Commit Graph

117989 Commits

Author SHA1 Message Date
pjd
45a889ae7c Use pidfile(3) in cron(8).
Note, that when cron(8) cannot create pidfile, it'll exit. I didn't
changed this behaviour, but its better to ignore errors other than
EEXIST, so daemon can be started on systems where /var/ file system
doesn't support locking (like NFS without rpc.lockd(8)).
2005-08-24 17:51:36 +00:00
wilko
ca93f2e965 About life 2005-08-24 17:45:09 +00:00
pjd
6de559363a Add '-P' option which allows to specify pidfile. 2005-08-24 17:32:41 +00:00
pjd
276e85f997 Use pidfile(3) in moused(8). 2005-08-24 17:27:06 +00:00
pjd
ce60c894bc Use pidfile(3) in syslogd(8). 2005-08-24 17:26:26 +00:00
pjd
e8bb52f26c Teach daemon(8) how to use pidfile(3). 2005-08-24 17:24:39 +00:00
pjd
a5fe3401b9 Add a family of functions for reliable pidfiles handling.
Idea from:	jmg
Discussed on:	arch@
2005-08-24 17:21:38 +00:00
yar
473f777e4d Stop hard-coding an -M flag to mdmfs(8) in /etc/rc.subr.
Now this flag can be set, or not set, for memory-backed
file systems on individual basis, as illustrated by the
rc.conf(5) variables tmpmfs_flags and varmfs_flags.  The
flag is set for those FS'en by default, in /etc/defaults/rc.conf,
in order to stay compatible with the old rc.subr behaviour.

Submitted by:	marck
MFC after:	3 days
2005-08-24 16:25:47 +00:00
imura
a32dd5a151 - Fix checking range of strings of struct iconv_add_in in libsmb and libkiconv,
- Add checking range of strings to iconv_sysctl_add().

Submitted by:	Rudolf Cejka
2005-08-24 12:38:26 +00:00
des
f202203775 Ignore HTTP_PROXY if it is defined but empty. This was already handled
correctly in the case of FTP_PROXY, because an empty FTP_PROXY has a
specific meaning ("don't use any proxy at all for ftp, even if HTTP_PROXY
is defined"), while an empty HTTP_PROXY has no meaning at all.

PR:		bin/85185
Submitted by:	Conall O'Brien <conallob=freebsd@maths.tcd.ie>
MFC after:	2 weeks
2005-08-24 12:28:05 +00:00
yar
4d6489c8fc List -W as one of the meaningful options to the -i (interfaces)
display of netstat(1).

MFC after:	3 days
2005-08-24 12:21:34 +00:00
bruno
16471328fb Change the default adaptive algorithm for phk's one. Thanks to phk
and Kevin Oberman for this work.

Submitted by:	Kevin Oberman
Reviewed by:	njl
Approved by:	njl
2005-08-24 07:52:59 +00:00
ps
813fe6cce6 Remove a KASSERT in the sack path that fails because of a interaction
between sack and a bug in the "bad retransmit recovery" logic. This is
a workaround, the underlying bug will be fixed later.

Submitted by:   Mohan Srinivasan, Noritoshi Demizu
2005-08-24 02:48:45 +00:00
ps
44ee0af629 Fix up the comment for MAX_SACK_BLKS.
Submitted by:	Noritoshi Demizu
2005-08-24 02:47:16 +00:00
rodrigc
dd2aec3b4a - Remove NTP servers which do not resolve in DNS.
- Use pool.ntp.org servers where possible, thanks to
  Chuck Swiger <cswiger at mac dot com> .
- Update list of Swedish NTP servers, thanks to
  Fredrik Lindberg <fli+freebsd-current at shapeshifter dot se> .

PR:		bin/75479
MFC after:	1 day
2005-08-24 02:21:12 +00:00
brooks
ec73ff7b51 - Remove the removable_interfaces variable. /etc/pccard_ether will
now run on any interface.
- Add a new ifconfig_<ifn> keyword, NOAUTO which prevents configuration
  of an interface at boot or via /etc/pccard_ether.  This allows
  /etc/rc.d/netif to be used to start and stop an interface on a purely
  manual basis.  The decision to affect pccard_ether may be revisited at
  a later date.

Requested by:	imp, gallatin (removable_interfaces)
Discussed with:	sam, Randy Bush (NOAUTO)
2005-08-24 01:23:49 +00:00
brooks
09bbc99b5a MFOpenBSD rev 1.9: fix a buffer overflow when processing config file
lines that are exactly 81 characters in length.

