Commit Graph

18173 Commits

Author SHA1 Message Date
yuripv
c9168b768b bsdinstall: fix ESP detection for auto ZFS layout
Pass the list of user selected disks from zfsboot to bootconfig so that
the latter doesn't rely on ESP autodetection that apparently fails for
some cases, e.g. memstick installation with nvme (boot) and sata drives.

While here, fix printing of debug messages in bootconfig.

Reviewed by:	bcran, imp, tsoome
Differential Revision:	https://reviews.freebsd.org/D21930
2019-10-09 05:28:10 +00:00
brooks
8c3dda89d6 Fix various -Wpointer-compare warnings
This warning (comparing a pointer against a zero character literal
rather than NULL) has existed since GCC 7.1.0, and was recently added to
Clang trunk.

Almost all of these are harmless, except for fwcontrol's str2node, which
needs to both guard against dereferencing a NULL pointer (though in
practice it appears none of the callers will ever pass one in), as well
as ensure it doesn't parse the empty string as node 0 due to strtol's
awkward interface.

Submitted by:	James Clarke <jtrc27@jrtc27.com>
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D21914
2019-10-08 21:14:09 +00:00
gjb
f4077c0034 Rework the logic for installing the pkg(8) configuration.
'quarterly' package sets do not exist for head, so explicitly
install the 'latest' configuration file there.  Otherwise,
fall back to the original conditional evaluation to determine
if the 'latest' or 'quarterly' configuration file should be
installed.

Reported by:	manu
Reviewed by:	manu
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-10-08 18:58:23 +00:00
kevans
d30a617ac3 certctl(8): let one blacklist based on hashed filenames
It seems reasonable to allow, for instance:

$ certctl list
# reviews output -- ah, yeah, I don't trust that one
$ certctl blacklist ce5e74ef.0
$ certctl rehash

We can unambiguously determine what cert "ce5e74ef.0" refers to, and we've
described it to them in `certctl list` output -- I see little sense in
forcing another level of filesystem inspection to determien what cert file
this physically corresponds to.
2019-10-03 20:45:52 +00:00
kevans
384e6b741c certctl(8): realpath the file before creating the symlink
Otherwise we end up creating broken relative symlinks in
/etc/ssl/blacklisted.
2019-10-03 20:05:46 +00:00
avg
e96b4170d0 add ability to set watchdog timeout for a shutdown
This change allows to specify a watchdog(9) timeout for a system
shutdown.  The timeout is activated when the watchdogd daemon is
stopped.  The idea is to a prevent any indefinite hang during late
stages of the shutdown.  The feature is implemented in rc.d/watchdogd,
it builds upon watchdogd -x option.

Note that the shutdown timeout is not actiavted when the watchdogd
service is individually stopped by an operator.  It is also not
activated for the 'shutdown' to the single-user mode.  In those cases it
is assumed that the operator knows what they are doing and they have
means to recover the system should it hang.

Significant subchanges and implementation details:
- the argument to rc.shutdown, completely unused before, is assigned to
  rc_shutdown variable that can be inspected by rc scripts
- init(8) passes "single" or "reboot" as the argument, this is not
  changed
- the argument is not mandatory and if it is not set then rc_shutdown is
  set to "unspecified"
- however, the default jail management scripts and jail configuration
  examples have been updated to pass "jail" to rc.shutdown, just in case
- the new timeout can be set via watchdogd_shutdown_timeout rc option
- for consistency, the regular timeout can now be set via
  watchdogd_timeout rc option
- watchdogd_shutdown_timeout and watchdogd_timeout override timeout
  specifications in watchdogd_flags
- existing configurations, where the new rc options are not set, should
  keep working as before

I am not particularly wed to any of the implementation specifics.
I am open to changing or removing any of them as long as the provided
functionality is the same (or very close) to the proposed one.
For example, I think it can be implemented without using watchdogd -x,
by means of watchdog(1) alone.  In that case there would be a small
window between stopping watchdogd and running watchdog, but I think that
that is acceptable.

Reviewed by:	bcr (man page changes)
MFC after:	5 weeks
Relnotes:	yes
Differential Revision: https://reviews.freebsd.org/D21221
2019-10-03 11:23:10 +00:00
ian
68f1c44ed4 Bump .Dd for earlier update (should have been part of r353024). 2019-10-02 23:19:34 +00:00
ian
2795f67def Clarify how the -f option for daemon(8) interacts with other options
related to redirecting stdout and stderr.
2019-10-02 23:06:17 +00:00
gjb
f58537e188 Add a comment explaining why the opensolaris_load line in loader.conf
is explicitly added.

