Commit Graph

5719 Commits

Author SHA1 Message Date
Daniel Gerzo
0c868e9061 - rename the RETURN VALUES section to EXIT STATUS
- not bumping a date as this is not a real content change

Approved by:	ru
MFC after:	3 days
2009-01-07 00:51:41 +00:00
Simon L. B. Nielsen
0211d3b61c Minor markup fix for the r186836 update. 2009-01-06 21:16:42 +00:00
Colin Percival
4c55b9e02e Strengthen some of the language concerning attacks on MD5, in light of the
recent demonstration of a forged SSL certificate.  Add text pointing out
that SHA-1 is at least theoretically broken.  Add a recommendation that
new applications use SHA-256.

MFC after:	1 month
2009-01-06 19:25:24 +00:00
Tom Rhodes
c6b34b2563 Add missing qualifier which was missed in the previous commit.
Noticed by:	brooks
2009-01-05 12:10:22 +00:00
Daniel Gerzo
c419baec28 - grammar and language fixes
- hard sentence breaks
- trim EXIT STATUS section and move it to DIAGNOSTICS as well as use .Er
  macro
- sort SEE ALSO

MFC after:	7 days
2009-01-04 15:41:01 +00:00
Ivan Voras
2b67c28a09 Several significant updates:
* Better wording of sections dealing with physical storage
* A new section on assumptions gvirstor has on its consumer devices
  (components) and its interaction  with file systems
* Improved markup (by hrs@)

Reviewed by:	hrs
Approved by:	gnn (mentor)
2009-01-04 11:31:03 +00:00
Ulf Lilleengen
db2bf4b016 - Back out r186038. Rather than changing the intent of the caller, the problem
should be handled internally in gvinum.

Suggested by:	pjd
2008-12-27 14:24:24 +00:00
David E. O'Brien
c9c6feb62c style(9) 2008-12-26 22:55:38 +00:00
David E. O'Brien
76c4621653 Make the sub-'argc' static to make it harder to overwrite thru a buffer
overflow.
2008-12-26 22:54:53 +00:00
Tom Rhodes
138f7e4b30 Apply various fixes:
Silence mdoc(7) warnings;
Xref correct manual pages;
Point user to the ddb.8 manual page.

PR:		129398
Submitted by:	gavin
2008-12-24 11:12:21 +00:00
David E. O'Brien
defc9d504b Garbage collect 'fflags'. 2008-12-24 03:07:19 +00:00
Tom Rhodes
1aa26f525e Note that when shutdown is run without options, it will place
the system into single user mode at the time specified.

PR:		129765
2008-12-23 15:00:03 +00:00
Tom Rhodes
9ffd02d312 Document the "-o large" option.
PR:		129792
2008-12-23 13:35:26 +00:00
Andrew Thompson
97a7a5698b Only show the pathname in verbose output as intended in the last commit (r172862). 2008-12-22 19:52:21 +00:00
Paolo Pisati
a21e097b2e Update the ipfw man page to reflect last change (-q option with nat option).
MFC after:	3 days
2008-12-18 21:46:18 +00:00
Paolo Pisati
3fc7bd58bc Honor the quiet (-q) option while adding a nat rule.
Submitted by:	Andrey V. Elsukov<bu7cher@yandex.ru>
MFC after:	3 days
2008-12-18 21:37:31 +00:00
David E. O'Brien
fce5f960ba Be a little bit more pestimistic in argument handling - check if we've
overflown our internal buffer (though after the fact), and s/strncpy/strlcpy/

