pkg 1.2 is adding this support as well. This should help
lessen the confusion on why the default SRV PACKAGESITE
does not load in a browser.
Adapated from: matthew's upstream pkg change
Approved by: bapt
MFC after: 2 days
at the end of the upgrade process, after warning users to upgrade any
3rd party software (e.g., from the ports tree) which might link to the
libraries being removed.
Prior to this commit, the line
/usr/lib/libc.so|...|/lib/libc.so.7
matched the regex, which -- upgrading from 9.x to 10.x, where libc.so is
a regular file and thus was not part of a line which matched the regex --
resulted in freebsd-update thinking that /usr/lib/libc.so was a shared
library which was being removed as part of the upgrade. This had some
unfortunate consequences.
This will be part of an upcoming Errata Notice.
- Use #defines for capability bits
- Export the VTBLK_F_BLK_SIZE capability
- Fix bug in calculating capacity: it is in
512-byte units, not the underlying sector size
This allows virtio-blk to have backing devices
with non 512-byte sector sizes e.g. /dev/cd0, and
4K-block harddrives.
Reviewed by: neel
MFC after: 3 days
- order srv records by priorities
- for all entries of the same priority, order randomly respect the weight
- select the port where to fetch from respect the port provided in the SRV record
Obtained from: pkg git repo
MFC after: 3 days
- remove assumption that the backing file/device had
512-byte sectors
- fix incorrect iovec size variable that would result
in a buffer overrun when an o/s issued an i/o request
with more s/g elements than the blockif api
Reviewed by: Zhixiang Yu (zxyu.core@gmail.com)
MFC after: 3 days
the cfi(4) driver. It remained in the tree longer than would be ideal
due to the time required to bring cfi(4) to feature parity.
Sponsored by: DARPA/AFRL
MFC after: 3 days
- Allow a hostbridge to be created with AMD as a vendor.
This passes the OpenBSD check to allow the use of MSI
on a PCI bus.
- Enable the i/o interrupt section of the mptable, and
populate it with unity ISA mappings. This allows the
'legacy' IRQ mappings of the PCI serial port to be
set up. Delete unused print routine that was obscuring code.
- Use the '-W' option to enable virtio single-vector MSI
rather than an environment variable. Update the virtio
net/block drivers to query this flag when setting up
interrupts.: bhyverun.c
- Fix the arithmetic used to derive the century byte in
RTC CMOS, as well as encoding it in BCD.
Reviewed by: neel
MFC after: 3 days
Linux writes to these nominally read-only registers,
so avoid having bhyve write warning messages to stdout
when the reg writes can be safely ignored. Change the
WPRINTF to DPRINTF which is conditional.
Reviewed by: mav
Discussed with: mav, Zhixiang Yu
MFC after: 3 days
from the command line.
The option syntax is "-e <name=value>". It may be used multiple times to set
multiple environment variables.
Reviewed by: grehan
Requested by: alfred
directories last.
This is generally handled by the fact that the list of filesystem objects
is sorted, but this sorting is broken by code which moves .so files ahead
(so that they're present before any binaries which use them)... that code
also moved .so files ahead of directories, which is a problem for upgrading
to 10.0 where there's a new directory containing new .so files.
Errata Notice Candidate.
'invpcid' instruction to the guest. Currently bhyve will try to enable this
capability unconditionally if it is available.
Consolidate code in bhyve to set the capabilities so it is no longer
duplicated in BSP and AP bringup.
Add a sysctl 'vm.pmap.invpcid_works' to display whether the 'invpcid'
instruction is available.
Reviewed by: grehan
MFC after: 3 days
forking lots of processes to run echo|cut. In one test this reduced
the CPU time from 980s to 134s and the wallclock time from 806s to
132s.
Submitted by: Oleg Ginzburg
and OpenSolaris/Illumos beadm use.
Remove /usr/local and /var/db/pkg datasets. Andriy Gapon writes:
I want to note that a good implementation of BEs should support a dependent
datasets feature. Unfortunately, it seems that we do not have any good BE
implementation for FreeBSD right now. If we had, personally I'd prefer to
have /usr/local in separate filesystem.
NOTE: Until then, remove these datasets.
