Commit Graph

62790 Commits

Author SHA1 Message Date
Warner Losh
c7021493ba Make the fmt arguments to make_dev and make_dev_alias const char *.
Approved on IRC as long as it didn't cause a large number of warnings by: phk

MFC After: 700 hours
2001-08-02 20:35:35 +00:00
Brian Somers
1a40cd082a The wrong-last-byte bug on win98 chap responses is also in winME 2001-08-02 20:12:48 +00:00
Jonathan Chen
7ba271ae0b fix memory leak when error during opening of routing socket
PR:		kern/29336
Submitted by:	Richard Andrades <richard@xebeo.com>
MFC after:	1 month
2001-08-02 19:56:29 +00:00
Mark Murray
f950650b78 With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
Mark Murray
c52468e7ef Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
Mark Murray
41b07e1d10 Add opieaccess(5) functionality under the INSECURE_OPIE .ifdef.
Asked for by:	ache
2001-08-02 18:58:52 +00:00
Maxim Sobolev
ea0cdbc8ac exists(../../crypto) --> exists(${.CURDIR}/../../crypto)
MFC after:	1 month
2001-08-02 18:21:48 +00:00
Jonathan Chen
f0b8b1fccb fix for pkg_add to symlinked prefix directories that are more than 1 link deep.
PR:	bin/28274
Submitted by:	John Hein <jhein@timing.com>
MFC after:	1 month
2001-08-02 18:20:27 +00:00
Andrey A. Chernov
bd376a3487 Allow configTtys() be called several times - set VAR_CONSTERM to "NO" after
operation done.
2001-08-02 16:36:21 +00:00
Maxim Sobolev
a8ec1b4851 Fix a cryptoless world by disconnecting libmp from the build when there is no
crypto bits installed and/or NOCRYPTO/NO_OPENSSL is defined. This unfortunately
meants that usr.bin/chkey, usr.bin/newkey and usr.sbin/keyserv have also to
be disconnected.

IMO it is merely a workaround, the proper solution is to move libmp to
src/crypto where it belongs and use libgmp for the cryptoless builds instead.

Missed by:	dd
2001-08-02 15:47:03 +00:00
Kazutaka YOKOTA
0426db70c6 Include opt_splash.h. 2001-08-02 13:23:17 +00:00
Kazutaka YOKOTA
2fe5e0b184 Use #ifdef DEV_SPLASH (from opt_splash.h) rather than
#if NSPLASH > 0 (from splash.h) to test the presence
of the splash driver.
2001-08-02 13:22:33 +00:00
Maxim Sobolev
3d02d34c75 Cosmetics: replace dozen instances of "(tmp = getenv(PKG_DBDIR) ? tmp : DEF_LOG_DIR)"
with macro.

MFC after:	1 month
2001-08-02 13:13:06 +00:00
Maxim Sobolev
a48179c2fa Cosmetics: kill blank lines at the end of file.
MFC after:	1 month
2001-08-02 13:08:43 +00:00
David Malone
d7f66e157e Remove duplicate ufsd entry. This seems to go back to the Sun's version
of the file.

PR:		29386
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
2001-08-02 12:55:37 +00:00
Maxim Sobolev
2d800f2bd9 Usability tweak:
Use '' quotes instead of `' to delimit names of files and packages in
  warning and error messages, because it is easier to cut-n-paste name in
  question that way (single click) without confusing the shell. And yes,
  I know that it is less eye-candy...

MFC after:	1 month
2001-08-02 12:38:29 +00:00
Yaroslav Tykhiy
2a6bc06445 Document the deprecated `-w' option in the COMPATIBILITY section. 2001-08-02 12:38:23 +00:00
Maxim Sobolev
94d81832dd When there is a file that can't be deleted due to checksum mismatch print name
of that file to stdout to simplify debugging. IMO it was a mistake to print
this warning only when `verbose' mode is on.

MFC after:	1 month
2001-08-02 12:19:32 +00:00
Dima Dorfman
3ec96e7a64 When talking about new versions, use the word "updated" instead of
"upgraded" for consistency.  Prior to this commit, 9 of the entires
used the latter, and 51 used the former.
2001-08-02 12:16:17 +00:00
Dima Dorfman
1a3a2b1605 Note MFC or Binutils 2.11.2 (what we have is close enough to that
version that there's no need to talk about the snapshot business; all
it would do is serve to confuse).
2001-08-02 12:08:10 +00:00
Kazutaka YOKOTA
eac47d67be Add FBIO_BLANK ioctl support. Return ENODEV for yet-to-be-
supported ioctls for now.
2001-08-02 11:26:30 +00:00
Kazutaka YOKOTA
6d1699583d Add some definitions. Their actual support will be added
to video drivers later.
2001-08-02 11:17:38 +00:00
Sheldon Hearn
2cc33d7946 When building a debugging kernel with modules, build modules with
debugging support as well.

