Commit Graph

5646 Commits

Author SHA1 Message Date
Joerg Wunsch
6b5c2dd6a1 Fix a serious bug in syslogd regarding the handling of pipes. The bug
would cause syslogd to eventually kill innocent processes in the
system over time (note: not `could' but `would').  Many thanks to my
colleague Mirko for digging into the kernel structures and providing
me with the debugging framework to find out about the nature of this
bug (and to isolate that syslogd was the culprit) in a rather large
set of distributed machines at client sites where this happened
occasionally.

Whenever a child process was no longer responsive, or when syslogd
receives a SIGHUP so it closes all its logging file descriptors, for
any descriptor that refers to a pipe syslogd enters the data about the
old logging child process into a `dead queue', where it is being
removed from (and the status of the dead kitten being fetched) upon
receipt of a SIGCHLD.  However, there's a high probability that the
SIGCHLD already arrives before the child's data are actually entered
into the dead queue inside the SIGHUP handler, so the SIGCHLD handler
has nothing to fetch and remove and simply continues.  Whenever this
happens, the process'es data remain on the dead queue forever, and
since domark() tried to get rid of totally unresponsive children by
first sending a SIGTERM and later a SIGKILL, it was only a matter of
time until the system had recycled enough PIDs so an innocent process
got shot to death.

Fix the race by masking SIGHUP and SIGCHLD from both handlers mutually.

Add additional bandaids ``just in case'', i. e. don't enter a process
into the dead queue if we can't signal it (this should only happen in
case it is already dead by that time so we can fetch the status
immediately instead of deferring this to the SIGCHLD handler); for the
kill(2) inside domark(), check for an error status (/* Can't happen */
:) and remove it from the dead queue in this case (which if it would
have been there in the first place would have reduced the problem to a
statistically minimal likelihood so i certainly would never have
noticed the bug at all :).

Mirko also reviewed the fix in priciple (mutual blocking of both
signals inside the handlers), but not the actual code.

Reviewed by:	Mirko Kaffka <mirko@interface-business.de>
Approved by:	jkh
2000-02-28 17:49:43 +00:00
Kris Kennaway
acf44ec222 pkg_create doesn't use more(1) for displaying +DISPLAY files, it
just cats it to stdout.
2000-02-27 06:32:25 +00:00
Jordan K. Hubbard
1edd3fc668 Be neater with the screen contents. 2000-02-26 12:43:01 +00:00
Jordan K. Hubbard
fd06790a39 Fix benign but stupid variable typo. 2000-02-26 12:35:00 +00:00
Jordan K. Hubbard
0106f6ef58 Make all menu items more consistent and deal with a few remaining
bogus accelerators.

Based largely on feedback from:	Basit Syed <syed@pinenut.nosc.mil>
2000-02-26 12:33:49 +00:00
Jordan K. Hubbard
a90fc31d36 Toggle variables between YES and NO values, don't just set them to YES
or unset them.  That makes it impossible to turn something off.
2000-02-26 12:07:40 +00:00
Jordan K. Hubbard
2150746365 Clean up some of the abstraction in this code. 2000-02-26 11:57:22 +00:00
Jordan K. Hubbard
2d15624bd4 Add knobs for sendmail and sshd 2000-02-25 23:02:48 +00:00
Jordan K. Hubbard
ccd140ac08 Make sysinstall use the new debug.boothowto OID. It will now go
straight into debug mode if you boot -v.  Also conditionalize some
annoying debugging output now that we have this ability.

Partially submitted by:	msmith
Approved by:	jkh [to make certain wise-acres happy ;)]
2000-02-25 20:55:15 +00:00
Mark Murray
512182f3ff Use libcrypto instead of libdes. 2000-02-24 21:10:28 +00:00
Mark Murray
f499a39621 Use libcrypto instead of libdes. 2000-02-24 21:01:54 +00:00
Yoshinobu Inoue
53c9088f68 Security fixes. (Just same as sbin/ping and usr.sbin/traceroute)
-Open socket() at first and then setuid() to actual user.
  -Allow ping6 preload option only for root.

