11852 Commits

Author SHA1 Message Date
Ken Smith
82b71af125 Oops, missed removing an 's' in previous rev.
Submitted by:	Jens Schweikhardt (schweikh <at> schweikhardt <dot> net)
2008-12-30 18:21:54 +00:00
Ken Smith
81d1f5e232 Clean up this message a little bit. 2008-12-30 17:36:32 +00:00
Ken Smith
fc157853b0 Clean up this message a little bit. 2008-12-30 17:16:52 +00:00
David E. O'Brien
557fe2617d Add gssd.h to the list of SRCS so one can build without 'make depend' first. 2008-12-30 01:33:15 +00:00
David E. O'Brien
bb980c847f Sound less scary about errorousous disk geometry due to wanting to limit
to 65535 cylinders.

Submitted by:	Carlos A. M. dos Santos <unixmania@gmail.com>
2008-12-30 00:57:39 +00:00
Simon L. B. Nielsen
d70f2bc2dc Add missing -o to usage output.
MFC after:	3 days
2008-12-29 14:59:22 +00:00
Florent Thoumie
7e410be8f0 Fix memory leaks introduced in last commit.
Bump version to 20081227.

Reported by:	gcooper
Submitted by:	Andrea Barberio <insomniac@slackware.it>
MFC after:	1 month
2008-12-27 14:34:33 +00:00
Weongyo Jeong
b3974c00b5 Integrate the NDIS USB support code to CURRENT.
Now the NDISulator supports NDIS USB drivers that it've tested with
devices as follows:

  - Anygate XM-142 (Conexant)
  - Netgear WG111v2 (Realtek)
  - U-Khan UW-2054u (Marvell)
  - Shuttle XPC Accessory PN20 (Realtek)
  - ipTIME G054U2 (Ralink)
  - UNiCORN WL-54G (ZyDAS)
  - ZyXEL G-200v2 (ZyDAS)

All of them succeeded to attach and worked though there are still some
problems that it's expected to be solved.

To use NDIS USB support, you should rebuild and install ndiscvt(8) and
if you encounter a problem to attach please set `hw.ndisusb.halt' to
0 then retry.

I expect no changes of the NDIS code for PCI, PCMCIA devices.

Obtained from:  //depot/projects/ndisusb/...
2008-12-27 08:03:32 +00:00
Qing Li
8eca593c5a This checkin addresses a couple of issues:
1. The "route" command allows route insertion through the interface-direct
   option "-iface". During if_attach(), an sockaddr_dl{} entry is created
   for the interface and is part of the interface address list. This
   sockaddr_dl{} entry describes the interface in detail. The "route"
   command selects this entry as the "gateway" object when the "-iface"
   option is present. The "arp" and "ndp" commands also interact with the
   kernel through the routing socket when adding and removing static L2
   entries. The static L2 information is also provided through the
   "gateway" object with an AF_LINK family type, similar to what is
   provided by the "route" command. In order to differentiate between
   these two types of operations, a RTF_LLDATA flag is introduced. This
   flag is set by the "arp" and "ndp" commands when issuing the add and
   delete commands. This flag is also set in each L2 entry returned by the
   kernel. The "arp" and "ndp" command follows a convention where a RTM_GET
   is issued first followed by a RTM_ADD/DELETE. This RTM_GET request fills
   in the fields for a "rtm" object, which is reinjected into the kernel by
   a subsequent RTM_ADD/DELETE command. The entry returend from RTM_GET
   is a prefix route, so the RTF_LLDATA flag must be specified when issuing
   the RTM_ADD/DELETE messages.

2. Enforce the convention that NET_RT_FLAGS with a 0 w_arg is the
   specification for retrieving L2 information. Also optimized the
   code logic.

Reviewed by:   julian
2008-12-26 19:45:24 +00:00
Florent Thoumie
58d93e6134 Follow symlinks when deleting directories.
Bump PKG_INSTALL_VER to 20081225 (Merry Christmas \o/).

PR:		bin/54446
Submitted by:	Andrea Barberio <insomniac@slackware.it>
MFC after:	1 month
2008-12-25 16:59:35 +00:00
Florent Thoumie
24f6714d86 Add package directory for 7.1-RELEASE in head as well as stable/7. 2008-12-25 15:44:10 +00:00
Tom Rhodes
2293dac2ac Print a warning when blackhole and reject are used together.
Update arp.8 manual page syntax.

PR:		125896
Submitted by:	Marc Olzheim <marcolz@stack.nl>
Approved by:	sam
2008-12-25 06:44:19 +00:00
Robert Watson
a8879d0d7d In ugidfw(8), print the rule number and rule contents (as parsed and then
regenerated in libugidfw) rather than simply printing that the rule was
added with only the number.  This makes ugidfw(8) behave a bit more like
ipfw(8), and also means that the administrator sees how the rule was
interpreted once uids/gids/etc were processed.

