userland in a safer way. Using the NO_MAKEDEV argument in make
distribution prevents the creation of a number of unsafe device nodes
in the jailed /dev, including disk devices, and more. This depends
on an earlier commit to /etc/Makefile to provide the NO_MAKEDEV
support.
Approved by: jkh
directory is not considered a directory. I have a feeling all the other
stat(2) calls should instead be lstat(2) calls, but I have not suffiently
determined that the current behavior [especially in isfile()] isn't
depended upon by someone.
Ok'ed by: JKH
Applied modified patch, since ATA/ATAPI is the keyword nowadays.
PR: 16507
Submitted by: Dan Papasian <bugg@bugg.strangled.net>
No need for an OK since we can exercise our divine rights as docpersons
according to: jkh
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.
Additionally there were complications with the build/install-world
process. It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.
There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).
It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.
Approved: jkh
makefiles (for use with picobsd among other things).
See the manpage for details, but:
* -h makefile-include-name
can be used to specify a file to include in the makefiles
generated by crunchgen . This is a good place to specify make
variables such as RELEASE_CRUNCH, NOTHIS, NOTHAT and the like.
* special progname objvar variable_name
in the crunch config file declares a different variable than
OBJS to be used to get the list of objects.
* crunchgen now looks first for Makefile.<progname> in the current
directory to override the makefile in <progname> source dir.
This in many cases avoids the need to patch the original makefile
if the above two features are still not enough.
Approved-By: jordan
Now when tcp_wrapper is enabled by inetd -wW,
several accesses which should be permitted are refused only for IPv6,
if hostname is used to decide the host to be allowed.
IPv6 users will be just upset.
About security related concern.
-All extensions are wrapped by #ifdef INET6, so people can completely
disable the extension by recompile libwrap without INET6 option.
-Access via IPv6 is not enabled by default.
People need to enable IPv6 access by changing /etc/inetd.conf at first,
by adding tcp6 and/or tcp46 entries.
-The base of patches are from KAME package and are actually daily used
for more than a year in several Japanese IPv6 environments.
-Patches are reviewed by markm.
Approved by: jkh
Submitted by: Hajimu UMEMOTO <ume@mahoroba.org>
Reviewed by: markm
Obtained from: KAME project
Incorrect Address Family check is done for RPC services, and
fail to initialize it.
The error check is replaced to new one, which checks if IPv4
bind is enabled or not. (It is disabled when IPv6 numeric
addr is specified for -a bind address option.)
An review reqeust is once sent to des, but he quit MAINTAINER.
Approved by: jkh
Also update wicontrol to enable/disable encryption, set WEP keys and set the
TX key index. Silver cards only have 40-bit keys. This is something of a quick
hack, but it works well enough for me to commit this from the LinuxWorld
exhibit floor.
The WEP support only shows up if you have a card that supports it.
Would have been approved by: jkh, if he hadn't wandered off somewhere
Approved in his place by: msmith, who's standing right here
This is fix to usr.sbin/trpt and tcp_debug.[ch]
I think of putting this after 4.0 but,,,
-There was bug that when INET6 is defined,
IPv4 socket is not traced by trpt.
-I received request from a person who distribute a program
which use tcp_debug interface and print performance statistics,
that
-leave comptibility with old program as much as possible
-use same interface with other OSes
So, I talked with itojun, and synced API with netbsd IPv6 extension.
makeworld check, kernel build check(includes GENERIC) is done.
But if there happen to any problem, please let me know and
I soon backout this change.
I don't claim to own the code and certainly don't want to discourage
people from fixing or updating it.
[I know it's the 29th, but the FREEZE hasn't yet been posted to committers]
the committer (shin). While I don't have permission for this change
from the inetd maintainer (des), I assume that shin has permission
and I'm just fixing his contribution up for him.
Okay, I couldn't resist, I made some extra changes:
* Replace ".Tn FreeBSD" with .Fx
* Make the illegal TCPMUX and IPSEC sections legal subsections
of the IMPLEMENTATION NOTES section.
Requested by: shin
kernel IPv6 multicast routing support.
pim6 dense mode daemon
pim6 sparse mode daemon
netstat support of IPv6 multicast routing statistics
Merging to the current and testing with other existing multicast routers
is done by Tatsuya Jinmei <jinmei@kame.net>, who writes and maintainances
the base code in KAME distribution.
Make world check and kernel build check was also successful.
string to u_long and back using two functions, flags_to_string and
string_to_flags, which co-existed with 'ls'. As time has progressed
more and more other tools have used these private functions to
manipulate the file flags.
Recently I moved these functions from /usr/src/bin/ls to libutil,
but after some discussion with bde it's been decided that they
really ought to go in libc.
There are two already existing libc functions for manipulating file
modes: setmode and getmode. In keeping with these flags_to_string
has been renamed getflags and string_to_flags to setflags.
The manual page could probably be improved upon ;)
was having its last element zero'd. It turns out not to be a security
hole or to have any real effect on the code because 'from' was previously
pointing to a buffer of the same size as 'fromb', and the last
element in fromb is already 0 anyway due to the use of sizeof(fromb)-1
in the strncpy() call. But I'm not pressing my luck so only the type-o
is being fixed.
member variable to find the configuration on new driver allocation.
Correct condition is that card_config and driver are not in use. Both
of them are cleared in card_removed() (conf->driver->card never be
cleared).
This fix problems `No free configuration for card' on insertion, and
pccardd core dump on removal in condition of the same driver but
different card.
Also this might be emergency measures, complete solution would be made
after Hosokawa-san come back.
Consulted with: imp
Waiting for: hosokawa
This mouse may be a OEM version of Genius EasyScroll Mouse.
(The mouse has three buttons on top, one side button and a wheel which
also acts as a button. However, I know no way to activate the wheel,
and it can only be used as an ordinary 3-buttons mouse :-)
