the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
Add a new build option, MAN_UTILS. This option lets you control building
utilities and related support files for manual pages, which were previously
controlled by MAN. For POLA, the default depends on MAN, i.e., WITHOUT_MAN
implies WITHOUT_MAN_UTILS and WITH_MAN implies WITH_MAN_UTILS.
Note this patch implicitly fixes a documentation bug of src.conf(5), which
says WITHOUT_MAN may be used to not build manual pages while it was also
disabling some utilities for manual pages.
Approved by: re (kib)
Flush all routes before adding the default route in order to allow
sysinstall to cleanly re-initialize the network.
PR: bin/145553
Submitted by: gcooper
Approved by: cperciva (mentor)
Add a sentence to the man page explaining that the -d option
can only be used when ntpd is compiled with DEBUG support.
PR: docs/138206
Submitted by: Oliver Pinter (oliver dot pntr at gmail dot com)
Approved by: roberto
Introduce 'netDev=ANY' support for scripted (install.cfg) installs, which
results in the first ethernet interface with physical link being selected.
Approved by: cperciva (mentor)
Make the "Q = Finish" text visible when running sysinstall as a normal
application. Reword the boot manager screen to try and avoid confusion.
Approved by: rrs (mentor)
Remove the reference to DD mode, and replace "Wizard" mode with "Expert" mode.
Also, make sure the "Q = Finish" text is visible.
Reword the boot manager screen to try and avoid confusion, and make the
order of the menu items match that in sysinstall.
PR: bin/142916
Submitted by: Jeremy Chadwick <freebsd at jdc.parodius.com>
Approved by: rrs (mentor)
Merge improvements from kernel HID parser to the userland usbhid(3)
parser. This merge does not change any API and should not break any
native or thirdparty applications.
Changes include:
* Merge multiple report ID support and other improvements from kernel
HID parser.
* Ignore rid argument in hid_start_parser, parse all the report items since
we now support multiple report ID.
* Skip report ID byte in hid_get_data() and set report ID byte in
hid_set_data(), if report ID is non-zero.
* Reimplement hid_get_report_id: instead get report id from uhid device
(which is always 0), try parsing the report descriptor and return the
first report ID encountered.
MFC r207812
hid_get_data() now expects that the hid data passed in always contains
the report ID byte. Thus we should not skip the the report ID byte in
hid_interrupt(). Also, if HUP_KEYBOARD usage is an array, do not try
to modify the 'data' pointer, instead, increase the hid_item_t field
'pos' by 'report_size' before calling hid_get_data() during each
iteration.
If the "-alldirs" export option was used for the V4: line, mountd
would crash in check_options() since dp == NULL for the V4: line.
This patch moves the check for options allowed on the V4: line to
ahead of where dp is used to avoid this crash.
Update GRANDPARENTED text to match the contents of tzdata/factory r19879.
This eliminates "warning: time zone abbreviation differs from POSIX" on
installworld.
sparc64, and possibly other architectures, pads the length of the
section holding the config file to sh_addralign bytes using NULs.
This bogusly triggers an assert. Break out of the loop when we hit an
NUL within that many bytes of the end.
Require the option that's mapped be listed in the options file. This
will allow people with old config options to either have it just work
(if config is new enough), or get a version error (if their config is
about 7.0 or newer) rather than getting a cryptic error about
duplicated options in the options file, or getting an error about an
unknown option, at which point they'd update their config file only to
learn they need a new config, only to learn they didn't really need to
update their config file... All this because our version checking was
in the wrong place for the past decade...
# hopefully this is the last change, and we'll be able to config with an
# 8.0 GENERIC file on stable/8 after I merge this change and add the
# compat options.
Redo how we add compat options so as to be compatible with old
versions of config. Remove support for the syntax OLD = NEW form the
options file, and instead have a new file $S/conf/options-compat.
This file will be parsed as OLD NEW on each line. Bump version of
config. Since nothing in -current ever used this, there's no hazards
for current users, so I'm not bumping the version in the
Makefiles.$MACHINE. No need, really, for this version bump in
-current, but this was introduced into -stable before I realized the
version check was ineffective there, so the verison bump doesn't hurt
here and keeps the two branches in sync, versionwise, after the MFC.
Move checking the version up from Makefile generation to just after
we've parsed the config file. Makefile generation is too late if
we've introduce changes to the syntax of the metafiles to warn about
version skew, since we have to try to parse them and we get an parse
error that's rather baffling to the user rather than a 'your config is
too old, upgrade' which we should get.
We have to defer doing it until after we've read the user's config
file because we define machinename there. The version required to
compile the kernel is encoded in Makefile.machinename. There's no
real reason for this to be the case, but changing it now would
introduce some logistical issues that I'd rather avoid for the moment.