Requested by:	rgrimes
MFC after:	3 days
MFC with:	r353004
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-10-02 16:09:28 +00:00
gjb
a69d6f3a9f Explicitly add opensolaris_load="YES" to loader.conf through the
installer when installing the system on a ZFS root filesystem.

For arm64, zfs_load="YES" does not add opensolaris.ko as a kld
dependency, so add it explicitly to prevent boot-time failures
out-of-box.

PR:		240478
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-10-02 13:30:17 +00:00
kevans
5f2c8c20f1 Unbreak etcupdate(8) and mergemaster(8) after r352950
r352950 introduced improper case fall-through for shell scripts. Fix it with
a pipe.

Reported by:	lwhsu, David Wolfskill
2019-10-02 12:46:28 +00:00
hselasky
67d3a869dd Use size_t for byte_to_write variable when comparing to eeprom_info_out_len
which is also size_t in mlx5tool(8).

Submitted by:	slavash@
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2019-10-02 10:58:27 +00:00
hselasky
b00ae50aae Add the ability to query the EEPROM information in mlx5tool(8).
Submitted by:	slavash@
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2019-10-02 10:19:17 +00:00
kevans
d88d1b46fb [3/3] etcupdate and mergemaster support for certctl
This commit add support for certctl in mergemaster and etcupdate. Both will
either rehash or prompt for rehash as new certificates are
trusted/blacklisted.

This work was done primarily by allanjude@, with minor contributions by
myself.

No objection from:	secteam
Differential Revision:	https://reviews.freebsd.org/D17389
2019-10-02 01:06:37 +00:00
kevans
345af4051a [2/3] Add certctl(8)
This is a simple utility to hash all trusted on the system into
/etc/ssl/certs. It also allows the user to blacklist certificates they do
not trust.

This work was done primarily by allanjude@, with minor contributions by
myself.

No objection from:	secteam
Differential Revision:	https://reviews.freebsd.org/D16857
2019-10-02 01:05:53 +00:00
kevans
5c28c9d734 Move httpd to simple_httpd...
This avoids PATH conflicts with a real httpd, as a user will likely almost
always prefer the more fully-featured httpd. This also lines up with the
historical name of the program.
2019-10-01 18:14:37 +00:00
kevans
12fc0c966a Move simple_httpd out of picobsd, add HTTPD option (default OFF)
picobsd/tinyware has had this compact HTTPD server for a long time, and some
people do use it. Move it out into usr.sbin well in advance of any action
being taken on picobsd.

This has been gated behind an HTTPD option defaulted to *off*, primarily for
two reasons:
1.) This code likely needs a good audit, as it's been living off in picobsd
    land for a long time, and
2.) We don't currently ship an httpd and this may not be a welcome surprise.

Reviewed by:	eugen
Differential Revision:	https://reviews.freebsd.org/D21724
2019-10-01 14:55:16 +00:00
vmaffione
fc21e0e751 bhyve: support for enabling/disabling the net backend
Extend the net backend interface with two functions, namely netbe_rx_disable()
and netbe_rx_enable(), which can be used by the net device emulators to stop
the backend from invoking the receive callback. This is useful for device
emulators, i.e., on hardware resets or to implement receive backpressure.
The mevent module has been extendede to support the addition of a disabled
event. To prevent race conditions, the net backends will start with receive
operation disabled. A follow-up patch will use the new functionalities in
the virtio-net device.

Reviewed by:	jhb, markj
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D20973
2019-09-28 12:02:43 +00:00
yuripv
ca66ecae7d efibootmgr(8): fix markup and style issues
- split synopsis into separate options that can't be used together
- sort options
- fix (style) issues reported by mandoc lint

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D21710
2019-09-25 21:23:30 +00:00
kevans
bbbbd9c361 cron: add log suppression and mail suppression for successful runs
This commit adds two new extensions to crontab, ported from OpenBSD:
- -n: suppress mail on succesful run
- -q: suppress logging of command execution

The -q option appears decades old, but -n is relatively new. The
original proposal by Job Snijder can be found here [1], and gives very
convincing reasons for inclusion in base.

This patch is a nearly identical port of OpenBSD cron for -q and -n
features. It is written to follow existing conventions and style of the
existing codebase.

Example usage:

# should only send email, but won't show up in log
* * * * * -q date

# should not send email
* * * * * -n date

# should not send email or log
* * * * * -n -q date

# should send email because of ping failure
* * * * * -n -q ping -c 1 5.5.5.5

[1]: https://marc.info/?l=openbsd-tech&m=152874866117948&w=2

PR:		237538
Submitted by:	Naveen Nathan <freebsd_t.lastninja.net>
Reviewed by:	bcr (manpages)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D20046
2019-09-25 02:37:40 +00:00
grembo
ae9baa9499 freebsd-update: Add updatesready' and showconfig' commands
`freebsd-update updatesready' can be used to check if there are any pending
fetched updates that can be installed.

