The reason we are required to commit to -current first is so that later
MFC's do not risk the loss of existing bug fixes. Even if this was not
strictly required in -current, it should still be fixed there too.
The reason we are required to commit to -current first is so that later
MFC's do not risk the loss of existing bug fixes. Even if this was not
strictly required in -current, it should still be fixed there too.
problem, it still didn't DTRT for services that did not have a service-
specific policy if /etc/pam.d existed but did not contain an "other"
policy. This fixes the problems some people have experienced with sudo.
And I almost didn't have to use goto.
The current configuration sequence is:
1) Look for /etc/pam.d/foo
2) If PAM_READ_BOTH_CONFS is defined, or step 1) failed, look for
foo in /etc/pam.conf
3) Look for /etc/pam.d/other (to fill in the gaps)
4) If PAM_READ_BOTH_CONFS is defined, or step 3) failed, look for
other in /etc/pam.conf
I believe this is the intended behaviour of the original code. The least
surprising behaviour seems to be when PAM_READ_BOTH_CONFS is not defined -
/etc/pam.d/foo will be preferred over /etc/pam.conf, but the latter will
serve as a backup if the former does not exist.
Sponsored by: DARPA, NAI Labs
default now. Discuss why that's good. Note that there are still
some situations where turning it off may be advantageous, including
situations where there are network outages and it's desirable to
have TCP sessions last beyond the outage.
Reviewed by: fenner
Suggested by: silby
in some environments, this may result in the early termination of
legitimate TCP sessions during temporary network outages. However,
maintain a strong recommendation that this be used when many network
clients are dialup.
Requested by: fenner
Assert that compilation takes place in a freestanding environment. This
implies `-fno-builtin'. A freestanding environment is one in which the
standard library may not exist, and program startup may not necessarily be
at main. The most obvious example is an OS kernel. This is equivalent to
`-fno-hosted'.
1. Changed incorrect conditional in fxhw.c which would never
evaluate to true. Thanks to John Polstra for pointing that out.
2. Write to PCI config space by default, enabling memory access and
bus master enable.
Submitted by:Prafulla Deuskar
MFC after:3 days
installed instead of pam.conf. This is for testing; the conditionals will
be removed once we are confident that pam.d works as intended.
Sponsored by: DARPA, NAI Labs
cardbus in the kernel, not on all the bridges that implement it.
Note: this is NEWCARD only, so we don't want it for the 'card' case,
unlike card_if.m, which is both NEWCARD and OLDCARD.
conversion script generated the wrong format, so the configuration files
didn't actually work. Good thing I hadn't thrown the switch yet...
Sponsored by: DARPA, NAI Labs (but the f***ups are all mine)
are sometimes incorrectly being dumped.
The problem arises because the subdirectory only gets its entry
cleared from usedinomap if it is also present in dumpinomap, and it is
the absence of a directory in usedinomap that internally indicates
that the directory is under the effects of UF_NODUMP (either directly
or inherited).
PR: 32414
Submitted by: David C Lawrence <tale@dd.org>
Easily exploitable by flood pinging the target
host over an interface with the IFF_NOARP flag
set (all you need to know is the target host's
MAC address).
MFC after: 0 days