o Add jexec(8) to execute a command in an existing jail.
o Add -j option for killall(1) to kill all processes in a specified
jail.
o Add -i option to jail(8) to output jail ID of newly created jail.
- Bump shared library version on libusbhid.
- Retire libusbhid.h; it is called usbhid.h now.
- hid_start_parse() takes a third argument.
- hid_locate() takes a fifth argument.
- hid_report_size() order of arguments changes.
- Other changes, including formatting and whitespace.
Bump __FreeBSD_version.
This change will break all third party applications that rely on previous
FreeBSD specific behavior.
- if operating "as them" (su -l), use pam_{open,close}_session()
- allow PAM to override $HOME (pam_chroot needs this)
- chdir early, because later on we may be chrooted and chdir will fail
Also use pid_t instead of int where applicable.
FreeBSD. This method attempts to centralize all the necessary hacks
or work arounds in one of two places in the tree (src/Makefile.inc1
and src/tools/build). We build a small compatibility library
(libbuild.a) as well as selectively installing necessary include
files. We then include this directory when building host binaries.
This removes all the past release compatibilty hacks from various
places in the tree. We still build on tip of stable and current. I
will work with those that want to support more, although I anticipate
it will just work.
Many thanks to ru@, obrien@ and jhb@ for providing valuable input at
various stage of implementation, as well as for working together to
positively effect a change for the better.
print a warning, and set the idletime variable for the entry to -1;
then pick up the -1 later in sprint() and lprint() and ignore those
idle times by printing just whitespace. When third party applications,
such as kdm, insert utmp entries, they sometimes use strings like ":0",
which can't be stat()'d and currently result in warnings that are
not helpful to the user.
(See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt)
This fulfills the host requirements for userland support by
way of the setsockopt() IP_EVIL_INTENT message.
There are three sysctl tunables provided to govern system behavior.
net.inet.ip.rfc3514:
Enables support for rfc3514. As this is an
Informational RFC and support is not yet widespread
this option is disabled by default.
net.inet.ip.hear_no_evil
If set the host will discard all received evil packets.
net.inet.ip.speak_no_evil
If set the host will discard all transmitted evil packets.
The IP statistics counter 'ips_evil' (available via 'netstat') provides
information on the number of 'evil' packets recieved.
For reference, the '-E' option to 'ping' has been provided to demonstrate
and test the implementation.
signal never affects su directly, some shells changes its pgrp at running
or suspended time, so a broadcast SIGTSTP from child will mess up su's job
control.
Discussed with: bde
the child process, before executing the command. This is very useful
when you do stuff like ``find ... | xargs interactive_application''.
Without -o, the application would inherit the pipe as its stdin, and
you thus lose any control over it.
This flag has been carefully chosen to not conflit with other options
of other xargs utilities like GNU xargs.
Reviewed by: jmallett
careless users vulnerable to terminal control sequence attacks,
since they expect uudecode to just drop (or overwrite) a file in
the current directory. POSIX also says that the full pathname from
the input should be used when writing a file, which we only do if
the -s (shoot me in the foot) option is specified; therefore this
revision means that you now need to use -s for standard /dev/stdout
handling.
Kernel:
Change statistics to use the *uptime() timescale (ie: relative to
boottime) rather than the UTC aligned timescale. This makes the
device statistics code oblivious to clock steps.
Change timestamps to bintime format, they are cheaper.
Remove the "busy_count", and replace it with two counter fields:
"start_count" and "end_count", which are updated in the down and
up paths respectively. This removes the locking constraint on
devstat.
Add a timestamp argument to devstat_start_transaction(), this will
normally be a timestamp set by the *_bio() function in bp->bio_t0.
Use this field to calculate duration of I/O operations.
Add two timestamp arguments to devstat_end_transaction(), one is
the current time, a NULL pointer means "take timestamp yourself",
the other is the timestamp of when this transaction started (see
above).
