removes the last path component until the mount() succeeds. However,
the code never checks if it has passed the mountpoint, so in some
cases where the mount() never succeeds, it can end up applying the
flags from a mounted filesystem to the underlying one.
Add a sanity check to the code which removes the last path component:
test that the fsid associated with the new path is the same as that
of the old one.
PR: bin/7872
a number of assumptions related to the parsing of options in
/etc/exports, and missed a few necessary new error checks.
The main problems related to netmasks: an IPv6 network address
missing a netmask would result in the filesystem being exported to
the whole IPv6 world, non-continuous netmasks would be made continuous
without any warnings, and nothing prevented you specifying an IPv4
mask with an IPv6 address.
This change addresses these issues. As a side-effect we now store
netmasks in sockaddr structs (this matches the kernel interface,
and is closer to the way it used to be). Add a flag OP_HAVEMASK to
keep track of whether or not we have successfully got a mask from
any source. Replace some mask-related helper functions with versions
that use the sockaddr-based masks.
Also tidy up get_net() and fix the code that interprets IPv4 partial
networks such as "127.1" as network rather than host addresses.
Properly zero out some structures that were ending up partially
containing junk from the stack, fix a few formatting issues, and
add a comment noting some assumptions about export arguments.
would call malloc, stdio and other library functions from the signal
handler which is not safe due to reentrancy problems.
Instead, add a simple handler that just sets a flag, and call the
more complex function from main() when necessary. Unfortunately to
be able to check this flag, we must expand the svc_run() call, but
the RPC library makes that relatively easy to do.
- Remove some horrible code that faked a "struct addrinfo" to be
later passed to freeaddrinfo(). Instead, add a new group type
"GT_DEFAULT" used to denote that the filesystem is exported to the
world, and treat this case separately.
- Don't clear the AI_CANONNAME flag in a struct addrinfo returned
by getaddrinfo. There's still a bit more struct addrinfo abuse
left in here.
- Simplify do_mount() slightly by using an addrinfo pointer to keep
track of the current address.
- Revert del_mlist() to its pre-tirpc prototype. Unlike NetBSD's version,
ours lets the caller generate any syslog() messages, so that it
can include the service name in the message.
- Initialise a few local variables to clarify the logic and avoid some
compiler warnings.
- Remove a few unused functions and local variables, and fix some
whitespace issues.
- Reinstate the logic for avoiding duplicate host entries that got
removed accidentally in revision 1.41 (added in r1.5). This bit
was submitted in a slightly different form by Thomas Quinot.
Submitted by: Martin Blapp <mb@imp.ch>,
Thomas Quinot <quinot@inf.enst.fr>
PR: bin/26148
group file. Because of the way the group sorting works while printing
out the new file it's not possible at this time to restore comments
in other locations, but at least they won't just disappear altogether.
one user who differs only by case. The other perl tools assume (or enforce)
the all lowercase requirement, therefore making the search through
master.passwd case insensitive seemed a reasonable optimization, IMO.
I understand, although I do not sympathize with, the argument that someone
might want to do this on purpose, and might subsequently want to use the
wrong tool for the job. So, this fix should hopefully satisfy both camps.
the following fixes had been made:
- check the size of the font being loaded and compare it with possible sizes
to minimise possibility of loading something that is not a fontfile at all
and turning console screen into garbage;
- prevent buffer overflow (and coredump as a result ) when loading valid
uuencoded file with size that exceeds allocated buffer;
- correct and improve several error messages.
Approved by: -audit, -hackers (silently)
being present in the environment if the user has CDROM defined, or
has specified a device on the command line.
This avoids users of ports like 'workman' that use these variables
getting gratuitous warnings from cdcontrol.
Suggested by: John Sellens <jsellens@generalconcepts.com>
Paxson et al, Status: Informational, May 1998), we should use "bits per
second" and "k" as 1000 not 1024 for throughput measures.
Submitted by: Eduardo Souza Machado da Silva <esms@acm.org>
that actually conforms to the Porters Handbook.
Add a -t option to pkg_version(1) for doing comparison testing.
Add a script (and make test target) to do some regression tests on
the package number comparison routine, to help debug future revisions.
Submitted by: knu
Procrastination by: bmah
Mschapv2 response generation may produce embedded NULs... causing
us to send a bogus response to the radius server and end up
failing the client's valid response.
Problem pointed out by: Eugene Vigovskiy <vigov@com2com.ru>
The usr.sbin/acpi/ utilities should be compiled non-static.
It just followed the usr.sbin/pccard/Makefile.inc way last time.
Pointed out by: ru and msmith
Committed at: BSD HANAMI in Japan 2001
Make sure we pass $(BUILDOPTS) to the `clean' target
so that `make clean' works on the same set of object
files. Otherwise, we may end up with an incorrectly
built and up-to-date object file.
NO_MAKEDEV_INSTALL and NO_MAKEDEV_RUN. The former implying the latter.
