successful and failed su attempts will be recorded using the AUE_su
event type (login or lo class) if auditing is present in the system.
Currently, the records will have a header, subject, text (with the
actual diagnostics), a return and trailer token.
See audit_submit(3) for more information.
Reviewed by: rwatson
Obtained from: TrustedBSD Project
extensions. This seems to be unnecessary and prevents less(1) from being
able to detect file changes, so remove the part.
Submitted by: Eric Huss <e-huss netmeridian com>
PR: bin/102624
Discussed with: des
MFC After: 3 days
Add "-C <column>" and "-d <delims>" options to chop up input lines.
Make '#' a comment character, rest of line is ignored.
Submitted by: Dmitry Morozovsky <marck@rinet.ru>
can use this small and nifty utility. Create compatibility
symlinks from /usr/bin for the time being to avoid breaking
custom scripts relying on the hardcoded path to the utility.
If pkill(1) takes root, its source should be repocopied some
day to src/bin.
Idea by: des
Discussed with: brooks (in cvs-src and cvs-all)
Also make both lowercase and uppercase suffix letters work
as byte-count suffixes, i.e. the following two commands are
equivalent now:
% split -b 4m foo
% split -b 4M foo
Submitted by: Roman Divacky [1]
Lots of help by: cperciva
Reviewed by: cperciva
MFC after: 1 week
Sort getopt option handling of -p too, while here.
The changes are adapted from a patch by Ruslan Ermilov, posted as
followup to docs/33852.
PR: docs/33852
Submitted by: Gary W. Swearingen <swear@blarg.net>
MFC after: 1 week
characters correctly. These characters are displayed "combined"
with a space character.
PR: misc/100215
Submitted by: "J.R. Oldroyd" <<fbsd AT opal.com>>
Reviewed by: "J.R. Oldroyd" <<fbsd AT opal.com>> (revised patch)
MFC after: 3 days
including to printf(). Using uintmax_t is also robust to further
extensions in both the C language and the bitwidth of kernel counters.
Tested on: i386 amd64 ia64
Move INET6 out of the RELEASE_CRUNCH conditional block
because it saves as little as 2% of the binary size and
IPv6 is rather popular today. (Some other binaries, e.g.,
telnetd, include INET6 for RELEASE_CRUNCH already.)
of incorrect and machine-dependent integer math. Now we can encrypt a file
on an i386 and decrypt it on an amd64, and vice versa.
Submitted by: Andrew Heybey < ath at niksun dot com >
machine.c. The traditional condition was (pctcpu > 0 || SRUN), but the
negation of the condition logic (from select to skip) made this come
out as (pctcpu > 0 && SRUN), leading to a very erratic display, except
for purely CPU bound processes.
This has been discussed in the mail lists some time ago and I have used
top with this patch on my systems for more than a year without problems
(just forgot to commit it earlier, since my systems were all fixed ...).
style "every Monday":
mon * Do Foo.
Previously, at the end of the month, this could cause a printout of
the following nature when invoked with -A 7:
36 May* Do Foo
MFC after: 2 weeks
used once on a non-empty pattern space and then again on an empty
pattern space, the second usage restores the pattern space length to
the length that it had when the first "P" was used.
PR: bin/96052
Submitted by: Andrey Zholos <aaz@althenia.net>
MFC after: 7 days
specified size to be read in the more familiar units of kilobytes,
megabytes, gigabytes, terabytes and petabytes.
PR: bin/50988
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk>
MFC after: 7 days
32229 telnet CALL mmap(0,0x8000,0x3,0x1002,0xffffffff,0,0,0)
32229 telnet CALL open(0x2807bc28,0,0x1b6)
32229 telnet CALL socket(0x2,0x2,0)
to
32229 telnet CALL mmap(0,0x8000,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,0xffffffff,0,0,0)
32229 telnet CALL open(0x2807bc28,O_RDONLY,<unused>0x1b6)
32229 telnet CALL socket(PF_INET,SOCK_DGRAM,0)
David wanted to implement the suggestions which came up at the review from
arch@ too, but real life rejected this proposal. So I commit what we already
got and let another volunteer pick the remaining work from the ideas list.
Submitted by: "David Kirchner" <dpk@dpk.net>
Suggested by: FreeBSD ideas list page
Reviewed by: arch
RPC_MAXDATASIZE was introduced. This is believed to have been debugging
code committed accidentally, although I've been unable to reach the
committer to confirm this. The effect was to limit the size of RPCs on
TCP and UDP to 9k, well below the default protocol limits in the libc
rpc code. This change simply removes these introduced limits, falling
back on the libc definitions.
PR: 88856
Reported by: Keith Bostic <bostic at sleepycat dot com>
Testing by: Susan LoVerso <sue at loverso dot southborough dot ma dot us>
Reveiwed by: cel, rees
Review timeout: alfred, mbr
MFC after: 2 weeks
rename, __getcwd, shutdown, getrlimit, setrlimit, _umtx_lock, _umtx_unlock,
pathconf, truncate, ftruncate, kill
- Decode more arguments of open, mprot, *stat, and fcntl.
