- removed references to nonexistent pathconf-related variables.
- document everything in CTL_MACHDEP(more than in sysctl.8) and
80% of the things in CTL_KERN (same as in sysctl.8).
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
in a bunch of man pages.
Use the correct .Bx (BSD UNIX) or .At (AT&T UNIX) macros
instead of explicitly specifying the version in the text
in a bunch of man pages.
Here are the diffs for libc_r to get it one step closer to P1003.1c
These make most of the thread/mutex/condvar structures opaque to the
user. There are three functions which have been renamed with _np
suffixes because they are extensions to P1003.1c (I did them for JAVA,
which needs to suspend/resume threads and also start threads suspended).
I've created a new header (pthread_np.h) for the non-POSIX stuff.
The egrep tags stuff in /usr/src/lib/libc_r/Makefile that I uncommented
doesn't work. I think its best to delete it. I don't think libc_r needs
tags anyway, 'cause most of the source is in libc which does have tags.
also:
Here's the first batch of man pages for the thread functions.
The diff to /usr/src/lib/libc_r/Makefile removes some stuff that was
inherited from /usr/src/lib/libc/Makefile that should only be done with
libc.
also:
I should have sent this diff with the pthread(3) man page.
It allows people to type
make -DWANT_LIBC_R world
to get libc_r built with the rest of the world. I put this in the
pthread(3) man page. The default is still not to build libc_r.
also:
The diff attached adds a pthread(3) man page to /usr/src/share/man/man3.
The idea is that without libc_r installed, this man page will give people
enough info to know that they have to build libc_r.
bugs in your code is to put it in the -stable branch. (Corollary: the
day you discover the bug is the day the Internet decides to route your
telnet session to the repository box via Zimbabwe.)
Remove one bogus free(result) (from _havemaster()) that slipped by me.
Flagged by: phkmalloc
Pointed out to me by: Stefan Esser
In __initdb(), a failure to open the local password database is supposed
to result in a warning message being syslog()ed. This warning is only
supposed to be generated as long as the 'warned' flag hasn't been yet;
once the warning is generated, the flag should be set so that the message
is only syslog()ed once. However, while the state of the flag is checked
properly, the flag's state is never changed, so you always get multiple
warnings instead of just one.
Pointed out by: Peter Wemm
This commit covers the man pages for most of the ANSI library functions.
A few others such as strtol.3 have to mention <sys/types.h> because they
mix ANSI interfaces with less well designed extensions.
getnetgrent.c:
- Catch one bogon that snuck by: in _listmatch(), check for '\0'
rather than '\n'; strings returned from yp_match() are terminated
with a nul, not a newline.
getpwent.c:
- Rip out all of the +inclusion/-exclusion stuff from before and
replace it with something a little less grotty. The main problem
with the old mechanism was that it wasted many cycles processing
NIS entries even after it already knew they were to be exlcuded
(or not included, depending on your pointof view). The highlights
of these changes include:
o Uses an in-memory hash database table to keep track of all the
-@netgroup, -user, and -@group exclusions.
o Tries harder to duplicate the behavior normally obtained when using
NIS inclusions/exclusions on a flat /etc/passwd file (meaning things
come out in much the same order).
o Uses seperate methods for handling getpwent() and getpwnam()/getpwuid()
operations instead of trying to do everything with one general
function, which didn't work as well as I thought it would.
o Uses both getnetgrent() and innetgr() to try to save time where
possible.
o Use only one special token in the local password database
(_PW_KEYYPBYNUM) instead of seperate tokens to mark + and -
entries (and stop using the counter tokens too). If this new
token doesn't exist, the code will make due with the standard
_PW_KEYBYNUM token in order to support older databases that
won't have the new token in them.
All this is an attempt to make this stuff work better in environments
with large NIS passwd databases.
- Clear the _yp_innetgr flag immediately after calling setnetgrent() from
innetgr(). We only need the flag set to temporarily alter setnetgrent()'s
behavior. Previously, it was being cleared too late.
