11236 Commits

Author SHA1 Message Date
simon
25fdb9e2e2 The wpa_passphrase(8) manual page states that it first appeared in
FreeBSD 6.2, but it didn't make it into RELENG_6_2.

Update the manual page to say "FreeBSD 6.3".

PR:		docs/114429
Submitted by:	Henrik Brix Andersen <henrik@brixandersen.dk>
MFC after:	3 days
Approved by:	re (bmah)
2007-07-17 22:28:51 +00:00
rwatson
ea4d9ac0d1 Disconnect netatm from the build as it is not MPSAFE and relies on
NET_NEEDS_GIANT, which will shortly be removed.  This is done in a
away that it may be easily reattached to the build before 7.1 if
appropriate locking is added.  Specifics:

- Don't install netatm include files
- Disconnect netatm command line management tools
- Don't build libatm
- Don't include ATM parts in rescue or sysinstall
- Don't install sample configuration files and documents
- Don't build kernel support as a module or in NOTES
- Don't build netgraph wrapper nodes for netatm

This removes the last remaining consumer of NET_NEEDS_GIANT.

Reviewed by:	harti
Discussed with:	bz, bms
Approved by:	re (kensmith)
2007-07-14 21:49:24 +00:00
simokawa
ffeb100042 Set the default escape character as described in the manpage of dconschat(8).
Fix a cut-and-paste error.

Spotted by: avatar
Approved by: re (rwatson)
2007-07-12 13:08:00 +00:00
sam
257b90801d update for wpa_supplicant 0.5.8 import:
o unix domain socket to wpa_cli is configured w/ CONFIG_CTRL_IFACE_UNIX
o terminate on last interface option is configured w/ CONFIG_TERMINATE_ONLASTIF
o ndis/Packet32.c fixups to force roaming mode to manual
o document new mixed_cell config knob

Submitted by:	thompsa (Packet32.c)
Reviewed by:	thompsa, sephe
Approved by:	re (hrs)
2007-07-11 16:04:08 +00:00
sam
75055779db update for 0.5.8 import
Approved by:	re (hrs)
2007-07-09 16:26:48 +00:00
sam
367201c067 fixup mcast handling in bpf program; this enables forthcoming support
for 802.1x over wired interfaces

Submitted by:	Jouke Witteveen
Approved by:	re (hrs)
2007-07-09 15:57:10 +00:00
bz
88f7f9d4f1 I4B header files are now installed in include/i4b/ and no longer
in include/machine/.

Adapt #include paths.

Approved by:	re (kensmith)
2007-07-06 07:21:56 +00:00
bz
6aeecf59e8 Remove the -DFAST_IPSEC from Makefiles again.
This was needed during the IPSEC->FAST_IPSEC->IPSEC transition
period to not break the build after picking up netipsec header
files. Now that the FAST_IPSEC kernel option is gone and the
default is IPSEC again those defines are superfluous.

Approved by:	re (rwatson)
2007-07-05 08:56:46 +00:00
bz
2e6ed0bb02 Do not install man pages for the three I4B 'modules' that were
disabled for the FreeBSD 7.0 timeframe.

Approved by:	re (rwatson)
2007-07-04 16:21:27 +00:00
scf
196b6346ba Significantly reduce the memory leak as noted in BUGS section for
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.

Convert all calls to POSIX from historic BSD API:
 - unsetenv returns an int.
 - putenv takes a char * instead of const char *.
 - putenv no longer makes a copy of the input string.
 - errno is set appropriately for POSIX.  Exceptions involve bad environ
   variable and internal initialization code.  These both set errno to
   EFAULT.

Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit.  A few I re-wrote to use setenv()
instead of putenv().

New regression module for tools/regression/environ to test these
functions.  It also can be used to test the performance.

Bump __FreeBSD_version to 700050 due to API change.

PR:		kern/99826
Approved by:	wes
Approved by:	re (kensmith)
2007-07-04 00:00:41 +00:00
mlaier
83807ec50d Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
gnn
f5875f045c Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
thompsa
384e40af76 Remove wicontrol(8) from the base system. Using wicontrol to configure an
interface has been deprecated since 5.1, wi(4) wireless interfaces are managed
via the net80211 stack and ifconfig.

