Add bindings for kenv(2) right now only get() has been created
it allows do dump into a key/value table the kernel environement if
no argument is passed, or it returns the value associated to the
provided key.
Reviewed by: imp, kevans, markj
Accepted by: imp, kevans
Differential Revision: https://reviews.freebsd.org/D46654
If the ZFS key is setup in prompt mode, use zfs to prompt to load the key
during boot to unlock it.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D36081
Follow the path of what is done with bsnmp, build the modules along
with the main binary, this allows to build the modules at a moment
where all needed libraries are already built and available in the
linker path instead of having to declare all the libraries which a
flua module will be linked to in _prebuild_libs.
Discused with: markj
Reviewed by: markj, jrtc27, kevans, imp
Accepted by: kevans, imp
Differential Revision: https://reviews.freebsd.org/D46610
Allow Debug{On,Off} to run associated hooks.
This makes it feasible to collect extra debug info at runtime
without needing to modify any potentially verified and hence immutable
scripts.
Like debug.sh, hooks.sh is extremely handy and used extensively
in many parts of Junos and its build environment.
It is provided here in the hope that others may benefit.
We do not dot hooks.sh by default to reduce overhead, but it can
but done from rc.conf et al using
$_HOOKS_SH . /libexec/hooks.sh
to avoid including more than once.
Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D46552
Ensure that run_rc_script returns the true return code of the
rc command and not the return code of DebugOff
Reviewed by: sjg
Approved by: kp
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46626
As of 1b5be7204e we setup parts of IPv6
before IPv4 if configured. For consistency change a case in ifn_start()
calling ipv6_up() before ipv4_up() and reverse in ifn_stop().
MFC after: 10 days
Reviewed by: zlei
Differential Revision: https://reviews.freebsd.org/D33426
As with various other rc scripts, we don't want the output from this
being visible in the boot log.
Fixes: 6437872c1d ("New sysctl to disable NOMATCH until devmatch runs")
MFC after: 1 week
Without this change, unwinders such as LLVM libunwind will attempt to
unwind beyond the start of RTLD and get stuck in an infinite loop or
crash (depending on the current values on the stack).
This fixes an infinite loop in the LLVM libunwind test suite on RISC-V.
See also https://reviews.freebsd.org/D40844 for AArch64
Reviewed By: #riscv, jhb
MFC After: 2 weeks
Differential Revision: https://reviews.freebsd.org/D46406
GNU/Linux has historically had the following two resolver prototypes:
1. Elf_Addr(uint64_t, void *)
2. Elf_Addr(uint64_t, void *, void *)
For the former, AT_HWCAP is passed in the first argument, and NULL in
the second. For the latter, AT_HWCAP is still passed, and the second
argument is a pointer to their home-grown __riscv_hwprobe function.
Should they want to use the third argument in future, they'll have to
introduce yet another prototype to allow for later expansion, and then
all users will have to check whether the second argument is NULL to know
if the third argument really exists. This is all rather silly and will
surely prove fun in the face of type-checking CFI.
Instead, be like arm64 and just define all 8 possible general purpose
register arguments up front. To naive source code that forgets non-Linux
OSes exist this will be compatible with prototype 1 above, since the
second argument will be 0 and it won't look further (though should we
start using the second argument for something that wouldn't be true any
more and it might think it's __riscv_hwprobe, but that incompatibility
is one we can defer committing to, and can choose to never adopt).
Until the standard interface for querying extension information[1] is
settled and implemented in FreeBSD there's not much you can do in a
resolver other than use HWCAP_ISA_B, but this gets the infrastructure in
place for when that day comes.
[1] https://github.com/riscv-non-isa/riscv-c-api-doc/pull/74
Reviewed by: kib, mhorne
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D46278
Currently we pass the raw pointer to the on-stack auxargs. This can
legitimately have fewer than AT_COUNT entries, so the use of
__min_size(AT_COUNT), i.e. static AT_COUNT, is inaccurate, and also
needlessly forces the callee to iterate over the elements to find the
entry for a given type. Instead we can just pass aux_info like we use
for everything else.
Note that the argument has been left unused by every callee since its
introduction in 4352999e0e ("Pass CPUID[1] %edx (cpu_feature), %ecx
(cpu_feature2) and CPUID[7].%ebx (cpu_stdext_feature), %ecx
(cpu_stdext_feature2) to the ifunc resolvers on x86.")
Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D46276
in openstack when no user is specified but a sshkey is provided
the information is stored in meta_data.json under "public_keys"
PR: 280461
Reported by: tdb
Since we are being paranoid, check that each arg to safe_dot is
actually a file as well as non-empty.
Check for white-space in filenames - these require special handling.
Introduce a new rc.conf option to not wait for ARP resolution within
dhclient. This is plausible on many modern networks where it is possible
to trust the DHCP server to know whether an IP address is available.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
We only need to check kenv for DEBUG_SH once.
We also need to export DEBUG_SH to be useful.
Sponsored by: Juniper Networks, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D46219
which makes threaded fork ignore the phdr rtld lock, in particular
allowing the dl_iterate_phdr() to block in callback. The cost is that
the image started in this mode cannot use dl_iterate_phdr() after fork.
