1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-24 11:29:10 +00:00
Commit Graph

69242 Commits

Author SHA1 Message Date
Matthew Dillon
4fbd563eb8 Make the 'maxusers 0' auto-sizing code slightly more conservative. Change
from 1 megabyte of ram per user to 2 megabytes of ram per user, and
reduce the cap from 512 to 384.  512 leaves around 240 MB of KVM available
while 384 leaves 270 MB of KVM available.  Available KVM is important
in order to deal with zalloc and kernel malloc area growth.

Reviewed by:	mckusick
MFC: either before 4.5 if re's agree, or after 4.5
2002-01-25 01:54:16 +00:00
Crist J. Clark
f7a54d06e5 Have sysctl() return the correct errno(2) as documented in the
sysctl(3) manpage.

Submitted by:	ru
Obtained from:	BSD/OS
2002-01-25 00:50:49 +00:00
David Malone
ecca80bd97 Make usage message and man page synopsis reflect the fact that -n
and -c are mutually exclusive.

PR:		34233
Submitted by:	Gary W. Swearingen <swear@blarg.net>
MFC after:	3 days
2002-01-24 22:27:50 +00:00
Andrey A. Chernov
9df24552a0 Zeroing memset() in opiechallenge() really is not needed because it is the
very first thing immediately following opielookup() does being entered, i.e.
look at this:

int opielookup FUNCTION((opie, principal), struct opie *opie AND char
*principal
)
{
  int i;

  memset(opie, 0, sizeof(struct opie));
...
2002-01-24 22:19:21 +00:00
Poul-Henning Kamp
9118ec5a27 Yet a bug with extensible sbufs being marked as OVERFLOWED. This time
because of a signed/unsigned problem.

Approved by:	DES
2002-01-24 20:57:56 +00:00
Josef Karthauser
46d0cbc2cd Merge from NetBSD:
usb.c:	-r1.35 - 1.37
    usb_port.h:	tiny bit of -r1.26 + an extra bit in the FreeBSD config section.

	revision 1.37
	date: 2000/01/24 18:35:51;  author: thorpej;  state: Exp;  lines: +7 -1
	Use config_pending.
	----------------------------
	revision 1.36
	date: 1999/12/22 23:54:09;  author: augustss;  state: Exp;  lines: +2 -2
	Use the flags `locator' to govern if devices are detected early or
	late during cold boot.
	----------------------------
	revision 1.35
	date: 1999/12/20 02:12:23;  author: augustss;  state: Exp;  lines: +8 -5
	Make sure tsleep() is not called during cold boot.
2002-01-24 20:21:17 +00:00
David E. O'Brien
0f14df92a1 Add libfetch.so.2 from a 17-Dec-2001 4.5-RC (releng4) build. 2002-01-24 18:59:29 +00:00
Mark Murray
c2065008b5 WARNS=4 fixes. Protect with NO_WERROR for the modules that have
warnings that are hard to fix or that I've been asked to leave alone.
2002-01-24 18:37:17 +00:00
David Malone
24bd57cbbd Add new option HAVE_STRERROR to CFLAGS. 2002-01-24 17:59:39 +00:00
David Malone
337fd7a891 Resolve conflicts. 2002-01-24 17:58:42 +00:00
David Malone
db6a108dbf Resolve conflicts (our -t option, we'd fixed a bug in a slightly different way). 2002-01-24 17:55:40 +00:00
David Malone
bc2856b282 Resolve conflicts (we have a -t option). 2002-01-24 17:54:04 +00:00
David Malone
73e3ae1c4e Resolve conflict: We made a fix renaming a structure member error,
but it was renamed errnum on the vendor branch.
2002-01-24 17:52:26 +00:00
Jens Schweikhardt
ac512bd99a Insert a missing paragraph break (.Pp).
MFC after:	3 weeks
2002-01-24 17:49:09 +00:00
Dag-Erling Smørgrav
f748a713da PAM modules shouldn't call putenv(); pam_putenv() is sufficient. The
caller is supposed to check the PAM envlist and export the variables it
contains; if it doesn't, it's broken.

