next try over chroot (descriptor closed). getgrnam() used already handles
endgrent() properly and honors _gr_stayopen. Automatically call
setgroupent(1) when _pw_stayopen is set (for YP/NIS code).
setjmp() gets the jmp_buf pointer from the wrong place (the place
where the return address is) in the shlib case, and uses it (only)
to fetch the current signal mask to address (return_address + 28).
This address is normally read-only (I hope), so the sigprocmask()
call has no effect except to return an error code.
\end{quote}
Submitted by: bde
just breaks the prototypes for gzseek() and gztell() when an application
defines HAVE_UNISTD_H before including <zlib.h>. z_off_t was always
long for compiling zlib, but was sometimes off_t for compiling
applications, e.g., Ethereal 0.7.5.
This "fix" preserves bug for bug binary compatibility. z_off_t should
be off_t for everything, but zlib doesn't support off_t being longer
than long, so using the correct type without fixing zlib's internals
would at best break binary compatibility. This "fix" also make the
namespace problems for HAVE_UNISTD_H no worse than hundreds of other
namespace prooblems in zconf.h. I'll wait for a new release of zlib
for proper fixes.
Reported by: Guy Harris via jkh
the code, which seems to implement the POSIX requirements, and
have described the behavior here. Basically, it behaves the same
as select(2).
Noticed by: John Polstra
to call osigaction(). But that's wrong because it causes the
handler to receive a struct osigcontext instead of the expected
struct sigcontext. Use sigaction() instead, copying the compatible
portion of the signal mask.
Reviewed by: marcel
-----------------------------
Most of the userland changes are in libc. For both the alpha
and the i386 setjmp has been changed to accomodate for the
new sigset_t. Internally, libc is mostly rewritten to use the
new syscalls. The exception is in compat-43/sigcompat.c
The POSIX thread library has also been rewritten to use the
new sigset_t. Except, that it currently only handles NSIG
signals instead of the maximum _SIG_MAXSIG. This should not
be a problem because current applications don't use any
signals higher than NSIG.
There are version bumps for the following libraries:
libdialog
libreadline
libc
libc_r
libedit
libftpio
libss
These libraries either a) have one of the modified structures
visible in the interface, or b) use sigset_t internally and
may cause breakage if new binaries are used against libraries
that don't have the sigset_t change. This not an immediate
issue, but will be as soon as applications start using the
new range to its fullest.
NOTE: libncurses already had an version bump and has not been
given one now.
NOTE: doscmd is a real casualty and has been disconnected for
the moment. Reconnection will eventually happen after
doscmd has been fixed. I'm aware that being the last one
to touch it, I'm automaticly promoted to being maintainer.
According to good taste this means that I will receive a
badge which either will be glued or mechanically stapled,
drilled or otherwise violently forced onto me :-)
NOTE: pcvt/vttest cannot be compiled with -traditional. The
change cause sys/types to be included along the way which
contains the const and volatile modifiers. I don't consider
this a solution, but more a workaround.
required to be "announced" by a new bit in sa_flags to indicate the
program is aware of and has taken care of them. eg: SA_SIGINFO means
the program has used the sa_siginfo field (versus sa_handler).
sigaction, used to describe an action to be taken, is defined in the
header <signal.h> to include at least the following members:"
^^^^^^^^
A sigaction defined on stack with essentially random contents may have
just about anything underneath fields that the program doesn't know about.
It is not safe to delete the bzero.
initialization of sa_flags added so that we can lose the bzero.
IIRC, this code is not used anymore since the addition of
ncurses. Commit the change anyway so, just to be safe.
$FreeBSD$ tag added
initialization of sa_flags added so that the 'struct sigaction'
can be declared local in both functions that use the global
(static) declaration. Remove the global declaration.
the link are equal to the default aliasing address. Do not zero them!
This will fix the problem with non-working links added with the source
and/or aliasing address equal to the default aliasing address, but the
default aliasing address is set later, after the link has been set up,
like both natd(8) and ppp(8) do (for objective reasons).
