1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-24 11:29:10 +00:00
Commit Graph

607 Commits

Author SHA1 Message Date
Edward Tomasz Napierala
55f0bfbadc Add missing "swapuse" resource limit. 2011-07-09 08:42:23 +00:00
Stanislav Sedov
0daf62d9f5 - Commit work from libprocstat project. These patches add support for runtime
file and processes information retrieval from the running kernel via sysctl
  in the form of new library, libprocstat.  The library also supports KVM backend
  for analyzing memory crash dumps.  Both procstat(1) and fstat(1) utilities have
  been modified to take advantage of the library (as the bonus point the fstat(1)
  utility no longer need superuser privileges to operate), and the procstat(1)
  utility is now able to display information from memory dumps as well.

  The newly introduced fuser(1) utility also uses this library and able to operate
  via sysctl and kvm backends.

  The library is by no means complete (e.g. KVM backend is missing vnode name
  resolution routines, and there're no manpages for the library itself) so I
  plan to improve it further.  I'm commiting it so it will get wider exposure
  and review.

  We won't be able to MFC this work as it relies on changes in HEAD, which
  was introduced some time ago, that break kernel ABI.  OTOH we may be able
  to merge the library with KVM backend if we really need it there.

Discussed with:	rwatson
2011-05-12 10:11:39 +00:00
David E. O'Brien
b928a692c2 Don't duplicate define the stdint types. 2011-05-05 14:45:24 +00:00
Xin LI
7d14df1a2d Add support for IEE/IEC (and now also SI) power of two notions of
prefixes (Ki, Mi, Gi...) for humanize_number(3).

Note that applications has to pass HN_IEC_PREFIXES to use this
feature for backward compatibility reasons.

Reviewed by:	arundel
MFC after:	2 weeks
2011-04-12 22:48:03 +00:00
Sergey Kandaurov
c6b2aa689a Add missing resource limits:
- RLIMIT_NPTS
- RLIMIT_SWAP

MFC after:	1 week
2011-03-24 16:06:57 +00:00
Xin LI
a699e14f45 humanize_number(3) multiply the input number by 100, which could cause an
integer overflow when the input is very large (for example, 100 Pi would
become about 10 Ei which exceeded signed int64_t).

Solve this issue by splitting the division into two parts and avoid the
multiplication.

PR:		bin/146205
Reviewed by:	arundel
MFC after:	1 month
2011-03-23 22:08:01 +00:00
Glen Barber
5f2e9efbf9 s/buffer/buf as is used in the code.
Submitted by:	arundel (via doc@)
MFC after:	3 days
2011-03-21 23:59:20 +00:00
Pawel Jakub Dawidek
fdf6b12d1c expand_number() needs uint64_t, declare it here if not already declared.
MFC after:	3 days
2011-03-06 17:46:06 +00:00
Edward Tomasz Napierala
ffa5101067 Mention setloginclass(2) in login_class(3). 2011-03-06 08:56:44 +00:00
Edward Tomasz Napierala
2bfc50bc4f Add two new system calls, setloginclass(2) and getloginclass(2). This makes
it possible for the kernel to track login class the process is assigned to,
which is required for RCTL.  This change also make setusercontext(3) call
setloginclass(2) and makes it possible to retrieve current login class using
id(1).

Reviewed by:	kib (as part of a larger patch)
2011-03-05 12:40:35 +00:00
Ulrich Spörlein
0d9deed52c mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
Dag-Erling Smørgrav
b8370f59bd UTFize my name. 2010-08-22 11:48:32 +00:00
Joel Dahl
c2025a7660 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
Dag-Erling Smørgrav
35305a8dc1 In setusercontext(), do not apply user settings unless running as the
user in question (usually but not necessarily because we were called
with LOGIN_SETUSER).  This plugs a hole where users could raise their
resource limits and expand their CPU mask.

MFC after:	3 weeks
2010-08-16 11:32:20 +00:00
Dag-Erling Smørgrav
f4fda7679a Old patch I had lying around: clean up and use stpcpy(3) instead of
sprintf(3).
2010-08-16 11:22:12 +00:00
Dag-Erling Smørgrav
a2e0c5ae31 Further simplify the code, and update the manpage.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
2010-08-15 18:32:06 +00:00
Dag-Erling Smørgrav
b6fbd4d50d no-op commit to note that the example given in the previous commit is
a very bad one, since the shift does not actually overflow.  This is
a better example (assuming uint64_t = unsigned long long):

  ~0LLU >> 9             =   0x7fffffffffffffLLU
  ~0LLU >> 9 << 10       = 0xfffffffffffffc00LLU
  ~0LLU >> 9 << 10 >> 10 =   0x3fffffffffffffLLU
2010-08-15 14:55:32 +00:00
Dag-Erling Smørgrav
1035d74025 Fix the overflow test. It is possible for the result of an
overflowing shift to be larger than the original value, e.g.

