- new EV_SET macro,
- NOTE_LOWAT option for low water marks on read/write filters,
- NOTE_REVOKE for filesystem unmounting (and revoke() calls)
- improved API for EVFILT_AIO
to be the same as -ragged in the current implementation) to
-ragged. With mdocNG, -filled displays produce the correct
output, formatted and justified to both margins.
and treating (almost) all system calls the same way:
__sys_foo - actual syscall
foo, _foo - weak definitions to __sys_foo
Change PSEUDO syscalls (currently only _exit and _getlogin) to
be __sys_foo (T) and _foo (W).
Add $FreeBSD$ to a few files to satisfy commitprep.
Suggested by: bde
adding (weak definitions to) stubs for some of the pthread
functions. If the threads library is linked in, the real
pthread functions will pulled in.
Use the following convention for system calls wrapped by the
threads library:
__sys_foo - actual system call
_foo - weak definition to __sys_foo
foo - weak definition to __sys_foo
Change all libc uses of system calls wrapped by the threads
library from foo to _foo. In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde). All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes. <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.
Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE. We have recursive mutexes, but would like to avoid
using them if possible.
Remove uneeded includes of <errno.h> from a few files.
Add $FreeBSD$ to a few files in order to pass commitprep.
Approved by: -arch
interface was based on a draft version of POSIX whereas the final
(1996) version of POSIX specified that the error is returned.
While I'm here, fix getlogin_r so that it works for more than just
the first time it's called.
Reviewed by: wes, wollman (man page)
in <sys/signal.h>.
This might be a shortterm fix until the manpage is updated towards
POSIX terminology. And maybe not...
PR: 21542
Submitted by: Ronald F. Guilmette <rfg@monkeys.com>
Add references to the newly added hardware debug register
support functions i386_clr_watch(3) and i386_set_watch(3).
Reviewed by: Sean Eric Fagan <sef@kithrup.com>
and no other response to the review request.
right now...
I talked w/ phk last night and "fixing" this in a generic way is going
to require a lot of complex thought on stacking let alone the NFS problems..
add missing sys/time.h for struct timespec def...
. use real function names as `.Nm' macro argument in NAME section. It allows
them to appear in apropos(1) or whatis(1) output.
. replace empty lines with `.Pp' macro.
. replace hardcoded standard names with their `.St' macro equivalents.
. sort cross references in SEE ALSO section
This
This feature allows you to specify if mmap'd data is included in
an application's corefile.
Change the type of eflags in struct vm_map_entry from u_char to
vm_eflags_t (an unsigned int).
Reviewed by: dillon,jdp,alfred
Approved by: jkh
run out of KVM through a mmap()/fork() bomb that allocates hundreds
of thousands of vm_map_entry structures.
Add panic to make null-pointer dereference crash a little more verbose.
Add a new sysctl, vm.max_proc_mmap, which specifies the maximum number
of mmap()'d spaces (discrete vm_map_entry's in the process). The value
defaults to around 9000 for a 128MB machine. The test is scaled for the
number of processes sharing a vmspace (aka linux threads). Setting
the value to 0 disables the feature.
PR: kern/16573
Approved by: jkh
madvise().
This feature prevents the update daemon from gratuitously flushing
dirty pages associated with a mapped file-backed region of memory. The
system pager will still page the memory as necessary and the VM system
will still be fully coherent with the filesystem. Modifications made
by other means to the same area of memory, for example by write(), are
unaffected. The feature works on a page-granularity basis.
MAP_NOSYNC allows one to use mmap() to share memory between processes
without incuring any significant filesystem overhead, putting it in
the same performance category as SysV Shared memory and anonymous memory.
Reviewed by: julian, alc, dg
with NetBSD and the Single Unix Specification v2.
This updates some structures with other, almost equivalent types and
effort is under way to get the whole more consistent.
Also removes a double definition of INET6 and some other clean-ups.
Reviewed by: green, bde, phk
Some part obtained from: NetBSD, SUSv2 specification
the code, which seems to implement the POSIX requirements, and
have described the behavior here. Basically, it behaves the same
as select(2).
