by sysctl and never can be in their documented form (kern.name_max would
have to become fs.filesystemname.name_max, etc.).
Added missing references to user.stream_max and user.tzname_max. These
seem to misnamed. <sys/sysconf.h> says that they correspond to POSIX2
names, but the sysconf names don't have POSIX2 or "posix2" like all the
other POSIX2 names.
in order to create sparse directory files that caused a panic of a
filesystem where fsck would not find anything. A fix for fsck is in the
make but still has to be reviewed by Kirk McKusick.
Fixed the following bugs:
- the buffer was reprinted endlessly when msg.bufx == 0 and (for a
different reason) when msg.bufx == 1.
- the last byte of the buffer wasn't printed except in the the infinite
loop cases.
- the comment about walking the buffer didn't match the (correct) code.
- minor -Wall and style bugs.
Not fixed:
- excessive newline processing which hid the non-printing of the last
byte of the buffer.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
it stopped us from removing or setting loopback address
on lo0:
also make use of the fact the athe sockaddre_at struct now has a "netrange"
field.
CVS ----------------------------------------------------------------------
the file access time update on reads and can be useful in reducing
filesystem overhead in cases where the access time is not important (like
Usenet news spools).
firewalls are remote, and this command will kill the network connection
to them), prompt the user for confirmation of this command.
Also, add the '-f' flag which ignores the need for confirmation the
command, and if there is no controlling tty (isatty(STDIN_FILENO) !=0)
assume '-f'.
If anyone is using ipfw flush in scripts it shouldn't affect them, but you
may want to change the script to use a 'ipfw -f flush'.
Reviewed by: alex
hostname/IP twice on same line in /etc/exports' fix from dumping core
due to bogus /etc/exports entries.
Submitted by: Toshihiro Kanda <candy@fct.kgc.co.jp>
Turn this behavior off using '-Q'. This makes '-v' useless other than as
an ICMP-sniffer, which tcpdump is better at anyway.
Print out another couple of ICMP messages, and fix the printing of the
original packet (mostly byte order problems).
now completely consistent across all IP protocols and should be quite a
bit faster.
Use getprotoname() extensively, performed minor cleanups of admin utility.
The admin utility could use a good kick in the pants.
Basicly, these were the minimal changes I could make to the code
to get it up to tollerable shape. There will be some future commits
to clean up the basic architecture of the firewall code, and if
I'm feeling ambitious, I may pull in changes like NAT from Linux
and make the firewall hooks comletely generic so that a user can
either load the ipfw module or the ipfilter module (cf Darren Reed).
Discussed with: fenner & alex
Submitted by: archie@whistle.com
This patch allows true interface routing to be controlled
from the command line..
you can now do:
route add default -interface ppp0
even if you have no clue what the address at the other end is..
this is part of a set of changes that allow true "unnumbered links"
such as netcom run between their sites..
In practice you should assign the address from one of your ethernet
interfaces to the local side of the P2P link so that IP doesn't
say that the packet comes from 255.255.255.255, but
there is no need whatsoever to assign an address of any kind
to the remote end of the link.. useful for frame relay links etc also.
Note, this is not really a security risk, because the buffer in question
is a static variable in the data segment and not on the stack, and hence
cannot subert the flow of execution in any way. About the worst case was
that if you pinged a long hostname, ping could coredump.
Pointed out on: bugtraq (listserv@netspace.org)
the obsolete() function to convert dump-style args to getopt-style
args doesn't check to see that 'f' really has an argument following
the option string in argv[1].
Submitted-By: jmacd
inspired by SunOS version of mount which uses option -p to
indicate that the mount information should be printed in fstab
format.
This is a neat way to create a new fstab file to use later when
one has modified the mount points or mount options or added or
removed mount some mount points. You just type
mount -p > /etc/fstab.new
and there is your new fstab file ready to be used though you
will of course have to add any necessary noauto flags manually.
[Committers note: This also seems to do the wrong thing for AMD
mounts, but in the more average case this is a nifty feature nonetheless
and one can always edit the bogus entries out]
Submitted-By: Jukka Ukkonen <jau@jau.csc.fi>
This stuff should not be too destructive if the IPDIVERT is not compiled in..
be aware that this changes the size of the ip_fw struct
so ipfw needs to be recompiled to use it.. more changes coming to clean this up.
control program to control the facility of the bootblocks
to fetch a default bootstring from a fixed location on the disk.
See the manpage for more info.
Prevent ALL protocol from being used with port specifications.
Allow 'via' keyword at any point in the options list. Disallow
multiple 'via' specifications.
of /0 to have the desired effect. Normalize IP addresses that
won't match a given mask (i.e. 1.2.3.4/24 becomes 1.2.3.0/24).
Submitted by R. Bezuidenhout <rbezuide@mikom.csir.co.za>
Code formatting and "frag" display fixes.
if statements, #if 0 some unused code, use off_t in calls to read/
write_disk, fix a printf format, remove unused variables, and
#include necessary files.
disklabel(8) to the kernel (dsopen()). Drivers should initialize the
hardware values (rpm, interleave, skews). Drivers currently don't do
this, but it usually doesn't matter since rotational position stuff is
normally disabled.
- Filter based on ICMP types.
