possibility of a security hole. It now does what rdist-6 does, and calls
/usr/bin/rsh if not running as root. There are NO protocol changes, this
is 100% compatable with the old rdist, except that it does not need setuid
root privs.
However, there are some minor differences to the base rdist-6 code in that
if it is being run by root, it will call rcmd(3) directly rather than
piping everything through rsh(1). This is a little more efficient as it
doesn't involve context switching on pipe reads/writes.
Also, the -P option was added from rdist-6.1.2, which allows an alternative
rsh program to be specified, such as ssh. Note that it requires the fixes
to the ssh port to disable the unconditional USE_PIPES option that was
recently added. The rcmd(3) optimisation is disabled if a non-rsh program
is speficied.
for bootstrap" tweak to the lex Makefile to stop it building the library
too early.
This untangles things a bit more, it stops new bootstraps failing because
libl/libfl uses 'ld -O' before ld is updated.
shared memory size, average unshared data size, and average unshared
stack size were too high by a factor of 128/100, because the program
used a hard-coded hz value of 100. The correct value is the frequency
of the statistics clock, currently 128. The program now uses sysctl
to get the stathz value from the kernel.
Discussed with: bde@freebsd.org (Bruce Evans)
there is no target to make.
% make
make: make: no target to make.
%
Beause the function Punt() in main.c takes care of leading 'make:' and
trailing newline, so, there is no need to pass explicitly.
Submitted by: enami@ba2.so-net.or.jp
Obtained from: NetBSD GNATS
The fundamental problem with the original code is that it accesses
p[-2] which is one before the beginning of the input buffer for
empty lines. rev.1.6 just moved the problem from failures when
p[-2] happens to be '\\' to failures when it happens to be '\0'.
rev.1.5 was confused about the trailing newline and other things.
I went back to rev.1.5 and fixed it. The result is the same as
Keith Bostic's final version in PR 1356 except it loses more
gracefully for excessively long input lines.
Obtained from: Christos Zoulas <christos@deshaw.com> via NetBSD PR 2621,
[ slightly modified since we don't use libcompat anymore. ]
I'm not sure if this fixes the rdist security bug completely, but it
sure can't hurt!
This stuff should not be too destructive if the IPDIVERT is not compiled in..
be aware that this changes the size of the ip_fw struct
so ipfw needs to be recompiled to use it.. more changes coming to clean this up.
to 1K to avoid waiting too long between 2 progress reports in the case of a
slow transfer.
Move the signal()/setitimer() code just before the read loop because the
ftpio library set and reset the timer internally.
option to pwd_mkdb and adding this option to utilities invoking it.
Further, the filling of both the secure and insecure databases has been
merged into one loop giving also a performance improvemnet.
Note that I did *not* change the adduser command. I don't read perl
(it is a write only language anyway).
The change will drastically improve performance for passwd and
friends with large passwd files. Vipw's performance won't change.
In order to do that some kind of diff should be made between the
old and new master.passwd and depending the amount of changes, an
incremental or complete update of the databases should be agreed
upon.
has been broken at least since 4.4Lite moved most of the #defines out of
<sys/ioctl.h>. This should be done better. Only a few headers are
searched.
Added some #includes so that ioctl.c compiles. The networking headers
have a maze of undocumented interdependencies and ioctl.c now actually
supports networking ioctls.
1. Add a copyright at the top.
2. Make passive and binary modes work with new ftpio semantics.
3. Add a `mirror' (-m) flag which only copies the remote file if it's
not the same size or is newer.
1. Always use file modtime, and if that's not usable then default
to current time.
2. Allow HTTP_TIMEOUT to be set as an environment variable to override
default.
3. Handle SIGTERM.
Add a 'bootstrap' target which *must* be run before building the new
version, since the new scanner relies on the current version of flex to
build itself otherwise.
the 4.3BSD command. Rewritten from scratch after the old man page,
taking account for the different situation with man pages and source
tree hierarchy (re: /usr/src/gnu) of the FreeBSD project.
Reviewed by: wosch (actually loooong time ago)
resolution profiling on Pentiums. On a 100MHz Pentium, the resolution
is at best 10 ns and actually a few hundred ns, but units of 10's or
100's of ns would be inconvenient and the current units of 1 us are a
bit too coarse.
of mbufs in use. If the number reached, e.g., 4 digits, then later
decreased to 3 digits, the last digit of the 4-digit number was
not erased. This caused the display to show a wildly high number of
mbufs in use.
Submitted by: invalid opcode <coredump@nervosa.com>
makewhatis.local - start makewhatis(1) only for file systems
physically mounted on the system
Running makewhatis from /etc/weekly for rw nfs-mounted /usr may kill
your NFS server -- all clients start makewhatis at the same time!
So use this wrapper instead calling makewhatis directly.
Pointed out by: Bruce
is available before trying to go hunting for a domain name. This fixes
the following problem: you have +::::::::: in /etc/master.passwd but
NIS isn't running (no ypbind, no domain name set) -- passwd and chpass
will still try to change an NIS password instead of the local one.
shell to one of the following:
- a non-existent file
- a non-regular file
- a file without any execute bits set
The shell is still set to whatever they entered even if the above
conditions exist (hey, it is the super user doing this after all :-),
but this might give the admin. some warning that they are about to screw
themselves and give them a chance to fix it before it is too late.
Inspired by: some new FreeBSD user on USENET who set his root shell
to a shell that doesn't exist and now can't gain access to root (don't
worry, I sent him some mail on how to recover from this).
"make world" to fail if you use the msun math library and
blow away /usr/include and then do "make world". This is because
the msun math.h isn't installed with the other include files before
xlint is built. It finally gets installed when the msun library
is built.
Perhaps "make world" should install the msun math.h file if
it doesn't install the CSRG math.h, to prevent problems
like this in the future.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
allow the user to install using a Numeric GID or UID.
this brings it in to line with chgrp and chown, ans is required
by some people using FreeBSD in a product.
E.g. for Easter, and entries like "04/SunFirst" calendar will
now report:
04/05* Good Friday (2 days before easter)
04/07* First Sunday...
instead of:
Easter-2 Good Friday...
04/SunFirst First Sunday...
I also modified the calendar files to use the variable day format
for a lot of events so that they will be reported correctly.