Noticed by: John Polstra
Style and punctuation errors fixes.
ERRORS section included to RETURN VALUES because it's
describing return values instead of errors and their handling.
Reviewed by: mpp
- Sort xrefs
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlines in mdoc(7)
- Other misc mdoc cleanup.
PR: doc/13144
Submitted by: Alexy M. Zelkin <phantom@cris.net>
Removed POSIX.1/NetBSD markup (braces) for NAME_MAX, etc. We don't
define this. Most FreeBSD man pages hard-code the limits; in fact,
utimes.2 recently became the only file in libc/sys/*.2 that mentions
NAME_MAX. There probably should be mandoc macros for this.
Text is a compromise based on messages from Wes Peters, Ville-Pertti
Keinonen, and Matt Dillon.
PR: docs/10512
Submitted by: Howard Goldstein <hgoldst@mpcs.com>
Note: you need to install the current groff tmac macros for these
man pages to format correctly. Specifically, rev 1.21 of
contrib_groff/tmac/doc-syms in -current, or rev 1.17.24 for 3.2-stable
track.
The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
Unlike other filesystem objects, symbolic links do not have an owner,
group, access mode, times, etc. Instead, these attributes are taken from
the directory that contains the link. The only attributes returned from
an lstat() that refer to the symbolic link itself are the file type
(S_IFLNK), size, blocks, and link count (always 1).
This is bogus, and disagrees with the implementation and symlink(7).
Removed it.
PR: docs/10269
Submitted by: Tolik <tolik@sibptus.tomsk.ru>
kern.chroot_allow_open_directories = 0
chroot(2) fails if there are open directories.
kern.chroot_allow_open_directories = 1 (default)
chroot(2) fails if there are open directories and the process
is subject of a previous chroot(2).
kern.chroot_allow_open_directories = anything else
filedescriptors are not checked. (old behaviour).
I'm very interested in reports about software which breaks when
running with the default setting.
request for it something like it. It was poorly worded and too
far from both POSIX wording and normal (mal)practice by referring to
sysconf(_SC_NGROUPS_MAX) instead of {NGROUPS_MAX} or NGROUPS. POSIX.1
uses curly braces to mark up "symbolic constants or limits [that may
be] defined in certain headers". Since we don't document this markup,
don't use it. Just use NGROUPS_MAX.
so that non-sloppy applications can call it without using disgusting
casts to avoid warnings. The 4th arg is sort of varargs -- it must
sometimes represent a filename, sometimes a struct pointer, and is
sometimes unused. The arg type is still caddr_t in the kernel.
Obtained from: mostly from NetBSD
This changes the definitions of a few items so that structures are the
same whether or not the option itself is enabled. This allows
people to enable and disable the option without recompilng the world.
As the author says:
|I ran into a problem pulling out the VM_STACK option. I was aware of this
|when I first did the work, but then forgot about it. The VM_STACK stuff
|has some code changes in the i386 branch. There need to be corresponding
|changes in the alpha branch before it can come out completely.
what is done:
|
|1) Pull the VM_STACK option out of the header files it appears in. This
|really shouldn't affect anything that executes with or without the rest
|of the VM_STACK patches. The vm_map_entry will then always have one
|extra element (avail_ssize). It just won't be used if the VM_STACK
|option is not turned on.
|
|I've also pulled the option out of vm_map.c. This shouldn't harm anything,
|since the routines that are enabled as a result are not called unless
|the VM_STACK option is enabled elsewhere.
|
|2) Add what appears to be appropriate code the the alpha branch, still
|protected behind the VM_STACK switch. I don't have an alpha machine,
|so we would need to get some testers with alpha machines to try it out.
|
|Once there is some testing, we can consider making the change permanent
|for both i386 and alpha.
|
[..]
|
|Once the alpha code is adequately tested, we can pull VM_STACK out
|everywhere.
|
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
This takes the conditionals out of the code that has been tested by
various people for a while.
ps and friends (libkvm) will need a recompile as some proc structure
changes are made.
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