Change calculation of busy_time to operate on "the salami principle":
Only when we are idle, which we can determine by the start+end
counts being identical, do we update the "busy_from" field in the
down path. In the up path we accumulate the timeslice in busy_time
and update busy_from.
Change the byte_* and num_* fields into two arrays: bytes[] and
operations[].
Userland:
Change the misleading "busy_time" name to be called "snap_time" and
make the time long double since that is what most users need anyway,
fill it using clock_gettime(CLOCK_MONOTONIC) to put it on the same
timescale as the kernel fields.
Change devstat_compute_etime() to operate on struct bintime.
Remove the version 2 legacy interface: the change to bintime makes
compatibility far too expensive.
Fix a bug in systat's "vm" page where boot relative busy times would
be bogus.
Bump __FreeBSD_version to 500107
Review & Collaboration by: ken
This option is present on most uuidgen(1) implementations even
though normal file redirection can be used to achieve the same.
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
int, long int or u_int32_t. This changes the interface of
all the CRC calculation and output functions from cksum.
- Print variables of type off_t as intmax_t using a cast and %jd.
- Use the standardized uint32_t type instead of u_int32_t.
To have uint32_t defined, include <stdint.h> where necessary.
Style(9):
- Move #include directives where they belong (esp. crc32.c).
- Add empty lines between #include directives of system headers,
standard library headers and local headers.
- Test a pointer value against NULL.
- Put a space after the return keyword.
PR: bin/48424
KTR_DROP set in its header, then we output an extra line to stdout to
indicate that events were dropped between the previous record and this
record. It is a bit trickier because we need to always notify the user
if events are dropped even if KTR_DROP is set on a record of a type that
we aren't interested in since kdump(8) doesn't know if the dropped events
were of the types that the user has requested. To avoid outputting
multiple events dropped notices in between actual event logs, a state
variable is set whenever a drop is logged and cleared whenever an actual
record is output.
Requested by: phk
are specified the old behaviour is old. The submitted applied a much cleaner
diff to ruptime.c, however it did not cover cases like listing failures. It
would probably be a good idea to move the printing from the ruptime function,
and have that function just be used to build the list, as that would unbreak
sorting, but this diff is intended to be clear, relative to the original
code. As the sort order is the order specified on the command line, for now,
such is documented in the manual page accordingly.
Submitted by: Edward J. M. Blocklesby <ejb@lythe.org.uk>
MFC after: 3 weeks
end-of-file checks out of the inner base64 loop, and remove the
trailing whitespace stripper. The latter was added in rev 1.23 but
the actual fix for the problem was in 1.24 -- b64_pton doesn't mind
extra whitespace. (However there's a bogus comment in OpenSSH's
uuencode.c that also mentions problems with trailing whitespace and
b64_pton, but their real problem is the comment field in the key
file.)
comparing regular files. Add a SIGSEGV handler to make its
behavior less surprising when a read error occurs. The handler
does not attempt to distinguish errors from file truncation, but
anyone actively modifying a file while trying to compare it
shouldn't even expect something sane to happen.
PR: 45391
Reviewed by: mike (mentor)
compile-time constants). That is, a "bucket" now is not necessarily
a page-worth of mbufs or clusters, but it is MBUF_BUCK_SZ, CLUS_BUCK_SZ
worth of mbufs, clusters.
o Rename {mbuf,clust}_limit to {mbuf,clust}_hiwm and introduce
{mbuf,clust}_lowm, which currently has no effect but will be used
to set the low watermarks.
o Fix netstat so that it can deal with the differently-sized buckets
and teach it about the low watermarks too.
o Make sure the per-cpu stats for an absent CPU has mb_active set to 0,
explicitly.
o Get rid of the allocate refcounts from mbuf map mess. Instead,
just malloc() the refcounts in one shot from mbuf_init()
o Clean up / update comments in subr_mbuf.c
<sys/endian.h>. It is needed to cross-build sparc64 on
RELENG_4 and to build sparc64 on say 5.0-DP1 (on systems
without <sys/endian.h>). This will be revisited when we
create RELENG_5.
