pam_krb5 is a Kerberos 5 (Heimdal) authentication module.
pam_nologin checks for /etc/nologin and does the "usual stuff"
if it is found, otherwise it silently succeeds.
pam_rootok silently succeeds if the user is root, otherwise
it fails.
pam_wheel silently succeeds if the user is a member of group
"wheel" (or another nominated group), and fails
otherwise.
There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
When people access /dev/tty, locate their controlling tty and return
the dev_t of it to them. This basically makes /dev/tty act like
a variant symlink sort of thing which is much simpler than all the
mucking about with vnodes.
For memory for the pccard attribute/common memory mapping allocate on
the pccard. For other allocations, use whatever is the parent of this
device. There's no doubt other issues lurking, but this should make
things closer to being independent.
- Since polling should not involve sleeping, keep holding a
process lock upon scanning file descriptors.
- Hold a reference to every file descriptor prior to entering
polling loop in order to avoid lock order reversal between
lockmgr and p_mtx upon calling fdrop() in fo_poll().
(NOTE: this work has not been done for netncp and netsmb
yet because a socket itself has no reference counts.)
Reviewed by: jhb
1. Everywhere I could figure out what driver supported a device or
class of device, there is now a cross-reference via a &man entity.
For cases where a driver has no manpage (and hence no &man entity),
we now at least give the name of the driver. For the most part,
this was done by examining driver manpages.
2. A number of devices which are i386-only are now marked as such,
determined by noting manpages or kernel source files in
architecture-specific directories.
3. Added hardware supported by the vpo(4), wl(4), awi(4), and bktr(4)
drivers, based on a read of the manpages.
The manpages and source files in question were taken from 4-STABLE,
(which is what was running on my off-net laptop at the time)
but at this level of detail, I don't expect there to be any appreciable
differences between 4-STABLE and 5-CURRENT.
the resource activation if we're dealing with our grandchild.
Otherwise, we run into two problems. One, if the pccard layer wanted
to allocate and activate something, we'd wind up trying to do the
wrong thing twice: the ivars are wrong and we don't want the bridge to
map the resource to the slot. If we're more than a grandchild, then
who knows what kind of ivar is present. In either of these cases, we
just pass it up the food chain.
comes in for it, the file is really gone, so return ESTALE.
The problem arises when the last reference to an FFS file is
released because soft-updates may delay the actual freeing of the
inode for some time. Since there are no filesystem links or open
file descriptors referencing the inode, from the point of view of
the system, the file is inaccessible. However, if the filesystem
is NFS exported, then the remote client can still access the inode
via ufs_fhtovp() until the inode really goes away. To prevent this
anomoly, it is necessary to begin returning ESTALE at the same time
that the file ceases to be accessible to the local filesystem.
Obtained from: Ian Dowse <iedowse@maths.tcd.ie>
If for some reason DEVFS is undesired, the "NODEVFS" option is
needed now.
Pending any significant issues, DEVFS will be made mandatory in
-current on july 1st so that we can start reaping the full
benefits of having it.
+ make Open_Disk sense the sector size by trying 512, 1024 and 2048
in this order. This makes the kernel note that
dscheck(cd1): bio_bcount 512 is not on a sector boundary (ssize 2048)
dscheck(cd1): bio_bcount 1024 is not on a sector boundary (ssize 2048)
if 2048 is the sector size. If this worries anyone: the message is from
/usr/src/sys/kern/subr_diskslice.c and shutups are to be placed there.
+ Have read_block and write_block use an additional parameter, the
sector size.
+ replace all barfout calls with return NULL, 0, __LINE__, etc.
Note that this does NOT emit diagnostics. More often than not,
you don't want library functions to scribble on stderr -- it may
not even be available. The right thing is to propagate the error
condition to upper management. The app should take care of errors.
+ use d1->sector_size instead of 512 in various places. I've left many
places untouched, especially those writing MBRs. I simply added
another arg hardcoded as 512. This is because I would not know what
I'm doing... I felt this approach would be reasonably backward
compatible and not introduce any new bugs in critical software.
Famous last words. Messing with MBRs might soon put me in the same
screwup meister category as, uh, never mind. :-)
+ bump the max no of disks from 20 to 32 (due to PR 24503).
