Commit Graph

10947 Commits

Author SHA1 Message Date
Maxim Konovalov
8ef09875f0 o Re-arrange parentheses and fix a conition logic for !do_dns case.
PR:		bin/98625
MFC after:	1 month
2006-06-09 14:01:07 +00:00
Maxim Konovalov
1e6c9668df o Add /etc/shells to a source files list. 2006-06-08 14:49:38 +00:00
Maxim Konovalov
7d2155f052 o NIS clients ask for "shells" map not "shells.list".
PR:		kern/86693
Submitted by:	Victor Sudakov
MFC after:	1 month
2006-06-08 09:12:07 +00:00
Tom Rhodes
15b2a87f8d Add adding_user.8 to SEE ALSO, note that usernames may contain any character
but not being with a hyphen, similar to adding_user.8.

PR:	35732
2006-06-07 04:58:54 +00:00
Xin LI
5f17c1e2b2 Use calloc() instead of zeroing the memory our own. 2006-06-07 01:43:26 +00:00
Craig Rodrigues
a84ee0d367 For network filesystems (NFS, samba, etc.), do not pass "export" nmount()
parameter to try to delete an NFS export.  It won't work, and will log
a spurious warning to syslog.

Tested by:	Arno J. Klaassen <arno at heho dot snv dot jussieu dot fr>
MFC after:	3 days
2006-06-06 21:56:49 +00:00
Xin LI
8fe1b8c03e Cleanups for mailwrapper(8):
- K&R -> ANSI prototype [O]
 - Do not bother to do free right before exit() or execve() [O]
 - Remove some dead code in addarg()
 - Make additional parameters specified in mailer.conf(5)
   actually work and document the fact. [N]
 - Avoid using __progname but instead use getprogname()
   and setprogname() to provide more sensible messages. [O, N]
 - Update $OpenBSD$ and $NetBSD$ to reflect the fact that we
   have sync'ed with their code.
 - WARNS=6

Obtained from/Inspired by:	OpenBSD [O], NetBSD [N] (partially)
2006-06-06 05:01:12 +00:00
Pav Lucistnik
1572020a71 - Fix markup
PR:		docs/98471
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
MFC after:	1 day
2006-06-04 15:39:19 +00:00
Markus Brueffer
02afd3d137 - Only print a clarifying message about which HCI node has been used if there
is more than one HCI node present
- Use errx(3) instead of err(3) if there is no HCI node present as errno
  is 0 in this case and the resulting error message wouldn't make much sense

Approved by:	emax (mentor)
2006-06-02 00:29:01 +00:00
Maxim Konovalov
bb0aa1a544 o Better be safe than sorry: check return code from setuid(2),
setgid(2), setlogin(2) and initgroups(3).  In theory they could
fail for root with some third party mac(4) policies.

Submitted by:	Kostik Belousov
MFC after:	1 month
2006-06-01 15:03:06 +00:00
Colin Percival
72f6a0fa7a Enable inadvertantly disabled "securenet" access controls in ypserv. [1]
Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
2006-05-31 22:32:22 +00:00
Ceri Davies
4ec07c5e93 Bring the "just copy" hit list closer to date.
Approved by:	jhb
MFC after:	1 month
2006-05-31 19:16:34 +00:00
Ceri Davies
04e273bfb1 Update the location of the kernel for upgrades.
I considered leaving /boot/kernel out of the chflags noschg line, but I
seem to remember that there was a period where /boot/kernel was schg, so
have left it in for safety's sake.

Approved by:	jhb
MFC after:	1 month
2006-05-31 19:15:20 +00:00
Colin Percival
2a569ec900 Use some features of sh(1) which I didn't know about until today ("read"
can read two variables at once; and suffix pattern deletion) to make the
extract command fork fewer processes.

With the portsnap snapshot and the ports tree in swap-backed memory
disks on my 1.4GHz laptop, this reduces 178800 processes and 195/56/126
seconds of real/user/sys time to 44600 processes and 103/34/60 seconds.
2006-05-30 07:08:41 +00:00
Craig Rodrigues
8f716f89cf Do not log "can't delete export" messages if nmount() returns ENOTSUP.
This eliminates spurious log entries for trying to delete exports
for filesystems like devfs and procfs.
2006-05-28 18:59:28 +00:00
Simon L. B. Nielsen
0f9fc191de Revert 1.73, since mounting devfs without a devfs ruleset inside a
jail is a very bad idea security wise.