E.g. U.S. daylight savings time is now listed as:
04/SunFirst Daylight savings time...
There are still a lot of wrong dates in there for some events
that move from year to year, but I don't have a good calendar handy
right now that I can use for reference.
remote peer will be connected through. This avoids the ``Checking for
invitation on caller's machine'' problem for multi-homed hosts.
Thanks to: Garrett, for his `find_interface' example
problems with tip. There are some hardwired timeouts that ignores the
delay that you can set in the modem configuration file. The hard-wire
delay is to short if the modem has to switch major modes and reset
(ie going from fax to data mode with a reset).
Now my modem transistions from HylaFax control to tip control and ppp mode
without any problems.
Submitted by: Douglas Ambrisko <ambrisko@tcs.com>
a master server and initialize the suser_override flag, but in a non-NIS
environment is should be smart enough to just leave the flag cleared
and return (unless forced with a command-line argument like -y).
Otherwise, it will return an NIS-related error even if NIS isn't
turned on.
Pointed out by: ache
messy 130 column collage, output the system totals -or- info for a
specific interface if -I is given. Also wait for <interval> before
outputting the first sample so that it represents meaningful data (as
opposed to the total since the system was booted - most busy systems
wrap around many times during their operation, so these numbers are
only misleading).
the next line of characters and not cause it to first get
the characters even if the count (cnt) has become 0.
Submitted by: R Bezuidenhout <rbezuide@mikom.csir.co.za>
In passwd(1):
- Gut most of yp_passwd.c and leave only a few things that aren't common
to pw_yp.c.
- Add support for -d and -h flags to select domains and NIS server hosts
to use when updating NIS passwords. This allows passwd(1) to be used
for changing NIS passwords from machines that aren't configured as
NIS clients. (This is mostly to allow passwd(1) to work on NIS master
servers that aren't configured as clients -- an NIS server need not
necessarily be configured as a client itself.)
NOTE: Realize that having the ability to specify a domain and hostname
lets you use passwd(1) (and chpass(1) too) to submit update requests
to yppasswd daemons running on remote servers in remote domains which
you may not even be bound to. For example, my machine at home is not
an NIS client of the servers on the network that I manage, yet I can
easily change my password at work using my FreeBSD box at home by doing:
'passwd -d work.net.domain -h any.nis.server.on.my.net wpaul'. (Yes,
I do use securenets at work; temporarily modified my securenets file
to give my home system access.) Some people may not be too thrilled
with this idea. Those who don't like this feature can recompile passwd(1)
and chpass(1) with -DPARANOID to restrict the use of these flags to
the superuser.
(Oh, I should be adding proper securenets support to ypserv(8) and
rpc.yppasswdd(8) over the weekend.)
- Merge in changes to allow root on the NIS master server to bypass
authentication and change any user's NIS password. (The super-user
on the NIS master already has privileges to do this, but doing it
through passwd(1) is much easier than updating the maps by hand.)
Note that passwd(1) communicates with rpc.yppasswdd(8) via a UNIX
domain socket instead of via standard RPC/IP in this case.
- Update man page.
In chpass(1):
- Fix pw_yp.c to work properly in environments where NIS client
services aren't available.
- Use realloc() instead of malloc() in copy_yp_pass() and copy_local_pass().
- Fix silly bug in copy_yp_pass(); some of the members of the passwd
structure weren't being filled in correctly. (This went unnoticed
for a while since the old yppasswdd didn't allow changes to the
fields that were being botched.)
- chpass(1) now also allows the superuser on the NIS master server to
make unrestricted changes to any user's NIS password information.
- Use UNIX domain comm channel to rpc.yppasswdd(8) when run by the
superuser on the NIS master. This allows several new things:
o superuser can update an entire master.passwd.{byname,byuid} entry
o superuser can update records in arbitrary domains using -d flag to
select a domain (before you could only change the default domain)
o superuser can _add_ records to the NIS master.passwd maps, provided
rpc.yppasswdd(8) has been started with the -a flag (to do this,
the superuser must force NIS operation by specifying the -y flag
to chpass(1) along with -a, i.e. 'chpass -y -a 'foo:::::::::')
- Back out the 'chpass -a <new password entry> breaks with NIS' fix
from the last revision and fix it properly this time. The previous
revision fixed the immediate problem but broke NIS operation in
some cases.
- In edit.c, be a little more reasonable about deciding when to
prevent the shell field from being changed.
Submitted by Charles Owens <owensc@enc.edu>, who said:
"I made a minor (one-line) modification to chpass, with regards
to whether or not it allows the changing of shells. In the 2.0.5 code,
field changing follows the settings specified in the "list" structure
defined in table.c . For the shell, though, this is ignored. A quick
look in edit.c showed me why, but I don't understand why it was written as
such. The logic was
if shell is standard shell, allow changing
I changed it to
if shell changing is allowed (per table.c) and it is a standard shell
OR if uid=0, then allow changing."
Makes sense to me.
- Update man page.
appear that ALL the passwd command does is change a users Kerberos
password, since that is incorrect.
Actually, this man page needs a good overhaul to better reflect systems
that don't have Kerberos installed.
Corrected some bogus cross references to man pages that we don't/won't
have and either deleted them, or found a more appropriate man page
that we do have. Various other minor changes to silence manck.
Manck is currently down to about 200 lines of errors, down from
the 500 - 600+ when I started all this.
``the last Monday in April'
- handle easter
new options
-f calendarfile
-A days
-B days
Calendar HOME directory ~/.calendar
don't sent mail if ~/.calendar/nomail exist
so that when ar has a problem (like trying to update a read-only
archive), you get a message like:
ar: xyzzy.a: Permission denined
instead of:
ar: xyzzy.a
Which doesn't really give the user any indication that the operation
really did fail.
This closes PR# 170.
route.c: look up the netname as-is first before the shifted name. this
makes a big speed difference, as the lookups are generally local
DNS. The shifted names can be very wrong (there is still guessing
and fudging involved) and usually go remote, taking a long time
to fail. If you have the RFC reccomended netnames in your reverse
lookups, this is even faster still.
main.c: dont do a sethostent(1) - this is causing the resolver to use a
VC (tcp) connection to the resolver, which has more overheads and
is slower than the default UDP case. This once made sense when
everything was based on text host tables.
severely bogus mask guessing in the netname code, and also reports the
mask length of the route (like linux's netstat, but in a much more compact
form)
The current code is doing bogus things like shifting c-class subnets by
4 bits and looking them up, causing a DNS lookup of 0x0C0CBxxx which
takes an eternity to fail.
scripts check for. (when looking explicitly for flex..)