Approved by:	re (rwatson)
2007-07-01 10:25:07 +00:00
cperciva
64e90b3614 Add support for HTTP/1.0 Persistent Connections to phttpget. Requests are
be marked as HTTP/1.1 but "Connection: Keep-Alive" is added; this convinces
HTTP/1.0 servers and proxies to hold the TCP connection open despite not
being able to use HTTP pipelining.

This dramatically cuts down on the number of TCP connections (and thus port
numbers) used by portsnap when talking to an HTTP/1.0 proxy (e.g., squid),
and has the side benefit of improving performance in those cases.

Tested by:	simon
Approved by:	re (kensmith)
MFC After:	1 week
2007-06-30 19:48:28 +00:00
murray
3bf4959688 Remove reference to 'phosphor' in the screensaver menu as this is less
meaningful in the LCD world.

Submitted by:	Ben Kaduk <minimarmot@gmail.com>
Approved by:	re (kensmith)
2007-06-29 20:24:57 +00:00
jhb
6533925808 Teach sysinstall about the 'scddl' source dist.
Approved by:	re (kensmith)
2007-06-28 18:27:29 +00:00
pav
bff51e9c12 - Add new virtual category kld
MFC after:	3 days
Approved by:	re (mux)
2007-06-28 17:42:20 +00:00
philip
9caeeb576e Fix a number of documentation-lags-behind-reality bugs in sysinstall(8).
While here, fix a couple of comments too.

Submitted by:	Oliver Fromme <olli -at- lurza.secnetix.de>
Approved by:	re (kensmith)
2007-06-25 16:37:17 +00:00
dwmalone
35e07e1a73 Add an option to make periodic(8) quiet when no output was generated.
The man page part of the patch is my fault, the changes to the
periodic script is Dominik's.

PR:		88486
Submitted by:	Dominik Brettnacher <domi@saargate.de>
Reviewed by:	brian
Approved by:	re
MFC after:	1 month
2007-06-22 10:04:05 +00:00
njl
79d6390885 Update the suspend/resume user API while maintaining backwards compat.
Improvements:
* /etc/rc.suspend,rc.resume are always run, no matter the source of the
  suspend request (user or kernel, apm or acpi)
* suspend now requires positive user acknowledgement.  If a user program
  wants to cancel the suspend, they can.  If one of the user programs
  hangs or doesn't respond within 10 seconds, the system suspends anyway.
* /dev/apm is clonable, allowing multiple listeners for suspend events.
  In the future, xorg-server can use this to be informed about suspend
  even if there are other listeners (i.e. apmd).

Changes:
* Two new ACPI ioctls:  REQSLPSTATE and ACKSLPSTATE.  Request begins the
  process of suspending by notifying all listeners.  acpi is monitored by
  devd(8) and /dev/apm listener(s) are also counted.  Users register their
  approval or disapproval via Ack.  If anyone disapproves, suspend is vetoed.
* Old user programs or kernel modules that used SETSLPSTATE continue to
  work.  A message is printed once that this interface is deprecated.
* acpiconf gains the -k flag to ack the suspend request.  This flag is
  undocumented on purpose since it's only used by /etc/rc.suspend.  It is
  not intended to be a permanent change and will be removed once a better
  power API is implemented.
* S5 (power off) is no longer supported via acpiconf -s 5 or apm -z/-Z.
  This restores previous behavior of halt/shutdown -p being the interface.
* Miscellaneous improvements to error reporting

Approved by:	re
2007-06-21 22:50:37 +00:00
pav
42681b7ce5 - Replace rather inefficient bubble sort with a recursive depth-first search.
This speeds up registration of packages considerably.
- style(9) police welcome!

