auditdistd (distributed audit daemon) to the build:
- Manual cross references
- Makefile for auditdistd
- rc.d script, rc.conf entrie
- New group and user for auditdistd; associated aliases, etc.
The audit trail distribution daemon provides reliable,
cryptographically protected (and sandboxed) delivery of audit tails
from live clients to audit server hosts in order to both allow
centralised analysis, and improve resilience in the event of client
compromises: clients are not permitted to change trail contents
after submission.
Submitted by: pjd
Sponsored by: The FreeBSD Foundation (auditdistd)
disconnected under the WITH_BSDCONFIG flag (a good idea since this version of
sysrc(8) indeed requires the `sysrc.subr' module installed by bsdconfig(8)).
Multiple reasons sysrc should not simply continue to live in ports. The most
important being that it is tightly coupled with the base.
Approved by: adrian (co-mentor)
The driver attempts to support all documented parts, but has only been
tested with the 512Mbit part on the Terasic DE4 FPGA board. It should be
trivial to adapt the driver's attach routine to other embedded boards
using with any parts in the family.
Also import isfctl(8) which can be used to erase sections of the flash.
Sponsored by: DARPA, AFRL
deprecated sysinstall(8). NOTE: WITH_BSDCONFIG is currently required.
Submitted by: Devin Teske (dteske), Ron McDowell <rcm@fuzzwad.org>
Reviewed by: Ron McDowell <rcm@fuzzwad.org>
Approved by: Ed Maste (emaste)
not updated as part of `make installworld' such as files in /etc. It
manages updates by doing a three-way merge of changes made to these files
against the local versions. It is also designed to minimize the amount
of user intervention with the goal of simplifying upgrades for clusters
of machines.
The primary difference from mergemaster is that etcupdate requires less
manual work. The primary difference from etcmerge is that etcupdate
updates files in-place similar to mergemaster rather than building a
separate /etc tree.
Requested by: obrien, kib, theraven, joeld (among others)
Do not condition usr.sbin/pkg building on WITHOUT_PKGTOOLS anymore, so that users can
remove the old pkg_* tools without removing the pkgng boostrap
Approved by: des (mentor)
MFC after: 1 month
The NAND Flash environment consists of several distinct components:
- NAND framework (drivers harness for NAND controllers and NAND chips)
- NAND simulator (NANDsim)
- NAND file system (NAND FS)
- Companion tools and utilities
- Documentation (manual pages)
This work is still experimental. Please use with caution.
Obtained from: Semihalf
Supported by: FreeBSD Foundation, Juniper Networks
it respects PACKAGESITE, PACKAGEROOT, and a new environment variable ABI (if a user want to use a different API from the base one for its packages)
it has no man page on purpose to avoid hidding the pkg(8) man page from the pkgng package.
for now uses pkgbeta.FreeBSD.org as default mirror to find its package
it respects MK_PKGTOOLS
Approved by: des (mentor)
At first, I added a utility called utxrm(8) to remove stale entries from
the user accounting database. It seems there are cases in which we need
to perform different operations on the database as well. Simply rename
utxrm(8) to utx(8) and place the old code under the "rm" command.
In addition to "rm", this tool supports "boot" and "shutdown", which are
going to be used by an rc-script which I am going to commit separately.
CTL is a disk and processor device emulation subsystem originally written
for Copan Systems under Linux starting in 2003. It has been shipping in
Copan (now SGI) products since 2005.
It was ported to FreeBSD in 2008, and thanks to an agreement between SGI
(who acquired Copan's assets in 2010) and Spectra Logic in 2010, CTL is
available under a BSD-style license. The intent behind the agreement was
that Spectra would work to get CTL into the FreeBSD tree.
Some CTL features:
- Disk and processor device emulation.
- Tagged queueing
- SCSI task attribute support (ordered, head of queue, simple tags)
- SCSI implicit command ordering support. (e.g. if a read follows a mode
select, the read will be blocked until the mode select completes.)
- Full task management support (abort, LUN reset, target reset, etc.)
- Support for multiple ports
- Support for multiple simultaneous initiators
- Support for multiple simultaneous backing stores
- Persistent reservation support
- Mode sense/select support
- Error injection support
- High Availability support (1)
- All I/O handled in-kernel, no userland context switch overhead.
