Commit Graph

79 Commits

Author SHA1 Message Date
Ed Schouten
878f530ff8 Remove the now unneeded pt_chown utility.
Before we had a posix_openpt() that allocated PTY's with proper
permissions in place, we used this set-uid utility to change the
ownership of PTY slave devices to the real user ID of the process. This
utility was used to implement grantpt().

In my first designs of the MPSAFE TTY layer, I replaced this by adding
an ioctl() called TIOCGRANTPT, which was used to change the ownership.
I left the pt_chown utility, because older C libraries needed it to work
properly.

After some discussions back in June I changed the PTY code to set
permissions properly upon creation. Fortunately the previous grantpt()
implementation changed permissions by hand when pt_chown is not
installed, which always succeeds. This means grantpt() still works
properly, even though the set-uid utility is missing.

I've done tests with FreeBSD 5.2.1, FreeBSD 6.3 and FreeBSD 7.0 jails.
All of them still work if I remove pt_chown.

Reviewed by:	philip (ex-mentor)
2008-08-24 10:01:22 +00:00
Yaroslav Tykhiy
b2c4f888fd Add a hackish knob to skip rtld, NO_RTLD. In conjunction with
src/Makefile.inc1 rev. 1.590, it can allow installing a world
cross-built for a different arch over the live system.  The procedure
is more or less as follows:

	cp -R /rescue /rescue.old
	make installkernel TARGET_ARCH=foo
	make -DNO_RTLD installworld TARGET_ARCH=foo
	     ^^^^^^^^^
	PATH=/rescue.old
	chflags noschg /libexec/ld-elf.so.1
	cp /usr/obj/foo/usr/src/libexec/rtld/ld-elf.so.1 /libexec
	chflags schg /libexec/ld-elf.so.1
	<ditto for ld-elf32.so.1 if installing for amd64>
	reboot
2007-10-31 11:19:32 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Jacques Vidrine
a8e0b2e8ab Remove rexecd(8), a server that implements a particularly insecure
method of executing commands remotely.  There are no rexec clients in
the FreeBSD tree, and the client function rexec(3) is present only in
libcompat.  It has been documented as "obsolete" since 4.3BSD, and its
use has been discouraged in the man page for over 10 years.
2005-06-10 20:52:36 +00:00
David E. O'Brien
e2c421f7f2 Enable lukemftpd for 6.0-RELEASE. 2005-05-16 17:12:23 +00:00
Ruslan Ermilov
24fe1eafe4 Install rlogind(8). Pointy hat is available on request. 2005-03-03 15:59:32 +00:00
Tom Rhodes
c71158d453 Wrap BSD r* commands in NO_RCMDS.
Change NO_RCMDNS to NO_RCMDS and do the switch in bsd.compat.mk.

Discussed with: ru, nectar
2005-03-02 11:53:22 +00:00
Ruslan Ermilov
73f9c36206 The only user of this utility (share/man/man0) was removed 2+ years ago. 2005-02-09 19:50:45 +00:00
Ruslan Ermilov
ab7a294721 NODOCCOMPRESS -> NO_DOCCOMPRESS
NOINFO -> NO_INFO
NOINFOCOMPRESS -> NO_INFOCOMPRESS
NOLINT -> NO_LINT
NOPIC -> NO_PIC
NOPROFILE -> NO_PROFILE
2004-12-21 09:33:47 +00:00
Bjoern A. Zeeb
6c58990d47 Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set.
If turned on  no NIS support and related programs will be built.

Lost parts rediscovered by:	Danny Braniss <danny at cs.huji.ac.il>
PR:		bin/68303
No objections:	des, gshapiro, nectar
Reviewed by:	ru
Approved by:	rwatson (mentor)
MFC after:	2 weeks
2004-11-13 20:40:32 +00:00
Dag-Erling Smørgrav
cd3ee173f9 Switch from BIND 8 to BIND 9.
Submitted by:	(in part) dougb@, trhodes@
Reviewed by:	dougb@, trhodes@, re@
MFC after:	5 days
2004-09-21 19:01:48 +00:00
David E. O'Brien
d8a921c775 Commit a crude hack so we get sparc64 snapshots working again with a
stable ld.so.  We need to revisit the rtld-elf/sparc64/rtld_start.S
rev. 1.5 and rtld-elf/sparc64/rtld_machdep.h rev. 1.5, which was
suppose to allow stock Binutils 2.13 (and later) to be used.
2004-06-17 16:08:20 +00:00
David E. O'Brien
9896c5f11a Fall out from Binutils 2.15: don't bulid the ld.so on Sparc64. 2004-06-17 03:04:24 +00:00
Max Laier
8d69c48be5 Link pf to the build and install:
This adds the former ports registered groups: proxy and authpf as well as
the proxy user. Make sure to run mergemaster -p in oder to complete make
installworld without errors.

This also provides the passive OS fingerprints from OpenBSD (pf.os) and an
example pf.conf.

For those who want to go without pf; it provides a NO_PF knob to make.conf.

__FreeBSD_version will be bumped soon to reflect this and to be able to
change ports accordingly.

Approved by:	bms(mentor)
2004-03-08 22:03:29 +00:00
Ruslan Ermilov
d10a8d6cb4 - Build things in pure dictionary order (see sort(1)).
- Unify the conditional assignments section so that architectural
  exclusions come first, then options and !options, sorted by the
  option name, also in directory order, then architecture specific
  sections, sorted by the architecture name, with i386 being a
  traditional exception.

