to try and work around the nfsv3 headers in the post-lite2-kernel era.
This program somehow manages to make just about every #include conflict
with everything else. :-(
This puts it on the same footing as cvsup. It's been suggested on
numerous occasions that I shouldn't have imported it in the first place,
and now that sup has outlived it's usefulness..... Boom!
we need now.
Don't assume that file descriptor can't be 0 (many places)
Protect FD_* macros from being used with negative descriptors
Shorten MS EXT show help to fit 80 cols
dangerous! Signal handlers themself must be fixed to not call malloc,
but no pended handlers, it will be correct fix. In finite case each signal
handler can set some variable which will be analized later, but calling
handler functions manually is too dangerous (f.e. signals not blocked while
the handler or handlers switch executed in this case). Of course this
code can be fixed instead of removing, but it not worth fixing in any case.
Should go into 2.2
In addition sig.c code shows following dangerous fragments (there can be more,
but I stop after two):
This fragment
if (fn == SIG_DFL || fn == SIG_IGN) {
handler[sig-1] = (sig_type)0;
<------------- here
signal(sig,fn);
} else {
cause NULL pointer reference when signal comes
"here", but more worse fragment is below:
void handle_signals() {
int sig;
if (caused)
for (sig=0; sig<__MAXSIG; sig++, caused>>=1)
if (caused&1)
(*handler[sig])(sig+1);
}
caused is bitmask which set corresponding bit on each signal coming.
And now imagine, what happens when some signal comes (bit sets) while loop
is executed (see caused>>=1 !!!)
In this light carrier drop situation was (as gdb shows)
1. SIGSEGV in handle_signals because some junk called as *handler reference.
2. Since SIGSEGV was pended too (== never happens),
it can cause various range of disasters.
from /var/mail, added a routine to delete the removed user's files
from /tmp, /var/tmp, & /var/tmp/vi.recover, and added code to kill any
running processes owned by the removed user). I've also added a flag
for non-interactive execution, cleaned up the man page, and adjusted
my address.
Submitted by: ghelmer@cs.iastate.edu (Guy Helmer)
the password file into /etc/master.passwd and optional (-p) into
/etc/passwd. Enable this feature with the compile
option -DPASSWD_IGNORE_COMMENTS.
The character `#' introduces a comment. Leading spaces and tabs are
ignored: '^[ \t]*#.*\n$'
Count an empty line - only spaces, tabs or newline - also as a comment.
An empty line at the bottom of /etc/master.passwd is a common
novice error and increased my mail load: '^[ \t]*\n$'
1) When carrier dropped, old variant often forget to detect it cause
unkillable loop forever (because SIGTERM pended too, but it will be
separate commit)
2) Time intervals accuracy reasons
Should go into 2.2
life easier if a PS/2 mouse locks up the keyboard (frequent-ish,
but not repeatable).
Tidy up code (a bit) and make it -Wall
Is this a 2.2 candidate ? (although it doesn't -Wall in 2.2 because
of the lack of sys/sysproto.h
Remove #include's from sig.h and get dependant modules to include them
themselves. Make inclusion of if_var.h depend on __FreeBSD_version so
that the -current version of ppp can be used with 2.1.*
2.2 Candidate ?
stable now at a customer's site.
Finally add the ability to syslogd to pipe particular messages through
an arbitrary filtering command. Idea stolen from IRIX.
This code is courtesy of the interface business GmbH, Dresden.
Comment about whether to also merge this into 2.2 or not, please.
Reviewed by: (long ago) peter
All signal() calls have been changed to pending_signal() calls.
pending_signal() is defined in the new sig.c file. It remembers
the handler and traps the signal with a function that will remember
the signal.
main.c now calls handle_signals() to actually call the required
handlers (if the above handler was called).
If this doesn't close PR2662 (was PR2347), I'll cry.
Joerg, I think this should go into 2.2, but I havn't done anything
about it because I'm bound to botch it with the new sig.[ch] files.
I've just "cvs add"'d sig.[ch] so far.... can you update to 2.2 and
tell me what you did ? Thanks.
2. Back out my change to ask about UTC/Localtime here. This *really* needs
to be done in tzsetup instead since putting it here only handles about
1/4 of the places where it needs to be.
