20470 Commits

Author SHA1 Message Date
Peter Wemm
8996ff49a1 Steal issetugid man page from OpenBSD. Needs work..
Obtained from: OpenBSD
1997-03-31 15:59:14 +00:00
Peter Wemm
374506988c Add libc hook for issetugid() 1997-03-31 15:43:22 +00:00
Peter Wemm
b67cbc6548 Implement code for an OpenBSD-style issetuigid().
This is valueable for library code which needs to be able to find out
whether the current process is or *was* set[ug]id at some point in the
past, and may have a "tainted" execution environment.  This is especially
a problem with the trend to immediately revoke privs at startup and regain
them for critical sections.  One problem with this is that if a cracker
is able to compromise the program while it's still got a saved id, the
cracker can direct the program to regain the privs.  Another problem is
that the user may be able to affect the program in some other way (eg:
setting resolver host aliases) and the library code needs to know when it
should disable these sorts of features.

Reviewed by: ache
Inspired by: OpenBSD (but with a different implementation)
1997-03-31 15:13:33 +00:00
Peter Wemm
7ec6369d7e Regenerate (added issetugid) 1997-03-31 14:55:05 +00:00
Peter Wemm
56f12a6cb5 issetugid is now implemented rather than reserved 1997-03-31 14:52:50 +00:00
Peter Wemm
a89a5370c5 Do not set the P_SUGID flag in seteuid()/setegid() if nothing has changed.
(for supporting issetugid())

Reviewed by: ache  (as was the previous commit, rev 1.29)
1997-03-31 13:47:00 +00:00
Peter Wemm
229a15f084 Do not set the P_SUGID flag in seteuid()/setegid() if nothing has changed.
(for supporting issetugid())
1997-03-31 13:41:49 +00:00
Peter Wemm
a08f4bf601 Fully implement the clause in Appendix B.4.2.2 from Posix 1003.1
that allows traditional BSD setuid/setgid behavior.

The only visible difference should be that a non-root setuid program
(eg: inn's "rnews" program) that is setuid to news, can completely
"become" uid news. (ie: setuid(geteuid())  This was allowed in
traditional 4.2/4.3BSD and is now "blessed" by Posix as a special
case of "appropriate privilige".

Also, be much more careful with the P_SUGID flag so that we can use it
for issetugid() - only set it if something changed.

Reviewed by: ache
1997-03-31 13:36:46 +00:00
Peter Wemm
8a5d815aa0 Make setgroups(0, xxx) behave as it does on SYSV, namely clear the groups
vector except for the egid in groups[0].  There is a risk that programs
that come from SYSV/Linux that expect this to work and don't check for
error returns may accidently pass root's groups on to child processes.

We now do what is least suprising (to non BSD programs/programmers) in
this scenario, and nothing is changed for programs written with BSD groups
rules in mind.

Reviewed by: ache
1997-03-31 13:21:37 +00:00
Peter Wemm
2e08522b02 Activate the -h flag which tells chown/chgrp to work on the symlink itself
using lchown().  Most of the code was already here, the option was
recognised but ignored for SYSV/POSIX.2(?) compatability.
1997-03-31 13:03:49 +00:00
Peter Wemm
743c3e66c8 Toast dummy lchown(), it's in libc now. 1997-03-31 12:56:00 +00:00
Peter Wemm
61714b4e17 Declare lchown().. 1997-03-31 12:52:52 +00:00
Peter Wemm
30493bb81b Create lchown() in libc and document it as a variation of chown(). 1997-03-31 12:37:35 +00:00
David Greenman
a91b87211d In accept1(), falloc() is called after the process has awoken, but prior
to removing the connection from the queue. The problem here is that
falloc() may block and this would allow another process to accept the
connection instead. If this happens to leave the queue empty, then the
system will panic with an "accept: nothing queued".