PR: 8434 / 8436 / 24503
Submitted by: Jens Schweikhardt <schweikh@schweikhardt.net>
pcb for fork(). It was possible for the state to be saved twice when an
interrupt handler saved it concurrently. This corrupted (reset) the state
because fnsave has the (in)convenient side effect of doing an implicit
fninit. Mundane null pointer bugs were not possible, because we save to
an "arbitrary" process's pcb and not to the "right" place (npxproc).
Push the parent's %gs to the pcb for fork(). Changes to %gs before
fork() were not preserved in the child unless an accidental context
switch did the pushing. Updated the list of pcb contents which is
supposed to inhibit bugs like this. pcb_dr*, pcb_gs and pcb_ext were
missing. Copying is correct for pcb_dr*, and pcb_ext is already
handled specially (although XXX'ly).
Reducing the savectx() call to an npxsave() call in rev.1.80 was a
mistake. The above bugs are duplicated in many places, including in
savectx() itself.
The arbitraryness of the parent process pointer for the fork()
subroutines, the pcb pointer for savectx(), and the save87 pointer
for npxsave(), is illusory. These functions don't work "right" unless
the pointers are precisely curproc, curpcb, and the address of npxproc's
save87 area, respectively, although the special context in which they
are called allows savectx(&dumppcb) to sort of work and npxsave(&dummy)
to work. cpu_fork() just doesn't work unless the parent process
pointer is curproc, or the caller has pushed %gs to the pcb, or %gs
happens to already be in the pcb.
when PC98 is defined. This is in perparation for a mecia driver
separate from pcic, assuming that all goes well with that effort.
MECIA_SUPPORT won't be removed until after that support is working.
of the pcic class of devices. Go ahead and move it to the "usual"
place. I say "usual" in quotes since it isn't exactly right (not in
dev/blah), but it is closer than before.
softc.
o Store pointers to softc in dev_t in si_drv1.
o Change 'kludge version' to 'classic version' since things are getting less
kludgy.
o Minor code shuffling so that we probe and attach the pccard slots.
o Minor style(9) changes.
function; we now handle unknown protocols more gracefully.
- Cache the return from getnetconfigent() so that we don't have to
remember to call freenetconfigent() each time. This fixes a memory
leak that would cause retrying background mount_nfs processes to
slowly increase their memory usage.
follow Linux' convention and use %gs. This adds back the setting of
%fs to a sane value in sendsig(). The value of %gs remains preserved
to whatever it was in user context.
terminates the string in all cases, based on code from netstat(1).
The path in a sockaddr_un is terminated either by a '\0', or by
the end of the sockaddr as defined by sun_len.
Previously, the code could write the "safety" '\0' beyond the end
of the sockaddr (sockaddr_un's need only be large enough to store
sun_len bytes), and writing into the the supplied sockaddr is bad
anyway.
them.
Sysinstall used to check /var/run/ld.so.hints (aout related) and create
hints with the ldconfig command, but the ldconfig command alone will
generate elf hints only. The correct behavior is:
* If /var/run/ld-elf.so.hints does not exist, generate elf hints
* If /var/run/ld.so.hints does not exist, generate aout hints
(using ldconfig with the -aout option)
This will help ports that check for aout libraries using ldconfig in their
pkg-req scripts.
Approved by: jkh
MFC after: 1 weeks
- the changes that renamed libf2c to libg2c had not reached here
- there were no definitions for LIBDEVINFO, LIBMENU, LIBPANEL, LIBTINFO,
LIBUSB or LIBVGL. LIBUSB was used without it being defined, and
LIBDEVINFO and LIBVGL should have been used.
- the definitions of LIBDESCRYPT, LIBGCC_PIC, LIBGPLUSPLUS, LIBKZHEAD,
LIBKZTAIL, LIBSCRYPT and LIBSCSI were garbage.
Fixed some old bugs:
- LIBC_PIC and LIBCOM_ERR were assigned to using "=" instead of "?=".
- the definition of LIBC_R was disordered.
- LIBFORM was misspelled LIBFORMS (but not actually used).
warnx()+exit() with errx() and replace a big if..then..else construct
to determine the package download directory with a lookup table.
Reviewed by: jkh
MFC after: 2 weeks