Reviewed by: Brian Somers <brian@FreeBSD.org>,
Eivind Eklund <eivind@FreeBSD.org>,
Charles Mott <cmott@srv.net>
Revert the major number back to 2.
libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
`dst_port') work for outgoing packets.
- Make permanent links whose `alias_addr' matches the primary aliasing
address `aliasAddress' work for incoming packets.
- Typo fixes.
Reviewed by: brian, eivind
else, it is equivalent to strdup(). So, we will check if the substitution
tables are trivial at the load time, and possibly save 2 calls to
__collate_substitute() in strcoll().
Still, __collate_substitute() should not exist.
Other minor optimizations. I got ~30% speedup in strcoll() for 50 char strings,
~40% speedup for 100 char strings, and unmeasurable speedup for 1M strings.
Collates are still terribly slow. To make them reasonable fast,
__collate_substitute() should be killed.
representation of the full month name. In the Russian locale, this alternative
will be "nominative case", useful when the date designate month as a whole.
E.g. month heading in a calendar. I hope it can be useful for some other
locales too.
Discussed with: wollman, ache
In the words of originator:
:If an incoming connection is initiated through natd and deny_incoming is
:not set, then a new alias_link structure is created to handle the link.
:If there is nothing listening for the incoming connection, then the kernel
:responds with a RST for the connection. However, this is not processed
:correctly in libalias/alias.c:TcpMonitor{In,Out} and
:libalias/alias_db.c:SetState{In,Out} as it thinks a connection
:has been established and therefore applies a timeout of 86400 seconds
:to the link.
:
:If many of these half-connections are initiated (during, for example, a
:port scan of the host), then many thousands of unnecessary links are
:created and the resident size of natd balloons to 20MB or more.
PR: 13639
Reviewed by: brian
Style and punctuation errors fixes.
ERRORS section included to RETURN VALUES because it's
describing return values instead of errors and their handling.
Reviewed by: mpp
Build libncurses early again (it had drifted into set of libraries that
have no ordering requirements, but it must be built before libedit here
and before some gnu libraries in ../Makefile.inc1).
patch to stop the core dumps while others come up with a better
reviewed patch which may also fix other problems. We do illegal
pointer arithmetic, but it should be OK since FreeBSD only supports
machines with flat address spaces.
Submitted by: bde
make -jN fail. This fixes the present problem only, not the larger one
of when those internal tools are built and the cross-compiling etc.
Submitted by: luoqi
This isn't quite finished yet, there are still some unresolved problems
with ospeed and the sgtty.h (non-posix) terminal interface. Mostly
this only causes problems with src/games.
The other tools and libraries (libform,libpanel,libmenu) will come
shortly but are seperate.
Beware, there be dragons here! (The build will be broken for a short
while)
- Slightly rearrange VGLCheckSwitch() to ensure the display content
will be correctly restored when switching back to the vty where
the vgl program is running.
- VGLEnd() should clear the screen only when the vty is in the
foreground.
Discussed with: sos
for over 5 years since we switched to using procfs for kvm_uread().
This cleanup was motivated by recent breakage of the default swap file
(/dev/drum) when swapon() has not been called.
keyboard.c
- Call tcsetattr() in VGLKeyboardEnd() to restore tty, only when
tty attributes have been previously saved.
PR: misc/9524
Submitted by: Katusyuki 'kei' Maeda (kei@nanet.co.jp)
- Set up the tty raw mode correctly.
main.c
- Restore VESA_800x600 raster text mode correctly in VGLEnd().
Submitted by: des
text.c
- Allocate the correct size of a font buffer in VGLSetFontFile().
I forgot the submitter ;-(
simple.c, bitmap.c
- Fix address calculation for the VGA mode X in VGLGetXY() and
VGLBitmapCopy().
- Fix typo (dsty -> dstx) in __VGLBitmapCopy().
Reviewed by: sos
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
might have been mmapped, and if so, passing the pointer to free() is
really not a good idea.
[ In the next millenium, when I've taken over the world, I'm going
to ban 8 character tabs. You've been warned. ]
would expect. (Allow user data to be associated with an EditLine context).