Also changed a wakeup() to a wakeup_one() to avoid the "thundering herd"
problem on new connections in Apache (or any other application that has
multiple processes blocked in accept() for the same socket).
1997-03-31 12:30:01 +00:00
Peter Wemm
57862eed22 Code to do lchown(2), copied from chown(2) except it's NOFOLLOW in ND_INIT
instead of FOLLOW.
1997-03-31 12:21:37 +00:00
Peter Wemm
f77da2867a Regenerate 1997-03-31 12:17:45 +00:00
Peter Wemm
4eb542c64b Reserve 252 (poll, first in OpenBSD)
Reserve 253 (issetugid, as in OpenBSD)
Allocate 254 for lchown(2)
1997-03-31 12:14:48 +00:00
Peter Wemm
6c14d95d0d Treat symlinks as first class citizens with their own uid/gid rather than
as shadows of their containing directory.  This should solve the problem
of users not being able to delete their symlinks from /tmp once and for
all.

Symlinks do not have modes though, they are accessable to everything that
can read the directory (as before).  They are made to show this fact at
lstat time (they appear as mode 0777 always, since that's how the the
lookup routines in the kernel treat them).

More commits will follow, eg: add a real lchown() syscall and man pages.
1997-03-31 12:02:53 +00:00
David Greenman
9caaadb63a Changed the way that the exec image header is read to be filesystem-
centric rather than VM-centric to fix a problem with errors not being
detectable when the header is read.
Killed exech_map as a result of these changes.
There appears to be no performance difference with this change.
1997-03-31 11:11:26 +00:00
David E. O'Brien
c075572228 This commit was generated by cvs2svn to compensate for changes in r24434,
which included commits to RCS files with non-trunk default branches.
1997-03-31 09:37:59 +00:00
David E. O'Brien
0b4f4c36a7 Virgin import of GNU cpio v2.4.2. 1997-03-31 09:37:59 +00:00
Marc G. Fournier
26dce0e6e8 Small formatting change to interval() to align columns so that:
toronto       up  5+18:58,     0 users,  load 0.00, 0.00, 0.00
zeus          up 109+13:53,     0 users,  load 0.55, 0.28, 0.15

looks like:

toronto       up   5+18:58,     0 users,  load 0.00, 0.00, 0.00
zeus          up 109+13:53,     0 users,  load 0.55, 0.28, 0.15
1997-03-31 09:36:59 +00:00
KATO Takenori
529016f9e7 Synchronize with sys/i386/conf/GENERIC revision 1.89. 1997-03-31 08:27:05 +00:00
Marc G. Fournier
d54266d5b6 Remove ${MAKEFLAGS} on recommendation by Bruce, mainly because the reason
for adding it was so that -j3 carried through on a make -j3 world, but found
at least one circumstance where it breaks  'make depend'
1997-03-31 05:30:16 +00:00
Marc G. Fournier
42c13e4555 Remove MAKEFLAGS example from /etc/make.conf...
Bruce points out that it breaks things if someone doesn't do a 'make depend',
but I just found out that it breaks 'make depend' itself :(
1997-03-31 05:26:39 +00:00
Bruce Evans
7288802ce0 Fixed wording of previous change.
Obtained from:	fgets.3
Guided by:	ISO C standard
1997-03-31 05:18:27 +00:00
Warner Losh
6c3f552a31 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
John Birrell
44ee97a91b Added my name/address as requested by Wolfram Schneider. 1997-03-31 04:58:47 +00:00
Warner Losh
e57e56abf0 Revert my last few changes. They were bogus. Replaced them with
the original text plus a statement saying that if strftime fails,
the results are undefined.

Requested a long time ago by: bde
1997-03-31 04:51:13 +00:00
Hiroyuki Hanai
e8f633781f Catch up with the original. 1997-03-31 02:40:10 +00:00
Wolfram Schneider
364fe18b8c The Unix system family tree, BSD part. This is a local copy of
http://www.de.freebsd.org/de/ftp/unix-stammbaum
1997-03-31 00:06:03 +00:00
Marc G. Fournier
30d23e30a7 Add/document MAKEFLAGS into /etc/make.conf, using -j3 as example 1997-03-30 23:43:41 +00:00
Marc G. Fournier
f457e46e0d Add ${MAKEFLAGS} to ${MAKE} in _SUBDIRUSE so that something like
'make -j3 world' works