PR:		bin/112630
Submitted by:	Stephen Montgomery-Smith <stephen@cauchy.math.missouri.edu>
Tested by:	bento i386 experimental run
MFC after:	14 days
2007-06-18 22:49:13 +00:00
rafan
5fd49d94d5 - Bump share library version which were missed in last bump
Reported by: 	     jhb
Discussed with:	     deischen, des, doubg, harti
Approved by:	     re (kensmith)
2007-06-18 18:47:54 +00:00
philip
c7a9176e2c Fix a (very) longstanding bug in moused(8) affecting high-resolution rodents
when linear acceleration (-a) was enabled with a <1 value to slow them down.

Previously, rounding errors would eat small movements so the mouse had to be
moved a certain distance to get any movement at all.  We now calculate the
rounding errors and take them into account when reporting movement.

PR:		bin/113749
Submitted by:	Oliver Fromme <olli -at- secnetix.de>
MFC after:	3 days
2007-06-17 20:27:54 +00:00
yar
333d04678d Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
simokawa
e572059c28 Increase buffer size of DV stream to prevent buffer
overrun caused by long blocking of file I/O (i.e. zfs).

MFC after: 3 days
2007-06-17 10:20:55 +00:00
maxim
4590b15ce1 o Add an example how to create /etc/mtree style mtree(8) files.
PR:		docs/113667
Submitted by:	edwin
MFC after:	1 week
2007-06-16 08:26:00 +00:00
simokawa
e5ece23f3a - Add an option to change escape character.
- Use CTRL macro.
- Make target reset work on telnet port.
- Add a key bind to invoke kgdb on the terminal. (experimental)
2007-06-15 12:09:16 +00:00
marck
d5c48380b2 Failing to set new frequency should not lead to powerd exiting.
Change err(3) to warn(3) as three other cases.

Approved by:	njl, des
2007-06-13 19:05:11 +00:00
sepotvin
3ffe583f13 Options spring cleanup:
- Add and document the KVM and KVM_SUPPORT options that
are needed for the ifmcstats(3) makefile
- Garbage collect unused variables
- Add missing inclusion of bsd.own.mk where needed

Approved by: kan (mentor)
Reviewed by: ru
2007-06-13 02:08:04 +00:00
bms
ffd77d9ba5 Import rewrite of IPv4 socket multicast layer to support source-specific
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.

This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.

The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html

Summary
 * IPv4 multicast socket processing is now moved out of ip_output.c
   into a new module, in_mcast.c.
 * The in_mcast.c module implements the IPv4 legacy any-source API in
   terms of the protocol-independent source-specific API.
 * Source filters are lazy allocated as the common case does not use them.
   They are part of per inpcb state and are covered by the inpcb lock.
 * struct ip_mreqn is now supported to allow applications to specify
   multicast joins by interface index in the legacy IPv4 any-source API.
 * In UDP, an incoming multicast datagram only requires that the source
   port matches the 4-tuple if the socket was already bound by source port.
   An unbound socket SHOULD be able to receive multicasts sent from an
   ephemeral source port.
 * The UDP socket multicast filter mode defaults to exclusive, that is,
   sources present in the per-socket list will be blocked from delivery.
 * The RFC 3678 userland functions have been added to libc: setsourcefilter,
   getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
 * Definitions for IGMPv3 are merged but not yet used.
 * struct sockaddr_storage is now referenced from <netinet/in.h>. It
   is therefore defined there if not already declared in the same way
   as for the C99 types.
 * The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
   which are then interpreted as interface indexes) is now deprecated.
 * A patch for the Rhyolite.com routed in the FreeBSD base system
   is available in the -net archives. This only affects individuals
   running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
 * Make IPv6 detach path similar to IPv4's in code flow; functionally same.
 * Bump __FreeBSD_version to 700048; see UPDATING.

This work was financially supported by another FreeBSD committer.

Obtained from:  p4://bms_netdev
Submitted by:   Wilbert de Graaf (original work)
Reviewed by:    rwatson (locking), silence from fenner,
		net@ (but with encouragement)
2007-06-12 16:24:56 +00:00
motoyuki
7e97d55648 Delete description of non-existent options: "-4" and "-6".
ntpd's "-4" and "-6" options are described in the original documentation
(contrib/ntp/html/ntpd.html).  It may be original's doc bug.