Discussed on: src-committers
Submitted by: Bryan Drewery <bryan@shatow.net>
Reviewed by: Allan Jude <freebsd@allanjude.com>
MFC after: 3 days
so bootpool is imported after boot:
zpool_cache_load="YES"
zpool_cache_type="/boot/zfs/zpool.cache"
zpool_cache_name="/boot/zfs/zpool.cache"
otherwise /boot is a broken symlink after the system is up.
http://lists.freebsd.org/pipermail/freebsd-fs/2013-July/017891.html
NOTE: Fix a comment while here.
Reviewed by: gjb
annoying verbose boot error of the form
g_handleattr: vtbd0 bio_length 24 len 28 -> EFAULT
The ident returned by bhyve is a text string 'BHYVE-XXXX-XXXX', where
the X's are the first bytes of the md5 hash of the backing filename.
Reviewed by: neel
Approved by: re (gjb)
mount.devfs but mounts fdescfs. The mount happens just after
mount.devfs.
- rc.d/jail now displays whole error message from jail(8) when a jail
fails to start.
Approved by: re (gjb)
services configuration and enable it by default. Committed with
slight change to menu text for length and content.
Submitted by: Allan Jude <freebsd@allanjude.com>
Approved by: re (glebius)
Patch from PR modified slightly for whitespace and style.
PR: bin/161547
Submitted by: Warren Block <wblock@wonkity.com>
Reviewed by: Allan Jude <freebsd@allanjude.com>
Approved by: re (glebius)
keymaps *and* provide a mechanism for testing the selection. With
this commit, bsdinstall is no longer dependent on kbdmap(1). The
keymap test menu was originally submitted by Warren Block but was
modified).
Submitted by: Warren Block <wblock@wonkity.com>
Reviewed by: Allan Jude <freebsd@allanjude.com>
Approved by: re (glebius)
to run interactively but it can be scripted too (optinally completely
non-interactive). Currently supports GELI and all ZFS vdev types. Also
performs validation on selections/settings providing error messages if
necessary, explaining (in plain language) what the issue is. Currently
the auto partitioning of naked disks only supports GPT and MBR (VTOC8
pending for sparc64), so is only available for i386/amd64 install.
Submitted by: Allan Jude <freebsd@allanjude.com>, myself
Reviewed by: Allan Jude <freebsd@allanjude.com>
Approved by: re (glebius)
newly installed system. This should greatly increase the amount of
entropy available when SSH host keys are generated during first boot.
Reviewed by: markm, nathanw
Approved by: re (gjb)
determining when a script wants to be nonInteractive but selectively
wants ZFS operations to be *interactive* (this is analgous to already
existing $VAR_NETINTERACTIVE (netInteractive) and f_netinteractive()
used for the same purpose (script wants to be nonInteractive but wants
network operations to be *interactive*).
Approved by: re (glebius)
if you ended up in f_dialog_*_constrain() (indirectly, of course) with a
purposefully-set NULL height, width, or rows parameter (because you didn't
care to have that attribute calculated). Fix typo in a comment while here.
Approved by: re (glebius)
command line options. The "jail_<jname>_*" rc.conf(5) variables for
per-jail configuration are automatically converted to
/var/run/jail.<jname>.conf before the jail(8) utility is invoked.
This is transparently backward compatible.
- Fix a minor bug in jail(8) which prevented it from returning false
when jail -r failed.
Approved by: re (glebius)
the 2 read-only bytes at the start of a PCI capability.
This is the sequence that OpenBSD uses when enabling
MSI interrupts, and works fine on real h/w.
In bhyve, convert the 4 byte write to a 2-byte write to
the r/w area past the first 2 r/o bytes of a capability.
Reviewed by: neel
Approved by: re@ (blanket)
throughout the bsdconfig(8) code. While we're here, add an explicit argument
to lvalue-seeking invocations of "return" that previously had no argument.
Also, consolidate a single instance of double-newline and remove some
comments that are no longer required (given increased readability with new
exit codes).
Approved by: re (glebius)
"assignment makes pointer from integer without a cast", by changing the
cmd_lst and rbis members of struct ahci_port from integers to pointers.
Also surround a pow-of-2 test expression with parentheses to clarify it,
and avoid another gcc warning.
Approved by: re (glebius)
Reviewed by: grehan, mav
rather than opt-out.
Prior to this change if the "-g" option was not specified then a listening
socket for tunneling gdb packets would be opened at port 6466. If a second
virtual machine is fired up, also without the "-g" option, then that would
fail because there is already a listener on port 6466.
After this change if a gdb tunnel port needs to be created it needs to be
explicitly specified with a "-g <portnum>" command line option.