Approved by: jkh

Submitted by: Neil Blakey-Milner <nbm@mithrandr.moria.org>
2000-02-24 19:06:05 +00:00
Yoshinobu Inoue
93eff08412 Print ifname when sendmsg failed.
Approved by: jkh
2000-02-24 18:46:51 +00:00
Jordan K. Hubbard
b9452ccfa1 Do USA_RESIDENT properly. 2000-02-24 08:28:06 +00:00
Yoshinobu Inoue
58af74e6b8 Fix broken inet logging when wrapping options are not specified.
Approved by: jkh

Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-02-22 00:27:53 +00:00
Ruslan Ermilov
8a61c1540b Cleanup manpage a bit. 2000-02-21 11:05:56 +00:00
Ruslan Ermilov
74db3cd190 Fix a buffer overflow.
PR:		16415
Submitted by:	Kevin Day <toasty@dragondata.com>
Approved by:	jkh
2000-02-21 10:22:39 +00:00
Jordan K. Hubbard
38d3498390 Make the doc menu work again by checking the right variables. 2000-02-20 23:50:01 +00:00
Jordan K. Hubbard
f53cb8a8cc Now I remember why I didn't write out the gateway in the DHCP case;
it was a feature.
2000-02-20 21:58:10 +00:00
Jordan K. Hubbard
218e70aa03 Fix the fvwm desktop option (for all 3 of us who use it). 2000-02-20 10:01:33 +00:00
Robert Watson
d98722bcb9 - As jail(8) has been almost completely rewritten, prepend another copyright/
BSD-style license, as an add-on to phk's beerware license.  Please fedex
  some beer to phk.

- Add a ``make depend'' line to the jail-building, which fixes openssl,
  among other things.  Suggested by: kris

- Add ``newaliases'' to the list of things to do when setting up a new
  jail, so that the jailed sendmail doesn't complain.

- Correct references to ``kern.jail.set_hostname_allowed'' which now read
  ``jail.set_hostname_allowed''.

- Add a reference to sysctl.conf where the sysctl can easily be set in
  a persistent way.

- Add a list of cross references to the man page.

- Fix a formatting nit or two.
2000-02-20 02:51:11 +00:00
Jordan K. Hubbard
da8a39382b If user says they're in the USA, record that fact in /etc/make.conf 2000-02-19 23:22:22 +00:00
Yoshinobu Inoue
0ca229d64d Change IPv6 scoped addr format again based on recent standard discussion.
Sorry for the flapping, but no change will be done for 4.0 anymore.
Official standard will be published around April or later.
If different format would be adopted at that time, then support for
the new format will be added to the succeeding FreeBSD 4.x.

Approved by: jkh
2000-02-19 16:10:16 +00:00
Jordan K. Hubbard
b3df60582c no need to fix moused setting here; fix in defaults 2000-02-19 13:05:14 +00:00
Jordan K. Hubbard
241d4c9361 Whoops, forgot to delete the ! operator in the reversed conditional
for anonftp.  Fix.
2000-02-19 12:42:03 +00:00
Jordan K. Hubbard
ff6f5bfb91 1. If checking for directory-ness, check "dir" and "dir/" to catch
the case where we have a symlink pointing at a dir.

2. Restore stomped character before returning in make_hierarchy()
2000-02-19 08:58:54 +00:00
Jordan K. Hubbard
95452c412e 1. If checking for directory-ness, check "dir" and "dir/" to catch
the case where we have a symlink pointing at a dir.

2. Restore stomped character before returning in make_hierarchy()
2000-02-19 08:52:52 +00:00
Robert Watson
c2edcb1a5c Fix up a few documentation nits in jail(8), as well as improve the
instructions so as to reduce warnings during jail startup, etc.
Add a somewhat bolder warning recommending the use of
kern.jail.set_hostname to limit jail renamining.
2000-02-18 19:02:22 +00:00
Jordan K. Hubbard
306b268114 Invert the meaning of two questions in the Standard installation so just
whapping "Yes" by default does not turn you into an anonymous FTP-supporting
gateway machine.  Those aren't the right "defaults."
2000-02-18 18:33:15 +00:00
Søren Schmidt
fb8dde3146 Dont allow burn when format not selected.
Use the right format in printfs.

Fix the partial write error (the res variable).

Reminder by: (Bill Fumerola <billf@FreeBSD.org>)
2000-02-18 16:36:28 +00:00
Yoshinobu Inoue
ea70950ecc HBH hdr len correction.
Without this fix, MLD query to all nodes fails to send.
  Merge from recent KAME bug fix.

