o Add sanity checking to the firewall delete operation
which tells the user that a firewall rule
specification is required.
The previous behaviour was to exit without reporting any
errors to the user.
Approved by: bmilekic (mentor)
. Implement option -c, all partition sizes will be calculated
in cylinders as opposed to sectors. Since the Sun label is
inherently cylinder-based, this makes the job a little easier.
. Implement option -h, print the label in `human readable'
size/offset format.
. Implement SVR4-compatible VTOC-style elements. They are
fully optional, defaulting to the current behaviour where no
VTOC-style table will be written to disk. However, if
desired, the full functionality of the partitioning menu of
Solaris' format(1m) is now offered (and even more).
. When editing the label, do not loop around edit_label() where
a new template file is generated for each turn, this used to
be annoying in that any possible syntax error caused a
complaint, but then the template was created anew, so the
user had to perform all their editing again. Rather loop
inside edit_label(), similar to bsdlabel(8), so in case of
errors, the user will be presented their previous template
file again.
. If VTOC-style elements are present, the overlap checks are
made less stringent. Overlaps will still be warned about,
but overlaps of `unmountable' partitions against other ones
are no longer fatal. That way, e. g. VxVM encapsulated
disk labels can be fully edited in FreeBSD (but not in
Solaris ;-).
. In print_label(), generate the editing hints only if the -e
flag is in effect. Additionally, print a hint about the
total number of sectors in the (hardware) medium.
. When editing a label, allow for changing the geometry
emulation (and textual name) by modifying the "text:" line
on top. That way, a more effective emulation can be
chosen.
. When editing/reading a label, additionally allow for the
suffixes `s' (512-byte sectors), and `c' (cylinders) in the
partition size field.
. Finally, turn the stub man page into something that really
explains the entire thing.
Print the ETA of dump being finished, rather than a cryptic delta
time. Also, if we have written more blocks than the tapesize, assume
that we are 99.99% done and that we'll be finished 'soon'.
- Connect geom_stripe and geom_nop modules to the build.
- Connect STRIPE and NOP classes to the LINT build.
- Disconnect gconcat(8) from the build.
Supported by: Wheel - Open Technologies - http://www.wheel.pl
GEOM classes. CONCAT should be 100% compatible with existing gconcat(8)
utility, which is going to be removed.
Supported by: Wheel - Open Technologies - http://www.wheel.pl
GEOM classes. It works by loading a shared library via dlopen(3) mechanism
with class-specific code, it is also responsible for communicating with
GEOM via libgeom(3).
Per-class shared libraries are going to be stored in /lib/geom/ directory.
It provides also few standard commands like 'list', 'load' and 'unload'
for existing classes which aren't aware of geom(8).
More info will be send on freebsd-current@ mailing list.
Supported by: Wheel - Open Technologies - http://www.wheel.pl
shuffles the timing and sleep calls in bgfsck from:
sleep timer_on io timer_off io io io io io io io
to
sleep io io io io io io io timer_on io timer_off
The original method basically guaranteed that the timed I/O included a
disk seek every time, which made bgfsck sleep for much longer than
necessary.
Submitted by: Dan Nelson
Reviewed by: kirk
mac ipfw rules. The exact same sanity check is performed as
the first operation of add_mac(), so there is no sense
in doing it twice.
Approved by: bmilekic (mentor)
PR: bin/55981
root is allowed to create raw sockets, then they will be able to create
routing sockets, too. However prison-root is not able to manipulate
routing tables. So when route(8) attempts to write to a routing
socket and recieves EPERM from the kernel, exit rather than moving
on with execution.
Approved by: bmilekic (mentor)
violate POLA a little less by not requiring exactly two spaces in front
of the entry (and silently discarding any non-matching entry). We now
recognize anything starting with a letter followed by a colon as the
first non-space chars as a partition entry.
depending on namespace pollution in <sys/stat.h>. struct bintime is
only needed to satisfy leakage of kernel interfaces to userland and
namespace bugs in those interfaces...
This little thing can cause a deadlock, because taste mechanism start
to work after creation of ggate provider and I/O requests are sent from
other classes from the g_event thread, so number of pending events isn't 0.
Now ggatec(8) start second handshake and ggated(8) is trying to open
GEOM provider (for example md(4)) and it can't, because it hangs on
g_waitidle() in g_dev_open(). g_waitidle() cannot finish because
there is a pending read on event queue, and this read can't be
finished, because ggated(8) can't open target device.
GEOM Gate will recover from this deadlock, because requests will
timeout, but it of course isn't the best solution and I don't know
better one for now, so we should avoid opening GEOM providers while
there are pending requests in event queue.
not endian agnostic and thus will create big-endian GPTs on sparc64.
This we don't support. So, before gpt(8) can be used on a big-endian
machine, it has to deal with the endianness.
prior sysctl due to the structure growing between calls try again.
Also try again for deleting routes if things fail. We've seen
route -f fail this way which does not actually flush all routes.
This fixes it. It will whine but it will do the work.
PR: 56732
Obtained from: IronPort
libufs, which only works for Charlie root.
