Commit Graph

15847 Commits

Author SHA1 Message Date
Devin Teske
e84a7d105d Properly escape arguments when moving into jail or chroot
MFC after:	3 days
X-MFC-to:	stable/10
2015-09-01 21:40:04 +00:00
Devin Teske
c1acb66e01 Style: comments
MFC after:	3 days
X-MFC-to:	stable/10
2015-09-01 21:20:43 +00:00
Devin Teske
3d31973643 Style consistency: add single space before each `;;' case entry
MFC after:	3 days
X-MFC-to:	stable/10
2015-09-01 21:19:45 +00:00
Devin Teske
c8c3b0c498 Remove `SYSRC_' prefix from $SYSRC_VERBOSE (prefix unnecessary since
this is a non-inheritable attribute; was previously).

MFC after:	3 days
X-MFC-to:	stable/10
2015-09-01 21:18:33 +00:00
John Baldwin
7816cb4a0b Fix an off by one error in r283613: Like regular ffs(), CPU_FFS() returns
1 for CPU 0, etc. so the return value must be decremented to obtain the
first valid CPU ID.

Submitted by:	fabient
MFC after:	1 week
2015-09-01 17:52:43 +00:00
Xin LI
6fcf3575e2 Check and fail if drop of privileges failed.
MFC after:	2 weeks
2015-09-01 06:32:02 +00:00
Xin LI
e54569ecca die() would never return, mark it as so.
MFC after:	2 weeks
2015-08-27 18:11:00 +00:00
Xin LI
f595a30ba0 Plug a possible memory leak.
MFC after:	2 weeks
2015-08-27 06:28:42 +00:00
Jung-uk Kim
70e6ab8f6b Merge ACPICA 20150818. 2015-08-26 17:13:47 +00:00
Marcelo Araujo
58458d066f Sync ypwhich(1) code with the OpenBSD version that is more modern.
Update the BSD LICENSE and remove the 3rd clause.

Reviewed by:	rodrigc, kib, bapt
Approved by:	bapt (mentor)
Obtained from:	OpenBSD
Differential Revision:	D3249
2015-08-25 15:27:32 +00:00
Edward Tomasz Napierala
d321965424 Some random tweaks to ctl.conf(5).
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-08-24 09:33:12 +00:00
Hiroki Sato
f2203c2740 Add static and remove unused variables. 2015-08-24 05:38:05 +00:00
Hiroki Sato
f34065a7fd Remove obsolete API (SIOCGDRLST_IN6 and SIOCGPRLST_IN6) support. 2015-08-24 05:28:23 +00:00
Warner Losh
b14fc856d7 Make it clear that we're ignoring the return value fread(3). All
errors that might happen here will be reported a few lines down.

CID: 1295248
2015-08-24 00:34:09 +00:00
Baptiste Daroussin
bb1816daa4 Fix err pointer not initialized to NULL resulting
Reported by:	"O. Hartmann" <ohartman@zedat.fu-berlin.de>
2015-08-21 14:28:14 +00:00
Warner Losh
f1868b4309 Turn off gcc's uninitialized warnings for this code. They
can be fixed, but really do appear to be false alarms.
2015-08-21 14:15:54 +00:00
Baptiste Daroussin
80b3ba7a8d Fix typo in regression test 2015-08-21 11:25:42 +00:00
Baptiste Daroussin
729d9b2caa Fix /home symlink creation
Add regression test about it
2015-08-21 09:28:20 +00:00
Baptiste Daroussin
95c64defd7 Fix useradd regression:
Readd the function to create the parents home directory if it does not exists.
if it is only a directory at the top level of the hierarchy symlink it into /usr
as it used to be done before.

