<security/pam_misc.h>. It declares a function parameter named 'send',
so nothing that includes both <unistd.h> (which declares send(2)) and
<security/pam_misc.h> be compiled with WARNS=2 unless NO_WERRROR is
set.
Fixed order of WARNS.
renames/rotations) only detected cases where the file itself was
moved or deleted. If part of the path to the file (or a symlink
in the path) was changed instead, tail would not notice.
Fix this by ensuring that we stat the path at least once every
second in the -F case to check for changes. We still use kqueue
when possible to inform us quickly when the file has changed.
PR: bin/24955
Submitted by: Maxim Konovalov <maxim@macomnet.ru>
MFC after: 1 week
used so often that it's worth keeping it as a builtin.
Now that all the printf invocations from within the system startup
scripts, we can safely remove it.
Urged by: sheldonh :)
No MFC is planned so far because it may break compatibility and
violate POLA.
the 'You have mail.' check. This is useful for sites that rely on
remote mail access, rather than a local mail spool. Due to the
behavior of login_getcapbool(), the negated form is required so as
to have appropriate results.
o This behavior may have to be independently added to sshd due to
redundant implementation.
replaced with the new version in sendmail's distribution, vacation and
the necessary libraries (libsmdb and libsmutil) were changed so they
were always compiled. This broke people who didn't checkout
src/contrib/sendmail/. I don't know if it's best to think of NO_SENDMAIL
as no sendmail sources available or no sendmail binary. It is now the former.
Also, remove the sendmail chapter from System Managers Manual (SMM) if
NO_SENDMAIL is defined (for similar reasons -- source not available).
PR: 31863, 31865
Submitted by: matusita, Joe Kelsey <joe@zircon.seattle.wa.us>
MFC after: 3 days
constant, just in case uint32_t turns into a `short' ten years from now.
If this is MFC'd it will be necessary to hard-code the constant since
-stable doesn't have UINT32_MAX.
the currently-running kernel (and supercedes an executable file argument
given). With this change, properly-compiled KLD modules are now
able to be profiled.
Obtained from: NAI Labs CBOSS project
Funded by: DARPA
- ANSIfy function declarations
- braces around initializers structs within structs
- add parens in complicated expressions
- disambiguate dangling elses
- no more implicit int
- make functions static where possible
- use prototypes
- don't use varargs hack for diag()
Requested by: joerg
MFC after: 2 weeks
target devices, not just individual devices and directories. This
permits activities such as:
ttyv0 0600 /dev/dsp*
Whereas previously that was not supported. This change is
backwards-compatible, except where device names included globbing
characters, which is not the case for any devices listed in MAKEDEV.
Submitted by: Maxime Henrion <mux@qualys.com>
MFC after: 3 weeks
AF_INET6 and AF_UNIX sockaddrs, and will recognize accept(), bind(),
connect(), getpeername() and getsockname() as syscalls taking sockaddr
arguments. Some enterprising soul might want to add (and test) support
for the send() / recv() family of syscalls as well.
MFC after: 1 week
PR: bin/6015
Submitted by: myself (schweikh)
Patch by: Alexey V.Neyman <alex.neyman@auriga.ru>
Tested by: indenting my chess problem solver and running its test suite
MFC after: 3 weeks
server may not return a new line character on the final line.
o Remove the whois.networksolutions.com fallback code, which is no
longer needed.
o Instead of determining a hostname by terminating it when we see
whitespace, only allow hostname characters and terminate the string
when it's not such a character.
o Add a small optimization in a for loop.
PR: 30968
Reviewed by: -audit
MFC after: 4 days
- Restore the ability to look up network names in the networks(5)
database by passing getnetbyaddr(3) shifted network numbers,
but without duplicating the old bug that was fixed in 1.27 (we
now only shift netnums with standard netmasks). For example:
Before:
$ netstat -r
[...]
127.0.1/24 localhost UGSc 0 0 lo0
127.0.2/24 localhost UGSc 0 0 lo0
After:
$ netstat -r
[...]
subnet1/24 localhost UGSc 0 0 lo0
subnet2/24 localhost UGSc 0 0 lo0
- Only try to lookup with the forged netmask if the mask was not
explicitly specified, like it was before 1.27. For example:
Before:
$ netstat -r
net-44.ampr.org/25 localhost UGSc 0 0 lo0
net-44.ampr.org/25 localhost UGSc 0 0 lo0
After:
44.108.2/25 localhost UGSc 0 0 lo0
44.108.2.128/25 localhost UGSc 0 0 lo0
- Make sure to null-terminate the resulting string.
MFC after: 1 week
- better 8250 emulation;
- fake vertical retrace bit in Input Status #1 register
(this was lost in the VGA emu rewrite).
Submitted by: Igor Serikov <bt@turtle.pangeatech.com>
when I changed the allocator bits. This implements per-CPU mbtypes
stats by keeping net number of decrements/increments of a given mbtype
per-CPU and then summing all of the per-CPU mbtypes to produce the total
net number of allocated mbufs of the given mbtype.
Counters are carefully balanced to avoid/prevent underflows/overflows.
mbtypes stats are re-enabled with the idea that we may occasionally
(although very rarely) observe slight inconsistencies in the stat
reporting. Most of the time, we should be fine, though.
Also make appropriate modifications to netstat(1) and systat(1) to do
the necessary reporting.
Submitted by: Jiangyi Liu <jyliu@163.net>
commonly used in the United States of America to represent a
hierarchical relationship between city and state or country
("Evacuation Day in Suffolk County, Massachusetts"), but it was also
being abused to enumerate unrelated places ("Independence Day in
Albania, Mauritania").
Remove the list of countries observing All Souls' Day. This is a
widely observed holiday, and the list only included South American
contries.