Also, do some man links for the commands under their alternate names.
Install the c++ FlexLexer.h file as per the "XXX TODO" comment.
replaced our quota with the NetBSD one, then added all changes we made
to our - this is done to support the displaying of quota's over nfs
using the rpc.rquotad
looking at a high resolution clock for each of the following events:
function call, function return, interrupt entry, interrupt exit,
and interesting branches. The differences between the times of
these events are added at appropriate places in a ordinary histogram
(as if very fast statistical profiling sampled the pc at those
places) so that ordinary gprof can be used to analyze the times.
gmon.h:
Histogram counters need to be 4 bytes for microsecond resolutions.
They will need to be larger for the 586 clock.
The comments were vax-centric and wrong even on vaxes. Does anyone
disagree?
gprof4.c:
The standard gprof should support counters of all integral sizes
and the size of the counter should be in the gmon header. This
hack will do until then. (Use gprof4 -u to examine the results
of non-statistical profiling.)
config/*:
Non-statistical profiling is configured with `config -pp'.
`config -p' still gives ordinary profiling.
kgmon/*:
Non-statistical profiling is enabled with `kgmon -B'. `kgmon -b'
still enables ordinary profiling (and distables non-statistical
profiling) if non-statistical profiling is configured.
looking at a high resolution clock for each of the following events:
function call, function return, interrupt entry, interrupt exit,
and interesting branches. The differences between the times of
these events are added at appropriate places in a ordinary histogram
(as if very fast statistical profiling sampled the pc at those
places) so that ordinary gprof can be used to analyze the times.
gmon.h:
Histogram counters need to be 4 bytes for microsecond resolutions.
They will need to be larger for the 586 clock.
The comments were vax-centric and wrong even on vaxes. Does anyone
disagree?
gprof4.c:
The standard gprof should support counters of all integral sizes
and the size of the counter should be in the gmon header. This
hack will do until then. (Use gprof4 -u to examine the results
of non-statistical profiling.)
config/*:
Non-statistical profiling is configured with `config -pp'.
`config -p' still gives ordinary profiling.
kgmon/*:
Non-statistical profiling is enabled with `kgmon -B'. `kgmon -b'
still enables ordinary profiling (and distables non-statistical
profiling) if non-statistical profiling is configured.
Changing a local passwd will now keep the encryption type that
was originally used to encrypt the password, so folks adding DES
to their systems will not be irritated/confused by having MD5'ed
passwords in their master.passwd. Coming later is an option to
allow the user to choose the encryption type.
2) Fix a bunch of compiler warnings announced by turning on -Wall.
I did not get them all, that will come a bit later.
Update rpcgen with the one from the TI-RPC 2.3 distribution.
Note that when built for FreeBSD, this version of rpcgen assumes
backwards compatibility mode by default. This means that it will produce
ONCRPC 4.0 compatible code unless otherwise instructed, instead of the
other way around.
One incompatibility has also been worked around: this rpcgen normally
always emits an '#include <stropts.h>' directive whether you select
backwards compatibility mode or not. We don't have STREAMS, so this
behavior has been changed: now it will only emit this line if run in TI-RPC
mode.
The 'generate output files in current directory instead of the
directory where the protocol definition file lives' hack from the
original rpcgen has been preserved.
Notable new features:
- Can be used to generate RPC servers that can be launched
from port monitors such as inetd(5).
- Can generate ANSI C code.
- Can generate sample client and server top-level programs and
makefiles in addition to the usual client and server stubs.
- Can generate inline XDR routines.
The #ifdef NEWSALT code doesn't NULL terminate the salt string..
We dont appear to use this code anymore, but it shouldn't hurt
Submitted by: Laurence Lopez <lopez@mv.mv.com>
quite right. (Thic causes you to get prompted for an 'Old Password' when
changing someone's NIS password even if your password isn't set yet.)
Do it like local_passwd.c does.
simplest thing is to just calculate the days using curtime - boottime / 86400.
The modification for this is less obtrusive anyway.
Suggested by: Bill Fenner <fenner@parc.xerox.com>
that if you do an rup on a machine that's been running longer than a year,
you get the wrong day count. Now we factor in 365 * (curtime.tm_year -
boottime.tm_year) to get the correct value. (I noticed this while running
rup on a SunOS machine I have that's been up 525 days. My FreeBSD
machines all said it had only been up for 160 (525-365) days. :)
- apply chmod to the targets, not to the sources.
- apply chown to the targets.
It is still bogus to install by building in the target directory. See
mklocale/data/Makefile for a better method.
27c27
< 11/29 Thanksgiving Day (Last Thursday in November)
---
> 11/23 Thanksgiving Day (4th Thursday in November)
it's not that the date was wrong for this year (it was the wrong year..
it was that the ALGORYTHM was wrong..
very confusing for non americans wondering why americans were going to be
on holiday on the 23rd..
style of error reporting (i prefer gcc style to be consistent with the
compiler) is left, plus a minor nit he's most likely been overlooking.
There are still problems with bootstrapping, and you should expect
troubles when linting libc...
This is just a vendor import by now. I'll wait until i'll get the
imported files back via CTM before applying the FreeBSD patches.
Don't use it yet.
Submitted by: Jochen Pohl <jpo.drs@sni.de>
Obtained from: (NetBSD -- this version is directly from Jochen)
broke. It's much easier to debug the symbol export lists in lkm makefiles
if you know what your errors are during the build process. :-)
Bleah.. symorder.c is *horrible*. :-(
to the description in the manpage. g flag means "replace every occurence
in each word", and its absence means "replace first occurence in each word".
Previously, absence of the g flag was implemented to mean "replace first
occurence found in all words, and then stop replacing", which was incorrect.
only, as it payes no attention to the relocation table (which
references the symbols).
