12501 Commits

Author SHA1 Message Date
Zachary Loafman
6d72217368 Fix an issue when nss fallback routines are used in a multithreaded application.
Reviewed by:        bushman
Approved by:        dfr (mentor)
2009-05-27 17:01:59 +00:00
Jamie Gritton
0304c73163 Add hierarchical jails. A jail may further virtualize its environment
by creating a child jail, which is visible to that jail and to any
parent jails.  Child jails may be restricted more than their parents,
but never less.  Jail names reflect this hierarchy, being MIB-style
dot-separated strings.

Every thread now points to a jail, the default being prison0, which
contains information about the physical system.  Prison0's root
directory is the same as rootvnode; its hostname is the same as the
global hostname, and its securelevel replaces the global securelevel.
Note that the variable "securelevel" has actually gone away, which
should not cause any problems for code that properly uses
securelevel_gt() and securelevel_ge().

Some jail-related permissions that were kept in global variables and
set via sysctls are now per-jail settings.  The sysctls still exist for
backward compatibility, used only by the now-deprecated jail(2) system
call.

Approved by:	bz (mentor)
2009-05-27 14:11:23 +00:00
Edwin Groothuis
84b2ce0d42 MFV of tzcode2009h revision r192887
- Clarify the license for the tzcode: public domain

MFC after:	1 month
2009-05-27 12:18:39 +00:00
Edward Tomasz Napierala
b7014134a7 Change license to more bori^Wadul^Wcanonical.
Submitted by:	rwatson@
2009-05-26 11:42:06 +00:00
Attilio Rao
9235ed7199 Use, in uncovered part, the END() macro in order to improve debugging.
In this specific case, Valgrind won't get confused when analyzing such
functions.

Sponsored by:	Sandvine Incorporated
Tested by:	emaste
MFC:		3 days
2009-05-25 14:37:10 +00:00
Doug Rabson
3b086f3159 Increase the number of available file descriptors to 64. This fixes the
reported zfsboot problems for systems where more than seven drives are part
of ZFS pools.
2009-05-24 11:37:10 +00:00
Edward Tomasz Napierala
f24f1c51d3 Improve API documentation.
Reviewed by:	rwatson (earlier version)
2009-05-23 13:51:05 +00:00
Edwin Groothuis
dfc79e892f MFV of tzcode2009e:
Upgrade of the tzcode from 2004a to 2009e.

Changes are numerous, but include...

- New format of the output of zic, which supports both 32 and 64
  bit time_t formats.

- zdump on 64 bit platforms will actually produce some output instead
  of doing nothing for a looooooooong time.

- linux_base-fX, with X >= at least 8, will work without problems related
  to the local time again.

The original patch, based on the 2008e, has been running for a long
time on both my laptop and desktop machine and have been tested by
other people.

After the installation of this code and the running of zic(8), you
need to run tzsetup(8) again to install the new datafile.

Approved by:	wollman@ for usr.sbin/zic
MFC after:	1 month
2009-05-23 06:31:50 +00:00
Tim Kientzle
9f1994b5e6 Include the 2 byte length field for the optional "extra data"
field when computing the length of the gzip header.

Thanks to Dag-Erling for pointing me to the OpenSSH tarballs,
which are the first files I've seen that actually used this field.
2009-05-23 04:31:05 +00:00
Edward Tomasz Napierala
ae1add4e55 Make 'struct acl' larger, as required to support NFSv4 ACLs. Provide
compatibility interfaces in both kernel and libc.

Reviewed by:	rwatson
2009-05-22 15:56:43 +00:00
Andrew Thompson
c54c1f7c08 Fix libusb20_dev_get_device_desc and defunt xref.
Submitted by:	Hans Petter Selasky
2009-05-21 17:16:35 +00:00
Marcel Moolenaar
866772cfa7 Simplify now that we have gpart. 2009-05-20 06:01:20 +00:00
Christian Brueffer
a9ffff74c5 Since audit(4) isn't based on posix1e, remove the commented out audit.h header,
xref libbsm(3).

Submitted by:	rwatson
MFC after:	3 days
2009-05-19 22:28:33 +00:00
Edward Tomasz Napierala
a7c13ccc01 Add links to libgeom(3) where appropriate. 2009-05-19 12:10:48 +00:00
John Baldwin
7293f0e67c Update the KVM backend for malloc stats to catch up to the internal structure
BI change from the addition of DTrace malloc(9) probes.

