pam_krb5 is a Kerberos 5 (Heimdal) authentication module.
pam_nologin checks for /etc/nologin and does the "usual stuff"
if it is found, otherwise it silently succeeds.
pam_rootok silently succeeds if the user is root, otherwise
it fails.
pam_wheel silently succeeds if the user is a member of group
"wheel" (or another nominated group), and fails
otherwise.
There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
+ make Open_Disk sense the sector size by trying 512, 1024 and 2048
in this order. This makes the kernel note that
dscheck(cd1): bio_bcount 512 is not on a sector boundary (ssize 2048)
dscheck(cd1): bio_bcount 1024 is not on a sector boundary (ssize 2048)
if 2048 is the sector size. If this worries anyone: the message is from
/usr/src/sys/kern/subr_diskslice.c and shutups are to be placed there.
+ Have read_block and write_block use an additional parameter, the
sector size.
+ replace all barfout calls with return NULL, 0, __LINE__, etc.
Note that this does NOT emit diagnostics. More often than not,
you don't want library functions to scribble on stderr -- it may
not even be available. The right thing is to propagate the error
condition to upper management. The app should take care of errors.
+ use d1->sector_size instead of 512 in various places. I've left many
places untouched, especially those writing MBRs. I simply added
another arg hardcoded as 512. This is because I would not know what
I'm doing... I felt this approach would be reasonably backward
compatible and not introduce any new bugs in critical software.
Famous last words. Messing with MBRs might soon put me in the same
screwup meister category as, uh, never mind. :-)
+ bump the max no of disks from 20 to 32 (due to PR 24503).
PR: 8434 / 8436 / 24503
Submitted by: Jens Schweikhardt <schweikh@schweikhardt.net>
terminates the string in all cases, based on code from netstat(1).
The path in a sockaddr_un is terminated either by a '\0', or by
the end of the sockaddr as defined by sun_len.
Previously, the code could write the "safety" '\0' beyond the end
of the sockaddr (sockaddr_un's need only be large enough to store
sun_len bytes), and writing into the the supplied sockaddr is bad
anyway.
process on fork(2).
It is the supposed behavior stated in the manpage of sigaction(2), and
Solaris, NetBSD and FreeBSD 3-STABLE correctly do so.
The previous fix against libc_r/uthread/uthread_fork.c fixed the
problem only for the programs linked with libc_r, so back it out and
fix fork(2) itself to help those not linked with libc_r as well.
PR: kern/26705
Submitted by: KUROSAWA Takahiro <fwkg7679@mb.infoweb.ne.jp>
Tested by: knu, GOTOU Yuuzou <gotoyuzo@notwork.org>,
and some other people
Not objected by: hackers
MFC in: 3 days
placed in any scheduling queue(s). The process of dispatching
signals to a thread can change its state which will attempt to add
or remove the thread from any scheduling queue to which it belongs.
This can break some assertions if the thread isn't in the queue(s)
implied by its state.
When adding dispatching a pending signal to a thread, be sure to
remove the signal from the threads set of pending signals.
PR: 27035
Tested by: brian
MFC in: 1 week
longer includes machine/elf.h.
* consumers of elf.h now use the minimalist elf header possible.
This change is motivated by Binutils 2.11.0 and too much clashing over
our base elf headers and the Binutils elf headers.
address" string to a netbuf/sockaddr "transport address". In the
case of an AF_LOCAL address, it was missing the code to actually
point the netbuf at the newly allocated sockaddr_un, so the caller
ended up with a netbuf containing junk.
Submitted by: Martin Blapp <mb@imp.ch>
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.
Obtained from: TrustedBSD Project
The devinfo library provides access to the kernel's internal device
hierarchy and to the I/O resource manager. The library uses a
sysctl(9) interface to obtain a snapshot of the kernel's state which
is then made available to the application.