Reviewed by:	rodrigc
Obtained from:	Juniper Networks
2008-12-18 18:44:46 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Sam Leffler
67207b6994 back out unintended change 2008-12-15 01:44:23 +00:00
Sam Leffler
ddd244ecff move channel parsing to a getchannel routine so it can be reused to check
the channel argument supplied to chanswitch
2008-12-15 01:15:15 +00:00
Sam Leffler
746b34ace7 fix handling of sku codes like country codes 2008-12-15 01:10:52 +00:00
Sam Leffler
76f0b9bff1 fix handling of unknown country codes; atoi doesn't return -1
for an invalid string as I thought; so use strtol instead
2008-12-15 01:10:08 +00:00
Sam Leffler
b6130d380f 0 is a potential ISO CC; use new NO_COUNTRY #define to identify
when the CC is not set.  Note NO_COUNTRY is set to 0xffff for now
(must be 16 bits as ieee80211_regdomain struct defines sku's and
cc's as uint16_t which may need fixing).
2008-12-15 01:09:01 +00:00
Sam Leffler
27c1a6f490 o distinguish between adhoc and ahdemo modes
o do not require 1/2 and 1/4 rate channels be present in the
  calibration list when doing a gsm regulatory change; the
  existing 900MHz cards are not self-identifying so there is
  no way (using the calibration channel list) to check
2008-12-15 01:06:49 +00:00
Sam Leffler
cf0d500765 Improve regdomain.xml parser:
o store XML_Parser in the state block so we can report line numbers for errors
o complain about netband w/o mode
o complain about unknown modes
o complain about band w/o enclosing netband
o complain about duplicate freqband
o complain about unknown channel flags
o complain about band w/o freqband's
o complain about band w/o maxpower
o complain about country w/o ISO cc
o complain about country w/o regdomain reference
2008-12-15 01:00:18 +00:00
Ruslan Ermilov
a794372087 Fix the fallouts from r146267:
- Add the forgotten "mode" argument to the "mode" command.
- Move the description of "info" to where it belongs.
2008-12-14 12:56:56 +00:00
Poul-Henning Kamp
0f3311c56f Send all debug to stderr. 2008-12-14 11:48:51 +00:00
Poul-Henning Kamp
877ed37a0d Clarify that configuration files must be named '*.conf' 2008-12-14 11:47:39 +00:00
Ulf Lilleengen
a468c003ef - When writing metadata to a geom provider, open the it as read-write since it
might do subsequent reads from other providers. This stopped geli (and
  probably other classes using g_metadata_store as well) from being put on top
  of gvinum raid5 volumes.

Note:
The reason it fails in the gvinum raid5 case is that gvinum will read back the
old parity stripe before calculating the new parity stripe to be written out
again.  The write will then fail because the underlying disk to be read is
opened write only.

MFC after:	1 week
2008-12-13 14:14:56 +00:00
Luigi Rizzo
59cf6deb68 Move the check for the ending char in the partition name where
it was before -- the check is only made when getdisklabel()
returns valid info.
On passing, use MAXPARTITIONS to identify the max partition number,
instead of the hardwired 'h'

MFC after:	4 weeks
2008-12-12 15:56:38 +00:00
Max Laier
d3adc65594 Fix build - cast off_t to (intmax_t) for printing. 2008-12-03 23:00:57 +00:00
Luigi Rizzo
64c8fef580 Enable operation of newfs on plain files, which is useful when you
want to prepare disk images for emulators (though 'makefs' in port
can do something similar).

This relies on:
+ minor changes to pass the consistency checks even when working on a file;

+ an additional option, '-p partition' , to specify the disk partition to
  initialize;

+ some changes on the I/O routines to deal with partition offsets.

The latter was a bit tricky to implement, see the details in newfs.h:
in newfs, I/O is done through libufs which assumes that the file
descriptor refers to the whole partition. Introducing support for
the offset in libufs would require a non-backward compatible change
in the library, to be dealt with a version bump or with symbol
versioning.

I felt both approaches to be overkill for this specific application,
especially because there might be other changes to libufs that might
become necessary in the near future.

So I used the following trick:
- read access is always done by calling bread() directly, so we just add
  the offset in the (few) places that call bread();
- write access is done through bwrite() and sbwrite(), which in turn
  calls bwrite(). To avoid rewriting sbwrite(), we supply our own version
  of bwrite() here, which takes precedence over the version in libufs.

MFC after:	4 weeks
2008-12-03 18:36:59 +00:00
Luigi Rizzo
b87d1601b6 Some useful operational extensions to newfs_msdos, especially
when preparing images for emulators or flash devices:

+ option '-C size' to create the underlying image file with given size.
  Saves doing a 'dd' before, and especially it creates a sparse file

+ option '-@ offset' to build the FAT image at the specified offset
  in the image file or device;

+ make the cluster size adaptive on the filesystem size.
  Previously the default was 4k which is really unconvenient with
  large media; now it goes from 512 bytes to 32k depending on
  filesystem size (i still need to check whether it makes sense
  to go further up, to 64k or above);

+ fix default geometry when not specified on the command line,
  use 63 sectors/255 heads by default.
  Also trim the size so it exactly a multiple of a track, to avoid
  complaints in some filesystem code.

+ document all the above, plus some manual page clarifications.

