While doing so, improve style and reword some comments.
This should not result in any functional changes, but the fixit_livefs_common
function will be used by future code.
Submitted by: randi
Approved by: re (kensmith)
adjusting the clock to UTC.
That avoids to write on /etc/wall_cmos_clock which is useful in some
cases (example: host user in a jail).
Sponsored by: Sandvine Incorporated
Initially submitted by: Matt Koivisto <mkoivisto at sandvine dot com>
Approved by: re (kib)
always started from the start of the packet.
- Fix usage string (multiple addresses can be specified).
- Make the source more style(9) compliant.
- Improve error reporting (do not silently fail if something goes
wrong).
- Make functions static.
- Use warns level 6.
Approved by: re (kib)
Discussed with: Marc Balmer <marc@msys.ch>, brian, mbr
Submitted by: Marc Balmer <marc@msys.ch>
Reviewed by: rwatson
Approved by: re
M usr.sbin/Makefile
A usr.sbin/wake
AM usr.sbin/wake/wake.c
AM usr.sbin/wake/Makefile
AM usr.sbin/wake/wake.8
via cpuctl(4) driver. Two new CPUCTL_MSRSBIT and CPUCTL_MSRCBIT ioctl(2)
calls treat the data field of the argument struct passed as a mask
and set/clear bits of the MSR register according to the mask value.
- Allow user to perform atomic bitwise AND and OR operaions on MSR registers
via cpucontrol(8) utility. Two new operations ("&=" and "|=") have been
added. The first one applies bitwise AND operaion between the current
contents of the MSR register and the mask, and the second performs bitwise
OR. The argument can be optionally prefixed with "~" inversion operator.
This allows one to mimic the "clear bit" behavior by using the command
like this:
cpucontrol -m 0x10&=~0x02 # clear the second bit of TSC MSR
Inversion operator support in all modes (assignment, OR, AND).
Approved by: re (kib)
MFC after: 1 month
FreeBSD docset during 'make release' this will speed up release
builds;
- sysinstall(8) has also been updated to use these packages with a new
menu allowing people to choose what localized doc to install;
- mention in UPDATING that docs from the FreeBSD Documentation project
are now installed in /usr/local/share/doc/freebsd instead of
/usr/share/doc.
Approved by: re (kensmith)
insisting on privileged port access.
Include /var/yp/Makefile.local if it exists and suggest using
it to override /var/yp/Makefile behaviour.
Approved by: re (kib)
MFC after: 3 weeks
A fresh install of a current 8.0 snapshot uses 156MB with a single kernel
and having the filesystem too small prevented the system from booting.
Reviewed by: marcel
MFC after: 1 week
This covers the common case of unsliced USB drives, and makes it possible to
select them as installation source media.
PR: 61152, 115197, 135016
Submitted by: randi
MFC after: 1 month
meant primarily for _non_ interactive use. Scripts that run cxgbtool
repeatedly to perform register r/w or mdio will benefit from this.
Instead of fork/exec'ing a new cxgbtool for every regio/mdio you can
simply open a pair of pipes to/from cxgbtool and run cmds over them.
Approved by: gnn (mentor)
The kernel does not log floppy media errors anymore.
In fdcontrol, do always open the file descriptor in read-only mode so
it can operate on read-only media, as there is no longer a separate
control device to operate on.
about a queue from a remote host. That remote host may use \r, \r\n,
or \n\r as the line-ending character. In some cases the remote host
will write a single line of information without *any* EOL sequence.
Translate all the non-unix EOL's to the standard newline, and make
sure the final line includes a terminating newline. Logic is also
added to translate all unprintable characters to '?', but that is
#if-ed out for now.
PR: bin/104731
MFC after: 3 weeks
allocates data structures that are never linked into the tree or free'd.
As such, mountd would leak memory every time it parsed an nfsv4 root line.
This patch frees up those structures to plug the leak.
Approved by: kib (mentor)
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively. (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)
The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer. Do the equivalent in
kinfo_proc.
Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively. Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary. In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.
Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups. When feasible, truncate
the group list rather than generating an error.
Minor changes:
- Reduce the number of hand rolled versions of groupmember().
- Do not assign to both cr_gid and cr_groups[0].
- Modify ipfw to cache ucreds instead of part of their contents since
they are immutable once referenced by more than one entity.
Submitted by: Isilon Systems (initial implementation)
X-MFC after: never
PR: bin/113398 kern/133867
package rather than expecting our top level package to get all of
the dependencies correct.
Previously, the code depended on the top level package having all
of the pkgdep lines in +CONTENTS correct and in the right order,
but that doesn't always happen due to code such as this (in
security/gnutls/Makefile):
.if (defined(WITH_LZO) || exists(${LOCALBASE}/lib/liblzo2.so)) && !defined(WITHOUT_LZO)
LIB_DEPENDS+= lzo2:${PORTSDIR}/archivers/lzo2
....
