Commit Graph

6619 Commits

Author SHA1 Message Date
Mark Johnston
04006780d9 Complete support for dtrace's -x setenv option.
This allows one to override the environment for processes created with
dtrace -c. By default, the environment is inherited.

This support was originally merged from illumos in r249367 but was lost
when the commit was later reverted and then brought back piecemeal.

Reported by:	Samuel Lepetit <slepetit@apple.com>
MFC after:	2 weeks
2017-12-03 16:57:28 +00:00
Kristof Provost
4fbebc7472 Add IPSec tests in tunnel mode
Some IPSec in tunnel mode allowing to test multiple IPSec
configurations.  These tests are reusing the jail/vnet scripts from pf
tests for generating complex network.

Submitted by:	olivier@
Differential Revision:	https://reviews.freebsd.org/D13017
2017-12-03 13:52:35 +00:00
Dimitry Andric
d4419f6fa8 Upgrade our copies of clang, llvm, lldb and libc++ to r319231 from the
upstream release_50 branch.  This corresponds to 5.0.1 rc2.

MFC after:	2 weeks
2017-12-03 12:14:34 +00:00
Eitan Adler
e6fb36794f pf.os: Add OpenBSD:6.1
Obtained From: OpenBSD
2017-12-02 06:23:02 +00:00
Alan Somers
cc58910608 Fix fetching ntp leapfile after 325256
Submitted by:	Ronald Klop <ronald-lists@klop.ws>
Reviewed by:	asomers
MFC after:	3 days
X-MFC-With:	325256
2017-11-28 20:44:10 +00:00
Alan Somers
013953eb5f Add basic tests for ctfconvert(1), fold(1) and rs(1)
Add basic command line parsing test coverage for these utilities.  The tests
were automatically generated based on their man pages.  These tests can be
expanded by hand for more thorough coverage.  The aim is to generate very
basic amount of test coverage for all the utilities in the base system.

Tests generated via: https://github.com/shivansh/smoketestsuite/

Submitted by:	shivansh
Reviewed by:	asomers
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D12424
2017-11-27 20:01:58 +00:00
Emmanuel Vadot
b7f38d774d growfs: Commit the changes after expanding the partition
This fix the problem in arm snapshot present since at least 6 months where
growfs was failing at firstboot and dropped you in a single user shell.
2017-11-27 15:39:11 +00:00
Pedro F. Giffuni
1de7b4b805 various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:37:16 +00:00
Edward Tomasz Napierala
f497052bcf Add /etc/autofs/include_nis, a non-rewriting NIS map.
Submitted by:	G. Paul Ziemba
Suggested by:	asomers@
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-11-27 12:50:26 +00:00
Edward Tomasz Napierala
61cfb3db4c Rename /etc/autofs/include_nis to /etc/autofs/include_nis_nullfs, to indicate
that this script provides nullfs map rewriting for local mounts.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-11-27 12:46:18 +00:00
Edward Tomasz Napierala
db2ec83907 Change formatting; no functional changes.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-11-27 12:44:03 +00:00
Ed Maste
71d5ff4391 filter all passwords (not only changed) from periodic passwd backup
The periodic 200.backup-passwd script outputs any differences it finds
in master.passwd, relative to the previous backup.  It intends to elide
the encrypted password field, but previously did so only for changed
lines (i.e., those beginning with - or + in the diff).

Apply the sed expression also to unchanged lines to also elide their
passwords.

PR:		223461
Reported by:	Andre Albsmeier
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2017-11-21 20:31:54 +00:00
Alan Somers
396c556d77 Add ATF tests for head(1)
Submitted by:	Fred Schlecter <https://github.com/fjs-github>
Reviewed by:	asomers, jilles
MFC after:	3 weeks
Differential Revision:	https://github.com/freebsd/freebsd/pull/127
2017-11-20 22:55:02 +00:00
Andriy Voskoboinyk
c92451ae9d Reduce code duplication for wlan(4) interface creation in network.subr.
Since wlandebug(8) can accept any (original or changed) interface name
this part may be simplified a bit.
2017-11-19 20:18:21 +00:00
Mariusz Zaborski
3aa239f187 Remove unused Casper configurations files.
This is a reaming of Casper daemon.
2017-11-18 15:34:31 +00:00
Konstantin Belousov
9898800172 Remove xlint(1).
xlint is currently a fossil.  We have much more useful and alive tools
to do now what xlint did twenty years ago.

I did not cleared some stuff which makes lint operational, in
sys/x86/include and sys/sys, but I might do it as followup.  The
x86/include/ucontext.h and _types.h hacks made to please lint was the
main reason for my initial proposal to classify xlint as obsolete and
to remove it.

Also I do not intend to clear sccs ids.

