Commit Graph

62657 Commits

Author SHA1 Message Date
Robert Watson
0c09bcb0e8 Compensate for default disabling of network services in inetd.conf(5)
by providing the opportunity to edit inetd.conf during the system
installation process.  The following modifications were made:

(1) Expand the Anonymous FTP description dialog to indicate that inetd
    and ftpd must be enabled before it can be used.

(2) Introduce a new configInetd() pair of dialogs, the first describing
    inetd, giving a couple of examples of services that require it, and
    hinting at potential risk, then asking the user if they wish to
    enable it.  The second indicates that inetd.conf must be configured
    to enabled specific services, and asks if the user would like to
    load inetd.conf into the editor to modify it.  Add this
    configuration action to the index.

There are some further improvements that might be considered:

(1) Provide a more inetd.conf-specific configuration tool that speaks
    inetd.conf(5).  However, this is made difficult by the "yet another
    configuration format" nature of inetd.conf, as well as its use of
    commenting to disable services, rather than an in-syntax way to
    disable a service without commenting it out.  Submissions here
    would probably be welcome.

(2) There's some overlap between settings in the somewhat obtuse
    Security Profile mechanism and other settings, including the inetd
    setting, and NFS server configuration.  As features become
    individually tunable, they should probably be removed from the
    security profile mechanism.  Otherwise, somewhat counter-intuitively,
    sysinstall (in practice) queries multiple times whether inetd, nfsd,
    etc, should be enabled/disabled.  A possible future direction might
    be to drive profiles not by degree of paranoia, rather, the set
    of services desired.  Or simply to remove the Security Profile
    mechanism and resort to feature-driven configuration.

Reviewed by:	imp, chris, jake, nate, -arch, -stable
2001-08-02 03:25:16 +00:00
Robert Watson
f2419a7154 Default to disabling all inetd.conf entries, in particular, telnetd
and ftpd.  This more conservative default reduces the exposure of
freshly installed machines, which is especially valuable for machines
that receive minimal further configuration before being put into
production.  Generally speaking, SSH has superseded the use of both
telnet and ftp in many environments.  In light of recent remotely
exploitable security holes in both telnetd and ftpd, this choice
retains flexibility (both telnetd and ftpd daemons remain installed
and easily enableable) while protecting users who don't need the
additional risk.  This change brings our configuration into line with
the majority of other UNIX vendors, including OpenBSD and NetBSD.

To address the concerns of those requiring remote access via telnet
from first install, changes will shortly be committed to sysinstall
to provide the ability to edit inetd.conf during the installation
process, allowing telnetd and ftp to be re-enabled during the
installation process.

While I'm at it, slightly improve commenting for inetd.conf so that
it's more clear to users how to enable and disable services.
Further commenting to indicate the functions of various columns would
probably also be useful.

Reviewed by:	imp, chris, jake, nate, -arch, -stable
2001-08-02 02:19:56 +00:00
Matt Jacob
d51456f800 Oops- don't set 'goal' twice when you mean to set 'nvrm' as well.
This breaks bogus NVRAM boards.

MFC after:	1 day
2001-08-02 00:34:56 +00:00
Kris Kennaway
9070692e9d A good sysadmin always carries around a few feet of fiber. If he ever
gets lost, he simply drops the fiber on the ground, waits ten minutes,
then asks the backhoe operator for directions.
                -- Bill Bradford <mrbill@mrbill.net>

Submitted by:	Kris Kirby <kris@catonic.net>
2001-08-01 22:51:09 +00:00
Matt Jacob
d82784053e Revert part of previous- I misunderstood the use of 'ncpus'- I thought it'd
been hack to keep clocks from being reinitialized.
2001-08-01 20:35:42 +00:00
Peter Wemm
aa7a4dae6d Temporarily back out kern_sig.c rev 1.125 and kern_exit.c rev 1.131.
This paniced my one of my machines one time too many :-( and there is
no sign of a solution in the pipeline.  The deltas are still easily
available in cvs.  The problem is that if the parent has been swapped
out, the child process cannot grope around in the parent's UPAGES to
see the sigact[] array or it will fault.  This probably is a showstopper
for this implementation anyway.
2001-08-01 20:35:24 +00:00
Dima Dorfman
635751fa8c Fix grammar nit. 2001-08-01 20:16:12 +00:00
Doug Barton
778c176942 Scratch an itch of long standing by adding entries for the most
commonly used x11 ports
2001-08-01 20:13:49 +00:00
Dima Dorfman
4880a1221e Oops, note MFC of UFS_DIRHASH. 2001-08-01 20:08:37 +00:00
Dima Dorfman
9130d3cc55 Fix previous commit: actually move the UFS_DIRHAS stuff, not the
ddb(4) stuff.  I have *no* idea how I managed to screw that up.
2001-08-01 20:07:51 +00:00
Dima Dorfman
073a5d3980 Move the UFS_DIRHASH paragraph to 'filesystems' and note its MFC. 2001-08-01 20:05:36 +00:00
Dima Dorfman
fdf72b194b Note MFCs: WARNS, GCC_OPTIONS, and GNATS. 2001-08-01 20:04:19 +00:00
Doug Barton
48b3cebbee I could have sworn I did this already, but obviously I didn't. So,
take another stab at updating the IANA web page.
2001-08-01 19:48:12 +00:00
Warner Losh
53af1c8a3d TI cardbus bridges, 12xx and newer, have an interesting register. It
is the diagnostics register at offset 0x93.  When bit 5 is set in this
register, bits 4-7 in ExCA register 0x5 being 0000 are required for
pci interrupt routing.  When it is clear, then bit 4 of ExCA register
0x3 is used to enable it.