         (uint64_t)1 << 53 = 0x20000000000000
 ((uint64_t)1 << 53) << 10 = 0x8000000000000000
2010-08-15 14:50:03 +00:00
Dag-Erling Smørgrav
bbb2703b4f Simplify expand_number() by combining the (unrolled) loop with the
switch.  Since expand_number() does not accept negative numbers, switch
from int64_t to uint64_t; this makes it easier to check for overflow.

MFC after:	3 weeks
2010-08-14 14:34:36 +00:00
Joel Dahl
f6ac23919b Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
Joel Dahl
799162a628 Spelling fixes. 2010-08-03 17:40:09 +00:00
Kirk McKusick
a4bf5fb987 Update to current version of head. 2010-04-28 05:33:59 +00:00
Ulrich Spörlein
aa12cea2cc mdoc: order prologue macros consistently by Dd/Dt/Os
Although groff_mdoc(7) gives another impression, this is the ordering
most widely used and also required by mdocml/mandoc.

Reviewed by:	ru
Approved by:	philip, ed (mentors)
2010-04-14 19:08:06 +00:00
Kirk McKusick
516ad57b74 Debugging nits found while testing the new 64-bit quota code. 2010-03-16 06:12:30 +00:00
Dag-Erling Smørgrav
1a0fda2b54 IFH@204581 2010-03-04 13:35:57 +00:00
Joel Dahl
f20b6c8575 The NetBSD Foundation has granted permission to remove clause 3 and 4 from
their software.

Obtained from:	NetBSD
2010-03-02 17:06:40 +00:00
Ed Schouten
2c8d07a874 Fix a regression that was introduced in r191882.
I changed login_tty() to only work when the application is not a session
leader yet. This works fine for applications in the base system, but it
turns out various applications call this function after daemonizing,
which means they already use their own session.

If setsid() fails, just call tcsetsid() on the current session.
tcsetsid() will already perform proper security checks.

Reported by:	Oliver Lehmann
MFC after:	1 week
2010-01-17 17:52:35 +00:00
Ed Schouten
21470ecd91 Remove login(3), logout(3) and logwtmp(3) from libutil.
These functions only apply to utmp(5). They cannot be kept intact when
moving towards utmpx. The login(3) function would break, because its
argument is an utmp structure. The logout(3) and logwtmp(3) functions
cannot be used, since they provide a functionality which partially
overlaps.

Increment SHLIB_MAJOR to 9 to indicate the removal.
2010-01-13 18:59:51 +00:00
Ed Schouten
daaf575910 Build lib/ with WARNS=6 by default.
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.

I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
2010-01-02 09:58:07 +00:00
Kirk McKusick
aee785babd Add and document the quota_convert function which converts between the
old 32-bit and the new 64-bit formats.
2009-12-28 22:44:19 +00:00
Kirk McKusick
c3616249ab Minor bugs turned up during conversion of quotacheck. 2009-12-27 06:26:04 +00:00
Sean Farley
0dd84a53d7 Remove a dead store.
MFC after:	5 days
2009-12-12 00:11:40 +00:00
Ed Schouten
8b8ec2e2b1 Make <libutil.h> work when included by itself.
There are several reasons why it didn't work:

- It was missing <sys/cdefs.h> for __BEGIN_DECLS.
- It uses various primitive types that were not declared.
2009-12-02 15:56:18 +00:00
Konstantin Belousov
5dc1529c34 sigset() is the name of function specified by SUSv4.
Replace it to avoid conflict.

MFC after:	3 weeks
2009-11-26 13:41:15 +00:00
Kirk McKusick
e525d16a80 Add and document new quoat_on and quota_off functions. 2009-11-16 18:59:04 +00:00
Kirk McKusick
6197731d81 Add quota_maxid which returns the maximum user (or group) identifier
in an associated quotafile. Needed by repquota.