The names imply what they do. The last commit by DES based on a PR defeated
the original idea behind NO_MAKEDEV, which was not to run MAKEDEV, but to do
the installation of MAKEDEV. This should satisfy both parties on the MAKEDEV
challenge.
Reflect this in mergemaster, this might later on be decided to be set to
NO_MAKEDEV_INSTALL, for now I kept to the old behaviour.
NO_MAKEDEV_INSTALL and NO_MAKEDEV_RUN. The former implying the latter.
The names imply what they do. The last commit by DES based on a PR defeated
the original idea behind NO_MAKEDEV, which was not to run MAKEDEV, but to do
the installation of MAKEDEV. This should satisfy both parties on the MAKEDEV
challenge.
Reflect this in the documentation.
method anymore since the code inside the RPC library has changed too much.
Now that the clnt_dg module has the necessary code internally, we can yank
out the local method code and turn on the ASYNC hack with clnt_control().
This will make the -m flag work again.
and do the unregister/reregister work.
Don't call syslog in the unregister/reregister code as we haven't called
openlog() yet.
Be a more conservative about accepting errno values from socket(2),
only EPROTONOSUPPORT means that the kernel isn't supporting it
something like INET6. The other possible errnos would be returned
if there was a mistake in the socket(2) call so remove them from the
list of "acceptable" return values.
then wait for the connection to be closed by the peer.
This means that commands such as ``pppctl ... show links'' will
display the correct output again (rather than truncating it depending
on how much data arrived in the last packet).
aliases with the same netmask and destination, don't remove it and then
re-add exactly the same thing.
This means that static (non-sticky) routes that use the interface address
(or destination address) as a destination will not suddenly evaporate when
IPCP comes up (not unless the negotiated IPs have changed anyway).
/usr/src/usr.sbin/sysinstall/menus.c:1323: initializer element is not computable at load time
/usr/src/usr.sbin/sysinstall/menus.c:1323: (near initialization for `MenuNetworking.items[9].aux')
- fix a harmless bug in match_installed() function introduced in my last
commit;
- uniformely reorder includes across files.
Submitted by: Garrett Rooney <rooneg@electricjellyfish.net>
Not objected by: jkh, -ports
Eliminate an old warning brought about by insufficient foresight when creating
the Menu structure. Have I ever mentioned that sysinstall really needs to
be rewritten?
Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)
Make __rpc_get_local_uid() useable and give it prototype that's
visible.
Fix some issues with printing out usernames from rpcbind and keyserv.
authorization check is on /dev/{,k}mem.
o Update man page to reflect requirement that gid kmem privileges must
be held, not root. (submitted by: peter)
needed to make the asynchronous DNS lookup mechanism work. (It needs to
be able to get/set the transaction ID in the trasport handle so it can
deliver a delayed UDP response when a reply is received from a DNS
server.) With TI-TPC, the transport handle has changed slightly (what
used to be an int is now a size_t) so we need to account for this.
SM_NOTIFY procedure.
Remove our hand-coded one as it was causing world breakage for
worlds compiled with NOSHARED=yes because the static linker is a
bit less forgiving (or not as broken as) our dynamic linker.
Add $FreeBSD$ while I'm here.
Pointed out by: bde
to run PPP over Radiocontact T-Link Radio Modems which run best when something
is transmitted at least every 1.5 seconds.
Tested by: Jennifer Clark <jen@telepresence.strath.ac.uk>
Approved by: Brian
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
Somebody submitted this long time ago, and it has been sitting in my
tree for months because I thought archie would pick it up.
Submitted by: (sorry, lost track)
A depends on dependency B then dependency A will be in all cases listed
before B, so ``pkg_add -r'' will fetch/install packages in the correct order.
Previously dependencies were sorted just by its names, which is why
``pkg_add -r'' never actually worked properly.
To be usefull, hovewer, this fix requires that all packages have been
rebuilt, so it will take some time until users would be able to feel
posititive improvements. For the same reasons it is desirable to propagate
these changes to the 4-stable package building cluster *before* 4.3 ports
freeze, so packages for 4.3-RELEASE would be properly prepared.
Prompted by: kris
Insanely appreciated by: obrien
Silently approved by: jkh, -ports
revised EA interface with explicit namespacing. Link against libutil
to provide string/constant conversion for namespaces. Document
revised interface.
Obtained from: TrustedBSD Project
explicit namespaces. Modify it to use libutil for string/constant
namespace conversions. Update the documentation to take into account
the new interface.
Obtained from: TrustedBSD Project
actually triggered a match and which did not, and add patterns that didn't
into resulting list, so caller will have a chance to notify user that package
isn't installed. This should fix current, POLA-breaking behaviour when user
doesn't receive a notification if he specifies several packages, some of which
aren't installed.
1. Has a time-stamp to show when it was created
2. Sorts and uniq's the output to only contain single instances of a
given setting. This doesn't mean you still can't have settings which
override one another, that's still possible since it's too much
trouble to do the redundancy checking here.
