Andrey A. Chernov
3bfbfd1770
Turn on pam_opie by default. It should not affect non-OPIE users.
2002-01-19 10:31:32 +00:00
Andrey A. Chernov
6874115893
If user not exist in OPIE system, return failure immediately instead
...
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
2002-01-19 10:09:05 +00:00
Andrey A. Chernov
3195cd6712
Back out second right-now-expired password check in pam_sm_chauthtok,
...
old expired password assumed there
2002-01-19 09:23:36 +00:00
Andrey A. Chernov
a0fc79c334
Turn on pam_opie by default. It not affect non-OPIE users
2002-01-19 09:06:45 +00:00
Andrey A. Chernov
3e4f7c7f99
Add PAM_CRED_ERR as valid failure case
2002-01-19 09:01:17 +00:00
Andrey A. Chernov
e04359cdac
Previous commit was incomplete, use
...
"[default=ignore success=done cred_err=die]"
options instead of "required"
2002-01-19 08:39:35 +00:00
Andrey A. Chernov
012400dfcd
Previous commit was incomplete, use new error code PAM_CRED_ERR to
...
indicate die case, different from PAM_SUCCESS and PAM_AUTH_ERR
2002-01-19 08:36:47 +00:00
Warner Losh
b5bbbc47b7
Add flags 0x10000 to IO Data WN-B11/PCM's entry. Evidentally, they
...
changed firmware and the new cards don't work without this.
Submitted by: ume
MFC after: 3 days
2002-01-19 08:11:39 +00:00
Andrey A. Chernov
2bda025221
Remove explaining comment and pam_unix commented out, now pam_unix can be
...
chained with pam_opie
2002-01-19 07:32:47 +00:00
Andrey A. Chernov
d97cc81fa4
Rewrite 'pwok' fallback in the way it can be properly chained with pam_unix
...
Replace snprintf %s with strlcpy
Check for NULL returned from getpwnam()
2002-01-19 07:23:48 +00:00
Seigo Tanimura
af46379bcb
Lock the caller process if the pid passed to getsid() or getpgid()
...
equals to zero.
2002-01-19 06:34:58 +00:00
Andrey A. Chernov
c0cbe6a9b8
Call opieunlock() only if we skip opieverify() part
2002-01-19 05:59:24 +00:00
Jun Kuriyama
937d2ef61a
MFen (1.259 --> 1.260).
2002-01-19 05:41:17 +00:00
Seigo Tanimura
a6fccfb5f2
For getsid(), return the sid stored in struct session. This prevents
...
panic in case where a session has no session leader.
Inspired by: Solaris 8
2002-01-19 05:31:51 +00:00
Bruce A. Mah
84e76dff37
New release notes: bpf(4) works better with select(2) and poll(2),
...
natd(8) -log_ipfw_denied.
2002-01-19 05:23:17 +00:00
Andrey A. Chernov
c8e3fac7a1
Add yet one expired-right-now password check, in pam_sm_chauthtok
...
srandomdev() can't be used in libraries, replace srandomdev()+random()
by arc4random()
2002-01-19 04:58:51 +00:00
Jun Kuriyama
f09fcd7190
MFen (1.257 --> 1.259).
2002-01-19 04:29:55 +00:00
Alfred Perlstein
441e1e6a49
Make compile, remove extra fdrop() calls.
...
Change name of function to what it's supposed to be (s/sys/do)
2002-01-19 03:52:17 +00:00
Alfred Perlstein
7e9aab77c5
make compile, add missing { and variable declaration.
2002-01-19 03:48:38 +00:00
Alfred Perlstein
083f6f9711
Semi-backout previous fgetvp change, we need the struct file pointer
...
to perform relative offset calculations, so use fget instead.
2002-01-19 03:45:14 +00:00
Robert Watson
080c70c1b1
o Clarify that various sysctl timing values are in milliseconds.
2002-01-19 03:44:42 +00:00
Andrey A. Chernov
a3643aa542
Change comment since fallback provided now not by ftpd but by pam_opie
2002-01-19 03:35:39 +00:00
Andrey A. Chernov
8c70adab72
Set pwok to 1 for non-OPIE users
2002-01-19 03:31:39 +00:00
Andrey A. Chernov
50356ef361
Remove conditional 'pwok' fallback for PAM which now
...
is implemented in pam_opie module
For non-PAM variant rewrite empty password checking code to do the right thing
and not disallow empty passwords in all cases.
2002-01-19 03:18:33 +00:00
Andrey A. Chernov
d54c36388e
Add missing check for right-now-expired password
2002-01-19 02:45:24 +00:00
Andrey A. Chernov
3f9a326a7a
Implement 'pwok', i.e. conditional fallback to unix password
...
as supposed by opieaccessfile() and opiealways()
2002-01-19 02:38:43 +00:00
Matthew Dillon
c73df808a0
Remove 'VXLOCK: interlock avoided' warnings. This can now occur in normal
...
operation. The vgonel() code has always called vclean() but until we
started proactively freeing vnodes it would never actually be called with
a dirty vnode, so this situation did not occur prior to the vnlru() code.
Now that we proactively free vnodes when kern.maxvnodes is hit, however,
vclean() winds up with work to do and improperly generates the warnings.
Reviewed by: peter
Approved by: re (for MFC)
MFC after: 1 day
2002-01-19 02:14:45 +00:00
Alfred Perlstein
aa11a498ff
undo a bit of the Giant pushdown.
