Commit Graph

5734 Commits

Author SHA1 Message Date
obrien
ff0e186a51 Make the sub-'argc' static to make it harder to overwrite thru a buffer
overflow.
2008-12-26 22:54:53 +00:00
trhodes
953a7479f3 Apply various fixes:
Silence mdoc(7) warnings;
Xref correct manual pages;
Point user to the ddb.8 manual page.

PR:		129398
Submitted by:	gavin
2008-12-24 11:12:21 +00:00
obrien
0a4722ed76 Garbage collect 'fflags'. 2008-12-24 03:07:19 +00:00
trhodes
e79f1ce743 Note that when shutdown is run without options, it will place
the system into single user mode at the time specified.

PR:		129765
2008-12-23 15:00:03 +00:00
trhodes
24efb828cb Document the "-o large" option.
PR:		129792
2008-12-23 13:35:26 +00:00
thompsa
d52df5ae78 Only show the pathname in verbose output as intended in the last commit (r172862). 2008-12-22 19:52:21 +00:00
piso
982a9ea01c Update the ipfw man page to reflect last change (-q option with nat option).
MFC after:	3 days
2008-12-18 21:46:18 +00:00
piso
9102cbe344 Honor the quiet (-q) option while adding a nat rule.
Submitted by:	Andrey V. Elsukov<bu7cher@yandex.ru>
MFC after:	3 days
2008-12-18 21:37:31 +00:00
obrien
153773c7cb Be a little bit more pestimistic in argument handling - check if we've
overflown our internal buffer (though after the fact), and s/strncpy/strlcpy/

Reviewed by:	rodrigc
Obtained from:	Juniper Networks
2008-12-18 18:44:46 +00:00
qingli
ec826ad5c7 This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
sam
ef924e3391 back out unintended change 2008-12-15 01:44:23 +00:00
sam
27870a75c9 move channel parsing to a getchannel routine so it can be reused to check
the channel argument supplied to chanswitch
2008-12-15 01:15:15 +00:00
sam
c5b85460d4 fix handling of sku codes like country codes 2008-12-15 01:10:52 +00:00
sam
b076937b92 fix handling of unknown country codes; atoi doesn't return -1
for an invalid string as I thought; so use strtol instead
2008-12-15 01:10:08 +00:00
sam
4cd355eb2d 0 is a potential ISO CC; use new NO_COUNTRY #define to identify
when the CC is not set.  Note NO_COUNTRY is set to 0xffff for now
(must be 16 bits as ieee80211_regdomain struct defines sku's and
cc's as uint16_t which may need fixing).
2008-12-15 01:09:01 +00:00
sam
0e7403cc3f o distinguish between adhoc and ahdemo modes
o do not require 1/2 and 1/4 rate channels be present in the
  calibration list when doing a gsm regulatory change; the
  existing 900MHz cards are not self-identifying so there is
  no way (using the calibration channel list) to check
2008-12-15 01:06:49 +00:00
sam
3b86465e44 Improve regdomain.xml parser:
o store XML_Parser in the state block so we can report line numbers for errors
o complain about netband w/o mode
o complain about unknown modes
o complain about band w/o enclosing netband
o complain about duplicate freqband
o complain about unknown channel flags
o complain about band w/o freqband's
o complain about band w/o maxpower
o complain about country w/o ISO cc
o complain about country w/o regdomain reference
2008-12-15 01:00:18 +00:00
ru
aff5ca54ef Fix the fallouts from r146267:
- Add the forgotten "mode" argument to the "mode" command.
- Move the description of "info" to where it belongs.
2008-12-14 12:56:56 +00:00
phk
62577aca10 Send all debug to stderr. 2008-12-14 11:48:51 +00:00
phk
329b1107fb Clarify that configuration files must be named '*.conf' 2008-12-14 11:47:39 +00:00
lulf
5aef9be9a2 - When writing metadata to a geom provider, open the it as read-write since it
might do subsequent reads from other providers. This stopped geli (and
  probably other classes using g_metadata_store as well) from being put on top
  of gvinum raid5 volumes.

Note:
The reason it fails in the gvinum raid5 case is that gvinum will read back the
old parity stripe before calculating the new parity stripe to be written out
again.  The write will then fail because the underlying disk to be read is
opened write only.

MFC after:	1 week
2008-12-13 14:14:56 +00:00
luigi
3e21de6755 Move the check for the ending char in the partition name where
it was before -- the check is only made when getdisklabel()
returns valid info.
On passing, use MAXPARTITIONS to identify the max partition number,
instead of the hardwired 'h'

MFC after:	4 weeks
2008-12-12 15:56:38 +00:00
mlaier
97597606a6 Fix build - cast off_t to (intmax_t) for printing. 2008-12-03 23:00:57 +00:00
luigi
25cd12c1b2 Enable operation of newfs on plain files, which is useful when you
want to prepare disk images for emulators (though 'makefs' in port
can do something similar).

