Commit Graph

11353 Commits

Author SHA1 Message Date
Philip Paeps
d933824786 Fix a (very) longstanding bug in moused(8) affecting high-resolution rodents
when linear acceleration (-a) was enabled with a <1 value to slow them down.

Previously, rounding errors would eat small movements so the mouse had to be
moved a certain distance to get any movement at all.  We now calculate the
rounding errors and take them into account when reporting movement.

PR:		bin/113749
Submitted by:	Oliver Fromme <olli -at- secnetix.de>
MFC after:	3 days
2007-06-17 20:27:54 +00:00
Yaroslav Tykhiy
997c6eefd8 Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
Hidetoshi Shimokawa
072d350754 Increase buffer size of DV stream to prevent buffer
overrun caused by long blocking of file I/O (i.e. zfs).

MFC after: 3 days
2007-06-17 10:20:55 +00:00
Maxim Konovalov
346e07c1ba o Add an example how to create /etc/mtree style mtree(8) files.
PR:		docs/113667
Submitted by:	edwin
MFC after:	1 week
2007-06-16 08:26:00 +00:00
Hidetoshi Shimokawa
8bd6994930 - Add an option to change escape character.
- Use CTRL macro.
- Make target reset work on telnet port.
- Add a key bind to invoke kgdb on the terminal. (experimental)
2007-06-15 12:09:16 +00:00
Dmitry Morozovsky
89a630d080 Failing to set new frequency should not lead to powerd exiting.
Change err(3) to warn(3) as three other cases.

Approved by:	njl, des
2007-06-13 19:05:11 +00:00
Stephane E. Potvin
04031e9ae2 Options spring cleanup:
- Add and document the KVM and KVM_SUPPORT options that
are needed for the ifmcstats(3) makefile
- Garbage collect unused variables
- Add missing inclusion of bsd.own.mk where needed

Approved by: kan (mentor)
Reviewed by: ru
2007-06-13 02:08:04 +00:00
Bruce M Simpson
71498f308b Import rewrite of IPv4 socket multicast layer to support source-specific
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.

This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.

The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html

Summary
 * IPv4 multicast socket processing is now moved out of ip_output.c
   into a new module, in_mcast.c.
 * The in_mcast.c module implements the IPv4 legacy any-source API in
   terms of the protocol-independent source-specific API.
 * Source filters are lazy allocated as the common case does not use them.
   They are part of per inpcb state and are covered by the inpcb lock.
 * struct ip_mreqn is now supported to allow applications to specify
   multicast joins by interface index in the legacy IPv4 any-source API.
 * In UDP, an incoming multicast datagram only requires that the source
   port matches the 4-tuple if the socket was already bound by source port.
   An unbound socket SHOULD be able to receive multicasts sent from an
   ephemeral source port.
 * The UDP socket multicast filter mode defaults to exclusive, that is,
   sources present in the per-socket list will be blocked from delivery.
 * The RFC 3678 userland functions have been added to libc: setsourcefilter,
   getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
 * Definitions for IGMPv3 are merged but not yet used.
 * struct sockaddr_storage is now referenced from <netinet/in.h>. It
   is therefore defined there if not already declared in the same way
   as for the C99 types.
 * The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
   which are then interpreted as interface indexes) is now deprecated.
 * A patch for the Rhyolite.com routed in the FreeBSD base system
   is available in the -net archives. This only affects individuals
   running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
 * Make IPv6 detach path similar to IPv4's in code flow; functionally same.
 * Bump __FreeBSD_version to 700048; see UPDATING.

This work was financially supported by another FreeBSD committer.

Obtained from:  p4://bms_netdev
Submitted by:   Wilbert de Graaf (original work)
Reviewed by:    rwatson (locking), silence from fenner,
		net@ (but with encouragement)
2007-06-12 16:24:56 +00:00
Motoyuki Konno
226095ae8b Delete description of non-existent options: "-4" and "-6".
ntpd's "-4" and "-6" options are described in the original documentation
(contrib/ntp/html/ntpd.html).  It may be original's doc bug.

PR:		docs/112642
Submitted by:	Seth Hieronymus<shieronymus@speakeasy.net>
Discussed with:	ume
MFC after:	1 week
2007-06-12 13:28:55 +00:00
Ceri Davies
3213dc8412 Create group ftp by default. This is gid 14 as this is the historical
id used by sysinstall when enabling anonymous FTP.

Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.

