seeing status of mounted file system for jailed processes.
Pass full path of jail's root directory to the kernel. mount(8) utility is
doing the same thing already.
disappearing from the tree. We already were splitting the baby (using
the symbol for the vendor BROADCOM, but not for the device). Use
#defines for both.
the *filename* and not the pid_file(!). Stupid brain-fault on my part.
This could cause a segfault under -neworder if newsyslog had to rotate
multiple files, and later ones had specifed the 'N' flag.
Bug first reported by: le
MFC after: 3 days
-d option was equal to the one already saved and which caused
the pw utility to avoid updating values passed by other options
processed before the -d option in the code path.
Spotted by: Richard Caley <rjc@interactive.co.uk>
processes, and balance that by adding a 10-second delay after all the
processes have been signaled. Also improvement a few messages printed
with `-n' or `-v' processing (mostly signal-related messages).
MFC after: 13 days
files to rotate. The new order will first rotate all files that need
to be rotated, and then send a single signal to each process which
needs to be signaled, and finally it will compress all the files which
were rotated.
This means daemons will be signaled once per run of newsyslog, instead
of once per file rotated. Also, files will be compressed in order of
file-size (smallest to largest). Also, it waits for each file to be
completely compressed before starting the next one (effectively as if
the 'w' flag is specified for all entries in newsyslog.conf). This
avoids the situation of having 10 gzip's going at the same time (each
with a log.0 and a log.0.gz file active), and it also means that file
attributes can be reliably set on files after they are compressed.
NOTE: This commit does define NEWORDER (which you could get rid of if
you really don't trust this), but it does not flip the "-D neworder"
switch. So, at the moment none of these changes happen unless you
request them (perhaps by adding '<debug> neworder' in newsyslog.conf).
PR: bin/25070 inspired some parts of this
Submitted by: parts from bin/25070 done by Helge Oldach
MFC after: 14 days
the newsyslog.conf file. Rename one size-related variable, and move
another one from the stack into conf_entry. Add a routine to change
file-attributes (chown, chmod, chflags), instead of having several
places doing the same sequence of system-calls. A few cosmetic/style
changes.
These should not effect any users. Most of these probably look
pointless, but they are the "insignificant parts" of a much larger
update that I'll be committing soon. Doing these as a separate update
should make that update easier to read.
MFC after: 14 days
that had been written some months ago for other processing. This
should get rid of a few subtle situations where an existing log
file would not exist (for a short time) while it is being rotated.
MFC after: 16 days
about the risks of enabling raw sockets in prisons.
Because raw sockets can be used to configure and interact
with various network subsystems, extra caution should be
used where privileged access to jails is given out to
untrusted parties. As such, by default this option is disabled.
A few others and I are currently auditing the kernel
source code to ensure that the use of raw sockets by
privledged prison users is safe.
Approved by: bmilekic (mentor)
explicitly fsynced after kernel messages are logged. This option
should be syntax compatible with a similar option in Linux syslogd.
I've made some small changes to Pekka's patch, hoepfully I haven't
goofed anything.
PR: 66790
Submitted by: Pekka Savola <pekkas@netcore.fi>
Obtained from: Martin Schulze's syslogd
MFC after: 1 month
Syslogd should ensure that f_file is a valid file descriptor when
f_type is FILE, CONSOLE, TTY and for a PIPE where f_pid > 0. If the
descriptor is closed/invalid then the type should be set to UNUSED
or the pid should be set to 0.
To this end:
1) Don't close(f->f_file) if we can't send a message to a remote
host because the file descriptor used for remote logging is
stored in finet, not in f->f_file. f->f_file is probably
uninitialised, so I guess we usually end up closing fd 0.
2) Don't close PIPE file descriptors if they are invalid.
3) If the call to p_open fails, don't set the pid.
The OpenBSD patches in this area set f_file to -1 after the fd is
closed and then avoids calling close if f_file < 0. I haven't done
this, but it might be a good idea too.
Inspired by: PR 67139/OpenBSD
1) Use strncpy on strings out of utmp.
2) Avoid running off the start of one string while removing white space.
(I've used slightly different code to OpenBSD here.)
3) Ignore trailing spaces in the priority.
PR: 67139
Submitted by: Xin LI <delphij@FreeBSD.org.cn>
Obtained from: OpenBSD
1) Don't check for getopt returning '?', we have a default case.