- Convert all constant-macro and bitfield decoding to lookup tables; much
cleaner than previous code.
- Print the timestamp of process exit and signal reception when -d or -D are in
use
- Try six times with 1/2 second delay to debug the child
PR: bin/52190 (updated)
Submitted by: Dan Nelson <dnelson@allantgroup.com>
Approved by: alfred
not on the top-level -and sequence, e.g. inside of ! or -or.
Create a separate linked list of all active -exec {} + primaries and
do the last execution for all at termination.
PR: bin/79263
Submitted by: Jilles Tjoelker <jilles@stack.nl>
MFC after: 7 days
and displays entries from the administrative database specified by
database, using the lookup order specified in nsswitch.conf(5).
PR: bin/79903, bin/88460, bin/96536
Submitted by: Julien Gabel, Dan Nelson, Daniel J. O'Connor
Obtained from: NetBSD
Discussed with: ume, soc-bushman
MFC after: 1 month
so that it can be more easily unbroken and extended.
Try to use `static', `const' (as appropriate), prototypes declared together,
and parameter names in prototypes for all private functions, not just the
new one.
vmstat.c:
Move totfr to be under daefr and prcfr since it logically belongs there.
Move all the count fields (wire, act, inact, cache and free) to near
the bottom of the sub-display (after all the rate fields) to reduce
competition with adjoining sub-displays.
systat.1:
Move things as above.
Attempt to improve missing and poor wording in the description of the
fields. The long sentence was hard to parse and didn't say anything
about the different units.
Increment .Dd.
part that handled the 17th and 18th rows of the vmstat-proper subdisplay
was deleted in rev.1.10 when these rows stopped being used and was not
restored when the 17th row was used again. For such terminals, we now
lose the `buf' field instead of making a mess with it. Terminals with
fewer than 24 rows have never been supported.
The problem is not avoided by using curses since we use the last line
for data entry and don't use a separate subwindow for this line.
Some other things in the vmstat display could be handled better using
subwindows.
output too.
Fine tune all coordinates and most field widths in the vmstat (sub)display
for this and previous changes now that we have to change almost all of them
just to move the ex-extended fields:
- change VMSTATROW back to 7. It was 6 due to a hack in the extended vm
stats changes.
- reduce the maximum field width that we try for from 9 to 8. 4 or 5 is
enough for most fields but we try to use the same width for all fields.
8 is enough to display everything without changing units memory sizes
exceed 100GB.
Fix some unrelated coordinates and field widths in comments.
vm stats to the normal vm stats. Sort them into the normal stats
according to the man page only in the source code so that diffs are
almost readable. Reduce style bugs in printing the value of %ozfod.
new vnstat display to the right of the namei display.
Move the non-vmstat fields {des,num,fre}vn from the vmstat display to a
new vnstat display. Move the dtbuf field there too. The buf and dtbuf
fields are non-vmstat and non-vnstat, so there is no good place to
display them. I need to move at least 1 of them out of the vm stats
for further cleanups of the vm stats, and there is only space for 1
of them in the vn stats. (The best place for the current buf field
is actually /dev/null, since it has been completely broken for about
10 years and broken for longer. It gives an uninteresting virtual
memory count where an interesting real memory count is wanted.)
to handle changes to the set of disks selected, but it is unnecessary
for that since the whole screen is redrawn when this set is changed.
It was also buggy:
- MAXDRIVES*6 = 42 was hard-coded as only 30 spaces in a string literal,
the last 2 disk names were not cleared as intended
- when the extended vmstats are active, clearing of even 30 columns
overruns the ozfod value field by 3 columns. This was harmless because
the field is much wider than necessary.
value printed is actually the optimized (i.e., the non-slow, not-on-the-fly
zero fills percentage) except in overflow cases. Describe it as %ozfod
in the display. Move the field descriptor 1 to the left so that there
is space for 5 characters after the % sign (this leaves no space between
the number and the descriptor but the % character serves well as a
separator).
Fixed integer overflow at z.ozfod = UINT_MAX/100 in the calculation of
%ozfod. This value can be reached just a few hours or minutes after
booting, so %ozfod was usually garbage in boot mode. Now %ozfod is
correct in boot mode for a few days or hours.
Print a non-dummy %ozfod when the division for it isn't division by 0
instead of when the result will be less than 100%. A result of 100%
may be correct, though a result of more than 100% indicates overflow
of one or both counters.
not very usefully, in all other displays). This was the original point
of the PR.
Move the load average up by 2 so that it starts in row 0 for all windows
(2 lines above it were wasted for all other windows except vmstat).
Move everything below it up by 2 or 3 (3 for icmp and icmp6 which had
an extra blank line due from not compensating for the foot-shooting in
note (3); only ip and ip6 compensated). Reduce the magic numbers related
to this.
Notes by the submitter:
%%%
1. All the subwin() calls are identical using #define MAINWIN_ROW 3
(systat.h).
2. The load average is at the top of the window.
3. Each display starts on the fourth line. I made changes to those
displays that shifted the start line (i.e., icmp). This entailed a
lot of changes within the comments at the top of those displays.