There's more to do here; the list is rather patchy.
to test for a home directory don't set up the additional groups, and
as such may limit users conservatively. This does not affect the
eventual credentials selected.
EXEGRP and EXEMODE are used to install DOS (EXE format) binaries.
doscmd(1) can optionally be installed as ``setgid kmem''.
Hence the assignment operator for EXEGRP.
PR: bin/30538
Note ALL MODULES MUST BE RECOMPILED
make the kernel aware that there are smaller units of scheduling than the
process. (but only allow one thread per process at this time).
This is functionally equivalent to teh previousl -current except
that there is a thread associated with each process.
Sorry john! (your next MFC will be a doosie!)
Reviewed by: peter@freebsd.org, dillon@freebsd.org
X-MFC after: ha ha ha ha
also use this, and they shouldn't have to have their own prototypes.
- Silence warnings about constness and signedness in ttymsg(). This
includes changing the return value to a `const char *', and changing
the types of `left' and `wret' (both byte counts) to ssize_t.
Reviewed by: bde
paths are chflaged 'schg' to prevent exploit vectors when run
by cron, by a root user, or by a user other then the one owning the
binary. This applies to most of the uucp binaries, cu, tip, and
man (man was already installed properly).
MFC will occur when approved.
to resume a transfer, download the requested document into a temporary file
which we later rename. This avoids leaving half-completed files around in
case of a crash (it'll still leave a half-completed file, but with a hope-
fully non-conflicting name), and should reduce the need for human inter-
vention on ports-building machines.
The temporary file name for "foo/bar" is constructed by invoking mkstemps()
with the pattern "foo/.fetch.XXXXXX.bar"
Requested by: obrien
The compatibility glue is still provided.
(This change is not yet reflected in the manpage, nor
in usage(). This will be fixed at a later time today,
with the general manpage cleanup commit.)
Make it ``user.notice'', as per manpage.
(The syslog(3) function defaults to LOG_USER facility
if none is specified, but we don't use syslog() in the
-h case.)
PR: docs/30374
Noticed by: SUGIMURA Takashi <sugimura@jp.FreeBSD.org>
COPTS towards the end of final CFLAGS so that it can be used to
override Makefile and other defaults. Using it in Makefiles risks
having options set using it clobbered when somebody uses it on the
command line.
Approved by: bde
The remaining problem of converting highly incompatible pointer types
is done by "laundering" the value through a union.
This solves the problem (in my own mind) of how a "const char *" _ever_
actually gets a value in a WARNS=2 world.
Fixed macros for temporarily relinquishing and restoring setuid/setgid
privileges so that they never change the real user and group IDs of
the calling process.
The setre[ug]id() calls are still used in the REDUCE_PERM macro (with
the r[ug]id arguments of -1) so that the call changes the saved user
and group IDs of the process to that specified.
Also, the panic() and perr() functions had insufficient privileges to
delete the problematic file under /var/at.
documented behavior. Only a certain set of file flags were recognized,
and "no" flags did not match files that have corresponding flags bits
turned off.
Fix and extend the -flags functionality as follows:
: -flags [-|+]<flags>,<notflags>
: The flags are specified using symbolic names (see chflags(1)).
: Those with the "no" prefix (except "nodump") are said to be
: <notflags>. Flags in <flags> are checked to be set, and flags in
: <notflags> are checked to be not set. Note that this is different
: from -perm, which only allows the user to specify mode bits that
: are set.
:
: If flags are preceded by a dash (``-''), this primary evaluates
: to true if at least all of the bits in <flags> and none of the bits
: in <notflags> are set in the file's flags bits. If flags are pre-
: ceded by a plus (``+''), this primary evaluates to true if any of
: the bits in <flags> is set in the file's flags bits, or any of the
: bits in <notflags> is not set in the file's flags bits. Otherwise,
: this primary evaluates to true if the bits in <flags> exactly match
: the file's flags bits, and none of the <flags> bits match those of
: <notflags>.
MFC after: 2 weeks
fseek -> fseeko
ftell -> ftello
fseek(x, 0L, 0) -> rewind(x)
NOTE: that fseek/ftell not works for >long offsets per POSIX:
[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
[EOVERFLOW] For ftell ( ), the current file offset cannot be represented
correctly in an object of type long.
fseek -> fseeko
ftell -> ftello
NOTE: fseek/ftell not works for >long offsets per POSIX:
[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
[EOVERFLOW] For ftell ( ), the current file offset cannot be represented
correctly in an object of type long.
long -> off_t
fseek -> fseeko
NOTE: that fseek not works for >long offsets files per POSIX:
[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
strtol -> strtoll
fseek -> fseeko
NOTE: that fseek not works for >long offsets files per POSIX:
[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
long -> off_t
strtol -> strtoll
fseek -> fseeko
NOTE: that fseek not works for >long offsets files per POSIX:
[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
asprintf(3) when creating the request string, as the length of
a path is defined as unlimited by the standard and limiting the
total request to 4K is awfully arbitrary.
PR: 30054
Submitted by: Joseph Mallett <jmallett@xMach.org>
MFC after: 8 days
* When the author of an utility also wrote its manual page (a rarety, I
know), it is not necessary to say that the utility "and this manual
page" were written by the author.
o This option is not available outside of the United States and Canada.
o Because of export controls, TELNET ENCRYPT option is not supported outside
of the United States and Canada.
src/crypto/README revision 1.5 commit log says:
> Crypto sources are no longer export controlled:
> Explain, why crypto sources are still in crypto/.
and actually telnet encryption is used outside of US and Canada now.
Pointed out by: OHSAWA Chitoshi <ohsawa@catv1.ccn-net.ne.jp>
Reviewed by:no objection on doc