Commit Graph

69182 Commits

Author SHA1 Message Date
Andrey A. Chernov
3bfbfd1770 Turn on pam_opie by default. It should not affect non-OPIE users. 2002-01-19 10:31:32 +00:00
Andrey A. Chernov
6874115893 If user not exist in OPIE system, return failure immediately instead
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
2002-01-19 10:09:05 +00:00
Andrey A. Chernov
3195cd6712 Back out second right-now-expired password check in pam_sm_chauthtok,
old expired password assumed there
2002-01-19 09:23:36 +00:00
Andrey A. Chernov
a0fc79c334 Turn on pam_opie by default. It not affect non-OPIE users 2002-01-19 09:06:45 +00:00
Andrey A. Chernov
3e4f7c7f99 Add PAM_CRED_ERR as valid failure case 2002-01-19 09:01:17 +00:00
Andrey A. Chernov
e04359cdac Previous commit was incomplete, use
"[default=ignore success=done cred_err=die]"
options instead of "required"
2002-01-19 08:39:35 +00:00
Andrey A. Chernov
012400dfcd Previous commit was incomplete, use new error code PAM_CRED_ERR to
indicate die case, different from PAM_SUCCESS and PAM_AUTH_ERR
2002-01-19 08:36:47 +00:00
Warner Losh
b5bbbc47b7 Add flags 0x10000 to IO Data WN-B11/PCM's entry. Evidentally, they
changed firmware and the new cards don't work without this.

Submitted by: ume
MFC after: 3 days
2002-01-19 08:11:39 +00:00
Andrey A. Chernov
2bda025221 Remove explaining comment and pam_unix commented out, now pam_unix can be
chained with pam_opie
2002-01-19 07:32:47 +00:00
Andrey A. Chernov
d97cc81fa4 Rewrite 'pwok' fallback in the way it can be properly chained with pam_unix
Replace snprintf %s with strlcpy

Check for NULL returned from getpwnam()
2002-01-19 07:23:48 +00:00
Seigo Tanimura
af46379bcb Lock the caller process if the pid passed to getsid() or getpgid()
equals to zero.
2002-01-19 06:34:58 +00:00
Andrey A. Chernov
c0cbe6a9b8 Call opieunlock() only if we skip opieverify() part 2002-01-19 05:59:24 +00:00
Jun Kuriyama
937d2ef61a MFen (1.259 --> 1.260). 2002-01-19 05:41:17 +00:00
Seigo Tanimura
a6fccfb5f2 For getsid(), return the sid stored in struct session. This prevents
panic in case where a session has no session leader.

Inspired by:	Solaris 8
2002-01-19 05:31:51 +00:00
Bruce A. Mah
84e76dff37 New release notes: bpf(4) works better with select(2) and poll(2),
natd(8) -log_ipfw_denied.
2002-01-19 05:23:17 +00:00
Andrey A. Chernov
c8e3fac7a1 Add yet one expired-right-now password check, in pam_sm_chauthtok
srandomdev() can't be used in libraries, replace srandomdev()+random()
by arc4random()
2002-01-19 04:58:51 +00:00
Jun Kuriyama
f09fcd7190 MFen (1.257 --> 1.259). 2002-01-19 04:29:55 +00:00
Alfred Perlstein
441e1e6a49 Make compile, remove extra fdrop() calls.
Change name of function to what it's supposed to be (s/sys/do)
2002-01-19 03:52:17 +00:00
Alfred Perlstein
7e9aab77c5 make compile, add missing { and variable declaration. 2002-01-19 03:48:38 +00:00
Alfred Perlstein
083f6f9711 Semi-backout previous fgetvp change, we need the struct file pointer
to perform relative offset calculations, so use fget instead.
2002-01-19 03:45:14 +00:00
Robert Watson
080c70c1b1 o Clarify that various sysctl timing values are in milliseconds. 2002-01-19 03:44:42 +00:00
Andrey A. Chernov
a3643aa542 Change comment since fallback provided now not by ftpd but by pam_opie 2002-01-19 03:35:39 +00:00
Andrey A. Chernov
8c70adab72 Set pwok to 1 for non-OPIE users 2002-01-19 03:31:39 +00:00
Andrey A. Chernov
50356ef361 Remove conditional 'pwok' fallback for PAM which now
is implemented in pam_opie module

For non-PAM variant rewrite empty password checking code to do the right thing
and not disallow empty passwords in all cases.
2002-01-19 03:18:33 +00:00
Andrey A. Chernov
d54c36388e Add missing check for right-now-expired password 2002-01-19 02:45:24 +00:00
Andrey A. Chernov
3f9a326a7a Implement 'pwok', i.e. conditional fallback to unix password
as supposed by opieaccessfile() and opiealways()
2002-01-19 02:38:43 +00:00
Matthew Dillon
c73df808a0 Remove 'VXLOCK: interlock avoided' warnings. This can now occur in normal
operation.  The vgonel() code has always called vclean() but until we
started proactively freeing vnodes it would never actually be called with
a dirty vnode, so this situation did not occur prior to the vnlru() code.
Now that we proactively free vnodes when kern.maxvnodes is hit, however,
vclean() winds up with work to do and improperly generates the warnings.