Reported by:	kevlo, adrian
2015-08-21 07:09:53 +00:00
Alan Somers
d60f0f1c49 Add ATF functional tests for fstyp(8). No ZFS or GELI tests yet.
Reviewed by:	trasz, ngie
MFC after:	2 weeks
Sponsored by:	SpectraLogic
Differential Revision:	https://reviews.freebsd.org/D2801
2015-08-20 15:37:47 +00:00
Ian Lepore
7b4a83b1d0 Add a new exit-timeout option to watchdogd.
Watchdogd currently disables the watchdog when it exits, such as during
rc.shutdown processing.  That leaves the system vulnerable to getting hung
or deadlocked during the shutdown part of a reboot.  For embedded systems
it's especially important that the hardware watchdog always be active.  It
can also be useful for servers that are administered remotely.

The new -x <seconds> option tells watchdogd to program the watchdog with the
given timeout just before exiting.  The -x value can be longer or shorter
than the -t normal time value, to allow for various exceptional conditions
at shutdown such as allowing extra time for buffer flushing.

The exit value is also used internally in the "failsafe" handling (which
used to just disable the watchdog), on the theory that if you're using this
option, "safe" means having the watchdog always running, not disabled.

The default is still to disable the watchdog on exit if -x is not specified.

Differential Revision:	https://reviews.freebsd.org/D2556 (timed out)
2015-08-19 21:46:12 +00:00
Xin LI
48f9270689 Issue warning and refuse to proceed further if the configured
repository signature_type is unsupported by bootstrap pkg(7).

Previously, when signature_type specified an unsupported method,
the bootstrap pkg(7) would proceed like when signature_type is
"none".  MITM attackers may be able to use this vulnerability and
bypass validation and install their own versions of pkg(8).

At this time, only fingerprint and none are supported by the
bootstrap pkg(7).

FreeBSD's official pkg(8) repository uses the fingerprint method
and is therefore unaffected.

Errata candidate.

Discussed with:	bapt@
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
2015-08-19 18:24:39 +00:00
Alan Somers
fac7bc2365 Serve /etc/eui64 via NIS.
The C library already knows how to lookup eui64 entries from NIS. For
example, fwcontrol(8) does it. But /var/yp/Makefile.dist doesn't build the
eui64 maps, and ypinit(8) doesn't push them to slaves. This change fixes
that.

Reviewed by:	brooks, wblock
MFC after:	2 weeks
Sponsored by:	SpectraLogic Corp
Differential Revision:	https://reviews.freebsd.org/D3404
2015-08-18 15:33:23 +00:00
Gleb Smirnoff
5041118435 Belatedly fix documentation on which interface to use as argument. 2015-08-17 09:18:54 +00:00
Peter Grehan
7a40703db9 Add simple (no-op) emulations for the CHECK_POWER_MODE,
READ_VERIFY and READ_VERIFY_EXT commands.

Reviewed by:	mav
2015-08-17 05:59:36 +00:00
Alexander Motin
2f444d157b Drop "internal" CTL frontend.
Its idea was to be a simple initiator and execute several commands from
kernel level, but FreeBSD never had consumer for that functionality,
while its implementation polluted many unrelated places..
2015-08-15 13:34:38 +00:00
Baptiste Daroussin
5770ce6f1d Regression: fix pw usermod -w xxx
Reported by:	gjb
2015-08-14 13:39:55 +00:00
Christian Brueffer
99d43aee11 Fix a few mandoc warnings.
MFC after:	1 week
2015-08-12 10:34:05 +00:00
Alexander Motin
a7ab146375 Another small typo.
MFC after:	3 days
2015-08-11 09:00:27 +00:00
Alexander Motin
97e14c64da Fix minor typo.
MFC after:	3 days
2015-08-11 08:58:00 +00:00
Marcelo Araujo
006bf8a619 style(9) requires a space here. 2015-08-11 01:45:17 +00:00
Marcelo Araujo
e5763f0069 Sync the code with OpenBSD.
Remove 3rd BSD clause.