Approved by: jkh
2000-02-18 11:48:04 +00:00
Jordan K. Hubbard
be4a40d0eb Don't call it a Novice install, call it Standard.
Also say thousands of packages, not hundreds.
2000-02-18 07:09:45 +00:00
Jordan K. Hubbard
b349038c95 While looking for a bug, tripped over style issues with added
code.  Fix them.
2000-02-18 07:00:01 +00:00
Jordan K. Hubbard
77854e2013 add missing newline to previous cosmetic fixes. 2000-02-18 03:02:32 +00:00
Daniel C. Sobral
2bfaac9755 If no distribution file is found, abort the installation. Previous
behavior silently ignored the problem. This affects installations
from a filesystem, and possible other types of media.

Approved by:	jkh
2000-02-17 17:59:41 +00:00
Daniel C. Sobral
8f7cefb3be If the installation media disappears in the process of installing
a distribution, recognize it and treat as fatal media error. This
happens in the case of a timeout on FTP installations where the
user chooses not to select another FTP site, and resulted in
segmentation fault.

Approved by:	jkh
2000-02-17 17:57:40 +00:00
Jordan K. Hubbard
d294a07a7f Various cosmetic fixes, stop saying "DES" when we really mean "crypto",
go for more sensible defaults in a couple of menus.
2000-02-17 06:15:11 +00:00
Jordan K. Hubbard
7b5629bcec s/wd/ad/ - new ATA code 2000-02-17 04:40:11 +00:00
Bill Swingle
187c0f1691 updates the vidcontrol man page to include mention of the new -M flag
PR:		16221
Submitted by:	Kelly Yancey <kbyanc@posi.net>
2000-02-17 03:00:38 +00:00
Gregory Sutter
cf2d6bbc58 Typo in example: 'vn0' should be 'vn1'
'boundry' -->  'boundary'
'seperated' --> 'separated'

PR:		16623
Submitted by:	Munehiro Matsuda <haro@tk.kubota.co.jp>
2000-02-17 02:54:36 +00:00
Gregory Sutter
77097930eb /tmp --> /var/tmp, for consistency with the rest of the example.
PR:		16463
Submitted by:	Mike Heffner <spock@techfour.net>
Reviewed by:	jim
2000-02-17 00:43:04 +00:00
Robert Watson
09aa405f34 Modified jail.8 to correct a typo (inetd_flas vs. inetd_flags), and add
a comment to the effect that I'm responsible for the additional
documentation, et al, so that phk gets fewer messages about my errors.
2000-02-16 23:50:43 +00:00
Yoshinobu Inoue
66182096e8 Fix pathname of pim6sd.conf from /usr/local/v6/etc to /etc.
Approved by: jkh
2000-02-15 18:33:22 +00:00
Yoshinobu Inoue
c00ba6b645 Fix pathname of pim6dd.conf from /usr/local/v6/etc to /etc.
Approved by: jkh
2000-02-15 18:30:24 +00:00
Yoshinobu Inoue
b85d5dc850 -P option was not enabled, so enable it
(The option specify IPsec policy for rtadvd to receive Router Renumbering
messages.)

Approved by: jkh
2000-02-15 18:24:27 +00:00
Yoshinobu Inoue
9bf48e31c5 Correct pathname of rtadvd.conf from /usr/local/v6/etc to /etc.
Approved by: jkh
2000-02-15 18:21:38 +00:00
Jordan K. Hubbard
46fed58ae1 Include /usr/libexec in the list of upgrade targets by chflags'ing it first. 2000-02-15 18:13:56 +00:00
Kazutaka YOKOTA
1e6c9556ad Change the text in the mouse protocol menu to indicate that protocols
for serial mice won't work with the PS/2 and bus mice.  No functional
change.

Approved by: jkh
2000-02-15 08:51:34 +00:00
Peter Wemm
b5c060826a s|/dev/log|/var/run/log| 2000-02-14 13:26:57 +00:00
Jordan K. Hubbard
f3026a61ef Increase the size of the various index variables; there was
some overflow occurring.
Submitted by:	steve
2000-02-13 21:11:28 +00:00