PR:		93284
Approved by:	ru (mentor)
Reviewed by:	simon
2007-06-11 18:36:39 +00:00
Sam Leffler
b57206897c o add 11n knob
o gcc42 stuff
2007-06-11 04:05:15 +00:00
Sam Leffler
c49cc04cee track net80211 changes to get scan results ioctl 2007-06-11 03:57:46 +00:00
Matteo Riondato
e2f7e255c4 Remove a comment I forgot to remove 2007-06-09 09:20:22 +00:00
Hidetoshi Shimokawa
2ac79858a6 Reset dc->paddr and dc->reset if we cannot read configuration ROM. 2007-06-08 12:58:06 +00:00
Hidetoshi Shimokawa
0311fbe1bb Clean up escape sequence handling and add support for
resetting target and suspending dconschat.
2007-06-08 05:26:11 +00:00
Hidetoshi Shimokawa
f6416cb484 Add heuristics for smooth reconnection. 2007-06-07 12:29:33 +00:00
Pav Lucistnik
448f9bb6c1 "-b /boot/mbr" is redundant, /boot/mbr is the default boot code for fdisk(8).
Pointed out by:	ru
2007-06-07 07:43:04 +00:00
Pav Lucistnik
3022d78f56 - Revert previous revision, it was incorrect
- Add an example using fdisk instead

Pointed out by:	ru
Submitted by:	Warren Block <wblock@wonkity.com>
MFC after:	3 days
2007-06-06 21:28:50 +00:00
Xin LI
4a95c0e83f Write to slice name instead of directly to the disk device.
This fixes writing boot code upon upgrade.

PR:		bin/61587
Submitted by:	Nobuyuki Koganemaru <n-kogane syd.odn.ne.jp>
MFC after:	1 month
2007-06-05 05:44:41 +00:00
Doug Barton
d6ceb6db22 Update bmake glue for the BIND 9.4.1 import.
This includes a return to building with threads, since one of the
major focuses of the 9.4.x branch is to improve thread performance.
2007-06-02 23:19:58 +00:00
Hidetoshi Shimokawa
820f6fa94c Discard backlog on GDB port when connected.
MFC after: 3 days
2007-05-31 04:55:05 +00:00
Christian Brueffer
2d0225ec1a Cleanup after previous commit. 2007-05-25 16:05:17 +00:00
Roman Bogorodskiy
d4d4a70a35 Add a new option for ppp.conf: rad_port_id. It allows to
change the way of what ppp submits to the RADIUS server
as NAS-Port-Id. Possible options are: the PID of the process
owning the corresponding interface, tun(4) interface number,
interface index (as it would get returned by if_nametoindex(3)),
or it's possible to keep the default behavior. Check the ppp(8)
manual page for details.

PR:		bin/112764
Submitted by:	novel (myself)
Reviewed by:	flz
Approved by:	flz
MFC after:	1 month
2007-05-25 13:45:49 +00:00
Diomidis Spinellis
f2bbd63c2f Set .PATH before referring to the corresponding sources. 2007-05-22 10:49:42 +00:00
Diomidis Spinellis
fdbe5babe4 Increase precision of time values in the process accounting
structure, while maintaining backward compatibility with legacy
file and record formats.
2007-05-22 06:51:38 +00:00
Florent Thoumie
9cb3e36c56 Add new x11-drivers category.
Reminded by:	miwi
MFC after:	3 days
2007-05-19 21:27:37 +00:00
Maxim Konovalov
72fc5161cf o Fix typo: firwalling -> firewalling.
PR:		docs/112776
Submitted by:	asmodai
MFC after:	1 week
2007-05-19 07:36:43 +00:00
Diomidis Spinellis
5f6f6b2933 Add -U and -P options that allow the specification of the per-user
and per-process summary file location.
These make the program more flexible, and also make it possible to write
sane regression tests.
2007-05-18 12:36:10 +00:00
Xin LI
cbfaeb5fe3 Tighten IP address check, prevent '..' from being passed
from the check.

Submitted by:	Ren Zhen <bg1tpt gmail com>
MFC after:	2 weeks
2007-05-17 06:08:42 +00:00
Warner Losh
c1f4dd9355 Fix some problems that affect multiple file inclusion. Bruce found
this bug and submitted these patches to dunstan@.  He sent them to me
to test, and I discovered they were needed for the atmel kernel config
files.  Since we were playing with them in the terminal room after the
developer's summit today, I thought I'd go ahead and commit them to
allow those folks that now have atmel hardware (thanks Andre) a chance
to try it out w/o my help.  Since dunstan@ is asleep right now, risk
stepping on his toes a little by going ahead and committing this
change.

Submitted by: dunstan@, bde@
Tested by: bde@
2007-05-17 04:53:52 +00:00
Wojciech A. Koszek
5f9974ae57 Handle !INCLUDE_CONFIG_FILE entirely in the kernel. This should make some
developers happy, since it will let them to use old config(8) with newer
kernels.

Reviewed by:	imp
Approved by:	imp
2007-05-16 16:08:04 +00:00
Colin Percival
e829ed67a2 Add some missing '${BASEDIR}/'s. Prior to this commit, FreeBSD Update
operating with the "-b basedir" option would not correctly update files
which had flags set or were hardlinked.

Submitted by:	Karsten Schmidt
Pointy hat to:	cperciva
MFC after:	1 week
2007-05-16 15:20:51 +00:00
Maxim Konovalov
beda5f787a o Re-indent long lines.
Style(9) wisdom from:	bde
2007-05-14 18:04:07 +00:00
Pav Lucistnik
a60c1777ea Add `accept dns' to rfcomm-server example
PR:		docs/111320
Submitted by:	James Flemer <jflemer@alum.rpi.edu>
No objection:	emax
MFC after:	1 week
2007-05-13 18:59:22 +00:00
Wojciech A. Koszek
9e2f7513e1 Bump config(8) version and build requirement for config(8) to 600006. This
is caused by my latest changes to config(8). You're supposed to install new
config(8) in order to prevent yourself from seeing a warning about old
version of that tool.