(1) HA Support is just an API stub, and needs much more to be fully
functional.
ctl.c: The core of CTL. Command handlers and processing,
character driver, and HA support are here.
ctl.h: Basic function declarations and data structures.
ctl_backend.c,
ctl_backend.h: The basic CTL backend API.
ctl_backend_block.c,
ctl_backend_block.h: The block and file backend. This allows for using
a disk or a file as the backing store for a LUN.
Multiple threads are started to do I/O to the
backing device, primarily because the VFS API
requires that to get any concurrency.
ctl_backend_ramdisk.c: A "fake" ramdisk backend. It only allocates a
small amount of memory to act as a source and sink
for reads and writes from an initiator. Therefore
it cannot be used for any real data, but it can be
used to test for throughput. It can also be used
to test initiators' support for extremely large LUNs.
ctl_cmd_table.c: This is a table with all 256 possible SCSI opcodes,
and command handler functions defined for supported
opcodes.
ctl_debug.h: Debugging support.
ctl_error.c,
ctl_error.h: CTL-specific wrappers around the CAM sense building
functions.
ctl_frontend.c,
ctl_frontend.h: These files define the basic CTL frontend port API.
ctl_frontend_cam_sim.c: This is a CTL frontend port that is also a CAM SIM.
This frontend allows for using CTL without any
target-capable hardware. So any LUNs you create in
CTL are visible in CAM via this port.
ctl_frontend_internal.c,
ctl_frontend_internal.h:
This is a frontend port written for Copan to do
some system-specific tasks that required sending
commands into CTL from inside the kernel. This
isn't entirely relevant to FreeBSD in general,
but can perhaps be repurposed.
ctl_ha.h: This is a stubbed-out High Availability API. Much
more is needed for full HA support. See the
comments in the header and the description of what
is needed in the README.ctl.txt file for more
details.
ctl_io.h: This defines most of the core CTL I/O structures.
union ctl_io is conceptually very similar to CAM's
union ccb.
ctl_ioctl.h: This defines all ioctls available through the CTL
character device, and the data structures needed
for those ioctls.
ctl_mem_pool.c,
ctl_mem_pool.h: Generic memory pool implementation used by the
internal frontend.
ctl_private.h: Private data structres (e.g. CTL softc) and
function prototypes. This also includes the SCSI
vendor and product names used by CTL.
ctl_scsi_all.c,
ctl_scsi_all.h: CTL wrappers around CAM sense printing functions.
ctl_ser_table.c: Command serialization table. This defines what
happens when one type of command is followed by
another type of command.
ctl_util.c,
ctl_util.h: CTL utility functions, primarily designed to be
used from userland. See ctladm for the primary
consumer of these functions. These include CDB
building functions.
scsi_ctl.c: CAM target peripheral driver and CTL frontend port.
This is the path into CTL for commands from
target-capable hardware/SIMs.
README.ctl.txt: CTL code features, roadmap, to-do list.
usr.sbin/Makefile: Add ctladm.
ctladm/Makefile,
ctladm/ctladm.8,
ctladm/ctladm.c,
ctladm/ctladm.h,
ctladm/util.c: ctladm(8) is the CTL management utility.
It fills a role similar to camcontrol(8).
It allow configuring LUNs, issuing commands,
injecting errors and various other control
functions.
usr.bin/Makefile: Add ctlstat.
ctlstat/Makefile
ctlstat/ctlstat.8,
ctlstat/ctlstat.c: ctlstat(8) fills a role similar to iostat(8).
It reports I/O statistics for CTL.
sys/conf/files: Add CTL files.
sys/conf/NOTES: Add device ctl.
sys/cam/scsi_all.h: To conform to more recent specs, the inquiry CDB
length field is now 2 bytes long.
Add several mode page definitions for CTL.
sys/cam/scsi_all.c: Handle the new 2 byte inquiry length.
sys/dev/ciss/ciss.c,
sys/dev/ata/atapi-cam.c,
sys/cam/scsi/scsi_targ_bh.c,
scsi_target/scsi_cmds.c,
mlxcontrol/interface.c: Update for 2 byte inquiry length field.
scsi_da.h: Add versions of the format and rigid disk pages
that are in a more reasonable format for CTL.
amd64/conf/GENERIC,
i386/conf/GENERIC,
ia64/conf/GENERIC,
sparc64/conf/GENERIC: Add device ctl.
i386/conf/PAE: The CTL frontend SIM at least does not compile
cleanly on PAE.
