ISSUES:
An example and better explansion on how to specify a user's login
class in /etc/master passwd is needed.
(As I don't seem to be specifiying it right, I can't do it).
can return UNIX errnos. When UNIX errnos catch up with FTP status
codes (e.g. at 100) a new way will have to be found to tell which
is which.
This allows fetch to print errors like
fetch: ftp.fu-berlin.de: No route to host
instead of
fetch: ftp.fu-berlin.de: Unknown error
nuked file descriptor. This is probably why sysinstall's ftp xfer
occasionally SEGV'd if you left things alone for a long time and
the timeout code got called. Whoops!
$ vipw
[corrupt a line in editor, exit editor]
pwd_mkdb: corrupted entry
pwd_mkdb: at line #2
pwd_mkdb:
/etc/pw.012585: Inappropriate file type or format
re-edit the password file? [y]: n^D^D
[hang]
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
an unimplemented syscall returned ENOSYS, rather than EINVAL. I have run
statically linked code with this wrapper and it does appear to work fine
on 2.2-stable which doesn't have poll(). ktrace shows the poll syscall fail
once and the fallback to select() working.
if necessary. This removes the need to malloc large fd_set's for selecting
on high fd's (larger than FD_SETSIZE at libc compile time).
The syscall adaptive stuff only happens on the very first call. SIGSYS
is masked, and if the call to poll fails with ENOSYS, then we use select
for the life of the program. If poll does not fail with ENOSYS, then we
always use poll and skip the once-off signal masking gunk.
This may be overkill, but it saved my neck a few times while working on
multiple different sets of kernel sources, some with poll, some without.
things like libskey.so to be dynamically self contained.
Things like md5(1) where speed is critical should still link with libmd.a,
but for things like login, where it's a once-off call if skey is used, it's
not worth the hassle.
#defines that are compatable with ours). I made some some minor tweaks
to the leading '_' tests.
Again, this is off by default for the moment. This probably should be
split into seperate files (like some of our other libc files that could
do with some splitting).
Obtained from: OpenBSD (plus some minor tweaks)
tree. Also merge in fix to NetBSD PR #1495. These represent 1.3-1.9 in
the OpenBSD tree. Make minor KNF changes to new code (which is in the
OpenBSD as 1.10). This avoids the symlink race problems.
These patches should go into 2.2.5 before the ship if they don't
break anything in -current.
Reviewed by: Bruce Evans
Obtained from: OpenBSD
undefined symbol referenced from libc. Without the stub, it is
impossible to execute any program using the shared library if
LD_BIND_NOW=1 is in the environment. The stub always returns
failure, but it can be overridden outside the library when necessary.
I don't know whether this is the "correct" fix, but it is intolerable
to have any undefined symbols referenced from libc.
and return to previous Peter's variant.
POSIX says that this place is implementation defined and old variant allows
application block SIGALRM and sleep and not be killed by external SIGALRMs.
BTW, GNU sleep f.e. sleeps forever in blocked SIGALRM :-)
acceptable range for tv_sec to the magic number 100000000 (which at
least ought to be declared in a header file, and explained in the
non-existing man page, as well as in the existing man pages for
nanosleep(2) & Co.).
PR: bin/4259
modify the original `no modifications' copyright message, and i've
included his mail into the source file.
The common localization functions between strptime(3) and strftime(3)
have been broken out into timelocal.[ch].
Use 'beforedepend' instead of '.depend' to hang automatically-generated
headers off.
XXX the latter is bogus without a 'beforeall' target and explicit ordering
of dependancy generation for targets.
lifetime of the call, just like the old implementation did. Previously,
we were only eating them if the application did not call sleep()/usleep()
with SIGALRM masked.
Submitted by: ache
and forgot what I was trying to do originally and accidently zapped
a feature. :-] The problem is that we are converting a counted buffer in
a malloc pool into a null terminated C-style string. I was calling realloc
originally to shrink the buffer to the desired size. If realloc failed, we
still returned the valid buffer - the only thing wrong was it was a tad
too large. The previous commit disabled this.