You should configure the kernel with a new config(8) then.

Oked by:	rwatson, cognet (mentor)
2007-05-13 02:36:41 +00:00
Wojciech A. Koszek
ae7a150a68 This is loser's commit message:
Remember about tricky cases, where options contain unfriendly characters,
from the ANSI-C string point of view ('"' in this case). The x09 build
breakage was caused by SC_CUT_SEPCHARS options.

I did test this patch number of times; each time unprofessionally and
inappropriately.

OKed by:	cognet (mentor)
2007-05-12 22:37:52 +00:00
Wojciech A. Koszek
c21a9d0c87 Add ${.CURDIR} before kernconf.tmpl in order to let the build see newly
added kernconft.tmpl file.

Approved by:	cognet (mentor)
2007-05-12 20:33:13 +00:00
Wojciech A. Koszek
744b947ef8 Improve INCLUDE_CONFIG_FILE support.
This change will let us to have full configuration of a running kernel
available in sysctl:

	sysctl -b kern.conftxt

The same configuration is also contained within the kernel image. It can be
obtained with:

	config -x <kernelfile>

Current functionality lets you to quickly recover kernel configuration, by
simply redirecting output from commands presented above and starting kernel
build procedure. "include" statements are also honored, which means options
and devices from included files are also included.

Please note that comments from configuration files are not preserved by
default. In order to preserve them, you can use -C flag for config(8). This
will bring configuration file and included files literally; however,
redirection to a file no longer works directly.

This commit was followed by discussion, that took place on freebsd-current@.
For more details, look here:

	http://lists.freebsd.org/pipermail/freebsd-current/2007-March/069994.html
	http://lists.freebsd.org/pipermail/freebsd-current/2007-May/071844.html

Development of this patch took place in Perforce, hierarchy:

	//depot/user/wkoszek/wkoszek_kconftxt/

Support from:	freebsd-current@ (links above)
Reviewed by:	imp@
Approved by:	imp@
2007-05-12 19:38:18 +00:00
Maxim Konovalov
fbe4fc2ec0 o Fix several style bugs in the previous commit.
Prodded by:	bde
2007-05-12 16:42:01 +00:00
Pav Lucistnik
688b60bfcc Correct two typos
PR:		docs/66771
Submitted by:	Michel Lavondes <fox@vader.aacc.cc.md.us>
MFC after:	1 week
2007-05-12 12:42:00 +00:00
Pav Lucistnik
2e032d8d80 Document /boot/mbr (non-interactive boot block)
PR:		doc/111840
Submitted by:	Warren Block <wblock@wonkity.com>
MFC after:	1 week
2007-05-12 10:40:20 +00:00
Maxim Konovalov
30ff126652 o Make iostat -Ix work: print per-interval I/O extended statistics.
PR:		bin/112559
Submitted by:	Dan Nelson
MFC after:	2 weeks
2007-05-12 09:28:34 +00:00
Yaroslav Tykhiy
99bb95ae79 Update nologin(5) to match the modern reality of login.conf(5) and PAM. 2007-05-10 11:22:24 +00:00
Maxim Konovalov
a88ee16ddd o Add "line" device to a list of mixer(8) devices.
PR:		docs/112520
Submitted by:	Pietro Cerutti
MFC after:	1 week
2007-05-09 05:33:54 +00:00
Pawel Jakub Dawidek
c5791aae52 Print provider's ident when in verbose mode. 2007-05-06 00:25:21 +00:00
Andrey A. Chernov
ba174a5e38 Back out all POSIXified *env() changes.
Not because I admit they are technically wrong and not because of bug
reports (I receive nothing). But because I surprisingly meets so
strong opposition and resistance so lost any desire to continue that.

Anyone who interested in POSIX can dig out what changes and how
through cvs diffs.
2007-05-01 16:02:44 +00:00
Matteo Riondato
48e5a99e7f Correctly inizialize local/unix transport. I broke it in rev.1.15.
PR:	 bin/1122566
MFC after:	1 week
2007-05-01 14:47:35 +00:00
Maxim Konovalov
eea319c4b7 o I failed to find a suitable explanation why traceroute(8) and
traceroute6(8) force -w flag (wait time) to be > 1 sec.  Make it
possible to use 1 sec wait time.

PR:		bin/110933
Submitted by:	Dmitry Marakasov
Reviewed by:	freebsd-net (silence)
MFC after:	1 month
2007-04-30 19:08:13 +00:00
Andrey A. Chernov
903fd42535 Preparing for upcoming POSIXed putenv() rewrite:
don't allow const as putenv() arg, dup it
2007-04-30 15:16:19 +00:00
Andrey A. Chernov
322627150d Prepare for upcoming POSIXed putenv() rewrite:
don't allow putenv() arg be on the stack, use strdup()
2007-04-30 13:07:33 +00:00