(2) Die when there is a problem opening at.allow other then it not existing.
An error other then it not existing might be a trick to somehow
circumvent system security.
Mostly Reviewed By: msmith
intentional, this behaviour is far too obnoxious given the number of
filenames such as rpc.statd we have.
Submitted by: Chris Costello [3]chris@calldei.com (bin/11303)
PR: bin/12070
Submitted by: Dominic Mitchell <Dom.Mitchell@palmerharvey.co.uk>
Specifically check that FTP_PASSIVE_MODE is set to YES, rather than
just checking if it is defined.
Discussed on: freebsd-current
two characters of $EDITOR. This allows things like "vim" and "vi -G"
(although nvi would fail...oh well).
- Avoid certain cases where the editor is passed an invalid line number.
the new -i option were missing.
Fixed style bugs in previous commit:
(1) initialisation of a local variable in its declaration.
(2) inconsistency of (1) with style of nearby code.
(3) disorder of declaration for (1).
(4) a line longer than 80 characters.
(5) bitrot in the printf() -> err() cleanups to help bloat the line in (4).
local "login" name for rcmd(3). This is particularly useful for things
like portslave and other packages with terminal server functionality
where a login can either run ppp locally or get shunted off to another
box via rlogin depending on radius authentication etc. Quite often the
local box doesn't even have accounts, so a flag such as this is needed.
Obviously this is restricted to callers with uid == 0.
and was also a bit inconsistent: leading blanks, or any double blanks
generated empty arguments, but a trailing blank did not.
PR: bin/2630, bin/10914
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
of an empty buffer... the output file wasn't readable... also warn that
we can't checksum on stdout and print out the base64 encoded version of the
md5 checksum...
Site to actually return md5 digest: web.golux.com
Verified that fetch was broken: Ken Coar <Ken.Coar@Golux.Com>
This is useful for people who want index their home directory:
$ env LOCATE_CONFIG=$HOME/.locate.rc /usr/libexec/locate.updatedb
Submitted by: Dmitry Morozovsky <marck@rinet.ru>
the magicness of 200. Cleaned up the remaining parts. Circularisation
of the list of malloc types was a kernel bug (now fixed). Interfering
with applications' definitions of pgtok is a system header bug (not
fixed).
changed from a simple list to a circular one. We compensate by only
looping until we see the first address again. Before, things would
terminate because it was limited to 200 iterations. This lead to
bogus statistics and repeating stats for memory types.
This should be merged into 3.2, as the same bug is there.
* if run by root (or root process) drop privs
* ensure output size is not infinate (net finger only)
* ensure output lines are not infinate in length (net finger only)
* do not allow finger client to run longer than 3 minutes (net finger only)
"passwordtime" is what passwd(1) has actually been using. I suspect
passwordperiod was the original intent. I can't figure-out which,
if either, BSDi uses. If anyone knows...
That doesn't work well for tapes over 4G.
I use tcopy a lot to write images of a tape to tape as tape to tape
copying is terribly slow. Slower than it should be. Quickly found out
tcopy can not rewind a file when doing copy/verify.
PR: 11386
Submitted by: David Kelly dkelly@hiwaay.net
Reviewed by: phk
o main returns int not void
o use return 0 at end of main when needed
o use braces to avoid potentially ambiguous else
o don't default to type int
o #ifdef 0 -> #if 0
Reviewed by: obrien and chuckr
(and can be both files or directories). Show white space between
"(", ")", "!" and their corresponding `expression' arguments as
expected by the expression parser inside find(1).
Prompted by: David Honig <David.Honig@idt.com> on freebsd-doc
Message-Id: <199904132055.NAA09432@justinian.Eng.idt.com>
Arguments with whitespaces are easy to fix, but in combination with
shell metachars that should not be evaluated it is very hard, probably
impossible to fix without going to a line-oriented solution.
Next time I will believe Henry Spencer when he says "this looks easy
to fix but isn't".
parameter that has space in it, both in getopt.c and in the manpage
example.
2) Fix the example in the manpage. The set(1) command is required to
return 0 (POSIX 1003.2, section 3.14.11), so you can't test for
getopt's exit status like the example did:
#! /bin/sh
set -- `getopt abo: $*`
if test $? != 0 # wrong, tests for set's exit status, which is
# always zero, no for getopt(1)'s.
Fixes PR bin/5845, which thought it was getopt's fault, but in fact
the manpage was wrong.