Reviewed by: grehan@
Approved by: re@ (blanket)
Make the amd64/pmap code aware of nested page table mappings used by bhyve
guests. This allows bhyve to associate each guest with its own vmspace and
deal with nested page faults in the context of that vmspace. This also
enables features like accessed/dirty bit tracking, swapping to disk and
transparent superpage promotions of guest memory.
Guest vmspace:
Each bhyve guest has a unique vmspace to represent the physical memory
allocated to the guest. Each memory segment allocated by the guest is
mapped into the guest's address space via the 'vmspace->vm_map' and is
backed by an object of type OBJT_DEFAULT.
pmap types:
The amd64/pmap now understands two types of pmaps: PT_X86 and PT_EPT.
The PT_X86 pmap type is used by the vmspace associated with the host kernel
as well as user processes executing on the host. The PT_EPT pmap is used by
the vmspace associated with a bhyve guest.
Page Table Entries:
The EPT page table entries as mostly similar in functionality to regular
page table entries although there are some differences in terms of what
bits are used to express that functionality. For e.g. the dirty bit is
represented by bit 9 in the nested PTE as opposed to bit 6 in the regular
x86 PTE. Therefore the bitmask representing the dirty bit is now computed
at runtime based on the type of the pmap. Thus PG_M that was previously a
macro now becomes a local variable that is initialized at runtime using
'pmap_modified_bit(pmap)'.
An additional wrinkle associated with EPT mappings is that older Intel
processors don't have hardware support for tracking accessed/dirty bits in
the PTE. This means that the amd64/pmap code needs to emulate these bits to
provide proper accounting to the VM subsystem. This is achieved by using
the following mapping for EPT entries that need emulation of A/D bits:
Bit Position Interpreted By
PG_V 52 software (accessed bit emulation handler)
PG_RW 53 software (dirty bit emulation handler)
PG_A 0 hardware (aka EPT_PG_RD)
PG_M 1 hardware (aka EPT_PG_WR)
The idea to use the mapping listed above for A/D bit emulation came from
Alan Cox (alc@).
The final difference with respect to x86 PTEs is that some EPT implementations
do not support superpage mappings. This is recorded in the 'pm_flags' field
of the pmap.
TLB invalidation:
The amd64/pmap code has a number of ways to do invalidation of mappings
that may be cached in the TLB: single page, multiple pages in a range or the
entire TLB. All of these funnel into a single EPT invalidation routine called
'pmap_invalidate_ept()'. This routine bumps up the EPT generation number and
sends an IPI to the host cpus that are executing the guest's vcpus. On a
subsequent entry into the guest it will detect that the EPT has changed and
invalidate the mappings from the TLB.
Guest memory access:
Since the guest memory is no longer wired we need to hold the host physical
page that backs the guest physical page before we can access it. The helper
functions 'vm_gpa_hold()/vm_gpa_release()' are available for this purpose.
PCI passthru:
Guest's with PCI passthru devices will wire the entire guest physical address
space. The MMIO BAR associated with the passthru device is backed by a
vm_object of type OBJT_SG. An IOMMU domain is created only for guest's that
have one or more PCI passthru devices attached to them.
Limitations:
There isn't a way to map a guest physical page without execute permissions.
This is because the amd64/pmap code interprets the guest physical mappings as
user mappings since they are numerically below VM_MAXUSER_ADDRESS. Since PG_U
shares the same bit position as EPT_PG_EXECUTE all guest mappings become
automatically executable.
Thanks to Alan Cox and Konstantin Belousov for their rigorous code reviews
as well as their support and encouragement.
Thanks for John Baldwin for reviewing the use of OBJT_SG as the backing
object for pci passthru mmio regions.
Special thanks to Peter Holm for testing the patch on short notice.
Approved by: re
Discussed with: grehan
Reviewed by: alc, kib
Tested by: pho
these.
The mux-vcpus option may return at some point, given it's utility
in finding bhyve (and FreeBSD) bugs.
Approved by: re@ (blanket)
Discussed with: neel@
Sort the filenames to get a consistent result between machines of the same
architecture.
Also, sort FTS_D entries after other entries so kldxref -R works properly in
the uncommon case that a directory contains both subdirectories and modules.
Previously, this may have happened to work, depending on the order of files
in the directory.