This change reverts the introduction of libufs and moves the
check into the kernel. Since the f_fstypename is the same
for both ufs and ufs2, we check fs_magic for presence of
ufs2 and copy "ufs2" explicitly instead.
Submitted by: Christian S.J. Peron <maneo@bsdpro.com>
source address of a packet exists in the routing table. The
default route is ignored because it would match everything and
render the check pointless.
This option is very useful for routers with a complete view of
the Internet (BGP) in the routing table to reject packets with
spoofed or unrouteable source addresses.
Example:
ipfw add 1000 deny ip from any to any not versrcreach
also known in Cisco-speak as:
ip verify unicast source reachable-via any
Reviewed by: luigi
use backup methods other than files and tapes. The -P argument is
a normal sh(1) pipeline with either $DUMP_VOLUME or $RESTORE_VOLUME
defined in the environment, respectively.
For example, I can back up my home to three DVD+R[W]s as so:
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/ad0s2e 40028550 10093140 26733126 27% /home
green# dump -0 -L -C16 -B4589840 -P 'growisofs -Z /dev/cd0=/dev/fd/0' /home
the NOKERNINFO flag only marginally de-clutters the output and
has a number of unwanted side effects:
o The kernel info might be what you want to see
o ^T is left non-functional if ping is killed non-cleanly
o "ping -q foo &" gets suspended on tty output
Encouraged by: bde
Now, if we have for example: ad0s1 ad0s1c ad2s1 ad2s1c and we will try
to do: gconcat label foo /dev/ad0s1 /dev/ad2s1 we'll get a panic:
panic: spoiled but dcr = 1
for inside of geom_slice class, backtrace shows:
g_access()
g_slice_access()
g_access()
g_concat_read_metadata()
We need to get a proper fix for this race before geom(8) will be committed.
WARNS=6. I don't change the WARNS level in the Makefile because I
didn't tested this on other archs.
The fs.h fix was suggested by: marcel
Reviewed by: md5(1)
- Use the %jd format and a cast to intmax_t to print an int64_t.
- The return type of getopt() is an int, not a char.
This fixes some warnings but there's still much more work to do here.
MAC support on the file system, if supported, which causes MAC to treat
each object as having its own label, rather than using a single label
for all objects on the file system. This doesn't have to be used in
combination with the tunefs/newfs flags -- it's an alternative.
length, and flags fields at the end of the SRM boot sector so that SRM can
find the bootstrap code. This fixes bsdlabel -m alpha to generate bootable
disklabels.
Reviewed by: phk
/sbin to /usr/sbin. A symlink from /sbin/nologin -> /usr/sbin/nologin
is created for compatibility purposes.
This will probably not cause any problems, but anyone who is doing
anything particularly unusual with nologin(8) or shells in general might
be well advised to check that everything still works.
Bikesheds on: cvs-all, current
On vnode backed md(4) devices over a certain, currently undetermined
size relative to the buffer cache our "lemming-syncer" can provoke
a buffer starvation which puts the md thread to sleep on wdrain.
This generally tends to grind the entire system to a stop because the
event that is supposed to wake up the thread will not happen until a fair
bit of the piled up I/O requests in the system finish, and since a lot
of those are on a md(4) vnode backed device which is currently waiting
on wdrain until a fair amount of the piled up ... you get the picture.
The cure is to issue all VOP_WRITES on the vnode backing the device
with IO_SYNC.
In addition to more closely emulating a real disk device with a
non-lying write-cache, this makes the writes exempt from rate-limited
(there to avoid starving the buffer cache) and consequently prevents
the deadlock.
Unfortunately performance takes a hit.
Add "async" option to give people who know what they are doing the
old behaviour.
- Add DECL wrappers to libgeom.h.
- Rename structure members in libgeom.h to use a lg_ prefix for member
names. This is required because a few structures had members named
'class' which made g++ very unhappy.
- Catch gstat(8) and gconcat(8) up to these API changes.
Reviewed by: phk
This adds the former ports registered groups: proxy and authpf as well as
the proxy user. Make sure to run mergemaster -p in oder to complete make
installworld without errors.
This also provides the passive OS fingerprints from OpenBSD (pf.os) and an
example pf.conf.
For those who want to go without pf; it provides a NO_PF knob to make.conf.
__FreeBSD_version will be bumped soon to reflect this and to be able to
change ports accordingly.
Approved by: bms(mentor)
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).
There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.
Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".
Tested on: i386 sparc64
- bzero the CCB header in getdevtree() and set the path properly, to
avoid having random garbage in the CCB header.
- if the lun isn't specified in a device specifier, it should default to
0, not whatever random data happens to be in the lun variable.
- move the prototype for getdevtree() out from under #ifndef MINIMALISTIC,
since it is used in both cases.
Submitted by: Marius Strobl <marius@alchemy.franken.de> (mostly)
MFC After: 2 weeks
libexec/ftp-proxy - ftp proxy for pf
sbin/pfctl - equivalent to sbin/ipf
sbin/pflogd - deamon logging packets via if_pflog in pcap format
usr.sbin/authpf - authentification shell to modify pf rulesets
Bring along some altq headers used to satisfy pfctl/authpf compile. This
helps to keep the diff down and will make it easy to have a altq-patchset
use the full powers of pf.