MFC after:	4 weeks
2008-12-03 18:22:36 +00:00
Marcel Moolenaar
08b6360ca3 Print error messages as-is, when they don't conform to
<errno> [<parameter> 'value']
These are error messages from (lib)geom itself.
2008-11-30 23:46:31 +00:00
Marcel Moolenaar
e419ba879f Call gctl_free() after we processed the error string.
It's being freed as part of the request.
2008-11-30 23:38:44 +00:00
Marcel Moolenaar
39bd58723a Parse the error string returned by the kernel. The format is:
<errno> [<parameter> <value>]
So, rather than printing the error:
	gpart: 22 scheme 'gpt'
gpart(8) now prints:
	gpart: scheme 'gpt': invalid argument
2008-11-29 21:20:07 +00:00
Warner Losh
44e6d7240a Noticed the following error message:
mount_msdosfs: /dev/cf0s1: : Operation not supported by device

and thought I'd fix it to be:

mount_msdosfs: /dev/cf0s1: Operation not supported by device

Not sure why errmsg isn't getting filled in, or why this error is even
happening at all... (fsck_msdosfs is clean, and I can mount this same
CF elsewhere).
2008-11-29 02:28:05 +00:00
Luigi Rizzo
045651ec1e Create a fake geometry (16 heads, 64 sectors) when dealing with
a plain file and a geometry is not explicitly supplied through
command line or disktab entry.

This way you can a FAT image on a file as simply as this:

	newfs_msdos ./some/file

(right now you need a much longer command

	newfs_msdos -h 32 -u 64 -S 512 -s $total_blocks -o 0 ./some/file

Will be merged after 7.1 and 6.4 are released.
See also the related PR which suggests a similar change.

PR:		bin/121182
MFC after:	4 weeks
2008-11-26 21:05:03 +00:00
Scott Long
3f3137fee5 Big update to the iSCSI initiator code. Highlights include IPv6 support,
many bugs fixes, many more performance improvements.

Submitted by:	Danny Braniss

M    sbin/iscontrol/iscsi.conf.5
M    sbin/iscontrol/iscontrol.8
M    sbin/iscontrol/iscontrol.h
M    sbin/iscontrol/config.c
M    sbin/iscontrol/fsm.c
M    sbin/iscontrol/login.c
M    sbin/iscontrol/pdu.c
M    sbin/iscontrol/misc.c
M    sbin/iscontrol/auth_subr.c
M    sbin/iscontrol/iscontrol.c
M    sys/dev/iscsi/initiator/isc_cam.c
M    sys/dev/iscsi/initiator/iscsi.h
M    sys/dev/iscsi/initiator/isc_soc.c
M    sys/dev/iscsi/initiator/iscsi_subr.c
M    sys/dev/iscsi/initiator/iscsivar.h
M    sys/dev/iscsi/initiator/isc_subr.c
M    sys/dev/iscsi/initiator/iscsi.c
M    sys/dev/iscsi/initiator/isc_sm.c
2008-11-25 07:17:11 +00:00
Xin LI
b652d3a3dc Grammar improvements.
Submitted by:	kensmith
2008-11-18 20:38:07 +00:00
Marcel Moolenaar
7f792cd758 Use humanize_number(), rather than a home-grown algorithm for
formatting a number in a human-friendly way.

Note that with this commit a megabyte changed from 1000000 to
1048576 and a 80G disk is now printed as being 75G in size.
This is deliberate. It's consistent with the core of geom(8).
However, the original choice for a megabyte being 1000000 was
on purpose and matches what disk vendors put on the box. The
consistency is considered more important.

Submitted by:	delphij
2008-11-18 04:04:01 +00:00
Marcel Moolenaar
567bc443e8 Sort includes
Submitted by:	delphij
2008-11-18 03:43:02 +00:00
Marcel Moolenaar
0a4acb2e3d Pad the bootcode we write to the partition to a multiple of the
sector size.

Submitted by:	Alexey Shuvaev <shuvaev@physik.uni-wuerzburg.de>
Prompted by: 	delphij
MFC after:	3 days
2008-11-18 00:03:30 +00:00
Maxim Konovalov
69573e862d o One more s/gpt/gpart/. 2008-11-05 09:28:30 +00:00
Maxim Konovalov
7922d6f987 o Replace Xr to gpt(8) which is gone by gpart(8). 2008-11-05 09:27:13 +00:00
Doug Rabson
a9148abd9d Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager.  I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.

The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.

To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.

As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.

Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.

The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.

Sponsored by:	Isilon Systems
MFC after:	1 month
2008-11-03 10:38:00 +00:00
Marcel Moolenaar
1eecfda454 Add support for multiple attributes. This is required for the
PC98 scheme.
2008-10-20 05:12:50 +00:00
Giorgos Keramidas
4f1fb109f9 Tiny wording nits.
MFC after:	1 week
2008-10-19 09:45:29 +00:00
Brooks Davis
38e755fd40 Support the remaining options listed in dhcp-options(5) and RFC 2132.
PR:		bin/127076
Submitted by:	jkim
MFC after:	1 week
2008-10-17 13:28:53 +00:00
Maxim Konovalov
20e58023f4 o Remove a debug code and restore an accidentally deleted code
in a previous commit.
2008-10-14 17:59:39 +00:00