69173 Commits

Author SHA1 Message Date
Jun Kuriyama
a8131f63ea MFen (1.264 --> 1.265).
Refine translation (by y-koga@jp).
2002-01-23 00:46:49 +00:00
David Greenman
2e4bf827e5 Undo the work-around for the sendfile bug where nbytes needed the hdr/trl
size added to it in order for it to work properly when nbytes != 0.

Reviewed by:	alfred
MFC after:	3 days
2002-01-22 23:35:09 +00:00
Ian Dowse
673158816b The mode of files created by ctm_rmail was always 0600, even if the
umask was less restrictive. This was caused by the use of mkstemp()
which internally passes a mode of 0600 to open(). Fix this by
explicitly chmod'ing the files to (0666 & ~umask).

PR:		bin/16119
Submitted by:	Sascha Blank <blank@uni-trier.de>
2002-01-22 22:54:52 +00:00
Archie Cobbs
be44fce4fa Add ngctl "write" command.
MFC after:	1 week
2002-01-22 22:01:25 +00:00
Brian Feldman
87e55280fa Remove bogus _POSIX_ACL_PATH_MAX definition. 2002-01-22 21:33:12 +00:00
Jens Schweikhardt
8f2087fb45 Fix a typo and fix indenting for struct sockaddr to match other structs.
No content changes.
MFC after:	3 weeks
2002-01-22 21:26:15 +00:00
Maxim Sobolev
65ab9c78a3 Don't use `you'.
Submitted by:	ru
2002-01-22 21:11:18 +00:00
Andrey A. Chernov
ff7448f849 Restore C99 standard conformance information, isblank() _is_ in final
standard document

Pointed by: "Jacques A. Vidrine" <n@nectar.cc>
2002-01-22 20:14:35 +00:00
Philippe Charnier
57906e00c6 Show arguments of command line options
Reviewed by:	ru
2002-01-22 19:49:48 +00:00
Jonathan Lemon
d9b7cc1c8d The ENDPTS_EQ macro was comparing the one of the fports to itself. Fix.
Submitted by: emy@boostworks.com
2002-01-22 17:54:28 +00:00
Jonathan Lemon
a1a9c8f7e6 Initialize the sysctl_ctx list early, which avoids a panic in case other
allocatiosn fail and fxp_release() is called.
2002-01-22 17:51:44 +00:00
David Greenman
81c9105585 Null commit - the previous log message should have read:
Fixed bug in calculation of amount of file sent when nbytes !=0 and
  headers or trailers are supplied. Reported by Vladislav Shabanov
  <vs@rambler-co.ru>.
2002-01-22 17:38:58 +00:00
Mark Murray
5567b258eb Use the proper type (gid_t) for (group)->gr_gid to be orthogonal
with uid_t usage and (user)->pw_uid.

PR:		3242
2002-01-22 17:32:53 +00:00
David Greenman
7228268aaa Fixed bug in calculation of amount of file to send when nbytes !=0 and
headers or trailers are supplied. Reported by Vladislav Shabanov
<vs@rambler-co.ru>.

PR:		33771
Submitted by:	Maxim Konovalov <maxim@macomnet.ru>
MFC after:	3 days
2002-01-22 17:32:10 +00:00
Hajimu UMEMOTO
fc50a44458 Do not taint ::/124 for localhost reverse table. 2002-01-22 17:22:41 +00:00
Ruslan Ermilov
322628519e Reincarnate SETUID code in man(1), not compiled in by default.
The code will be fixed for all known security vulnerabilities,
and a make.conf(5) knob (ENABLE_SUID_MAN) will be provided for
those who still want it installed setuid for whatever reasons.
2002-01-22 15:15:38 +00:00
Ruslan Ermilov
93dee74a5d Revert revision 1.57 -- ache@ axed /var/spool/uucp in BSD.var.dist,v 1.55. 2002-01-22 14:55:25 +00:00
Ruslan Ermilov
0dc5e09ec6 Fix the description of the O_NONBLOCK flag to match reality.
Prodded by:	Maxim Konovalov <maxim@macomnet.ru>
Obtained from:	BSD/OS
2002-01-22 14:18:55 +00:00
Ruslan Ermilov
0c7f152b7b Fix a typo I made in revision 1.5.
Submitted by:	trevor
2002-01-22 12:38:43 +00:00
Poul-Henning Kamp
1a25c86b3b In certain cases sbuf_printf() and sbuf_vprintf() could mistakely
make extendable sbufs as overflowed.

