After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
bugfix-only release, with no new features.
Please note that from 3.5.0 onwards, clang and llvm require C++11
support to build; see UPDATING for more information.
The goal here is to make the upgrade seamless for users
Add aliases for zh_HK
Remove bad symlinks created by previous bad upgrade procedure.
Complete ObsoleteFiles.inc with more locales that have been removed
The command was checking local/remote system uptime, so rename the script to
match its function and to avoid confusion
The controlling variable in /etc/periodic.conf has been renamed from
daily_status_rwho_enable to daily_status_uptime_enable.
MFC after: 3 days
Reported by: Peter Jeremy <peter@rulingia.com>
Relnotes: yes
Sponsored by: EMC / Isilon Storage Division
bug of installing 'realtek' and 'intel_iwn' as files rather then as
a 'LICENSE' file in their directories.
Also add obsolete entries for the older names and names that existed in head
for a period of time.
Suggested by: jmg
X-MFC-With: r289391
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
- Use _Bool rather than bool to resolve missing type errors in malloc_np.h.
- Fix malloc manual page #include documentation.
- Add *allocm manual pages to obsolete files.
Submitted by: jbeich
We want to ensure we always use libarchive from ports in the ports tree.
It simplifies ports maintainance and anyway libarchive.pc was not reflecting the
different way libarchive can be built in base
Leaf drivers should not import the PCI bus interface to add IOV handling.
Instead, move the IOV client methods to a separate kobj interface.
Differential Revision: https://reviews.freebsd.org/D2584
Reviewed by: rstone
This reduces the number of copy of sqlite we have to just one and easier
tracking version of sqlite
Differential Revision: https://reviews.freebsd.org/D2443
Reviewed by: imp, stas, bjk
- Optional components go in OptionalObsoleteFiles
- Move gperf removal to be based on MK_GCC only, not MK_CXX and MK_GCC
Reviewed by: imp, sbruno
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D2421
Now when a lib is marked as PRIVATELIB it is renamed into libprivate$foo instead
of being installed in /usr/lib/private and playing with rpath.
Also allow to install headers for PRIVATELIBS in that case the headers will be
installed in /usr/include/private/$foo
Keep the headers under a private namespace to prevent third party build system
to easily find them to ensure they are only used on purpose.
This allows for non base applications to statically link against a library in
base which is linked to a privatelib
Treating PRIVATELIBS as regular libraries allows to push them into our current
compatX packages if needed.
While here finish promotion of libevent as PRIVATELIB
Install header for bsdstat and libucl
Differential Revision: https://reviews.freebsd.org/D2365
Reviewed by: brooks, des
Discussed with: imp
discontinued by its initial authors. In FreeBSD the code was already
slightly edited during the pf(4) SMP project. It is about to be edited
more in the projects/ifnet. Moving out of contrib also allows to remove
several hacks to the make glue.
Reviewed by: net@
utilities.
I was originally planning on removing the phase-of-moon (pom), clock
(grdc), and caesar cipher (caesar, rot13) utilities as well, but after
I committed r278616 I received an astonishing volume of email informing
me that those are still being widely used. Much to my relief, nobody
reported continuing to use the punch card utilities in production.
The final step will be to merge src/games into src/usr.bin.
This change will not be MFCed.
update paths; and include everything in the "base" distribution.
The "games" distribution being optional made sense when there were more
games and we had small disks; but the "games-like" games were moved into
the ports tree a dozen years ago and the remaining "utility-like" games
occupy less than 0.001% of my laptop's small hard drive. Meanwhile every
new user is confronted by the question "do you want games installed" when
they they try to install FreeBSD.
The next steps will be:
2. Removing punch card (bcd, ppt), phase-of-moon (pom), clock (grdc), and
caesar cipher (caesar, rot13) utilities. I intend to keep fortune, factor,
morse, number, primes, and random, since there is evidence that those are
still being used.
3. Merging src/games into src/usr.bin.
This change will not be MFCed.
Reviewed by: jmg
Discussed at: EuroBSDCon
Approved by: gjb (release-affecting changes)
This brings support for multi-threaded compression. This brings close
N times faster compression where N is the number of CPU cores.