Obtained from:	TrustedBSD Project
2008-12-24 22:40:13 +00:00
Tom Rhodes
5d8e279e37 Fix a typo higter->higher.
Spotted by:	ganbold
2008-12-24 09:17:30 +00:00
David E. O'Brien
11a2f37eed Make signal handler safer.
Submitted by:	Jaakko Heinonen <jh@saunalahti.fi>
2008-12-23 17:57:17 +00:00
Tom Rhodes
5b34e7083c Add "crit" to the list of keywords.
PR:		126934
2008-12-23 17:39:24 +00:00
Joseph Koshy
8cfb4353c2 Close the read side of the pipe to self when exiting. 2008-12-23 12:08:06 +00:00
Maxim Konovalov
f586be87c9 o Correct a database name: "group" not "groups".
PR:		docs/129853
Submitted by:	Denis Barov
MFC after:	1 week
2008-12-22 13:36:15 +00:00
Sam Leffler
efc06131bf add makefs to the base system; FreeBSD_version bumped just in case
Reviewed by:	imp
2008-12-19 23:10:55 +00:00
Sam Leffler
6ba525d6e0 fix pathnames to work w/ buildworld 2008-12-19 22:59:05 +00:00
Sam Leffler
8bdefde988 fix 64-bit build 2008-12-19 22:58:39 +00:00
David E. O'Brien
970bfaf67f burncd(8) doesn't handle signals and interrupting burncd during operation.
For example, ^C (SIGINT) may leave the drive spinning and locked.
This may also happen if you try to write a too-large image to a disc
and burncd(8) exits with an I/O error.

Add signal handling by doing a CDRIOCFLUSH ioctl to attempt to leave
burner in a sane state when burning is interrupted with SIGHUP, SIGINT,
SIGTERM, or in case an I/O error occurs during write.
Note, that blanking will still continue after interrupt but it seems to
finish correctly even after burncd(8) has quit.

Also, while I'm here bump WARNS to "6".

PR:		48730
Submitted by:	Jaakko Heinonen <jh@saunalahti.fi>
2008-12-19 20:20:14 +00:00
Sam Leffler
d347a0da97 import netbsd makefs tool 2008-12-19 18:47:46 +00:00
Xin LI
7ad0654cff Constify 'name' field in struct funix. This commit makes syslogd(8)
WARNS?=6 on amd64 but I have not tested under universe so keep WARNS?=
level as-is for now.
2008-12-19 18:27:51 +00:00
Qing Li
e657c679e1 The ppp application relies on the if_tun interface to properly
install a p2p host route between the end points. The ppp module
upates this router based on user configuration later on. The
rt_Update() seems to always set the RTF_GATEWAY flag, which is
broken.
2008-12-19 01:37:20 +00:00
Maxim Konovalov
30de65f8ed o Synchronize comment and example. Add missed comma.
PR:		misc/129699
Submitted by:	Glen Barber [1]
MFC after:	2 weeks
2008-12-18 06:38:11 +00:00
Tai-hwa Liang
2db461e489 Fixing !INET6 builds after bumping WARNS to 3. 2008-12-18 04:03:29 +00:00
David E. O'Brien
58a841efc2 Use passed parameter rather than the #define.
(more accurate extraction of Juniper Networks change)
2008-12-17 16:55:58 +00:00
David E. O'Brien
97f37b322d Rather than hardcode the 'struct iovec iov' array size, use a #define.
While I'm here bump WARNS to 3.

Obtained from:	Juniper Networks
2008-12-17 16:51:40 +00:00
Ken Smith
08de4911f4 Remove file no longer part of sysinstall. 2008-12-17 02:54:18 +00:00
Ken Smith
b6716b27f2 As threatened a while ago, remove support for tape media. Reports vary
but most people believe it stopped working a while ago.
2008-12-17 02:52:45 +00:00
Ken Smith
ab6ff2fee1 Add confirmation of the password that got entered.
PR:		29893 (among others)
2008-12-16 16:15:19 +00:00
Ken Smith
0a65345ca4 Stop treating Xorg as a distribution in the mainline portion of sysinstall
and leave it to be handled in the packages section (or post-install
completely) along with all the other packages.
2008-12-16 01:18:10 +00:00
Ken Smith
5695960913 Don't tell the user to remove the media until its actually possible for
them to remove the media.  CDs need to be unmounted before they can be
removed.
2008-12-15 15:46:56 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Bjoern A. Zeeb
1f34f30fb5 Make sure that the direct jls invocations prints something
reasonable close to and in the same format as it had always.

r185435 said it would try that but I had been living with jail
patches for too long to actually remember the single-line format
when adding backwards compatibility back in p4.