...
fdrop isn't SMP safe as it may call into the file's close routine which
definetly is not SMP safe right now, so we hold Giant over calls to
fdrop now.
2002-01-19 01:03:54 +00:00
Nik Clayton
422702e9a8
Explain that the admin can safely power down the system as well as
...
rebooting.
2002-01-18 22:45:29 +00:00
Joerg Wunsch
7f3aade047
By popular demand, also include the "devlist" subcommand into the set
...
of commands available in the boot floppy environment.
MFC after: 1 week
2002-01-18 22:42:51 +00:00
Joerg Wunsch
075828a91a
Well, RELEASE_BUILD_FIXIT has now been renamed into RELEASE_CRUNCH.
...
At least, the old version is still good for the MFC though (where
everything is still going the old way). ;-)
2002-01-18 22:17:35 +00:00
Ian Dowse
3db327c495
Cut more than 500 bytes off the size of the alpha boot1 by adding
...
a simple version of bcopy() so we avoid picking up the overly-complex
implementation in libc (via libstand). This is not necessary on
-current, but RELENG_4 has apparently just exceeded the 15-sector
limit for boot1.
Reviewed by: wilko
2002-01-18 21:54:02 +00:00
Bruce A. Mah
d5e4d0437f
Coalesce several release notes dealing with the aac(4) driver,
...
clean-up, and mention that it is "fully qualified and sanctioned by
Adaptec".
Requested by: scottl (the last part, that is)
Approved by: re (implicitly)
2002-01-18 19:10:06 +00:00
Orion Hodson
bd8e0aee01
Change ich_calibrate to busy wait on buffer fill level and use a more
...
likely looking rate calculation.
Install interrupt handler before calling ich_init as the initialization
occasionally generates spurious interrupts.
These changes are derived from cg's work in progress version of this
driver.
2002-01-18 18:44:41 +00:00
Kenneth D. Merry
5710d224b6
Add 'camcontrol rescan all' and 'camcontrol reset all' functionality to
...
camcontrol.
This enables rescanning all busses or resetting all busses in a system.
The current implementation is not the ideal way to do it -- the ideal way
to do it would be for the transport layer to handle wildcarded busses on
bus rescan and reset operations. The current implementation enumerates all
the busses and sends a rescan or reset CCB individually. Handling this
behavior in the transport layer will happen later.
Reviewed by: imp
Tested by: joerg
MFC after: 1 week
2002-01-18 18:00:00 +00:00
Andrey A. Chernov
079ae266be
We don't use two-letters terminal names, so strip them out from vt520* entries
2002-01-18 17:41:54 +00:00
Bruce A. Mah
a9b95b0d62
Update PCMCIA cards (fe(4), ex(4), and ep(4) drivers).
...
Submitted by: Tom Rhodes <darklogik@pittgoth.com>
2002-01-18 16:55:22 +00:00
Ruslan Ermilov
757c6a47b6
mdoc(7) police: tidy up.
...
Reviewed by: chris
2002-01-18 16:46:43 +00:00
Bruce A. Mah
b35232e314
New release note: SA-02:07.
2002-01-18 16:42:43 +00:00
Ruslan Ermilov
318e66375a
GC spurious -m in the usage().
2002-01-18 16:08:29 +00:00
Ruslan Ermilov
a8be241673
MFV: Initialize %I register.
2002-01-18 15:28:32 +00:00
Ruslan Ermilov
d73b73ae30
This commit was generated by cvs2svn to compensate for changes in r89500,
...
which included commits to RCS files with non-trunk default branches.
2002-01-18 15:25:01 +00:00
Ruslan Ermilov
2a91b0e9f4
From ChangeLog:
...
: 2002-01-17 Ruslan Ermilov <ru@FreeBSD.org>
:
: * tmac/doc.common: Initialize %I register for the %I macro to
: avoid (harmless) warning.
: * tmac/doc.tmac (Bd): There is no reason to enforce -compact
: when in the SYNOPSIS section.
2002-01-18 15:25:01 +00:00
Ruslan Ermilov
7b6edd044b
Introduce an interface announcement message for the routing
...
socket so that routing daemons and other interested parties
know when an interface is attached/detached.
PR: kern/33747
Obtained from: NetBSD
MFC after: 2 weeks
2002-01-18 14:33:04 +00:00
Seigo Tanimura
98bf25aae1
Invert the test of sx_xholder for SX_LOCKED. We need to warn if a
...
thread other than the curthread holds an sx.
While I am here, break a line at the end of warning.
2002-01-18 09:21:15 +00:00
Yoshihiro Takahashi
8df8626ebd
Added kgzldr for pc98.
...
crt.s is based on btx.s.
2002-01-18 09:00:38 +00:00
Marcel Moolenaar
57aace23d5
Add a definition of ddb_regs. ddb_regs is declared as extern in
...
db_machdep.h to fix the link failure (multiple definitions)
caused by disabling the emission of common symbols. As a result,
there were no definitions at all. While here, remove useless
declarations.
2002-01-18 07:55:23 +00:00
Marcel Moolenaar
7fdc2e1a11
Remove the definition of bootverbose. This fixes the link failure
...
caused by disabling the emission of common symbols.
2002-01-18 07:49:37 +00:00
Marcel Moolenaar
48ceef34eb
Declare ddb_regs as extern to avoid creating a tentative definition.
...
This fixes the link failure caused by disabling the emission of
common symbols.
2002-01-18 07:47:38 +00:00
Peter Wemm
58815d1196
Avoid __func__ string concatenation
2002-01-18 04:41:23 +00:00