is more than one HCI node present
- Use errx(3) instead of err(3) if there is no HCI node present as errno
is 0 in this case and the resulting error message wouldn't make much sense
Approved by: emax (mentor)
setgid(2), setlogin(2) and initgroups(3). In theory they could
fail for root with some third party mac(4) policies.
Submitted by: Kostik Belousov
MFC after: 1 month
Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]
Security: FreeBSD-SA-06:15.ypserv [1]
Security: FreeBSD-SA-06:16.smbfs [2]
I considered leaving /boot/kernel out of the chflags noschg line, but I
seem to remember that there was a period where /boot/kernel was schg, so
have left it in for safety's sake.
Approved by: jhb
MFC after: 1 month
can read two variables at once; and suffix pattern deletion) to make the
extract command fork fewer processes.
With the portsnap snapshot and the ports tree in swap-backed memory
disks on my 1.4GHz laptop, this reduces 178800 processes and 195/56/126
seconds of real/user/sys time to 44600 processes and 103/34/60 seconds.
so that both parent and child processes ignore this signal.
PR: bin/97768
Submitted by: Gea-Suan Lin <gslin at csie dot nctu dot edu dot tw>
MFC after: 3 days
We already check for write() failures and handle EPIPE.
Failure to handle SIGPIPE was resulting in rpc.lockd terminating.
PR: bin/97768
Reported by: Gea-Suan Lin <gslin at csie dot nctu dot edu dot tw>
MFC after: 1 day
SRC_BASE package (src/[A-Z]*) as well as SRC_SYS (src/sys/*). This
allows users who only install the kernel source code to use the
modern "make buildkernel" approach.
Discussed with: re (scottl, kensmith)
MFC after: 3 days
parameter optional.
- Add Read_Node_List command which prints a list of available HCI nodes,
their Netgraph IDs and connected hooks
Reviewed by: emax
Approved by: emax
MFC after: 1 week
expression, which makes it possible to only see interesting
providers. "f" is used inside gstat to set a filter, "F" is used to
remove current filter.
- Do not print some uninteresting values in the gstat title line.
- Do not print past the end of the screen.
- Read multiple keystrokes per "wait" when gstat is running.
- Remove a redundant != check, right after check of NULL against the
same variable ("gid").
- Use sysexits.h.
- Do not link against libkvm and libsbuf, they are not actually used.
- Fix a few style(9) issues where I had to touch nearby code anyway.
Approved by: cperciva (mentor)
MFC after: 2 weeks
Submitted by: Dan Lukes
Reviewed by: hm@
fix compile warnings in isdnd and isdntest. some more
compile time warnings also mentioned in this PR were
already fixed in an earlier commit today.
interact very nicely with HTTP proxies: Since proxies do not know
that all the files on portsnap1.freebsd.org are identical to the
files with the same names on portsnap2.freebsd.org, said proxies end
up downloading and storing files in duplicate.
This commit uses the HTTP_PROXY environment variable, if set, to
generate a random number seed for use in selecting a mirror. This
means that if several systems all have the same HTTP_PROXY value set,
they will ask the proxy to fetch files from the same mirror (unless
that mirror fails, in which case all the systems will use the same
second choice, et cetera).
Portsnap still doesn't interact very well with "transparent" HTTP
proxies, but there's nothing I can do about those.
Requested by: simon
Sponsored by: FreeBSD security development fundraiser
track of which mirrors we have tried and try a different mirror if we
fail when trying to download the SSL public key or the snapshot
signature.
Failures later in the download process will not result in switching to
a different mirror, for two reasons:
1. If is very unlikely that a mirror will fail partway through the
process of downloading updates.
2. If we switched from a more recently updated mirror to a less
recently updated mirror partway through the download process, we would
end up failing anyway because we would be trying to fetch files which
the second mirror didn't have yet.
PR: bin/96288
Requested by: lots of people
Sponsored by: FreeBSD security development fundraiser
the host(1) from BIND 9. This doesn't matter for HEAD, but will help
people who install portsnap from the ports tree onto older versions of
FreeBSD.
PR: ports/93901
Sponsored by: FreeBSD security development fundraiser