The only other issue is that when you route interrupts this way, you
must read ExCA register 0x4 in order to clear the interrupt, else you
get an interrupt storm.

Deal with this requirement by setting things up.  It is believed that
this won't hurt other chipsets, but other chipsets may require their
own work arounds.
2001-08-01 19:41:56 +00:00
Matt Jacob
802f355a3f Don't initialize a clock twice (it's not a function of number of
cpus).
2001-08-01 19:40:11 +00:00
David E. O'Brien
67c5850a34 Correct the version number. 2001-08-01 18:35:54 +00:00
Guy Helmer
3b62c20eda Add "use Fcntl" to resolve O_RDWR|O_CREAT|O_EXCL macros used in
new sysopen call.

PR:		29366 (in part)
2001-08-01 16:32:36 +00:00
Dima Dorfman
d81b7e782a mdoc(7) police: remove hard sentence breaks. 2001-08-01 16:07:50 +00:00
Guy Helmer
80b9c37313 Install the new password file with pwd_mkdb, not the old one.
PR:		29366 (in part)
2001-08-01 15:27:39 +00:00
Dima Dorfman
0fbd88f52a New release notes: file(1) update.
Note MFCs: install(1) cleanup, bzip2 import, libpcap update.
2001-08-01 14:22:27 +00:00
Sheldon Hearn
86f478757a MFS: in HISTORY section, fix release number of first appearance 2001-08-01 12:15:21 +00:00
Sheldon Hearn
b47d4cf924 Fix broken Fn calls; Fn doesn't take a manual page section as an
argument.

Terminate the last sentence with a period.
2001-08-01 12:04:32 +00:00
Thomas Gellekum
399a82cd5d Don't wait for a keypress in INT 16 function 01, just return the current
state. This fixes Easytrax.
2001-08-01 11:47:06 +00:00
Ian Dowse
02b31a0ee9 Fix a client-side memory leak in nfs_flush(). The code allocates
a temporary array to store struct buf pointers if the list doesn't
fit in a local array. Usually it frees the array when finished,
but if it jumps to the 'again' label and the new list does fit in
the local array then it can forget to free a previously malloc'd
M_TEMP memory.

Move the free() up a line so that it frees any previously allocated
memory whether or not it needs to malloc a new array.

Reviewed by:	dillon
2001-08-01 10:25:13 +00:00
David E. O'Brien
57a72165c7 style(9) 2001-08-01 07:05:51 +00:00
Eric Melville
2180c55b9c Update man page to actually match the source.
PR:		7456
2001-08-01 06:23:00 +00:00
David E. O'Brien
b1161924f8 This is actually making its enterance in FreeBSD 4.4. 2001-08-01 05:53:12 +00:00
David E. O'Brien
2e934ddd39 style(9) 2001-08-01 05:12:39 +00:00
Greg Lehey
d505403792 open_device: Recognize ar device.
Submitted by:  Valery Kotchiev <valery@rudiment.dk>
2001-08-01 04:35:28 +00:00
David E. O'Brien
81c6395691 It appears we really shouldn't be following this example man page -- one
should not use a `%' in examples.

I don't know if this is the consensus of doc@, or just a unilateral decision
of committer that corrected my following of this example.  Maybe a docs
person could review these files and see if they still show current guidelines.
2001-08-01 04:27:48 +00:00
Gregory Neil Shapiro
9078d242bf Revert change to always include _FFR_TLS_O_T as it requires FEATURE(access_db)
Problem found by:	nsayer
2001-08-01 02:12:39 +00:00
David E. O'Brien
7ed17c0fba Remove a misplaced space. 2001-08-01 02:09:09 +00:00
Gregory Neil Shapiro
7189f389b7 Note the import of sendmail 8.11.5 2001-08-01 01:40:56 +00:00
Gregory Neil Shapiro
e9b61c96b8 Update FreeBSD import information 2001-08-01 01:36:17 +00:00
Gregory Neil Shapiro
6dbce3c381 Resolve conflicts from import of sendmail 8.11.5 2001-08-01 01:34:52 +00:00
Gregory Neil Shapiro
d8318f16e2 This commit was generated by cvs2svn to compensate for changes in r80785,
which included commits to RCS files with non-trunk default branches.
2001-08-01 01:33:27 +00:00
Gregory Neil Shapiro
13058a9161 Import sendmail 8.11.5 2001-08-01 01:33:27 +00:00
Bosko Milekic
bb6f838c79 Move CPU_ABSENT() macro to smp.h, where it belongs anyway. It will be
defined to 0 in the non-SMP case, which very much makes sense as it
permits its usage in per-CPU initialization loops (for an example, check
out subr_mbuf.c).
  Further, on a UP system, make mb_alloc always use the first per-CPU
container, regardless of cpuid (i.e. remove reliability on cpuid in the
UP case).

