11371 Commits

Author SHA1 Message Date
Sam Leffler
80e9f71ab5 update for 0.5.8 import
Approved by:	re (hrs)
2007-07-09 16:26:48 +00:00
Sam Leffler
552e0ccfb2 fixup mcast handling in bpf program; this enables forthcoming support
for 802.1x over wired interfaces

Submitted by:	Jouke Witteveen
Approved by:	re (hrs)
2007-07-09 15:57:10 +00:00
Bjoern A. Zeeb
ec8fa4cfd9 I4B header files are now installed in include/i4b/ and no longer
in include/machine/.

Adapt #include paths.

Approved by:	re (kensmith)
2007-07-06 07:21:56 +00:00
Bjoern A. Zeeb
53bf725ae1 Remove the -DFAST_IPSEC from Makefiles again.
This was needed during the IPSEC->FAST_IPSEC->IPSEC transition
period to not break the build after picking up netipsec header
files. Now that the FAST_IPSEC kernel option is gone and the
default is IPSEC again those defines are superfluous.

Approved by:	re (rwatson)
2007-07-05 08:56:46 +00:00
Bjoern A. Zeeb
fa2e18c2b4 Do not install man pages for the three I4B 'modules' that were
disabled for the FreeBSD 7.0 timeframe.

Approved by:	re (rwatson)
2007-07-04 16:21:27 +00:00
Sean Farley
2966d28c32 Significantly reduce the memory leak as noted in BUGS section for
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.

Convert all calls to POSIX from historic BSD API:
 - unsetenv returns an int.
 - putenv takes a char * instead of const char *.
 - putenv no longer makes a copy of the input string.
 - errno is set appropriately for POSIX.  Exceptions involve bad environ
   variable and internal initialization code.  These both set errno to
   EFAULT.

Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit.  A few I re-wrote to use setenv()
instead of putenv().

New regression module for tools/regression/environ to test these
functions.  It also can be used to test the performance.

Bump __FreeBSD_version to 700050 due to API change.

PR:		kern/99826
Approved by:	wes
Approved by:	re (kensmith)
2007-07-04 00:00:41 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
George V. Neville-Neil
8409aedfa6 Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
Andrew Thompson
069441f718 Remove wicontrol(8) from the base system. Using wicontrol to configure an
interface has been deprecated since 5.1, wi(4) wireless interfaces are managed
via the net80211 stack and ifconfig.

Approved by:	re (rwatson)
2007-07-01 10:25:07 +00:00
Colin Percival
220a80611e Add support for HTTP/1.0 Persistent Connections to phttpget. Requests are
be marked as HTTP/1.1 but "Connection: Keep-Alive" is added; this convinces
HTTP/1.0 servers and proxies to hold the TCP connection open despite not
being able to use HTTP pipelining.

This dramatically cuts down on the number of TCP connections (and thus port
numbers) used by portsnap when talking to an HTTP/1.0 proxy (e.g., squid),
and has the side benefit of improving performance in those cases.

Tested by:	simon
Approved by:	re (kensmith)
MFC After:	1 week
2007-06-30 19:48:28 +00:00
Murray Stokely
f43bbab9a8 Remove reference to 'phosphor' in the screensaver menu as this is less
meaningful in the LCD world.

Submitted by:	Ben Kaduk <minimarmot@gmail.com>
Approved by:	re (kensmith)
2007-06-29 20:24:57 +00:00
John Baldwin
a6a36b4cec Teach sysinstall about the 'scddl' source dist.
Approved by:	re (kensmith)
2007-06-28 18:27:29 +00:00
Pav Lucistnik
f8848b4f6a - Add new virtual category kld
MFC after:	3 days
Approved by:	re (mux)
2007-06-28 17:42:20 +00:00
Philip Paeps
8375edb4bb Fix a number of documentation-lags-behind-reality bugs in sysinstall(8).
While here, fix a couple of comments too.

Submitted by:	Oliver Fromme <olli -at- lurza.secnetix.de>
Approved by:	re (kensmith)
2007-06-25 16:37:17 +00:00
David Malone
68c35072f9 Add an option to make periodic(8) quiet when no output was generated.
The man page part of the patch is my fault, the changes to the
periodic script is Dominik's.