Submitted by:	Ben Kelly  ben of wanderview dot com
2009-05-15 18:25:44 +00:00
Xin LI
718d3b2852 As the comment says, close() frees the variable, record. So we obtain
the length by evaluating the value from the copy, cbuf instead.  This
fixes a crash caused by previous commit (use-after-free)

Submitted by:	Dimitry Andric <dimitry andric com>
Pointy hat to:	delphij
2009-05-14 23:09:33 +00:00
Maksim Yevmenkin
b7ced94c8c Avoid floating point arithmetic while calculating iquiry length.
Submitted by:	Iain Hibbert < plunky -at- rya-online -dot- net >
MFC after:	1 week
2009-05-14 17:10:19 +00:00
Tim Kientzle
c5136006b2 Eliminate duplicate error messages from "tar c".
Reported by:	pav@
2009-05-13 00:04:08 +00:00
Brian Feldman
43af51a2b5 These are some cosmetic changes to improve the clarity of libthr's fork implementation. 2009-05-11 16:45:53 +00:00
Ed Schouten
ba521305e8 TTYs don't necessarily use /dev/ttyxx.
Submitted by:	csjp
2009-05-09 16:42:57 +00:00
Tim Kientzle
fb1db28b6d Partially revert r191171, which went too far in trying
to eliminate some duplicated code.  In particular,
archive_read_open_filename() has different close
handling than archive_read_open_fd(), so delegating
the former to the latter in the degenerate case
(a NULL filename is treated as stdin) broke reading
from pipelines.  In particular, this fixes occasional
port failures that were seen when using "gunzip | tar"
pipelines under /bin/csh.

Thanks to Alexey Shuvaev for reporting this failure and
patiently helping me to track down the cause.
2009-05-07 23:01:03 +00:00
Ed Schouten
46b303e83d Add tcsetsid(3).
The entire world seems to use the non-standard TIOCSCTTY ioctl to make a
TTY a controlling terminal of a session. Even though tcsetsid(3) is also
non-standard, I think it's a lot better to use in our own source code,
mainly because it's similar to tcsetpgrp(), tcgetpgrp() and tcgetsid().

I stole the idea from QNX. They do it the other way around; their
TIOCSCTTY is just a wrapper around tcsetsid(). tcsetsid() then calls
into an IPC framework.
2009-05-07 13:49:48 +00:00
Sam Leffler
f4f8f02054 revert r191633; this breaks at91 & xscale (likely all arm) 2009-05-06 01:50:04 +00:00
Ed Schouten
98669c791d Our grantpt(3) and unlockpt(3) don't comply with POSIX. 2009-05-04 18:14:45 +00:00
Ed Schouten
ab52b803a0 Fix whitespace and sorting in Symbol.map. 2009-05-04 08:06:52 +00:00
David E. O'Brien
7dbb948b5f Merge vendor/file/dist@191739, bringing FILE 5.00 to 8-CURRENT. 2009-05-04 00:37:44 +00:00
Jamie Gritton
b38ff370e4 Introduce the extensible jail framework, using the same "name=value"
interface as nmount(2).  Three new system calls are added:
* jail_set, to create jails and change the parameters of existing jails.
  This replaces jail(2).
* jail_get, to read the parameters of existing jails.  This replaces the
  security.jail.list sysctl.
* jail_remove to kill off a jail's processes and remove the jail.
Most jail parameters may now be changed after creation, and jails may be
set to exist without any attached processes.  The current jail(2) system
call still exists, though it is now a stub to jail_set(2).

Approved by:	bz (mentor)
2009-04-29 21:14:15 +00:00
Jamie Gritton
7074cfa223 With the permission of phk@ change the license on remaining jail code
to a 2 clause BSD license.

Approved by:	phk
Approved by:	bz (mentor)
2009-04-29 16:02:52 +00:00
Bruce M Simpson
6de9a4eb6b Fix an obvious bug in getsourcefilter()'s use of struct __msfilterreq;
the kernel will return in msfr_nsrcs the number of source filters
in-mode for a given multicast group.
However, the filters themselves were never copied out, as the libc
function clobbers this field with zero, causing the kernel to assume
the provided vector of struct sockaddr_storage has zero length.
This bug would only affect users of SSM multicast, which is shimmed
in 7.x.
Picked up during mtest(8) refactoring.

MFC after:	1 day
2009-04-29 09:58:31 +00:00
Olivier Houchard
8957464be7 Change the test at the beginning of strncmp(), from being if (len - 1) < 0
to if (len == 0).
The length is supposed to be unsigned, so len - 1 < 0 won't happen except
if len == 0 anyway, and it would return 0 when it shouldn't, if len was
> INT_MAX.

