Commit Graph

12415 Commits

Author SHA1 Message Date
Jamie Gritton
b38ff370e4 Introduce the extensible jail framework, using the same "name=value"
interface as nmount(2).  Three new system calls are added:
* jail_set, to create jails and change the parameters of existing jails.
  This replaces jail(2).
* jail_get, to read the parameters of existing jails.  This replaces the
  security.jail.list sysctl.
* jail_remove to kill off a jail's processes and remove the jail.
Most jail parameters may now be changed after creation, and jails may be
set to exist without any attached processes.  The current jail(2) system
call still exists, though it is now a stub to jail_set(2).

Approved by:	bz (mentor)
2009-04-29 21:14:15 +00:00
Jamie Gritton
7074cfa223 With the permission of phk@ change the license on remaining jail code
to a 2 clause BSD license.

Approved by:	phk
Approved by:	bz (mentor)
2009-04-29 16:02:52 +00:00
Bruce M Simpson
6de9a4eb6b Fix an obvious bug in getsourcefilter()'s use of struct __msfilterreq;
the kernel will return in msfr_nsrcs the number of source filters
in-mode for a given multicast group.
However, the filters themselves were never copied out, as the libc
function clobbers this field with zero, causing the kernel to assume
the provided vector of struct sockaddr_storage has zero length.
This bug would only affect users of SSM multicast, which is shimmed
in 7.x.
Picked up during mtest(8) refactoring.

MFC after:	1 day
2009-04-29 09:58:31 +00:00
Olivier Houchard
8957464be7 Change the test at the beginning of strncmp(), from being if (len - 1) < 0
to if (len == 0).
The length is supposed to be unsigned, so len - 1 < 0 won't happen except
if len == 0 anyway, and it would return 0 when it shouldn't, if len was
> INT_MAX.

Spotted out by:	Channa <channa kad gmail com>
2009-04-28 19:20:13 +00:00
Tim Kientzle
04e8ac36ab Document the liblzma support.
Unfortunately, liblzma itself is GPLed, so unlikely to become part of
the FreeBSD base system.
However, the core lzma compression/decompression code is public
domain, so it should be feasible for someone to create a compatible
library without the GPL strings.
2009-04-27 22:39:43 +00:00
Tim Kientzle
59c7a951b5 Symlink some additional man page entries. 2009-04-27 20:23:22 +00:00
Tim Kientzle
4d24dc3687 Merge r991 from libarchive.googlecode.com: Various updates
to archive_read.3 manpage, including documentation for the
new "raw" handler.
2009-04-27 20:13:13 +00:00
Tim Kientzle
690f5ebdc0 Merge r990,r1044 from libarchive.googlecode.com:
read_support_format_raw() allows people to exploit libarchive's
automatic decompression support by simply stubbing out the
archive format handler.
The raw handler is not enabled by support_format_all(), of course.
It bids 1 on any non-empty input and always returns a single
entry named "data" with no properties set.
2009-04-27 20:09:05 +00:00
Tim Kientzle
edca00c7b2 Merge r1061,r1062,r1063 from libarchive.googlecode.com:
Fix reading big-endian binary cpio archives, and add a test.
While I'm here, add a note about Solaris ACL extension for cpio,
which should be relatively straightforward to support.