PR:		88486
Submitted by:	Dominik Brettnacher <domi@saargate.de>
Reviewed by:	brian
Approved by:	re
MFC after:	1 month
2007-06-22 10:04:05 +00:00
Nate Lawson
00a304487f Update the suspend/resume user API while maintaining backwards compat.
Improvements:
* /etc/rc.suspend,rc.resume are always run, no matter the source of the
  suspend request (user or kernel, apm or acpi)
* suspend now requires positive user acknowledgement.  If a user program
  wants to cancel the suspend, they can.  If one of the user programs
  hangs or doesn't respond within 10 seconds, the system suspends anyway.
* /dev/apm is clonable, allowing multiple listeners for suspend events.
  In the future, xorg-server can use this to be informed about suspend
  even if there are other listeners (i.e. apmd).

Changes:
* Two new ACPI ioctls:  REQSLPSTATE and ACKSLPSTATE.  Request begins the
  process of suspending by notifying all listeners.  acpi is monitored by
  devd(8) and /dev/apm listener(s) are also counted.  Users register their
  approval or disapproval via Ack.  If anyone disapproves, suspend is vetoed.
* Old user programs or kernel modules that used SETSLPSTATE continue to
  work.  A message is printed once that this interface is deprecated.
* acpiconf gains the -k flag to ack the suspend request.  This flag is
  undocumented on purpose since it's only used by /etc/rc.suspend.  It is
  not intended to be a permanent change and will be removed once a better
  power API is implemented.
* S5 (power off) is no longer supported via acpiconf -s 5 or apm -z/-Z.
  This restores previous behavior of halt/shutdown -p being the interface.
* Miscellaneous improvements to error reporting

Approved by:	re
2007-06-21 22:50:37 +00:00
Pav Lucistnik
217176a40c - Replace rather inefficient bubble sort with a recursive depth-first search.
This speeds up registration of packages considerably.
- style(9) police welcome!

PR:		bin/112630
Submitted by:	Stephen Montgomery-Smith <stephen@cauchy.math.missouri.edu>
Tested by:	bento i386 experimental run
MFC after:	14 days
2007-06-18 22:49:13 +00:00
Rong-En Fan
27cfc42fc5 - Bump share library version which were missed in last bump
Reported by: 	     jhb
Discussed with:	     deischen, des, doubg, harti
Approved by:	     re (kensmith)
2007-06-18 18:47:54 +00:00
Philip Paeps
d933824786 Fix a (very) longstanding bug in moused(8) affecting high-resolution rodents
when linear acceleration (-a) was enabled with a <1 value to slow them down.

Previously, rounding errors would eat small movements so the mouse had to be
moved a certain distance to get any movement at all.  We now calculate the
rounding errors and take them into account when reporting movement.

PR:		bin/113749
Submitted by:	Oliver Fromme <olli -at- secnetix.de>
MFC after:	3 days
2007-06-17 20:27:54 +00:00
Yaroslav Tykhiy
997c6eefd8 Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
Hidetoshi Shimokawa
072d350754 Increase buffer size of DV stream to prevent buffer
overrun caused by long blocking of file I/O (i.e. zfs).

MFC after: 3 days
2007-06-17 10:20:55 +00:00
Maxim Konovalov
346e07c1ba o Add an example how to create /etc/mtree style mtree(8) files.
PR:		docs/113667
Submitted by:	edwin
MFC after:	1 week
2007-06-16 08:26:00 +00:00
Hidetoshi Shimokawa
8bd6994930 - Add an option to change escape character.
- Use CTRL macro.
- Make target reset work on telnet port.
- Add a key bind to invoke kgdb on the terminal. (experimental)
2007-06-15 12:09:16 +00:00
Dmitry Morozovsky
89a630d080 Failing to set new frequency should not lead to powerd exiting.
Change err(3) to warn(3) as three other cases.