Reported by:	Philipp Wuensche <cryx-freebsd@h3q.com>
Tested by:	Philipp Wuensche <cryx-freebsd@h3q.com>
MFC after:	4 weeks (just for me to get the mail)
2008-12-14 16:56:47 +00:00
Ken Smith
6821c5f657 Clean out the remaining alpha-isms. 2008-12-14 06:40:04 +00:00
Sean Bruno
c1de48a3d2 Reviewed by: (Dieter)freebsd@sopwith.solgatos.com
Approved by:	slong scottl@samsco.org
MFC after:	2 weeks

Final cleanup of fwcontrol.
  NetBSD compatibility
  Cleanup errors in usage() display
  Finish up error handling via errx/warnx
  Generate error on unparsed command line syntax
  Change device(devbase) to open into the form /dev/fwX.X
2008-12-12 18:17:23 +00:00
Ken Smith
5367b241cd Remove the offer to install Linux compatibility on i386 in the mainline
portion of sysinstall.  Leave it to be treated as a regular package
along with all the other packages...
2008-12-12 11:58:27 +00:00
Ken Smith
3edf1c0b8b Begin the sysinstall cleanup. Remove the support for configuring OSF
binary compatibility.
2008-12-12 11:43:48 +00:00
Bjoern A. Zeeb
0f1fe22db5 Correctly check the number of prison states to not access anything
outside the prison_states array.
When checking if there is a name configured for the prison, check the
first character to not be '\0' instead of checking if the char array
is present, which it always is. Note, that this is different for the
*jailname in the syscall.

Found with:	Coverity Prevent(tm)
CID:		4156, 4155
MFC after:	4 weeks (just that I get the mail)
2008-12-11 01:04:25 +00:00
Poul-Henning Kamp
ba2b54296f Fix a cornercase during search 2008-12-09 09:25:03 +00:00
Tom Rhodes
efe78a46f7 Use "allowed_peer" throughout this manual page. 2008-12-07 18:45:30 +00:00
Luigi Rizzo
ae3096705c Another, hopefully final set of changes to boot0 and boot0cfg.
boot0.S changes:

+ import a patch from Christoph Mallon to rearrange the various
  print functions and save another couple of bytes;

+ implement the suggestion in PR 70531 to enable booting from
  any valid partition because even the extended partitions that
  were previously in our kill list may contain a valid boot loader.
  This simplifies the code and saves some bytes;

+ followwing up PR 127764, implement conditional code to preserve
  the 'Volume ID' which might be used by other OS (NT, XP, Vista)
  and is located at offset 0x1b8. This requires a relocation of the
  parameter block within the boot sector -- there is no other
  possible workaround.
  To address this, boot0cfg has been updated to handle both
  versions of the boot code;

+ slightly rearrange the strings printed in the menus to make
  the code buildable with all options. Given the tight memory
  budget, this means that with certain options we need to
  shrink or remove certain labels.

and especially:

	make -DVOLUME_LABEL -DPXE the default options.

  This means that the newly built boot0 block will preserve the
  Volume ID, and has the (hidden) option F6 to boot from INT18/PXE.
  I think the extra functionality is well worth the change.

  The most visible difference here is that the 'Default: ' string
  now becomes 'Boot: ' (it can be reverted to the old value
  but then we need to nuke 1/2 partition name or entries to
  make up for the extra room).

boot0cfg changes:

+ modify the code to recognise the new boot0 structure (with the
  relocated options block to make room for the Volume id).

+ add two options, '-i xxxx-xxxx' to set the volume ID, -e c
  to modify the character printed in case of bad input

PR:		127764 70531
Submitted by:	Christoph Mallon (portions)
MFC after:	4 weeks
2008-12-03 14:53:59 +00:00
Robert Watson
52267f7411 Merge OpenBSM 1.1 alpha 2 from the OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and sys/{bsm,security/audit} (manual merge).

- Add OpenBSM contrib tree to include paths for audit(8) and auditd(8).
- Merge support for new tokens, fixes to existing token generation to
  audit_bsm_token.c.
- Synchronize bsm includes and definitions.

OpenBSM history for imported revisions below for reference.

