example of their usage in the sample config. Merge the two examples
for the green internal auth service.
This commit failed the first time around because Brian beat me to the
punch on inetd.8 . I like my descriptions better and I'm pretty sure
Brian won't mind.
used! I don't declare every variable at the top of a function because
that wastes stack space. I've clarified the error a bit (for if asprintf()
filas.)
Allocate free I/O window with given size to card.
(example)
# IBM PCMCIA Ethernet I/II
card "IBM Corp." "Ethernet"
config 0x1 "ed0" ?
iosize 32
ether 0xff0
(it's currently only useful for externalizing hacks for broken CIS cards,
but it will play an important role with "function" directive I'm planninng
to merge)
Reviewed by: freebsd-mobile list
Obtained from: PAO3's "cardio" directive
1. Cleanups of ident_stream. "Evil" stdio is less used.
2. The BSD Copyright was added to the top of builtins.c.
3. As suggested, a timeout is now implemented in the ident
service. It defaults to 10 seconds. If enough people want
it, I'll make it configurable.
Suggested by: msmith
ifconfig, essentially stealing the lease until the user goes and changes
it. The alternative, sadly, is total dysfunction since bpf isn't in
GENERIC and network connectivity would otherwise fail completely on first
bootup when DHCP configuration was attempted again.
The ultimate answer here is to make either bpf a loadable kernel module
(which security conscious admins will be able to simply remove from /modules)
or come up with a lighter weight mechanism just for dhcp and other apps that
need to see broadcast packets but not otherwise sniff the wire in full
bpf glory.
Restore default SIGHUP, SIGCHLD and SIGALRM handlers in forked inetd
processes. This happens to work around the fact that hosts_access()
doesn't (but should) set SIG_IGN as the handler for SIGCHLD while it
handles the spawn option, but it would make sense even if that were
not true.
This does not address the leaking descriptors issue discussed on the
same PR.
PR: 12731
Reviewed by: des
Submitted by: David Malone <dwmalone@maths.tcd.ie>
in some code from C. Stone to parse the lease information. This is still
a WIP and this commit is largely intended to allow others to sync up; the
dhclient code still only works when doing dhcp configuration post-install
and requires a bit more work on the boot floppy before it will truly
work in the minimal bootstrapping role.
incarnated, it just matches other deficiencies related to crunchgen
and friends... and we already have similar code in ppp/Makefile.
RELEASE_CRUNCH should be axed, but for now let's be consistent.
Submitted by: Patrick Powell <papowell@astart.com>
track.
The Id line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
userland code. Using apmd.conf, the apmd(8) configuration file, you
can select the APM events to be handled from userland and specify the
commands for a given event, allowing APM behaviour to be configured
flexibly.
Have Fun!
Submitted by: iwasaki, KOIE Hidetaka <hide@koie.org>
Reviewed by: -hackers, -mobile and bsd-nomads ML folks.
Contributed by: Warner Losh <imp@FreeBSD.org>,
Hiroshi Yamashita <bluemoon@msj.biglobe.ne.jp>,
Yoshihiko SARUMARU <mistral@imasy.or.jp>,
Norihiro Kumagai <kuma@nk.rim.or.jp>,
NAKAGAWA Yoshihisa <nakagawa@jp.FreeBSD.org>, and
Nick Hilliard <nick@foobar.org>.
service. Inetd already uses the process title to indicate that a request
for an internal service is being serviced, so this addition is fairly
orthogonal.
Submitted by: David Malone <dwmalone@maths.tcd.ie>
gigabit ethernet adapters. This includes two single port cards
(single mode and multimode fiber) and two dual port cards (also single
mode and multimode fiber). SysKonnect is currently the only
vendor with a dual port gigabit ethernet NIC.
The ports on dual port adapters are treated as separate network
interfaces. Thus, if you have an SK-9844 dual port SX card, you
should have both sk0 and sk1 interfaces attached. Dual port cards
are implemented using two XMAC II chips connected to a single
SysKonnect GEnesis controller. Hence, dual port cards are really
one PCI device, as opposed to two separate PCI devices connected
through a PCI to PCI bridge. Note that SysKonnect's drivers use
the two ports for failover purposes rather that as two separate
interfaces, plus they don't support jumbo frames. This applies to
their Linux driver too. :)
Support is provided for hardware multicast filtering, BPF and
jumbo frames. The SysKonnect cards support TCP checksum offload
however this feature is not currently enabled (hopefully it will
be once we get checksum offload support).
There are still a few things that need to be implemeted, like
the ability to communicate with the on-board LM80 voltage/temperature
monitor, but I wanted to get the driver under CVS control and into
-current so people could bang on it.
A big thanks for SysKonnect for making all their programming info
for these cards (and for their FDDI and token ring cards) available
without NDA (see www.syskonnect.com).
Grammar and Spelling Reviewed by: mpp
While mpp kindly checked grammar and spelling, any technical errors
remaining in the man pages are entirely of mine.
internal services in inetd.conf .
The inetd(8) manpage used to say that the official name of a service
_must_ be used, yet inetd itself was hardcoded to used a service alias for
the auth service, namely ident!
Rather than change inetd.conf and break existing configurations on next
upgrade, we now allow service aliases as well as official names. This
allows the software to work as expected and still support existing
configurations.
This should not breaking existing wrapped configurations either and the
inetd(8) manpage already states that it is the service name specified in
inetd.conf that is used for calls to hosts_access(3).
PR: 11796
Reported by: Alex Charalabidis <alex@wnm.net>
Approved by: des
twice to enable wrapping for internal wrapping as well. If the option is
not specified wrapping is turned off so that inetd will behave exactly
as it used to before TCP Wrappers was imported.
Change etc/defaults/rc.conf so as to encourage wrapping on new systems.
Clarify the use of TCP Wrappers in the IMPLEMENTATION NOTES of the
manual page.
Approved by: jkh
secure permissions in case the user attempts to save something to
a file of his own.
Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.
PR: misc/11797
expect-send-expect sequence, finish gracefully, don't core dump.
This bug has been there for over a year - I could never reproduce it !
Straw provided by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
o getopt returns -1 rather than EOF on errors
o getopt returns '?' for characters it doesn't know about, so
don't include them in the getopt options string.
1) Handle forking and non-forking internal services correctly.
Turn on wrapping for internal services because it works now.
2) Preserve server names for each service on HUP.
3) Honour hosts_options(5) severity option.
4) Add IMPLEMENTATION NOTES section to clarify TCP Wrappers
usage and limitations.
This change may cause previously allowed builtin services (e.g. daytime)
to be denied in existing configurations.
PR: 12097
Reviewed by: markm
1)
Reported by: Pierre Beyssac <pb@fasterix.freenix.org>
2)
Submitted by: Masachika ISHIZUKA <ishizuka@ish.org>
3)
Submitted by: David Malone <dwmalone@maths.tcd.ie>