Bug fix in quota_read.
2009-10-20 05:37:54 +00:00
Dag-Erling Smørgrav
5666aadb3d Further extend the quotafile API. 2009-09-26 23:16:06 +00:00
Dag-Erling Smørgrav
fdd356a8d1 Style 2009-09-25 23:27:07 +00:00
Dag-Erling Smørgrav
10b3b54548 Merge from head 2009-09-17 16:16:44 +00:00
Dag-Erling Smørgrav
7d4b968b0f Merge from head up to r188941 (last revision before the USB stack switch) 2009-09-17 13:31:39 +00:00
Ken Smith
3ca3047aee Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
Robert Watson
63d9261ab2 Fix copy-and-paste-o's from kinfo_getfile.3 in kinfo_getvmmap.3.
MFC after:	3 days
2009-06-24 12:52:59 +00:00
Xin LI
75d2ea6c50 Merge NetBSD revision 1.14: humanize_number.c is now 2-clause BSD licensed.
(humanize_number.3 intentionally hold back until I make sure why we didn't
merged dehumanize_number(3)).

Obtained from:	NetBSD
2009-06-23 23:27:35 +00:00
Konstantin Belousov
c9253e931d Usermode portion of the support for swap allocation accounting:
- update for getrlimit(2) manpage;
- support for setting RLIMIT_SWAP in login class;
- addition to the limits(1) and sh and csh limit-setting builtins;
- tuning(7) documentation on the sysctls controlling overcommit.

In collaboration with:	pho
Reviewed by:	alc
Approved by:	re (kensmith)
2009-06-23 20:57:27 +00:00
John Baldwin
7b593c5d9d Note that the structures are defined in <sys/user.h> in the text (using
language from stat(2)) rather than in the synopsis.

Requested by:	bde
2009-06-15 15:43:00 +00:00
John Baldwin
6a3401c5dc - Note that these interfaces require <sys/user.h> for the structure
definitions.
- Note that these functions return NULL on failure.

MFC after:	3 days
2009-06-12 18:13:34 +00:00
Dag-Erling Smørgrav
5649afd028 Revert (once again, and hopefully for the last time) to flock(2) locks.
The problem with fcntl(2) locks is that they are not inherited by child
processes.  This breaks pidfile(3), where the common idiom is to open
and lock the PID file before daemonizing.
2009-06-06 18:47:03 +00:00
Dag-Erling Smørgrav
a27c52a943 Add missing .Pp 2009-06-06 17:34:49 +00:00
Ed Schouten
46b303e83d Add tcsetsid(3).
The entire world seems to use the non-standard TIOCSCTTY ioctl to make a
TTY a controlling terminal of a session. Even though tcsetsid(3) is also
non-standard, I think it's a lot better to use in our own source code,
mainly because it's similar to tcsetpgrp(), tcgetpgrp() and tcgetsid().

I stole the idea from QNX. They do it the other way around; their
TIOCSCTTY is just a wrapper around tcsetsid(). tcsetsid() then calls
into an IPC framework.
2009-05-07 13:49:48 +00:00
Kirk McKusick
8bd6a3ab4b Update the quotafile library to manage both active quotas via the
quotactl(2) interface and inactive quotas by accessing the quota
files directly.

Update the edquota program to use this new interface as proof of
concept.
2009-02-14 08:08:08 +00:00
Kirk McKusick
a88984f248 Make hasquota thread safe. 2009-02-13 19:56:59 +00:00
Kirk McKusick
909d0c906f Move hasquota() function to libutil. 2009-02-13 06:17:53 +00:00
Kirk McKusick
916e406eb5 Move hasquota() function to libutil. 2009-02-13 06:12:15 +00:00
Kirk McKusick
581fce8e7d Bug fixes found from using these functions in edquota. 2009-02-10 08:11:44 +00:00
Dag-Erling Smørgrav
1b3515f39b WIP 2009-01-30 13:54:03 +00:00
Robert Watson
aa334e412d Include param.h instead of types.h when using user.h. Otherwise there is
a dependence on ucred.h including audit.h including param.h, which we
would like to eliminate.

MFC after:	3 weeks
2008-12-27 11:12:23 +00:00
Joe Marcus Clarke
6c3b8117ad Initialize the cntp pointer to 0 prior to doing any work so that callers
don't try to iterate through garbage or NULL memory.  Additionally, return
NULL instead of 0 on error.