Differential Revision:	D3289
Approved by:		bapt (mentor)
Obtained from:		OpenBSD
2015-08-11 01:33:36 +00:00
Bjoern A. Zeeb
f2dedc73e0 Rather than hardcoding a string and limiting the comparison to these
characters use the defined constant so that in case of change this
would not break.

Reviewed by:		allanjude
Differential Revision:	https://reviews.freebsd.org/D3340
MFC after:		2 weeks
2015-08-10 10:29:32 +00:00
Ed Schouten
a1b862daec Remove bad call to shutdown().
The socket created by rtsol/rtsold is not a connection-based socket,
meaning that we should not attempt to call shutdown() on it.

Reported by:	kan
2015-08-10 07:45:13 +00:00
Alexander Motin
d7f5186022 Refactor early stages of security negotiation.
MFC after:	2 weeks
2015-08-08 19:04:37 +00:00
Alexander Motin
4462a6049d Remove some code duplication.
MFC after:	1 week
2015-08-08 16:39:28 +00:00
Christian Brueffer
84fe889c63 Manpage cleanup.
- new sentence -> new line
- fix manpage references
- fix macro usage
- fix a typo

MFC after:	1 week
2015-08-07 10:48:52 +00:00
Baptiste Daroussin
f5a15df7d8 Add regression tests for a bug reported in stable/10
While pw(8) on head is not affected it is worth adding more regression tests
ensuring this bug will not happen unnoticed in the futur
2015-08-05 21:11:32 +00:00
Enji Cooper
c1987c2852 Set f_file to -1/F_UNUSED when after closing when possible
This will help ensure we don't trash file descriptors that get used later on
in the daemon

Found via internal Coverity scan

MFC after: 2 weeks
Discussed with: cem, ed, markj
Differential Revision: https://reviews.freebsd.org/D3081
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: EMC / Isilon Storage Division
2015-08-05 03:17:06 +00:00
Glen Barber
1da17fb7be Ensure the local MANIFEST is always used when verifying remote
distribution sets.

MFC after:	immediately
Sponsored by:	The FreeBSD Foundation
2015-08-04 13:40:26 +00:00
Ed Schouten
fc6ab77011 Avoid calling strlen() where we can use the strspn() return value. 2015-08-03 22:07:50 +00:00
Devin Teske
1e4d5cf1d6 Clarify pw(8) manual w/respect to required arguments. Break long lines at
punctuation while here.

Differential Revision:	https://reviews.freebsd.org/D2700
Reviewed by:	wblock, bapt
MFC after:	3 days
X-MFC-to:	stable/10
2015-08-03 21:19:31 +00:00
Baptiste Daroussin
5e52b667a7 Fix bugs spotted by gcc
Reported by:	adrian
2015-08-03 06:06:56 +00:00
Adrian Chadd
bbec1b5a7b Actually set quiet to something.
/usr/home/adrian/work/freebsd/head-embedded-2/src/usr.sbin/pw/pw_user.c: In function 'pw_user_next':
/usr/home/adrian/work/freebsd/head-embedded-2/src/usr.sbin/pw/pw_user.c:680: warning: statement with no effect
2015-08-03 05:59:30 +00:00
Baptiste Daroussin
5cc12db1c7 Use intmax_t rather than long long 2015-08-02 19:49:24 +00:00
Baptiste Daroussin
9e24273cca Convert the year used for regression test fro 2043 to 2037
This makes the regression tests pass on systems where time_t is 32bits
2015-08-02 18:20:36 +00:00
Baptiste Daroussin
fc5079452d Fix build on 32bits 2015-08-02 13:50:11 +00:00
Baptiste Daroussin
8159e0373f Split some extra long lines 2015-08-02 13:33:17 +00:00
Baptiste Daroussin
9261982d92 Split some extra long lines 2015-08-02 13:32:23 +00:00
Baptiste Daroussin
bcbdb01e56 Cleanup a bit includes 2015-08-02 13:22:46 +00:00
Baptiste Daroussin
b8a5086ef0 Add regression tests about adding already existsing groups/users 2015-08-02 13:02:53 +00:00
Baptiste Daroussin
f4124312a1 Fix regression: report if a group already exists when creating it 2015-08-02 12:56:25 +00:00
Baptiste Daroussin
a64b90fbaa Fix regression: report again if a username already exists when creating it 2015-08-02 12:54:15 +00:00
Baptiste Daroussin
db533440b7 Remove dead code 2015-08-02 12:48:36 +00:00
Baptiste Daroussin
d2d022b9fd Rewrite parsing subcommands arguments of pw(8)
Now each subcommands checks its arguments in a dedicated functions.