Reviewed by:	bapt, brooks, emaste, jhb, pfg
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D13015
2017-11-16 14:37:18 +00:00
Alan Somers
d02819b5e6 devd.conf: add mps and mpr to the scsi controllers regex
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D12744
2017-11-14 16:32:40 +00:00
Brad Davis
f58e59923e Remove an unused variable.
Approved by:	bdrewery
2017-11-14 01:48:24 +00:00
Eugene Grosbein
cedc7c5870 Add suitable knob ifconfig_<interface>_descr for static interface description.
Document availability of interface descriptions within rc.conf(5).

Approved by:	avg (mentor), mav (mentor)
MFC after:	3 days
2017-11-08 16:53:11 +00:00
Edward Tomasz Napierala
35dd951c8c Make autofs(5) rc scripts run earlier, matching those for amd(8).
This helps when you have some daemons that need to access automounted shares.

PR:		221011
MFC after:	2 weeks
2017-11-04 15:52:16 +00:00
Edward Tomasz Napierala
533b437eae Add NIS automounter map, which supports rewriting of self-hosted locations
to make them nullfs.

PR:		221010
Submitted by:	G. Paul Ziemba
MFC after:	2 weeks
2017-11-04 14:38:00 +00:00
Conrad Meyer
648176e095 bluetooth: Default to discoverable off
Try to not expose bluetooth devices to external devices unless the user
explicitly configures it, like any other radio/network device.  Bluetooth
has a long history of security problems and it is probably best to keep it
disabled if not needed.

Users who do use the bluetooth device should enable "discoverable" in
bluetooth.device.conf(5) after this change.

Keep in mind that bluetooth addresses can be discovered by passive
monitoring or whole address-space scans[0], so a safety conscious user
should also disable "connectable" in bluetooth.device.conf(5).

[0]: https://www.sans.edu/cyber-research/security-laboratory/article/bluetooth

Reviewed by:	emax, hselasky
Security:	maybe
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12831
2017-11-01 18:58:54 +00:00
Andriy Voskoboinyk
99a1c8894a Regenerate etc/devd/usb.conf
Reminded by:		hselasky
2017-10-31 23:33:24 +00:00
Bryan Drewery
939d033cab Disconnect libpathconv tests since they require external perl and do not work with kyua.
This reverts r325192 and is due to libpathconv being connected in r325186.

Reported by:	ngie
Sponsored by:	Dell EMC Isilon
2017-10-31 19:52:30 +00:00
Bryan Drewery
ae160963d8 Fix installworld/distrib-dirs for pathconv after r325186.
Sponsored by:	Dell EMC Isilon
2017-10-31 01:43:36 +00:00
Eitan Adler
a2aef24aa3 Update several more URLs
- Primarily http -> https
- Primarily FreeBSD project URLs
2017-10-29 08:17:03 +00:00
Mark Johnston
64a16434d8 Add support for compressed kernel dumps.
When using a kernel built with the GZIO config option, dumpon -z can be
used to configure gzip compression using the in-kernel copy of zlib.
This is useful on systems with large amounts of RAM, which require a
correspondingly large dump device. Recovery of compressed dumps is also
faster since fewer bytes need to be copied from the dump device.

Because we have no way of knowing the final size of a compressed dump
until it is written, the kernel will always attempt to dump when
compression is configured, regardless of the dump device size. If the
dump is aborted because we run out of space, an error is reported on
the console.

savecore(8) is modified to handle compressed dumps and save them to
vmcore.<index>.gz, as it does when given the -z option.

A new rc.conf variable, dumpon_flags, is added. Its value is added to
the boot-time dumpon(8) invocation that occurs when a dump device is
configured in rc.conf.

Reviewed by:	cem (earlier version)
Discussed with:	def, rgrimes
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D11723
2017-10-25 00:51:00 +00:00
Brad Davis
bd6bc862e3 Remove a atrun check that is nullified by r318443.
Approved by:	will
2017-10-21 21:58:24 +00:00
Cy Schubert
dde7644292 Anticongestion refinements for ntpd rc script. This reverts r324681
and checks if ntp leapfile needs fetching before entering into the
anticongestion sleep.

Unfortunately some ports still use their own sleeps so, this commit
doesn't address the complete problem which is compounded by every
port that uses its own anticongestion mechanism.

Discussed with:		asomers
2017-10-19 03:17:50 +00:00
Cy Schubert
53ddaabc12 Style. Replace 8 spaces with a tab.
MFC after:	2 weeks (with prior commit to this file)
2017-10-17 01:15:55 +00:00
Cy Schubert
088e763042 Provide an option to run the anticongestion ntpd leapfile fetch in
the background.