As a result, running "symorder -c" to clean up the visibility of a LKM
".o" file (as is done in the new bsd.kmod.mk) totally screws up the
relocation table, making the LKM file unloadable. (ld: bogus
relocation record)
This is a pretty crude fix - I've changed symorder so that when
running in "cleanup" mode, it disables the reordering which was
screwing up the relocation table. I'm sure there is a better fix, but
I didn't have the energy. Feel free to fix this hack, probably by
renumbering the symbol indexes in the relocation table.
patches to merge the two IPX packages to work with each other and to
not break make-world :)
IPXrouted should be working now, (or at least compiling) :)
Submitted by: Mike Mitchell, supervisor@alb.asctmd.com
This is a bulk mport of Mike's IPX/SPX protocol stacks and all the
related gunf that goes with it..
it is not guaranteed to work 100% correctly at this time
but as we had several people trying to work on it
I figured it would be better to get it checked in so
they could all get teh same thing to work on..
Mikes been using it for a year or so
but on 2.0
more changes and stuff will be merged in from other developers now that this is in.
Mike Mitchell, Network Engineer
AMTECH Systems Corporation, Technology and Manufacturing
8600 Jefferson Street, Albuquerque, New Mexico 87113 (505) 856-8000
supervisor@alb.asctmd.com
strings describing the drive status and error bits are so deficient
that the pointer is always NULL.
Reported by: Philippe Charnier <charnier@lirmm.fr>
made other performance improving changes. This improves the performance
of last(1) by as much as 32 times in some cases, and in more typical cases
is about twice as fast.
Added a BUGS section to the manual page to describe the behavior of last(1)
when a login shell terminates abnormally (and thus doesn't write a logout
record to the wtmp file).
finger output from 80 to 79 characters to stop the syscons
every-second-line-is-blank problem.
Also, redo the TTY column mod so that it steals one of the (usually) two
blank spaces from the before the tty column rather than from the office
phone number.
This means the office phone field width in the short finger is back to 15
characters instead of 13.
time of the target if the target file is the same as the source),
-d (debug), and -p (same as -C except for preserving the modification
time of the source if the target doesn't exists or is different from
the source.
Use library err() functions instead of our own and pass them better
exit codes.
Submitted by: wollman (and changed a lot by me)
Our ld is derived from gnu ld which doesn't check the timestamp on
__.SYMDEF. gnu ld is designed to work with gnu ar which doesn't
even have a ranlib option (gnu ar updates __.SYMDEF automatically
if __.SYMDEF already exists, so gnu ld expects __.SYMDEF to be up
to date if it exists).
uncompression by the "proper" kernel. These changes also add a -v option
so you can see how much room you are using, and check to make sure you're
not going past the 4MB boundary.
This depends on the corresponding changes to sys/i386/boot/kzipboot.
Submitted by: Gary Jones(?) <gj@freefall>, and my code merged in.
Kerberos obtains a network address for the local host from the routing
tables and uses it consistently for all Kerberos transactions. This ensures
that packets only leave the *authenticated* interface. Clients who open
and use their own sockets for encrypted or authenticated correspondance
to kerberos services should bind their sockets to the same address as that
used by kerberos. krb_get_local_addr() and krb_bind_local_addr() allow
clients to obtain the local address or bind a socket to the local address
used by Kerberos respectively.
Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman>
Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
handling for the tools binaries. E.g., after libc.a is changed, it
previously took two `make' passes and one `make depend' pass following
one of the `make' passes to bring everything up to date. Now one `make'
pass followed by one `make depend' pass is sufficient.
Dependency handling seems to be difficult to handle cleanly when
interdependent things are built in different directories.
The filenames in SRCS must have one of the extensions .s, .S, .c, or .cc
if they are to be handled by bsd.dep.mk. Lex and yacc files must be
converted to C files and kept around for everything to work. This is
handled fairly automatically if the names of the generated C files are
put in SRCS. Unfortunately these names must be put in CLEANFILES too.
pcvt Makefiles:
Fix DPADD. It was missing.
Fix CLEANFILES. Some temporary files were missing.
Fix CFLAGS. There were some `-I dir' options.
There must be no whitespace separating -I and -D options from the
corresponding args if these options are to be handled by bsd.dep.mk.
the way it stores and handles "interface". The previous behavior resulted
in strange output from 'w' and 'ps' when an interface specification was
given to netstat.
[ Find to a file vs. to stdout ] produces different output because find
does not flush stdout when doing a -print.
Submitted by: Jeffrey Hsu <hsu@freefall.freebsd.org>
Obtained from: Gunther Schadow and Luigi Rizzo
control program for Trust AmiScan BW (GI1904 chipset)
ASC - A device driver for a handy scanner
This is a device driver for GI1904-based hand scanners, e.g. the Trust
Amiscan Grey and possibly others. The driver is based on the "gsc"
driver and, partly, on a Linux driver.
The driver has a working select().
-Luigi Rizzo (luigi@iet.unipi.it)
to the target login's shell. This allows for "su -c".
Do it right this time and also explain this behaviour in the man
page. :)
Obtained from: bsm's work in FreeBSD 1.1.5.1
This gives us more room to breath with tty names, especially with drivers
that support large numbers of ports.. eg: specialix and digiboard.
This does not actually change the current tty names, it just allows room
for reporting more characters if the drivers use them.
correctly whether a user is local or NIS (or both, or neither). If you
have a user that exists locally but not in NIS, passwd(1) could get
confused and try to submit the password change to NIS. (Fortunately,
yppasswdd is smart enough to spot the error and reject the change.)
Bug reported by: Charles Owens <owensc@enc.edu>
NIS (or both, or neither). Also add support for -l and -y flags to
force behavior to local or NIS. use_yp() also goes out of its way to
retrieve the correct password database information (local or NIS)
depending on what the situation since getpwent() & co. can't
necessarily be trusted in some cases.
Also document new flags in man page.
syntax is slightly changed: -format is now -f format.
New option: -i name
This is a switch to control marked sections in SGML documents. Useful
for multi-lingual documents.
the installation floppy (and in any references in new user docs for
editing files) since tossing a novice into vi with no help or clue as
to what the key bindings are is both cruel and in violation of the
Hague Convention. It's also much SMALLER than vi and even supports emacs
key bindings for those so inclined.
Submitted by: "Hugh F. Mahon" <hugh@nsmdserv.cnd.hp.com>
Telnet has nothing to do with this, it's telnetd and telnetd
doesn't use KLUDGELINEMODE so that theory is washed up. Anyway,
back out previous commit and slink away with red face.
and graft it into chpass.