Reviewed by:	peter
Approved by:	peter
2008-12-19 06:47:59 +00:00
Peter Wemm
ce4a8bcbee Add filler man pages for the kinfo functions I added recently.
While here, hook up the hexdump(3) man page which wasn't being installed.
2008-12-07 03:33:36 +00:00
Peter Wemm
de94a63bd1 Attempt a quick bandaid for arm build breakage. I went to the trouble of
maintaining alignment, but I'm not sure how to tell gcc this.
2008-12-02 10:10:50 +00:00
Peter Wemm
43151ee6cf Merge user/peter/kinfo branch as of r185547 into head.
This changes struct kinfo_filedesc and kinfo_vmentry such that they are
same on both 32 and 64 bit platforms like i386/amd64 and won't require
sysctl wrapping.

Two new OIDs are assigned.  The old ones are available under
COMPAT_FREEBSD7 - but it isn't that simple.  The superceded interface
was never actually released on 7.x.

The other main change is to pack the data passed to userland via the
sysctl.  kf_structsize and kve_structsize are reduced for the copyout.
If you have a process with 100,000+ sockets open, the unpacked records
require a 132MB+ copyout.  With packing, it is "only" ~35MB.  (Still
seriously unpleasant, but not quite as devastating).  A similar problem
exists for the vmentry structure - have lots and lots of shared libraries
and small mmaps and its copyout gets expensive too.

My immediate problem is valgrind.  It traditionally achieves this
functionality by parsing procfs output, in a packed format.  Secondly, when
tracing 32 bit binaries on amd64 under valgrind, it uses a cross compiled
32 bit binary which ran directly into the differing data structures in 32
vs 64 bit mode.  (valgrind uses this to track file descriptor operations
and this therefore affected every single 32 bit binary)

I've added two utility functions to libutil to unpack the structures into
a fixed record length and to make it a little more convenient to use.
2008-12-02 06:50:26 +00:00
Tai-hwa Liang
ca938a2cb1 Fixing !INET6 builds. 2008-11-25 02:15:09 +00:00
Sean Farley
805da51abd Fixed style issues with variable ordering and naming, spacing and
parentheses.

Fixed alignment issue in gr_dup() in its assignment of gr_mem using a
struct to force alignment without performing alignment mathematics.  This
was noticed recently with libutil was built with WARNS=6 on platform such
as sparc64.

Added checks to gr_dup(), gr_equal() and gr_make() to prevent segfaults
when examining struct group's with the struct members pointing to NULL's.

With fix of alignment issue, restore WARNS?=6.

Reviewed by:	des
MFC after:	1 week
2008-11-23 23:26:12 +00:00
Sean Farley
a06717238c style(9) fixes.
MFC after:	1 week
2008-11-11 00:32:55 +00:00
Dag-Erling Smørgrav
31cfde7132 Like many other functions that handle sockaddrs, realhostname_sa() takes a
struct sockaddr * that it casts internally to the appropriate type based on
sa_family.  However, struct sockaddr has very lax alignment requirements,
which causes the compiler to complain when you cast a struct sockaddr * to,
say, a struct sockaddr_in6 *.

I find it reasonable to assume that the pointer we received is in fact
correctly aligned.  Therefore, we can work around the compiler warnings by
casting to void * before casting to the desired type.  For readability's
sake, this is done with macros.

The same technique should prove useful in other parts of the tree that
deal with socket addresses.

MFC after:	3 weeks
2008-11-05 12:13:10 +00:00
Dag-Erling Smørgrav
c5eca3d84d Comment out WARNS. There are too many alignment issues in libutil. 2008-11-05 11:06:10 +00:00
Dag-Erling Smørgrav
b67921fc4b Disconnect gr_util.c from the build. It isn't documented or used anywhere
in the tree, and due to unsafe pointer arithmetic, it will most likely crash
on architectures with strict alignment requirements.
2008-11-05 10:45:39 +00:00
Dag-Erling Smørgrav
5e1a74e82f libutil now builds at WARNS level 6.
MFC after:	3 weeks
2008-11-04 13:51:15 +00:00
Dag-Erling Smørgrav
b4d2cfd941 Add missing header. 2008-11-04 13:50:50 +00:00
Dag-Erling Smørgrav
b8a5cd86e3 Avoid assigning a const char * to a char *.
MFC after:	3 weeks
2008-11-04 13:49:53 +00:00
Ed Schouten
b8cbf1a36a Remove unneeded call to revoke() inside openpty().
As discussed on the commits list, there is no need to call revoke()
inside openpty(). On RELENG_6 and RELENG_7 unlockpt() will call
revoke(). On HEAD we create pseudo-terminals on demand, so there is no
need to revoke the slave device node.

