introduce zfsboottest.sh script that will verify if it will be possible to boot
from the given pool.
# zfsboottest.sh system
Where "system" is pool name of the pool we want to boot from.
What is being verified by the script:
- Does the pool exist?
- Does it have bootfs property configured?
- Is mountpoint property of the boot dataset set to 'legacy'?
Dataset configured in bootfs property has to be mounted to perform more
checks:
- Does the /boot directory in boot dataset exist?
- Is this dataset configured as root file system in /etc/fstab or set
in vfs.root.mountfrom variable in /boot/loader.conf?
By using zfsboottest tool the script will read all the files in /boot
directory using ZFS boot code and calculate their checksums.
Then, it will walk /boot directory using find(1) though regular file sytem
and also read all the files in /boot directory and calculate their checksums.
If any of the files cannot be looked up, read or checksum is invalid it will
be reported and booting off of this pool is probably not possible.
Some additional checks may be interesting as well. For example if the disks
contain proper pmbr and gptzfsboot code or if all expected files in /boot/
are present.
When upgrading FreeBSD, one should snapshot datasets that contain operating
system, upgrade (install new world and kernel) and use zfsboottest.sh to verify
if it will be possible to boot from new configuration. If all is good one
should upgrade boot blocks, by eg.:
# gpart -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada1
If something is wrong, one should rollback datasets and report the problems.
MFC after: 3 days
zfsboottest gpt/system0 gpt/system1 - /boot/kernel/kernel /boot/zfsloader
- Instead of printing file's content calculate MD5 hash of the file,
so it can be easly compared to the hash calculated via file system.
- Some other minor improvements.
MFC after: 3 days
kerberos libraries were not linked properly (missing dependencies),
which causes 3rd party applications linking to fail when --as-needed
ld flag is used. I also added the --no-undefined ld(1) flag to make
sure that there're no missing dependencies.
MFC after: 3 days
- redirect diagnostics printfs in the boot code to stderr
- do not read trailing garbage from a trailing block of a file
Also add my copyright to the file after making so many changes.
Approved by: re (kib)
MFC after: 1 week
Distinguish IPv4 and IPv6 addresses and optional port numbers in
user space to set the option for the correct protocol family.
Add support in the kernel for carrying the new IPv6 destination
address and port.
Add support to TCP and UDP for IPv6 and fix UDP IPv4 to not change
the address in the IP header.
Add support for IPv6 forwarding to a non-local destination.
Add a regession test uitilizing VIMAGE to check all 20 possible
combinations I could think of.
Obtained from: David Dolson at Sandvine Incorporated
(original version for ipfw fwd IPv6 support)
Sponsored by: Sandvine Incorporated
PR: bin/117214
MFC after: 4 weeks
Approved by: re (kib)
Ensure that process descriptors work as expected. We should be able to:
- pdfork(), like regular fork(), but producing a process descriptor
- pdgetpid() to convert a PD into a PID
- pdkill() to send signals to a process identified by a PD
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
When calling poll(2) on a capability, unwrap first and then poll the
underlying object.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
This commit adds regression testing for openat(), fstatat(), etc. with
capability scoping ("strict relative" lookup), which applies:
- in capability mode
- when performing any *at() lookup relative to a capability
These tests will fail until the *at() code is committed; on my local
instance, with the *at() changes, they all pass.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
As per kib's suggestion, we also change test_count from a size_t to an int;
its value at the moment is 4, and we only expect it to go up to 7.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
kernel for FreeBSD 9.0:
Add a new capability mask argument to fget(9) and friends, allowing system
call code to declare what capabilities are required when an integer file
descriptor is converted into an in-kernel struct file *. With options
CAPABILITIES compiled into the kernel, this enforces capability
protection; without, this change is effectively a no-op.
Some cases require special handling, such as mmap(2), which must preserve
information about the maximum rights at the time of mapping in the memory
map so that they can later be enforced in mprotect(2) -- this is done by
narrowing the rights in the existing max_protection field used for similar
purposes with file permissions.