PR: bin/182098
Submitted by: Derek Schrock (original version)
Tested by: Derek Schrock
Approved by: re (delphij)
MFC after: 1 week
https://wiki.freebsd.org/SummerOfCode2013/bhyveAHCI
This provides ICH8 SATA disk and ATAPI ports, selectable
via the bhyve slot command-line parameter:
SATA
-s <slot>,ahci-hd,<image-file>
ATAPI
-s <slot>,ahci-cd,<image-file>
Slight modifications by: grehan@
Approved by: re@ (blanket)
Obtained from: FreeBSD GSoC'13
pointed out, having additional nameservers listed in /etc/resolv.conf
can break DNSSEC verification by providing a false positive if unbound
returns SERVFAIL due to an invalid signature. The downside is that
the domain / search path won't get updated either, but we can live
with that.
Approved by: re (blanket)
Fix a bug in HTTP checking/fetching. Add Main Site to HTTP menu. Add new
example script browse_packages_http.sh and move existing example script
browse_packages.sh -> browse_packages_ftp.sh
Reviewed by: gjb, brd
Approved by: re (gjb), clusteradm (brd)
MFC after: 3 days
generates a configuration suitable for running unbound as a caching
forwarding resolver, and configures resolvconf(8) to update unbound's
list of forwarders in addition to /etc/resolv.conf. The initial list
is taken from the existing resolv.conf, which is rewritten to point to
localhost. Alternatively, a list of forwarders can be provided on the
command line.
To assist this script, add an rc.subr command called "enabled" which
does nothing except return 0 if the service is enabled and 1 if it is
not, without going through the usual checks. We should consider doing
the same for "status", which is currently pointless.
Add an rc script for unbound, called local_unbound. If there is no
configuration file, the rc script runs local-unbound-setup to generate
one.
Note that these scripts place the unbound configuration files in
/var/unbound rather than /etc/unbound. This is necessary so that
unbound can reload its configuration while chrooted. We should
probably provide symlinks in /etc.
Approved by: re (blanket)
2. Write the supervisor pid before the restart loop, so we don't
uselessly rewrite it after every child restart.
3. Remove duplicate ppfh and pfh initialization.
Approved by: re (glebius)
MFC after: 2 weeks
timer support. This should be enough for the emulation of
h/w periodic timers (and no more) e.g. some of the 8254's
more esoteric modes that happen to be used by non-FreeBSD o/s's.
Approved by: re@ (blanket)
fix for LIO (Linux target), removing possibility for the target to avoid mutual
CHAP by choosing to skip authentication altogether, and fixing truncated error
messages in iscsictl(8) output. This also fixes several of the problems found
with Coverity.
Note that this change requires world rebuild.
Coverity CID: 1088038, 1087998, 1087990, 1088004, 1088044, 1088041, 1088040
Approved by: re (blanket)
Sponsored by: FreeBSD Foundation
hrs@ provided this verison of the patch and showed me where all the needed
changes were to be made outside of gpioctl.c
Approved by: re (hrs)
MFC after: 2 weeks
pin outputs, functions and setup.
Add cross reference in gpioctl(8) for people to find.
This is by no means complete and really only covers gpioled(4) and the
Atheros based systems who expose a few extra hints at boot time.
This should be updated by developers who know more about this system than
I and viewed as the beginning of documentation, not the end.
Reviewed by: adrian
Approved by: re (joel)
MFC after: 2 weeks
that daemon can be used w/ rc.subr and ports can use the additional
functionality, such as keeping the ldap daemon up and running, and have
the proper program to signal to exit..
PR: bin/181341
Submitted by: feld
Approved by: re (glebius)
There are two different versions of the ARM ABI depending on the
TARGET_ARCH. As these are sligntly different a package built for
one may not work on another. We need to detect which one we are on
by parsing the .ARM.attributes section.
This will only work on the ARM EABI as this section is part of the
ABI definition. As armv6 only supports the ARM EABI this is not a
problem for the oabi.
Older versions of libelf in FreeBSD fail to read the
.ARM.attributes section needed. As armv6 is unsupported on these
versions we can assume we are running on arm.
Submitted by: andrew
Approved by: re (delphij)
Obtained from: pkgng git
This should be sufficient for 10.0 and will do
until forthcoming work to avoid limitations
in this area is complete.
Thanks to Bela Lubkin at tidalscale for the
headsup on the apic/cpu id/io apic ASL parameters
that are actually hex values and broke when
written as decimal when 11 vCPUs were configured.
Approved by: re@
Record the initial state earlier, so it is always safe to restore it.
One way this happens is if watch(8) is started by a user that does not have
access to /dev/snp. The result is "staircase effect" during later commands.