This helps improving input validation, code readability/maintainability
While here:
- Add a -y option to pw userdel/usermod so it can maintain NIS servers if
  nispasswd is not defined in pw.conf(5)
- Allow pw -r <rootdir> to remove directory with userdel -r
- Fix bug when renaming a user which was not renaming the user name it groups
  it is a member of.
- Only parse pw.conf(5) when needed.
2015-08-02 12:47:50 +00:00
Baptiste Daroussin
0996b15464 Remove netbsd tests on pw(8)
First they are redundant with the tests we currently have on pw(8)
Second they to modify the host database instead of being self contained withing
the test directory
2015-08-02 00:33:34 +00:00
Baptiste Daroussin
458fdd97ab Remove things that crept in after badly checked revert 2015-08-01 12:20:55 +00:00
Baptiste Daroussin
7493058fb6 Partial revert of r286152
More work needed on the cli validation
2015-08-01 12:18:48 +00:00
Baptiste Daroussin
7391bf5ada Fix build 2015-08-01 11:52:48 +00:00
Baptiste Daroussin
510113b84d Fix formatting of new code
Fix sorting or errstr
Remove useless initialisation or errstr

Reported by:	bde
2015-08-01 11:31:59 +00:00
Baptiste Daroussin
f2164ae0fa Revert r286148 2015-08-01 10:40:17 +00:00
Baptiste Daroussin
80d9f89289 Validate expiration days and password days from commmand line and pw.conf 2015-08-01 10:25:55 +00:00
Baptiste Daroussin
e5e7ef48eb Validate the max_uid/max_gid boundaries and entry type in pw.conf 2015-08-01 10:10:13 +00:00
Baptiste Daroussin
50698e6718 Cast uid/git to uintmax_t when using printf-like functions so the size of
uid/gid size remains a implementation detail
2015-08-01 09:55:47 +00:00
Baptiste Daroussin
f4e060d0f7 Handle +:*:: the same way we handle +::: when checking group file
The first is what the documentation recommands for NIS client
2015-08-01 08:39:55 +00:00
Baptiste Daroussin
e622418c5b Use strtoumax instead of strtoul 2015-08-01 08:35:20 +00:00
Baptiste Daroussin
a86e343db6 Improve strtounum
Fix many style bugs
Better variable naming
Use C99 'restrict' were apropriate
Fix potential errno race

Submitted by:	bde
2015-07-30 06:14:47 +00:00
Baptiste Daroussin
796ba6fcc2 Cleanup includes 2015-07-29 23:26:14 +00:00
Baptiste Daroussin
c308ef6fd2 Actually set the proper license
Reported by:	trasz
2015-07-29 22:51:54 +00:00
Baptiste Daroussin
22665b2563 Actually add the new code 2015-07-29 06:23:06 +00:00
Baptiste Daroussin
8411215a80 Create a strtounum function using the same API as strtonum
This function returns uintmax_t
Use this function to convert to gid_t/uid_t
2015-07-29 06:22:41 +00:00
Baptiste Daroussin
bbdee3ebde Reject usermod and userdel if the user concerned is not on the user database
supposed to be manipulated

This prevent pw usermod creating a new local user when requesting to usermod on
a username is defined in LDAP.

This issue only happens when modifying the local user database (not inpacting
commands when -V or -R are used).