This relies on:
+ minor changes to pass the consistency checks even when working on a file;

+ an additional option, '-p partition' , to specify the disk partition to
  initialize;

+ some changes on the I/O routines to deal with partition offsets.

The latter was a bit tricky to implement, see the details in newfs.h:
in newfs, I/O is done through libufs which assumes that the file
descriptor refers to the whole partition. Introducing support for
the offset in libufs would require a non-backward compatible change
in the library, to be dealt with a version bump or with symbol
versioning.

I felt both approaches to be overkill for this specific application,
especially because there might be other changes to libufs that might
become necessary in the near future.

So I used the following trick:
- read access is always done by calling bread() directly, so we just add
  the offset in the (few) places that call bread();
- write access is done through bwrite() and sbwrite(), which in turn
  calls bwrite(). To avoid rewriting sbwrite(), we supply our own version
  of bwrite() here, which takes precedence over the version in libufs.

MFC after:	4 weeks
2008-12-03 18:36:59 +00:00
luigi
18b0226daa Some useful operational extensions to newfs_msdos, especially
when preparing images for emulators or flash devices:

+ option '-C size' to create the underlying image file with given size.
  Saves doing a 'dd' before, and especially it creates a sparse file

+ option '-@ offset' to build the FAT image at the specified offset
  in the image file or device;

+ make the cluster size adaptive on the filesystem size.
  Previously the default was 4k which is really unconvenient with
  large media; now it goes from 512 bytes to 32k depending on
  filesystem size (i still need to check whether it makes sense
  to go further up, to 64k or above);

+ fix default geometry when not specified on the command line,
  use 63 sectors/255 heads by default.
  Also trim the size so it exactly a multiple of a track, to avoid
  complaints in some filesystem code.

+ document all the above, plus some manual page clarifications.

MFC after:	4 weeks
2008-12-03 18:22:36 +00:00
marcel
5c813d4376 Print error messages as-is, when they don't conform to
<errno> [<parameter> 'value']
These are error messages from (lib)geom itself.
2008-11-30 23:46:31 +00:00
marcel
875a18edd5 Call gctl_free() after we processed the error string.
It's being freed as part of the request.
2008-11-30 23:38:44 +00:00
marcel
3e94b73b94 Parse the error string returned by the kernel. The format is:
<errno> [<parameter> <value>]
So, rather than printing the error:
	gpart: 22 scheme 'gpt'
gpart(8) now prints:
	gpart: scheme 'gpt': invalid argument
2008-11-29 21:20:07 +00:00
imp
85bc384554 Noticed the following error message:
mount_msdosfs: /dev/cf0s1: : Operation not supported by device

and thought I'd fix it to be:

mount_msdosfs: /dev/cf0s1: Operation not supported by device

Not sure why errmsg isn't getting filled in, or why this error is even
happening at all... (fsck_msdosfs is clean, and I can mount this same
CF elsewhere).
2008-11-29 02:28:05 +00:00
luigi
e7b613e283 Create a fake geometry (16 heads, 64 sectors) when dealing with
a plain file and a geometry is not explicitly supplied through
command line or disktab entry.

This way you can a FAT image on a file as simply as this:

	newfs_msdos ./some/file

(right now you need a much longer command

	newfs_msdos -h 32 -u 64 -S 512 -s $total_blocks -o 0 ./some/file

Will be merged after 7.1 and 6.4 are released.
See also the related PR which suggests a similar change.

PR:		bin/121182
MFC after:	4 weeks
2008-11-26 21:05:03 +00:00
scottl
b0a070ce29 Big update to the iSCSI initiator code. Highlights include IPv6 support,
many bugs fixes, many more performance improvements.

Submitted by:	Danny Braniss

M    sbin/iscontrol/iscsi.conf.5
M    sbin/iscontrol/iscontrol.8
M    sbin/iscontrol/iscontrol.h
M    sbin/iscontrol/config.c
M    sbin/iscontrol/fsm.c
M    sbin/iscontrol/login.c
M    sbin/iscontrol/pdu.c
M    sbin/iscontrol/misc.c
M    sbin/iscontrol/auth_subr.c
M    sbin/iscontrol/iscontrol.c
M    sys/dev/iscsi/initiator/isc_cam.c
M    sys/dev/iscsi/initiator/iscsi.h
M    sys/dev/iscsi/initiator/isc_soc.c
M    sys/dev/iscsi/initiator/iscsi_subr.c
M    sys/dev/iscsi/initiator/iscsivar.h
M    sys/dev/iscsi/initiator/isc_subr.c
M    sys/dev/iscsi/initiator/iscsi.c
M    sys/dev/iscsi/initiator/isc_sm.c
2008-11-25 07:17:11 +00:00
delphij
7a676b30d1 Grammar improvements.
Submitted by:	kensmith
2008-11-18 20:38:07 +00:00
marcel
f9226694db Use humanize_number(), rather than a home-grown algorithm for
formatting a number in a human-friendly way.