Sponsored by: Copan Systems, SGI and Spectra Logic
MFC after: 1 month
digit beyond your time.
Various sysinstall dependencies (e.g. libftpio, libdisk, libodialog, etc.)
will be cleaned up in coming days. Some will take longer than others due to
a few other consumers (tzsetup and sade).
added/removed interfaces in a more consistent manner and reloading the
configuration file.
- Implement burst unsolicited RA sending into the internal RA timer framework
when AdvSendAdvertisements and/or configuration entries are changed as
described in RFC 4861 6.2.4. This fixes issues that make termination of the
rtadvd(8) daemon take very long time.
An interface now has three internal states, UNCONFIGURED, TRANSITIVE, or
CONFIGURED, and the burst unsolicited sending happens in TRANSITIVE.
See rtadvd.h for the details.
- rtadvd(8) now accepts non-existent interfaces as well in the command line.
- Add control socket support and rtadvctl(8) utility to show the RA information
in rtadvd(8). Dumping by SIGUSR1 has been removed in favor of it.
This includes a structural change regarding atomic ops. Previously they
were enabled on all platforms unless we had knowledge that they did not
work. However both work performed by marius@ on sparc64 and the fact that
the 9.8.x branch is fussier in this area has demonstrated that this is
not a safe approach. So I've modified a patch provided by marius to
enable them for i386, amd64, and ia64 only.
added/removed interfaces in a more consistent manner and reloading
the configuration file.
- Add initial support for control socket. RA information in the
daemon can be obtained by rtadvctl(8) instead of SIGUSR1 in a similar
manner to ifconfig(8). The information dump has been removed in favor of it.
(reload the configuration file)
# rtadvctl reload
(show RA messages being sent on each interfaces)
# rtadvctl show
em0: flags=<UP,CONFIGURED,PERSIST> status=<RA_SEND> mtu 1280
DefaultLifetime: 30m
MinAdvInterval/MaxAdvInterval: 3m20s/3m20s
AdvLinkMTU: <none>, Flags: O, Preference: medium
ReachableTime: 0s, RetransTimer: 0s, CurHopLimit: 64
AdvIfPrefixes: yes
(show RA messages being sent only on em0)
# rtadvctl show em0
(rtadvctl -v show provides additional information)
# rtadvctl -v show em0
em0: flags=<UP,CONFIGURED,PERSIST> status=<RA_SEND> mtu 1280
DefaultLifetime: 30m
MinAdvInterval/MaxAdvInterval: 3m20s/3m20s
AdvLinkMTU: <none>, Flags: O, Preference: medium
ReachableTime: 0s, RetransTimer: 0s, CurHopLimit: 64
AdvIfPrefixes: yes
Prefixes (1):
2001:db8:1::/64 (CONFIG, vltime=30d, pltime=7d, flags=LA)
RDNSS entries:
2001:db8:1::128 (ltime=2m40s)
(stop rtadvd)
# rtadvctl shutdown
A remaining issue when reloading the configuration file is that
during that period rtadvd cannot communicate with rtadvctl due to some
additional RA sending for graceful shutdown. This will be fixed later.
This knob removes the tools that are exclusively used to view and
maintain the databases maintained by utmpx, namely last, users, who,
wtmpcvt, ac, lastlogin and utxrm.
The tool w is not in this list, because it has some other functionality
which is unrelated to utmpx; it is hardlinked to the uptime tool.
The WITHOUT_ACCT switch is supposed to omit tools related to process
accounting, namely accton and sa. ac(8) is just a simple tool that
prints statistics based on data in the utx.log database. It has nothing
to do with the former.
Most of the ports I broke when I imported utmpx, were simple management
utilities for the utmp database, allowing you to add/remove entries
manually.
Add a small tool called utxrm(8), which allows you to remove an entry
from the utmpx database by hand. This is useful when a login daemon
crashes or fails to remove the entry during shutdown.
pc-sysinstall) a replacement for sysinstall in the 9.0 release and beyond.
Currently supported platforms are sparc64, pc98, i386, amd64, powerpc, and
powerpc64. Integration into the build system will occur in the coming
weeks.
Merging with pc-sysinstall will use this code as a frontend, while
temporarily retaining the interactive partition editor here. This work
will be done in parallel with improvements on this code and release
integration.