PR: bin/153052
MFC after: 1 week
process dies, the process descriptor will be closed and pdfork(2)ed child
will be killed, which is not the case when regular fork(2) is used.
The PROCDESC option is now part of the GENERIC kernel configuration, so we
can start depending on it.
Add UPDATING entry to inform that this option is now required and log
detailed instruction to syslog if pdfork(2) is not available:
The pdfork(2) system call is not available; recompile the kernel with options PROCDESC
Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by: Google Summer of Code 2013
in the future in a backward compatible (API and ABI) way.
The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.
The structure definition looks like this:
struct cap_rights {
uint64_t cr_rights[CAP_RIGHTS_VERSION + 2];
};
The initial CAP_RIGHTS_VERSION is 0.
The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.
The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.
To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.
#define CAP_PDKILL CAPRIGHT(1, 0x0000000000000800ULL)
We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:
#define CAP_LOOKUP CAPRIGHT(0, 0x0000000000000400ULL)
#define CAP_FCHMOD CAPRIGHT(0, 0x0000000000002000ULL)
#define CAP_FCHMODAT (CAP_FCHMOD | CAP_LOOKUP)
There is new API to manage the new cap_rights_t structure:
cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
void cap_rights_set(cap_rights_t *rights, ...);
void cap_rights_clear(cap_rights_t *rights, ...);
bool cap_rights_is_set(const cap_rights_t *rights, ...);
bool cap_rights_is_valid(const cap_rights_t *rights);
void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);
Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:
cap_rights_t rights;
cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);
There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:
#define cap_rights_set(rights, ...) \
__cap_rights_set((rights), __VA_ARGS__, 0ULL)
void __cap_rights_set(cap_rights_t *rights, ...);
Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:
cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);
Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.
This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.
Sponsored by: The FreeBSD Foundation
More concretely, periodic security scripts defaults to being
called from daily ones -- daily context -- so the mail subject
will now be "${HOST} daily security run output" instead of
"{HOST} security run output".
If you switch the period of some security checks to weekly, you
will receive another email "${HOST} weekly security run output".
terminology).
Adds command "mfiutil syspd <drive#>" to change a drive to SYSPD. Drive
will then be scanned/reported immediately as /dev/mfisyspdX by the host.
"mfiutil good <drive#>" clears SYSPD mode, remove /dev/mfisyspdX and
sets disk into UNCONFIGURED mode.
Tested on Dell H310 SAS/SATA RAID controller.
MFC after: 2 weeks
Sponsored by: Yahoo! Inc.
the prefix to the interface's prefix list. This shouldn't make a
difference, since rtadvd(8) is single-threaded, but I've seen it crash
in delete_prefix() with pfx_rainfo == NULL, and this is the only place
where a prefix can be added to the list with a NULL pfx_rainfo.
MFC after: 3 days
Notable new features:
* Elliptic Curve Digital Signature Algorithm keys and signatures in
DNSSEC are now supported per RFC 6605. [RT #21918]
* Introduces a new tool "dnssec-verify" that validates a signed zone,
checking for the correctness of signatures and NSEC/NSEC3 chains.
[RT #23673]
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
[RT #28989]
* The new "inline-signing" option, in combination with the
"auto-dnssec" option that was introduced in BIND 9.7, allows
named to sign zones completely transparently.
Approved by: delphij (mentor)
MFC after: 3 days
Sponsored by: DK Hostmaster A/S
Without the cast there is ambiguity between 0xFF and -1 (EOF).
Suggested by: jilles
Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by: Google Summer of Code 2013
- It did not work with GENERIC kernel after r250603 because
options PROCDESC was required for pdfork(2). It now just uses fork(2)
instead when this syscall is not available.
- Fix verify(). This function was broken in r250602 because the outermost
"()" was removed from the condition !(isalnum() || ispunct()).
It prevented hostnames including "-", for example.
directory on the FTP mirrors to fetch distributions, since
these are always pushed to releases/ during the release cycle.
MFC after: 3 days
X-MFC-To: stable/9, releng/9.2
being defined in <sys/diskmbr.h>. Instead give the symbols here a
"PC98_" prefix. This way, both <sys/diskmbr.h> and <sys/diskpc98.h>
can be included in the same C source file.
The renaming is trivial. The only gotcha is that DOSBBSECTOR is
also redefined from 0 to 1. This because DOSBBSECTOR was always
used in conjunction with an addition of 1. The PC98_BBSECTOR symbol
is defined as 1 and the expression is simplified.
