simple enough to be trusted.
Add account management functionality to the pam_unix module.
These changes should make it possible to use PAM in some ports.
Submitted by: Max Khon <fjoe@iclub.nsu.ru>
Submitted by: Yung-Jen Hung <winard@u3717a.dorm.ccu.edu.tw>
Reviewed by: bearscorp.bbs@bbs.life.nthu.edu.tw
_BIG5_sgetrune() in libc doesn't work well, this commit will fix it.
"passwordtime" is what passwd(1) has actually been using. I suspect
passwordperiod was the original intent. I can't figure-out which,
if either, BSDi uses. If anyone knows...
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
o use braces to avoid potentially ambiguous else
o don't default to type int (and also remove a useless register
modifier).
o Use parens around assignment values used as truth values.
o Remove unused function.
Reviewed by: obrien and chuckr
70-00 are intepreted in the 20th century; 01-69 in the
21st century. (Yes, 2000 is the last year of the 20th
century, not the first year of the 21st.)
Submitted by: Sergey Babkin <babkin@bellatlantic.net>
before.
Added SYS.h for mipseb and mipsel.
I now get part way through building libc in the cross environment that
I have (along with pending mipse[bl] changes to the intree egcs) with
these changes.
function. It was an ill-considered feature. It didn't solve the
problem I wanted it to solve. And it added Yet Another Version
Number that would have to be maintained at every release point.
I'm nuking it now before anybody grows too fond of it.
Unlike other filesystem objects, symbolic links do not have an owner,
group, access mode, times, etc. Instead, these attributes are taken from
the directory that contains the link. The only attributes returned from
an lstat() that refer to the symbolic link itself are the file type
(S_IFLNK), size, blocks, and link count (always 1).
This is bogus, and disagrees with the implementation and symlink(7).
Removed it.
PR: docs/10269
Submitted by: Tolik <tolik@sibptus.tomsk.ru>
Include <machine/ansi.h> so that this file is self-sufficient again.
Rev.1.6 doesn't do this as claimed unless <nlist.h> has nonstandard
pollution.
Cleaned up includes.
changes have made this too expensive. This gains about 1.25% on
worldstone on my SMP machine.
Swap-less machines, for instance PicoBSDs, and machines which experience
page-out trafic, check with top(1), will probably want to reenable this
with:
ln -s H /etc/malloc.conf
Suggested by: alc (&dyson ?)
that counted the number of elements in argv. The counter is incremented
in the next-iteration section of the loop, not the body, so at termination
it's already "counted" the element that failed the continuation test - in
this case the NULL argv terminator.
Noted by: bde
call them. All the execX() libc functions should be vfork() safe now.
Specifically:
- execlp() does the argument count-and-build into a vector from alloca
(like the others) - buildargv() is no longer used (and gone).
- execvp() uses alloca/strcpy rather than strdup().
- the ENOEXEC handler uses alloca rather than malloc.
- a couple of free() calls removed - alloca works on the local stack and
the allocations are freed on function exit (which is why buildargv
wasn't useful - it's alloca() context would disappear on return).
Along the way:
- If alloca() fails (can it?), set errno = ENOMEM explicitly.
- The ENOEXEC recovery routine that trys again with /bin/sh appeared to
not be terminating the new argv[] array for /bin/sh, allowing it to
walk off the end of the list.
I dithered a bit about using alloca() even more as it's most commonly
associated with gcc. However, standalone portable (using malloc) and
machine-specific assembler alloca implementations appear to be available
on just about all the architectures we're likely to want to port to.
alloca will be the least of our problems if ever going to another compiler.
kern.chroot_allow_open_directories = 0
chroot(2) fails if there are open directories.
kern.chroot_allow_open_directories = 1 (default)
chroot(2) fails if there are open directories and the process
is subject of a previous chroot(2).
kern.chroot_allow_open_directories = anything else
filedescriptors are not checked. (old behaviour).
I'm very interested in reports about software which breaks when
running with the default setting.
o Runnable threads are now maintained in priority queues. The
implementation requires two things:
1.) The priority queues must be protected during insertion
and removal of threads. Since the kernel scheduler
must modify the priority queues, a spinlock for
protection cannot be used. The functions
_thread_kern_sched_defer() and _thread_kern_sched_undefer()
were added to {un}defer kernel scheduler activation.
2.) A thread (active) priority change can be performed only
when the thread is removed from the priority queue. The
implementation uses a threads active priority when
inserting it into the queue.
A by-product is that thread switches are much faster. A
separate queue is used for waiting and/or blocked threads,
and it is searched at most 2 times in the kernel scheduler
when there are active threads. It should be possible to
reduce this to once by combining polling of threads waiting
on I/O with the loop that looks for timed out threads and
the minimum timeout value.
o Functions to defer kernel scheduler activation were added. These
are _thread_kern_sched_defer() and _thread_kern_sched_undefer()
and may be called recursively. These routines do not block the
scheduling signal, but latch its occurrence. The signal handler
will not call the kernel scheduler when the running thread has
deferred scheduling, but it will be called when running thread
undefers scheduling.
o Added support for _POSIX_THREAD_PRIORITY_SCHEDULING. All the
POSIX routines required by this should now be implemented.