Prodded by:	bde
2004-01-16 15:23:19 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Peter Wemm
b82eca913d Do not exclude amd64 from rtld-elf builds.
Approved by:  re  (safe amd64 support commits)
2003-05-24 17:38:45 +00:00
Dag-Erling Smørgrav
7691f66abf Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
Mark Murray
1cec3c808d Allow a NOPIC "make world" to complete.
OK'ed by:	re(scottl)
2003-05-11 18:48:29 +00:00
Peter Wemm
b2d14fd9bb Exclude rtld-elf for amd64. More porting is still needed.
Approved by:  re (scottl)
2003-05-08 06:37:12 +00:00
Mark Murray
dbf104e68d Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
Ruslan Ermilov
a52672e938 Build non-crypto telnet(1) and telnetd(8) if NO_OPENSSL is defined.
Submitted by:	Marius Strobl <marius@alchemy.franken.de>
2003-05-01 19:38:15 +00:00
Ruslan Ermilov
2266b8c0d4 Don't clobber Kerberos5 telnet(1) and telnetd(8) with non-crypto versions. 2003-04-30 07:24:35 +00:00
Warner Losh
706d0ee075 Add back # accidentally deleted in 1.54 2003-04-27 06:16:52 +00:00
Warner Losh
b4e225bef1 This is no longer needed after tw is gone.
Approved by: re@ (scottl)
2003-04-27 05:43:42 +00:00
Juli Mallett
d3951ad162 Implement POSIX grantpt(3) functionality, and add a pt_chown utility (akin
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.

Submitted by:	Ryan Younce <ryany@pobox.com>
Reviewed by:	security-officer@, standards@, mike@
2003-01-02 20:44:41 +00:00
David E. O'Brien
a6f8d995f3 [DAIVD O'BRIEN's OPINION]
Head off what I think is an abuse of the TRB, and disable lukemftpd.
2002-11-12 17:31:12 +00:00
Mike Barcroft
0b15d9a1b6 Hook rpc.rstatd back up to the build now that it compiles. 2002-10-02 18:37:11 +00:00
John Baldwin
c58ff411bc Unhook rpc.rstatd from the build until it actually compiles. 2002-10-02 16:14:16 +00:00
Peter Wemm
66422f5b7a Initiate deorbit burn for the i386-only a.out related support. Moves are
under way to move the remnants of the a.out toolchain to ports.  As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL.  It has already lasted WAY beyond
that.

Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.

Tested on: i386 (extensively), alpha
2002-09-17 01:49:00 +00:00
David Malone
23b25ee7e4 Add tcpd to the build - though we don't need to for inetd, someone might
want it for some other service-running program.

Approved by:	markm
MFC after:	1 week
2002-08-13 14:03:40 +00:00
David E. O'Brien
5c4ff40599 Add lukemftpd to the mix. 2002-02-27 18:37:21 +00:00
Kris Kennaway
2e1c178949 Migrate uucpd to ports as well.
Noticed by:	ru
2001-10-01 07:53:13 +00:00
Ruslan Ermilov
0dc44b5add Do not build (and install) both secure/ and standard versions
of libtelnet, telnetd, and telnet.  This only worked because
secure/ was listed late in SUBDIR in Makefile.inc1.

Reviewed by:	markm
2001-03-26 12:49:05 +00:00
Doug Barton
27a803d631 Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
2001-01-11 13:01:20 +00:00
Dan Moschuk
e4322bc6d3 Wrap uucpd behind the NOUUCP knob.
Noticed by: Doug Barton
2000-03-24 18:21:09 +00:00
Peter Wemm
64baa0b4e3 Reactivate named-xfer 1999-11-30 06:23:04 +00:00
Peter Wemm
fe6d3fe571 Move named and associated tools into a seperate makefile section and
disable them pending an import and cleanup of bind 8.2.2.p5.
1999-11-30 02:18:13 +00:00
Brian Somers
fe63703662 Enable pppoed 1999-11-21 23:39:51 +00:00
Mark Murray
b8351749c9 Allow for a telnet in secure/ (SRA telnet). 1999-10-07 20:04:17 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Dima Ruban
d3f476b1f0 Enable named-xfer and rbootd for alpha. 1998-11-10 06:50:35 +00:00
John Birrell
c2c37821c4 Chaneg MACHINE to MACHINE_ARCH to support MACHINE=pc98.
Remove a couple of unsupported machines.
1998-09-05 08:33:10 +00:00
John Birrell
2a356d7348 Enable rtld-elf for build on alpha too. We now have support for shared
libraries on alpha!
1998-09-04 22:55:17 +00:00
John Birrell
8deb7ff0b0 BINFORMAT -> OBJFORMAT ready for E-day. 1998-08-30 01:57:55 +00:00
Peter Wemm
4add781b40 Build mail.local and smrsh (when building sendmail) 1998-08-04 15:32:43 +00:00
Peter Wemm
fc882c32be Fix stupid typo, I had only tested this in elf mode. 1998-06-12 19:45:14 +00:00
Peter Wemm
6c81492cb8 Only build rtld-aout if we're in an a.out build environment. 1998-06-12 16:09:33 +00:00
John Birrell
f24f28e28c named-xfer can't be linked static due to the duplicated symbols in
libc and libbind.

rpc.rstatd required libkvm.

Only try to build these on i386 for the time being.
1998-06-06 07:09:01 +00:00