This change should never be MFC'd, because the implementation we have in
RELENG_6 and RELENG_7 should work flawlessly with older versions of
libc.

Discussed with:	jhb
MFC after:	never
2008-10-28 06:00:13 +00:00
Dag-Erling Smørgrav
0e25c55a95 Diff reduction against Varnish, including one important fix: use a shared
lock if the file is opened with O_RDONLY.
2008-10-20 18:11:30 +00:00
Dag-Erling Smørgrav
80de06ed6b Reimplement flopen(3) using fcntl(2) locks instead of flock(2) locks. 2008-10-20 18:02:16 +00:00
Dag-Erling Smørgrav
cb7cd07a07 pidfile(3) uses flopen(3) - don't make any assumptions about how the
latter is implemented.
2008-10-20 18:00:11 +00:00
Dag-Erling Smørgrav
51e75198fa There is no point in releasing a lock on a file which we've unlinked and
are about to close, so don't.  As a bonus, pidfile_remove(3) will now
work with an fcntl(2)-based flopen(3).
2008-10-20 17:41:08 +00:00
Dag-Erling Smørgrav
b1720f52d3 Since in_lt() and in_lts() are not static, assume that they are intended to
be part of the public API.  Accordingly, add prototypes and document them.
2008-10-20 17:17:58 +00:00
Dag-Erling Smørgrav
532045df2e Additional style and whitespace fixes. 2008-10-20 17:09:50 +00:00
Dag-Erling Smørgrav
734413889e Style and whitespace 2008-10-20 17:07:50 +00:00
Dag-Erling Smørgrav
a4578a3c98 Unbreak 2008-10-20 17:04:57 +00:00
Dag-Erling Smørgrav
92657d3cbd Since setclasscpumask() is not static, assume that it is intended to be
part of the public API.  Accordingly, add a prototype and document it.
2008-10-20 17:03:05 +00:00
Dag-Erling Smørgrav
93b5982b3c Style and whitespace. 2008-10-20 16:54:53 +00:00
Dag-Erling Smørgrav
2d057ca68c Parenthesize return values. 2008-10-20 16:51:43 +00:00
Dag-Erling Smørgrav
7cc027a3dc include and whitespace cleanup. 2008-10-20 16:48:18 +00:00
Xin LI
0ea291e221 Use strlcpy() when we mean it. 2008-10-17 21:21:14 +00:00
Ed Schouten
8d333b3c85 Small cleanups to openpty().
- Pass O_NOCTTY to posix_openpt(2). This makes the implementation work
  consistently on implementations that make the PTY the controlling TTY
  by default.

- Call unlockpt() before opening the slave device. POSIX mentions that
  de slave device should only be opened after grantpt() and unlockpt()
  have been called.

- Replace some redundant code by a label.

In theory we could remove a lot of code from openpty() on FreeBSD
-CURRENT, because grantpt(), unlockpt() and revoke() are not needed in
our implementation. We'd better keep them there. This makes the code
still work with older FreeBSD releases and even makes it work on other
non-BSD operating systems.

I've compiled openpty() on Linux. You only need to remove the revoke()
call, because revoke() on Linux always returns -1. Apart from that, it
seems to work like it should.

Reviewed by:	jhb
2008-10-03 09:42:50 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
Brooks Davis
d84c42924c Add support for a new login capability, cpumask which allows login
sessions to be pinned to cpus by login class.
2008-07-25 19:58:14 +00:00
Konstantin Belousov
2db44b8410 Add #include <inttypes.h> for the strtoimax().
Submitted by:	Jilles Tjoelker <jilles stack nl>
MFC after:	3 days
2008-07-07 12:20:34 +00:00
John Baldwin
e1355b07ee Merge hexdump(9) to userland as hexdump(3) in libutil. I'm tired of doing
this by hand in userland utilities.

MFC after:	1 month
2008-07-01 22:30:57 +00:00
Sean Farley
0b5e889911 Add four utility functions related to struct grp processing modeled in-part
after similar calls related to struct pwd in libutil/pw_util.c:
  - gr_equal()
    Perform a deep comparison of two struct grp's.  It does a thorough, yet
    unoptimized comparison of all the members regardless of order.

  - gr_make()
    Create a string (see group(5)) from a struct grp.

  - gr_dup()
    Duplicate a struct grp.  Returns a value that is a single contiguous
    block of memory.

  - gr_scan()
    Create a struct grp from a string (as produced by gr_make()).