Because of this, liblzma now depends on libthr.
Soon libarchive will be modified to use the new lzma API.
Thanks to antoine@ for the exp-run.
Differential Revision: https://reviews.freebsd.org/D1786
Reviewed by: bapt
To be able to info pages consider installing texinfo from ports print/texinfo or
via pkg: pkg install texinfo
Differential Revision: https://reviews.freebsd.org/D1409
Reviewed by: emaste, imp (previous version)
Relnotes: yes
- Compatiblity with existing manpages has been improved
- Now support ".so" directive with compressed manpages (which fixes a regression
we have since we have new man(1))
As a side effect...
1. The tests now checks for the root user before continuing with kyua, which is
more visible than the test being skipped with the TAP protocol
2. The tests work with devices that aren't /dev/md0 by caching the device
attached during the test to a file, and later use the cached information to
detach the device in the cleanup routine
3. The tests no longer require perl to run
MFC after: 1 week
PR: 191191
Sponsored by: EMC / Isilon Storage Division
xform_ipip was used as fallback with low priority for IPIP
encapsulated packets that were decrypted. In some cases
it can decapsulate packets, that it shouldn't. This leads to situations,
when wrong configurations are magically working. Also it can propagate
wrong ingress interface and this can break security.
Now we redesigned the IPSEC code and IPIP encapsulation is called directly
from ipsec_output, and decapsulation is done in the ipsec_input with m_striphdr.
Differential Revision: https://reviews.freebsd.org/D1220
MFC after: 1 month
Sponsored by: Yandex LLC
have chosen different (and more traditional) stateless/statuful
NAT64 as translation mechanism. Last non-trivial commits to both
faith(4) and faithd(8) happened more than 12 years ago, so I assume
it is time to drop RFC3142 in FreeBSD.
No objections from: net@
random script ran before filesystems were mounted, which is no
longer the case.
In random_start(), immediately delete each file that is fed into
/dev/random, and recreate the default entropy file immediately
after reading and deleting it. The logic used in random_stop()
to determine which file to write to should probably be factored
out and used here as well.
Directories for /usr/lib{,32}/{i18n,private} were missing from the mtree
file, which caused installworld to install the files that should be in
the directory as the name of the directory.
modifications to libproc to support fetching the CTF info for a given file.
With this change, dtrace(1) is able to resolve type info for function and
USDT probe arguments, and function return values. In particular, the args[n]
syntax should now work for referencing arguments of userland probes,
provided that the requisite CTF info is available.
The uctf tests pass if the test programs are compiled with CTF info. The
current infrastructure around the DTrace test suite doesn't support this
yet.
Differential Revision: https://reviews.freebsd.org/D891
MFC after: 1 month
Relnotes: yes
Sponsored by: EMC / Isilon Storage Division
- Priority argument is introduced to sleepq_*wait* in r177085
- sleepq_calc_signal_retval is removed from implementation
- sleepq_catch_signals is internal now
Differential Revision: https://reviews.freebsd.org/D794
Reviewed by: jhb
Approved by: jhb
This is cleaner and eliminates the unneeded startup of KVP daemon on
systems that do not run as a Hyper-V guest.
Submitted by: hrs
X-MFC-with: 271493, 271688, 271699
Make sure everything linking to a privatelib and/or an internallib does it directly
from the OBJDIR rather than DESTDIR.
Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing
in final installation
Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to
internal/privatelib
Directly link to the .so in case of private library to avoid having to complexify
LDFLAGS.
Phabric: https://phabric.freebsd.org/D553
Reviewed by: imp, emaste
We continue to use pmap_enter() for that. For unwiring virtual pages, we
now use pmap_unwire(), which unwires a range of virtual addresses instead
of a single virtual page.
Sponsored by: EMC / Isilon Storage Division
are no longer installed since r267486. Add them to ObsoleteFiles.inc1,
which should have been done in r267486.
PR: 192010
Submitted by: Vick Khera
Pointyhat to: gavin
MFC after: 3 days