`freebsd-update showconfig' writes freebsd-update's configuration to
stdout.

This also changes the exit code of `freebsd-update install' to 2 in case
there are no updates pending to be installed and there wasn't a fetch phase
in the same invocation. This allows scripts to tell apart these error
conditions without breaking existing jail managers.

See freebsd-update(8) for details.

PR:		240757, 240177, 229346
Reviewed by:	manpages (bcr), sectam (emaste), yuripv
Differential Revision:	https://reviews.freebsd.org/D21473
2019-09-24 20:49:33 +00:00
hrs
a9fe137d5f - Revert WARNS to 2 because of mismatch between (xdrproc_t) and xdr_void().
- Add prototype of from_addr().
2019-09-21 13:34:06 +00:00
hrs
fa5751c90d Fix warnings and set WARNS=6. 2019-09-21 12:33:41 +00:00
hrs
d0d110c402 Fix build errors of test.c, which had been broken for a long time.
This is a temporary fix and should be converted to a complete
test scenarios by using this tool.
2019-09-21 01:29:59 +00:00
grembo
9d50cda586 Fix src component detection
Reviewed by:	emaste
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D21579
2019-09-19 21:13:51 +00:00
gjb
7f83844617 Apply r346792 (cperciva) from stable/12 to head. The original commit
message:

 On non-x86 systems, use "quarterly" packages.

 x86 architectures have "latest" package builds on stable/*, so keep using
 those (they'll get switched over to "quarterly" during releases).

The original commit was a direct commit to stable/12, as at the time it
was presumed it would not be necessary for head.  However, when it is time
to create a releng branch or switch from PRERELEASE/STABLE to BETA/RC, the
pkg(7) Makefile needs further adjusting.  This commit includes those
further adjustments, evaluating the BRANCH variable from release/Makefile
to determine the pkg(7) repository to use.

MFC after:	immediate (if possible)
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-09-19 16:43:12 +00:00
cy
d4cd8747e6 Reduce calls to close(2) at startup through the use of closefrom(2).
Submitted by:	pawel.biernacki@gmail.com
Reviewed by:	mjg, cy
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D21715
2019-09-19 14:45:04 +00:00
emaste
8615bf7b75 freebsd-update: make usage output consistent
Drop trailing . which appeared only on description of IDS.

Submitted by:	grembo
Event:		EuroBSDCon Norway FreeBSD DevSummit
2019-09-19 11:46:43 +00:00
emaste
ce1a569b1d freebsd-update.8: appease igor
igor follows American style guides in the belief that abbreviations i.e.
and e.g. are always followed by a comma.  Make that change now so that
future updates to freebsd-update.8 do not complain about this.

Submitted by:	grembo
Event:		EuroBSDCon Norway FreeBSD DevSummit
2019-09-19 11:34:35 +00:00
swills
a6f038708b Use correct filename in newsyslog.conf
Approved by:		bapt (implicit)
Differential Revision:	https://reviews.freebsd.org/D21561
2019-09-17 20:05:06 +00:00
swills
f3228a13d3 log daemon.info to /var/log/daemon.log by default
log daemon facility now that daemon(8) has syslog support which defaults to
daemon facility, info priority

Reviewed by:		bapt
Approved by:		bapt
Differential Revision:	https://reviews.freebsd.org/D21561
2019-09-17 20:03:20 +00:00
cy
745e6c3513 No longer mlock() ntpd pages by default in memory thus allowing its
pages to page as necessary.

To restore historic BSD behaviour add the following to ntp.conf:
	rlimit memlock 32

Discussed on:	freebsd-current@ between Sept 6-9, 2019
Reported by:	Users using ASLR with stack gap != 0
Reviewed by:	ian, kib, rgrimes (all previous versions)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D21581
2019-09-13 20:20:05 +00:00
mizhka
fd4e870210 [jail] removal by jid doesn't trigger pre/post stop scripts
This commit fixes bug: command "jail -r" didn't trigger pre/post stop
commands (and others) defined in config file if jid is specified insted of
name. Also it adds basic tests for usr.sbin/jail to avoid regression.

Reviewed by:	jamie, kevans, ray
MFC after:      5 days
Differential Revision: https://reviews.freebsd.org/D21328
2019-09-12 18:53:29 +00:00
bdrewery
d1a8b3b114 mtree: Fix -f -f not considering type changes.
This only lists the changed type and not other attributes so that it
matches the behavior of -C as done in r66747 for fmtree. The NetBSD
-ff implementation was copied from fmtree.

Reviewed by:	imp
MFC after:	2 weeks
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D21623
2019-09-12 18:44:48 +00:00
bapt
30f6b9e3f3 Get the readline header from the installed header instead of the from the source
location.