Obtained from:	OpenBSD
MFC After:	3 days
2005-08-24 00:05:04 +00:00
brooks
b9c30d0c57 Add __FBSDID to all .c files in dhclient to aid in determining file
versions when dealing with user problems.
2005-08-23 23:59:55 +00:00
iedowse
41ee608d23 Provide the USB device release number along with other parameters
so that devd can match on it. This field was already available to
usbd and is used by a number of usbd.conf entries, so now it is
possible to transfer those entries to devd.conf.

Submitted by:	Anish Mistry
2005-08-23 21:32:49 +00:00
phk
be7673c35b End the MALLOC_DEFINE macro without the semi-colon, the caller supplies
that.

Spotted by:	Flexelint
2005-08-23 20:31:21 +00:00
thompsa
c0a34d34c0 The mtu check in bridge_enqueue is bogus as the maximum Ethernet frame is
actually 1514, so comparing the mbuf length which includes the Ethernet header
to the interface MTU is wrong.

The check was a little over the top so just remove it.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-23 19:49:00 +00:00
pjd
2e01dfe9a9 Verify if we can actually read the data at given offset.
Reported by:	Martin <nakal@nurfuerspam.de>
2005-08-23 18:55:38 +00:00
markus
86aa9b6f54 - Document the led(4) interface for the Thinklight
- Bump .Dd

Approved by:	brueffer
MFC after:	3 days
2005-08-23 18:34:39 +00:00
jkoshy
631e256996 Document the diagnostic message printed at startup time. Keep the
list of diagnostic messages sorted.

Document the recently introduced EOPNOTSUPP error return.  Repair
sort ordering for the list of error descriptions.

MFC after:	3 days
2005-08-23 17:18:27 +00:00
csjp
f1635380ac Add documentation for the BIOCLOCK and BIOCSETWF ioctl commands. Also
modify the documentation for BIOCSETF to note that it sets the read
filter.

Pointed out by:	simon
2005-08-23 17:08:59 +00:00
andre
bc08e8e9de Remove unnecessary IPSEC includes.
MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-23 14:42:40 +00:00
mlaier
20fd9e3a1f Don't loop back packets that have been routed by pf. This fixes an endless
loop where the same packet is sent over and over again.

Obtained from:	OpenBSD
Reported by:	Sergey Lapin
Tested by:	Sergey Lapin
MFC after:	7 days
2005-08-23 14:13:17 +00:00
brian
8cf3c89522 Add a -h option to tell cmp not to follow symbolic links.
MFC after:	3 weeks
Sponsored by:	Sophos/ActiveState
2005-08-23 13:13:13 +00:00
sos
bd2eebc690 Apply fix for "pr82261 DMA-support on Sparc64 broken"
The Acer chip or wiring that SUN uses has problems that this patch
tries to work around.
Original patch by Marius Strobl, hacked into shape by me..
2005-08-23 08:53:01 +00:00
brian
d8225ba92b Fix a couple of typos 2005-08-23 07:58:55 +00:00
truckman
aa31faa377 Back out the removal of LK_NOWAIT from the VOP_LOCK() call in
vlrureclaim() in vfs_subr.c 1.636  because waiting for the vnode
lock aggravates an existing race condition.  It is also undesirable
according to the commit log for 1.631.

Fix the tiny race condition that remains by rechecking the vnode
state after grabbing the vnode lock and grabbing the vnode interlock.

Fix the problem of other threads being starved (which 1.636 attempted
to fix by removing LK_NOWAIT) by calling uio_yield() periodically
in vlrureclaim().  This should be more deterministic than hoping
that VOP_LOCK() without LK_NOWAIT will block, which may not happen
in this loop.

Reviewed by:	kan
MFC after:	5 days
2005-08-23 03:44:06 +00:00
csjp
d3eff5cec1 FreeBSD unconditionally supports write filters now. 2005-08-23 01:35:38 +00:00
emax
1dfaa5f929 Fix multiple typos in the mutex names. This fixes false positive (and pretty
strange looking too) LORs I have seen on my system. Pointy hat to goes to me.

MFC after:	1 day
2005-08-23 00:50:59 +00:00
csjp
29247e2d33 Add support for processing the "bd_locked" flag offered by the bpf
stats structure.
2005-08-23 00:06:04 +00:00
csjp
f267b4783c FreeBSD now supports BIOCLOCK. So we can use it now.
Reviewed by:	mlaier
2005-08-23 00:03:58 +00:00
le
ff1cc2947a Correct the check if a plex is accessible in case it is not up.
This makes degraded RAID5 plexes actually work.
2005-08-22 23:24:26 +00:00
andre
9b00236fed o Fix a logic error when not doing mbuf cluster allocation.
o Change an old panic() to a clean function exit.