Note: it is not believed that ports are seriously impacted; or at
all for that matter.
Approved by: nyan@
New Features
Adds a new configuration option, "check-spf"; valid values are
"warn" (default) and "ignore". When set to "warn", checks SPF
and TXT records in spf format, warning if either resource record
type occurs without a corresponding record of the other resource
record type. [RT #33355]
Adds support for Uniform Resource Identifier (URI) resource
records. [RT #23386]
Adds support for the EUI48 and EUI64 RR types. [RT #33082]
Adds support for the RFC 6742 ILNP record types (NID, LP, L32,
and L64). [RT #31836]
Feature Changes
Changes timing of when slave zones send NOTIFY messages after
loading a new copy of the zone. They now send the NOTIFY before
writing the zone data to disk. This will result in quicker
propagation of updates in multi-level server structures. [RT #27242]
"named -V" can now report a source ID string. (This is will be
of most interest to developers and troubleshooters). The source
ID for ISC's production versions of BIND is defined in the "srcid"
file in the build tree and is normally set to the most recent
git hash. [RT #31494]
Response Policy Zone performance enhancements. New "response-policy"
option "min-ns-dots". "nsip" and "nsdname" now enabled by default
with RPZ. [RT #32251]
Approved by: delphij (mentor)
Sponsored by: DK Hostmaster A/S
PF_INET6 in kernel. This fixes various malfunction when the wall time
clock is changed. Bump __FreeBSD_version to 1000041.
- Use clock_gettime(CLOCK_MONOTONIC_FAST) in userland utilities.
MFC after: 1 month
The original API calls for pow2ns, however the new APIs from
Linux call for seconds.
We need to be able to convert to/from 2^Nns to seconds in both
userland and kernel to fix this and properly compare units.
rather than NetBSD.
- Correctly set the Expiration Time in the Primary Volume Descriptor;
according to ISO 9660 8.4.26.1 unspecified date and time are denoted
by the digit 0 in RBP 1 to 16 but the number 0 in RBP 17. [1]
- Merge iso9660_rrip.c rev. 1.11 from NetBSD: name_len should be read
as unsigned byte. [2]
Note: This is according to ISO 9660 9.1.10.
- Rock Ridge TF entries should use a length of 5, because after the 4
bytes of generic SUSP header there is one byte of flags. See typedef
of ISO_RRIP_TF in iso9660_rrip.h. [1]
Submitted by: Thomas Schmitt [1]
Obtained from: NetBSD [2]
MFC after: 3 days
is picked up when defined. Previously, ffs_subr.c was always built without
support for opposite endianess as it doesn't include makefs.h on its own.
MFC after: 3 days
SVN r224656:
Add back ftp4, a new machine has taken its place. ftp2 and ftp8 are both
IPv6 capable mirrors. cvsup4/ftp4 have already been added to the handbook.
NOTE: Except put IPv6 entries in IPv6 section at the top of the list
SVN r225467:
Add ftp4.se.freebsd.org to the IPv4 and IPv6 mirror lists.
SVN r235228:
Add the IPv6 tag to ftp4.fr.freebsd.org.
NOTE: Except dup entry into IPv6 section.
SVN r243832:
- Remove snapshots.se.freebsd.org [1]
- Add ftp6.se.freebsd.org
SVN r243854:
Remove snapshots.jp.freebsd.org. It stopped working years ago.
SVN r253543:
Update mirror list to more closely match
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html
MFC after: 1 week
nfs, ftp, http, httpproxy, etc.) and f_device_get() (abstract method for
calling aforementioned f_media_get_TYPE()).
Previously, if $probe_only was present and non-NULL, the TYPE functions
would check for $file and exit with an appropriate error status (success if
the file exists and readable, failure otherwise).
While this has been retained, a pair of globals has been introduced:
$PROBE_EXIST and $PROBE_SIZE (see `/usr/share/bsdconfig/media/common.subr')
The $PROBE_EXIST global can be used where you need the functionality of
simply testing for existence (previously the _only_ functionality).
Meanwhile, the new $PROBE_SIZE global can be used to cause the TYPE function
to print the size of the file (in bytes) on standard-out (or -1) if not
found or an error occurs. NOTE: If an error occurs, it is logged with the
dprintf function, which is visible with `-d' flag or debug=1.