I also updated the example to be more useful and updated the BUGS
section.
PR: bin/5845
Updates the manpage as well.
I've rewritten the patch as it was for 2.2.7. It can probably be put
into 3.1-STABLE as well.
PR: bin/10515
Submitted by: Jens Schweikhardt <schweikh@noc.dfn.de>
numbers as chars or use bogus casts in an attempt to unmisrepresnt
them. In top, don't assume that 0xff is the only negative cpu
number when cpu numbers are (mis)represented.
time now.
For whatever reason, the kernel seems to have generated SIGIOs
previously without an initial fcntl(...,F_SETOWN), but does no longer.
This caused window(1) to wait indefinitely for input.
Also, undo rev 1.3 of wwspawn.c, it was not well-thought, and
apparently not even tested at all. The blindly (even in a nonsensical
place like the comment on top of the function) applied replacement of
vfork() by fork() totally ignored that window(1) *does* abuse the
feature of vfork() where a modification of the parent's address space
is possible (in this case, to notify the parent of an erred exec*).
Also, with vfork(), it is guaranteed that the parent is only woken up
after the exec*() happened, where the replacement by fork() made the
parent to almost always become runnable again before the child, in
which case the parent simply told `subprocess died'. Unfortunately,
working around _this_ seems to be a lot more of redesign work compared
to little gained value, so i think relying on the specifics of vfork()
is the simpler way.
Submitted by: Philipp Mergenthaler <un1i@rz.uni-karlsruhe.de>
Instead, treat the inability to retrieve a record from the server as a
match failure and let things take its course.
Part of the problem here is that NIS _is_ turned on, however the master
server is actually not an NIS server: it's an NIS+ server. And the client
is bound to an NIS+ replica server that's running in YP compat mode.
The code which tries to figure out of the user is local or NIS gets
confused by this.
compiled in default in case it isn't defined. This is needed to make
cross compilation work in some edge cases. It also makes cross
compiling on FreeBSD other BSD's easier as well.
Obtained from: NetBSD, OpenBSD (predates the split)
to "Office Location:" to disambiguate what is expected. Add a note
to the man page to indicate that the office location and office phone
fields are concatenated and printed with the heading "Office:" by
finger(1). Swap the order of the home and office phone fields in the
man page to match the order of the fields in the editor.
If any programs interact with chpass(1) and expect "Location:" instead
of "Office Location:" as the prompt, either this change will have to be
reverted or the other programs will have to be changed.
PR: docs/7533
`ld ... <fudged ${LDFLAGS}>' to invoke the linker. This gets the
flags and standard library paths right without complications.
Unfortunately, it doesn't help for the X11 library paths -- cc
only appends /aout for standard library paths.
I'm not sure why we have `mvstat -z'. `sysctl vm.zone' gives more
information. OTOH, `sysctl vm.zone' shouldn't return ASCII data,
and reporting of memory use should be integrated, at least as an
option.
since it means -s (strip), and static linkage is forced correctly
anyway. Other things in ${LDFLAGS} are still bogusly passed to ld.
This only affects the aout case.
the display wrapped around.
This decreases the default maximum number of disks shown to 2, so things
don't wrap around so easily. Also, it fixes the header display issues.
Submitted by: Bruce Evans <bde@FreeBSD.ORG>
peripheral drivers can determine where in the devstat(9) list they are
inserted.
This requires recompilation of libdevstat, systat, vmstat, rpc.rstatd, and
any ports that depend on the devstat code, since the size of the devstat
structure has changed. The devstat version number has been incremented as
well to reflect the change.
This sorts devices in the devstat list in "more interesting" to "less
interesting" order. So, for instance, da devices are now more important
than floppy drives, and so will appear before floppy drives in the default
output from systat, iostat, vmstat, etc.
The order of devices is, for now, kept in a central table in devicestat.h.
If individual drivers were able to make a meaningful decision on what
priority they should be at attach time, we could consider splitting the
priority information out into the various drivers. For now, though, they
have no way of knowing that, so it's easier to put them in an easy to find
table.
Also, move the checkversion() call in vmstat(8) to a more logical place.
Thanks to Bruce and David O'Brien for suggestions, for reviewing this, and
for putting up with the long time it has taken me to commit it. Bruce did
object somewhat to the central priority table (he would rather the
priorities be distributed in each driver), so his objection is duly noted
here.