MFC after:	3 weeks
2008-04-23 00:49:13 +00:00
Antoine Brodin
6044f112a6 Merge changes from NetBSD on humanize_number.c, 1.8 -> 1.13
Significant changes:
- rev. 1.11: Use PRId64 instead of a cast to long long and %lld to print
an int64_t.
- rev. 1.12: Fix a bug that humanize_number() produces "1000" where it
should be "1.0G" or "1.0M".  The bug reported by Greg Troxel.

PR:		118461
PR:		102694
Approved by:	rwatson (mentor)
Obtained from:	NetBSD
MFC after:	1 month
2008-03-08 21:55:59 +00:00
John Baldwin
c50897c392 Put back the openpty(3) and ptsname(3) fixes but don't disable ptsname(3)
on pts(4) devices this time.  This fixes the issues while leaving pts(4)
enabled on HEAD.
2008-01-15 15:36:23 +00:00
Colin Percival
d3f576839b Back out last commit, since it accidentally broke pts.
The security fix will be re-committed soon, hopefully without breaking
anything.
2008-01-15 13:59:13 +00:00
John Baldwin
16fd04e88e Update the manpage for openpty(3) to account for the recent fixes.
Specifically, remove the BUGS section and note that openpty(3) now always
does the various security-related steps.  Also, update the error return
value section.  The PR below is for the original bug rather than the doc
updates.

MFC after:	1 week
PR:		bin/9770
2008-01-14 23:49:56 +00:00
Colin Percival
160e76972a Fix issues which allow snooping on ptys. [08:01]
Fix an off-by-one error in inet_network(3). [08:02]

Security: FreeBSD-SA-08:01.pty
Security: FreeBSD-SA-08:02.libc
2008-01-14 22:56:05 +00:00
John Baldwin
889befc455 Invoke revoke(2) on the slave pty in the pts(4) case (new_openpty()) to
kick off any other users on the device line before using it since
openpty(3) is documented to do this.  Note that grantpt(3) does not
call revoke(2), it only adjusts permissions and ownership.

MFC after:	3 days
2007-12-20 21:10:06 +00:00
John Baldwin
790c2471b9 Bump up the number of ttys supported by pty(4) to 512 by making use of
[pt]ty[lmnoLMNO][0-9a-v].

MFC after:	3 days
Reviewed by:	rwatson
2007-11-19 20:49:42 +00:00
John Birrell
26fc37307b Constify the first argument to expand_number() so that it can
be called with a const without the compiler grisling.
2007-11-18 02:20:02 +00:00
Simon L. B. Nielsen
3dca093960 Minor mdoc cleanup: Every sentence should start on its own line. 2007-10-13 11:09:45 +00:00
Konstantin Belousov
fefc6803cf When pidfile is already locked and has zero length, do not return
success and zero pid from pidfile_read(). Return EAGAIN instead. Sleep
up to three times for 5 ms while waiting for pidfile to be written.

mount(8) does the kill(mountpid, SIGHUP). If mountd pidfile is truncated,
that would result in the SIGHUP delivered to the mount' process group
instead of the mountd.

Found and analyzed by:	Peter Holm
Tested by:	Peter Holm, kris
Reviewed by:	pjd
MFC after:	1 week
2007-10-12 10:38:05 +00:00
David E. O'Brien
61881b5283 Adjust history.
Approved by:	re(ken)
2007-09-28 15:31:44 +00:00
Pawel Jakub Dawidek
c0a6ac3ff0 - Fix strange for loop.
Reported by:	phk

- While here, check the unit before calculating the actually number.
  This way we can return EINVAL for invalid unit instead of ERANGE.

Approved by:	re (kensmith)
2007-09-05 14:27:13 +00:00
Pawel Jakub Dawidek
c2fc8cebdd Point expand_number(3) at humanize_number(3) and nive versa.
Suggested by:	trhodes
Approved by:	re (kensmith)
2007-09-05 14:25:16 +00:00
Pawel Jakub Dawidek
bd35b57de2 Implement expand_number(3), which is the opposite of humanize_number(3), ie.
a number in human-readable form is converted to int64_t, for example:
123b -> 123
10k -> 10240
16G -> 17179869184