- Accept interface wildcards (e.g. ppp*).
- Resolve service names with the -N option.
- Accept host names in 'from' and 'to' specifications
- Display chain entry time stamps with the -t option.
- Added URG to tcpflags.
- Print usage if an unknown tcpflag is used.
- Ability to zero individual accounting entries.
- Clarify usage of port ranges.
- Misc code cleanup.
Closes PRs: 1193, 1220, and 1266.
This covers the security problem descibed in SA-96:10 and Jeff says that
when we upgrade to Lite2 (which fixes this problem), mount no longer needs
to be setuid, so we'll never be going back.
Submitted by: hsu
Reviewed by: pst
mount_* programs. While we're at it, collapse the four now-identical
mount programs for devfs, fdesc, kernfs, and procfs into links to
a new mount_std(8) which can mount any really generic filesystem
such as these when called with the appropriate argv[0].
Also, convert the mount programs to use sysexits.h.
Subject: Fix for annoying fsck bug
Date: Wed, 24 Jan 1996 13:33:29 -0700 (MST)
The following small diff fixes the annoying fsck bug that causes it to
need to be run twice to end up with correct reference counts for inodes
for directories that had subdirectories relocated into the lost+found
directory.
I found the need to rerun *extremely* annoying. This fix causes the
count to be correctly adjusted later in pass 4 by correctly stating
the parent reference count.
Note that the parent reference count is incremented when the directory
entry is made (for ".."), but is not really there in the case of a
directory that does not make an entry in its parent dir.
This can be tested by waiting for the inode sync after cd'ing from a
shell into a test fs. Then you "mkdir xxx yyy zzz", wait a second,
and hit the machine reset button.
Reviewed by: nate (Tested lots of crashes :)
Submitted by: Terry Lambert <terry@lambert.org>
to int32_t. I only fixed the ones that I noticed the warnings for.
Perhaps most of the format strings are correct now because they were
wrong before. Except of course if int32_t isn't compatible with `int'.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
discussionn when they were initially added some time ago.
These programs are not needed before nfs is up and running to possibly
mount /usr so they dont need to be static and on the root fs.
- Use rpcgen to generate the unmodified boilerplate code rather than
having it in the repository.
- Eliminate the conflicting function names by changing them to their
"natural" rpcgen generated names
found when the user specifies "mount -t type". Instead of printing
out one message for each path element (/sbin, /usr/sbin), it prints
out:
mount: exec mount_type not found in /sbin, /usr/sbin: No such file or directory
The code is quite long for such a stupid little piece of aesthesism
but it is very straghtforward so I guess it's ok. Besides, I don't
want to do a "char foo[100];" and have malloc break down when someone
decides to add a few more paths to a variable that's far apart from
this code. :)
By the way, there is no malloc() off-by-one error for the '\0' at the
end of the string although I don't explicitly add 1 to the length.
The code allocates strlen(path element)+2 bytes for each path element,
and doesn't use the last two bytes (for the delimiting ", ").
Reviewed by: the list (I hope)
device file and the mount point. This prevents the "unexpected recursive
lock" panic from happening.
This is a temporary fix. A kernel fix would be much much more ugly than
this, and still wouldn't be the "right" way to fix it. After some
of Terry's file system rework is installed, it will be possible to
properly fix this problem in a clean manner. Until then,
this change should prevent use from getting a problem report
on this every month or so (and I just noticed that someone in
one of the freebsd news groups was complaining about this problem, too).
spit out two error lines for a bogus filesystem type, e.g:
root@time-> mount -t foo /dev/sd0a /mnt
mount: exec /sbin/mount_foo for /mnt: No such file or directory
mount: exec /usr/sbin/mount_foo for /mnt: No such file or directory
But I would submit that if you're even going to scan multiple directories
for a mount_foo (which I actually think is somewhat bogus - if it's not
in /sbin, you're probably in big trouble anyway), you should emit an error
for each one. I got multiple complaints (in addition to the PR) that the
existing behavior was very confusing.
This solves the problem of being unable to use shared libraries with dots
in their names before the ".so.<version>" code.
This should be brought into -stable.
There are more changes from Paul that look like they should be included,
but they change the format of the hints file, so I'm not going to bring them
in now (but we should in the future).
Obtained from: pk@netbsd.org
and an unknown uid/gid is found in the file system. This is useful
if you wind up with a file in your file system that has a uid
that is extremely large, since quotacheck will wind up running
a very very long time due to it not handling large gaps in uids
very well (this is a problem that should be addressed some day).
Update the man page to reflect that fact the the -v flag now prints
some additional diagnostic messages.
stub lockd.
This implements just the protocol, but does not interact with the kernel.
It says "Yes!" to all requests. This is useful if you have people using
tools that do locking for no reason (eg: some PC NFS systems running some
Microsoft products) and will happily report they couldn't lock the file
and merrily proceed anyway. Running this will not change the reliability of
sharing files, it'll just keep it out of everybody's face.
Corrected some bogus cross references to man pages that we don't/won't
have and either deleted them, or found a more appropriate man page
that we do have. Various other minor changes to silence manck.
Manck is currently down to about 200 lines of errors, down from
the 500 - 600+ when I started all this.