Reviewed by: bde, obrien
only likely to happen when you have a kernel<>userland mismatch,
but it's really annoying when top dumps core and leaves the terminal
in a mangled state; it's much nicer to print nicely formatted gibberish.
Look at the FTP_PASSIVE_MODE environment variable like the man page says.
PR: bin/9464
Submitted by: John A. Shue <John.Shue@symmetron.com>
Add references to RFC's 1790, 959, 850.
PR: doc/6564
the function naming problem for complex double function i've recently
aksed for in -committers. (The recently committed rev 1.5 of proc.c
was actually also part of this update.)
Should the mailing lists come to an agreement that f2c better belongs
into the ports, this could be done nevertheless. For the time being,
we've at least got a current version now.
Thanks, Steve!
Submitted by: Steve Kargl <sgk@troutmask.apl.washington.edu>
It selects which hash format to use by checking /etc/auth.conf for
auth_default. Leaving auth_default disabled will give the current
behaviour (use the same format as is currently used in the password,
or if a new password default to what crypt likes best--des if it exists).
Now you can set it to one of: des, best, md5 or sha1. best is a synonym
for sha1, currently.
This should be merged into RELENG_3 and a similar patch may be needed
for RELENG_2_2, should that deemed necessary.
Make world succeeded with these patches in my tree.
Submitted by: "Kaleb S. KEITHLEY" <kaleb@ics.com>
authentication only). This comes handy when you're tight on space.
Submitted by: mostly John Baldwin <jobaldwi@vt.edu>
Reviewed by: John D. Polstra <jdp@polstra.com>
This change should have no effect on i386.
Pointed out by: Steve Kargl <sgk@troutmask.apl.washington.edu>
Quote from http://www.netlib.org/f2c/readme:
NOTE: f2c.h defines several types, e.g., real, integer, doublereal.
The definitions in f2c.h are suitable for most machines, but if
your machine has sizeof(double) > 2*sizeof(long), you may need
to adjust f2c.h appropriately. f2c assumes
sizeof(doublecomplex) = 2*sizeof(doublereal)
sizeof(doublereal) = sizeof(complex)
sizeof(doublereal) = 2*sizeof(real)
sizeof(real) = sizeof(integer)
sizeof(real) = sizeof(logical)
sizeof(real) = 2*sizeof(shortint)
EQUIVALENCEs may not be translated correctly if these
assumptions are violated.
On machines, such as those using a DEC Alpha processor, on
which sizeof(short) == 2, sizeof(int) == sizeof(float) == 4,
and sizeof(long) == sizeof(double) == 8, it suffices to
modify f2c.h by removing the first occurrence of "long "
on each line containing "long ", e.g., by issuing the
commands
mv f2c.h f2c.h0
sed 's/long //' f2c.h0 >f2c.h
On such machines, one can enable INTEGER*8 by uncommenting
the typedef of longint in f2c.h, so it reads
typedef long longint;
by compiling libI77 with -DAllow_TYQUAD, and by adjusting
libF77/makefile as described in libF77/README.
Didn't fix related bogotification from moving the definitions of
DPADD and LDADD to here. Setting these variables in a top-level
directory gives bogus dependencies in library subdirectories.
E.g., there is a dependency on `foo.so..' where the double dots
separate null shared library version numbers.
Set BINDIR properly by inheriting it from ../Makefile.inc.
the kernel; this was left over from the earlier protocol-dependent
kernel multicast routing code.
Learn how to handle the malloc'd multicast routing table (instead of
expecting it to be in mbufs)
to be written to /etc.
The only essential change is in paths.h, so any third-party software
written correctly will pick it up in the next rebuild.
Reviewed by: the committers list (actually an old version)
I found the reason why f77 so offen dies on alpha. Here is a fix.
"Const" is a union of int and double.
If nelt->constblock.Const.ci > 0 then it trys to evaluate it as double
and floating point exception occurs.
Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
Obtained from: NetBSD
one character shorter than the previous in a stairstep fashion when long
idle times were involved.
A couple of nits:
- spelling/typo fix.
- some of the easier style(9) fixes where it was bothering me.
- Handle 100+ days idle time (ha!). Probably the right thing to do is
to do a snprintf into a buffer and strlen the result rather than doing
hackery on magic numbers.
XXX the wide (and mostly unused) username and tty columns annoy me since
it it could be used for more useful information for the command. We should
actually count the largest username and tty and adjust like 'ls -l' does.