Now that this is becoming (dare I even say it?) more useful for
post-configuration, no longer leave sysinstall.debug files around
by default. Only do this if environment variable SYSINSTALL_DEBUG
is set.
so that we're more useful in multi-user mode. This is still not
100%, but it pulls in a lot more than it used to. Some of the "composite"
variables in /etc/sysconfig are going to take more work.
o Always write /etc/resolv.conf and /etc/hosts if it makes sense to do
so.
o Reset media properly when reselecting. Longstanding bogon.
o Pull SIGPIPE handling out of package.c; I'm actually hoping to handle
this differently shortly.
o Fix bug where cancel in TCP setup dialog still checked data fields.
I think this closes a PR, but I will have to go look.
- servers should be the first target listed in 'all:' in order for slave
servers to be updated correctly: yppush reads the ypservers map to figure
out where all the slaves are, so it needs to be loaded onto the master
ASAP.
- Fixed small bogon in publickey target which nobody has noticed since
we're not using the publickey.byname map yet.
Rev 1.4 deraadt: (partial from full commit, other files not done yet)
proactive bounds checking; help from millert
Rev 1.5 millert:
Possible buf oflow.
Plus minor style nits to keep the style police happy (I hope)
Obtained from: OpenBSD
server to bind to. This works until you send it a SIGHUP with a
new service defined ... the new service is bound to INADDR_ANY.
This patch fixes this bug (in both RELENG_2_2 and -current).
This is a 2.2 candidate..(i.e. pure bug fix)
Submitted by: Archie Cobbs (archie@whistle.com)
at the time, but on further reflection..." bucket with these changes.
1. Checking the media before frobbing the disks was a fine idea, and
I wish it could have worked, but that leads to a rather difficult
situation when you need to mount the media someplace and you're about
to:
a) Chroot away from your present root.
b) Newfs the root to be.
You're basically screwed since there's no place to stick the mount
point where it will be found following the newfs/chroot (and eliminating
the chroot in favor of just using the "root bias" feature would work
great for the distributions but not the pkg_add calls done by the
package installer).
2. Automatic timeout handling. I don't know why, but alarm() frequently
returns no residual even when the alarm didn't go off, which defies
the man page but hey, since when was that so unusual? Take out timeouts
but retain the code which temporarily replaces the SIGINT handler in
favor of a more media-specific handler. This way, at least, if it's hanging
you can at least whap it. I think the timeout code would have been losing
over *really slow* links anyway, so it's probably best that it go.
This should fix NFS, tape & CDROM installs again (serves me right for getting
complacent and using just the FTP installs in my testing).
more consistant in our use of the terms for differentiation between PC
partitions and traditional BSD partitions.
Submitted-By: obrien@cs.ucdavis.edu (David O'Brien)
section was a good thing, since it made it possible to detect media problems
*before* the installation started, but it also caused various things to
be mounted BEFORE the chroot() call, which definitely messes things up.
Fix this by detecting the pre-chroot() case and mounting into a subdir.
This will probably need to go away again someday when distributions get
folded into packages and there are no more dist files to check, but knowing
how long we've been waiting on THAT, this will be a welcome tool for the
interim.
Submitted by: Robert Nordier <rnordier@iafrica.com>
We could also make this stuff only come out when getpid() != 1
and thus avoid the install case (where it really is just too verbose,
and people have complained), but this seems less messy and no one
complained when tzsetup didn't print the final "things went fine!"
messages (which sort of contravene the UNIX spirit of only yelling
when you need to anyway).
Use setusercontext() rather than setuid()/setgid()/setlogin()/initgroups()
which is all handled. Login environment is NOT set by this call as crontab
provides its own means of doing so.
yp_next_record() is called without a key (from xdr_my_ypresp_all()),
in which case it returns the first key in the map. When doing this,
it also needs to update the key index in the map queue entry. Without
this, ypproc_all_2_svc() (and hence ypcat) don't work correctly.
Noticed by: Michael L. Hench <hench@watt.cae.uwm.edu>
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
going into SLIP mode, useful for scripts that can automatically
grok IP addresses ala Trumpet Winsock.
Closes PR#2293
Submitted-By: andrew@fortress.org
bogus path and FTP I/O errors much earlier, offer retry possibilities
at steps along the way so you don't have to resume from the very beginning
again on a hard error.