This relies on support added in rev 1.105 to kmod.mk.

Requested by:	peter
2001-08-02 10:56:59 +00:00
Mark Murray
f5974d336f Repair the get/set UID() stuff so this works in both su(1) and login(1)
modes.
2001-08-02 10:35:41 +00:00
Maxim Sobolev
fe603109d1 - Deny detaching requests until device is still open, otherwise it is possible
to hang or panic kernel by detaching disk from which fs is mounted;
- replace "md" with MD_NAME in yet another place.

Reviewed by:	phk
Approved by:	phk
2001-08-02 10:19:13 +00:00
Brian Somers
686e8c8b12 Add a ``nat punch_fw'' command for punching FTP and IRC DCC holes through
the firewall.
2001-08-02 10:16:32 +00:00
Brian Somers
2b5dcd2ffe Pack struct uniqtag declarations to stop our data field from being pushed
4 bytes to the right on the alpha.

Tested by:	Thomas Pornin <Thomas.Pornin@ens.fr>
MFC after:	1 week
2001-08-02 09:28:31 +00:00
Sheldon Hearn
f66116083c When building a debugging kernel with modules, build modules with
debugging support as well.  Debugging module support is handled
identically to kernel debugging support, right down to poor
choice of make variable names.
2001-08-02 09:22:18 +00:00
Kazutaka YOKOTA
4866e2769a Refine cursor type/shape control escape sequences and
ioctls. We can now add ve, vi and vs capabilities to
cons25 in termcap.

Discussed with and tested by: ache
2001-08-02 08:30:40 +00:00
Alfred Perlstein
61ce6eeee3 Fixups for the initial allocation by dillon:
1) allocate fewer buckets
  2) when failing to allocate swap zone, keep reducing the zone by
     a third rather than a half in order to reduce the chance of
     allocating way too little.

I also moved around some code for readability.

Suggested by: dillon
Reviewed by: dillon
2001-08-02 07:54:58 +00:00
Warner Losh
e61693305c Only try to allocated properly aligned I/O segments. This should stop
some of the config problems that we've been seeing (where wi0 tries to
allocate 0x138-0x198, for example).

Use err(1,"foo") rather than perror + exit while I'm here.
2001-08-02 07:06:32 +00:00
George C A Reid
8e6d7b291d Fix thinko: FORCE_PKG_RESIDENT -> FORCE_PKG_REGISTER
Submitted by:	Raymond Kohler <ray.kohler@mail.com>
2001-08-02 04:25:06 +00:00
Robert Watson
c17d6a73f2 Add the ability to modify /etc/ttys before first reboot during the
system installation process.  This allows users installing via serial
console to enable serial console login during the installation
process using an un-customized install.  The user is not prompted to
modify /etc/ttys during a normal install, but is offered the
opportunity during post-install configuration.

- Introduce configTTYs(), which describes the benefits of editing
  /etc/ttys, and asks for confirmation before spawning the editor.
- add configTTYs to the post-install configuration, as well as to
  the global configuration index.
2001-08-02 03:53:36 +00:00
Robert Watson
0c09bcb0e8 Compensate for default disabling of network services in inetd.conf(5)
by providing the opportunity to edit inetd.conf during the system
installation process.  The following modifications were made:

(1) Expand the Anonymous FTP description dialog to indicate that inetd
    and ftpd must be enabled before it can be used.

(2) Introduce a new configInetd() pair of dialogs, the first describing
    inetd, giving a couple of examples of services that require it, and
    hinting at potential risk, then asking the user if they wish to
    enable it.  The second indicates that inetd.conf must be configured
    to enabled specific services, and asks if the user would like to
    load inetd.conf into the editor to modify it.  Add this
    configuration action to the index.

There are some further improvements that might be considered:

(1) Provide a more inetd.conf-specific configuration tool that speaks
    inetd.conf(5).  However, this is made difficult by the "yet another
    configuration format" nature of inetd.conf, as well as its use of
    commenting to disable services, rather than an in-syntax way to
    disable a service without commenting it out.  Submissions here
    would probably be welcome.

(2) There's some overlap between settings in the somewhat obtuse
    Security Profile mechanism and other settings, including the inetd
    setting, and NFS server configuration.  As features become
    individually tunable, they should probably be removed from the
    security profile mechanism.  Otherwise, somewhat counter-intuitively,
    sysinstall (in practice) queries multiple times whether inetd, nfsd,
    etc, should be enabled/disabled.  A possible future direction might
    be to drive profiles not by degree of paranoia, rather, the set
    of services desired.  Or simply to remove the Security Profile
    mechanism and resort to feature-driven configuration.