Approved by:	des
2002-01-22 11:22:55 +00:00
Joerg Wunsch
7109d65231 Mention that a minimal version of camcontrol(8) is now available in the
installation environment (currently only for i386 releases).
2002-01-22 11:13:43 +00:00
Giorgos Keramidas
686c8fdcab Tiny style change. Whitespace only change.
Use tab after #define ENOTSUP.

Reviewed by:	mike
2002-01-22 10:44:40 +00:00
Ruslan Ermilov
6dd5958b99 Finish cleanup in chroot.c CSRG revision 5.6 by Keith Bostic
(never installed setuid, so don't need to reset the uid).

PR:		bin/34159
2002-01-22 10:44:02 +00:00
Ruslan Ermilov
fe42e96eff Finish cleanup in kvm.c revisions 1.10 and 1.11 -- mark sf (swapfile)
argument to kvm_open() and kvm_openfiles() as unused.

BSD didn't read swap since kvm.c CSRG revision 5.21 (u-area is pageable
under new VM.  no need to read from swap.)

The old !NEWVM code was removed in CSRG revision 5.23 (~ten years ago).
2002-01-22 10:07:03 +00:00
Kirk McKusick
03a2057a5b This patch fixes a long standing complaint with soft updates in
which small and/or nearly full filesystems would fail with `file
system full' messages when trying to replace a number of existing
files (for example during a system installation). When the allocation
routines are about to fail with a file system full condition, they
make a call to softdep_request_cleanup() which attempts to accelerate
the flushing of pending deletion requests in an effort to free up
space. In the face of filesystem I/O requests that exceed the
available disk transfer capacity, the cleanup request could take
an unbounded amount of time. Thus, the softdep_request_cleanup()
routine will only try for tickdelay seconds (default 2 seconds)
before giving up and returning a filesystem full error. Under typical
conditions, the softdep_request_cleanup() routine is able to free
up space in under fifty milliseconds.
2002-01-22 06:17:22 +00:00
Jun Kuriyama
5c4132e9a0 MFen (1.263 --> 1.264).
Fix typo.
2002-01-22 06:04:46 +00:00
Bruce A. Mah
1b11aef2ba hw.physmem is more properly a loader tunable, not an environment
variable (which is ambiguous).

Submitted by:	dwhite
2002-01-22 05:21:21 +00:00
Mike Barcroft
e1bc822ebe o Remove the -V [version number] option, since our version of at(1) no
longer resembles the original.
o Remove references to `you' in the manual.

Submitted by:	Joe Halpin <joe.halpin@attbi.com>
2002-01-22 03:04:15 +00:00
Andrew Gallatin
500c14f6af Don't read the sigcontext pointer directly from userspace. If the process
is swapped out, this can cause a system panic.  Copy it in, instead

tested by: Bernd Walter <ticso@cicely8.cicely.de>
2002-01-22 02:40:39 +00:00
Peter Wemm
755a585260 List bit 18 (reserved, apparently present on thunderbird cpus)
and bit 19 (athlon XP/MP rev 0x662 and later) for amd_features.

Submitted by:  dwcjr
2002-01-22 01:28:32 +00:00
Andrey A. Chernov
ee6ebaaa18 The idea of mapping non-existen characters to space (0x20) was nice alone,
but those maps also used as backward maps for Paste, so space becomes mapped
to last non-existen character on Paste as result.

Fix it by mapping non-existen characters to another non-existen one, i.e. to
0x00, so unused 0x00 can be backward-mapped to some junk without real harm.

Pointed by:	Alexander Kabaev <ak03@gte.com>
2002-01-21 21:52:02 +00:00
Poul-Henning Kamp
3ca627fefa Gah! last commit botched indentation, fix indentation and some other
white-space nits while at it.
2002-01-21 20:57:03 +00:00
Poul-Henning Kamp
b4a4f93c5e Restructure slightly, eliminating some repetitive source lines and
making GEOM patches simpler and more readable at the same time.
2002-01-21 20:50:06 +00:00
Dag-Erling Smørgrav
1e22a4f048 Link pam_opieaccess, pam_self and pam_ssh into the static library.
Sponsored by:	DARPA, NAI Labs
2002-01-21 20:43:01 +00:00
Dag-Erling Smørgrav
78eab69072 Add the necessary dependencies and linker flags for linking with a
static PAM library that includes pam_ssh.