Approved by:	njl, des
2007-06-13 19:05:11 +00:00
Stephane E. Potvin
04031e9ae2 Options spring cleanup:
- Add and document the KVM and KVM_SUPPORT options that
are needed for the ifmcstats(3) makefile
- Garbage collect unused variables
- Add missing inclusion of bsd.own.mk where needed

Approved by: kan (mentor)
Reviewed by: ru
2007-06-13 02:08:04 +00:00
Bruce M Simpson
71498f308b Import rewrite of IPv4 socket multicast layer to support source-specific
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.

This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.

The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html

Summary
 * IPv4 multicast socket processing is now moved out of ip_output.c
   into a new module, in_mcast.c.
 * The in_mcast.c module implements the IPv4 legacy any-source API in
   terms of the protocol-independent source-specific API.
 * Source filters are lazy allocated as the common case does not use them.
   They are part of per inpcb state and are covered by the inpcb lock.
 * struct ip_mreqn is now supported to allow applications to specify
   multicast joins by interface index in the legacy IPv4 any-source API.
 * In UDP, an incoming multicast datagram only requires that the source
   port matches the 4-tuple if the socket was already bound by source port.
   An unbound socket SHOULD be able to receive multicasts sent from an
   ephemeral source port.
 * The UDP socket multicast filter mode defaults to exclusive, that is,
   sources present in the per-socket list will be blocked from delivery.
 * The RFC 3678 userland functions have been added to libc: setsourcefilter,
   getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
 * Definitions for IGMPv3 are merged but not yet used.
 * struct sockaddr_storage is now referenced from <netinet/in.h>. It
   is therefore defined there if not already declared in the same way
   as for the C99 types.
 * The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
   which are then interpreted as interface indexes) is now deprecated.
 * A patch for the Rhyolite.com routed in the FreeBSD base system
   is available in the -net archives. This only affects individuals
   running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
 * Make IPv6 detach path similar to IPv4's in code flow; functionally same.
 * Bump __FreeBSD_version to 700048; see UPDATING.

This work was financially supported by another FreeBSD committer.

Obtained from:  p4://bms_netdev
Submitted by:   Wilbert de Graaf (original work)
Reviewed by:    rwatson (locking), silence from fenner,
		net@ (but with encouragement)
2007-06-12 16:24:56 +00:00
Motoyuki Konno
226095ae8b Delete description of non-existent options: "-4" and "-6".
ntpd's "-4" and "-6" options are described in the original documentation
(contrib/ntp/html/ntpd.html).  It may be original's doc bug.

PR:		docs/112642
Submitted by:	Seth Hieronymus<shieronymus@speakeasy.net>
Discussed with:	ume
MFC after:	1 week
2007-06-12 13:28:55 +00:00
Ceri Davies
3213dc8412 Create group ftp by default. This is gid 14 as this is the historical
id used by sysinstall when enabling anonymous FTP.

Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.

PR:		93284
Approved by:	ru (mentor)
Reviewed by:	simon
2007-06-11 18:36:39 +00:00
Sam Leffler
b57206897c o add 11n knob
o gcc42 stuff
2007-06-11 04:05:15 +00:00
Sam Leffler
c49cc04cee track net80211 changes to get scan results ioctl 2007-06-11 03:57:46 +00:00
Matteo Riondato
e2f7e255c4 Remove a comment I forgot to remove 2007-06-09 09:20:22 +00:00
Hidetoshi Shimokawa
2ac79858a6 Reset dc->paddr and dc->reset if we cannot read configuration ROM. 2007-06-08 12:58:06 +00:00
Hidetoshi Shimokawa
0311fbe1bb Clean up escape sequence handling and add support for
resetting target and suspending dconschat.
2007-06-08 05:26:11 +00:00
Hidetoshi Shimokawa
f6416cb484 Add heuristics for smooth reconnection. 2007-06-07 12:29:33 +00:00
Pav Lucistnik
448f9bb6c1 "-b /boot/mbr" is redundant, /boot/mbr is the default boot code for fdisk(8).
Pointed out by:	ru
2007-06-07 07:43:04 +00:00
Pav Lucistnik
3022d78f56 - Revert previous revision, it was incorrect
- Add an example using fdisk instead

Pointed out by:	ru
Submitted by:	Warren Block <wblock@wonkity.com>
MFC after:	3 days
2007-06-06 21:28:50 +00:00
Xin LI
4a95c0e83f Write to slice name instead of directly to the disk device.
This fixes writing boot code upon upgrade.

