a new jail parameter node with the following parameters:
allow.mount.devfs:
allow mounting the devfs filesystem inside a jail
allow.mount.nullfs:
allow mounting the nullfs filesystem inside a jail
Both parameters are disabled by default (equals the behavior before
devfs and nullfs in jails). Administrators have to explicitly allow
mounting devfs and nullfs for each jail. The value "-1" of the
devfs_ruleset parameter is removed in favor of the new allow setting.
Reviewed by: jamie
Suggested by: pjd
MFC after: 2 weeks
process. Normally it will cause the child to exit followed by the
termination of the supervisor after removing the pidfile.
This looks like desirable behavior, because termination of a
supervisor usually supposes termination of its charge. Also it will
fix the issue with stale pid files after reboot due to init kills a
supervisor before its child exits.
MFC after: 2 weeks
not to leak the descriptor after exec(3). This raises the issue for
daemon(3) of the pidfile lock to be lost when the child process
executes.
To solve this and also to have the pidfile cleaned up when the program
exits, if a pidfile is specified, spawn a child to exec the command
and wait in the parent keeping the pidfile locked until the child
process exits and remove the file.
Reported by: Andrey Zonov <andrey zonov org>
Suggested by: pjd
Reviewed by: pjd
MFC after: 2 weeks
starting up before the previous script finishes. This prevents an
infinite number of them from piling up and slowing a system down.
Since all the refactoring to make this happen required churning the
indenting of most of this file, make the indentation more consistent.
Reviewed by: simon
MFC after: 1 week
The reasoning behind this, is that if we are consistent in our
documentation about the uint*_t stuff, people will be less tempted to
write new code that uses the non-standard types.
I am not going to bump the man page dates, as these changes can be
considered style nits. The meaning of the man pages is unaffected.
MFC after: 1 month
At first, I added a utility called utxrm(8) to remove stale entries from
the user accounting database. It seems there are cases in which we need
to perform different operations on the database as well. Simply rename
utxrm(8) to utx(8) and place the old code under the "rm" command.
In addition to "rm", this tool supports "boot" and "shutdown", which are
going to be used by an rc-script which I am going to commit separately.
A new jail(8) option "devfs_ruleset" defines the ruleset enforcement for
mounting devfs inside jails. A value of -1 disables mounting devfs in
jails, a value of zero means no restrictions. Nested jails can only
have mounting devfs disabled or inherit parent's enforcement as jails are
not allowed to view or manipulate devfs(8) rules.
Utilizes new functions introduced in r231265.
Reviewed by: jamie
MFC after: 1 month
do not guard it by WITH_KVM ifdef. This allows to build
ifmcstat(8) without kvm(3) support.
PR: bin/164353
Submitted by: Ivan Rozhuk
MFC after: 2 weeks
data changes.
cam_ccb.h: Add a new advanced information type, CDAI_TYPE_RCAPLONG,
for long read capacity data.
cam_xpt_internal.h:
Add a read capacity data pointer and length to struct cam_ed.
cam_xpt.c: Free the read capacity buffer when a device goes away.
While we're here, make sure we don't leak memory for other
malloced fields in struct cam_ed.
scsi_all.c: Update the scsi_read_capacity_16() to take a uint8_t * and
a length instead of just a pointer to the parameter data
structure. This will hopefully make this function somewhat
immune to future changes in the parameter data.
scsi_all.h: Add some extra bit definitions to struct
scsi_read_capacity_data_long, and bump up the structure
size to the full size specified by SBC-3.
Change the prototype for scsi_read_capacity_16().
scsi_da.c: Register changes in read capacity data with the transport
layer. This allows the transport layer to send out an
async notification to interested parties. Update the
dasetgeom() API.
Use scsi_extract_sense_len() instead of
scsi_extract_sense().
scsi_xpt.c: Add support for the new CDAI_TYPE_RCAPLONG advanced
information type.
Make sure we set the physpath pointer to NULL after freeing
it. This allows blindly freeing it in the struct cam_ed
destructor.
sys/param.h: Bump __FreeBSD_version from 1000005 to 1000006 to make it
easier for third party drivers to determine that the read
capacity data async notification is available.
camcontrol.c,
mptutil/mpt_cam.c:
Update these for the new scsi_read_capacity_16() argument
structure.
Sponsored by: Spectra Logic
better to leave the pidfile open where it was. Add a note to the
man page describing pidfile strategies to use if the daemon is to
be run as a user other than root.
- Move the reinstall logic to be before menus are initialised
(menus are not needed when reinstalling a zonefile).
- Remove unnecessary re-initialization of path_db.
- Update variable name and error message because we now use the
zone name relative to /usr/share/zoneinfo, not the full path.
pr: bin/164041
Submitted by: Devin Teske <dteske vicor com>
MFC after: 1 week
jail(8) does a chdir(2) to the given path argument. Kernel evaluates the
jail path from the new cwd and not from the original cwd, which leads to
undesired behavior if given a relative path.
Reviewed by: jamie
MFC after: 2 weeks
error: variable 'clnt_stat' set but not used
Approved by: dim, cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after: 3 days
error: variable 'parentrecnum' set but not used
Approved by: dim, cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after: 3 days
error: variable 'temp' set but not used
Approved by: dim
Approved by: cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after: 3 days
error: variable 'dirp' set but not used
error: variable 'dirplen' set but not used
Approved by: dim, cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after: 3 days