First version submitted by:	Eric Anderson <anderson@freebsd.org>
Approved by:	re (bmah)
2007-09-01 06:19:11 +00:00
Dag-Erling Smørgrav
062044ebbe Back out previous commit until I figure out why my regression test fails.
Approved by:	re (kensmith)
2007-08-03 09:20:28 +00:00
Dag-Erling Smørgrav
7eb198c642 Use fcntl(2)-style locks instead of less-portable flock(2)-style locks.
Approved by:	re (kensmith)
2007-08-03 06:32:45 +00:00
Yaroslav Tykhiy
be89d8067c Document the quirks of ~/.login_conf and LOGIN_MECLASS. 2007-06-14 09:33:37 +00:00
Yaroslav Tykhiy
2e376efd52 Improve mdoc(7) markup. 2007-06-14 07:31:59 +00:00
Yaroslav Tykhiy
a742982378 Update some comments, mostly regarding LOGIN_MECLASS and ~/.login_conf. 2007-06-14 06:42:49 +00:00
Dag-Erling Smørgrav
4b5b992bba Nit: avoid shadowing truncate(2) with a local variable. 2007-05-23 12:09:33 +00:00
Dag-Erling Smørgrav
400f772943 Fix stupid braino in previous commit. 2007-05-23 10:06:03 +00:00
Dag-Erling Smørgrav
d75d56060e If (flags & O_TRUNC), don't truncate the file until we've successfully
locked it.

MFC after:	3 weeks
2007-05-23 08:12:34 +00:00
Daniel Eischen
419ecd5dee Bump library versions in preparation for 7.0.
Ok'd by:	kan
2007-05-21 02:49:08 +00:00
Dag-Erling Smørgrav
b31d5b56ec strlcpy() may be faster than snprintf(), but it is less portable, and this
is not performance critical code anyway.  Also, avoid using strlen() to
obtain information which we already have.

MFC after:	3 weeks
2007-05-11 11:10:05 +00:00
Dag-Erling Smørgrav
4d09ed1e67 Fix typo.
Submitted by:	Bård Skaflestad <bardsk@math.ntnu.no>
2007-05-10 18:15:30 +00:00
Dag-Erling Smørgrav
8f9085389f Well gag me with a spoon... I'm so used to working at high WARNS levels
that I make stupid fundamental mistakes like this when I don't.
2007-05-10 15:01:42 +00:00
Dag-Erling Smørgrav
b252bedcc9 Remove superfluous unexpanded RCS tag. 2007-05-10 14:56:07 +00:00
Dag-Erling Smørgrav
3884dc6768 Use flopen(3).
MFC after:	3 weeks
2007-05-10 14:54:53 +00:00
Dag-Erling Smørgrav
3dea593400 DTRT when O_NONBLOCK is specified.
MFC after:	3 weeks
2007-05-10 14:52:57 +00:00
Dag-Erling Smørgrav
9667055264 I'm tired of seeing this done incorrectly and non-portably, so add a
flopen(3) function which reliably opens and locks a file.

MFC after:	3 weeks
2007-05-10 14:43:31 +00:00
Yaroslav Tykhiy
f855462a24 Fix one kind of style(9) bug and a typo in a comment.
Tested with:	md5(1)
2007-05-01 18:50:33 +00:00
Warner Losh
ee7093a640 Remove California Regent's clause 3, per letter 2007-01-09 01:02:06 +00:00
Tom Rhodes
d3dc0c9de4 Fix a typo: "the give login class" to "the given login class."
PR:		75577
Submitted by:	Nobuyuki Koganemaru
2006-11-05 19:00:08 +00:00
Ruslan Ermilov
f0d43ae993 Fix markup in previous revision. 2006-10-10 08:15:08 +00:00
Tom Rhodes
5e058b334c Add information on how to escape a literal colon in a value or name.
PR:	101262
2006-10-09 22:35:02 +00:00
Ruslan Ermilov
ad136d1e29 Revise markup in recently added manpages. 2006-09-30 10:34:13 +00:00
Ruslan Ermilov
a73a3ab56b Markup fixes. 2006-09-17 21:27:35 +00:00
Thomas Quinot
3a1d9c271b Minor comment fix. 2006-09-08 08:14:32 +00:00
Thomas Quinot
71219ddbd1 (pw_copy): Handle the case of a malformed line in master.passwd
(copy it silently, do not dereference NULL pointer).

PR:             bin/102848
Reviewed by:    security-officer (cperciva)
MFC after:      1 week
2006-09-04 15:09:21 +00:00
Yaroslav Tykhiy
6599d1e129 Recognize the existence of auth' and auth-type'
capabilities but tell they do nothing in the base system.

