pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.
pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
elected to do this in the probe rather than the attach so that we don't
disturb things which this might reset. different cards have different
quirks, according to their datasheets.
This should fix the "I booted in windows and rebooted to FreeBSD and
now things don't work" problem.
PR: 4847, 20670
route in ifa_ifwithroute(), as the last resort, look up the route to
the gateway, not destination (to derive the interface from).
PR: kern/27852
Submitted by: Iasen Kostoff <tbyte@tbyte.org>
MFC after: 2 weeks
been patched so many times it was a bit of a mess. There are style,
code and man page cleanups. The following are the functional changes:
The RFC only permits the returning of 4 possible error
codes, make sure we only return these (PR 27636).
Use MAXLOGNAME to determine the longest usernames.
Add a -i flag, which returns the uid instead of the username
(this is from a PR 25787, which also contained alot of the
cleanups in this patch).
PR: 25787, 27636
Partially Submitted by: Arne.Dag.Fidjestol@idi.ntnu.no
Reviewed by: Arne.Dag.Fidjestol@idi.ntnu.no, green
MFC after: 3 weeks
card bus bridges.
We now always use pci interrupts for pci cards. This will allow us to
more easily configure things. You must change your IRQ lines in
/etc/pccard.conf to match what we've probed. I'm not sure the right
way to deal with this right now.
Development of pci pcmcia has been funded by Monzoon Networks AG. I
am grateful for their generosity.
certain cases, and a close() by another process could potentially rip the
pipe out from under the (blocked) locking operation.
Reported-by: Alexander Viro <viro@math.psu.edu>
for card change interrupts is different than the pci stuff that's
coming soon. Set the management irq in different ways. If
pci_parallel interrutp routing, then use the PCI way of getting
interrupts. Move polling mode into pcic_isa since when we're routing
via pci polling doesn't work because many bridges (systems hang solid).
If we're routing interrupts via pci, they can be shared, so flag them
as such.
Note, this doesn't actually change anything since the pci attachment
isn't quite ready to be committed.
A attacker sending a lot of bogus fragmented packets to the target
(with different IPv4 identification field - ip_id), may be able
to put the target machine into mbuf starvation state.
By setting a upper limit on the number of reassembly queues we
prevent this situation.
This upper limit is controlled by the new sysctl
net.inet.ip.maxfragpackets which defaults to 200,
as the IPv6 case, this should be sufficient for most
systmes, but you might want to increase it if you have
lots of TCP sessions.
I'm working on making the default value dependent on
nmbclusters.
If you want old behaviour (no upper limit) set this sysctl
to a negative value.
If you don't want to accept any fragments (not recommended)
set the sysctl to 0 (zero).
Obtained from: NetBSD
MFC after: 1 week
Make the default setting YES for now to get some experience with it.
Note: If people starts seeing disk errors because of this then it
should not be backed.
With a small disk being 20GB these days, chances are pretty good that
an ailing sector will not be read while still being recoverable by
the drive.
Diskcheck daemon will read disks in the background at a low rate and
that way give the diskdrive a chance to detect and correct soft read
errors before they become hard errors.
Idea by: phk
Written by: ben
if_up() must be called at splnet or higher.
Second, set the IFF_RUNNING flag on an interface after its
resources (i.e. tunnel source and destination addresses)
have been set. Note that we don't set IFF_UP because it is
if_up()'s job to do that.
PR: kern/27851
Submitted by: Horacio J. PeÓa <horape@compendium.com.ar>
cursor movements;
- minor cleanups in cursor position displaying routines;
- properly resent "file modified" flag when editing several files.
MFC after: 1 week
stick their username (which sendmail will make into an e-mail address)
inside '<>'. Sendmail will still DTRT with this, and it conveniently
puts the submitter's name and e-mail address on one line, just like it
should be after "Submitted by" in a commit message.