Submitted by: ishisone@sra.co.jp
Make touch handle years 2000-2038 in the obsoleted format, rather
than 1902-1969 as was previously the case with two digit year spec.
so it can't be completely fixed here. Putting -I paths to the current
headers in CFLAGS is more likely to break things than fix them, since
there is no reason why current headers should work with old libraries.
Other Makefiles that do this may only work because they are not used early
in the bootstrap. However, the usual problem with errno being defined in
terms of a nonexistent library doesn't seem to occur here, since we don't
reference errno.
a circular dependency problem, wherein rpcgen depends on the latest
includes, but those same includes depend on rpcgen to build
include/rpcsvc. This was causing the build or librpcsvc to fail
(like I said, only on upgrades of 9 month old sources).
If there's stylistic problems, tell me, I'll learn and fix them.
I did a buildworld with this, it should be safe.
Fix bug with od/hd/hexdump. "*" lines are supposed to indicate one or
duplicates of the previous line, but a small file with less then 16
characters of zeros in it will be falsy identified as a repeat of
the (non-existant) previous line. i.e. the first line of output winds
up being a "*". Added a bit of code to handle the degenerate 'there is
no previous line' case for the first line.
Increase the size of a number of buffers and replace strcpy/strcat/sprintf
with snprintf(). There was a minor and possibly not exploitable security
hole related to one sprintf().
Update chpass(1) manual page. Change the definition of the class
field and also reorganize the field list to match that of the
/etc/master.passwd file, to avoid confusion.
Remove the temp directory in trap.
Replace the buggy awk script with a correct perl script.
Don't make a copy of the input data anymore if the input is already
sorted (option -presort). This scheme avoid large temporary files in
/tmp.
to half compensate for broken scaling of p_pctcpu in the kernel, but the
previous commit removed this compensation. %cpu values will be wrong by
a factor of stathz/hz until the kernel is fixed. (The kernel gets it
wrong by a factor of stathz/hz, and top got the compensation wrong by
a factor of 100/stathz.)
because libpam is built shared only. There is a way to build PAM
into a static library that contains all (or a selected subset) of
the modules. But our Makefiles don't support that yet. Until I get
that working, just force NOSHARED=no in login's Makefile. Of
course, it still won't work if NOPIC is set.
Submitted by: bde
Change login to use PAM for authentication. I kept the built-in
passwd/NIS authentication support, to handle cases where the system
is missing its "/etc/pam.conf" file. S/Key and KerberosIV
authentication methods are removed from the login program, but
still available in PAM modules.
"Here is a new gencat(1) man page. It contains examples
and information not in the current man page (e.g., file
format) per the X/Open documentation. It also updates some
aspects of the X/Open documentation (e.g., the X/Open
document neglects to say how to embed a $quote character
into a string)."
Submitted by: Terry Lambert <tlambert@primenet.com>
Review and small corrections by: jkoshy
not complete, and it hasn't been touched for 18 months. All the
ifdefs obfuscate the code. I discussed the LOGIN_CAP_AUTH support
with its author and he agreed that it is a dead end. I am bringing
PAM into the tree within the next two weeks. It is much more
flexible than LOGIN_CAP_AUTH, and will serve as a superior replacement
for it.
Fix usage string. Fix getopt() string. Fix ordering of compatibility options.
fetch.1:
Fix synopsis. Fix ordering of T and t options. Fix minor grammar nit.
build 2.2-stable worlds on 3.0-current systems again. objformat
calls getobjformat(), which doesn't exist in 2.2's libc.
Technically there should have been a version number bump when it was
added in -current. But it's used in so few places that it hardly
seems worth that. Besides, the objformat program is very heavily
used during a make world; it won't hurt to have it load a little
faster.
BSD-able Makefile, add a man page (that also puts a bold warning about
the weakness of the encryption), and implement the -k option for
compatibility with other vendor's implementations. (Unlike those
other vendors, we actually also document this option and its
problems.)
There are more violations of style(9) in it, like the not-use of
getopt(3), but it's not worth the while fixing all of this.
Cryptbreakers Workbench. While arguably a rather weak encryption,
it's in some use in the Internet still, and provided by a bunch of
other Unix systesms, so we include it here for compatibility.
Silently agreed by: core
Also added entry for the debugger files as well. The PE format is
used for all Win32 platforms (Win95, Win98, WinNT and WinCE), so it is
nice to be able to tell what kind of thing the foo.dll.... Don't have
any data for powerpc formats, however...