This commit now handles the three cases..
1: the buffer is exactly right for the null byte to terminate the
string (we don't call realloc).
2: it's got h.left = 0, so we must expand it to make room. If realloc
fails here, it's fatal.
3: if there's too much room, we realloc to shrink it - a failed realloc
is not fatal, we use the original buffer which is still valid.
Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Various cleanup from Keith Bostic
Reinstate calloc() as a separate funtion, in its own source/object file.
leave the manpage integrated with malloc.3 and friends. Too many things
were broken in this respect.
PR: 4002
Reviewed by: phk
Submitted by: Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Submitted by: Keith Bostic <bostic@bostic.com>
Only call malloc() if the fd is too big for the compiled in fd_set size,
and don't use calloc either. This should reduce the impact of conflicts
with private malloc implementations etc. When using the fd_set on the
stack, only zero what is needed rather than all 1024 bits like FD_ZERO did.
Various portability and stylistic cleanups.
Kill MALLOC_STATS & the 'D' option.
Fix the 'V' option.
Major overhaul of the man-page.
You milage should not vary.
Reviewed by: Keith Bostic <bostic@bostic.com>
Submitted by: Keith Bostic <bostic@bostic.com>
The logic in get_myaddress() is broken: it always returns the loopback
address due to the following rule:
if ((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET &&
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
The idea is that we want to select the interface address only if it's
up and it's in the AF_INET family. If it turns uout we don't have
such an interface available, we make a second pass through the loop,
this time settling for the loopback interface. But the logic inadvertently
locks out all cases when loopback == 0, so nothing is ever selected until
the second pass (when loopback == 1).
This is changed to:
if (((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET) ||
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
which I think does the right thing.
This is yet another bogon I discovered during NIS+ testing; I need
get_myaddress() to work correctly so that the callback code in the
client library will work.
srandomdev(), but can be used inside libraries. random() can't be used
inside libraries because it breaks its possible predictable sequence.
arc4random() is true random as designed, so its usage is library-safe.
Obtained from: OpenBSD
implement (better) falback code inside srandomdev() itself.
Change return type from int to void (binary compatibility surprisely
achieved). Userland code will be changed soon.
The addition of the nanosleep syscall was correctly added to
libc/sys/Makefile so that it is renamed as _thread_sys_nanosleep().
This syscall is one of those that libc_r has to re-implement because
the only behaviour is to block the process. So libc_r just ignores the
fact that a nanosleep syscall exists and goes its own way - as it has
done all along .... and now it does again. And now a simple program
can sleep again. Phew.
Malloc cannot use pthread_mutex_init() to initialize a mutex because
the mutex initialization process does a malloc!
libc_r internals skip the malloc and assign an initializer to a static
structure and point the opaque type (pthread_mutex_t in this case) to
that structure. This is done on the assumption that the mutex will never
be destroyed. This style of initialization is only valid inside libc_r
because the structure that is assigned is opaque to the user.
This fix allows a simple program to get to main() again. 8-)
semantics of the old sleep for compatability with a few decades of expected
side effects. Apache breaks if we just use nanosleep() for some reason,
here we use a new signanosleep() syscall which is kinda like a hybrid of
sigsuspend and nanosleep..
Reviewed by: ache (and tested on his apache that was failing when
sleep used plain nanosleep)
These changes add the ability to specify that a UFS file/directory
cannot be unlinked. This is basically a scaled back version
of the IMMUTABLE flag. The reason is to allow an administrator
to create a directory hierarchy that a group of users
can arbitrarily add/delete files from, but that the hierarchy
itself is safe from removal by them.
If the NOUNLINK definition is set to 0
then this results in no change to what happens normally.
(and results in identical binary (in the kernel)).
It can be proven that if this bit is never set by the admin,
no new behaviour is introduced..
Several "good idea" comments from reviewers plus one grumble
about creeping featurism.