PR:		187653
Submitted by:	tmwalaszek@gmail.com
2015-07-28 21:49:38 +00:00
Bryan Drewery
b99a71b1da Fix rescue build after r284356 with STRIP= by using proper STRIPBIN per build(7).
This was causing the following error:

  rescue
  sh: rescue: not found
  *** [rescue] Error code 127

  make[1]: stopped in /usr/obj/usr/src/rescue/rescue

Sponsored by:	EMC / Isilon Storage Division
2015-07-28 21:39:58 +00:00
Baptiste Daroussin
90a4edb584 Check uid/gid used when creating a user/group are not larger than UID_MAX/GID_MAX
PR:		173977
Reported by:	nvass@gmx.com
2015-07-28 21:10:58 +00:00
Baptiste Daroussin
81e2ba845c Fix wrong warning printed after changing or updating NIS users
PR:		37672
Submitted by:	chris+freebsd@chrullrich.de
2015-07-28 20:52:10 +00:00
Baptiste Daroussin
87bf5e9212 when -n is passed to any pw subcommand it is always expected to be considered as
a name so do not try to convert it to an id if it is a numeric value

PR:		31933
Reported by:	ted@impulse.net
Sponsored by:	gandi.net
2015-07-28 12:20:57 +00:00
Marcelo Araujo
033af09de1 Staticfy and constify some variables and clean up the code a bit to make it
more readable. No functional change.

Differential Revision:	D3166
Reviewed by:		kib
Sponsored by:		gandi.net
2015-07-28 02:32:40 +00:00
Dru Lavigne
7ec72d484f Fix transposed words in man page.
PR: 201752
Reviewed by: bcr
MFC after: 3 days
Sponsored by: Essen FreeBSD Hackathon
2015-07-25 11:10:49 +00:00
Jung-uk Kim
fe0f0bbb19 Merge ACPICA 20150717. 2015-07-22 16:25:07 +00:00
Allan Jude
a7d5d8d9d0 Add the Dell E7240 laptop and Intel DP965LT motherboard to the list for the GPT active workaround
PR:		194359
Requested by:	sbruno, hiren
Approved by:	marcel
MFC after:	3 days
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3139
2015-07-21 00:33:15 +00:00
Pedro F. Giffuni
d37cb73c79 snmp_hostres(3): Fix buffer overflow.
Actually just a typo. Detected by gcc + FORTIFY_SOURCE patches.

CID:		1007594
MFC after:	3 days
2015-07-20 16:08:01 +00:00
Xin LI
788aa07e34 Use fixed date/time (the time choosen was the time the import was done on
-HEAD) in libntp so we can make reproducible build.

PR:		bin/201661
Reviewed by:	gjb, cy, roberto
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D3122
2015-07-19 19:23:38 +00:00
Marcelo Araujo
f19e47d691 Add support to the jail framework to be able to mount linsysfs(5) and
linprocfs(5).

Differential Revision:	D2846
Submitted by:		Nikolai Lifanov <lifanov@mail.lifanov.com>
Reviewed by:		jamie
2015-07-19 08:52:35 +00:00
Allan Jude
7059fa6ff8 Add support for two workarounds for known issues booting GPT in legacy mode on some hardware
For Lenovo laptops with buggy bios (x220, t420, t520):
	Write the 0xee entry into the second slot in the pmbr instead of the first

For some Dell and HP models:
	The BIOS gives a warning message when booting in legacy mode from a GPT partitioned disk where the 0xee partition in the pmbr is not flagged active
	For models known to have this problem, mark the pmbr active during installation

Use smbios data to identify machines known to be affected by any of the above, and offer the user the option to apply the workaround

In bsdinstall's ufs auto mode (autopart partition wizard):
	Allow users to select which type of partition table to use
	Keep current defaults: MBR for BIOS, GPT for UEFI
	This allows users to choose GPT for legacy boot if they wish