- When in NIS-only mode, innetgr() was wasting time doing unecessary
extra processing after it had already found a match.
- Remember to free memory allocated by the NIS functions during innetgr()
searches.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
matter much on some systems, but on ftp servers (like wcarchive) where
you run with special stripped group and pwd.db files in the anonymous
ftp /etc, this can be a major speedup for ls(1).
reconnect once using the saved openlog() parameters.
This helps one of the system startup race conditions. If syslogd takes too
long to get going, some daemons can fail the connection and forever log
to the console even though the syslogd is running. That is ..unfortunate..
the statically compiled PS_STRINGS and USRSTACK variables. This prevents
programs using setproctitle from coredumping if the kernel VM is increased,
and stops libkvm users (w, ps, etc) from needing to be recompiled if only
the VM layout changes.
for "fts_open" was wrong. Also, the "fts_info" field of the FTSENT
structure was misleadingly described as containing "flags". Actually, it
contains a single integer value.
in the main text of various man pages.
Thanks to Warner Losh for adding an option to manck to allow
it to scan the entire man page looking for bogus xrefs, instead
of just checking the SEE ALSO section.
Also corrected a few minor formatting errors, file location and cross
references in some of the section 3 man pages.
This shuts up a lot of the output from "manck" for section 3.
Install (optional) libutil.h with prototypes for the functions and
document this in the man page.
minor cleanups to the various routines, include the prototype file, declare
return codes etc.
of signals. Signals are now properly caught, tty state is being
restored, and the previous sigaction triggered. Upon receipt of a
sigcont, echo is turned off again.
SIGTSTP causes a buffer flush, the man page mentions this. (Although
i rather think of it as a feature than a bug.)
This is likely to be my last FreeBSD action for 1995, xearth shows
me that our .au guys must already write 1996. :-)
replace the dozen other various hacks in the code that do all sorts
of crude things including spamming the envrionment strings with the new
argv string.
This version is mainly inspired by the sendmail version, with a couple of
ideas taken from the NetBSD implementation as well.
- Fix buffer overflow problem once and for all: do away with the buffer
copies to 'user' prior to calling _scancaches() and just pass a pointer
to the buffer returned by yp_match()/yp_first()/yp_next()/whatever.
(We turn the first ':' to a NUL first so strcmp() works, then change it
back later. Submitted by Bill Fenner <fenner@parc.xerox.com> and
tweaked slightly by me.
- Give _pw_breakout_yp() the 'more elegant solution' I promised way back when.
Eliminate several copies to static buffers and replace them with just
one copy. (The buffer returned by the NIS functions is at most
YPMAXRECORD bytes long, so we should only need one static buffer of
the same length (plus 2 for paranoia's sake).)
- Also in _pw_breakout_yp(): always set pw.pw_passwd to the username
obtained via NIS regardless of what pw_fields says: usernames cannot
be overridden so we have no choice but to use the name returned by
NIS.
- _Again_ in _pw_breakout_yp(): before doing anything else, check that
the first character of the NIS-returned buffer is not a '+' or '-'.
If it is, drop the entry. (#define EXTRA_PARANOIA 1 :)
- Probe for the master.passwd.* maps once during __initdb() instead
of doing it each time _getyppass() or _nextyppass() is called.
- Don't copy the NIS data buffers to static memory in _getyppass()
and _nextyppass(): this is done in _pw_breakout_yp() now.
- Test against phkmalloc and phkmalloc/2 (TNG!) to make sure we're
free()ing the yp buffers sanely.
- Put _havemaster(), _getyppass() and nextyppass() prototypes under
#ifdef YP. (Somehow they ended up on the wrong side of the #endif.)
- Remove unused variable ___yp_only.
- In some cases, we don't properly resolve _all_ possible group memberships.
If a user is a member of both local and NIS groups, we sometimes lose some
of the membership info from NIS. (Reported by: Thorsten Kukuk
<kukuk@uni-paderborn.de>)
- Make NIS +groupname overrides actually work the way the SunOS group(5)
man page says they should (make them work for all cases: getgrent(),
getgrnam() and getgrgid()).