Approved by:	trhodes (jcamou mentor)
No response:	jcamou
2006-05-28 09:44:13 +00:00
Matteo Riondato
fdf1353cec Mention ruleset #4 (devfsrules_jail) in jail's man page.
MFC after:	3
2006-05-28 08:29:49 +00:00
Sam Leffler
c824b333f6 avoid null ptr deref
Obtained from:	netbsd
2006-05-27 23:04:30 +00:00
Sam Leffler
2767a3d79c correct static array overrun
Obtained from:	netbsd
2006-05-27 23:03:08 +00:00
Craig Rodrigues
e91db40c18 Move call to ignore SIGPIPE signals before calling fork(),
so that both parent and child processes ignore this signal.

PR:             bin/97768
Submitted by:   Gea-Suan Lin <gslin at csie dot nctu dot edu dot tw>
MFC after:      3 days
2006-05-27 02:37:37 +00:00
Craig Rodrigues
a856bed399 Ignore SIGPIPE signals on write() failures.
We already check for write() failures and handle EPIPE.
Failure to handle SIGPIPE was resulting in rpc.lockd terminating.

PR:		bin/97768
Reported by:	Gea-Suan Lin <gslin at csie dot nctu dot edu dot tw>
MFC after:	1 day
2006-05-25 22:12:05 +00:00
Gleb Smirnoff
78cdd8ed1b Unnest includes before forthcoming editing. 2006-05-24 14:46:55 +00:00
Craig Rodrigues
9857865b55 Convert to nmount() and remove hardcoded checks for ufs, msdosfs, ntfs,
and cd9660.

PR:	bin/97642
2006-05-24 11:49:39 +00:00
Colin Percival
2cb56dabe9 If the user asks for "kernel sources" to be installed, extract the
SRC_BASE package (src/[A-Z]*) as well as SRC_SYS (src/sys/*).  This
allows users who only install the kernel source code to use the
modern "make buildkernel" approach.

Discussed with:	re (scottl, kensmith)
MFC after:	3 days
2006-05-24 03:34:57 +00:00
Craig Rodrigues
6a09faf2cb Convert mountd to nmount(). Remove some hardcoded dependencies
on ufs, cd9660, msdosfs, and ntfs, but not all dependencies.
2006-05-23 17:10:17 +00:00
Markus Brueffer
a9f8b02b01 - Document the new Read_Node_List command, autodetection of HCI nodes and
that the '-n' parameter is now optional
- Grammar fixes

Reviewed by:	emax
Approved by:	emax
MFC after:	1 week
2006-05-22 17:58:19 +00:00
Markus Brueffer
fc5806eda9 - Add HCI node autodetection. As a consequence of this, make the '-n'
parameter optional.
- Add Read_Node_List command which prints a list of available HCI nodes,
  their Netgraph IDs and connected hooks

Reviewed by:	emax
Approved by:	emax
MFC after:	1 week
2006-05-22 17:58:09 +00:00
Joel Dahl
c4d39d8076 s/packages/packets/
Noticed by:	maxim
2006-05-22 07:36:45 +00:00
Joel Dahl
3105ed4eac Add manual page for ipfwpcap(8).
Reviewed by:	phk, brueffer
Submitted by:	Niclas Zeising <lothrandil@n00b.apagnu.se>
2006-05-22 07:14:54 +00:00
Simon L. B. Nielsen
711385c9d0 - Add support for filtering the the list of providers by a regular
expression, which makes it possible to only see interesting
  providers.  "f" is used inside gstat to set a filter, "F" is used to
  remove current filter.
- Do not print some uninteresting values in the gstat title line.
- Do not print past the end of the screen.
- Read multiple keystrokes per "wait" when gstat is running.
- Remove a redundant != check, right after check of NULL against the
  same variable ("gid").
- Use sysexits.h.
- Do not link against libkvm and libsbuf, they are not actually used.
- Fix a few style(9) issues where I had to touch nearby code anyway.