Chpass can now tell when it's being asked to operate on an NIS
user and it displayes the appropriate message in the editor
template ("Changing NIS information for foo"). After the changes
have been made, chpass will promte the user for his NIS password.
If the password is correct, the changes are committed to yppasswdd.
Hopefully, this should make NIS more transparent to the end user.
Note that even the superuser needs to know a user's password before
he can change any NIS information (such is the nature of yppasswdd).
Also, changes to the password field are not permitted -- that's what
yppasswd is for. (The superuser may specify a new password, but
again, he needs to know the user's original password before he can
change it.)
I do some digging out on this subject and found that remote
rlogind may reduce big speeds to 38400 by itself and (as more often
rlogind variant) speed setting ioctl fails, so speed left on 9600.
In all cases it doesn't do any real harm.
Look at error return of kread() and stop on error.
Fix warning in kread() to not output "kvm_read:" twice.
Killed PCB cache misses stat as we no longer have it.
at install time. This will allow `install -C' to avoid replacing the
installed copy if the new copy is the same. `install -C' would actually
work right if `strip' is already installed, but the Makefile doesn't
know that and has to work for plain `install'.
Stripping should be done by default at link time, but complications
would still be required for installing `strip' in case the default is
overridden.
>Description:
A machine with uptime >1 year appears wrong in the ruptime list
Fixes bin/626: ruptime doesn't like big ...
Reviewed by:
Submitted by: root@xaa.stack.urc.tue.nl
Obtained from:
their ambiguity and makes the output more consistent with other
calendars (e.g. cal in Emacs).
Reviewed by:
Submitted by: wosch@cs.tu-berlin.de (Wolfram Schneider)
Obtained from:
a gethostbyname() on it. That can take a long time... (especially
if the reason the IP address is in there in the first place is because
login/rlogind/telnetd couldn't find it either....)
This patch reduces the gethostbyaddr lookup time to 2 seconds, the idea being
that if the local nameserver knows the answer, it'll answer within that time,
otherwise we dont care... :-)
This change doesn't do anything about whether or not w should do this in the
first place, but at least it will make the current behavior less painful.
Reviewed by: David Greenman
but usually got confused with "eom". It didn't ring the warning bell
saying: "You are probably going to mark your whole tape as deleted
right now."
A warning message pointing to "weof" and "eom" is issued instead.
to su to root by authenticating as themselves (using a password or S/Key)
rather than by using the root password. This is useful in contexts like
ours, where a large group of people need root access to a set of machines.
(However, the security implications are such that this should not be
enabled by default.)
The code is conditionalized on WHEELSU.
isn't used in systat or in the kernel (it was replaced by a sysctl()
call involving VM_METER) and will go away when I clean up bogus
common variables in the kernel.
> The command:
>
> touch -t 199504011200 testfile
>
> gives the error message:
>
> touch: out of range or illegal time specification: [[CC]YY]MMDDhhmm[.SS]
Submitted by: mpp@legarto.minn.net (Mike Pritchard)
complain about an 'illegal line count' becuase it's looking
at the wrong end pointer (ep) to detect any extra characters
after the NNN.
Submitted by: Rich Murphey <rich@freebsd.org>
This should probably get pulled into 2.0.6 and 2.1.0
symbolic links for each cross reference label in the source file, thus
allowing external documents to link to a more or less fixed target,
rather that the numbered files which can change whenever the target
document is modified.
Bug fix: warn when a reference is made to a nonexistant label.
The version 2 support has been tested (client+server) against FreeBSD-2.0,
IRIX 5.3 and FreeBSD-current (using a loopback mount). The version 2 support
is stable AFAIK.
The version 3 support has been tested with a loopback mount and minimally
against an IRIX 5.3 server. It needs more testing and may have problems.
I have patched amd to support the new variable length filehandles although
it will still only use version 2 of the protocol.
Before booting a kernel with these changes, nfs clients will need to at least
build and install /usr/sbin/mount_nfs. Servers will need to build and
install /usr/sbin/mountd.
NFS diskless support is untested.
Obtained from: Rick Macklem <rick@snowhite.cis.uoguelph.ca>
Change things slightly so this message says "local" or "YP" as needed
so we can use it for both NIS and local password changes without
confusing people.
password strings when DES isn't used; somehow the encrypted password
is corrupted and it winds up containing control chars, which yppasswdd
subsequently rejects. This breaks yppasswd on non-DES FreeBSD systems
using NIS.
Fix: scrap getnewyppasswd() entirely and use getnewpasswd() from
local_password.c, since it already works properly and is virtually
identical to getnewyppasswd() anyway. (Wish I'd noticed this sooner.)
This fixes a problem just reported on comp.unix.bsd.freebsd.misc.
type instead of int all over the place. (Cosmetic, enhances
debugging.)
Point out that a date specification _must_ follow the time of day
spec, in the man page. This clarifies the last point PR # of bin/483:
"at doesn't seem to ..." (the remainder has already been fixed with
version 1.3 of parsetime.c).
restricted. Am I the only one who sees the absurdity of having chfn be
a link to chpass, and then denying users permission to use chpass to
change their full names?
Of course, chpass has a much more severe bug in it, which is that it
allows users to change their password database info without first
asking them for their password. I hope to fix this at some point
so that I can merge ypchpass, ypchfn, ypchsh and chpass into one
program (password authentication is required for changing NIS data).
order, prevent suffix rule, if direct or children dependances exists,
forget to free v->name in var.c
My fixes: fix famous ^\t\n bug, correct free order in str_end
Reviewed by: bde
Obtained from: NetBSD, me
that it can't contact an NIS server when asked to change the password
of an invalid user. It should say 'unknown user' instead.
The fix is to check for the _PW_KEYYPENABLED flag in the password
database and only roll over into the yppasswd stuff if the flag
is enabled (this means passwd will not behave as yppasswd if
there are no +::::::::: entries in /etc/master.passwd). If
NIS is enabled but the user says 'passwd -l foouser' where
foouser exists in the NIS maps, but not in /etc/master.passwd,
we also say 'unknown user.' This is so we don't outsmart ourselves:
specifying the -l flag restricts passwd to the local password database
even if NIS is enabled.