Requested by: alfred
2001-08-01 00:54:00 +00:00
Bill Fenner
46da4bc6fc Update our bpf.h with tcpdump.org's new DLT_ types.
Use our bpf.h instead of tcpdump.org's to build libpcap.
2001-07-31 23:27:06 +00:00
John Baldwin
36c2e9feb4 Apply the cluebat to myself and undo the await() -> mawait() rename. The
asleep() and await() functions split the functionality of msleep() up into
two halves.  Only the asleep() half (which is what puts the process on the
sleep queue) actually needs the lock usually passed to msleep() held to
prevent lost wakeups.  await() does not need the lock held, so the lock
can be released prior to calling await() and does not need to be passed in
to the await() function.  Typical usage of these functions would be as
follows:

        mtx_lock(&foo_mtx);
        ... do stuff ...
        asleep(&foo_cond, PRIxx, "foowt", hz);
        ...
        mtx_unlock&foo_mtx);
        ...
        await(-1, -1);

Inspired by:	dillon on the couch at Usenix
2001-07-31 22:06:56 +00:00
Brian Somers
317e74fd2b Don't include a NUL at the end of our CHAP SUCCESS packet.
When encryption (MPPE) is enabled, WindowsME and Windows98 both
fail because of the extra byte, suggesting that they autheticated
successfully in their log and then dropping the connection, telling
the user that the peer doesn't support compatible encryption
options.

MFC after: 1 week
2001-07-31 21:36:00 +00:00
Eric Melville
b8ae14f673 Reword for consistency. 2001-07-31 21:30:57 +00:00
John Baldwin
e9121d0663 Add a safety belt to mawait() for the (cold || panicstr) case identical to
the one in msleep() such that we return immediately rather than blocking.

Submitted by:	peter
Prodded by:	sheldonh
2001-07-31 20:57:57 +00:00
John Baldwin
b0606ca15f Add in a hack to support IBM "El Torito" CD-ROM booting BIOS's which expect
the first sector of the emulated floppy to contain a valid MS-DOS BPB that
it can modify.  Since boot1 is the first sector of boot.flp, this resulted
in the BIOS overwriting part of boot1: specifically the function used to
read in sectors from the disk.

Submitted by:	Mark Peek <mark@whistle.com>
Submitted by:	Doug Ambrisko <ambrisko@ambrisko.com>
PR:		i386/26382
Obtained from:	NetBSD, OpenBSD (the example BPB)
MFC after:	1 month
2001-07-31 19:50:09 +00:00
Wilko Bulte
a079a625af 164LX can have SRM or AlphaBIOS in flash. 2001-07-31 18:43:40 +00:00
John Baldwin
5cb0fbe47e If we have already panic'd then don't bother enforcing mutex asserts as
things are pretty much shot already and all panic'ing does is hurt our
chances of getting a dump.

Inspired by:	sheldonh
2001-07-31 17:45:50 +00:00
John Baldwin
32bca5fe03 - Fix panicstr checks to explicitly check against NULL.
- Add a few more panicstr checks so that we don't panic recursively.

Requested by:	sheldonh (2)
2001-07-31 17:44:57 +00:00
Robert Watson
e7f65fdcf9 o Modify p_candebug() such that there is no longer automatic acceptance
of debugging the current process when that is in conflict with other
  restrictions (such as jail, unprivileged_procdebug_permitted, etc).
o This corrects anomolies in the behavior of
  kern.security.unprivileged_procdebug_permitted when using truss and
  ktrace.  The theory goes that this is now safe to use.

Obtained from:	TrustedBSD Project
2001-07-31 17:25:12 +00:00
Bill Paul
89b1abc0bf Re-order things slightly in the RX handler for VLAN support: we need
call vlan_input_tag() after stripping the ether header from the frame
with m_adj(), not before.

Noticed by: Brooks Davis <brooks@one-eyed-alien.net>
2001-07-31 16:38:58 +00:00
Mark Peek
545d32087b Only pull in the MD files if they exist. This allows for progressive
implementation and compilation when bringing up a new architecture.
2001-07-31 16:34:52 +00:00