One note, SCHED_OTHER, SCHED_FIFO, and SCHED_RR are required
to be defined by including pthread.h. These defines are currently
in sched.h. I modified pthread.h to include sched.h but don't
know if this is the proper thing to do.
o Added support for priority protection and inheritence mutexes.
This allows definition of _POSIX_THREAD_PRIO_PROTECT and
_POSIX_THREAD_PRIO_INHERIT.
o Added additional error checks required by POSIX for mutexes and
condition variables.
o Provided a wrapper for sigpending which is marked as a hidden
syscall.
o Added a non-portable function as a debugging aid to allow an
application to monitor thread context switches. An application
can install a routine that gets called everytime a thread
(explicitly created by the application) gets context switched.
The routine gets passed the pthread IDs of the threads that are
being switched in and out.
Submitted by: Dan Eischen <eischen@vigrid.com>
Changes by me:
o Added a PS_SPINBLOCK state to deal with the priority inversion
problem most often (I think) seen by threads calling malloc/free/realloc.
o Dispatch signals to the running thread directly rather than at a
context switch to avoid the situation where the switch never occurs.
ifdefs are too ugly for this to be much of a simplification. The
existence tests are even uglier now. Note that the previous commit
was not submitted by me. It missed the point and just added a second
layer of unused removals.
Fixed hard-coded "libcrypt"s. The LCRYPTBASE macro mainly makes
things hard to read, but use it while we have it.
which ones cause us to fail. Now all open errors on the databse file
will cause the next file in the list to be tried.
Submitted by: Arne Henrik Juul <arnej@math.ntnu.no>
PR: 4585
levels (-O3 and above) won't remove essential code. Many thanks
to Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru> for pointing out
that it was the optimizer's removal of this code that caused make
world with -O3 to break. With this change, make buildworld now
completes.
shared library when invoking global constructors and destructors.
For constructors, the object files used to be processed from first
to last; now they're done from last to first. (Destructors are done
in the opposite order, as required by the C++ standard.) This makes
us consistent with standard gcc and egcs compilers. It also
eliminates ordering differences between dynamic and static
executables.
Bump the value of __FreeBSD_version to 400002 to reflect this
change.
C function so the compiler won't try to emit line numbers for it
with "-g", breaking the build. This has the nice side-effect of
making crtbegin.o and crtbeginS.o a little bit smaller.
Remove "-Wno-unused" from the Makefile. Replace it with "__unused"
on particular function and variable declarations.
compiling, since <stdio.h> correctly doesn't declare off_t although
the pseudo-prototypes for the new fseeko() and ftello() functions
use it. Handle this like the corresponding problem for va_list
versus the vprintf() family.
Fixed some English errors.
request for it something like it. It was poorly worded and too
far from both POSIX wording and normal (mal)practice by referring to
sysconf(_SC_NGROUPS_MAX) instead of {NGROUPS_MAX} or NGROUPS. POSIX.1
uses curly braces to mark up "symbolic constants or limits [that may
be] defined in certain headers". Since we don't document this markup,
don't use it. Just use NGROUPS_MAX.
so that non-sloppy applications can call it without using disgusting
casts to avoid warnings. The 4th arg is sort of varargs -- it must
sometimes represent a filename, sometimes a struct pointer, and is
sometimes unused. The arg type is still caddr_t in the kernel.
Obtained from: mostly from NetBSD
and SHA-1 when OBJFORMAT is not ELF. Add a warning to the man page
about how SHA-1 uses bswapl, which will trap on 80386es (and the kernel
should, but doesn't currently, emulate).
build, but broke while doing the aout legacy build). Now using
.p2align instead of .align. Fixes broken buildworld.
Submitted by: John Polstra
Reviewed by: John Polstra
- Transparent proxying support added.
- PPTP redirecting support added based on patches
contributed by Dru Nelson <dnelson@redwoodsoft.com>.
Submitted by: Charles Mott <cmott@srv.net>
the function naming problem for complex double function i've recently
aksed for in -committers. (The recently committed rev 1.5 of proc.c
was actually also part of this update.)
Should the mailing lists come to an agreement that f2c better belongs
into the ports, this could be done nevertheless. For the time being,
we've at least got a current version now.
Thanks, Steve!
Submitted by: Steve Kargl <sgk@troutmask.apl.washington.edu>
Don't insist that RAD_USER_PASSWORD is supplied before
calling rad_send_request(). Instead, insist on only one
of RAD_USER_PASSWORD and RAD_CHAP_PASSWORD.
Sponsored by: Internet Business Solutions Ltd., Switzerland
This changes the definitions of a few items so that structures are the
same whether or not the option itself is enabled. This allows
people to enable and disable the option without recompilng the world.