In namei(9), we assert that the code is not reached from within capability
mode, as we're not yet ready to enforce namespace capabilities there.
This will follow in a later commit.
Update two capability names: CAP_EVENT and CAP_KEVENT become
CAP_POST_KEVENT and CAP_POLL_KEVENT to more accurately indicate what they
represent.
Approved by: re (bz)
Submitted by: jonathan
Sponsored by: Google Inc
Even if we have CAP_FCHFLAGS, fchflags(2) fails on NFS. This is normal
and expected, so don't fail the test because of it.
Note that, whether or not we are on NFS, fchflags(2) should always fail
with ENOTCAPABLE if we are using a capability that does not have the
CAP_FCHFLAGS right.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
Add more regression testing, some of which is expected to fail until we
commit more kernel implementation.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
Add more regression testing, some of which is expected to fail until we
commit more kernel implementation.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
sources this tool collates are no longer available and the format of the
current database is directly usable by pciconf(8) without needing any special
processing.
Formerly, in this case an error was returned but the pid was also returned
to the application, requiring the application to use unspecified behaviour
(the returned pid in error situations) to avoid zombies.
Now, reap the zombie and do not return the pid.
MFC after: 2 weeks
Rather than using err() if either of two failure conditions
fires (which can produce spurious error messages), just use
errx() if the one condition that really matters fires.
In practice, this single test is enough to detect the failure
mode we're looking for (kqueue being inherited across fork).
Approved by: mentor (rwatson), re (Capsicum blanket)
Sponsored by: Google Inc
Modify the existing unit test (from libkqueue) which already exercises process events via
fork() and kill(). Now, the child process simply checks that the 'kqfd' descriptor is invalid.
Some minor modifications were required to make err() work correctly. It seems that this test
was imported using the output of a configure script, but config.h was not included in key
places, nor was its syntax correct (need '#define HAVE_FOO 1' rather than '#define HAVE_FOO').
Finally, change main() to run the "proc" suite by default, but widened the '#if TODO' in
proc.c to include the non-functioning test event_trigger().
Approved by: mentor (rwatson), re (Capsicum blanket)
Sponsored by: Google Inc
- Implement simple and generic language which can
be used to describe any kind of device ID structures.
- Fix endian issues.
- Add an example format file.
Suggested by: imp @
MFC after: 14 days
is now required by bus_autoconf.
- Allow interface class matching even if device class is vendor specific.
- Update bus_autoconf tool to not generate system and subsystem match lines
for the nomatch event.
PR: misc/157903
MFC after: 14 days
sorted according to the mode which they support:
host, device or dual mode
- Add generic tool to extract these data:
tools/bus_autoconf
Discussed with: imp
Suggested by: Robert Millan <rmh@debian.org>
PR: misc/157903
MFC after: 14 days
This knob removes the tools that are exclusively used to view and
maintain the databases maintained by utmpx, namely last, users, who,
wtmpcvt, ac, lastlogin and utxrm.
The tool w is not in this list, because it has some other functionality
which is unrelated to utmpx; it is hardlinked to the uptime tool.
The WITHOUT_ACCT switch is supposed to omit tools related to process
accounting, namely accton and sa. ac(8) is just a simple tool that
prints statistics based on data in the utx.log database. It has nothing
to do with the former.
Replacing ;; with the new control operator ;& will cause the next list to be
executed as well without checking its pattern, continuing until a list ends
with ;; or until the end of the case statement. This is like omitting
"break" in a C "switch" statement.
The sequence ;& was formerly invalid.
This feature is proposed for the next POSIX issue in Austin Group issue
#449.
The eval special builtin now runs the code with EV_EXIT if it was run
with EV_EXIT itself.
In particular, this eliminates one fork when a command substitution contains
an eval command that ends with an external program or a subshell.
This is similar to what r220978 did for functions.