Spotted by: make universe
this return an error.
This re-enables display of the first entry in /var/account/acct instead
of the error "lastcomm: /var/account/acct: Invalid argument"
Fix handling of -v option.
Don't treat negative offsets as valid positive ones.
Clean up the ETA and transfer rate code. Show transfer rate along with
ETA if the verbose level is higher than 1.
* Be less strict about multi-line preprocessor directives (e.g. those
with comments hanging off the right-hand end) since they're more
of a problem in practise than I expected. Prompted by phk.
* Fix the handling of "ignore" symbols.
* Style pedantry from OpenBSD and Ted Unangst <tedu@stanford.edu>,
including some whitespace fixes and removal of strcpy()
(and not including excessively strict KNF enforcement).
* Fix some typos and terminological inconsistencies.
teach it about ia64 specific section types, dynamic tags and machine
type. This is a mostly insignificant change given the amount of
work that this tool obviously needs...
string from a silent implicit non-global substitution to a non-silent
explicit fatal error. Archored substitutions are those containing '^'
or '$'.
The problem with changing the substitution to prevent an infinite
number of matches is that it doesn't provide the necessary feedback
to the user that there's a bug in the/a makefile. Reporting the bug
without making the condition fatal makes the feedback mostly useless
due to the way that make fails to prefix the error with program name,
makefile file name and line number information.
Note that global substitutions of the empty string anchored with '^'
(start of string) or '$' (end of string) do not cause an infinite
number of matches and are therefore not reported and hence are non-
fatal.
Suggested by: bde
Tested with: buildworld
global substitution. In general it's a makefile bug to globally
substitute the empty string, but it's a bug in make(1) if a bug
in the makefile yields an infinite running time of make(1).
Not objected to by: arch@
pointer types, and remove a huge number of casts from code using it.
Change struct xfile xf_data to xun_data (ABI is still compatible).
If we need to add a #define for f_data and xf_data we can, but I don't
think it will be necessary. There are no operational changes in this
commit.
ifstat Display the network traffic going through active interfaces
on the system. Idle interfaces will not be displayed until
they receive some traffic.
For each interface being displayed, the current, peak and
total statistics are displayed for incoming and outgoing
traffic. By default, the ifstat display will automatically
scale the units being used so that they are in a human-read-
able format. The scaling units used for the current and peak
traffic columns can be altered by the scale command.
Submitted by: Trent Nelson <trent@arpa.com>
"The unifdef utility exits 0 if the output is an exact copy of the input,
1 if not, and 2 if in trouble."
This causes an 'Error code 1 (ignored)' in the world output, which upsets
the whereintheworld scripts that the tinderboxes use.
However, this stuff here is a relic. We do not enable HAVE_TCL_INTERP
nor HAVE_PERL_INTERP.. The Makefile hooks to turn them on have gone ages
ago, and this stuff was here for release building purposes only. Rather
than fight with the tinderbox builds, clean house a bit and remove the
last remaining unused relics of this stuff.
* The partial-evaluation of #elif sequences was broken and the
spaghetti logic of its implementation was too hard to understand.
I've re-done it using a straight-forward table-driven push-down
automaton.
* The pre-processor line parser did not allow for all of the weird
places that people might put comments, which could have caused it
to add syntax-errors to the output by removing a #if line containing
the start- or end-marker of a comment.
* The lexer didn't need to special-case the handling of string-literals
or character-constants, but it did need to learn about line-continuations
(backslash-newline).
* The input routine was buggy and bit-rotten and trivially replacable
with fgets(). I've also made the program static- and const-safe and
improved the presentation-order. The formatting of the state-transition
tables remains non-stylish.
This commit-messsage was brought to you by code-point 45.
MFC-after: one-week
from "unix" back to "local". Add some compat stuff so both
ways work for some time.