Also make sure that the pf headers are installed.
This does not link anything to the build. There will be a NO_PF switch for
make.conf once pf userland is linked.
Approved by: bms(mentor)
like tun are naming their modules using the 'if_; prefix and previous version of
the code failed to detect their presence in the kernel, resulting in the same
module being loaded twice.
created with the multilabel flag from inception. This simply
passes the "-l" flag on to newfs(8).
Obtained from: TrustedBSD Project
Sponsored by: DARPA, McAfee Research
permits users of newfs to set the multilabel flag on UFS1 and UFS2
file systems from inception without using tunefs.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, McAfee Research
nologin(8), this causes a considerable (100K) increase in the binary size,
so I've added a NO_LOGIN_LOG option which disables this.
While I'm here, s/sizeof(MESSAGE)/sizeof(MESSAGE) - 1/, in order to
avoid writing the string-terminating zero byte.
No complaints from: -current
Approved by: rwatson (mentor)
the corresponding manpage has been committed.
The rest of "vlan" words, which are refering
to the technology itself, should be capitalized.
MFC after: 1 week
"makedev" command for backwards compatibility, but just print out an
informational message (this was the current behaviour, anyway) and remove
it from the documentation.
Approved by: grog (mentor)
that ext2fs in the kernel supports async mounts. ext2fs used to
effectively force the -async flag on. -async for ext2fs only gives
async (more precisely, delayed) writes for inode updates, so it is
barely worth using even when it is safe.
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).
Approved by: rwatson (mentor)
- Ensure that the buffer ends with "\n\0" to avoid special cases
and allow the use of strtol().
- Use strvisx() on each complete line instead of character by
character.
Submitted by: bde
MFC after: 1 week
lookup on an IP address from the packet (such as the IP that sent
a TTL exceeded error). If the DNS lookup takes a long time, ^C will
appear to be ineffective since the SIGINT handler just sets a flag
and returns. Work around this by exiting immediately on receipt of
a second SIGINT when DNS lookups are enabled.
PR: bin/4696
MFC after: 1 week
full, since that line is almost always incomplete. Make the parsing
of <%d> lines more strict.
Also simplify the logic a little:
- Start off by making the buffer linear so that we don't have to
deal with it wrapping around (suggested by bde).
- Process line by line rather than byte at a time.
has now has no effect except in combination with -p, and plain fsck
checks all file systems instead of skipping clean ones for msdosfs
only.
Renamed the force flag to skipclean and inverted its logic as in
fsck_ffs.
combined with the the signature check in a wrong way (basically
(dirty:= signature_recognised() && !clean) instead of
(mightbedirty:= !signature_recognized || !clean), so file systems
with unrecognized signatures were considered clean. Many of the
don't-care and reserved bits were not ignored, so some file systems
with valid signatures were unrecognized. One of my FAT32 file systems
has a signature of f8,ff,ff,ff,ff,ff,ff,f7 when dirty, but only
f8,ff,ff,0f,ff,ff,ff,07 was recognised as dirty for FAT32, so the
fail-unsafeness made my file system always considered clean.
Check the i/o non-error bit in checkdirty(). Its absence would give
an unrecognized signature in code that is unaware of it, but we now
mask it out of the signature so we have to check it explicitly. This
combines naturally with the check of the clean bit.
Reviewed by: rnordier (except for final details)
better. There is a related I/O error flag which we don't support in
the kernel but must support here. (Support for bits that we don't
understand here is mostly automatic by fail-safeness, but checkdirty()
has fail-unsafeness.) There are some reserved and don't-care bits
that weren't fully documented and aren't always masked properly. The
comment about the bits in readfat() will be removed when the masking
is fixed.
Submitted by: rnordier
reorganize the printing of the interface name when using wildcard
cloning so it is not printed if it we either immediately rename or
destroy the interface.
Reviewed by: ru
in those cases:
1. File system was mounted by an unprivileged user.
2. File system was mounted by an unprivileged root user.
3. File system was mounted by a privileged non-root user.
Point 1 is when file system was mounted by unprivileged user
(sysctl vfs.usermount was equal to 1 then).
Point 2 is when file system was mounted by root, while sysctl
security.bsd.suser_enabled is set to 0 and sysctl vfs.usermount
is set to 1.
Point 3 is because we want to be ready for capabilities.
Reviewed by: rwatson
Approved by: scottl (mentor)
from the sdl because strlcpy requires that the source string be
NUL-terminated unlike strncpy.
Submitted by: Peter Jeremy <PeterJeremy at optushome dot com dot au>
name.
Prevent the kernel from potentially overflowing the interface name
variable. The size argument of strlcpy is complex because the name is
not null-terminated in sdl_data.
return for getopt() and comparing to -1, ditto with fgetc() and EOF,
and using the kg_nice value from <sys/user.h>
Submitted by: Stefan Farfeleder <stefan@fafoe.narf.at>
Reviewed by: obrien, bde (a while back)
Tested lightly on: ppc, i386, make universe