Note that with this commit a megabyte changed from 1000000 to
1048576 and a 80G disk is now printed as being 75G in size.
This is deliberate. It's consistent with the core of geom(8).
However, the original choice for a megabyte being 1000000 was
on purpose and matches what disk vendors put on the box. The
consistency is considered more important.

Submitted by:	delphij
2008-11-18 04:04:01 +00:00
marcel
171191e7f7 Sort includes
Submitted by:	delphij
2008-11-18 03:43:02 +00:00
marcel
a439cdd8d4 Pad the bootcode we write to the partition to a multiple of the
sector size.

Submitted by:	Alexey Shuvaev <shuvaev@physik.uni-wuerzburg.de>
Prompted by: 	delphij
MFC after:	3 days
2008-11-18 00:03:30 +00:00
maxim
45ffeb7fc2 o One more s/gpt/gpart/. 2008-11-05 09:28:30 +00:00
maxim
98f206c208 o Replace Xr to gpt(8) which is gone by gpart(8). 2008-11-05 09:27:13 +00:00
dfr
2fb03513fc Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager.  I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.

The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.

To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.

As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.

Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.

The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.

Sponsored by:	Isilon Systems
MFC after:	1 month
2008-11-03 10:38:00 +00:00
marcel
48fb5445ab Add support for multiple attributes. This is required for the
PC98 scheme.
2008-10-20 05:12:50 +00:00
keramida
40d90afbe6 Tiny wording nits.
MFC after:	1 week
2008-10-19 09:45:29 +00:00
brooks
a9d132d46a Support the remaining options listed in dhcp-options(5) and RFC 2132.
PR:		bin/127076
Submitted by:	jkim
MFC after:	1 week
2008-10-17 13:28:53 +00:00
maxim
be9cccafc2 o Remove a debug code and restore an accidentally deleted code
in a previous commit.
2008-10-14 17:59:39 +00:00
maxim
c9e34ff82a o Do nothing in show_nat() for a test mode (-n). This prevents
show_nat() from endless loop and makes work ipfw -n nat <...>.

PR:		bin/128064
Submitted by:	sem
MFC after:	1 month
2008-10-14 17:53:26 +00:00
kib
042990e041 Background fsck applies twice some summary totals changes. The next
background fsck on the same file system might then print negative
numbers for reclaimed directories/files/fragments.

Address the issue in a limited degree, by using old summary data for
cg when bgfsck is performed.

Submitted by:	tegge
MFC after:	1 week
2008-10-13 14:01:05 +00:00
kib
352dfe0f0a check_maps() in /usr/src/sbin/fsck_ffs/pass5.c seems to be limited to file
systems less than 1 TB, due to using 32-bits integers for file system block
numbers. This also causes incorrect error reporting for foreground fsck.

Convert it to use ufs2_daddr_t for block numbers.

PR:	kern/127951
Submitted by:	tegge
MFC after:	1 week
2008-10-13 13:56:23 +00:00
delphij
f39dcb8b69 Add some examples to demostrate gpart(8).
--此行及以下内容将会被忽略--
> Description of fields to fill in above:                     76 columns --|
> PR:            If a GNATS PR is affected by the change.
> Submitted by:  If someone else sent in the change.
> Reviewed by:   If someone else reviewed your modification.
> Approved by:   If you needed approval for this commit.
> Obtained from: If the change is from a third party.
> MFC after:     N [day[s]|week[s]|month[s]].  Request a reminder email.
> Security:      Vulnerability reference (one per line) or description.
> Empty fields above will be automatically removed.

M    gpart.8
2008-10-09 06:23:04 +00:00
maxim
ef20fb87cd o Typo fixes.
PR:		docs/127866
Submitted by:	Marius Korsmo
2008-10-05 05:12:48 +00:00
sam
c683906dce add duplicate cmd entries for vlan and vlandev that are marked !clone
so they can be used when not doing a create operation

Reviewed by:	ed
2008-10-02 20:03:41 +00:00
lulf
54c73027a0 - A call to close(2) might overwrite errno and thus give a wrong error message
on g_providername failure.

Suggested by:	pjd
Approved by:	pjd (mentor)
2008-09-30 11:46:14 +00:00
lulf
5eb1ad1462 - Improve error message given on g_providername call failure.
- While there, make error messages consistent with the rest.

Approved by:	kib (mentor)
2008-09-30 07:18:49 +00:00