Commit Graph

201 Commits

Author SHA1 Message Date
Jilles Tjoelker
43d53dba8f Add sbin and /usr/local directories to _PATH_DEFPATH.
Set _PATH_DEFPATH to
/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin. This is the
path in the default class in the default /etc/login.conf,
excluding ~/bin which would not be expanded properly in a string
constant.

For normal logins, _PATH_DEFPATH is overridden by /etc/login.conf,
~/.login_conf or shell startup files. _PATH_DEFPATH is still used as a
default by execlp(), execvp(), posix_spawnp() and sh if PATH is not set, and
by cron. Especially the latter is a common trap (most recently in PR
204813).

PR:		204813
Reviewed by:	secteam (delphij), alfred
2016-01-05 16:21:20 +00:00
Pedro F. Giffuni
587d674e16 Undo change from r292607 that was not meant to be there
Pointyhat: me
2015-12-22 15:42:53 +00:00
Pedro F. Giffuni
d985028157 cron: Check the return value of pipe(2)
Fix inspired by:	OpenBSD (rev 1.56)
CID:	1009830
2015-12-22 15:32:45 +00:00
Pedro F. Giffuni
7044922b39 crontab: properly free an entry
This should close memory leak.

Obtained from:	OpenBSD (rev. 1.62)
CID:		271773
2015-12-22 15:30:26 +00:00
Pedro F. Giffuni
c28c984689 crontab: replace malloc + bzero with calloc
Obtained from:	OpenBSD (Rev 1.20)
2015-12-22 15:20:08 +00:00
Simon J. Gerraty
ccfb965433 Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
Simon J. Gerraty
44d314f704 dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
Simon J. Gerraty
98e0ffaefb Merge sync of head 2015-05-27 01:19:58 +00:00
Baptiste Daroussin
a7f8c4eb4c Readd Makefile.inc that were used to include upper level Makefile.inc and
set (among other things) the destination where the binary should be installed
2014-11-28 22:03:35 +00:00
Baptiste Daroussin
c6db8143ed Convert usr.sbin to LIBADD
Reduce overlinking
2014-11-25 16:57:27 +00:00
Simon J. Gerraty
9268022b74 Merge from head@274682 2014-11-19 01:07:58 +00:00
Bryan Drewery
5608fd23c2 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
Simon J. Gerraty
ee7b0571c2 Merge head from 7/28 2014-08-19 06:50:54 +00:00
Peter Wemm
713c03d57a Check gethostname(2) return code - but even if it succeeds it may not
null terminate.

Temporarily use "From: $user@$hostname" rather than "From: $user".
The latter exposes incompatible behavior if using dma(8).  sendmail(8)
(and other alternatives) canonify either form on submission (even
if masquerading), but dma will leak a non-compliant address to
the internet.
2014-08-05 01:32:09 +00:00
Baptiste Daroussin
01c2b8ac0d use .Mt to mark up email addresses consistently (part2)
PR:		191174
Submitted by:	Franco Fichtner  <franco@lastsummer.de>
2014-06-20 09:57:27 +00:00
Bryan Drewery
864c53ead8 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
Simon J. Gerraty
fae50821ae Updated dependencies 2014-05-16 14:09:51 +00:00
Simon J. Gerraty
76b28ad6ab Updated dependencies 2014-05-10 05:16:28 +00:00
Simon J. Gerraty
3b8f084595 Merge head 2014-04-28 07:50:45 +00:00
Andrey A. Chernov
bc36ff9bc7 Bad timespec_subtract() calculations produce negative tv_nsec on i386
which cause EINVAL returned from nanosleep() which cause loop in
cron_sleep() and making all cron jobs to start about 30 seconds earlier
(which cause f.e. logfiles rotation by newsyslog delayed by 1 hour).

Use simple and proved calculations from kernel's timespecsub() instead.

MFC after:      3 days
2014-01-25 02:16:09 +00:00
Simon J. Gerraty
7cf3a1c6b2 Updated dependencies 2013-03-11 17:21:52 +00:00
Simon J. Gerraty
f5f7c05209 Updated dependencies 2013-02-16 01:23:54 +00:00
Simon J. Gerraty
23090366f7 Sync from head 2012-11-04 02:52:03 +00:00
Maxim Sobolev
7a5c30c5b6 Second attempt to add @every_second keyword support. Due to multiple
requests, default to the previous 60-seconds scheduling method
unless there is any @every_second entries to conserve CPU cycles and
power.

This change also improves scheduling in the default mode by running
as close to the beginning of the minnute as possible by replacing
sleep(3) with nanosleep(2). Previously, the tasks would run anywhere
within the first second of the minute and that offset drifted back
and forth each time cron(8) was engaged.

MFC after:	1 month
2012-10-25 22:54:29 +00:00
Maxim Sobolev
27858d0bb4 Fully backout latest changes.
Pointy hat to:	sobomax
2012-10-18 06:27:03 +00:00
Maxim Sobolev
8675ac22d6 Remove harmless, but superfluous local change that creeped in along
with the r241649.
2012-10-17 21:26:35 +00:00
Maxim Sobolev
07e9aac098 Revert latest changes to cron, until better version is worked out (I hope).
Requested by:   few
2012-10-17 20:45:48 +00:00
Maxim Sobolev
7bd028861b o Use nanosleep(2) to sleep exact amount of time till the next second,
not multiple of 1 second, which results in actual time to drift back
and forth every run within 1 second of the actual action has
been set for.