MFC after:      1 month
Sponsored by:   Apple Inc.
Obtained from:  TrustedBSD Project

--

OpenBSM 1.1 alpha 2

- Include files in OpenBSM are now broken out into two parts: library builds
  required solely for user space, and system includes, which may also be
  required for use in the kernels of systems integrating OpenBSM.  Submitted
  by Stacey Son.
- Configure option --with-native-includes allows forcing the use of native
  include for system includes, rather than the versions bundled with OpenBSM.
  This is intended specifically for platforms that ship OpenBSM, have adapted
  versions of the system includes in a kernel source tree, and will use the
  OpenBSM build infrastructure with an unmodified OpenBSM distribution,
  allowing the customized system includes to be used with the OpenBSM build.
  Submitted by Stacey Son.
- Various strcpy()'s/strcat()'s have been changed to strlcpy()'s/strlcat()'s
  or asprintf().  Added compat/strlcpy.h for Linux.
- Remove compatibility defines for old Darwin token constant names; now only
  BSM token names are provided and used.
- Add support for extended header tokens, which contain space for information
  on the host generating the record.
- Add support for setting extended host information in the kernel, which is
  used for setting host information in extended header tokens.  The
  audit_control file now supports a "host" parameter which can be used by
  auditd to set the information; if not present, the kernel parameters won't
  be set and auditd uses unextended headers for records that it generates.

OpenBSM 1.1 alpha 1

- Add option to auditreduce(1) which allows users to invert sense of
  matching, such that BSM records that do not match, are selected.
- Fix bug in audit_write() where we commit an incomplete record in the
  event there is an error writing the subject token.  This was submitted
  by Diego Giagio.
- Build support for Mac OS X 10.5.1 submitted by Eric Hall.
- Fix a bug which resulted in host XML attributes not being arguments so
  that const strings can be passed as arguments to tokens.  This patch was
  submitted by Xin LI.
- Modify the -m option so users can select more then one audit event.
- For Mac OS X, added Mach IPC support for audit trigger messages.
- Fixed a bug in getacna() which resulted in a locking problem on Mac OS X.
- Added LOG_PERROR flag to openlog when -d option is used with auditd.
- AUE events added for Mac OS X Leopard system calls.
2008-12-02 23:26:43 +00:00
Sergey Skvortsov
637fd955fe Fix typo.
Approved by:	ru
2008-12-01 17:39:34 +00:00
Luigi Rizzo
ddce581880 Make the linker.hints file have mode 644 instead of 600.
There is nothing secret in the file, and the missing read
permission breaks diskless operation.

MFC after:	4 weeks
2008-11-30 14:20:08 +00:00
Bjoern A. Zeeb
413628a7e3 MFp4:
Bring in updated jail support from bz_jail branch.

This enhances the current jail implementation to permit multiple
addresses per jail. In addtion to IPv4, IPv6 is supported as well.
Due to updated checks it is even possible to have jails without
an IP address at all, which basically gives one a chroot with
restricted process view, no networking,..

SCTP support was updated and supports IPv6 in jails as well.

Cpuset support permits jails to be bound to specific processor
sets after creation.

Jails can have an unrestricted (no duplicate protection, etc.) name
in addition to the hostname. The jail name cannot be changed from
within a jail and is considered to be used for management purposes
or as audit-token in the future.

DDB 'show jails' command was added to aid debugging.

Proper compat support permits 32bit jail binaries to be used on 64bit
systems to manage jails. Also backward compatibility was preserved where
possible: for jail v1 syscalls, as well as with user space management
utilities.

Both jail as well as prison version were updated for the new features.
A gap was intentionally left as the intermediate versions had been
used by various patches floating around the last years.

Bump __FreeBSD_version for the afore mentioned and in kernel changes.

Special thanks to:
- Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches
  and Olivier Houchard (cognet) for initial single-IPv6 patches.
- Jeff Roberson (jeff) and Randall Stewart (rrs) for their
  help, ideas and review on cpuset and SCTP support.
- Robert Watson (rwatson) for lots and lots of help, discussions,
  suggestions and review of most of the patch at various stages.
- John Baldwin (jhb) for his help.
- Simon L. Nielsen (simon) as early adopter testing changes
  on cluster machines as well as all the testers and people
  who provided feedback the last months on freebsd-jail and
  other channels.
- My employer, CK Software GmbH, for the support so I could work on this.

Reviewed by:	(see above)
MFC after:	3 months (this is just so that I get the mail)
X-MFC Before:   7.2-RELEASE if possible
2008-11-29 14:32:14 +00:00
Attilio Rao
1b4822a413 Import an initial revision of the pmcannotate tool.
For further explanations please check this e-mail on freebsd-arch@:
http://lists.freebsd.org/pipermail/freebsd-arch/2008-November/008698.html

Tested by:	gnn
Sponsored by:	Nokia
2008-11-26 21:44:57 +00:00
Attilio Rao
c0252222a2 Add the -m option to pmcstat.
This option prints the list of sampled PCs along with the function name,
the start and end addresses of this where their live within.

Reviewed by:	jkoshy
Tested by:	gnn
Sponsored by:	Nokia
2008-11-25 23:24:29 +00:00