Sleep for one second after calling audit -t to give the audit daemon a
chance to actually terminate the audit service and exit. Otherwise, on
an rc.d/auditd restart, the new audit daemon instance may try to start
auditing while the previous session is still running. Likewise, this
ensures a chance for auditd to terminate the audit trail at system
shutdown.
Perhaps more ideally, the script would wait synchronously for auditd to
exit rather than for an arbitrary but short period of time.
Obtained from: TrustedBSD Project
Approved by: re (mux)
Rework the way errors are handled with respect to how audit records are
written to the audit trail file:
- audit_record_write() now returns void, and all file system specific
error handling occurs inside this function. This pushes error handling
complexity out of the record demux routine that hands off to both the
trail and audit pipes, and makes trail behavior more consistent with
pipes as a record destination.
- Rate limit kernel printfs associated with running low on space. Rate
limit audit triggers for low space. Rate limit printfs for fail stop
events. Rate limit audit worker write error printfs.
- Document in detail the types of limits and space checks we perform, and
combine common cases.
This improves the audit subsystems tolerance to low space conditions by
avoiding toasting the console with printfs are waking up the audit daemon
continuously.
Obtained from: TrustedBSD Project
Approved by: re (mux)
Fix a bunch of SYSCTL_INT() that should have been SYSCTL_ULONG() to
match the type of the variable they are exporting.
Spotted by: Thomas Hurst <tom@hur.st>
Approved by: re@ (rwatson)
Forgotten by: mux
The sparc64/sparc64/pmap.c implementations of pmap_remove(),
pmap_protect(), and pmap_copy() have optimizations for regions
larger than PMAP_TSB_THRESH (which works out to 16MB). This
caused a panic in tsb_foreach for kernel mappings, since
pm->pm_tsb is NULL in that case. This fix teaches tsb_foreach
to use the kernel's tsb in that case.
Approved by: re (mux)
pccard_ether rev 1.51:
Search the list of up interfaces provided by "ifconfig -ul" instead of
greping for UP in "ifconfig $ifn". This eliminates a dependancy on /usr.
pccard_ether rev 1.53 and network.subr rev 1.173:
Introduce a new method ipv6if which attemptes to figure out if an
interface is an IPv6 interface.
Use this method to decide if we should attempt to configure an interface
with an IPv6 address in pccard_ether. The mechanism pccard_ether uses
to do this is unsuited to the task because it assumes the list of
interfaces it is passed is the full list of IPv6 interfaces and makes
decissions based on that. This is at least a step in the right
direction and is probably about as much as we can MFC safely.
PR: conf/103428
Approved by: re (hrs)
network_ipv6 also does some interface configuration so require it to
run before starting devd so they don't trip over each other.
PR: conf/103428
Approved by: re (hrs)
Add a -a argument to id(1), which causes id(1) to print out process
audit properties, including the audit user id. This can be quite
helpful in debugging audit problems.
Obtained from: TrustedBSD Project
Rename "-a" flag to "-A" in order to avoid conflicting with the "-a" flag
as found on Solaris.
Requested by: ceri
Approved by: re (hrs)
(pw_copy): Handle the case of a malformed line in master.passwd
(copy it silently, do not dereference NULL pointer).
MFC rev. 1.37 to RELENG_6:
Minor comment fix to the change above.
PR: bin/102848
Approved by: re (hrs)
Revert r1.11.2.38 as the ethernet header was inadvertently stripped from ARP
packets. Reimplement this correctly and use a sysctl that defaults to off so
the user doesnt get any suprises if ipfw blocks the ARP packet.
Approved by: re (hrs)
Do not try to call keyboard callback unless keyboard is active and busy.
This should fix 'kbdcontrol -K < /dev/console' panic on sparc64 with sunkbd(4).
PR: sparc64/96798
Approved by: re (hrs)
Make op parameter to mux_keyboard() u_int instead of int.
This should fix sparc64 messages like
Sep 15 11:17:39 peahi kernel: WARNING pid 5477 (kbdcontrol): ioctl sign-extension ioctl ffffffff80244b45
PR: sparc64/96798
Approved by: re (hrs)
When the volume is being downgraded from a read-write mode, mark
it as clean.
PR: kern/85366
Submitted by: Dan Lukes <dan at obluda dot cz>
Approved by: re (hrs)
bulk and interrupt transfers. This fixes some cases where the
software toggle tracking was not doing the right thing. For example,
a short transfer that transferred 0 bytes of the requested qTD
transfer size does cause a toggle change, but the existing code was
assuming it didn't.
Approved by: re (mux)
- don't reboot() when feed with wrong parameters (and enough permissions) [1]
- add support to power off the system [2]
- check the linux magic values [3]
Submitted by: Marcin Cieslak <saper@SYSTEM.PL> [1,2]
Modelled after: linux man page of the reboot() syscall [3]
Found by: LTP testcase "reboot02" [1]
Tested with: LTP testcase "reboot02" [1,3]
Approved by: re (hrs)
- Changing the smbus_bread() function in the smbus interface to return the
actual number of bytes read.
- Changing the SMB_BREAD ioctl of /dev/smbX to return the actual number of
bytes read.
- Attaching smb(4) to smbus(4) via an identify routine.
- Adding locking to smbus(4).
- Fixing the bread() and bwrite() methods of alpm(4), amdpm(4), and
viapm(4) to only perform a single transaction.
- Fix several buffer overflows with bread() and SMB_BREAD.
Approved by: re (mux)
Rather than allocating all buffer memory for the completed BSM record
when allocating the record in the first place, allocate the final buffer
when closing the BSM record. At that point, more size information is
available, so a sufficiently large buffer can be allocated.
This allows the kernel to generate audit records in excess of
MAXAUDITDATA bytes, but is consistent with Solaris's behavior. This only
comes up when auditing command line arguments, in which case we presume
the administrator really does want the data as they have specified the
policy flag to gather them.
Obtained from: TrustedBSD Project
Approved by: re (mux)