Original patch submitted by feld@. I added the "optional" bit.

Submitted by:	feld (original patch)
MFC after:	2 weeks
2017-10-17 01:15:13 +00:00
Jilles Tjoelker
d78b853f0f rc.subr: Remove test that is always true.
The code above always sets _pidcmd to a non-empty value.
2017-10-15 11:28:41 +00:00
Kristof Provost
96842052d3 Regenerate usb.conf 2017-10-13 20:29:35 +00:00
Kristof Provost
1d6f5f214a pf: Basic automated test using VIMAGE
If VIMAGE is present we can start jails with their own pf instance. This
makes it fairly easy to run tests.
For example, this basic test verifies that drop/pass and icmp
classification works. It's a basic sanity test for pf, and hopefully an
example on how to write more pf tests.

The tests are skipped if VIMAGE is not enabled.

This work is inspired by the GSoC work of Panagiotes Mousikides.

Differential Revision:	https://reviews.freebsd.org/D12580
2017-10-06 20:43:14 +00:00
Jeremie Le Hen
e415aa2846 Remove rcmds.
If they are still needed, you can find them in the net/bsdrcmds port.

This was proposed June, 20th and approved by various committers [1].
They have been marked as deprecated on CURRENT in r320644 [2] on July, 4th.
Both stable/11 and release/11.1 contain the deprecation notice (thanks to
allanjude@).

Note that ruptime(1)/rwho(1)/rwhod(8) were initially thought to be part of
rcmds but this was a mistake and those are therefore NOT removed.

[1] https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html
[2] https://svnweb.freebsd.org/base?view=revision&revision=320644

Reviewed by:	bapt, brooks
Differential Revision:	https://reviews.freebsd.org/D12573
2017-10-06 08:43:14 +00:00
Andriy Gapon
31f976bc4a fix the misleading log facility used in devd/zfs.conf
In general, the "kern" facility is reserved for the kernel use only.
If a program specifies that facility, then it is silently converted
to "user" facility.
So, using logger -p kern.xxx was both misleading and non-specific.

Thus, change the facility to local7, so that users can create
more adequate syslogd configurations.

While local0..local7 are documented as being for local use we already
have several examples in the tree where they are used because none of
the named facilities really fits.

Approved by:	asomers
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D12420
2017-10-05 12:38:26 +00:00
Ian Lepore
e8b437ef9a Remove spurious $flags; it's a paste-o from copying the line from rc.subr.
Also, add a comment documenting the args passed to mount_md().
2017-09-29 22:21:42 +00:00
Ian Lepore
50e3590c44 Enhance mdmfs(8) to work with tmpfs(5).
Existing scripts and associated config such as rc.initdiskless, rc.d/var,
and others, use mdmfs to create memory filesystems. That program accepts a
size argument which allows SI suffixes and treats an unsuffixed number as a
count of 512 byte sectors. That makes it difficult to convert existing
scripts to use tmpfs instead of mdmfs, because tmpfs treats unsuffixed
numbers as a count of bytes. The script logic to deal with existing user
config that might include suffixed and unsuffixed numbers is... unpleasant.

Also, there is no g'tee that tmpfs will be available. It is sometimes
configured out of small-resource embedded systems to save memory and flash
storage space.

These changes enhance mdmfs(8) so that it accepts two new values for the
'md-device' arg: 'tmpfs' and 'auto'. With tmpfs, the program always uses
tmpfs(5) (and fails if it's not available). With 'auto' the program prefers
tmpfs, but falls back to using md(4) if tmpfs isn't available. It also
handles the -s <size> argument so that the mdconfig interpetation of
unsuffixed numbers applies when tmpfs is used as well, so that existing user
config keeps working after a switch to tmpfs.

A new rc setting, mfs_type, is added to etc/defaults/rc.conf to let users
force the use of tmpfs or md; the default value is "auto".

Differential Revision:	https://reviews.freebsd.org/D12301
2017-09-29 22:13:26 +00:00
Baptiste Daroussin
52eb4160a1 Do not actually install uneeded alias for man 2017-09-26 05:46:10 +00:00
Baptiste Daroussin
e6340c5d05 Remove unneeded locales and alias man directories
In base, locales (and encoding) specific directories are not used
by any tool. Just remove them.

While here also remove the cat page directory for openssl
2017-09-26 05:43:55 +00:00
Baptiste Daroussin
05572d356b Remove the cat pages directory now that catman(1) is gone 2017-09-25 21:23:49 +00:00
Hans Petter Selasky
05a3427964 Regenerate usb.conf .
MFC after:	1 week
2017-09-20 15:00:00 +00:00
Gordon Tetlow
4572fb3faf Deorbit catman. The tradeoff of disk for performance has long since tipped
in favor of just rendering the manpage instead of relying on pre-formatted
catpages. Note, this does not impede the ability to use existing catpages,
it just removes the utility to generate them.