1. Bus mouse selection didn't show up properly in mouse menu.
2. U&G management screen didn't respect cancel properly.
3. Novice not prompted to add users or set root password during installation.
4. Username length changes screw up user management form.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
terminate(). This makes doubly sure we don't trip the SIGTERM handler
in a child process. Suggested by: phk.
- It's int main(argc, argv), not void main(argc, argv), gosh darn it.
- If a child receives a SIGTERM, it will call the terminate() function
and end up doing the shutdown procedurs that should really only be
done by the parent. Set the SIGTERM behavior back to SIG_DLT in the
child after fork()ing.
- If the parent fails to read data back from the child because the
child has exited, it will call rpc_received() with bogus tdata that
can cause the parent to SEGV. Make handle_children() detect this
condition correctly and handle it sanely.
*sigh* Another 2.2 candidate.
This has the effect of making every link a "passthrough" which means the
TCP or UDP port won't be freed after link deletion -- so there could be
eventual port exhaustion if the program were allowed to operate long
enough.
Submitted by: Charles Mott <cmott@srv.net>
to be used to expand things beyond the size of the buffer passed in. Also
do a general cleanup of sprintf -> snprintf as well as strcpy and strncat
safety. Also expand some buffers to allow for the largest possible data
that might be used.
This is a 2.2 candidate. However, it needs to be vetted on -current
since little testing has been done on this due to my lack of PPP on
this machine.
Reviewed by: Jordan Hubbard, Peter Wemm, Guido van Rooij
- Fail YPPROC_ALL requests when we hit the child process limit. This
is a little harsh, but it helps prevent the parent from blocking
and causing other requests to time out.
yp_dnslookup.c:
- Check for duplicate RPC transaction IDs that indicate duplicate
requests sent due to RPC retransmissions. We don't want to send
a second DNS request for the same data while an existing request
is in progress.
- Fix small formatting bogon in snprintf() in yp_async_lookup_addr().
Use consistent spelling throughout.
Remove unmount in fixit_common() since that's bogus in the CDROM case and
properly "shut down" the media device instead.
- Try to have all output go through the routines in util.c [logerr(),
log_1s(), die()]
- Add *some* code in util.c to allow pccardd to run out of sysinstall.
Submitted by: Mostly me, but some by Tatsumi Hosokawa <hosokawa@jp.FreeBSD.org>
Disable saving of SCSI device parameters in userconfig saving in hopes
of working around a reported problem in the no-device case; there's no
point in saving this information here anyway.
2nd patch submitted-by: "Eric L. Hernes" <erich@lodgenet.com>
bug in syslogd which causes it to die after random amounts of time (widely
reported), this at least allows the administrator to easily restart it
without wondering why it simply exits again each time.
if wrong version.
2. Make sure network device is initialized in ftpInit
3. Eliminate bogus size values in the menus. For now, we'll have to admit
that nobody's added it up yet. In the future, these menus should be
build dynamically anyway, not declared static.
4. Add more debugging to networking code to chase the mystery ppp device
problem.
assume that the timeval will be preserved. As the man page says:
".. it is unwise to assume that the timeout value will be unmodified
by the select() call." This happens on Linux and on my system at least.
useradd -m or useradd -D -b are used.
2) Hyphen allowed in username if not first character. Fix trivial
bug in error fmt string.
3) /etc/skeykeys updating changed to do 'inplace' update, commenting
out a username rather than removing it completely.
into /etc during the sendmail build. Not for the feint hearted.
(I have been using something like this for some time since I only ever
edit my system's .mc file)
able to be exploited, or might not. However, it is better to be safe
than sorry.
Definitely a 2.2 fix, and a -stable if there is someone to commit it.
Reviewed by: Jordan Hubbard <jkh@freebsd.org>
Submitted by: Marc Slemko
- yp_main.c: Always add the resolver socket to the set of fds
monitored by select(). It can happen that pending == 0 but we
still have some data in the socket buffer from an old query.
This way, the data will be flushed in a timely manner.
- yp_extern.h: remove proto for yp_dns_pending() since we don't need
it anynmore.
- yp_server.c: call yp_async_lookup_name()/yp_async_lookup_addr()
functions with the svc_req pointer as an arg instead of the xprt.