This change should probably be merged into 2.1.
- Moved to a more client-driven model. We aggressively attempt to keep
the default domain bound (as before) but we give up on non-default
domains if we lose contact with a server and fail to get a response
after one round of broadcasting. This helps drastically reduce the
amount of network bandwitdh that ypbind consumes: if a client references
the secondary domain at some later point, this will prod ypbind into
establishing a new binding anyway, so continuously broadcasting without
need is pointless.
Note that we still actively seek out a binding for our default domain
even if no client program has queried us yet. I'm not exactly sure if
this matches SunOS's behavior or not, but I decided to do it this way
since we can get into all sorts of trouble if our default domain comes
unbound. Even so, we're still much quieter than we used to be.
- Removed a bunch of no-longer pertinent comments and a couple of
chunks of #ifdef 0'ed code that no longer fit in to the new layout.
- Theo deRaadt must have become frustrated with the callback mechanism
in clnt_broadcast(), because he shamelessly stole the clnt_broadcast()
code right out of the RPC library and hacked it up to suit his needs.
(Comments and all! :)
I can understand why: clnt_broadcast() blocks while awaiting replies.
Changing this behavior requires surgery. However, you can work around
this: fork the broadcast into a child process and relay the results
back to the parent via a pipe. (Careful obervation has shown that the
SunOS ypbind forks children for broadcasting too, though I can only
guess what sort of interprocess communication it uses. pipe() seems to
do the job well enough.)
This may seem like the long way around, but it's not really that
hard to implement, and I'd prefer to use documented RPC library functions
wherever possible. We're careful to limit the number of simultaneous
broadcasters to avoid swamping the system (the current limit is 5).
Each clnt_broadcast() call only sends out a small number of packets
at increasing intervals. We're also careful not to spawn more than one
bradcaster for a given domain.
- Used clntudp_bufcreate() and clnt_call() to implement a ping()
function for directly querying a particular server so that we can
check if it's still alive. This lets me completely remove the old
bradcasting code and use actual RPC library calls instead, at the
cost of more than a few handfulls of torn-out hair. (Make no mistake
folks: I *HATE* RPC.) Currently, the ping interval is one minute.
- Fixed another potential 'nfds too big for select()' bug: use
_rpc_dtablesize() instead of getdtablesize().
- Quieted gcc -Wall a bit.
- Probably a bunch of other stuff that I've forgotten.
ypbind.8:
- Updated man page to reflect modifications.
ypwhich.c:
- Small mind-o fix from last time: decode error results from
ypbind correctly (*groan*)
yplib.c:
- same as above
- Change behavior of _yp_dobind() a little: if we get back a 'Domain
not bound' error for a given domain, retry a few times before giving
up and passing the error back to the caller. We have to sleep for a
few seconds between tries since the 'Domain not bound' error comes
back immediately (by repeatedly looping, we end up pounding on ypbind).
We retry at most 20 times at 5 second intervals. This gives us a full
minute to get a response. This seems to deviate a bit from SunOS
behavior -- it appears to wait forever -- but I don't like the idea
of perpetually hanging inside a library call.
Note that this should fix the problems some people have with bindings
not being established fast enough at boot time; sometimes amd is started
in /etc/rc after ypbind has run but before it gets a binding set up. The
automounter gets annoyed at this and tends to exit. By pausing ther YP
calls until a binding is ready, we avoid this situation.
- Another _yp_dobind() change: if we determine that our binding files
are unlocked or nonexistent, jump directly to code that pokes ypbind
into restablishing the binding. Again, if it fails, we'll time out
eventually and return.
seperate exit values depending on the error. (The error values are
#defined and commented near the top of the file for clarity). This
is to help write a small bit of shell script for /etc/rc that calls
ypwhich a few times after ypbind is invoked to make sure we're
actually bound to a server before proceeding (if we aren't, the
automounter can fail if it's using NIS maps).
ypbind.c: if a client program asks ypbind for the name of the server
for a particular domain, and there isn't a binding for that domain
available yet, ypbind needs to supply a status value along with its
failure message. Set yprespbody.ypbind_error before returning from
a ypbindproc_domain request.
yplib.c: properly handle the error status messages ypbind now has the
ability to send us. Add a ypbinderr_string() function to decode the
error values.
ypwhich.c: handle ypbind errors correctly: yperr_string() can't handle
ypbind_status messages -- use ypbinderr_string instead.
some (hopefully) less offensive stupidity:
If we detect that a user has loaded a module that fails to initialize
itself correctly, panic. There really isn't a safe way to recover from
something like this; we can't know that the module is bad until after
the entry point is called, by which time it's too late to do anything
about it.
covered now, and i've attempted to give textual representations
instead of magic numbers.
The st(4) driver still misses some pieces; i'm going to implement the
EOM functionality RSN.
Any takers for the MTCOMP command? Seems to have never been implemented.
properly. I know, tcsh is not a "Real Shell".
jc p2 :0.0 Tue04PM - -u (tcsh)
^^^
7173 p2 S+ 0:01.33 -u (tcsh)
^^^
Submitted by: John Capo <jc@irbs.com>
1. Nuke out the aculib files that crept in somehow by mistake.
2. Fix the ${.CURDIR} path so that this stuff actually compiles.
It actually compiled for me before the commit, but I must have had
something short-cutting the bug.
job af warning me about mail as my work version does. This patch will
will fix this for bash(1) if MAILPATH is exported:
Submitted by: Mark Murray <mark@grondar.za>
I got irritated with not seeing the interrupt numbers in a (crowded)
"systat -vmstat" display, so I fixed it. Here is a patch to please be
applied in src/usr.bin/systat
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
declares them to return char *. For some reason, this causes no problems
with the old compiler tools, but doing a 'make world' with gcc 2.6.3 in a
seperate DESTDIR got me this error:
yacc -d /usr/src/usr.bin/compile_et/error_table.y
cc -O2 -I. -I/usr/src/usr.bin/compile_et/../../lib/libcom_err -I/mnt/usr/include -c y.tab.c -o error_table.o
In file included from /usr/src/usr.bin/compile_et/et_lex.lex.l:11,
from /usr/src/usr.bin/compile_et/error_table.y:233:
/mnt/usr/include/stdlib.h💯 conflicting types for `malloc'
/usr/src/usr.bin/compile_et/error_table.y:80: previous declaration of `malloc'
/mnt/usr/include/stdlib.h:104: conflicting types for `realloc'
/usr/src/usr.bin/compile_et/error_table.y:80: previous declaration of `realloc'
*** Error code 1
Stop.