With newer import of libedit, the path to be able to access readline/readline.h
will also include header which name will conflict with some expected by ntp in
another path and end up breaking the build.
2019-09-12 15:46:58 +00:00
bapt
7305bcf913 Remove useless extra definition of libedit flags
Note that all the line editor part is done in the libntp
2019-09-12 15:44:53 +00:00
cem
47701ffd1e buf: Add B_INVALONERR flag to discard data
Setting the B_INVALONERR flag before a synchronous write causes the buf
cache to forcibly invalidate contents if the write fails (BIO_ERROR).

This is intended to be used to allow layers above the buffer cache to make
more informed decisions about when discarding dirty buffers without
successful write is acceptable.

As a proof of concept, use in msdosfs to handle failures to mark the on-disk
'dirty' bit during rw mount or ro->rw update.

Extending this to other filesystems is left as future work.

PR:		210316
Reviewed by:	kib (with objections)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D21539
2019-09-11 21:24:14 +00:00
bapt
7d8ffee226 Stop linking to libl by specifying we do not need yywrap
MFC after: 3 days
2019-09-10 07:28:27 +00:00
bapt
f4ac417e9b Stop linking to libl by specifying we do not need yywrap
MFC after: 3 days
2019-09-10 07:26:38 +00:00
bapt
78ee626c3b Stop linking to libl by specifying we do not need yywrap
MFC after: 3 days
2019-09-10 07:25:37 +00:00
bapt
3106141984 Stop linking to libl by specifying we do not need yywrap
MFC after:	3 days
2019-09-10 07:23:01 +00:00
bapt
ca7a23bd07 by specifyng we do not use yywrap we can avoid linking to libl and liby
MFC after:	3 days
2019-09-10 07:20:32 +00:00
bapt
cb4ab4200a config: do not link against libl, it is not needed
MFC after:	3 days
2019-09-10 07:14:39 +00:00
manu
5fc62085dd pkgbase: Put a lot of binaries and lib in FreeBSD-runtime
All of them are needed to be able to boot to single user and be able
to repair a existing FreeBSD installation so put them directly into
FreeBSD-runtime.

Reviewed by:    bapt, gjb
Differential Revision:  https://reviews.freebsd.org/D21503
2019-09-05 14:13:08 +00:00
avg
ceb1b924ec mpsutil slot set status
This code has been written as a proof of concept, but I think that it
can be useful in general.  It allows to set the status of an enclosure
slot.  Practically, this means controlling whatever slot status LEDs the
enclosure provides.  At present, the new command does not have sanity
checks or any conveniences.  That means that it is possible to issue the
command for an invalid slot and an enclosure.  But the worst I have seen
happening is either the command failing or simply being ignored.  Also,
at the moment, the status has to be specified as a numeric bit mask.
The bit definitions can be found in sys/dev/mps/mpi/mpi2_init.h, they
are prefixed with MPI2_SEP_REQ_SLOTSTATUS_.  The only way to address a
slot is by the enclosure handle and the slot number.  Both are readily
available from mpsutil show commands.

So, future enhancements could include alternative ways to address a slot
(e.g., by a disk handle or a disk device name) and human friendly names
for slot statuses.

The new command is useful alternative to 'sas2ircu locate' command.
First, sas2ircu is a proprietary blob.  Second, it supports setting only
locate / identify status bit.

Tested on HP H220 running LSI IT firmware 20.x.

Reviewed by:	bapt
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D20535
2019-09-04 13:47:38 +00:00
kmoore
75ee28eb81 - Retire pc-sysinstall(8)
https://reviews.freebsd.org/D21094

Submitted by: kmoore@FreeBSD.org
Approved by: imp@FreeBSD.org
2019-09-03 19:42:04 +00:00
emaste
f7d0c0bfca makefs: share msdosfsmount.h between kernel msdosfs and makefs
Sponsored by:	The FreeBSD Foundation
2019-09-01 16:55:33 +00:00
imp
d660b252d4 Replace -Werror with ${WERROR} in pmcstudy 2019-08-25 22:06:26 +00:00
0mp
872a36f63e mixer(8): Report an error if the passed value is an empty string
This patch fixes a bug that made the mixer command enter
an infinite loop when instructed to set the value of a device
to an empty string (e.g., `mixer vol ""`).

Additionally, some tests for mixer(8) are being added.

PR:		240039
Reviewed by:	hselasky, mav
Approved by:	src (hselasky, mav)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21409
2019-08-25 17:55:31 +00:00
mav
0aebbe33ee Report Clock Power Management support and status.
Since we already report ASPM, why not to go further.

MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2019-08-23 15:17:04 +00:00