(The svc_req struct includes a pointer to the transport handle,
and it also has the service version number which the async DNS
code will need. (see below))
- yp_dnslookup.c:
o Nuke yp_dns_pending() since we don't need it anymore.
o In yp_run_dnsq(), swallow up and ignore replies if no requests
are pending or the ID doesn't match any of the IDs in the queue.
o In yp_send_dns_reply(), we assume that we will always be
replying to an NIS v2 client. While this will probably always
be the case, we do support the v1 'match' procedure, and it
has a different result struct than v2. For completeness,
support replying to both NIS v1 and v2 clients.
o Update the queue entry structure to include a member to
keep track of the NIS version number.
o Have yp_async_lookup_name/addr() extract the version number
from the svc_req structure and save it with the queue entry
for yp_send_dns_reply() to inspect later.
o Add some comments.
- Don't dereference a NULL hostent pointer (if T_PTR lookup fails).
- Today I asked myself: "Self, you wrote this nifty async resolver
that does a great job handling delayed replies to clients using
the UDP transport, and the yplib code in libc always uses UDP
(except for yp_all()). But what if some dork makes a DNS lookup using
TCP?" Being the only dork on hand at the time, I tried it and was
enlightened. As I suspected, my transaction ID frobbing hacks cause
fireworks if called on a TCP transport handle (duh: the structures
are different). Fix: check the type of socket in xprt->xp_sock using
getsockopt() and don't use svcudp_get_xid() and svcudp_set_xid() for
anything except SOCK_DGRAM sockets. (Since accept() gives you a
new socket for each connection, the transaction ID munging isn't
needed for TCP anyway.)
- yp_dblookup.c: Create non-DB specific database access functions.
Using these allows access to the underlying database functions without
needing explicit knowledge of Berkeley DB. (These are used only
when DB_CACHE is #defined. Other programs that use the non-caching
functions (yp_mkdb, ypxfr, yppush, rpc.yppasswdd) shouldn't notice
the difference.)
- yp_dnslookup: Implement async DNS lookups. We send our own DNS
requests using UDP and put the request in a queue. When the response
arrives, we use the ID in the header to find the corresponsing queue
entry and then send the response to the client. We can go about our
business and handle other YP requests in the meantime. This way, we
can deal with time consuming DNS requests without blocking and without
forking.
- yp_server.c: Convert to using new non-DB-specific database access
functions. This simplifies the code a bit and removes the need for
this module to know anything about Berkeley DB. Also convert the
ypproc_match_2_svc() function to use the async DNS lookup routines.
- yp_main.c: tweak yp_svc_run() to add the resolver socket to the
set of descriptors monitored in the select() loop. Also add a
timeout to select(); we may get stale DNS requests stuck in the
queue which we want to invalidate after a while. If the timeout
hits, we decrement the ttl on all pending DNS requests and nuke
those requests that aren't handled before ttl hits zero.
- yp_extern.h: Add prototypes for new stuff.
- yp_svc_udp.c (new file): The async resolver code needs to be able
to rummage around inside the RPC UDP transport handle in order to
work correcty. There's basically one transport handle, and each time
a request comes in, the transaction ID in the handle is changed.
This means that if we queue a DNS request, then we handle some other
unrelated requests, we will be unable to send the DNS response because
the transaction ID and remote address of the client that made the DNS
request will have been lost. What we need to do is save the client
address and transaction ID in the queue entry for the DNS request,
then put the transaction ID and address back in the transport handle
when we're ready to reply. (And then we have to undo the change so
as not to confuse any other part of the server.) The trouble is that
the transaction ID is hidden in an opaque part of the transport handle,
and only the code in the svc_udp module in the RPC library knows how
to handle it. This file contains a couple of functions that let us
read and set the transaction ID in spite of this. This is really a
dirty trick and I should be taken out and shot for even thinking about
it, but there's no other way to get this stuff to work.
- Makefile: add yp_svc_udp.c to SRCS.
connecting to a host immediately in the foreground.
I would like to be able to run ppp from a script so that my script can be
sure that it is connected to the 'net before it continues running:
# Dial up the internet.
ppp -background myprovider || exit 1
do-some-net-command
# Hang up the modem.
kill -HUP `cat /var/run/ppp.tun0.pid`
Another problem is that the current ppp calls its process id file
`/var/run/PPP.server', which may conflict if you have more than one IP
tunnel interface available.
