lookup on the incoming IP, do a forward lookup on
the result and make sure that the IP is in the
resulting list. If it's not, put the IP number
in utmp/wtmp instead of the rogue name.
Stolen from: rlogind
Suggested by: sef
avoid crashing inside rtld (since it's easy) since everything else handles
it. Of course, if the target program checks argv[], it'll fall over.
Reviewed by: jdp
damn useful thing for using with serial consoles in clusters etc or secure
console locations. Using a custom gettytab entry for console with
an entry like 'al=root' means that there is *always* a root login ready on
the console. This should replace hacks like those which go with conserver
etc. (This is a loaded gun, watch out for those feet!)
Submitted by: "Andrew J. Korty" <ajk@purdue.edu>
There's not much point in having uucpd behave differently than
login(1) for this, and now uucpd is compatible to the default chat
script of Taylor UUCP which sends a single \r at first.
While i was at it, added a few strategic ``errno = 0;''s, so at least
an `Undefined error 0' will be returned for things like a closed
connection while reading the login ID or password, as opposed to an
even more bogus thing like `No such file or directory'.
on rshd and rlogind. However, note that:
1: rshd used to drop a connection with -a if the hostname != ip address.
This is unneeded, because iruserok() does it's own checking.
It was also wrong if .rhosts had an explicit IP address in it,
connections would be dropped from that host solely because the DNS was
mismatched even though it was explicitly intended to work by IP address.
2: rlogind and rshd check the hostname mappings by default now because that
is what goes into the utmp/wtmp and logs. If the hostname != ip address,
then it uses the IP address for logging/utmp/wtmp purposes. There isn't
much point logging ficticious hostnames.
3: rshd -a is now accepted (but ignored) for compatability. If you really
want to make life miserable for people with bad reverse DNS, use tcpd in
paranoid mode (which is questionable anyway, given DNS ttl tweaking).
Removed getuid() root check so ntalkd can be run from a tty sandbox.
It isn't suid root anyway, who knows why the getuid() check was even
in there in the first place!
rtld would accept the first shared library it found with the right
major version number, even if the minor version number was too low.
If a different version of the shared library with an adequate minor
version number appeared later in the search path, it would not be
found.
Now the rtld searches all locations first looking for a library
with a minor version that is high enough. Only if such a library
is not found will it fall back to accepting a minor version number
that is too low. As before, a warning comes out in that case.
This solves some problems encountered when building an older world
on a -current system.
References from GDB to "printf" and various other functions would
find the versions in the dynamic linker itself, rather than the
versions in the program's libc. This fix moves the GDB link map
entry for the dynamic linker to the end of the search list, where
its symbols will be found only if they are not found anywhere else.
It was suggested by Doug Rabson, though I implemented it a little
differently.
I personally would prefer to leave the dynamic linker's entry out
of the GDB search list altogether. But Doug argues that it is
handy there for such things as setting breakpoints on dlopen().
So it stays for now, at least.
Note, if we ever integrate the dynamic linker with libc (which has
several important benefits to recommend it), this whole problem
goes away.
dynamic linker itself dynamically allocated. All of them are
supposed to be dynamically allocated, but we cheated before. It
made gdb unhappy under some circumstances.
least 2 version numbers. This fixes the bug where the dynamic
linker would try to load an ELF shared library if it found one.
Note, this change also fixes the same thing in "ld", because the
code is shared.
For "ld" there is still a problem with ".a" libraries, which cannot
be distinguished by name. I haven't decided what, if anything, to
do about that.
a different file than the a.out hints, namely, "/var/run/ld-elf.so.hints".
These hints consist only of the directory search path. There is
no hash table as in the a.out hints, because ELF doesn't have to
search for the file with the highest minor version number. (It
doesn't have minor version numbers at all.)
A single run of ldconfig updates either the a.out hints or the ELF
hints, but not both. The set of hints to process is selected in
the usual way, via /etc/objformat, or ${OBJFORMAT}, or the "-aout"
or "-elf" command line option. The rationale is that you probably
want to search different directories for ELF than for a.out.
"ldconfig -r" is faked up to produce output like we are used to,
except that for ELF there are no minor version numbers. This should
enable "ldconfig -r" to be used for checking LIB_DEPENDS in ports
even for ELF.
I implemented the ELF functionality in a new source file, with an
eye toward eliminating the a.out code entirely at some point in
the future.
shared object. Note, this searches _only_ that object, and not its
needed objects, in accordance with the documentation.
Also fix dlopen(NULL, ...) so that the executable's needed objects
are searched as well as the executable itself.
it to sit right...
The __error() hack gave out the wrong address. It returned the address of
errno in ld.so instead of the address of errno in the main program. Oops.
The hack is now correct, just in time to be obsoleted by elf.
or Elf64 based on the inclusion of the machine dependent header.
I've left the addition of the extra fields to handle the relocation
structures with addend for a separate commit after jdp has had a chance
to review what I've done. The current change is needed to compile
csu/alpha/crt1.c
alternative, I present .. ta! da! .. the __error() hack.
This patch to the a.out dynamic loader provides old a.out binaries
with __error() if they are linked with an older libc that lacks it,
but are also linked against a library that needs it.
There is a smaller, tricker hack that takes advantage of the fact
that ld.so has __error() too, courtesy of the new libc, but this
hack is the straightforward version.
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
output for local users. FTP protocol RFC also says that 'ls' output is
not machine-readable. "always UTC" still possible with TZ= in ftpd
environment by price of having UTC in log files too.
Fix INTERNAL_LS to sense new /etc/localtime after chroot
any case.
It makes no difference for anon account (since chroot already makes it GMT),
but if you do mirror with special non-anon login, in old variant
your mirror will be wholy retransmitted twice in the year due to
time zone changes (/etc/localtime plays bad role here)