Reviewed by:	imp, chris, jake, nate, -arch, -stable
2001-08-02 03:25:16 +00:00
Robert Watson
f2419a7154 Default to disabling all inetd.conf entries, in particular, telnetd
and ftpd.  This more conservative default reduces the exposure of
freshly installed machines, which is especially valuable for machines
that receive minimal further configuration before being put into
production.  Generally speaking, SSH has superseded the use of both
telnet and ftp in many environments.  In light of recent remotely
exploitable security holes in both telnetd and ftpd, this choice
retains flexibility (both telnetd and ftpd daemons remain installed
and easily enableable) while protecting users who don't need the
additional risk.  This change brings our configuration into line with
the majority of other UNIX vendors, including OpenBSD and NetBSD.

To address the concerns of those requiring remote access via telnet
from first install, changes will shortly be committed to sysinstall
to provide the ability to edit inetd.conf during the installation
process, allowing telnetd and ftp to be re-enabled during the
installation process.

While I'm at it, slightly improve commenting for inetd.conf so that
it's more clear to users how to enable and disable services.
Further commenting to indicate the functions of various columns would
probably also be useful.

Reviewed by:	imp, chris, jake, nate, -arch, -stable
2001-08-02 02:19:56 +00:00
Matt Jacob
d51456f800 Oops- don't set 'goal' twice when you mean to set 'nvrm' as well.
This breaks bogus NVRAM boards.

MFC after:	1 day
2001-08-02 00:34:56 +00:00
Kris Kennaway
9070692e9d A good sysadmin always carries around a few feet of fiber. If he ever
gets lost, he simply drops the fiber on the ground, waits ten minutes,
then asks the backhoe operator for directions.
                -- Bill Bradford <mrbill@mrbill.net>

Submitted by:	Kris Kirby <kris@catonic.net>
2001-08-01 22:51:09 +00:00
Matt Jacob
d82784053e Revert part of previous- I misunderstood the use of 'ncpus'- I thought it'd
been hack to keep clocks from being reinitialized.
2001-08-01 20:35:42 +00:00
Peter Wemm
aa7a4dae6d Temporarily back out kern_sig.c rev 1.125 and kern_exit.c rev 1.131.
This paniced my one of my machines one time too many :-( and there is
no sign of a solution in the pipeline.  The deltas are still easily
available in cvs.  The problem is that if the parent has been swapped
out, the child process cannot grope around in the parent's UPAGES to
see the sigact[] array or it will fault.  This probably is a showstopper
for this implementation anyway.
2001-08-01 20:35:24 +00:00
Dima Dorfman
635751fa8c Fix grammar nit. 2001-08-01 20:16:12 +00:00
Doug Barton
778c176942 Scratch an itch of long standing by adding entries for the most
commonly used x11 ports
2001-08-01 20:13:49 +00:00
Dima Dorfman
4880a1221e Oops, note MFC of UFS_DIRHASH. 2001-08-01 20:08:37 +00:00
Dima Dorfman
9130d3cc55 Fix previous commit: actually move the UFS_DIRHAS stuff, not the
ddb(4) stuff.  I have *no* idea how I managed to screw that up.
2001-08-01 20:07:51 +00:00
Dima Dorfman
073a5d3980 Move the UFS_DIRHASH paragraph to 'filesystems' and note its MFC. 2001-08-01 20:05:36 +00:00
Dima Dorfman
fdf72b194b Note MFCs: WARNS, GCC_OPTIONS, and GNATS. 2001-08-01 20:04:19 +00:00
Doug Barton
48b3cebbee I could have sworn I did this already, but obviously I didn't. So,
take another stab at updating the IANA web page.
2001-08-01 19:48:12 +00:00
Warner Losh
53af1c8a3d TI cardbus bridges, 12xx and newer, have an interesting register. It
is the diagnostics register at offset 0x93.  When bit 5 is set in this
register, bits 4-7 in ExCA register 0x5 being 0000 are required for
pci interrupt routing.  When it is clear, then bit 4 of ExCA register
0x3 is used to enable it.

The only other issue is that when you route interrupts this way, you
must read ExCA register 0x4 in order to clear the interrupt, else you
get an interrupt storm.

Deal with this requirement by setting things up.  It is believed that
this won't hurt other chipsets, but other chipsets may require their
own work arounds.
2001-08-01 19:41:56 +00:00
Matt Jacob
802f355a3f Don't initialize a clock twice (it's not a function of number of
cpus).
2001-08-01 19:40:11 +00:00
David E. O'Brien
67c5850a34 Correct the version number. 2001-08-01 18:35:54 +00:00
Guy Helmer
3b62c20eda Add "use Fcntl" to resolve O_RDWR|O_CREAT|O_EXCL macros used in
new sysopen call.

PR:		29366 (in part)
2001-08-01 16:32:36 +00:00