With such conditional dependencies, my 'sophox-packages' package won't
install. The dependency tree looks like this:
sophox-packages
...
x11/gnome2
x11/gnome-applets
net/libgweather
devel/libsoup
security/gnutls
security/libgcrypt
security/libgpg-error
...
x11/gnome2
archivers/file-roller
archivers/gtar
archivers/lzop
archivers/lzo2
...
gnutls doesn't depend on lzo2 initially, but lzo2 is dragged into the
mix via other dependencies and is built by the initial 'make'. The
subsequent package generation for gnutls adds a pkgdep line for lzo2
to gnutls' +CONTENTS but the pkgdeps in sophox-packages' +CONTENTS
has gnutls *before* lzo2.
As a result, sophox-packages cannot install; gnutls fails because lzo2
is missing, 82 more packages fail because gnutls is missing and the
whole thing spirals into a super-confusing mess!
MFC after: 3 weeks
system callers of getgroups(), getgrouplist(), and setgroups() to
allocate buffers dynamically. Specifically, allocate a buffer of size
sysconf(_SC_NGROUPS_MAX)+1 (+2 in a few cases to allow for overflow).
This (or similar gymnastics) is required for the code to actually follow
the POSIX.1-2008 specification where {NGROUPS_MAX} may differ at runtime
and where getgroups may return {NGROUPS_MAX}+1 results on systems like
FreeBSD which include the primary group.
In id(1), don't pointlessly add the primary group to the list of all
groups, it is always the first result from getgroups(). In principle
the old code was more portable, but this was only done in one of the two
places where getgroups() was called to the overall effect was pointless.
Document the actual POSIX requirements in the getgroups(2) and
setgroups(2) manpages. We do not yet support a dynamic NGROUPS, but we
may in the future.
MFC after: 2 weeks
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.
Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.
Reported by: lstewart
Tested by: lstewart
choice of variable names for rc.conf and option name for the
experimental server.
Also replace the inaccurate description of the nfsv4 root lines
in /etc/exports, mostly with a reference to exports(5).
Approved by: kib (mentor)
not exist to let the user know that it will be created for the next run.
2. Delete more stuff we're not going to use from the temproot prior to
creating the mtree database to dramatically reduce its size (162K -> 37K).
3. We've been deleting the zero-size files from temproot for a long time
now, so remove the spurious "-size +0" from the find command in the
comparison loop, and remove what is now a really stale comment.
set for RPC UDP sockets. Mountd uses internal libc fuctions
directly and bypasses generic socket initialization completely,
so we need to set IP_RECVDSTADDR here to match the libc behavior.
could be handled w/o fragmentation but clobbers user-specified values
such as those required when the interface is bridged.
Submitted by: jim@netgate.com
Reviewed by: Jouni Malinen
MFC after: 3 days
connections. Including a flag to instead output a sequence of tcpdrop(8)
invocations that would accomplish the same thing, which is convenient for
scripting.
o) Make tcpdrop complain if the addresses given to it are entirely in different
address families, rather than failing silently.
o) When cross-referencing httpd(8), do not explicitly specify the apache2 port,
since the example in question is generic.
lots of new features compared to 9.4.x, including:
Full NSEC3 support
Automatic zone re-signing
New update-policy methods tcp-self and 6to4-self
DHCID support.
More detailed statistics counters including those supported in BIND 8.
Faster ACL processing.
Efficient LRU cache-cleaning mechanism.
NSID support.
- Mark internal routines as static;
- Eliminate unused parameters where possible, mark __unused for others;
- Remove unused variables;
- Use %jd for int64_t values in printf();
- Add appropriate %d for printf to match its parameter;
- Rename a variable to resolve conflict with revoke(2);
Reviewed by: rmacklem
Tested with: make universe (bugs are mine)
The system hostname is now stored in prison0, and the global variable
"hostname" has been removed, as has the hostname_mtx mutex. Jails may
have their own host information, or they may inherit it from the
parent/system. The proper way to read the hostname is via
getcredhostname(), which will copy either the hostname associated with
the passed cred, or the system hostname if you pass NULL. The system
hostname can still be accessed directly (and without locking) at
prison0.pr_host, but that should be avoided where possible.
The "similar information" referred to is domainname, hostid, and
hostuuid, which have also become prison parameters and had their
associated global variables removed.
Approved by: bz (mentor)
regular one. It now takes a "-4" command line argument to force it
to use the experimental server. Otherwise it will use the regular
server unless the experimental server is the only one linked into
the kernel. A third kind of line has been added to /etc/exports,
which is specific to NFSv4 and defines where the NFSv4 tree root is
and can be used to limit access to NFSv4 state handling operations
that do not use any file handle.
Approved by: kib (mentor)
ip6_input.c, in6.h:
* Add netinet6-specific mbuf flag M_RTALERT_MLD, shadowing M_PROTO6.