As this changes no existing interfaces and doesn't alter any structs
visable to the user I've been told that its not necessary to bump
the version of the library.
- Sort xrefs
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlines in mdoc(7)
- Other misc mdoc cleanup.
PR: doc/13144
Submitted by: Alexy M. Zelkin <phantom@cris.net>
When fts_open is used with option FTS_NOCHDIR the full
path entry of type FTS_DP is returned with a trailing
'/' if the final directory is empty.
This fix coresponds to netbsd's __fts13.c v. 1.16
1) Safty change from casper dik was added to OpenBSD's sources since I
grabbed them. milltert@openbsd.org
2) Split up strlcpy to improve efficiency of the common case.
milltert@openbsd.org
3) Cleanup of cross references for man page. {alex,aaron}@openbsd.org
Pointed out by: deraadt@openbsd.org
Removed POSIX.1/NetBSD markup (braces) for NAME_MAX, etc. We don't
define this. Most FreeBSD man pages hard-code the limits; in fact,
utimes.2 recently became the only file in libc/sys/*.2 that mentions
NAME_MAX. There probably should be mandoc macros for this.
Text is a compromise based on messages from Wes Peters, Ville-Pertti
Keinonen, and Matt Dillon.
PR: docs/10512
Submitted by: Howard Goldstein <hgoldst@mpcs.com>
Note: you need to install the current groff tmac macros for these
man pages to format correctly. Specifically, rev 1.21 of
contrib_groff/tmac/doc-syms in -current, or rev 1.17.24 for 3.2-stable
misinterpreted to mean that the pointer passed to asprintf() must be suitable
for passing to realloc() as-is (ie. either a NULL pointer or a valid pointer).
(devname() returned "??" when the lookup failed, but callers expected it
to return NULL). This was fixed in Lite2, but until recently the changes
were only merged into devname.3. A day or two after devname.c was fixed,
devname.3 was made inconsistent again by backing out most of the Lite2
changes.
track.
The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
track.
The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
Always use mmap() for default-size stack allocation. Use MAP_ANON instead
of MAP_STACK on the alpha architecture.
Reduce the amount of code executed while owning _gc_mutex during stack
allocation.
Cache discarded default thread stacks for use in subsequent thread creations.
Create a red zone at the end of each stack (including the initial thread
stack), with the hope of causing a segfault if a stack overflows.
To activate these modifications, add -D_PTHREAD_GSTACK to CFLAGS in
src/lib/libc_r/Makefile. Since the modifications depend on the VM_STACK
kernel option, I'm not sure how to safely use growable stacks by default.
Testing, as well as algorithmic and stylistic comments are welcome.
secure permissions in case the user attempts to save something to
a file of his own.
Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.
PR: misc/11797
o The polling mechanism for I/O readiness was changed from
select() to poll(). In additon, a wrapped version of poll()
is now provided.
o The wrapped select routine now converts each fd_set to a
poll array so that the thread scheduler doesn't have to
perform a bitwise search for selected fds each time file
descriptors are polled for I/O readiness.
o The thread scheduler was modified to use a new queue (_workq)
for threads that need work. Threads waiting for I/O readiness
and spinblocks are added to the work queue in addition to the
waiting queue. This reduces the time spent forming/searching
the array of file descriptors being polled.
o The waiting queue (_waitingq) is now maintained in order of
thread wakeup time. This allows the thread scheduler to
find the nearest wakeup time by looking at the first thread
in the queue instead of searching the entire queue.
o Removed file descriptor locking for select/poll routines. An
application should not rely on the threads library for providing
this locking; if necessary, the application should use mutexes
to protect selecting/polling of file descriptors.
o Retrieve and use the kernel clock rate/resolution at startup
instead of hardcoding the clock resolution to 10 msec (tested
with kernel running at 1000 HZ).
o All queues have been changed to use queue.h macros. These
include the queues of all threads, dead threads, and threads
waiting for file descriptor locks.
o Added reinitialization of the GC mutex and condition variable
after a fork. Also prevented reallocation of the ready queue
after a fork.
o Prevented the wrapped close routine from closing the thread
kernel pipes.
o Initialized file descriptor table for stdio entries at thread
init.