- When not compiled with -DYP, grscan() should ignore entries that
begin with a '+'. When compiled _with_ -DYP, grscan() should ignore
+groupname entries that don't refer to real NIS groups.
- Remove redundant redeclaration of fgets(), strsep() and index() inside
grscan(). We already #include all the right header files for these.
Note: -groupname exclusion as specified in the Sun documentation still
isn't supported. This'll be a 2.2 addition. Right now I just want this
stuff to work.
What was happening, is if syslogd was not running, syslog() would do
a strcat("\r\n") on a non-null-terminated buffer, and write it to the console.
This meant that sometimes extra characters could be written to the console
during boot, depending on the stack contents.
This totally avoids the potential problem by using writev() like the rest
of the does, and avoid modifying the buffer after the trouble we've gone to
to carefully protect it.
This is actually a trivial fix, in spite of the long commit message.. :-)
It only appeared during boot and shutdown with syslogd stopped.
running on a tty. (Same as isatty()) The old-style TIOCGETP ioctl
wouldn't fly if the kernel didn't have COMPAT_43.
Submitted by: Carl Fongheiser <cmf@netins.net>
control hooks.
It is similar to an unrolled multi-part snprintf(), in that a "FILE *" is
attached to a string buffer. There is also an optimisation for the case
where the syslog format string does not contain %m, which should improve
performance of "informational" logging, like from ftpd.
the group map after encountering a badly formatted entry.
getpwent.c: same as above for _nextyppass(), and also turn a couple of
sprintf()s into snprintf()s to avoid potential buffer overruns. (The
other day I nearly went mad because of a username in my NIS database
that's actually 9 characters long instead of 8. Stuffing a 9-character
username into an 8-character buffer can do some strange things.)
(This reminds me: I hope somebody's planning to fix the buffer overrun
security hole in syslog(3) before 2.1 ships.)
seperate function to avoid duplication. Also fix getpwent() a
small bit to properly handle the case where the magic NIS '+'
entry appears before the end of the password file.
getgrent.c: be a little more SunOS-ish. Make it look like the NIS
group map is 'inserted' at the the point(s) where the magic NIS '+'
entry/entries appear.
getgrent: fix a file descriptor leak: remember to close the netgroup
file after we determine that we're using NIS-only innetgr() lookups.
- getnetgrent.c: address some NIS compatibility problems. We really need
to use the netgroup.byuser and netgroup.byhost maps to speed up innetgr()
when using NIS. Also, change the NIS interaction in the following way:
If /etc/netgroup does not exist or is empty (or contains only the
NIS '+' token), we now use NIS exclusively. This lets us use the
'reverse netgroup' maps and is more or less the behavior of other
platforms.
If /etc/netgroup exists and contains local netgroup data (but no '+').
we use only lthe local stuff and ignore NIS.
If /etc/netgroup exists and contains both local data and the '+',
we use the local data nd the netgroup map as a single combined
database (which, unfortunately, can be slow when the netgroup
database is large). This is what we have been doing up until now.
Head off a potential NULL pointer dereference in the old innetgr()
matching code.
Also fix the way the NIS netgroup map is incorporated into things:
adding the '+' is supposed to make it seem as though the netgroup
database is 'inserted' wherever the '+' is placed. We didn't quite
do it that way before.
(The NetBSD people apparently use a real, honest-to-gosh, netgroup.db
database that works just like the password database. This is
actually a neat idea since netgroups is the sort of thing that
can really benefit from having multi-key search capability,
particularly since reverse lookups require more than a trivial
amount of processing. Should we do something like this too?)
- netgroup.5: document all this stuff.
- rcmd.c: some sleuthing with some test programs linked with my own
version of innetgr() has revealed that SunOS always passes the NIS
domain name to innetgr() in the 'domain' argument. We might as well
do the same (if YP is defined).