* Always set this flag if HBH Router Alert option is present for MLD,
even when not forwarding.
icmp6.c:
* In icmp6_input(), spell m->m_pkthdr.rcvif as ifp to be consistent.
* Use scope ID for verifying input. Do not apply SSM filters here, no inpcb.
* Check for M_RTALERT_MLD when validating MLD traffic, as we can't see
IPv6 hop options outside of ip6_input().
in6_mcast.c:
* Use KAME scope/zone ID in in6_multi.
* Update net.inet6.ip6.mcast.filters implementation to use scope IDs
for comparisons.
* Fix scope ID treatment in multicast socket option processing.
Scope IDs passed in from userland will be ignored as other less
ambiguous APIs exist for specifying the link.
* Tighten userland input checks in IPv6 SSM delta and full-state ops.
* Source filter embedded scope IDs need to be revisited, for now
just clear them and ignore them on input.
* Adapt KAME behaviour of looking up the scope ID in the default zone
for multicast leaves, when the interface is ambiguous.
mld6.c:
* Tighten origin checks on MLD traffic as per RFC3810 Section 6.2:
* ip6_src MAY be the unspecified address for MLDv1 reports.
* ip6_src MAY have link-local address scope for MLDv1 reports,
MLDv1 queries, and MLDv2 queries.
* Perform address field validation *before* accepting queries.
* Use KAME scope/zone ID in query/report processing.
* Break const correctness for mld_v1_input_report(), mld_v1_input_query()
as we temporarily modify the input mbuf chain.
* Clear the scope ID before handoff to userland MLD daemon.
* Fix MLDv1 old querier present timer processing.
With the protocol defaults, hosts should revert to MLDv2 after 260s.
* Add net.inet6.mld.v1enable sysctl, default to on.
ifmcstat.c:
* Use sysctl by default; -K requests kvm(3) if so compiled.
mld.4:
* Connect man page to build.
Tested using PCS.
and jail_get(2). Jail(8) can now create jails using a "name=value"
format instead of just specifying a limited set of fixed parameters; it
can also modify parameters of existing jails. Jls(8) can display all
parameters of jails, or a specified set of parameters. The available
parameters are gathered from the kernel, and not hard-coded into these
programs.
Small patches on killall(1) and jexec(8) to support jail names with
jail_get(2).
Approved by: bz (mentor)
are specifically used by the experimental nfsv4 subsystem.
nfscbd - The NFSv4 client callback daemon.
nfsuserd - The NFSv4 daemon that maps between user and group name
and their corresponding uid/gid numbers.
nfsdumpstate - A utility that dumps out the NFSv4 Open/Lock state.
nfsrevoke - Administratively revokes an NFSv4 client, releasing all
NFSv4 Open/Lock state it holds on the server.
Approved by: kib (mentor)
timer with a <0.05 second delta next to it.
This is done by avoiding the possibility of updating the first residual
time delta in the timer list to zero.
PR: 102747
Submitted by: Sergey Zaharchenko - doublef-ctm at yandex dot ru
MFC after: 3 weeks
This includes the addition of a new flag "-4" that will force
use of the experimental server with nfsv4 support in it. This
commit also adds two new man pages to the repository that are
NFSv4 specific. One describes the file used by the server to
restart nfsv4 services safely. The other is a brief overview
of nfsv4 and its setup.
Reviewed by: dfr
Approved by: kib (mentor)
Upgrade of the tzcode from 2004a to 2009e.
Changes are numerous, but include...
- New format of the output of zic, which supports both 32 and 64
bit time_t formats.
- zdump on 64 bit platforms will actually produce some output instead
of doing nothing for a looooooooong time.
- linux_base-fX, with X >= at least 8, will work without problems related
to the local time again.
The original patch, based on the 2008e, has been running for a long
time on both my laptop and desktop machine and have been tested by
other people.
After the installation of this code and the running of zic(8), you
need to run tzsetup(8) again to install the new datafile.
Approved by: wollman@ for usr.sbin/zic
MFC after: 1 month
asked to verify a passwd file (pwd_mkdb -C).
Entries with oversized usernames are still permitted when building
the passwd database.
When entries are >= MAXLOGNAME in length, they are correctly stored
in passwd, pwd.db and spwd.db but are only correctly retrieved by
getpwent*() and getpwuid*(). getpwnam*() truncates to MAXLOGNAME - 1
when reading from a file (breaking at least sh, tcsh and bash)
and utilities such as su(1) check, complain and fail if the
passed name is >= MAXLOGNAME in length.
MFC after: 3 weeks
1. In several places make sure that the mtree database is not empty using
the -s argument to test instead of -f. (I thought I'd already changed this,
but obviously not.)
2. When deriving the list of changed files use a colon-delimited list.
3. If the list of changed files is empty, unset the variable, and test
for a non-empty CHANGED in diff_loop() before entering that routine.
Enhance the speed of the -U option by using an internal case statement
instead of echoing the variable to an external grep for every file.
Fix indentation on one line.