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 22:13:41 +00:00
alc
c525799625 Pass the PDE from pmap_remove() to pmap_remove_page() so that the latter
procedure doesn't have to recompute it.
2005-08-22 20:02:40 +00:00
csjp
a41f7da35f Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands
enhance the security of bpf(4) by further relinquishing the privilege of
the bpf(4) consumer (assuming the ioctl commands are being implemented).

Once BIOCLOCK is executed, the device becomes locked which prevents the
execution of ioctl(2) commands which can change the underly parameters of the
bpf(4) device. An example might be the setting of bpf(4) filter programs or
attaching to different network interfaces.

BIOCSETWF can be used to set write filters for outgoing packets. Currently if
a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used
as a raw socket, regardless of consumer's UID. Write filters give users the
ability to constrain which packets can be sent through the bpf(4) descriptor.

These features are currently implemented by a couple programs which came from
OpenBSD, such as the new dhclient and pflogd.

-Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify
 whether a read or write filter is to be set.
-Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the
 filter program on the mbuf data once we move the packet in from user-space.
-Rather than execute two uiomove operations, (one for the link header and the
 other for the packet data), execute one and manually copy the linker header
 into the sockaddr structure via bcopy.
-Restructure bpf_setf to compensate for write filters, as well as read.
-Adjust bpf(4) stats structures to include a bd_locked member.

It should be noted that the FreeBSD and OpenBSD implementations differ a bit in
the sense that we unconditionally enforce the lock, where OpenBSD enforces it
only if the calling credential is not root.

Idea from:	OpenBSD
Reviewed by:	mlaier
2005-08-22 19:35:48 +00:00
jkoshy
1fafbd1bb5 On x86 processors, turn off any 'INTERRUPT' capabilities on PMCs
if the CPU does not have its local APIC enabled.

MFC after:	3 days
2005-08-22 18:20:41 +00:00
jkoshy
6720641d7a Return EOPNOTSUPP instead of EINVAL if a PMC allocation request
specifies a PMC capability (e.g., sampling) that is not supported
by hardware.  Return EINVAL early if the PMC class passed in is
not recognized.

MFC after:	3 days
2005-08-22 18:18:20 +00:00
jkoshy
24bcb580cb Print PMC capabilities at module load time.
MFC after:	3 days
2005-08-22 17:51:08 +00:00
andre
efa833e8d9 Document IP_MINTTL socket option.
MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 16:14:53 +00:00
andre
573a9535a8 Add socketoption IP_MINTTL. May be used to set the minimum acceptable
TTL a packet must have when received on a socket.  All packets with a
lower TTL are silently dropped.  Works on already connected/connecting
and listening sockets for RAW/UDP/TCP.

This option is only really useful when set to 255 preventing packets
from outside the directly connected networks reaching local listeners
on sockets.

Allows userland implementation of 'The Generalized TTL Security Mechanism
(GTSM)' according to RFC3682.  Examples of such use include the Cisco IOS
BGP implementation command "neighbor ttl-security".

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 16:13:08 +00:00
andre
ef76245e90 Always quote the entire TCP header when responding and allocate an mbuf
cluster if needed.

Fixes the TCP issues raised in I-D draft-gont-icmp-payload-00.txt.

This aids in-the-wild debugging a lot and allows the receiver to do
more elaborate checks on the validity of the response.

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 14:12:18 +00:00
andre
1afbca0a45 Handle pure layer 2 broad- and multicasts properly and simplify related
checks.

PR:		kern/85052
Submitted by:	Dmitrij Tejblum <tejblum at yandex-team.ru>
MFC after:	3 days
2005-08-22 12:06:26 +00:00
sos
61076facb2 Fix problem on Promise "mio" controllers and 48bit mode caused by last commit 2005-08-22 11:38:53 +00:00
brian
7311f9613c Spell powersavesleep correctly. 2005-08-22 09:59:13 +00:00
cperciva
2f763eca1d When looking for new lines in diff output, grep for '^[>+]' instead of
'^>', in order to catch both normal and unified diffs.

Problem reported by:	volker at vwsoft dot com via -stable
MFC after:	3 days
2005-08-22 09:33:36 +00:00
cperciva
491d2271d8 Most users probably aren't interested in locating 13000+ files named
[0-9a-f]{64}, so exclude portsnap's compressed snapshots from locate's
indexing.

Suggested by:	silby
MFC after:	3 days
2005-08-22 08:22:48 +00:00