PR:		docs/112642
Submitted by:	Seth Hieronymus<shieronymus@speakeasy.net>
Discussed with:	ume
MFC after:	1 week
2007-06-12 13:28:55 +00:00
ceri
1715307402 Create group ftp by default. This is gid 14 as this is the historical
id used by sysinstall when enabling anonymous FTP.

Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.

PR:		93284
Approved by:	ru (mentor)
Reviewed by:	simon
2007-06-11 18:36:39 +00:00
sam
ffbf3d6407 o add 11n knob
o gcc42 stuff
2007-06-11 04:05:15 +00:00
sam
9fca1df981 track net80211 changes to get scan results ioctl 2007-06-11 03:57:46 +00:00
matteo
e3c7e41ff5 Remove a comment I forgot to remove 2007-06-09 09:20:22 +00:00
simokawa
6ccdd59c1d Reset dc->paddr and dc->reset if we cannot read configuration ROM. 2007-06-08 12:58:06 +00:00
simokawa
1345f38e32 Clean up escape sequence handling and add support for
resetting target and suspending dconschat.
2007-06-08 05:26:11 +00:00
simokawa
50b4632333 Add heuristics for smooth reconnection. 2007-06-07 12:29:33 +00:00
pav
cc08ec917e "-b /boot/mbr" is redundant, /boot/mbr is the default boot code for fdisk(8).
Pointed out by:	ru
2007-06-07 07:43:04 +00:00
pav
863499a126 - Revert previous revision, it was incorrect
- Add an example using fdisk instead

Pointed out by:	ru
Submitted by:	Warren Block <wblock@wonkity.com>
MFC after:	3 days
2007-06-06 21:28:50 +00:00
delphij
ee31f13424 Write to slice name instead of directly to the disk device.
This fixes writing boot code upon upgrade.

PR:		bin/61587
Submitted by:	Nobuyuki Koganemaru <n-kogane syd.odn.ne.jp>
MFC after:	1 month
2007-06-05 05:44:41 +00:00
dougb
6828e8e3e5 Update bmake glue for the BIND 9.4.1 import.
This includes a return to building with threads, since one of the
major focuses of the 9.4.x branch is to improve thread performance.
2007-06-02 23:19:58 +00:00
simokawa
799f344ad5 Discard backlog on GDB port when connected.
MFC after: 3 days
2007-05-31 04:55:05 +00:00
brueffer
efb0bae1f0 Cleanup after previous commit. 2007-05-25 16:05:17 +00:00
novel
60802ef7dc Add a new option for ppp.conf: rad_port_id. It allows to
change the way of what ppp submits to the RADIUS server
as NAS-Port-Id. Possible options are: the PID of the process
owning the corresponding interface, tun(4) interface number,
interface index (as it would get returned by if_nametoindex(3)),
or it's possible to keep the default behavior. Check the ppp(8)
manual page for details.

PR:		bin/112764
Submitted by:	novel (myself)
Reviewed by:	flz
Approved by:	flz
MFC after:	1 month
2007-05-25 13:45:49 +00:00
dds
56b5e53094 Set .PATH before referring to the corresponding sources. 2007-05-22 10:49:42 +00:00
dds
9ed27d1038 Increase precision of time values in the process accounting
structure, while maintaining backward compatibility with legacy
file and record formats.
2007-05-22 06:51:38 +00:00
flz
d0329841d0 Add new x11-drivers category.
Reminded by:	miwi
MFC after:	3 days
2007-05-19 21:27:37 +00:00
maxim
679817d46e o Fix typo: firwalling -> firewalling.
PR:		docs/112776
Submitted by:	asmodai
MFC after:	1 week
2007-05-19 07:36:43 +00:00
dds
ef91577059 Add -U and -P options that allow the specification of the per-user
and per-process summary file location.
These make the program more flexible, and also make it possible to write
sane regression tests.
2007-05-18 12:36:10 +00:00