Sponsored by:	DARPA, NAI Labs
2002-01-24 17:26:27 +00:00
David Malone
30be5b1b49 This commit was generated by cvs2svn to compensate for changes in r89750,
which included commits to RCS files with non-trunk default branches.
2002-01-24 17:24:16 +00:00
David Malone
4f4f23c131 import top_3_5beta12 2002-01-24 17:24:16 +00:00
Jonathan Lemon
cd75bfa75f Add entry for EVFILT_NETDEV, which was inadverdently omitted back in Sept. 2002-01-24 17:20:55 +00:00
Dag-Erling Smørgrav
9201dc40bf Change the order in which pam_sm_open_session() updates the logs. This
doesn't really make any difference, except it matches wtmp(5) better.

Don't do anything in pam_sm_close_session(); init(8) will take care of
utmp and wtmp when the tty is released.  Clearing them here would make it
possible to create a ghost session by logging in, running 'login -f $USER'
and exiting the subshell.

Sponsored by:	DARPA, NAI Labs (but the bugs are all mine)
2002-01-24 17:15:04 +00:00
Ruslan Ermilov
485318d4d8 Style.
Approved by:	ken
2002-01-24 16:53:08 +00:00
Dag-Erling Smørgrav
905fd6f3ee Don't set PAM_RHOST, this is a local login.
Sponsored by:	DARPA, NAI Labs
2002-01-24 16:20:17 +00:00
Dag-Erling Smørgrav
ca355e5451 Correctly interpret PAM_RHOST being unset as an indicator of a local
login.

Sponsored by:	DARPA, NAI Labs
2002-01-24 16:18:43 +00:00
Dag-Erling Smørgrav
d233082fbe Correctly interpret PAM_RHOST being unset as an indicator of a local
login.
2002-01-24 16:16:01 +00:00
Dag-Erling Smørgrav
e4536f1138 Style nits.
Sponsored by:	DARPA, NAI Labs
2002-01-24 16:14:56 +00:00
Alexey Zelkin
a2fb0481d7 get __time_load_locale() prototype from include file, rather than declare
own
2002-01-24 15:38:59 +00:00
Dag-Erling Smørgrav
e9ae7bc234 This commit disables chain caching.
Chain caching is a feature of Linux-PAM, where pam_authenticate() and
pam_open_session() "freeze" the chain so that their companion
primitive (pam_setcred() and pam_close_session() respectively) will
call the exact same modules, skipping those that failed in the
previous call.

There are several reasons not to do this, the most prominent of which
is that it makes it impossible to call pam_setcred() without first
calling pam_authenticate() - which is perfectly valid according to
DCE/RFC 86.0 and XSSO, and is necessary to make 'login -f' work.

Instead of chain caching, implement something similar to the way
Solaris' libpam behaves: pam_setcred treats "sufficient" modules as if
they were "required", i.e. does not break the chain when they succeed.

PAM modules whose pam_sm_setcred() should not be called unless their
pam_sm_authenticate() succeeded can simply set a state variable using
pam_set_data() in pam_sm_authenticate(), and use pam_get_data() to
check it in pam_sm_setcred().

Sponsored by:	DARPA, NAI Labs
2002-01-24 15:30:03 +00:00
Guido van Rooij
a3e5380a47 1) Fix a debug statement by filling in its data before the printf in
stead of after
2) Honour NO_TEST_UNIT_READY quirk for atapi devices as well
3) Actually support FujiFilm FinePix 6800 camera's. Will very likely also
work for other FinePix models.

Based on a debug session about half a year ago with Nik Hibma.
MFC after:	2 weeks
2002-01-24 15:10:53 +00:00
Alexey Zelkin
bcbeac34ae * style(9)'fy
* declare prototype for __time_load_locale() in timelocal.h
2002-01-24 15:07:44 +00:00
David E. O'Brien
e95d27b9ae Fix problem where with PicoBSD the shell coredumps if it does not find an
entry for its terminal type in /etc/termcap.

Submitted by:	bde
2002-01-24 13:54:19 +00:00
Dag-Erling Smørgrav
f433d6afed Document the even_root option.
Sponsored by:	DARPA, NAI Labs
2002-01-24 13:35:06 +00:00
Dag-Erling Smørgrav
76f95f4dc2 Don't let root through unless the "even_root" option was specified.
Sponsored by:	DARPA, NAI Labs
2002-01-24 12:47:42 +00:00
David Malone
98d1592458 Change brk's prototype from char *brk(const char *) to int brk(const void *)
and sbrk's prototype from char *sbrk(int) to void *sbrk(intptr_t).

This makes us more consistant with NetBSD and standards which include
these functions. Bruce pointed out that ptrdiff_t would probably
have been better than intptr_t, but this doesn't match other
implimentations.