Spotted out by:	Channa <channa kad gmail com>
2009-04-28 19:20:13 +00:00
Tim Kientzle
04e8ac36ab Document the liblzma support.
Unfortunately, liblzma itself is GPLed, so unlikely to become part of
the FreeBSD base system.
However, the core lzma compression/decompression code is public
domain, so it should be feasible for someone to create a compatible
library without the GPL strings.
2009-04-27 22:39:43 +00:00
Tim Kientzle
59c7a951b5 Symlink some additional man page entries. 2009-04-27 20:23:22 +00:00
Tim Kientzle
4d24dc3687 Merge r991 from libarchive.googlecode.com: Various updates
to archive_read.3 manpage, including documentation for the
new "raw" handler.
2009-04-27 20:13:13 +00:00
Tim Kientzle
690f5ebdc0 Merge r990,r1044 from libarchive.googlecode.com:
read_support_format_raw() allows people to exploit libarchive's
automatic decompression support by simply stubbing out the
archive format handler.
The raw handler is not enabled by support_format_all(), of course.
It bids 1 on any non-empty input and always returns a single
entry named "data" with no properties set.
2009-04-27 20:09:05 +00:00
Tim Kientzle
edca00c7b2 Merge r1061,r1062,r1063 from libarchive.googlecode.com:
Fix reading big-endian binary cpio archives, and add a test.
While I'm here, add a note about Solaris ACL extension for cpio,
which should be relatively straightforward to support.

Thanks to: Edward Napierala, who sent me a big-endian cpio archive
from a Solaris system he's been playing with.
Pointy hat: me
2009-04-27 19:30:09 +00:00
Tim Kientzle
80658f77a3 Merge r1034 from libarchive.googlecode.com:
Put a much larger file on the reference ISO for this test.
2009-04-27 19:23:53 +00:00
Tim Kientzle
0cf3aa1afe Merge r1058 from libarchive.googlecode.com: Require that each
test source file has exactly one DEFINE_TEST().
2009-04-27 19:20:25 +00:00
Tim Kientzle
3da657c177 ino_t varies across platforms; casting (int) here avoids
various pointless complaints.
2009-04-27 19:14:43 +00:00
Tim Kientzle
546cb91d54 Merge r1032 from libarchive.googlecode.com:
Make test_fuzz a bit more sensitive by actually reading the body
of each entry instead of skipping it.
While I'm here, move the "UnsupportedCompress" macro into the
only file that still uses it.
2009-04-27 18:55:22 +00:00
Tim Kientzle
525ed69972 Merge r1054,r1060 from libarchive.googlecode.com:
* assertEqualMem() now takes void * arguments
 * Be a little smarter about what we hexdump when assertEqualMem() fails
2009-04-27 18:39:55 +00:00
Tim Kientzle
d906209e53 Merge r1021 from libarchive.googlecode.com:
If we know it's a socket, say so.
2009-04-27 18:35:03 +00:00
Tim Kientzle
7ad21ca8c3 Merge r1052,r1055 from libarchive.googlecode.com:
Clear the error flag on entry to a few more API functions.
2009-04-27 18:33:08 +00:00
Tim Kientzle
01a94543e9 Merge r1053,r1055,r1056,r1057,r1065 from libarchive.googlecode.com:
* Fix parsing of POSIX.1e ACLs from Solaris tar archives
 * Test the above
 * Preserve the order of POSIX.1e ACL entries
 * Update tests whose results depended on the order of ACL entries
 * Identify NFSv4 ACLs in Solaris tar archives and warn that
   they're not yet supported. (In particular, don't try to parse
   them as POSIX.1e ACLs.)

Thanks to: Edward Napierala sent me some Solaris 10 tar archives to test
2009-04-27 18:27:54 +00:00
Tim Kientzle
3257d55783 Merge r988,r1064 from libarchive.googlecode.com:
* Split whiny skip function to create a new best-effort skip_lenient()
 * Correctly increment the top-level file position only for the top filter
 * Simulate skip by reading against the current filter, not the top filter

The latter two bugs aren't currently visible because no existing
filter delegates skip operations.
2009-04-27 17:42:02 +00:00
Tim Kientzle
d21d99e07e Reading an mtree file is supposed to provide
access to the file data (if the file exists on
disk).  This was broken for the first regular
file; fix it and add a test so it won't break again.

In particular, this fixes the following idiom for creating
a tar archive in which every file is owned by root:

tar cf - --format=mtree . 	\
    | sed -e 's/uname=[a-z]*/uname=root/' -e 's/uid=[0-9]*/uid=0/' \
    | tar cf - @-
2009-04-26 18:57:50 +00:00
Tim Kientzle
9a4ac3e81e Various improvements to the tar.5 manpage, including
descriptions of the GNU tar "posix-style" sparse format,
clarification of the Solaris tar ACL storage,
and a few comments about Mac OS X tar's resource storage.
2009-04-26 18:46:40 +00:00
Tim Kientzle
6388433b62 Exit with ARCHIVE_FATAL if the ISO image is truncated. 2009-04-26 18:43:49 +00:00
Tim Kientzle
c49388ad34 Remove an unused variable.
Thanks to:	Christoph Mallon
2009-04-26 18:24:14 +00:00
Edward Tomasz Napierala
5d8532a1b1 Fix typo. 2009-04-26 10:12:20 +00:00
Christian Brueffer
2a72feb42b Correct the information about when the respective functionality first
appeared in FreeBSD.

PR:		133785
Submitted by:	Ulrich Spoerlein <uqs@spoerlein.net>
MFC after:	3 days
2009-04-23 08:37:56 +00:00