Commit Graph

44 Commits

Author SHA1 Message Date
bdrewery
b619f0c747 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
bdrewery
989e2c6000 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
dim
c19ac081a3 Since clang 3.2 now has an option to suppress warnings about implicitly
promoted K&R parameters, remove the workarounds added for sendmail
components in r228558.

MFC after:	1 week
2013-02-16 20:17:31 +00:00
dim
0d1f91e8e1 Define several extra macros in bsd.sys.mk and sys/conf/kern.pre.mk, to
get rid of testing explicitly for clang (using ${CC:T:Mclang}) in
individual Makefiles.

Instead, use the following extra macros, for use with clang:
- NO_WERROR.clang       (disables -Werror)
- NO_WCAST_ALIGN.clang  (disables -Wcast-align)
- NO_WFORMAT.clang	(disables -Wformat and friends)
- CLANG_NO_IAS		(disables integrated assembler)
- CLANG_OPT_SMALL	(adds flags for extra small size optimizations)

As a side effect, this enables setting CC/CXX/CPP in src.conf instead of
make.conf!  For clang, use the following:

CC=clang
CXX=clang++
CPP=clang-cpp

MFC after:	2 weeks
2012-02-28 18:30:18 +00:00
dim
838b9f84ea Fix typos in the comments about clang warnings in several
sendmail-related Makefiles.

Spotted by:	arundel
MFC after:	1 week
2011-12-16 17:02:25 +00:00
dim
ef7c6e2e94 Unfortunately, clang gives warnings about sendmail code that cannot be
turned off yet.  Since this is contrib code, and we don't really care
about the warnings, just turn make them non-fatal for now.

MFC after:	1 week
2011-12-16 15:58:38 +00:00
ed
b1c1be30d7 Make WARNS=6 the default for libexec/.
Just like bin/ and sbin/, I think setting WARNS to the highest value
possible will make it more attractive for people to fix warnings.

- The WARNS variable is set in the Makefile in the directory of the
  application itself, making it more likely that it will be removed out
  of curiosity to see what happens.
- New applications will most likely build with WARNS=6 out of the box,
  because the author would more likely fix the warnings during
  development than lower WARNS.

Unfortunately almost all apps in libexec require a lowered value of
WARNS.
2010-01-02 09:50:19 +00:00
des
2bb8de20fe Remove kludges intended to support src trees with partial obj trees.
Discussed with:	ru
2005-06-10 06:12:53 +00:00
gshapiro
e95dd66c1f Remove MAINTAINER= lines from individual Makefiles in favor of the
MAINTAINER file (which already had entries for sendmail).
2003-07-07 03:54:04 +00:00
gshapiro
730b12a9a9 Update build infrastructure for sendmail 8.12. 2002-02-17 22:05:07 +00:00
kris
c60495e0de Lock down with WFORMAT?=1, with overrides in the subdirectories which
are not yet warning-clean.  Tested on i386 and alpha.
2002-02-04 02:33:51 +00:00
ru
45d92a4319 - Backout botched attempt to intoduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
ru
a23a98f937 Set the default manual section for libexec/ to 8. 2001-03-20 18:10:13 +00:00
gshapiro
90b1557dac Add a MAINTAINER= line so people know who to blame 2000-10-26 23:02:36 +00:00
gshapiro
e0b2de2c8f Style fixes 2000-10-11 05:04:21 +00:00
gshapiro
74c5c816cc mail.local(8) is no longer installed as a set-user-id binary.
Users may have to adjust their configuration to call mail.local as root
by adding the F=S flag to the local mailer.  Most probably already have this.
2000-10-10 18:12:30 +00:00
gshapiro
1f7ac54fbd Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
gshapiro
002ef51d6e The rest of the changes needed to support the new version of sendmail (8.11.0).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
obrien
18dba2fe21 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:06 +00:00
peter
082d9275b1 Use sendmail-8.9.1 mail.local (with our changes). It has LMTP support. 1998-08-04 15:30:17 +00:00
charnier
7dfb53a951 Typos. 1998-01-07 07:44:01 +00:00
imp
cde9945828 style(9) nits
Submitted by:	bde
1997-12-26 23:36:43 +00:00
imp
66fd98fe99 Be extra paranoid about the length of data returned from gethostbyaddr or
gethostbyname.
Submitted by:	Julian Assange
1997-12-24 19:38:18 +00:00
alex
3dc202d85a Switch the effective uid to that of the user when writing mail files,
allowing quotas to be enforced on mail spools.

PR:             1111
Submitted by:   Charles Henrich <henrich@crh.cl.msu.edu>
1997-11-13 23:14:34 +00:00
wosch
6614e4891f Store temporary files in /var/tmp instead /tmp. This should avoid
a possible disk overflow for enormous large mails.
Submitted by:	grog
1997-10-11 22:05:44 +00:00
bde
d6cf846a53 Makefile.dist is a non-bmaked version of Makefile. We don't want it. 1997-08-02 18:52:16 +00:00
bde
27a46c98ad This commit was generated by cvs2svn to compensate for changes in r27847,
which included commits to RCS files with non-trunk default branches.
1997-08-02 18:46:42 +00:00
bde
d7d37d2613 Import Lite2's src/libexec, except for makekey (which was spammed
by a repository copy from 1.1.5 and patched back to Lite1) and
rbootd/bootdir/SYSHPBSD (which is binary).  All changed files have
already left the vendor branch.
1997-08-02 18:46:42 +00:00
imp
3125d931c2 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-28 15:48:21 +00:00
peter
090fb430f1 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
scrappy
2ad78b57b3 Totally botched ths patch...revert back to Rev 1.7, and request a
proper context diff from the submitter...
1996-10-23 05:05:32 +00:00
scrappy
3745246d0a Last time I trust 'sucess's on a non-context diff...
Pointed out by: Bill Fenner <fenner@parc.xerox.com>
1996-10-22 22:52:37 +00:00
scrappy
c60a33a165 Fixes:
>Description:

        /usr/libexec/mail.local runs as root.  As such is can fill up a
        mailbox on a quota'd filesystem, and keep going... Makes quota's
        almost useless in an ISP environment.

Closes: PR#bin/1111

Submitted by:	 Charles Henrich <henrich@crh.cl.msu.edu>
1996-10-22 21:01:01 +00:00
wosch
361a15b8f4 add forgotten $Id$ 1996-09-22 21:56:57 +00:00
bde
6ed5ccfb8f Don't use __dead or __pure in user code. They were obfuscations
for gcc >= 2.5 and no-ops for gcc >= 2.6.  Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
1996-09-14 03:00:32 +00:00
joerg
0a6e60012a Introduce a -b option for sites who are not interested in the old biff
service.  (Avoid a ``in_vain'' warning...)
1996-04-13 11:44:12 +00:00
mpp
6f1e1c35e7 Another round of various man page cleanups. 1996-02-09 17:25:57 +00:00
ache
eb02905cc1 Revert fsync ifdef behaviour and name, now default variant acts like
original one.
Suggested by: peter
1995-10-31 09:16:46 +00:00
ache
f84f405c03 Put fsync under #ifdef EXTRA_SANITY and turn it off by default.
fsync here cause real disk trashing when large UUCP mail chanks
parsed.
1995-10-31 08:22:13 +00:00
rgrimes
f05428e4cd Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
wollman
96c19e77ba Update to new make macros and disable Kerberos because we haven't got it
set up right yet.
1994-08-05 21:24:58 +00:00
rgrimes
7d07d2de2f BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00