Also remove local declarations of sbrk and unnecessary casting.

PR:		32296
Tested by:	Harti Brandt <brandt@fokus.gmd.de>
MFC after:	1 month
2002-01-24 12:11:31 +00:00
Murray Stokely
e4e61f7853 Providing long filename support on the Macintosh requires over 30
megabytes of additional space on the install CD.  Given our premium
for space, I don't think this is a wise use of 30MB.  HFS support was
not provided on the FreeBSD 4.4 CDs and I received a grand total of 0
complaints.
2002-01-24 10:44:16 +00:00
Dag-Erling Smørgrav
16e058b5d6 Add a PAM module that records sessions in utmp/wtmp/lastlog.
Sponsored by:	DARPA, NAI Labs
2002-01-24 09:45:17 +00:00
Dag-Erling Smørgrav
c2d5249eaf Fix some pastos. Rather shoddy of me...
Sponsored by:	DARPA, NAI Labs
2002-01-24 09:44:22 +00:00
David E. O'Brien
fb609a2178 Add libfetch.so.2 from a 10-Dec-2001 releng4 build. 2002-01-24 00:54:44 +00:00
Jun Kuriyama
8ecbf394e0 MFen (1.265 --> 1.266). 2002-01-24 00:27:53 +00:00
Brian Somers
c3805e0152 Detect if a udp socket on STDIN_FILENO is connected by calling
getpeername() and don't set PASSIVE mode if it's is.
2002-01-23 23:36:35 +00:00
Andrew Gallatin
ae967e6461 Regenerated file from previous commit to syscalls.master 2002-01-23 22:47:47 +00:00
Andrew Gallatin
21e06996e4 Linux/alpha uses the same BSDish return mechanism we do for
getpid, getuid, getgid and pipe, since they bootstrapped from
OSF/1 and never cleaned up.  Switch to the native syscalls
on alpha so that the above functions work

MFC after: 7 days
2002-01-23 22:46:14 +00:00
Brian Somers
97dd5500aa Cross reference the NETWORK ADDRESS TRANSLATION section when describing
the -nat flag.

Requested by:	eivind
2002-01-23 21:11:33 +00:00
Bruce A. Mah
5e6b58fcbe New release note: smmsp/mailnull users.
Reviewed by:	gshapiro
2002-01-23 18:49:43 +00:00
Dag-Erling Smørgrav
53f3167d07 Add a PAM module that provides an account management component for checking
either PAM_RHOST or PAM_TTY against /etc/login.access.o

This uncovers a problem with PAM_RHOST, in that if we always set it, there
is no way to distinguish between a user logging in locally and a user
logging in using 'ssh localhost'.  This will be fixed by first making sure
that all PAM modules can handle PAM_RHOST being unset (which is currently
not the case), and then modifying su(1) and login(1) to not set it for
local logins.

Sponsored by:	DARPA, NAI Labs
2002-01-23 17:42:16 +00:00
Dag-Erling Smørgrav
774a10071d Add an AUTHORS section crediting ThinkSec, DARPA and NAI Labs.
Sponsored by:	DARPA, NAI Labs
2002-01-23 17:16:00 +00:00
Ruslan Ermilov
0509dca0c3 Add pam_ssh support to the static PAM library, libpam.a:
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
  dynamic linkage with -lssh.

Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:54:17 +00:00
Dag-Erling Smørgrav
b6b756b58b Base the comparison on UIDs, not on user names.
Sponsored by:	DARPA, NAI Labs
2002-01-23 15:16:01 +00:00
Ruslan Ermilov
fd4ca9e02d Make libssh.so useable (undefined reference to IPv4or6).
Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:06:47 +00:00
Giorgos Keramidas
0063afffd5 dhclient-script.conf lives in /etc and not /sbin.
PR:		docs/32008
Submitted by:	John E Hein <jhein@timing.com>
Approved by:	obrien
2002-01-23 13:56:41 +00:00
Dag-Erling Smørgrav
c84317d7ad Add local/share/java/classes, local/share/sgml, local/share/xml
Approved by:	ru, silence on -ports
MFC after:	1 week
2002-01-23 13:02:16 +00:00
Ruslan Ermilov
0e65089b79 The sixth argument to the NET_RT_IFLIST sysctl is actually 0 for
all interfaces, and ifnet.if_index value for a single interface.
2002-01-23 12:48:08 +00:00