Closes PR#1469
Submitted by: Gord Matzigkeit <gord@enci.ucalgary.ca>
new 'aliased' packets. Note, if the original packet has a bogus cksum,
we will *NOT* re-compute the cksum, therefore the new packet will also
be wrong (but passed on).
Found by: MartinRenters@awfulhak.demon.co.uk
Reviewed by: Brian Somers <brian@awfulhak.demon.co.uk>
Submitted by: Charles Mott <cmott@srv.net>
will handle lines of any length in /etc/group.
2) Fixed bug with usermod -d not updating user's home
directory.
3) Minor formatting display changes/fixes with *show -P.
(/dev/urandom used by default under FreeBSD), and implemented a
"portable" but less secure generator for other systems.
Add display of expiry/password change dates in -P user display.
used by OpenBSD. (Quite frankly, I think it's perfectly reasonable to
use snprintf to copy strings, given that the semantics for strncpy()
are utterly idiotic and there is no POSIX sstrncpy().)
While I'm at it, incorporate some of OpenBSD's bugfixes to cron.
NOT for 2.2
version of strdup() by a macro, killed many calls to strdup(), thus
potentially wasting less malloc'ed space (their args were never be
free()ed desptie despite of being malloc'ed). Probably still a huge
memory leak at all... Also killed two totally useless variables.
I've tested it as i could, but wouldn't be surprised if unexpected
problems showed up. So watch out this space!
conservative part of the tidyup, like fixing potential buffer overflow
conditions. It is believed to be safe to go into 2.2.
Pointed out by: lozenko@cc.acnit.ac.ru (Evgeny A. Lozenko)
I went over the code.
Add shortcuts for addUser and addGroup, documenting same.
Add a password field for adduser and use no-echo string field for it.
This requires my latest libdialog changes (in RELENG_2_2 or -current) to work.
the profiling level in config and decide what to do in makefiles.
Makefile.i386:
Align functions to 16-byte boundaries if profiling is enabled. This
will allow a fourfold reduction in the size of the profiling buffers.
(otherwise ppp's behavior remains unchanged) and documented by myself,
Steve Sims, Nate Williams, Martin Renters and god-only-knows who else. :-)
Submitted by: nate
Obtained from: Charles Mott <cmott@srv.net>
1. Don't use the MSDOSFS code for accessing FreeBSD distribution data.
Use Robert Nordier's stand-alone DOS I/O library for the purpose.
It this works as well as Robert says it does, it should drastically reduce
(or even eliminate) our "I can't install from my DOS partition!" calls.
2. As a result of the above, go to stdio file descriptors for all
media types.
3. Taking advantage of #2, start using libftpio for FTP transfers instead
of maintaining our own parallel version of the FTP transfer code.
Yay! I ripped something out for a change!
#1 Submitted-By: Robert Nordier <rnordier@iafrica.com>
has always held an open file descriptor. This allowed logging to
spare virtual consoles and being able to switch to them.
My previous change removed this since all writes were done with ttymsg()
which opens it's own fd, and hence syslogd didn't need it's own fd to
send messages on... but this caused an unexpected behavior change.
This should close PR#2176
do it themselves. (Some of these programs actually depended on this
beyond compiling the definition of struct ifinfo!) Also fix up some
other #include messes while we're at it.
obvious effects are that most of the automagically chosen defaults
will now be displayed while going through the menu, and an improved
error handling thanks to the more detailed error status reporting.
2.2 fodder, but i'll leave it to Jordan's review.
sysinstall's new User&group menu will use it, hence it's a 2.2
candidate despite of providing new functionality.
Submitted by: David L. Nugent, <davidn@blaze.net.au>
bogus or overly complex and really needed to be done more consistently
and sanely throughout - no question about it. Done.
Suggested-By: Paul Traina <pst@Shockwave.COM>
which will also need to be brought in before this screen will work.
Add some commentary about how the slip startup code is bogus.
Steal Joerg's loop for more properly closing all files and graft it into
the EHS startup. My loop was functional but more bogus.
o Incorporate some of Tatsumi's bug fixes.
o Remove the xperimnt and commerce distribution items; they haven't
been actual distributions for awhile.
o Try to sanitize the device checking code a little more.
o Cosmetic work on the network code.
to keep the link up, so it re-dials whenever it detects the link go
down. This is useful for 'dedicated' links who use PPP.
It's been used for over a year w/out problems at different sites.
