Approved by: jkh
Write kern_securelevel_enable variable to rc.conf if user selects
medium or low security in sysinstall. This overrides the case where a
user selects fascist security and then tries to go back to a lower
setting.
a default. This should prevent people from whacking return at
the Distributions menu and getting nothing selected as a result
(a minimal "standard" system will at least install).
Flagged as big tech support headache by: Chris Shumway <cshumway@osd.bsdi.com>
The new format is:
filename {changed,missing,extra}
$field expected $foo found $bar
...
Fix various bugs along the way:
Don't complain about directory sizes differing.
Correctly check flags.
support which use National Semiconductor DP8393X (SONIC) as ethernet
controller. Currently, this driver is used on only PC-98.
Submitted by: Motomichi Matsuzaki <mzaki@e-mail.ne.jp>
Obtained from: NetBSD/pc98
OsdSleepUsec(), SleepOp corresponds to OsdSleep() by reading ACPICA
source code.
- Add OsdSleepUsec() which uses DELAY() simply.
- Change unit of acpi_sleep() argument; microseconds to milliseconds.
#include <sys/mbuf.h>. (which #include's <machine/mutex.h> and then
<sys/proc.h> and then <sys/callout.h>, leading to the collision).
<sys/mbuf.h> is really one of those 'no user servicable parts inside'
things.
- If resource which was allocated for pcic was
requested via this ioctl, bus_alloc_resource
would be succeeded and that resource was
returned as free resource. So check whether
requested resource was used for pcic or not
before bus_alloc_resource test.
- merge SYS_RES_IRQ routine into other SYS_RES_*
routine and clean up.
problem reported by: Yohei Terada <terada@jiro.c.u-tokyo.ac.jp>
that it's enabled in acpireg.h only if DIAGNOSTIC option is specified.
ACPICA OSD functions will be compiled in machine/acpi_machdep.c again
tentatively (if DIAGNOSTIC option is specified).
# Should we have acpica_osd.c ?
avoid power on again problem after acpi_soft_off() calling.
- Implement SleepOp/StallOp in AML interpreter. Also provide ACPICA
compatibility.
- Minor changes on __inline function declaration in acpica_osd.h
(obtained from NetBSD porting).
- Move all register I/O into acpi_io.c
- Move event handling into acpi_event.c
- Reorganise headers into acpivar/acpireg/acpiio
- Move find-RSDT and find-ACPI-owned-memory into acpi_machdep
- Allocate all resources (except those detailed only by AML)
as real resources. Add infrastructure that will make adding
resource support to AML code easy.
- Remove all ACPI #ifdefs in non-ACPI code
- Removed unnecessary includes
- Minor style and commenting fixes
Reviewed by: iwasaki
appropriate(?) defaults for "low", "medium" and "high" security
environments. Medium is basically what we currently have with a little
seat-belt tightening where it made sense. Low is the same as medium but
without the tightening. High is positively fascist with nothing turned
on by default and an automatic call to 911 if it can find a modem.
really doesn't make any sense, what was I smoking) and allow
the more canonical usage of "any" for either side of the comparison
for release name or architecture (meaning you can also set CD_VERSION=any
in a cdrom.inf file to cause sysinstall to always match it and likewise
with the architecture, if specified).
Sensibly suggested by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>
Also remove unneeded includes in aml_obj.c and aml_parse.c.
This new function takes 'struct aml_name *' as a argument rather than
'char *' where aml_invoke_method_by_name() does. It's worth to have
these two interfaces in many cases.
Previously, these cards were supported by the lnc driver (and they
still are, but the pcn driver will claim them first), which is fine
except the lnc driver runs them in 16-bit LANCE compatibility mode.
The pcn driver runs these chips in 32-bit mode and uses the RX alignment
feature to achieve zero-copy receive. (Which puts it in the same
class as the xl, fxp and tl chipsets.) This driver is also MI, so it
will work on the x86 and alpha platforms. (The lnc driver is still
needed to support non-PCI cards. At some point, I'll need to newbusify
it so that it too will me MI.)
The Am79c978 HomePNA adapter is also supported.
of AML interpreter.
- Delete and cleanup a lot of almost duplicated code in kernel/userland.
- Add new common functions for kernel/userland code.
aml_adjust_readvalue(), aml_adjust_updatevalue(),
aml_region_handle_alloc(), aml_region_handle_free() and
aml_region_io().
- Add primitive functions for both versions of kernel/userland in order to
have shared code as much as possible.
aml_region_read_simple(), aml_region_write_simple(),
aml_region_prompt_read(), aml_region_prompt_write() and
aml_region_prompt_update_value().
- Consider update rule and access type in field flags. Also add a lot of
definitions for the flags.
- Fix bugs on bit manipulation for read/write operations.
- Fix bugs on IndexField I/O part. Also add workaround for temporary
object corruption during StoreOp interpretation.
so that we don't see any more ``null message body, hope that's
ok'' messages.
We now see something like ``No output from the 3 files processed''.
Lump all output for a given periodic argument together so that
people with /usr/local/etc/periodic/daily (for example) will
get the output of those jobs together with the normal daily run
rather than getting a second email.
Prompted by: ben
the exact relationship between an installed package and its
corresponding entry in the index file can't be determined.
Submitted by: Mark Ovens <marko@freebsd.org>
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8). Output may be masked based on variable values in
periodic.conf.