In many cases, where you need to get the size of a file _and_ check for its
existence, you can use the return status of a $PROBE_SIZE call.
them changed (or was removed from the tree) then portsnap would delete
that file. This happened earlier today when one of two empty port
directories was removed. Uniquifying the lists of needed files fixes
this.
9.2-RELEASE candidate.
MFC after: 3 days
an executable by-name without forking or using externals.
In a performance benchmark of 10,000 runs on circa 2006 hardware, f_which
out-performed `which' with an average completion time of ~2.5 seconds versus
~56 seconds.
This should be handy for future use (not that I make it a habit to call
`which' in a loop 10,000 times).
if it exists to determine if use_shadow is true (ON) or false (OFF).
The purpose of determining the value of use_shadow is to know how many lines
to subtract from the maximum height value in assuring that the backtitle is
not obscured.
The detriment of obscuring the backtitle is that it provides information
that is not easily obtained elsewhere. That is the command-line shortcut
used to access the current menu. As you navigate from one dialog to the
next, invariably transparently corssing module boundaries, the backtitle
represents the command-line argument used to get there. Obscuring this
information with a widget that is too-tall and/or too-wide would see that
data go unnoticed (leaving few other ways to get that information in the
same helpful context).
So despite the fact that this change reduces the standard maximum height for
all widgets, there is a trap-door to prevent this calculation. If you want
to utilize the full screen height on the terminal (remember, this adjustment
is not made for Xdialog(1)) you can set $NO_BACKTITLE to 1 (or any non-NULL
value for that matter) and this calculation will be skipped. You will be
able to draw a widget that partially obscures the backtitle if-necessary.
MFC after: 1 day
host based (kerberos service principal) initiator credentials in
the default keytab file. This option won't actually be useful until
the corresponding kernel changes are committed.
Reviewed by: jhb
stable/9 planned after MFC 3-day period. The MFC to stable/9 is desired for
the next release to get some much-needed time:
+ Living side-by-side with sysinstall for compare/contrast/transition
+ Living side-by-side with bsdinstall for integration/transition
+ Additional feedback/testing before eventual 10.0-R to make it even better
MFC after: 3 days
(packageReinstall) and UI access have been tested successfully with a
variation of different situations including:
+ Reinstall a package for which no other packages depend
+ Purposefully do thinks like reinstall a package that is not installed
+ Try to reinstall a package which other installed packages still depend
NOTE: There is no "force" used; if a package is required by other packages,
it will not be uninstalled (and therefore no reinstall is done).
(this is designed to allow new modules to be installed via ports/packages).
To prevent conflict with itself (sysutils/bsdconfig) as a port (which
installs its base modules to the above directory, it was long-ago decided
that so-called `base' modules would look different than now-defined `add-on'
modules. The structure of the contents for each is the same, but the naming
convention for the module directory must be different.
Base modules are named `[0-9][0-9][0-9].*' to allow SysV-style organization
while add-on modules must avoid this naming style and are simply listed in
alphabetical order by their module directory.
For example, a hypothetical port named `bsdconfig-jails' could install
/usr/local/libexec/bsdconfig/jails and provide `bsdconfig jails' as well as
a new menu entry in the main-menu.
Add-on modules are listed in the main-menu (when bsdconfig is executed with-
out arguments) below a separator after the last base-module.
In `bsdconfig -h' output, add-on modules are listed right alongside base
modules (sorted alphabetically in columnar fashion; left-to-right).
If a base module declares a keyword used by an add-on module, the base
module will always win when given `bsdconfig keyword' syntax.
Add-on modules should avoid declaring any keyword found in `script.subr' as
a reserved-word (`Resword') since bsdconfig also supports `bsdconfig resword'
as a fall-back if no keyword is found to be declared by any module.
Do not inherit $SYSRC_VERBOSE from operating environment. The concern is
that when a user (such as myself) which has SYSRC_VERBOSE=1 in his/her
~/.bash_profile or such that when they are told to execute a command like:
hostname `sysrc -n hostname`
NOTE: To activate a recently configured hostname.
If $SYSRC_VERBOSE is set, then POLA is violated because the output of sysrc
is indirectly influenced (making for an inconsistent experience).
that when a user (such as myself) which has SYSRC_VERBOSE=1 in his/her
~/.bash_profile or such that when they are told to execute a command like:
hostname `sysrc -n hostname`
NOTE: To activate a recently configured hostname.