Declaring malloc and realloc to return void * fixes this. It could be that
the new gcc is a bit more picky about these things.
directory (instead of the same directory as the source files) and that
#includes in those files do not contain the path to the source file.
Obtained from: J.T. Conklin via NetBSD
The "strings" program chokes if you try using "-n".
>How-To-Repeat:
Try "strings -n SOMENUMBER SOMEFILE".
>Fix:
Here's a "diff -u" patch that corrects the problem.
Submitted by: Lon Willett <lon%softt.uucp@math.utah.edu> via NetBSD
the symlinks for yppasswd & friends (we still can't use hard links
because passwd is installed immutable). This would have been simpler
if the LN_FLAGS variable hadn't chosen to wait until now before leaping
out of the /usr/share/mk directory and biting me in the ass. (And thus,
I was enlightened.)
newline must be part of the pattern space i.e. `echo a|sed -e P' must print
a
a
and not
aa
This is consistent with gnu sed, SunOS, Ultrix (and probably others!)
of hard links: since passwd is installed immutable, an attempt to make
a hard link to it during a 'make install' would fail. I didn't notice
this conflict because my /usr directory is an NFS filesystem mounted from a
SunOS server, so the special file mode flags had no effecti when I tested
everything on my machine. Live and learn.
This is the first round of changes to incorporate YP server functionality
into FreeBSD. This particular change allows passwd to change either the
local or NIS password, as well as the NIS GECOS and shell information.
Essentially, I've taken passwd(1) and yppasswd from the yppasswd-0.5
distribution (which is part of the NYS project -- a project to provide
a GNU GPL'ed suite of NIS tools) and rammed them into each other
at high speed. I've tried my best to make this co-exist with the
Kerberos stuff, but since I don't run Kerberos I don't have an easy
way to verify that it all works. If you choose any Kerberos flags
then the YP checks should be bypassed, but that may not be enough.
I'll modify it some more if it turns out I broke something. For now,
support for localand NIS passwords is pretty solid:
- If you simply type 'passwd,' the program checks to see if you exist
in the local pwd.db database. If not, you get bounced to YP.
- If you try to force local functionality with the -l flag and you
don't exist locally, you get an error.
The -y flag can be used to force YP functionality. -f and -s let you
change your full name and shell (respectively). -f *and* -s let you
change all of your 'account information.'
ypchfn, ypchsh, yppasswd and ypchpass are all links to passwd.
It will read a file on stdin and write it as decimal integers on stdout,
this is useful for embedding files in c-sources.
There are a few places where this is needed, and this is a better way than
the current practice of hand-editing the sources.
The command:
date | file2c 'const char date[] = {' ',0};'
will produce:
const char date[] = {
83,97,116,32,74,97,110,32,50,56,32,49,54,58,52,55,58,51,51,32,80,83,84,
32,49,57,57,53,10
,0};
The manual page is 2 lines longer than the source :-)
problems in the process:
1. Quoting should work properly now. In particular, Chet's reported bash
make problem has gone away.
2. A lot of memory that just wasn't being free'd after use is now freed.
This should cause make to take up a LOT less memory when dealing with
archive targets.
3. Give proper credit to Adam de Boor in a number of files.
Obtained from: NetBSD (and Adam de Boor)
1) It was export-controlled.
2) It used some ad-hoc protocol invented by Berkeley in ignorance of the
standard MIT distribution's way of doing it (which makes it useless
to most people).
This should be fixed once we have `kadmin'/`kadmind'.
spelled g*compiled* symbols from the kernel so that ddb doesn't have to
do it. The symbols are currently removed by dbsym but dbsym will go
away when symbols are loaded by the boot loader.
Document -m option in usage message.
Check for overrunning some arrays.
Fix some misformatting.
1) Don't spit out an error message if Kerberos is installed but not yet
set up.
2) Don't attempt to verify the ticket you got back, as workstations
are not intended to have srvtab files of their own.
Both behaviors can be re-enabled with KLOGIN_PARANOID.
my mailbox since early last year. Fixes a problem with running out of
fds (by hitting the limit or whatever) when ar is given a long list of
objects. The fix was to add a missing close().
Submitted by: Robert Crowe <bob@speakez.com>
to be padded to 8 chars. Simply make sure that never more than 8 chars
are printed ( %-.8s ). The former commit otherwise hosed the width
calculation and landed on different positions for the time output.
Also the strlen(xx_out_line) hoses the wide
calculation, so that it sometimes make it much larger than necessary.
Simply use always 8 chars for the out_line calculation now. Looks good
this way.
v1.9.0 - December 22, 1994. The program won't exit from the interactive shell
if it's working from a tty. For example, it won't exit if you do an mget
on a pattern that won't match anything. Added padding around jmp_buf's
for SunOS. SunOS needs sigjmp_buf's, but plenty of OS's don't support
sigjmp_buf's yet. Fixed the tips to reflect the new archive site.
v1.8.9 - December 20, 1994. Can now set "passive" user variable, or use
passive command to toggle PASV/PORT ftp. Debug mode now prints remote
responses. Can now get around buggy FTP servers like boombox.micro.umn.edu,
that give back invalid port numbers to PASV.
v1.8.8 - December 19, 1994. Now falls back to port FTP if passive FTP fails.
warning handling and allows for link-time warnings with a modified
version of gas.
Note: Not all of the newer bits were updated such as some of the non-x86
machine-dependant code is relevant to FreeBSD right now.
Obtained from: NetBSD
Here's something that should be a big selling point for European users.
Note that Linux still doesn't support anything other than the POSIX locale.
This is a superset of the POSIX locale with support for all the accented
characters. You need this to do compose processing in XFree86 3.x. I'm
using this on my 1.1.5.1 system. Don't know whether it works on 2.0, but
can't think of any reason why it wouldn't.