o Provided additional flags to indicate to what queues threads
belong.
o Moved TAILQ initialization for statically allocated mutex and
condition variables to after the spinlock.
o Added dispatching of signals to pthread_kill. Removing the
dispatching of signals from thread activation broke sigsuspend
when pthread_kill was used to send a signal to a thread.
o Temporarily set the state of a thread to PS_SUSPENDED when it
is first created and placed in the list of threads so that it
will not be accidentally scheduled before becoming a member
of one of the scheduling queues.
o Change the signal handler to queue signals to the thread kernel
pipe if the scheduling queues are protected. When scheduling
queues are unprotected, signals are then dequeued and handled.
o Ensured that all installed signal handlers block the scheduling
signal and that the scheduling signal handler blocks all
other signals. This ensures that the signal handler is only
interruptible for and by non-scheduling signals. An atomic
lock is used to decide which instance of the signal handler
will handle pending signals.
o Removed _lock_thread_list and _unlock_thread_list as they are
no longer used to protect the thread list.
o Added missing RCS IDs to modified files.
o Added checks for appropriate queue membership and activity when
adding, removing, and searching the scheduling queues. These
checks add very little overhead and are enabled when compiled
with _PTHREADS_INVARIANTS defined. Suggested and implemented
by Tor Egge with some modification by me.
o Close a race condition in uthread_close. (Tor Egge)
o Protect the scheduling queues while modifying them in
pthread_cond_signal and _thread_fd_unlock. (Tor Egge)
o Ensure that when a thread gets a mutex, the mutex is on that
threads list of owned mutexes. (Tor Egge)
o Set the kernel-in-scheduler flag in _thread_kern_sched_state
and _thread_kern_sched_state_unlock to prevent a scheduling
signal from calling the scheduler again. (Tor Egge)
o Don't use TAILQ_FOREACH macro while searching the waiting
queue for threads in a sigwait state, because a change of
state destroys the TAILQ link. It is actually safe to do
so, though, because once a sigwaiting thread is found, the
loop ends and the function returns. (Tor Egge)
o When dispatching signals to threads, make the thread inherit
the signal deferral flag of the currently running thread.
(Tor Egge)
Submitted by: Daniel Eischen <eischen@vigrid.com> and
Tor Egge <Tor.Egge@fast.no>
camcontrol(8) and the documentation in camlib.c and cam(3) all expect
-1 on failure and 0 on success. Updated camlib.c to return the values
specified by the documentation.
PR: 12023
pointers. The calls are in different sections from the functions
being called, and they can potentially be far away. On a very large
program, the 21-bit displacement field of the BSR instruction
overflowed at link time.
simple enough to be trusted.
Add account management functionality to the pam_unix module.
These changes should make it possible to use PAM in some ports.
Submitted by: Max Khon <fjoe@iclub.nsu.ru>
Submitted by: Yung-Jen Hung <winard@u3717a.dorm.ccu.edu.tw>
Reviewed by: bearscorp.bbs@bbs.life.nthu.edu.tw
_BIG5_sgetrune() in libc doesn't work well, this commit will fix it.
"passwordtime" is what passwd(1) has actually been using. I suspect
passwordperiod was the original intent. I can't figure-out which,
if either, BSDi uses. If anyone knows...
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
o use braces to avoid potentially ambiguous else
o don't default to type int (and also remove a useless register
modifier).
o Use parens around assignment values used as truth values.
o Remove unused function.
Reviewed by: obrien and chuckr
70-00 are intepreted in the 20th century; 01-69 in the
21st century. (Yes, 2000 is the last year of the 20th
century, not the first year of the 21st.)
Submitted by: Sergey Babkin <babkin@bellatlantic.net>
before.
Added SYS.h for mipseb and mipsel.
I now get part way through building libc in the cross environment that
I have (along with pending mipse[bl] changes to the intree egcs) with
these changes.
function. It was an ill-considered feature. It didn't solve the
problem I wanted it to solve. And it added Yet Another Version
Number that would have to be maintained at every release point.
I'm nuking it now before anybody grows too fond of it.
