setgrent, and endgrent also. (The previous NSS implementation used to
simply twiddle the internal data of the various modules directly.)
A symptom (group list set incorrectly in sshd) was
Reported by: Glenn Johnson <gjohnson@srrc.ars.usda.gov>
Sponsored by: DARPA, Network Associates Laboratories
idea to re-initialize `struct passwd', because e.g. pw_class might
get set by one module, but not by another. Add another call to the
internal pwd_init function to accomplish this.
Sponsored by: DARPA, Network Associates Laboratories
Correct a bug that should have wreaked havoc everywhere, but for
some reason only bit unlucky people who use `-march' optimizations.
The compiler cannot assist one in distinguishing between the two
function calls below.
int nsdispatch(void *, ...);
void *discard;
nsdispatch(&discard, ...); /* correct .. no, really! */
nsdispatch(discard, ...); /* Boom */
Robin provided me with a debugging environment in which I could see
what was going on.
Badness when using CPUTYPE was
Reported by: "Robin P. Blanchard" <Robin.Blanchard@gactr.uga.edu>
Reported by: nork
Sponsored by: DARPA, Network Associates Laboratories
An incorrectly-sized allocation was being made due to an incorrect
argument to the `sizeof' operator. Obvious, because it violated the
`foo = malloc(sizeof(*foo))' idiom. Hard-to-see, because it was a
missing `*' (`*p' versus `**p').
Resulting failure was
Reported by: ache
Sponsored by: DARPA, Network Associates Laboratories
privileges. To do so may cause the NIS server to log spurious and
annoying `access denied' messages.
Reported by: Philip Paeps <philip@paeps.cx>
Sponsored by: DARPA, Network Associates Laboratories
in the mac.3 library man page. They were already cross-referenced
at the end of the man page, just not explicitly listed here.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
would result in an incorrectly terminated grouplist.
login(1) crashes
Reported by: Morten Rodal <morten@rodal.no>,
Matthias Schuendehuette <msch@snafu.de>
string was an incredibly dumb idea (of course it will be changed by an
NSS module on success!). Use a static empty string instead.
Sponsored by: DARPA, Network Associates Laboratories
may not fill in all fields, and in the case of string fields, this could
cause trouble for applications. (The only likely example is `pw_class',
because this field is not used by all modules in all cases.)
Move initialization of struct passwd from module-specific code to the
dispatch code.
The problem of a NULL pw_class was
Noticed by: Philip Paeps <philip@paeps.cx>
and the c^Htrusty ssh(1) command.
Déjà vu by: getpwent.c revision 1.56
Sponsored by: DARPA, Network Associates Laboratories
at least one consumer outside of libc and pwd_mkdb.
Adjust the versioning in libc and pwd_mkdb accordingly.
named was the application affected, and that fact was first
Reported by: Zherdev Anatoly <tolyar@mx.ru>
Sponsored by: DARPA, Network Associates Laboratories
family of functions using the new nsdispatch(3) core. Remove
arbitrary size limits when using the thread-safe versions.
= Re-implement the traditional getpwent(3)/getgrent(3) functions on
top of the thread-safe versions.
= Update the on-disk format of the hashed version of the passwd(5)
databases to allow for versioned entries. The legacy version is
`3'. (Don't ask.)
= Add support for version `4' entries in the passwd(5) database.
Entries in this format are identical to version 3 entries except
that all integers are stored as 32-bit integers in network byte
order (big endian).
= pwd_mkdb is updated to generate both version 3 and version 4
entries.
Sponsored by: DARPA, Network Associates Laboratories
may be built into libc (`static NSS modules') or dynamically loaded
via dlopen (`dynamic NSS modules'). Modules are loaded/initialized
at configuration time (i.e. when nsdispatch is called and nsswitch.conf
is read or re-read).
= Make the nsdispatch(3) core thread-safe.
= New status code for nsdispatch(3) `NS_RETURN', currently used to
signal ERANGE-type issues.
= syslog(3) problems, don't warn/err/abort.
= Try harder to avoid namespace pollution.
= Implement some shims to assist in porting NSS modules written for
the GNU C Library nsswitch interface.
Sponsored by: DARPA, Network Associates Laboratories
they resemble one another, but POSIX.1e interfaces were not sufficiently
expressive to do what we needed.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
%f and sufficiently short %g specifiers where the precision was
explicitly zero, no '#' flag was specified, and the floating point
argument was > 0 and <= 0.5. While at it, add some comments to better
explain the relevant bits of code.
Noticed by: Christoph Kukulies <kuku@physik.rwth-aachen.de>
by allprison_mtx), a unique prison/jail identifier field, two path
fields (pr_path for reporting and pr_root vnode instance) to store
the chroot() point of each jail.
o Add jail_attach(2) to allow a process to bind to an existing jail.
o Add change_root() to perform the chroot operation on a specified
vnode.
o Generalize change_dir() to accept a vnode, and move namei() calls
to callers of change_dir().
o Add a new sysctl (security.jail.list) which is a group of
struct xprison instances that represent a snapshot of active jails.
Reviewed by: rwatson, tjr
be printed.
- Fix %f conversions where the number of significant digits is < expt.
This would be a one-line change were it not for thousands separators.
Noticed by tjr.
- Remove some unnecessary code in the parsing of precision specifiers.
- We used to round long double arguments to double. Now we print
them properly.
- Bugs involving '%F', corner cases of '#' and 'g' format
specifiers, and the '.*' precision specifier have been
fixed.
- Added support for the "'" specifier to print thousands' grouping
characters in a locale-dependent manner.
- Implement the __vfprintf() side of hexadecimal floating point
support. All that is still needed is a routine to convert the
mantissa to hex digits one nibble at a time in the style of ultoa().
Reviewed by: silence on standards@
- __vfprintf()'s 'buf' has never been used for floating point, so
don't define it in terms of (incorrect) constants describing
floating point numbers. The actual size needed depends on
sizeof(uintmax_t) and locale details, so I slightly overestimated.
- We don't need a 308-character buffer to store the string "308".
With long doubles and %a we need more than three characters, though.
strange things might happen when garbage values in the struct
get passed in to localtime_r() and family.
Noticed by: marcus
Approved by: markm (mentor)(implicit)
critical and should not be killed when pageout is looking for more
memory pages in all the wrong places.
Reviewed by: arch@
Sponsored by: St. Bernard Software