Reviewed by: phk
Approved by: imp (UPDATING)
Requested by: iedowse, lukem@netbsd.org
characters was reversed, resulting in some network appliances, including
at least some NAS devices from Ascend, not recognizing our finger(1)
request.
PR: 45914
Submitted by: J R Matthews <jrm@delta-e.com.au>
Approved by: re (rwatson)
MFC after: 2 weeks
The /usr/bin/perl wrapper isn't solving many of the problems it was
imported to deal with. There are limitations to it that don't have a
clear "fix".
Reviewed by: markm, kris
Extorted approval from: re(jhb)
Revert to using the .Tn POSIX and .Tn ANSI instead of \*[Px] and \*[Ai]
strings; using these strings is unsafe in troff mode, as they include a
change in a font size.
Approved by: re
Has been seen to work on several cards and communicating with
several mobile phones to use them as modems etc.
We are still talking with 3com to try get them to allow us to include
the firmware for their pccard in the driver but the driver is here..
In the mean time
it can be downloaded from the 3com website and loaded using the utility
bt3cfw(8) (supplied) (instructions in the man page)
Not yet linked to the build
Submitted by: Maksim Yevmenkin <myevmenk@exodus.net>
Approved by: re
the deprecated utime(3). utimes(2) uses timeval, but utime(3) uses
time_t's. If you do bad things (like I did) by mixing up include files
with libc, then install can do strange things if you mismatch the time_t
stuff. utime() is emulated entirely within libc.
Approved by: re (jhb)
time_t. Deal with the possibility that time_t != int32_t. This boils
down to this sort of thing:
- time(&ut.ut_time);
+ ut.ut_time = time(NULL);
and similar for ctime(3) etc. I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.
Approved by: re (jhb)
Registry (LACNIC) with the -l option and support for recursive IP
address searches.
PR: 44448
Submitted by: David Wolfskill <david@catwhisker.org>
MFC after: 1 week
1) Missing include.
2) Constness.
3) ANSIfication.
4) Avoid some shadowing.
5) Add/clarify some error messages.
6) Some int functions were using return without a value.
7) Mark some parameters as unused.
8) Cast a value we know is non-negative to a size_t before comparing.
to Fatal errors, because the logic that we use to try to continue is far
too broken, and makes things look and act weird, because we end up pointing
past the end of a buffer boundry into freed memory in the caller, as we
don't come close to setting the lengthPtr to a sane value.
Reviewed by: make@
(This only changes failure cases which would have died horrid deaths to
explicit clean death failure cases.)
o Remove static function uuid_print(); use uuid_to_string(3) in
combination with printf(3) to achieve the same,
o Remove unneeded includes,
o Add a reference to uuid(3) to the manpage.
Different code that processes the input in similar ways should be
called in similar ways. File-local stuff should be static. Output
errors should be checked for. Diffs sometimes have to be big.
when the filename comes from the untrusted input. This is a work-around
for careless people who don't routinely check the begin line of the file
or run uudecode -i and instead report "vulnerabilities" to CERT.
http://www.kb.cert.org/vuls/id/336083
a nop, but we'll probably want to keep it for compatibility with other
KAME-based systems.
Complained about by: Andrey Lakhno <land@dnepr.net>
MFC after: 3 days
Don't gratuitously pipe thru a cat(1) if NODOCCOMPRESS.
Only create _stamp.extra when necessary.
Get rid of SOELIMPP and OBJS.
Use Groff version of soelim(1); we need its -I option
for the following to work.
Don't needlessly chdir to SRCDIR. Only a few documents
need CD_HACK, and those that need it either use refer(1)
or .PSPIC macro which internally uses the .psbb call.
to var_modify.c, for readability. constify some low hanging fruit (string
manipulation functions) and the upper layers appropriately. No longer use
the private strstr(3) implementation, while changing string code.
Tested by: lots of successful make buildworld.