- ether_addr.c: also fix the NIS interaction so that placing the
'+' token in the /etc/ethers file makes it seem like the NIS
ethers data is 'inserted' at that point. (Chances are nobody will
notice the effect of this change, which is just te way I like it. :)
_gr_breakout_yp(): if we encounter a NULL pointer generated as the
result of a badly formatted NIS passwd entry (e.g. missing fields),
we punt and return an error code, thereby silently skipping the
bad entry.
last night:
_gr_breakout_yp() doesn't check for badly formatted NIS group entries.
For example, a bogus entry like this:
bootp::user1,user2,user3
will lead to a null pointer dereference and a SEGV (note that the GID
field is missing -- this results in one of the strsep(&result, ":")
returning NULL). The symtpom of this problem is programs dumping
core left and right the moment you add a + entry to /etc/group.
Note that while this is similar to an earlier bug, it's caused by a
different set of circumstances.
The fix is to check for the NULL pointers and have _gr_breakout_yp()
punt and return a failure code if it catches one. This is more or
less the behavior of SunOS: if a bad NIS group entry is encountered,
it's silently ignored. I don't think our standard (non-NIS) group
parsing code behaves the same way. It doesn't crash though, so I'm
citing the 'it ain't broken, don't fix it' rule and leaving it alone.
I'll probably have to add similar checks to _pw_breakout_yp() in
getpwent.c to ward off the same problems. It's rare that bad NIS
map entries like this occur, but we should handle them gracefully
when they do.
'cycle in netgroup check too greedy').
PR #508 is apparently due to an inconsistency in the way the 4.4BSD
netgroup code deals with bad netgroups. When 4.4BSD code encounters
a badly formed netgroup entry (e.g. (somehost,-somedomain), which,
because of the missing comma between the '-' and 'somedomain,' has
only 2 fields instead of 3), it generates an error message and
then bails out without doing any more processing on the netgroup
containing the bad entry. Conversely, every other *NIX in the world
that usees netgroups just tries to parse the entry as best it can
and then silently continues on its way.
The result is that two bad things happen: 1) we ignore other valid entries
within the netgroup containing the bogus entry, which prevents
us from interoperating with other systems that don't behave this way,
and 2) by printing an error to stderr from inside libc, we hose certain
programs, in this case rlogind. In the problem report, Bill Fenner
noted that the 'B' from 'Bad' was missing, and that rlogind exited
immediately after generating the error. The missing 'B' is apparently
not caused by any problem in getnetgrent.c; more likely it's getting
swallowed up by rlogind somehow, and the error message itself causes
rlogind to become confused. I was able to duplicate this problem and
discovered that running a simple test program on my FreeBSD system
resulted in a properly formatted (if confusing) error, whereas triggering
the error by trying to rlogin to the machine yielded the missing 'B'
problem.
Anyway, the fixes for this are as follows:
- The error message has been reformatted so that it prints out more useful
information (e.g. Bad entry (somehost,-somedomain) in netgroup "foo").
We check for NULL entries so that we don't print '(null)' anymore too. :)
- Rearranged things in parse_netgrp() so that we make a best guess at
what bad entries are supposed to look like and then continue processing
instead of bailing out.
- Even though the error message has been cleaned up, it's wrapped inside
a #ifdef DEBUG. This way we match the behavior of other systems. Since we
now handle the error condition better anyway, this error message becomes
less important.
PR #507 is another case of inconsistency. The code that handles
duplicate/circular netgroup entries isn't really 'too greedy; -- it's
just too noisy. If you have a netgroup containing duplicate entries,
the code actually does the right thing, but it also generates an error
message. As with the 'Bad netgroup' message, spewing this out from
inside libc can also hose certain programs (like rlogind). Again, no
other system generates an error message in this case.
The only change here is to hide the error message inside an #ifdef DEBUG.
Like the other message, it's largely superfluous since the code handles
the condition correctly.