Sponsored by:	DARPA, NAI Labs
2002-01-21 20:42:25 +00:00
Ollivier Robert
a6f7ec3ba2 Correct typos and macro usage.
PR:		33179, 33181, 33295
Submitted by:	Norihiro Kumagai <kumagai@attbi.com>
Reviewed by:	sheldonh (MAINTAINER)
MFC after:	2 days
2002-01-21 20:12:02 +00:00
Hajimu UMEMOTO
a4a6e77341 - Check the address family of the destination cached in a PCB.
- Clear the cached destination before getting another cached route.
  Otherwise, garbage in the padding space (which might be filled in if it was
  used for IPv4) could annoy rtalloc.

Obtained from:	KAME
2002-01-21 20:04:22 +00:00
Hajimu UMEMOTO
54c1b8821b - Check the address family of a cached destination, in case of
sharing the cache with IPv4.
- Check if the cached route is up in in6_selectsrc().

Obtained from:	KAME
2002-01-21 20:02:36 +00:00
Andrey A. Chernov
f650a12484 Remove my workaround fallback since PAM now do it properly. 2002-01-21 19:07:15 +00:00
Dag-Erling Smørgrav
b0aa095ad0 On second thought, getpwnam() failure should be treated just as if the user
existed, but had no OPIE key, i.e. PAM_IGNORE.

Pointed out by:	ache
Sponsored by:	DARPA, NAI Labs
2002-01-21 19:05:45 +00:00
Dag-Erling Smørgrav
b4b56d051a Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.

Sponsored by:	DARPA, NAI Labs
2002-01-21 18:53:03 +00:00
Dag-Erling Smørgrav
ae739ec469 Enable OPIE by default, using the no_fake_prompts option to hide it from
users who don't wish to use it.  If the admin is worried about leaking
information about which users exist and which have OPIE enabled, the
no_fake_prompts option can simply be removed.

Also insert the appropriate pam_opieaccess lines after pam_opie to break
the chain in case the user is logging in from an untrusted host, or has a
.opiealways file.  The entire opieaccess / opiealways concept is slightly
unpammish, but admins familiar with OPIE will expect it to work.

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:51:24 +00:00
Dag-Erling Smørgrav
03adba96a0 Further changes to allow enabling pam_opie(8) by default:
- Ignore the {try,use}_first_pass options by clearing PAM_AUTHTOK before
   challenging the user.  These options are meaningless for pam_opie(8)
   since the user can't possibly know the right response before she sees
   the challenge.

 - Introduce the no_fake_prompts option.  If this option is set, pam_opie(8)
   will fail - rather than present a bogus challenge - if the target user
   does not have an OPIE key.  With this option, users who haven't set up
   OPIE won't have to wonder what that "weird otp-md5 s**t" means :)

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:46:25 +00:00
Dag-Erling Smørgrav
f2c44ccec8 When running on a local terminal, set PAM_RHOST to the local hostname.
Sponsored by:	DARPA, NAI Labs
2002-01-21 16:19:38 +00:00
Ruslan Ermilov
8c3f5566ae RFC1122 requires that addresses of the form { 127, <any> } MUST NOT
appear outside a host.

PR:		30792, 33996
Obtained from:	ip_input.c
MFC after:	1 week
2002-01-21 13:59:42 +00:00
Dag-Erling Smørgrav
f460490260 Add a new module, pam_opieaccess(8), which is responsible for checking
/etc/opieaccess and ~/.opiealways so we can decide what to do after
pam_opie(8) fails.

Sponsored by:	DARPA, NAI Labs
Reviewed by:	ache, markm
2002-01-21 13:43:53 +00:00
Mike Pritchard
5ecd6127b9 Ispell sweep of share/man/man4/man4.i386. 2002-01-21 12:36:12 +00:00
Mike Pritchard
f87717fa8b Ispell sweep of share/man/man4. 2002-01-21 12:09:13 +00:00
Mike Pritchard
51d31ec2d8 Fix a typo in a comment field. 2002-01-21 11:10:32 +00:00
Mike Pritchard
8edd27f18f Fix spelling errors. 2002-01-21 10:28:18 +00:00