This is a late responce to
http://docs.freebsd.org/cgi/mid.cgi?ED759F1DC5ADD74592DD063B1EDEDAF803ACD2B5
.

Obtained from:	OpenBSD (wording; with minor corrections)
2006-08-23 09:54:46 +00:00
Yaroslav Tykhiy
74d580d770 style.Makefile(5) is good for our eyes. 2006-07-27 12:36:46 +00:00
Warner Losh
d5fbc8f429 Note the convention that humanize_number follows.
Add 'engineering' numbers to table.
2006-07-15 20:53:36 +00:00
Maxim Konovalov
a07b02ef92 o Add missed comma, xref kld(4). 2006-07-12 14:33:52 +00:00
Brian Somers
25b5a928f7 Remove some unused variables 2006-06-23 01:42:03 +00:00
Maxim Konovalov
613c94ac78 o Typo: ownship -> ownership.
Obtained from:	DragonFlyBSD
2006-06-17 07:25:58 +00:00
Shunsuke Akiyama
b3c87f5c78 Specify default path for SHLIBDIR before bsd.own.mk does.
This fix shared library installed correct place.
2006-06-11 09:14:06 +00:00
Xin LI
db31b8ae3c Don't build IPv6 support if we have choosen not to have it. 2006-06-09 18:11:29 +00:00
Xin LI
aa5c5263bc - Add include for libutil.h and string.h for prototype.
- Cast the rvalue to be compared with the result of
   strlen() to size_t.
2006-05-25 04:01:04 +00:00
Hajimu UMEMOTO
794063c03f Bump library majro version for gethostbyaddr(3). 2006-05-21 15:15:21 +00:00
Christian Brueffer
b208d15b48 Document how the backoff delay is calculated.
Submitted by:	markus
MFC after:	3 days
2006-04-19 17:46:27 +00:00
John-Mark Gurney
4d5e876be3 use pwrite to always write at the begining of the file.. If multiple calls
to pidfile_write happen, the pidfile will have nul characters prepended
due to the cached file descriptor offset...

Reviewed by:	scottl
MFC after:	3 days
2006-04-11 23:10:02 +00:00
Giorgos Keramidas
ef608a6008 Use intmax_t' instead of plain int' for pid_t casts.
Useful tips from:	ru, bde
Approved by:		pjd
MFC after:		3 days
2006-03-04 15:20:28 +00:00
Dag-Erling Smørgrav
501092bbc8 Add utility functions for checking if a given kernel module is loaded,
and loading it.
2006-02-18 11:25:28 +00:00
Pawel Jakub Dawidek
560c4fc142 - Add a note that passing NULL to pidfile_write(), pidfile_remove() and
pidfile_close() functions is safe. This possibility is used in example code.
- Cast pid_t to int.

Requested by:	yar
2006-01-28 14:13:15 +00:00
Olivier Houchard
db256336b8 Teach openpty() how to deal with pts. 2006-01-26 01:33:26 +00:00
Robert Watson
d2042d2052 Restore use of strncpy(), as there is later unconditional termination
of the string, and reliance on the returned pointer.

Found by:	bde (tm)
2006-01-16 11:54:07 +00:00
Robert Watson
ba183db70c Replace strncpy() with strlcpy() when parsing login time limit strings
from /etc/login.conf, or an unterminated string buffer could result.
Probably, login_times.c should reject excessively long time strings as
unparseable, rather than truncating, which might render an invalid
string valid.

Found with:	Coverity Prevent (tm)
Reviewed by:	csjp
MFC after:	3 days
2006-01-16 00:52:20 +00:00
Robert Watson
8e3ae6fe69 Fix typo in comment.
MFC after:	3 days
2006-01-16 00:28:11 +00:00
Christian S.J. Peron
111a16a8ee Document the LOGIN_SETMAC setusercontext(3) flag. While we are here, drop
in an external reference to mac_set_proc(3).
2005-12-30 06:16:20 +00:00
John Baldwin
a54bb702d7 Restore the previous state after a FILL operation in properties_read()
rather than forcing the state to LOOK.  If we are in the middle of parsing
a line when we have to do a FILL we would have lost any token we were in
the middle of parsing and would have treated the next character as being
at the start of a new line instead.

PR:		kern/89181
Submitted by:	Antony Mawer gnats at mawer dot org
MFC after:	1 week
2005-11-28 16:30:16 +00:00
Ruslan Ermilov
877205d1d4 Fix prototype. 2005-11-24 11:29:11 +00:00