- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
floppy types (in fact, we have only one left!)
Also cleanup some code, using || and && in some places, and
using "export VAR=value" instead of two separate lines.
- use proper make configuration for the build, using
${BINMAKE} as evaluated by ${VERSION}/src/Makefile
- remove -lmytinfo from crunch.conf
- remove support for login_access in tinyware/login
- remove "machine i386" from the kernel config file
It might actually be interesting to extend the script to do
a cross build for !i386 ...
MFC after: 3 days
them unsigned I made the possible overflows hard to detect,
and it only saved 1 bit which isn't principal, even less now
that the underlying issue with the total of virtual memory has
been fixed. (For the record, it will overflow with >=2T of
VM total, with 32-bit ints used to keep counters in pages.)
- While here, fix printing of other "struct vmtotal" members
such as t_rq, t_dw, t_pw, and t_sw as they are also signed.
Reviewed by: bde
MFC after: 3 days
- Fix overflow bugs in sysctl(8), systat(1), and vmstat(8)
when printing values of "struct vmmeter" in kilobytes as
they don't necessarily fit into 32 bits. (Fix sysctl(8)
reporting of a total virtual memory; it's in pages too.)
- <netipx> headers [1]
- IPX library (libipx)
- IPX support in ifconfig(8)
- IPXrouted(8)
- new MK_NCP option
New MK_NCP build option controls:
- <netncp> and <fs/nwfs> headers
- NCP library (libncp)
- ncplist(1) and ncplogin(1)
- mount_nwfs(8)
- ncp and nwfs kernel modules
User knobs: WITHOUT_IPX, WITHOUT_IPX_SUPPORT, WITHOUT_NCP.
[1] <netsmb/netbios.h> unconditionally uses <netipx> headers
so they are still installed. This needs to be dealt with.
- add -lgeom
- use bsdlabel instead of disklabel
- increase image size to 2.88M (plenty of free space left)
note, this is not really a bridge because the old-style
bridging code is not in 7.0 anymore, so the kernel config
file should be changed.
replacement and has additional features which make it superior.
Discussed on: -arch
Reviewed by: thompsa
X-MFC-after: never (RELENG_6 as transition period)
to PRECIOUSLIB from bsd.lib.mk. The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.
Reviewed by: oliver
with the following changes:
1) Don't make a mime_types.h 'cos we should avoid creating variables
in header files,
2) Use strrchr to find the extension, rather than strchr,
3) Slightly simplify the mime-type matching loop.
any goof are likely to be mine. Note that there are links to more
improvements by Eugene in the PR.
PR: 29725
Submitted by: Eugene Grosbein <eugen@kuzbass.ru>
+ declare some shell variables as 'local'
+ add a missing ';;' in a 'case' statement
+ centralize newfs options
+ properly override GID and UID when installing include files and libraries
+ add a missing '-r' in disklabel commands (maybe not necessary, but it
does not harm and it was used in the RELENG_4 version)
+ no more require 'perl' when installing the secondary loader
+ use '-t rsa1' when invoking ssh-keygen
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).
Approved by: rwatson (mentor)
and does not fit into a floppy anymore (1403kb available).
There is not much you can do now except bumping up the image size
(by uncommenting the "fd_size=2880" line in ./config),
at which point you can uncomment sshd, the associated library,
and all the good stuff such as tcpdump and natd and ppp that
you might want on such a box.
A similar change should be applied to other picobsd image types.
1) Make fetch_mode a pointer 'cos we can just use the optarg.
2) Constness.
3) Add/complete prototypes.
4) Change an int to a socklen_t.
5) Don't use C++ style comments.
6) Check return values from read and fork a little more carefully.
7) Avoid closing an uninitialised int.
8) Get rid of unneeded extern declarations.