PR:		bin/61587
Submitted by:	Nobuyuki Koganemaru <n-kogane syd.odn.ne.jp>
MFC after:	1 month
2007-06-05 05:44:41 +00:00
Doug Barton
d6ceb6db22 Update bmake glue for the BIND 9.4.1 import.
This includes a return to building with threads, since one of the
major focuses of the 9.4.x branch is to improve thread performance.
2007-06-02 23:19:58 +00:00
Hidetoshi Shimokawa
820f6fa94c Discard backlog on GDB port when connected.
MFC after: 3 days
2007-05-31 04:55:05 +00:00
Christian Brueffer
2d0225ec1a Cleanup after previous commit. 2007-05-25 16:05:17 +00:00
Roman Bogorodskiy
d4d4a70a35 Add a new option for ppp.conf: rad_port_id. It allows to
change the way of what ppp submits to the RADIUS server
as NAS-Port-Id. Possible options are: the PID of the process
owning the corresponding interface, tun(4) interface number,
interface index (as it would get returned by if_nametoindex(3)),
or it's possible to keep the default behavior. Check the ppp(8)
manual page for details.

PR:		bin/112764
Submitted by:	novel (myself)
Reviewed by:	flz
Approved by:	flz
MFC after:	1 month
2007-05-25 13:45:49 +00:00
Diomidis Spinellis
f2bbd63c2f Set .PATH before referring to the corresponding sources. 2007-05-22 10:49:42 +00:00
Diomidis Spinellis
fdbe5babe4 Increase precision of time values in the process accounting
structure, while maintaining backward compatibility with legacy
file and record formats.
2007-05-22 06:51:38 +00:00
Florent Thoumie
9cb3e36c56 Add new x11-drivers category.
Reminded by:	miwi
MFC after:	3 days
2007-05-19 21:27:37 +00:00
Maxim Konovalov
72fc5161cf o Fix typo: firwalling -> firewalling.
PR:		docs/112776
Submitted by:	asmodai
MFC after:	1 week
2007-05-19 07:36:43 +00:00
Diomidis Spinellis
5f6f6b2933 Add -U and -P options that allow the specification of the per-user
and per-process summary file location.
These make the program more flexible, and also make it possible to write
sane regression tests.
2007-05-18 12:36:10 +00:00
Xin LI
cbfaeb5fe3 Tighten IP address check, prevent '..' from being passed
from the check.

Submitted by:	Ren Zhen <bg1tpt gmail com>
MFC after:	2 weeks
2007-05-17 06:08:42 +00:00
Warner Losh
c1f4dd9355 Fix some problems that affect multiple file inclusion. Bruce found
this bug and submitted these patches to dunstan@.  He sent them to me
to test, and I discovered they were needed for the atmel kernel config
files.  Since we were playing with them in the terminal room after the
developer's summit today, I thought I'd go ahead and commit them to
allow those folks that now have atmel hardware (thanks Andre) a chance
to try it out w/o my help.  Since dunstan@ is asleep right now, risk
stepping on his toes a little by going ahead and committing this
change.

Submitted by: dunstan@, bde@
Tested by: bde@
2007-05-17 04:53:52 +00:00
Wojciech A. Koszek
5f9974ae57 Handle !INCLUDE_CONFIG_FILE entirely in the kernel. This should make some
developers happy, since it will let them to use old config(8) with newer
kernels.

Reviewed by:	imp
Approved by:	imp
2007-05-16 16:08:04 +00:00
Colin Percival
e829ed67a2 Add some missing '${BASEDIR}/'s. Prior to this commit, FreeBSD Update
operating with the "-b basedir" option would not correctly update files
which had flags set or were hardlinked.

Submitted by:	Karsten Schmidt
Pointy hat to:	cperciva
MFC after:	1 week
2007-05-16 15:20:51 +00:00