Note that PR #510 (+@netgroup host matching in /etc/hosts.equiv) is still
being investigated. I haven't been able to duplicate it myself, and I
strongly suspect it to be a configuration problem of some kind. However,
I'm leaving all three PRs open until I get 510 resolved just for the
sake of paranoia.
- If you take the wheel entry out of /etc/group and turn on NIS,
the '+:*::' line is incorrectly flagged as the entry for wheel (the
empty gid section is translated to 0), hence getgrgid() returns '+'
as the name of the group instead of 'wheel.'
- Using just '+:' as the 'turn on NIS' switch in /etc/group makes
getgrgid() dump core because of a null pointer dereference. (Last
time I was in here, I foolishly assumed that fixing the core dump
problems with getgrnam() and getgrent() would fix getgrgid() too.
Silly me.)
- it succeeded on non-directories (see POSIX 5.1.2.4).
- it hung on (non-open) named pipes.
- it leaked memory if the second malloc() failed.
- it didn't preserve errno across errors in close().
of the plus or minus lists at all, reject him. This lets you create
a +@netgroup list of users that you want to admit and reject everybody
else. If you end your +@netgroup list with the wildcard line
(+:::::::::) then you'll have a +@netgroup list that remaps the
specified people but leaves people not in any netgroup unaffected.
add #includes for YP headers when compiling with -DYP to avoid some implicit
declarations.
getgrent.c & getnetgrent.c: add some #includes to avoid implicit declarations
of YP functions.
remapping mechanism in the following manner: if given an entry +@foo
and there is no netgroup named 'foo,' try searching for a regular
user group called 'foo' and build the cache using the members of
group 'foo' instead. If both a netgroup 'foo' and a user group 'foo'
exist, the 'foo' netgroup takes precedence, since we're primarily
interested in netgroup matching anyway.
This allows access control schemes based on ordinary user groups
(which are also available via NIS) rather than netgroups, since
netgroups on some systems are limited in really brain-damaged ways.
my network because setnetgrent() was trying to do a lookup on group "".
It seems that an attempt to do a yp_match() (and possible yp_next())
on a null or empty key causes Sun's ypserv in SunOS 4.1.3 to exit
suddenly (and without warning). Our ypserv behaves badly in this
situation too, thoush it doesn't appear to crash. In any event, getpwent,
getnetgrent and yp_match() and yp_next() are now extra careful not to
accidentally pass on null or empty arguments.
Also made a small change to getpwent.c to allow +::::::::: wildcarding,
which I had disabled previously.
- Have the +@netgroup/-@netgroup caches handle the +user/-user cases too.
- Clean up getpwent() to take advantage of the improved +user/-user handling.
work because parse_netgrp() doesn't recurse properly. Fixed by
changing
if (parse_netgrp(spos))
return(1);
to
if (parse_netgrp(spos))
continue;
inside parse_netgrp(). (Lucky for me I happen to have a fairly complex
'live' netgroup database to test this stuff with.)
- Added support for reading netgroups from NIS/YP in addition to the
local /etc/netgroups file. (Note that SunOS and many other systems only
support reading netgroups via NIS, which is a bit odd.)
- Fix Evil Null Pointer Dereferences From Hell (tm) that caused
parse_netgrp() to SEGV when expanding netgroups that include
references to other netgroups. Funny how nobody else noticed this.
This is the first step in implimenting +@netgroup substitution in
getpwent.c and any other places that could use it and don't already
support it (which is probably everywhere).
by heading off possible null pointer dereferences in grscan(). Also
change getgrnam() slightly to properly handle the change: if grscan()
returns an rval of 1 and leaves a '+' in the gr_name field and YP is
enabled, poll the YP group.byname map before giving up. This should
insure that we make every effort to find a match in the local and
YP group databases before bailing out.
in an (unlikely) border case (maxgroups==1 and the user is on
an /etc/group line for the same group and that group only ...).
Now this case is dealt with as before ...
Add a missing apostrophe that suggests inverting the frequency to get
tick size. It read better before because `CLK_TCK' suggests a tick
size although it is actually a frequency.