Submitted by: kaleb
Use the correct value of hz (stathz if it is nonzero) for
interpretion of dk_time[] and cp_time[] in iostat.c. Avoid
multiple conversions of this value in iostat.c and vmstat.c
iostat.c:
Implement the display of cp_time[CP_INTR]. Fix the display
of cp_time[CP_IDLE] (the display was always null because
cp_time[CP_INTR] == 0 was displayed instead).
systat.1:
Document the display of cp_time[CP_INTR].
vmstat.c:
Implement the display of cp_time[CP_INTR].
I know that many of these entries are bogus and need to be revisited,
but let's get the tree working again for now and then do a pass through
looking at all the __FreeBSD__ entries, shall we?
aa.bb aa:bb and aa!bb treated as user+host and not as local user
names (especially aa.bb is common case).
Only @ is valid user/host separator according to manpage.
Pointed-by: doctor@dream.demos.su
controlled by a runtime switch.
(b) add '-P' to toggle passive mode from the command line
(c) turn on passive mode by default
- passive mode ftp works on all but a few servers out there
- it's easy to disable
- no, standard ftp should not run with passive enabled by default,
but that doesn't matter because I've already fixed standard mode
ftp to take a switch
This really should have been implemented as a ncftp "set" command instead
of carrying over the same hack that was done to ftp. I will go back and fix
it some day.
(Including all changes for FreeBSD - importing the original eBones distribution
would be too complex at this stage, since I don't have access to Piero's
CVS.)
(If you want to include eBones in your system, don't forget to include
MAKE_EBONES in /etc/make.conf.)
(This stuff is now also suppable from braae.ru.ac.za.)
Bones originally from MIT SIPB.
Original port to FreeBSD 1.x by Piero Serini.
Moved to FreeBSD 2.0 by Doug Rabson and Geoff Rehmet.
Nice bug fixes from Doug Rabson.
- Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile,
and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions,
and both default to off.) IF YOU WANT KERBEROS, YOU HAVE TO EXPLICITLY
DEFINE ONE OF THESE.
- Make Makefiles kerberos-aware.
DANGER WILL ROBINSON!
_PATH_UNIX is currently defined as the literal string "don't use this".
I am of two minds about this myself, but wanted to get something into the
tree as quickly as possible.
as controls in any case.
2) Fix bug with incorrect column position when standouts occurse
3) Fix bug when last standouted char cause clearing next line
in standout
but termios speed range is [0..115200]. Of cource ospeed initialized
with wrong value too which cann affects terminals with padding, fixed.
57600,115200 added.
>From Arne Bier <csar@cs.ru.ac.za>
while running more(1), if you enter ":a" to get the name of the file being
viewed, more dumps core when you hit enter (as prompted).
This is due to more(1) attempting to find the length of a NULL string.
Submitted by: Geoff.
By default, behave like the old ugly 4.4bsd finger and print office
information instead of remote login information.
It's an easy one line fix to make it behave like most other vendor's
fingers if we decide to change the default.
Reviewed by: pst
Accounts that have "pw_change" set, are supposed to change their passwords
by the date specified in "pw_change". If they have not changed their passwords
by that date, currently they get "LOCKED OUT" of the system. This is not the
correct behavior, the user should be prompt (forced?) to change their password
at this time. If the behavior of "pw_change" was meant to be a LOCKOUT,
then you should use "pw_expire".
Solution:
Instead of locking out the user, prompt them to change their password.
Reviewed by: jkh
Submitted by: rls
underscore. Use it to avoid seeing badsw when profiling the kernel.
Print times more accurately (e.g. usec in %8.0f format instead of
msec in %8.2f format for averages) if hz >= 10000. This should have
no effect now since profhz is only 1024.
Submitted by:
Get the man page installed. Does anyone know the reason for the name
xinstall instead of install for this directory ? Would life more
easy to get this whole thing under install.
- Makefile: bmake the sucker
- file.1, magic.5: replace __MAGIC__ and __SECTION__
- add Magdir/freebsd
- add file to usr.bin/Makefile
A note on the FreeBSD magic entry:
The magic number "000000407" is reported as "impure format". This
stops file(1) telling us that our object files are "PDP-11 executables".
(Saying anything more than "impure format" would probably be bogus.
Submitted by: Geoff.
correct for C sources that are compiled by cc, while cpp (/usr/bin/cpp)
is bogus since it invokes /usr/libexec/cpp with different flags.
1.1.5 uses plain cc. This should be equivalent after -M is added, but
cc -M foo.s is completely broken (it invokes the assembler) while
cc -E -M foo.s just does nothing instead of generating a foo.o: foo.s
dependency.
IF $MKDEP_CPP is set, use it as the cpp instead of cc -E. Assembler
sources that are preprocessed using cpp directly should be mkdep'ed
with MKDEP_CPP=cpp. Such sources shouldn't exist but we still have
lots. foo.S should be compiled by cc -traditional (cc will invoke the
preprocessor) and foo.s should be compiled by cc (cc won't invoke the
preprocessor).
automagically. -lfoo has to be right to work, but ${LIBFO0} is too
easy to forget or misspell; nothing checks it and it should be
different for shared libraries.
Submitted by:
Put in a signal handler to catch the SIGSYS signal that indicates that
ktrace was not built into the kernel and prevent ktrace to core dump
somewhere.
and then also add a declaration of ernno as an extern int, because we
lose that due to having KERNEL defined while we include errno.h.
Reviewed by: Geoff.
handling of errors through the standard err() and warn()
more fixes for Geoff Rehmet's NULL pointer bug.
fixes NULL pointer bugs when linking mono and nested X servers.
supports a `-nostdlib' option.
accept object files without a symbol table
don't attempt dynamic linking when `-A' is given
a few variable names have chaged (desc -> fd), and the formatting has
changed which should make it much easier to track his sources.
I tested 'make world' for /usr/src and X twice with these changes.
2 Added optional excessive login logging.
3) Added login acces control on a per host/tty base.
4) See skey(1) for skey descriptions and src/usr.bin/login/README
for the logging and access control features.
-Guido
late stage due to the fact that link.h was copyright Sun Microsystems.
This version of ld sync's us up with NetBSD's ld and supports compatablily
with NetBSD's -[zZ] flags (which we had reversed). Compiling with this
new ld will give you RRS warnings for libraries which do not contain .type
infomation - these wsarnings are harmless and will go away as soon as you
recompile your libraries (cd /usr/src; make libraries).