This code is in production in 2.2 based systems
-DUSE_NANOSLEEP. Also, seperate the code for _THREAD_SAFE so that it uses
the simpler threaded nanosleep() call in libc_r.. We don't go to the same
extremes for emulating traditional sleep semantics (ie: eating any SIGALRM
that might happen) which things like apache seem to depend on.
- bde's change to includes section in getrpcent.3
- Lost comment in svc_run.c (the code here was actually the same since
I had fixed the 'fds + 1' bug in my stuff at home before mailing
Peter about it, but I didn't notce that he'd made a change to the
comment right above the changed line).
Also pointed out by the ever vigilant: bde
This concludes tonight's entertainment. Once I'm sure I haven't destroyed
the world with all these changes, I'll import the utilities. Everything
should continue to work as before. If it doesn't let me know.
Special thanks to Mark Murray for running a test 'make world' for me to
shake out the bugs, which, hopefully, I have fixed.
(And there was much rejoicing.)
Note: you'll need to rinstalkl all your includes before compiling libc
the next time you update your sources in order for all this to work.
Reviewed by: Mark Murray
ppp (or will be shortly). Natd can now be updated to use
this library rather than carrying its own version of the code.
Submitted by: Charles Mott <cmott@srv.net>
visible type names in prototypes in user space headers. libutil.h
generates warnings with -Wall over the use of "const char *ttyname".
It's lucky it wasn't a #define conflict.
Is a single '_' prefix acceptable? or does it need to be two?
value, it appears as though the semantics of usleep are that it doesn't
return early. (only in the nanosleep code - the setitimer code does this
already)
(nanosleep) breaks Apache httpd badly: his childs died quickly after
number of requests (SIGPIPE). To reproduce this bug start
gdb /usr/local/sbin/httpd
run -X
and make some bunch of concurent requests (load the server pages
from 3 different places f.e.)
After short time httpd dies via SIGPIPE. It never dies with old sleep.c
In real life it looks like lots of broken images on the pages or missing
pages. Lynx says about Network read error, etc.
It seems something wrong in nanosleep signal handling.
back as designed in *BSD
Also it not violates current standards but
1) No other Unixes have this feature
2) It broke Kerberos5 (isprint) and God knows what else
(not all vendors will agree to treat FreeBSD as special case for support
since (1))
2) Give false localization sense (programs mimic to be 8859-1
localized) which prevents true localization.
bumped only 0.1 or 1.0 between releases. (See handbook.)
Note that if you have built world in -current in the last 48 hours or
so, you should manually remove /usr/lib/libutil.so.2.3 before
rebuilding world to cleanse your system.
o Incorporated BSDI code and enhancements, better logging for error
checking (which has been shown to be a problem, and is therefore
justified, imho); also some minor things we were missing, including
better quad_t math, which checks for under/overflows.
o setusercontext() now allows user resource limit overrides, but
does this AFTER dropping root privs, to restrict the user to
droping hard limits and set soft limits within the kernel's
allowed user limits.
o umask() only set once, and only if requested.
o add _secure_path(), and use in login.conf to guard against
symlinks etc. and non-root owned or non-user owned files being
used. Derived from BSDI contributed code.
o revamped authentication code to BSDI's latest api, which
includes deleting authenticate() and adding auth_check()
and a few other functions. This is still marked as depecated
in BSDI, but is included for completeness. No other source
in the tree uses this anyway, so it is now bracketed with
#ifdef LOGIN_CAP_AUTH which is by default not defined. Only
auth_checknologin() and auth_cat() are actually used in
module login_auth.c.
o AUTH_NONE definition removed (collided with other includes
in the tree). [bde]
o BSDI's login_getclass() now accepts a char *classname
parameter rather than struct passwd *pwd. We now do likewise,
but added login_getpwclass() for (sort of) backwards
compatiblity, namely because we handle root as a special
case for the default class. This will require quite a few
changes elsewhere in the source tree.
o We no longer pretend to support rlim_t as a long type.
o Revised code formatting to be more bsd-ish style.