Jordan points out that this may not be the only place this is required to be
added, but so far, its the only one I've found to break -j3
1997-03-30 23:39:39 +00:00
Andrey A. Chernov
286fdb4a38 Use srandomdev() now
Add range checking for invalid denominator values
1997-03-30 23:33:29 +00:00
Andrey A. Chernov
5790155e89 Use srandomdev() now
Fix error with begin variable calculation
1997-03-30 23:13:59 +00:00
Joerg Wunsch
514e9fd6b8 Implement the `detach' command for remote GDB. It gets you back at DDB. 1997-03-30 16:03:00 +00:00
Brian Somers
568b59b9df Move uucplock into libutil and create a manual page. 1997-03-30 12:12:20 +00:00
David E. O'Brien
0ae8758e00 JKH says:
Change "Found end of tape.  Load next tape ..." messages to say
   "volume" instead of tape.  Running cpio off of /dev/fd0 and having
   it say "give me the next tape" is kind of ludicrous.. :-)
1997-03-30 11:01:43 +00:00
David E. O'Brien
7b0fc5433e don't lookup rsh(1) at bogus pathnames
Submitted by:	joerg via old gnu/usr.bin/cpio v2.3
1997-03-30 10:56:38 +00:00
David E. O'Brien
88fd8e23ef Don't set the umask until after we have processed the arguments
and opened the archive file.  This allows "cpio -o -O output_file"
to create the output file with the callers proper umask.
Closed PR# 1391

Add setlocale LC_ALL (from ache).
1997-03-30 10:50:01 +00:00
David E. O'Brien
adfc6bdf06 Support dummy lchown() so that cpio understands 4.4 symbolic links. 1997-03-30 10:45:44 +00:00
David E. O'Brien
e3740caa96 - Correct the recommended option for "find" from "-depth" to "-d".
- Fix gross spelling and typographical errors pointed out by Keith Bostic.
- Mention -l, --link is only usable with "-p".

Obtained from: old gnu/usr.bin/cpio v2.3.
1997-03-30 10:42:21 +00:00
David E. O'Brien
895bfbc4e9 Output a zero rdev except for bdevs, cdevs, fifos and sockets. This
stops regular files with unrepresentable rdevs from being rejected
and makes the output independent of unpreservable metadata.

Don't output a file if the major, minor or totality of its rdev would be
truncated.  Print a message about the skipped files to stderr but don't
report the error in the exit status.  cpio's abysmal error handling doesn't
allow continuing after an error, and the rdev checks had to be misplaced
to avoid the problem of returning an error code from routines that return
void.

Minor numbers are limited to 21 bits in pax's ustar format and to 18
bits in archives created by gnu tar (gnu tar wastes 3 bits for padding).
pax's and cpio's ustar format is incompatible with gnu tar's ustar
format for other reasons (see cpio/README).

Submitted by:	bde via old gnu/usr.bin/cpio v2.3.
1997-03-30 10:34:16 +00:00
David E. O'Brien
22565b1e72 Fix typo. 1997-03-30 10:32:26 +00:00
David E. O'Brien
5ac0429f1d Add an example README.FreeBSD. The tcl one you tend to refer to since tcl
is the example is quite spartan.

As pointed out by Bruce there are *three* different filenames being used:

	cvs             FREEBSD.README
	groff           FREEBSD-upgrade
	libgmp          FREEBSD-upgrade
	libpcap         FREEBSD-upgrade
	tcpdump         FREEBSD-upgrade
	traceroute      FREEBSD-upgrade
	tcl             README.FreeBSD

The handbook states "README.FreeBSD".  Perhaps this should be changed?
1997-03-30 09:55:11 +00:00
Poul-Henning Kamp
a6534afb2a Fix mount call for devfs.
Submitted by:	bde
1997-03-30 09:22:41 +00:00
Poul-Henning Kamp
015056ae61 Fix embarrasing typo that survived because I applied the wrong patch-
file.
Noticed by:	Eric Jones <ejon@psa.pencom.com>
1997-03-30 09:08:00 +00:00
David E. O'Brien
ab2f30749e I goofed, Makefile lchown.c don't belong here. 1997-03-30 08:19:38 +00:00
David E. O'Brien
db6f14a034 Replace ctime by strftime %c to use national representation.
Use isprint() for Localization.

Submitted by:	ache via gnu/usr.bin/cpio v2.3
1997-03-30 00:23:39 +00:00
David E. O'Brien
28d8514012 FreeBSD BSD-style Makefile for contributed CPIO source. 1997-03-29 23:11:22 +00:00