Reviewed by:	peter
Approved by:	re (for MFC)
MFC after:	1 day
2002-01-19 02:14:45 +00:00
Alfred Perlstein
aa11a498ff undo a bit of the Giant pushdown.
fdrop isn't SMP safe as it may call into the file's close routine which
definetly is not SMP safe right now, so we hold Giant over calls to
fdrop now.
2002-01-19 01:03:54 +00:00
Nik Clayton
422702e9a8 Explain that the admin can safely power down the system as well as
rebooting.
2002-01-18 22:45:29 +00:00
Joerg Wunsch
7f3aade047 By popular demand, also include the "devlist" subcommand into the set
of commands available in the boot floppy environment.

MFC after:	1 week
2002-01-18 22:42:51 +00:00
Joerg Wunsch
075828a91a Well, RELEASE_BUILD_FIXIT has now been renamed into RELEASE_CRUNCH.
At least, the old version is still good for the MFC though (where
everything is still going the old way). ;-)
2002-01-18 22:17:35 +00:00
Ian Dowse
3db327c495 Cut more than 500 bytes off the size of the alpha boot1 by adding
a simple version of bcopy() so we avoid picking up the overly-complex
implementation in libc (via libstand). This is not necessary on
-current, but RELENG_4 has apparently just exceeded the 15-sector
limit for boot1.

Reviewed by:	wilko
2002-01-18 21:54:02 +00:00
Bruce A. Mah
d5e4d0437f Coalesce several release notes dealing with the aac(4) driver,
clean-up, and mention that it is "fully qualified and sanctioned by
Adaptec".

Requested by:	scottl (the last part, that is)
Approved by:	re (implicitly)
2002-01-18 19:10:06 +00:00
Orion Hodson
bd8e0aee01 Change ich_calibrate to busy wait on buffer fill level and use a more
likely looking rate calculation.

Install interrupt handler before calling ich_init as the initialization
occasionally generates spurious interrupts.

These changes are derived from cg's work in progress version of this
driver.
2002-01-18 18:44:41 +00:00
Kenneth D. Merry
5710d224b6 Add 'camcontrol rescan all' and 'camcontrol reset all' functionality to
camcontrol.

This enables rescanning all busses or resetting all busses in a system.
The current implementation is not the ideal way to do it -- the ideal way
to do it would be for the transport layer to handle wildcarded busses on
bus rescan and reset operations.  The current implementation enumerates all
the busses and sends a rescan or reset CCB individually.  Handling this
behavior in the transport layer will happen later.

Reviewed by:	imp
Tested by:	joerg
MFC after:	1 week
2002-01-18 18:00:00 +00:00
Andrey A. Chernov
079ae266be We don't use two-letters terminal names, so strip them out from vt520* entries 2002-01-18 17:41:54 +00:00
Bruce A. Mah
a9b95b0d62 Update PCMCIA cards (fe(4), ex(4), and ep(4) drivers).
Submitted by:	Tom Rhodes <darklogik@pittgoth.com>
2002-01-18 16:55:22 +00:00
Ruslan Ermilov
757c6a47b6 mdoc(7) police: tidy up.
Reviewed by:	chris
2002-01-18 16:46:43 +00:00
Bruce A. Mah
b35232e314 New release note: SA-02:07. 2002-01-18 16:42:43 +00:00
Ruslan Ermilov
318e66375a GC spurious -m in the usage(). 2002-01-18 16:08:29 +00:00
Ruslan Ermilov
a8be241673 MFV: Initialize %I register. 2002-01-18 15:28:32 +00:00
Ruslan Ermilov
d73b73ae30 This commit was generated by cvs2svn to compensate for changes in r89500,
which included commits to RCS files with non-trunk default branches.
2002-01-18 15:25:01 +00:00
Ruslan Ermilov
2a91b0e9f4 From ChangeLog:
: 2002-01-17  Ruslan Ermilov  <ru@FreeBSD.org>
:
: 	* tmac/doc.common: Initialize %I register for the %I macro to
: 	avoid (harmless) warning.
: 	* tmac/doc.tmac (Bd): There is no reason to enforce -compact
: 	when in the SYNOPSIS section.
2002-01-18 15:25:01 +00:00
Ruslan Ermilov
7b6edd044b Introduce an interface announcement message for the routing
socket so that routing daemons and other interested parties
know when an interface is attached/detached.

PR:		kern/33747
Obtained from:	NetBSD
MFC after:	2 weeks
2002-01-18 14:33:04 +00:00
Seigo Tanimura
98bf25aae1 Invert the test of sx_xholder for SX_LOCKED. We need to warn if a
thread other than the curthread holds an sx.

While I am here, break a line at the end of warning.
2002-01-18 09:21:15 +00:00
Yoshihiro Takahashi
8df8626ebd Added kgzldr for pc98.
crt.s is based on btx.s.
2002-01-18 09:00:38 +00:00
Marcel Moolenaar
57aace23d5 Add a definition of ddb_regs. ddb_regs is declared as extern in
db_machdep.h to fix the link failure (multiple definitions)
caused by disabling the emission of common symbols. As a result,
there were no definitions at all. While here, remove useless
declarations.
2002-01-18 07:55:23 +00:00
Marcel Moolenaar
7fdc2e1a11 Remove the definition of bootverbose. This fixes the link failure
caused by disabling the emission of common symbols.
2002-01-18 07:49:37 +00:00
Marcel Moolenaar
48ceef34eb Declare ddb_regs as extern to avoid creating a tentative definition.
This fixes the link failure caused by disabling the emission of
common symbols.
2002-01-18 07:47:38 +00:00
Peter Wemm
58815d1196 Avoid __func__ string concatenation 2002-01-18 04:41:23 +00:00