PR: 280318
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Commit 07d17ca189 set the recommended
permissions for the SSH authorized keys file and directory. The tests,
however, were failing on CI.
Use stat to check for the proper permissions.
Fixes: 07d17ca189 nuageinit: Set recommended SSH permissions
Reported by: Jenkins
As stated in sshd(8), the recommended permissions for ~/.ssh are
read/write/execute for the user, and not accessible by others; and the
recommended permissions for ~/.ssh/authorized_keys are read/write for
the user, and not accessible by others.
Per pw(8), when -H is set, the password should be supplied already
encrypted in a form suitable for writing directly to the password
database (passwd in cloud-init tems); -h provides a special interface by
which interactive scripts can set an account password using pw(8) in
plain text (plain_text_passwd in cloud-init terms).
The default user (freebsd) is defined with a plain_text_passwd
(freebsd), not with an encrypted one.
11da791920 switched Leap-seconds source from IANA to IERS, as IERS
is the canonoical source. The problem ist that IERS is not accessible
from IPv6 only networks. To work around this we must add IANA back in
order to provide IPv6-only users a source for leap-seconds fetch.
PR: 279413
Fixes: 11da791920
MFC after: 3 days
While char is signed on some of FreeBSD's architecutres, it's unsigned
on others. So the naked 'char' cast here needs to be 'signed char'
because in this context, we want the signed interpretation.
We don't really use %hh conversions in the run time linker, so this is
likely a nop. However, for correctness, we need this, like we did in the
kernel in fc3e5334ab. It's a nop on x86 and riscv due to defaults as
well, but does fix a bug on arm and powerpc where char is unsigned.
Suggested by: kib
Sponsored by: Netflix
openstack, ec2 and other implementation of cloudinit disagrees on the
name of the file "user-data" or "user_data", test both and use the first
found
PR: 279876
Add some sanity checks when service jails are used in jails:
- children.max > 0
- children.max - children.cur > 0
The nesting is too deep at those places to have a sane formatting, so no
line wrapping at the usual column.
If someone has a better idea how to format this: feel free to go ahead.
Clarify that the "sysvipc" svcj option inherits from the host / parent.
Add "sysvipcnew" which creates a new SysV namespace for the service
jail.
Sanity check that only one of them is used.
This clarifies the code and makes it less error-prone. It also makes it
easier to extend downstream in CheriBSD (where pointer and integer
members no longer have the same representation and an additional member
is present).
Reviewed by: jhb, kib
Differential Revision: https://reviews.freebsd.org/D45143
After miss reading the cloudinit spec I ended up writting a wrong
test for basic ssh key setup, nuageinit has been fixed, but not
the test, here is the actual fix.
Reported by: markj
New variable ${name}_offcmd may be used to supply commands
executed if named service is not enabled. Previously start_precmd
could be used for such a task but now rc.subr(8) does not call it
if a service is not enabled.
Fix devd startup script to use it instead of start_precmd.
PR: 279198
MFC after: 2 weeks
Reported by: Dmitry S. Lukhtionov
Tested by: Dmitry S. Lukhtionov
At the moment, if bootrace profiling is enabled, autoboot is not
exported to the rc scripts. This causes fsck to not check the root
filesystem. To fix this, pass _boot, rc_fast and autoboot to the
boottrace process to mimic what diretly sourcing the rc.d scripts.
PR: 278993
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1261
Reload is used for service reconfiguration as well
and lacks a NAME_prepend-like mechanism so it makes
sense to extend the NAME_reload hook into this
action.
precmd may use configuration checks and blocks setup
from doing its designated work (e.g. nginx). In moving
the invoke of the setup script in front allows us to
provide custom scripts for config file generation and
fixing prior to precmd checking configuration integrity.
Also introduce _run_rc_setup to separate the launcher
from the main one. Let it run correctly in the case
of restart_precmd and block further execution as
would be the case in start due to the internal plumbing
of restart being split into calling stop and start
afterwards.
Differential-Revsiion: https://reviews.freebsd.org/D36259
Signed-off-by: Franco Fichtner <franco@opnsense.org>
Reviewed by: imp, oshogbo
Pull Request: https://github.com/freebsd/freebsd-src/pull/1258
This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
service jail.
The sshd patch is important for the sshd-related functionality as
described in the man-page in the service jails part.
The location of the added env vars is supposed to allow overriding them
in rc.conf, and to hard-disable the use of svcj for some parts where it
doesn't make sense or will not work.
Only a subset of all of the services are fully tested (I'm running this
since more than a year with various services started as service jails).
The untested parts should be most of the time ok, in some edge-cases
more permissions are needed inside the service jail.
Differential Revision: https://reviews.freebsd.org/D40371
This takes a rc.d-service and starts it in a jail which shares the same
root-path as the host (or parent jail) and may inherit the network from
the host (or parent jail). Per service there is the possibility to
specify some arguments which give more permissions (e.g. netv4, netv6,
sysvipc...).
Reviewed by: bcr (man page)
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D40370