4. For ip6, I shifted the "Input next-header histogram" column down one
row to separate it from "IPv6 Output". I raised "bad scope packets"
and "address selection failed" up one row to stay with "IPv6 Input"
(valid?). They were down one row to probably line up at the bottom,
but I think they should stick with their fellow items in a column.
5. I condensed ifstat a bit. It had a lot of empty rows.
%%%
Submitted by: Se=E1n Farley <sean-freebsd at farley dot org>
PR: bin/81874
only affect amd64 and i386. alpha uses "intr N" instead of "irqN" and
mostly has no device names. ia64 uses only device names.
- Edit interrupt names once after they are read from the kernel and not
every time they are displayed.
- Discard bogus trailing spaces so that the next step doesn't move things
to oblivion.
- If an interrupt name starts with "irqN:" (as it usually does in on
amd64 and i386), then move "irqN" to the end and strip ":", since we
have no space for the ":" and don't want to start descriptions with
"N" after stripping "irq" in the next step (since "N" would look like
a count). This step may need reworking for interrupt names containing
several device names -- then moving the irq number to the end would
lose it instead of losing some device names.
- Remove "irq" from an interrupt name if and only if the original name is
too long to display.
accidentally.
Read buffer overruns:
The size of the target array (TSOTTA == 10) is a wrong limit to use for
scanning the source string.
Write buffer overruns:
TSOTTA is also a wrong limit to use for copying to the target buffer,
since we want to add a NUL terminator afterwards. TSOTTA was also 1
too small for holding both the desired number of visible characters
and the NUL.
Worked accidentally:
There is error in the algorithm that tends to result in the space saved
by stripping "irq" not actually being used, but some cases worked
accidentally provided "irqN" is near the end of the source string and
"N" is only 1 digit.
Starting with 5.mumble-CURRENT, "irqN" is at the beginning of the
string on all (?) arches that have it and the accidents don't happen.
E.g. on i386's, the keyboard irq is now named
"irq1: atkbd0<bogus blank padding>" by the kernel, and this name was
converted to "1: atkb" -- not only the device number but part of the
device name has been lost --, while before 5.mumble the kernel name
was "atkbd0 irq1" and systat accidentally preserved the irq number to
give "atkbd0 1". The ":" in the string wastes precious space, and
stripping "irq" results in descriptions starting with numbers which
makes them look too much like counts. This commit just fixes the last
problem.
clobbered at runtime:
dirtybuf -> dtbuf
desiredvnodes -> desvn
numvnodes -> numvn
freevnodes -> frevn
The vmstats column has only 5 characters available for descriptors, but up
to 13 were used. The extras get clobbered at runtime by interrupt values
and/or descriptors on systems with more than 12 interrupt sources.
%slo-z -> %sloz
This one is in the "extended" vmstats area and doesn't get clobbered now.
Removed stale documentation of desvn.
Changed a descriptor:
tfree -> totfr
so that it is consistent with the abbreviations for other free counts
(daefr and prcfr) and thus almost decodeable.
Fixed missing documentation of tfree/totfr. This and everything else
in the extended vmstats area is misdocumented as being in a certain
place in the vmstats column.
This speeds up my testing a bit. Because truncate(1) doesn't allocate
blocks on file system before they are used, it is very useful to
emulate huge file systems:
# truncate -s 16T fs.img
# mdconfig -a -f fs.img
# newfs /dev/mdX
(-t swap can be used as well)
Note to self: if a comment says a list must be lexically sorted, sort
the list lexically.
Submitted by: Pawel Worach
Approved by: jhb
MFC after: 2 weeks
dereference it.
This will happen if we ^D at the Login: prompt without having provided a
valid login before.
Set pwd to NULL on bad login attempts to prevent audit_logout() from being
called for a user which didn't actually log on.
Reported by: Jerome Magnin jethro at docisland dot org
using sscanf and truncating the start/end entries by writing them with a
32 bit int descriptor (%x). The upper bytes of the 64 bit vm_offset_t
variables (for little endian machines) were uninitialized. For big endian
machines, things would have been worse because it was storing the 32 bit
value in the upper half of the 64 bit variable. I've changed it to use
%lx and long types. That should work on all our platforms.
forthcoming. This commit also has a number of style(9) fixes and
minor corrections so the code works better with the build system being
used for non-FreeBSD builds.
Many thanks to: Jaakko Heinonen, who proposed a mechanism for extended
attribute support and implemented both the machine-independent portion
and the Linux-specific portion.
- <netipx> headers [1]
- IPX library (libipx)
- IPX support in ifconfig(8)
- IPXrouted(8)
- new MK_NCP option
New MK_NCP build option controls:
- <netncp> and <fs/nwfs> headers
- NCP library (libncp)
- ncplist(1) and ncplogin(1)
- mount_nwfs(8)
- ncp and nwfs kernel modules
User knobs: WITHOUT_IPX, WITHOUT_IPX_SUPPORT, WITHOUT_NCP.
[1] <netsmb/netbios.h> unconditionally uses <netipx> headers
so they are still installed. This needs to be dealt with.