
SMP case, then with locking in all cases. The space bloat was probably
also time bloat, partly because the fast path through CURSIG() was
pessimized by the sigset_t changes. This change speeds up lmbench's
pipe-based latency benchmark by 4% on a Celeron. <sys/signalvar.h>
had become very polluted to support the bloat.