I intend to revisit this if we're still using config in FreeBSD 10.
This also means that we cannot introduce any config metafile changes
that result in a syntax error or other error for the user until 9.0 is
released. Otherwise, we break the upgrade path, or at least reduce
the usefulness of the error messages we generate.
# This implies that the config file option mapping will need to be redone.
Sync with OpenBSD:
- avoid coredump when there's only one token on a line;
- Use calloc();
- Remove a line inherited from example mdoc.
Obtained from: OpenBSD
Merge ACPICA 20100304.
MFC: r204874
Update module Makefile for ACPICA 20100304.
MFC: r204877
Allow ACPI module build on amd64. Although we strongly recommend building
it into kernel, there is no need to prevent it from building at all.
MFC: r204916
- Allow users to enable dumping Debug objects without ACPI debugger.
Setting the new sysctl MIB "debug.acpi.enable_debug_objects" to a non-zero
value enables us to print Debug object when something is written to it.
- Allow users to disable interpreter slack mode. Setting the new tunable
"debug.acpi.interpreter_slack" to zero disables some workarounds for common
BIOS mistakes and enables strict ACPI implementations by the specification.
MFC: r204920
Since the interpreter slack mode is a tunable now, enable a local hack only
when it is set. Note the default behaviour does not change by this change.
MFC: r204965
Fix white spaces.
MFC: r206117
Merge ACPICA 20100331 (and four additional upstream patches).
Bump minor version of config to reflect the new option remapping
feature. The kernel makefiles have specifically not been bumped
because nothing uses this new feature and doing so forces everybody to
recompile for no good reason. This chnage will be MFC'd where the
kernel version numbers for amd64 and ia64 will be bumped, since those
are the only two that have use the option remapping feature. Once
merged, this will give a better error message to folks that are using
buildkernel without buildworld or kernel-toolchain to update their
kernels.
MFC after: 3 days
Allow option aliasing. Lines of the form:
OLD_OPT = NEW_OPT
in options* files will now map OLD_OPT to NEW_OPT with a friendly
message. This is indented for situations where we need to preserve an
interface in the config file in an upwards compatible fashion on a
stable branch.
Reviewed by: nwhitehorn@
MFC after: 3 days
When you have multiple addresses on the same network on different
interfaces (such as when you are part of a carp pool), and you run
rpcbind -h to restrict which interfaces have rpc services, rpcbind can
none-the-less return addresses that aren't in the -h list. This patch
enforces the rule that when you specify -h on the command line, then
services returned from rpcbind must be to one of the addresses listed
in -h, or be a loopback address (since localhost is implicit when
running -h).
The root cause of this is the assumption in addrmerge that there can
be only one interface that matches a given network IP address. This
turns out not to be the case. To retain historical behavior, I didn't
try to fix the routine to prefer the address that the request came
into, since I didn't know the side effects that might cause in the
normal case. My quick analysis suggests that it wouldn't be a
problem, but since this code is tricky I opted for the more
conservative patch of only restricting the reply when -h is in effect.
Hence, this change will have no effect when you are running rpcbind
without -h.
Reviewed by: alfred@
Sponsored by: iX Systems
MFC after: 2 weeks
Print memory model of the video mode except for planar memory model.
'P', 'D', 'C', 'H', and 'V' mean packed pixel, direct color, CGA, Hercules,
and VGA X memory models respectively where they have fixed number of planes.
Add a "-x" option to chown(8)/chgrp(1) similar to the same option in
du(1), cp(1) etc, to prevent the crossing of mountpoints whilst using the
commands recursively.
PR: bin/130855
Submitted by: keramida
Properly progress through the list of IPv6 addresses using in6_addr size.
Right now if a jail has multiple IPv6 addresses, it will print them
shifting only 4 bytes at a time. Example:
2001:4dd0:ff41::b23f:a9
2001:4dd0:ff41::b23f:aa
Becomes:
2001:4dd0:ff41::b23f:a9
ff41::b23f:a9:2001:4dd0
By casting to in6_addr, it uses the correct offsets.
Make it more clear in the docs that -a is not compatible with -iFU,
and enforce this in the code. Apparently a lot of users mistakenly
combine -a with these flags and are then mystified that no changes
were made.
While I'm here, fix a trailing space in mergemaster.8
Change the way shutdown is handled for log file.
pmc_flush_logfile is now non-blocking and just ask the kernel
to shutdown the file. From that point, no more data is
accepted by the log thread and when the last buffer is flushed
the file is closed.
This will remove a deadlock between pmcstat asking for
flush while it cannot flush the pipe itself.