It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.
The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).
PR: 21250
the existing attribute file rather than aborting with an error.
o Useful if you want to reset the state of attributes on the system without
allocating different disk blocks through deletion and recreation,
for example, if you're doing benchmarks of extended attribute code. :-)
Obtained from: TrustedBSD Project
introduced by version 1.349 of ports/Mk/bsd.port.mk and originally
submitted by kris.
In particular, it understands the $PORTREVISION (FreeBSD-specific changes
or patches to a port) and $PORTEPOCH (for re-sorting version numbers
when not used or when broken).
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
attribute namespace and DAC protection on file:
- Attribute names beginning with '$' are in the system namespace
- The attribute name "$" is reserved
- System namespace attributes may only be read/set by suser()
or by kernel (cred == NULL)
- Other attribute names are in the application namespace
- The attribute name "" is reserved
- Application namespace attributes are protected in the manner
of the target file permission
o Kernel changes
- Add ufs_extattr_valid_attrname() to check whether the requested
attribute "set" or "enable" is appropriate (i.e., non-reserved)
- Modify ufs_extattr_credcheck() to accept target file vnode, not
to take inode uid
- Modify ufs_extattr_credcheck() to check namespace, then enforce
either kernel/suser for system namespace, or vaccess() for
application namespace
o EA backing file format changes
- Remove permission fields from extended attribute backing file
header
- Bump extended attribute backing file header version to 3
o Update extattrctl.c and extattrctl.8
- Remove now deprecated -r and -w arguments to initattr, as
permissions are now implicit
- (unrelated) fix error reporting and unlinking during failed
initattr to remove duplicate/inaccurate error messages, and to
only unlink if the failure wasn't in the backing file open()
Obtained from: TrustedBSD Project
- The "Osd*" stuff went away from acpi driver code, use the bus_space
functions directly instead.
- Fix minor english bugs.
acpi_registers_input -> acpi_register_input
acpi_registers_output -> acpi_register_output
- Remove all magic numbers for the sleeping states. We now have
#defines for these.
- NULL is treated the same as the return from aml_get_rootname in
aml_find_from_namespace().
Suggested by: msmith
Thanks mike!
When we use PC-Card as install media, it is a patch
to tell with beep about whether we were able to
recognize it well.
Reviewed by: jkh, imp
Tested by: Kenji Yamada <kyamada@ISI.EDU>
statistics as a side effect.
Submitted by: Marcin Cieslak <saper@system.pl>
with some tweaks to RAD_ACCT_SESSION_ID and
RAD_ACCT_MULTI_SESSION_ID generation by me.
that is not true. Instead of looping NGROUPS times, get the return value
from getgroups() and loop over the return that many times.
Noticed by: David A. Holland <dholland@eecs.harvard.edu>
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
isn't open and the links MRU >= our MRRU, send outbound traffic as
PROTO_IP rather than PROTO_MP. This shaves some bytes off the front
of each packet 'till the second link is brought up.
Idea obtained from: Cisco
of the two when calculating the MP throughput average for the ``set
autoload'' implementation.
This makes more sense as all links I know of are full-duplex. This
also means that people may need to adjust their autoload settings
as 100% bandwidth is now the theoretical maximum rather than 200%
(but of course, halfing the current settings is probably not the
correct answer either!).
This involves a ppp version bump as we need to pass an extra
throughput array through the MP local domain socket.
- use getopt(3) to parse command line arguments instead of home-made incomplete
parser;
- be more verbose when error in command line encountered (i.e. incorrect
playing/recording device, incorrect recsrc syntax).
cumulative total of all active links rather than basing it on the
total of PROTO_MP traffic.
This fixes a problem whereby Cisco routers send PROTO_IP packets only
when there's only one link (hmm, what a good idea!).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
page.
Add ability to run "inetd -R 0" to disable the default connection
per minute limit of 256 connections. Document this in man page.
Don't use maxchild as a boolean - instead check if it is greater
than zero.
Reviewed by: sheldonh
Based on a patch by: Alexander Langer <alex@big.endian.de>
Remove extra parens from my host selection commit.
Add white space after if, while, for and switch.
Get rid of braces around a single statement if.
There should be no functional changes in this commit.
Reviewed by: sheldonh
Make sysinstall override this on install, so the effective behavioural
change for a newly installed system is null. Overall, this makes a system
with an empty /etc/rc.conf not run any network services, and makes the
FreeBSD-provided network services that are running visible in /etc/rc.conf
(instead of making people look through /etc/defaults/rc.conf to find the
things they need to disable to secure the system.)
Reviewed by: jhb
Discussed with: The usual cabal
The regulations has been changed to adopt 802.11b since Oct. 99.
For 11Mbps NICs sold in Japan, all DS channels (1..14) are available.
Thank you, itojun.
Obtained from: NetBSD:basesrc/usr.sbin/wiconfig/wiconfig.8 Rev.1.5 ->1.6
Now, if a release is specified, instead of just looking for a directory
with the same name as the release, try several possible directories (each
suffixed with the release name) relative to the base directory including
".", "releases/MACHINE", "snapshots/MACHINE", and each of those prefixed
with "pub/FreeBSD/". This will allow us to remove the evil symlinks under
pub/FreeBSD/releases/MACHINE/ to the snapshots on the ftp site.