Approved by:	cperciva (mentor)
MFC after:	2 weeks
2006-05-20 19:17:47 +00:00
Maxim Konovalov
27e42e6a7e o SIOCGIFCONF -> getifaddrs(3) conversion. As a side effect fix
bin/95041: subnet mask mismatch.

PR:		bin/95041
Obtained from:	NetBSD
Tested by:	Hans Lambermont
MFC after:	2 months
2006-05-17 18:41:05 +00:00
Pav Lucistnik
a0ff005ba5 - Update to ntp-4.2.0
PR:		docs/79857
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
2006-05-17 10:50:35 +00:00
Poul-Henning Kamp
f6ce2a64f7 Send the pcvt(4) driver off to retirement. 2006-05-17 09:33:15 +00:00
Maksim Yevmenkin
0c3420df68 Fix formatting. Add missing break;
Submitted by:	Iain Hibbert
MFC after:	3 days
2006-05-14 22:19:38 +00:00
Colin Percival
1e1de0e499 Fix typo.
Pointed out by:	ceri
2006-05-13 18:04:48 +00:00
Colin Percival
d600d37002 Add a mechanism for constructing INDEX files which include local ports.
Requested by:	brooks
2006-05-13 15:56:35 +00:00
Hellmuth Michaelis
c6a39ce216 PR: bin/71663
Submitted by:   Dan Lukes
Reviewed by:    hm@
fix compile warnings in isdnd and isdntest. some more
compile time warnings also mentioned in this PR were
already fixed in an earlier commit today.
2006-05-13 14:59:58 +00:00
Hellmuth Michaelis
93ad0725db fix conflicting types for log(), add some prototypes to isdnd.h 2006-05-13 12:42:55 +00:00
Matteo Riondato
b484e04bf9 correct strtol(3) usage and style(9)
Reviewed by:	maxim
MFC after:	2 weeks
2006-05-12 15:14:43 +00:00
Colin Percival
343c554c88 Use 'rm -rf foo/bar' to remove a port instead of 'rm -rf foo/bar/'.
When /usr/ports/foo/bar is a symlink pointing outside the tree, this
deletes the symlink instead of the directory it points to.

Requested by:	delphij
2006-05-12 10:42:40 +00:00
Maxim Konovalov
6dc044b45b o Style(9) the previous commit a bit. 2006-05-11 19:06:33 +00:00
Poul-Henning Kamp
31048bda0e Use sysctlbyname() instead of sysctl 2006-05-11 17:23:57 +00:00
Matteo Riondato
7deb00ccd9 Add the -s option to set jail's securelevel. This is useful for jails run with non-root privileges.
PR:	bin/80242
MFC after:	2 weeks
2006-05-11 13:04:23 +00:00
John Baldwin
9aa6ce1642 Alpha doesn't support linux ABI compat now. 2006-05-10 18:44:10 +00:00
Matteo Riondato
feefdb0ceb Use .Vt for struct xprison
Suggested by: keramida
2006-05-10 14:26:53 +00:00
Matteo Riondato
f7bb71361e document security.jail.list sysctl in jail(8)
PR:	docs/96807
MFC after:	3
2006-05-08 19:55:17 +00:00
Hajimu UMEMOTO
f28aa72448 If perform-actual-lookups is enabled, getservbyname() matches an entry
even when proto is not valid.

Submitted by:	Michael Bushkov <bushman__at__rsu.ru>
2006-05-05 15:01:25 +00:00
Colin Percival
b39855baee Allow the HTTP_PROXY environment variable to be (mis)spelled as
"http_proxy", since some people apparently do this and fetch(3)
allows it.
2006-05-05 04:47:00 +00:00
Colin Percival
a414ca11d5 Fix the test for whether ${HTTP_PROXY} is set -- I got it backwards.
Pointy hat to:	cperciva
Pointed out by:	pjd
2006-05-05 03:44:13 +00:00
Ceri Davies
38e5cff20e Fix binary upgrades by accounting for the schg flag on /var/empty.
PR:		96711, 96780
Submitted by:	Nobuyuki Koganemaru, Martin Jackson
Approved by:	re (scottl)
MFC after:	1 day
2006-05-04 20:10:34 +00:00