As the author says:
|I ran into a problem pulling out the VM_STACK option. I was aware of this
|when I first did the work, but then forgot about it. The VM_STACK stuff
|has some code changes in the i386 branch. There need to be corresponding
|changes in the alpha branch before it can come out completely.
what is done:
|
|1) Pull the VM_STACK option out of the header files it appears in. This
|really shouldn't affect anything that executes with or without the rest
|of the VM_STACK patches. The vm_map_entry will then always have one
|extra element (avail_ssize). It just won't be used if the VM_STACK
|option is not turned on.
|
|I've also pulled the option out of vm_map.c. This shouldn't harm anything,
|since the routines that are enabled as a result are not called unless
|the VM_STACK option is enabled elsewhere.
|
|2) Add what appears to be appropriate code the the alpha branch, still
|protected behind the VM_STACK switch. I don't have an alpha machine,
|so we would need to get some testers with alpha machines to try it out.
|
|Once there is some testing, we can consider making the change permanent
|for both i386 and alpha.
|
[..]
|
|Once the alpha code is adequately tested, we can pull VM_STACK out
|everywhere.
|
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
This takes the conditionals out of the code that has been tested by
various people for a while.
ps and friends (libkvm) will need a recompile as some proc structure
changes are made.
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
This man page may be overdoing the cross references by referencing
man pages that are just links to other pages that are referenced.
kvm_uread() is still completely undocumented in kvm*.3.
consider a linker set definition to be sufficient reason to pull an
object module from an archive library. This caused undefined
symbols when linking with libpam.a using a.out. I solved it by
linking in the object that references the linker set in the "ld -r"
step.
Secure Hashing Algorithm - 1 (SHA-1), along with the further
refinement of what $x$salt$hash means. With this new crypt the
following are all acceptable:
$1$
$MD5$
$SHA1$
Note: $2$ is used by OpenBSD's Blowfish, which I considered adding
as $BF$, but there is no actual need for it with SHA-1. However,
somebody wishing to add OpenBSD password support could easilly add
it in now.
There is also a malloc_crypt() available in the library now, which
behaves exactly the same as crypt(), but it uses a malloced buffer
instead of a static buffer. However, this is not standard so will
likely not be used much (at all).
Also, for those interested I did a brief speed test Pentium 166/MMX,
which shows the DES crypt to do approximately 2640 crypts a CPU second,
MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts
a CPU second.
Reviewed by: Mark Murray
of getopt (as in, multiple input lines :). This is documented in the
man page and is used in the code, but unistd.h and stand.h do not
declare it. Incidentally, it prevents me fixing a bug in loader's
code... :-)
PR: misc/9373
Submitted by: "Daniel C. Sobral" <dcs@newsguy.com>
than ".so". The old extension conflicted with well-established
naming conventions for dynamically loadable modules.
The "clean" targets continue to remove ".so" files too, to deal with
old systems.
- document that sysctl() and sysctlbyname() return 0 on success
- if the provided buffer is too small, set errno to ENOMEM and return -1
instead of returning ENOMEM.
is actually mounted on "/" can be determined using statfs() and is
in /dev. This fixes fsck operating on the wrong device when the
fs_spec entry is only an alias. The aliased case became more
dangerous when the ROOTSLICE_HUNT hack was committed in mount(8).
ROOTSLICE_HUNT may be unnecessary now.
Set_Boot_Blocks() anyway and should thus have never been a part of
libdisk, it should have been provided by the client of libdisk since
passing the information in is already part of the API.
Rename 'cerror' to '.cerror' so that programs which have a function or
global variable named 'cerror' don't completely break the syscall error
reporting mechanism.
#include <ieeefp.h>
to access these functions instead of the i386 specific
#include <machine/floatingpoint.h>
Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
Submitted by: "Richard Seaman, Jr." <lists@tar.com>
Obtained from: linux :-)
Code to allow Linux Threads to run under FreeBSD.
By default not enabled
This code is dependent on the conditional
COMPAT_LINUX_THREADS (suggested by Garret)
This is not yet a 'real' option but will be within some number of hours.
<kvm.h> is self-sufficient again.
Moved typedefs and forward struct declarations out of __BEGIN_DECLS/
__END_DECLS.
Don't comment out the prototype for kvm_uread(). This was a 4 year
old kludge for previous breakage of self-sufficiency. The prototypwe
was broken instead.
Fixed bitrot (const poisoning) in the type of kvm_uread().
Fixed order of the declaration of kvm_uread().
fixes a type mismatch in the call to kvm_uread(). The bug has gone
undetected for almost 3 years because kvm_uproc()'s protoype has been
disabled for almost 4 years.
Trust sysctlbyname() to work properly if it succeeds.
Fixed style bugs in revs. 1.19 and 1.22.
an unimprovement here. I thought it would be an improvement, as in libkvm,
but here we can access the strings directly.
Use sysctlbyname() instead of sysctl() and trust it to give a nonzero
address if it succeeds.
Brucify the Makefile.
Differentiate atime and mtime in fetch*Stat().
Fix a few pointer bugs.
Tweak some error messages.
Don't #include sys/param.h and stdio.h in fetch.h.
Document that sys/param.h and stdio.h must be #included before fetch.h.
Add bounds checking to netbios NS packet resolving code. This should
prevent natd from crashing on badly formed netbios packets (as might be
heard when the machine is sitting on a cable modem or certain DSL
networks), and also closes potential security holes that might have
exploited the lack of bounds checking in the previous version of the
code.