Suggested by:   Ian Lepore

o Schedule the first run in 1 second after starting up, not on the
boundary of the next minute, which results in the every_second jobs
not being run.
2012-10-17 00:44:34 +00:00
Maxim Sobolev
890278c188 Properly handle non-keyword case by setting e->second to 0. 2012-10-16 21:34:02 +00:00
Maxim Sobolev
2543786a37 Add per-second scheduling into the cron(8). Right now it's
only available via the new @every_second shortcut. ENOTIME to
implement crontab(5) format extensions to allow more flexible
scheduling.

In order to address some concerns expressed by Terry Lambert
while discussing the topic few years ago, about per-second cron
possibly causing some bad effects on /etc/crontab by stat()ing
it every second instead of every minute now (i.e. atime update),
only check that database needs to be reloaded on every 60-th
loop run. This should be close enough to the current behaviour.

Add "@every_minute" shortcut while I am here.

MFC after:	1 month
2012-10-15 08:21:49 +00:00
Sergey Kandaurov
24e4c29c6e Fix build with LOG_FILE undefined and DEBUGGING disabled. 2012-10-02 09:23:16 +00:00
Sergey Kandaurov
9281629f0e Fix build with DEBUGGING disabled. 2012-10-02 09:19:28 +00:00
Ed Schouten
902d9eafbf Rework all non-contributed files that use `struct timezone'.
This structure is not part of POSIX. According to POSIX, gettimeofday()
has the following prototype:

	int gettimeofday(struct timeval *restrict tp, void *restrict tzp);

Also, POSIX states that gettimeofday() shall return 0 (as long as tzp is
not used). Remove dead error handling code. Also use NULL for a
nul-pointer instead of integer 0.

While there, change all pieces of code that only use tv_sec to use
time(3), as this provides less overhead.
2012-09-01 14:45:15 +00:00
Marcel Moolenaar
7750ad47a9 Sync FreeBSD's bmake branch with Juniper's internal bmake branch.
Requested by: Simon Gerraty <sjg@juniper.net>
2012-08-22 19:25:57 +00:00
John Baldwin
5cdfc55cab Add a one second sleep before touching the spool directory. If the touch
occurs in the same second as the earlier operations to create the temporary
file and the cron(8) daemon is rescans the spool directory during that
second, then the daemon may miss a cron edit and not properly update its
internal database.

MFC after:	1 month
2012-07-02 20:27:37 +00:00
Glen Barber
f85ad80c6f As cron(8) is started with '-s' by default, timezones that observe
DST should not need to worry about scheduling jobs when the DST time
changes.

Rather than removing the BUGS section in crontab(5) regarding this,
note that disabling '-s' may still cause jobs to be executed twice or
not at all.

PR:		166318
Submitted by:	Florian k Unglaub (f.unglaub%googlemail!com)
MFC After:	1 week
2012-04-28 22:48:00 +00:00
Xin LI
cc427081a7 Drop setuid status while doing file operations to prevent potential
information leak.  This changeset is intended to be a minimal one
to make backports easier.

Reviewed by:	kevlo, remko
MFC after:	1 week
2012-02-27 05:49:00 +00:00
Sean Farley
fd2f39cb85 Since April 2, 2006, Indiana has observed DST.
MFC after:	5 days
2012-01-28 21:06:45 +00:00
Ulrich Spörlein
3df5ecac8c Spelling fixes for usr.sbin/ 2011-12-30 10:58:14 +00:00
Warren Block
df799cbad3 Point out that @reboot runs at every cron startup, not just system
startup.

Discussed on:	hackers@

Approved by:	gjb (mentor)
MFC after:	1 week
2011-11-25 17:41:12 +00:00
Christian Brueffer
0d83258df3 List /var/cron/tabs in FILES and add descriptions for the other entries.
PR:		145912
Submitted by:	Julian H. Stacey <jhs@berklix.com>
Obtained from:	OpenBSD
MFC after:	1 week
2010-05-14 01:25:30 +00:00
Ed Schouten
71ccf09269 The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00
Attilio Rao
7a7043c787 Avoid sshd, cron, syslogd and inetd to be killed under high-pressure swap
environments.
Please note that this can't be done while such processes run in jails.

Note: in future it would be interesting to find a way to do that
selectively for any desired proccess (choosen by user himself), probabilly
via a ptrace interface or whatever.

Obtained from:	Sandvine Incorporated
Reviewed by:	emaste, arch@
Sponsored by:	Sandvine Incorporated
MFC:		1 month
2009-11-25 15:12:24 +00:00
Sergey Skvortsov
637fd955fe Fix typo.
Approved by:	ru
2008-12-01 17:39:34 +00:00
Matteo Riondato
c082b52c72 remove a pointless prototype and static-fy the corresponding function
MFC after:	3 days
2008-11-18 01:19:25 +00:00
Matteo Riondato
74c824b081 use WARNS?= instead of WARNS=
MFC after:	3 days
2008-11-18 00:59:26 +00:00
Matteo Riondato
90f43da7ad Be more precise and use sizeof(tn)
Pointed out by: glewis@

MFC after:	3 days
2008-11-18 00:39:50 +00:00
Matteo Riondato
d9e5bb5c20 Use WARNS?= instead of WARNS=
MFC after:	3 days
2008-11-18 00:12:15 +00:00
Matteo Riondato
66d48cdafe Make usr.sbin/cron/crontab and usr.sbin/cron/lib WARNS=3 clean
Tested with: make universe

MFC after:	3 days
2008-11-10 06:35:30 +00:00
Matteo Riondato
37f1755cab Revert to previous revision.
I should not commit anything at 3.50 AM.
In addition to danfe's comments, I got others.
I'll work on a better version of the patch.
2008-11-09 09:01:09 +00:00