2) Check if the priority is LOG_KERN correctly - in practice
LOG_KERN is 0, so it makes no difference. OpenBSD fixed a
different nearby bug that we don't have 'cos our definition
of LOG_MAKEPRI is different to OpenBSD's.
Copy a comment from OpenBSD, observing that LOG_KERN is 0.
Inspired by PR: 67139
_PATH_DEV will never change. In the un-likely event that _PATH_DEV
should ever change, watch(8) would have broke because of a
mis-generated device name.
Approved by: bmilekic (mentor)
Pointed out by: Yvan Boily
o getpwnam(3) returns NULL and does not set errno when the user does
not exist. Bail out with "no such user" instead of "Unknown error: 0".
PR: bin/67262
Submitted by: demon (-U flag)
MFC after: 3 weeks
trying to exclude the top end of the range since it should hurt to overlap
by 4 bytes in the off-chance the RSDP signature appears incorrectly at the
very top of our search space.
the value for "unknown" 0xffffffff. The underlying kernel drivers should
be updated to only return 255 but the ABI is used by too many userland
utilities.
Also, make this WARNS 6 compatible.
stored in EEPROM or NVRAM. It's inspired by the NetBSD eeprom(8) and
the SunOS/Solaris eeprom(1M) utilities. Currently, this eeprom(8)
only supports systems equipped with Open Firmware and is only tested
on Sun machines but should work on any platform using Open Firmware.
A bit more specific, eeprom(8) can be used on these systems to do the
same under FreeBSD as can be done using the printenv and setenv
commandos in the boot monitor. One thing that only hardly can be done
using the boot monitor but easily with eeprom(8) is to write a logo
to the "oem-logo" property. eeprom(8) may also be useful to recover
the boot monitor password (in the default configuration only as root,
of course), i.e. when the boot monitor allows you to boot but you
can't alter the configuration because the password is unknown. The
man page may also be a useful reference of the various configuration
variables.
The idea of eeprom(8) is that handlers can be written to add support
for any firmware that stores such configuration in EEPROM or NVRAM;
sort of e.g. eeprom(1M) on Solaris/x86 is used to turn PAE-support
on and off (stored in a file then, not hardware). In FreeBSD, a
candidate for this would be a handler for the EFI boot environment
for FreeBSD/ia64.
eeprom(8) uses some code from NetBSD (eeprom.c and the base for
eeprom.8), the handler for the Open Firmware /options node
(ofw_options.[c,h]) was written using ofw_util.[c,h] from ofwdump(8).
Reviewed by: ru (slightly earlier version of the man page)
- Make the code use the new OFIOCMAXVALUE instead of defining the maximum
length of property values locally.
- Move the application specific parts from ofw_util.c to ofwdump.c in
order to make ofw_util.c more library-like. While ofw_dump_properties()
could be made non-specific to ofwdump(8) it's currently optimized for
use in ofwdump(8) and making it a library-like function would just
complicate the code unnecessarily.
- Minor clean-up in ofw_util.c, e.g. make its use of getopt(3) the way
it's described in style(9), make its usage() static, etc.
- Add a comment in ofw_util.c about why it doesn't call usage() when
neither the "-a" option nor a node-name where given.
- Add ofw_optnode() and ofw_setprop(), helper functions for the
OFIOCGETOPTNODE and OFIOCSET ioctls respectively, to ofw_util.[c,h].
- Be consistent with the use of 'const' in ofw_util.[c,h] and add 'const'
to the function arguments that are acutally const but weren't declared
as such.
- Mark WARNS=6 clean.
Approved by: tmm
installation as far as most people are concerned but both 'Standard' and
'Select' begin with S and 'Select' is winning. This makes it so 'Select'
is not select-able using a keystroke but that is probably for the best
and the text on the screen adequately describes how to move back and forth
between 'Select' and 'Exit'.
Adapted from work by: josef@
PR: i386/37999
MFC after: 1 week
. forward declare all static functions
. add a couple of redundant parens in return statements where they've
been missing
. remove the space after exit since it's a function
the maximum amount of time jitter for root and other users, respectively.
Before starting a job, cron(8) will sleep a random number of seconds,
from 0 to the amount specified. This can help to smooth down load spikes
when a lot of jobs are to start at the beginning of a particular minute
(e.g., the first minute of an hour.)