Requested by: lots of people
a few cosmetic problems:
o Allow it to work with scripts (see man page or install.cfg file).
o Preserve old softupdates flag across newfs toggles
o Clean up partitioned/labelled flag handling
o Don't ask for MBR choice again if you've already written it out.
o Actually document the new features.
a simple make world; while this does a bit more work, it means that
jail(8) doesn't have to be kept in sync with /usr/src/Makefile{,.inc1}
which is a moving target. MFC candidate.
Submitted by: FUJISHIMA Satsuki <sf@FreeBSD.org>
Reviewed by: phk
Also pointed out by: Phil Kernick <Phil@Kernick.org>
and also obey most of the rules of english in their construction.
Add a help screen for the security menu which gives the user a rough idea
just what the various security profiles do.
asking the user to actually run the recommended commands related
to installation of files such as aliases or login.conf.
* Return to using grep for CVS $Id comparison. Using ident caused too
many problems for people with local CVS/RCS tags in their stuff.
Attempt to make portability a little easier to maintain in spite of
this change by defining the name of the tag to search for. This
is a slightly different change that solves the problem in the PR.
PR: bin/24564
Submitted by: Tony Finch <dot@dotat.at>
is supposed to inform the user of all steps it would take.
The current code does not issue any messages regarding actions
that would be performed by delete_package (removing files and
executing @unexec commands), because when the Fake variable
is 1, delete_package (which itself respects Fake and prints
messages rather than taking action when it is 1) is not called
at all.
Fix this.
PR: bin/24971
Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org>
need to manually force the network_interfaces variable in /etc/rc.conf,
and it only ever gets in the way. rc.network and rc.network6 DTRT with
the default of 'auto'. This should have died over a year ago.
pkg_delete(1) as well;
- add a new `-a' option for pkg_delete(1) to delete all installed packages;
- add a new `-i' option for pkg_delete(1) to request simple rm(1)-like
interactive confirmation before attempting to delete each package.
Silently approved by: jkh, -ports
and one for Makefile options, pass in the list head and use a common
newopt() routine.
Fix the 'config vmunix' support glue which was broken for a few minutes.
Makefile to the etc/sendmail Makefile to be consistent with all of the
other /var file creations. In doing so, change the Makefile target from
etc-sendmail.cf to distribution as it installs more than just the sendmail.cf.
Instead of trying to delete packages in the same order as they were specified
in the command line, reorder deletion in such a way that if package A depends
on package B then package A will be deleted before B no matter in which order
they were specified in the command line.
Reviewed by: jkh, will
Approved by: jkh
ports/INDEX,v is currently 19.97MB and will blow this limit on the next
update. Let's try doubling the limit again, to give us time to get
around to removing the limit altogether.
actually in the kernel. This structure is a different size than
what is currently in -CURRENT, but should hopefully be the last time
any application breakage is caused there. As soon as any major
inconveniences are removed, the definition of the in-kernel struct
ucred should be conditionalized upon defined(_KERNEL).
This also changes struct export_args to remove dependency on the
constantly-changing struct ucred, as well as limiting the bounds
of the size fields to the correct size. This means: a) mountd and
friends won't break all the time, b) mountd and friends won't crash
the kernel all the time if they don't know what they're doing wrt
actual struct export_args layout.
Reviewed by: bde
`PACKAGEROOT' env var which you would set to a proper mirror of
ftp.FreeBSD.org (say "export PACKAGEROOT=ftp://ftp3.FreeBSD.org"), to
fetch from an alternate place. This is easier to use than `PACKAGESITE'
for true mirrors, and can be used in your dot files across all versions
of FreeBSD.
user actually editing the output. Too many people were rampantly abusing
this feature via "pkg_version -c | sh" without really being cognizant
of the dangers involved (ports upgrade kits) or the fact that it
just plain wasn't designed for it (dependencies). We'll try to keep
people from shooting themselves in the foot.
Will be MFC-ed to RELENG_4 and RELENG_3 after cooling-off period.
names of installed packages;
- add new `-G' option to disable glob matching and revert to previous
behaviour (I have no idea why this could be necessary, though);
- add a new `-x' option, which instructs pkg_info(1) to treat supplied
arguments as a regular expressions.
For example:
$ pkg_info foo\* - displays information about all packages whose names start
from foo
$ pkg_info -G foo\*-1.1 - displays information about package named "foo*-1.1"
$ pkg_info -x ^foo.\* - displays information about all packages whose names
start from foo
Original idea submitted by: Edwin Groothuis <mavetju@chello.nl> (bin/24695)
Reviewed by: jkh, roam
Approved by: jkh
This works only because of bugs in current implementation: the
first .It after ``.Bd -unfilled'' re-enables filling mode and
does not restore (disable) it back afterwards.
to be the same as -ragged in the current implementation) to
-ragged. With mdocNG, -filled displays produce the correct
output, formatted and justified to both margins.
These are not enabled in the pkg_install Makefile as of yet;
adding the "sign" directory to the SUBDIR list will enable
building of sign.
Submitted by: Wes Peters
Obtained from: Original framework from OpenBSD 2.7, X.509 bits from DoBox.