Thanks to: Edward Napierala, who sent me a big-endian cpio archive
from a Solaris system he's been playing with.
Pointy hat: me
2009-04-27 19:30:09 +00:00
Tim Kientzle
80658f77a3 Merge r1034 from libarchive.googlecode.com:
Put a much larger file on the reference ISO for this test.
2009-04-27 19:23:53 +00:00
Tim Kientzle
0cf3aa1afe Merge r1058 from libarchive.googlecode.com: Require that each
test source file has exactly one DEFINE_TEST().
2009-04-27 19:20:25 +00:00
Tim Kientzle
3da657c177 ino_t varies across platforms; casting (int) here avoids
various pointless complaints.
2009-04-27 19:14:43 +00:00
Tim Kientzle
546cb91d54 Merge r1032 from libarchive.googlecode.com:
Make test_fuzz a bit more sensitive by actually reading the body
of each entry instead of skipping it.
While I'm here, move the "UnsupportedCompress" macro into the
only file that still uses it.
2009-04-27 18:55:22 +00:00
Tim Kientzle
525ed69972 Merge r1054,r1060 from libarchive.googlecode.com:
* assertEqualMem() now takes void * arguments
 * Be a little smarter about what we hexdump when assertEqualMem() fails
2009-04-27 18:39:55 +00:00
Tim Kientzle
d906209e53 Merge r1021 from libarchive.googlecode.com:
If we know it's a socket, say so.
2009-04-27 18:35:03 +00:00
Tim Kientzle
7ad21ca8c3 Merge r1052,r1055 from libarchive.googlecode.com:
Clear the error flag on entry to a few more API functions.
2009-04-27 18:33:08 +00:00
Tim Kientzle
01a94543e9 Merge r1053,r1055,r1056,r1057,r1065 from libarchive.googlecode.com:
* Fix parsing of POSIX.1e ACLs from Solaris tar archives
 * Test the above
 * Preserve the order of POSIX.1e ACL entries
 * Update tests whose results depended on the order of ACL entries
 * Identify NFSv4 ACLs in Solaris tar archives and warn that
   they're not yet supported. (In particular, don't try to parse
   them as POSIX.1e ACLs.)

Thanks to: Edward Napierala sent me some Solaris 10 tar archives to test
2009-04-27 18:27:54 +00:00
Tim Kientzle
3257d55783 Merge r988,r1064 from libarchive.googlecode.com:
* Split whiny skip function to create a new best-effort skip_lenient()
 * Correctly increment the top-level file position only for the top filter
 * Simulate skip by reading against the current filter, not the top filter

The latter two bugs aren't currently visible because no existing
filter delegates skip operations.
2009-04-27 17:42:02 +00:00
Tim Kientzle
d21d99e07e Reading an mtree file is supposed to provide
access to the file data (if the file exists on
disk).  This was broken for the first regular
file; fix it and add a test so it won't break again.

In particular, this fixes the following idiom for creating
a tar archive in which every file is owned by root:

tar cf - --format=mtree . 	\
    | sed -e 's/uname=[a-z]*/uname=root/' -e 's/uid=[0-9]*/uid=0/' \
    | tar cf - @-
2009-04-26 18:57:50 +00:00
Tim Kientzle
9a4ac3e81e Various improvements to the tar.5 manpage, including
descriptions of the GNU tar "posix-style" sparse format,
clarification of the Solaris tar ACL storage,
and a few comments about Mac OS X tar's resource storage.
2009-04-26 18:46:40 +00:00
Tim Kientzle
6388433b62 Exit with ARCHIVE_FATAL if the ISO image is truncated. 2009-04-26 18:43:49 +00:00
Tim Kientzle
c49388ad34 Remove an unused variable.
Thanks to:	Christoph Mallon
2009-04-26 18:24:14 +00:00
Edward Tomasz Napierala
5d8532a1b1 Fix typo. 2009-04-26 10:12:20 +00:00
Christian Brueffer
2a72feb42b Correct the information about when the respective functionality first
appeared in FreeBSD.

PR:		133785
Submitted by:	Ulrich Spoerlein <uqs@spoerlein.net>
MFC after:	3 days
2009-04-23 08:37:56 +00:00
Maksim Yevmenkin
78b96635e6 Implement low-level Bluetooth HCI API.
This should make it easier to make Linux BlueZ libhci port.

Reviewed by:	Iain Hibbert < plunky -at- rya-online -dot- net > of NetBSD
MFC after:	1 week
Inspired by:	Linux BlueZ
Inspired by:	NetBSD
2009-04-22 15:50:03 +00:00
Robert Watson
d1f2f1c3f3 Now that the kernel defines CACHE_LINE_SIZE in machine/param.h, use
that definition in the custom locking code for the run-time linker
rather than local definitions.

Pointed out by:	tinderbox
MFC after:	2 weeks
2009-04-19 23:02:50 +00:00
Robert Watson
c0020399a6 Merge OpenBSM 1.1 from OpenBSM vendor branch to head.
OpenBSM history for imported revision below for reference.