PR: bin/66474
Submitted by: Dmitry Morozovsky <marck <@> rinet.ru>
where the RSD PTR can actually occur. According to section 5.2.2
of the ACPI spec, we only consider two regions for the base address:
1. EBDA (0x0 - 0x3FF)
2. High memory (0xE0000 - 0xFFFFF)
I don't know whether this fixes any actual problems but is more correct.
levels by which they are used. On a typical production setting (no
debug or filter logging) this will save an open/read/close system
call sequence per packet, approximately halving the system overhead
and reducing the overall overhead by 38%.
dd bs=1k count=512 if=/usr/share/dict/web2 |
ssh ppp-linked-host dd of=/dev/null
# time original-ppp -nat -foreground connection
Working in foreground mode
Using interface: tun0
2.822u 2.404s 2:00.31 4.3% 392+496k 8+18io 3pf+0w
# time new-ppp -nat -foreground connection
Working in foreground mode
Using interface: tun0
2.082u 1.173s 1:26.06 3.7% 379+450k 0+18io 0pf+0w
MFC after: 3 weeks
- Don't look for partitions inside a FreeBSD chunk on ia64 when mounting
the filesystems just before the chroot and install.
- Write entries out to /etc/fstab for filesystems that aren't inside a
FreeBSD chunk, but are a top-level chunk under the disk.
rarpd clobbered any AF_INET information already configured for a given
interface name, so interfaces with more than one IP address made rarpd
listen only for the last address out of all IP aliases.
I changed this, so that AF_LINK information is always collected first
(to ensure the interface name gets its link-layer address associated),
but while looking for AF_INET addresses, the configuration is cloned
if there has already been one IP address seen for that interface name.
Thus, rarpd now effectively listens on all subnets.
MFC after: 1 week
o mention that the acctfile has to exist for accton to work [1]
o add reference to acct.5
PR: 65071 [1] (slightly modified)
Submitted by: Marc Silver <marcs@draenor.org>
X-MFC after: re approval
pass function arguments and results.
Hopefully no functional changes except fixing a couple of
bugs which could cause endless loops if an ioctl() on an
interface would fail.
Remove global variables in favour of local ones.
Fix indentation of a couple of switch statements.
Overall, this program badly need cleaning up, as it relies
on information passed around through global variables.
Note: bthidd(8) is still not complete. Need to commit kernel
support (a-la Linux /dev/input) to feed HID events into kernel.
Also need to write bthidd(8) and bthidd.conf(5) man pages.
present in ndp(8).
The vendor branch import uses a _U_ macro to apply the GCC 'unused' attribute
to the rcs ids embedded in each source file. Teach ndp about this.
Removing the -compact option passed to .Bl macro to avoid useless .Pp macros;
Adding a missing period;
Using .Xr with .Nd since makewhatis(1) has no support for cases where the Xref is absent.
Informed by: ru
* `pkg_info -flags' needs either `-a' or a package name. [1]
* Add -Q option to manual page.
* Update `usage:' to match the manual page.
PR: misc/64786 [1]
Reviewed by: ru
MFC after: 3 days
tied to nfsd(8), exports is the configuration file users will most
likely need to configure when dealing with a NFS server.
Submitted by: Florian Hars <hars@bik-gmbh.de>
PR: docs/64714
MFC after: 3 days
exactly the same as patch from the PR, which also exited if the
config file was missing. I didn't use Jeff's patch because I was
worried that some people might start inetd, create the config file
and then HUP inetd.
PR: 60806
Submitted by: Jeff Ito <jeffi@rcn.com>
MFC after: 2 weeks
addresses. For arch's with 64-bit longs, this is a nop, but for i386 this
allows sysinstall to properly handle disks and filesystems > 1 TB.
Changes from the original patch include:
- Use d_addr_t rather than inventing a blkcnt type based on int64_t.
- Use strtoimax() rather than strtoull() to parse d_addr_t's from config
files.
- Use intmax_t casts and %jd rather than %llu to printf d_addr_t values.
Tested on: i386
Tested by: kuriyama
Submitted by: julian
MFC after: 1 month
o Add a -D option to not attempt to create the home directory.
o Treat the /nonexistent home directory specially. It means the user has
no home directory and it should not be created.
o Update Copyright year and my email.