Thanks to all who have provided testing and comments!
after we get all of TBEMD merged back into head, and make mips64 imply
n64, so don't bother to make this 100% pretty. You'll have to settle
for only 64% pretty.
shell script is the back end logic necessary for an installer. It
contains both query routines to allow a front-end installer to present
reasonable choices to the user and also action routines which allow
the front end installer to put a FreeBSD distribution onto a disk. It
supports installing onto the usual suspects, as well as advanced
features like Mirroring, ZFS, Encryprion and GPT labels.
While this is only the back-end of the installer, it can do unattended
scripted installations. In PC-BSD's world view, all installations are
scripted and all the front-end does is write the script. As such, it
is useful in its own right.
This has been extensively tested over the past several releases of
PC-BSD. However, differences between that environment and FreeBSD
suggest there will be a period of shake-out while those differences
are discovered and corrected.
A text-based front-end is in the works. For the GUI-based front-end,
you can use the PC-BSD distribution.
Kris' BSDcan paper on pc-sysinstall is linked off his talk on the
BSDcan site:
http://www.bsdcan.org/2010/schedule/events/173.en.html
The man page is written by Josh Paetzel, and I wrote the Makefiles for
the FreeBSD integration. Kris wrote the rest.
This represents version r7010 in the PC-BSD repo.
http://svn.pcbsd.org/pcbsd/current/pc-sysinstall
Submitted by: kris@
Sponsored by: iX Systems
utilities and related support files for manual pages, which were previously
controlled by MAN. For POLA, the default depends on MAN, i.e., WITHOUT_MAN
implies WITHOUT_MAN_UTILS and WITH_MAN implies WITH_MAN_UTILS. This patch
is slightly improved by me from:
PR: misc/145212
from standard 3G wireless units by supplying a raw IP/IPv6 endpoint rather than
using PPP over serial. uhsoctl(1) is used to initiate and close the WAN
connection.
Obtained from: Fredrik Lindberg <fli@shapeshifter.se>
Its primary purpose is to start and stop services provided by
the rc.d scripts, however it can also be used to list the scripts
using various criteria.
Drive and controller status can be reported, basic attributes changed,
and arrays and spares can be created and deleted.
Approved by: re
Obtained from: Yahoo! Inc.
controllers. Controller, array, and drive status can be checked, basic
attributes can be changed, and arrays and spares can be created and deleted.
Controller firmware can also be flashed.
This does not replace MegaCLI, found in ports, as that is officially sanctioned
and supported by LSI and includes vastly more functionality. However, mfiutil
is open source and guaranteed to provide basic functionality, which can be
especially useful if you have a problem and can't get MegaCLI to work.
Approved by: re
Obtained from: Yahoo! Inc.
Submitted by: Marc Balmer <marc@msys.ch>
Reviewed by: rwatson
Approved by: re
M usr.sbin/Makefile
A usr.sbin/wake
AM usr.sbin/wake/wake.c
AM usr.sbin/wake/Makefile
AM usr.sbin/wake/wake.8
lots of new features compared to 9.4.x, including:
Full NSEC3 support
Automatic zone re-signing
New update-policy methods tcp-self and 6to4-self
DHCID support.
More detailed statistics counters including those supported in BIND 8.
Faster ACL processing.
Efficient LRU cache-cleaning mechanism.
NSID support.
are specifically used by the experimental nfsv4 subsystem.
nfscbd - The NFSv4 client callback daemon.
nfsuserd - The NFSv4 daemon that maps between user and group name
and their corresponding uid/gid numbers.
nfsdumpstate - A utility that dumps out the NFSv4 Open/Lock state.
nfsrevoke - Administratively revokes an NFSv4 client, releasing all
NFSv4 Open/Lock state it holds on the server.
Approved by: kib (mentor)
Not only did these two drivers depend on IFF_NEEDSGIANT, they were
broken 7 months ago during the MPSAFE TTY import. if_ppp(4) has been
replaced by ppp(8). There is no replacement for if_sl(4).
If we see regressions in for example the ports tree, we should just use
__FreeBSD_version 800045 to check whether if_ppp(4) and if_sl(4) are
present. Version 800045 is used to denote the import of MPSAFE TTY.
Discussed with: rwatson, but also rwatson's IFF_NEEDSGIANT emails on the
lists.