MFC after:      2 weeks
Sponsored by:   Apple, Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
  independent.  Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
  commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
  the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
  definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
  generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page.  Also, make it clear that we want
  the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
  authorization events, has been added.
2009-04-19 16:17:13 +00:00
Tim Kientzle
f4f5e3f5b9 Rely on OpenSSL bits only if we're building a system with OpenSSL.
Also, adjust the MD5 calls to rely on libmd instead of libcrypto,
so we keep MD5 support even in the !OpenSSL case.
2009-04-18 06:06:47 +00:00
Tim Kientzle
84cdfa5374 Correct and update the manpage to include
more details about some of the formats and
to briefly describe the mtree writing capability.
2009-04-18 03:47:29 +00:00
Tim Kientzle
400970912f Disabling the crypto bits should quiet tinderbox while I
track down the library dependencies that are screwing up the /rescue build.
2009-04-17 07:28:49 +00:00
Tim Kientzle
59fd3980b7 Publicize a handful of new functions and bump the version number
to indicate that this is synchronized with the recent libarchive 2.7.0
release.
2009-04-17 01:07:37 +00:00
Tim Kientzle
24a4c12895 Merge lots of test suite updates from libarchive.googlecode.com. 2009-04-17 01:06:31 +00:00
Tim Kientzle
7523935ae4 FreeBSD has a lot of crypto functions used by the recent mtree writer updates. 2009-04-17 01:04:23 +00:00
Tim Kientzle
50cc11da04 Ensure that the option setters return OK (option used) even
for options that don't change the list of keywords.
2009-04-17 01:03:52 +00:00
Tim Kientzle
c190973e9d Fix a memory leak: Release the current list of /set keywords
even when we exit on an error.
2009-04-17 01:02:56 +00:00
Tim Kientzle
7ea8a85dbc Document the new read options interface and the new read_header2() call. 2009-04-17 01:02:12 +00:00
Tim Kientzle
a5e75fbb6c Dynamically size the buffer we pass to getgrgid_r() and getpwuid_r().
Keep the buffer in the cache object so we don't have to keep doing this.
2009-04-17 01:01:15 +00:00
Tim Kientzle
82ea3751d6 Don't match an empty file on a read error. 2009-04-17 01:00:11 +00:00
Tim Kientzle
b6a1f92f24 When pulling metadata from disk, lookup the user and group name at the same time. 2009-04-17 00:59:34 +00:00
Tim Kientzle
bfe2732de8 LZW bugfix: when we hit end-of-file, return an invalid code. 2009-04-17 00:58:44 +00:00
Tim Kientzle
bf89aeae5e Minor fix: some platforms require both inttypes.h and stdint.h. 2009-04-17 00:57:11 +00:00
Tim Kientzle
06f39cd345 Implement command-line fallbacks for gzip and bzip2 decompression as well.
Not an issue for FreeBSD, since the base system has the necessary libraries.
Since all decompressors are always available now, we can unconditionally
enable them in archive_read_support_compression_all().
2009-04-17 00:55:52 +00:00
Tim Kientzle
c9f05bc8a1 Merge new xz/lzma support from libarchive.googlecode.com.
Since FreeBSD doesn't have liblzma in the base system, the
read side will always fall back to the unxz/unlzma commands for now.
(Which will in turn fail if those commands are not currently
installed.)  The write side does not yet have a fallback, so
that will just fail.
2009-04-17 00:54:35 +00:00
Tim Kientzle
a9ba4adfa5 Don't use the open callback, which is deprecated (because it's
never necessary).  Also, simplify just a tad by delegating
to read_open_fd() when we know the file descriptor, instead
of duplicating that logic.
2009-04-17 00:50:00 +00:00
Tim Kientzle
1787611dd1 Accept empty options, add a new read_next_header2() which is more
efficient for some uses.
2009-04-17 00:47:16 +00:00
Tim Kientzle
9a81c0ba38 Properly clone and free the recently-added "sourcepath" field. 2009-04-17 00:45:47 +00:00
Tim Kientzle
5f8af33b11 Use thread-safe getgrnam_r() and getpwnam_r(); dynamically size
the buffer used by this.
2009-04-17 00:44:47 +00:00
Tim Kientzle
946733c26e Fix a minor memory leak. 2009-04-17 00:44:03 +00:00
Tim Kientzle
8952729381 Merge from libarchive.googlecode.com: Numerous fixes to the
write options handling, including documentation.
2009-04-17 00:42:45 +00:00
Tim Kientzle
625683944d Merge from libarchive.googlecode.com: If we're
given an empty filename, just invoke write_open_fd()
instead of re-implementing the code to use stdout.
2009-04-17 00:39:35 +00:00