Reviewed by:	imp, allanjude
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D12317
2017-09-13 16:35:16 +00:00
Alan Somers
014404db1a Add basic tests for chflags, mkdir, rcp, and rmdir
Add basic command line parsing test coverage for these utilities.  The tests
were automatically generated based on their man pages.  These tests can be
expanded by hand for more thorough coverage.  The aim is to generate very
basic amount of test coverage for all the utilities in the base system.

Submitted by:	shivansh
Reviewed by:	asomers, brooks
MFC after:	3 weeks
Sponsored by:	Google, Inc (GSoC 2017)
Differential Revision:	https://reviews.freebsd.org/D12036
2017-09-07 16:54:47 +00:00
Alan Somers
cc15f41351 Fix 100.chksetuid and 110.neggrpperm for mountpoints with spaces
Also, fix them for mountpoints with tabs.

PR:		48325
Reported by:	pguyot@kallisys.net, aaron@baugher.biz
MFC after:	3 weeks
2017-08-25 00:28:56 +00:00
Marius Strobl
ae47d9383f Bring back the much more readable unified format for differences in
/etc/{group,master.passwd}. This was originally turned on for all of
/etc/{aliases,group,master.passwd} in r55196, but then backed out
only for the latter two in r56697, as the adaption of the sed(1)ing
done in r56308 was incorrect. This left us with inconsistent diff(1)
formats in the daily output of periodic(8) ever since, despite in
r56697 having been promised to be revisited. So properly adapt the
password hash filtering to the unified format and turn the later on
again for /etc/{group,master.passwd}, too.
2017-08-20 20:38:15 +00:00
John Baldwin
0bfcfa8634 Unconditionally install rwhod support scripts.
r322277 moved rwho* and ruptime out of the MK_RCMDS conditional including
updating the obsolete files entries to not remove these scripts due to
WITHOUT_RCMDS=yes.  However, the initial installation was still conditional
on MK_RCMDS, so new installs did not include these scripts and upgrades via
mergemaster or etcupdate removed them.

PR:		220953
MFC after:	1 month
2017-08-15 22:16:15 +00:00
Jilles Tjoelker
2cc32af06f sh: Add tests for sh -c that already pass.
PR:		220587
Submitted by:	Ryan Moeller
2017-08-12 19:17:48 +00:00
Sepherosa Ziehau
c685956956 hyperv: Add VF bringup scripts and devd rules.
How network VF works with hn(4) on Hyper-V in non-transparent mode:

- Each network VF has a cooresponding hn(4).
- The network VF and the it's cooresponding hn(4) have the same hardware
  address.
- Once the network VF is up, e.g. ifconfig VF up:
  o  All of the transmission should go through the network VF.
  o  Most of the reception goes through the network VF.
  o  Small amount of reception may go through the cooresponding hn(4).
     This reception will happen, even if the the cooresponding hn(4) is
     down.  The cooresponding hn(4) will change the reception interface
     to the network VF, so that network layer and application layer will
     be tricked into thinking that these packets were received by the
     network VF.
  o  The cooresponding hn(4) pretends the physical link is down.
- Once the network VF is down or detached:
  o  All of the transmission should go through the cooresponding hn(4).
  o  All of the reception goes through the cooresponding hn(4).
  o  The cooresponding hn(4) fallbacks to the original physical link
     detection logic.

All these features are mainly used to help live migration, during which
the network VF will be detached, while the network communication to the
VM must not be cut off.  In order to reach this level of live migration
transparency, we use failover mode lagg(4) with the network VF and the
cooresponding hn(4) attached to it.

To ease user configuration for both network VF and non-network VF, the
lagg(4) will be created by the following rules, and the configuration
of the cooresponding hn(4) will be applied to the lagg(4) automatically.

Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D11635
2017-07-31 07:18:15 +00:00
Rick Macklem
a70ee81756 Modify /etc/rc.d/nfsd so it doesn't force a startup of nfsuserd for NFSv4.
Given that RFC7530 allows uid/gids to be placed in owner/owner_group
strings directly, many NFSv4 environments don't need the nfsuserd.
This small patch modified /etc/rc.d/nfsd so that it does not force
startup of the nfsuserd daemon unless nfs_server_managegids is enabled.
This implies that nfsuserd_enable="YES" must be added to /etc/rc.conf
for NFSv4 server environments that use Kerberos mounts or clients that
do not support the uid/gid in string capability.
Since this could be considered a POLA violation, it will not be MFC'd.

Discussed on:	freebsd-current
2017-07-28 21:07:57 +00:00