PR:		184910
PR:		194359
Reviewed by:	Michael Dexter
Approved by:	marcel
MFC after:	3 days
X-MFC-With:	r285594
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3091
2015-07-18 18:49:44 +00:00
Edward Tomasz Napierala
f36b09c457 fstyp(8) ships with 10.2.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2015-07-18 12:03:51 +00:00
Edward Tomasz Napierala
d79b323ba9 uefisign(8) ships with 10.2.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2015-07-18 12:03:17 +00:00
Baptiste Daroussin
dac542123b make ctdladm(8) return 0 is everything was ok.
retval is used to test the return of XML_Parse function which is ok if 1 is
returned and retval it directly returned to the main function and used as an
exit value.

if all the parsing part is done reset retval to 0 so that the command return 0
if everything ok

Differential Revision:	https://reviews.freebsd.org/D3102
Reviewed by:	trasz
MFC after:	3 days
Sponsored by:	gandi.net
2015-07-17 19:10:43 +00:00
Justin Hibbits
8947c2986d Fix formatting. 2015-07-16 05:14:20 +00:00
Marcelo Araujo
e5523594ed Fix a warning spotted by gcc4.9: dereferencing type-punned pointer will break
strict-aliasing rules.

Declare some variables as statics as well as some functions that are internal
helpers. Update the function broadcast_result() to a post-K&R definition.

Differential Revision:	D2690
Reviewed by:		rodrigc, dim
2015-07-16 02:34:22 +00:00
Allan Jude
69e4b249f8 Make bsdinstall's zfsboot script align partitions to 4k/1m when the user requests it
PR:		195174
Reviewed by:	darius
Approved by:	brueffer
MFC after:	3 days
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3062
2015-07-14 19:57:10 +00:00
Allan Jude
7e3ebc5b0a Set a mountpoint on the root of the pool so user-created datasets have a mountpoint to inherit
Reviewed by:	darius
Approved by:	brueffer
MFC after:	3 days
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3063
2015-07-14 19:42:40 +00:00
Allan Jude
1bc080435c Have bsdinstall's zfsboot script make /var/audit its own dataset, so it is not part of the OS boot environment
PR:		199864
Submitted by:	Jason Unovitch
Approved by:	brueffer
MFC after:	3 days
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D2861
2015-07-14 19:38:26 +00:00
Allan Jude
4ffa3da5f8 Fix a typo in bsdinstall
A variable was misspelled resulting in chmod executing on the installer instead of on the target chroot

PR:		191402
Submitted by:	Martin Simmons <martin@lispworks.com>
Approved by:	brueffer
MFC after:	3 days
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3061
2015-07-13 17:40:24 +00:00
Baptiste Daroussin
a70fbf7ef5 Really fix -o 2015-07-13 09:12:05 +00:00
Baptiste Daroussin
aa509e5e81 Add regression tests to ensure we keep allowing creating users with uid0 2015-07-13 09:09:09 +00:00
Baptiste Daroussin
d7747c3c6f Regression fix: allow to create users with uid0
Reported by:	Jan Mikkelsen <janm@transactionware.com>
2015-07-13 09:08:27 +00:00
Baptiste Daroussin
a46045bbfa Fix logic of check duplicates that has been inverted 2015-07-13 09:07:38 +00:00
Xin LI
8c377b430c Bump version after 4.2.8p3 import.
Note: currently 'mkver' script is using hardcoded knowledge and always
emits -a in the version string, a more through solution would be to generate
the script with something that we own.
2015-07-12 23:32:23 +00:00
Baptiste Daroussin
28b2f1294f Ensure skeldir is abolute path (relatively to the rootdir) 2015-07-12 22:08:58 +00:00
Baptiste Daroussin
ee8c5d1451 pw -R <rootdir> userdel can now cleanup installation
Rewrite rm_r to use *at function, allowing to remove home directories along with
users. only crontabs and at(1) installation are not removed

Relnotes:	yes
2015-07-12 21:43:57 +00:00