If $SYSRC_VERBOSE is set, then POLA is violated because the output of sysrc
is indirectly influenced (making for an inconsistent experience).
difference between these two functions:
Usage: f_show_msg() $format_string [ $format_args ... ]
Usage: f_dialog_msgbox() $text [ $hline ]
The former lends itself well to displaying the $msg_* i18n text, prompts,
etc. While the latter is better for text you do not control (error strings
captured as a response from external commands) -- or if you have to control
the hline.
Both scripted access (packageDelete) and UI access have been tested
successfully with a variation of different situations including:
+ Uninstall a package which no other installed package depends
+ Uninstall multiple packages which no other installed packages depend
+ Uninstall multiple packages which depend on each other
+ Similar to above but when ordered removal requires tracing dependencies
+ Purposefully do things like uninstall a package that is not installed
+ Try to uninstall a package which other installed packages still depend
+ Try to uninstall multiple packages which other installed packages depend
+ And many more.
because [currently] we exit after performing requests actions -- if we
ever change this to returning to the package selection screen, this would
have made an impact).
sysinstall(8). The UI for this will come later while this exposes the
functionality to the scripted interface. Tested successfully to first
install the pcnfsd package from the `Latest' repository, and second to
configure mountd_flags="-n" in rc.conf(5).
pending). Both scripted access (packageAdd) and UI access have been tested
successfully with a variation of different situations including:
+ Install a package with no dependencies
+ Install a package with dependencies that are already installed
+ Install a package with dependencies where some are already installed
+ Repeat each of the above from FTP and local Directory
+ Purposefully do things like try to install a package that does not exist
+ Try to install a package for which a dependency could not be loaded
+ Try to install a package that is in the INDEX bot not on the media
+ And many more.
allowed to ignore the probe_only argument of its member functions solely
because in the C language, the file accessor methods open and return a file
descriptor and reading of the data is optional. In shell, the file accessor
methods return data on stdout and that data should not be ignored (large
files could block execution).
So, we must adhere to the probe_only flags and in some cases (in the case of
FTP, for example) change the `get' strategy to simply test existence and
return an appropriate status.
This was required because the up-coming package management stuff makes heavy
use of the probe_only argument to try different package suffixes. Every
media access module must implement $probe_only for the `get' accessor.
users to set the MAC address for a device.
Clean up some obsolete code in pci_virtio_net.c
Allow an error return from a PCI device emulation's init routine
to be propagated all the way back to the top-level and result in
the process exiting.
Submitted by: Dinakar Medavaram dinnu sun at gmail (original version)
capabilities.
rwhod(8) receiver can now only receive packages, write to /var/rwho/ directory
and log to syslog.
Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by: Google Summer of Code 2013
Reviewed by: pjd
MFC after: 1 month
which is very bad idea. Split sending and receiving in two processes,
which fixes this problem and will help to sandbox rwhod.
Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by: Google Summer of Code 2013
Reviewed by: pjd
MFC after: 1 month
identify the client to the server. As such, NFSv4 mounts
will break if host_enable="NO" is specified.
This is a content change.
Suggested by: lars@netapp.com
MFC after: 3 days
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.
He is no longer involved with the FreeBSD project.
While here: remove "no known bugs" and related. This isn't present in other manual pages.
PR: docs/179914
to use DES and the associated old style GSS initialization token.
This appears to be required for some non-FreeBSD servers to
get a kerberized NFS mount to work. Also, ignore some signals when daemonized,
which might fix the gssd from "disappearing" without leaving a core dump.
Given the tight timeframe for the FreeBSD9.2 release, I have
committed this while waiting for code review. I will commit
changes recommended by the review in a separate commit.
Reviewed by: dfr (pending)
MFC after: 10 days
because long URLs do not induce extra height despite wrapping by dialog(1).
NOTE: For even longer lines, the cursor up/down keys work to scroll through
Add support for installation directly via HTTP.
While we're here, remove the menu-item for Passive FTP (since moving to
ftp(1) and switching FTPMODE to `auto' by default -- see r251613 -- the
single remaining FTP menu-item works for both ftp.f.o and ftp-archive.f.o;
previously each requiring separately active versus passive both work with
the `auto' setting). In scripting you still have mediaSetFTPActive and
mediaSetFTPPassive but the remaining FTP menu-item uses mediaSetFTP which
defaults to `auto' (aforementioned SVN r251613).
exists on the FTP server. This now means that when you specify a full-path
to the repository on the FTP server that it doesn't matter whether you have
a trailing `/' or not.