The main difference with the chown in luaposix, is that it checks
and reports if a user or a group do exist when a string is passed
as arguments
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D37479
(cherry picked from commit a1ab15abe2)
There's no separate man page for dma.conf, but the format is documented
in dma.8.
Reviewed by: bapt
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37944
(cherry picked from commit 45396fda8b)
atf format does not provide any way of signalling any error message
back to the atf runner when listing tests. Work this around by
reporting "__test_cases_list_pytest_binary_not_found__" test instead.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D35721
(cherry picked from commit 2bfd8b5b94)
This change is a continuation of 9c42645a1e workaround.
Apparently pytest argument parser is not happy when parsing values
with spaces or just more than one --atf-var argument.
Switch wrapper to send these kv pairs as env variables. Specifically,
use _ATF_VAR_key=value format to distinguish from the other vars.
Add the `atf_vars` fixture returning all passed kv pairs as a dict.
Reviewed by: lwhsu
Differential Revision: https://reviews.freebsd.org/D35625
MFC after: 2 weeks
(cherry picked from commit 513ce835b5)
Move pytest wrapper to the collection of the other atf wrappers
in libexec. It solves the problem of combining bits & pieces from
bsd.test.mk and bgs.prog.mk to address "test binary, but not the
suite binary".
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D35604
MFC after: 2 weeks
(cherry picked from commit 924226fba1)
- awk sometimes formatted swapbase as floating point, which gpart
does not accept; force int.
- Fix typo in code for checking vm.max_swap_pages.
- While here, do not set kernel env if "gpart add" fails.
- Add "gpart show" before modification to verbose output.
Reported by: marklmi at yahoo dot com
Tested by: marklmi at yahoo dot com
(cherry picked from commit 0e2fdab227)
Add new growfs_swap_size variable with a default value of the empty
string, along with comments on other settings. Used by the growfs
script.
Differential Revision: https://reviews.freebsd.org/D37464
(cherry picked from commit af01b47225)
The growfs_fstab script is a helper for the growfs script to add any
new swap partition to /etc/fstab on first boot. If growfs adds a
swap partition, it sets growfs_swap_pdev in the kenv. In this case,
after the root file system is read/write, if there is no swap partition
in the fstab, growfs_fstab adds growfs_swap as a swap partition to the
fstab. Also, it runs dumpon to add the swap partition (as this
happened earlier in the startup sequence).
Discussed with: cperciva
Differential Revision: https://reviews.freebsd.org/D37463
(cherry picked from commit d670a8f7c5)
Add the ability to create a swap partition in the course of growing
the root file system on first boot, enabling by default. The default
rules are: add swap if the disk is at least 15 GB (decimal), and the
existing root is less than 40% of the disk. The default size is 10%
of the disk, but is limited by the memory size. The limit is twice
memory size up to 4 GB, 8 GB up to 8 GB memory, and memory size over
8 GB memory. Swap size is clamped at vm.swap_maxpages/2 as well.
The new swap partition is labeled as "growfs_swap".
The default behavior can be overridden by setting growfs_swap_size in
/etc/rc.conf or in the kernel environment, with kenv taking priority.
A value of 0 inhibits the addition of swap, an empty value specifies
the default, and other values indicate a swap size in bytes.
By default, addition of swap is inhibited if a swap partition is found
in the output of the sysctl kern.geom.conftxt before the current root
partition, usually meaning that there is another disk present.
Swap space is not added if one is already present in /etc/fstab.
The root partition is read-only when growfs runs, so /etc/fstab can
not be modified. That step is handled by a new growfs_fstab script,
added in a separate commit. Set the value "growfs_swap_pdev" in kenv
to indicate that this should be done, as well as for internal use.
There is optional verbose output meant for debugging; it can only be
enabled by modifying the script (in two places, for sh and awk).
This should be removed before release, after testing on -current.
Discussed with: cperciva
Reviewed by: imp (previous version)
Differential Revision: https://reviews.freebsd.org/D37462
(cherry picked from commit 4a30d7bb37)
- Fix the growfs rc script to cope with diskid labels.
- Fix a warning in growfs. gpart commit is supposed to be called on disk
device.
- Silence a gpart commit warning in growfs.
Submitted by: loos
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D31587
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 045001075e)
This new default-enabled rc will generate a /etc/machine-id file if it
does not exist, and pre-fill it with a newly generated UUID of version 4
[2].
The file is generated in /var/db/machine-id and symlinked to
/etc/machine-id to allow for read-only root partitions.
This file is amongst other things used by libraries like GLib.
Bump FreeBSD version 1400076 to be able to easily add support for older
version of FreeBSD via a package.
Bump FreeBSD version 1301511 to be able to easily add support for older
version of FreeBSD via a package.
[1] Linux machine-id(5): https://www.man7.org/linux/man-pages/man5/machine-id.5.html
[2] f176fe8e7f
Approved by: bapt
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D37722
(cherry picked from commit 62a149bf62)
Make rc.d/routing read defaultrouter_fibN and ipv6_defaultrouter_fibN, and
set it as the default gateway for FIB N, where N is from 1 to (net.fibs - 1)
This allows adding gateways for multiple FIBs in the same format as the main
gateway. (FIB 0)
Reviewed by: olivier, rgrimes, bcr (man page)
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D22706
(cherry picked from commit 30659d1dcb)
If the root file system is composed from multiple devices, wait for
devices to be ready before running zpool and dumpon rc scripts.
An example of this is if the bulk of the root file system exists on a
fast device (e.g. NVMe) but the /var directory comes from a ZFS dataset
on a slower device (e.g. SATA). In this case, it is possible that the
zpool import may run before the slower device has finished being probed,
leaving the system in an intermediate state.
Fix is to add root_hold_wait to the zpool and dumpon (which has a
similar issue) rc scripts.
PR: 242189
(cherry picked from commit f30f11f878)
* Avoid unnecessary use of `unsigned char *`
* Use explicit casts when assigning `unsigned char *` to `char *` or vice versa
* Drop unused global variables (and fix memory leak in `gettable()`)
* Use `snprintf()` instead of `strcpy()` + `strcat()`
* Drop spurious braces in switch
Sponsored by: Klara, Inc.
Obtained from: Apple OSS Distributions (in part)
Differential Revision: https://reviews.freebsd.org/D37263
(cherry picked from commit 8ad7a14ab4)
getty: code cleanup, part 2
* Clean up whitespace
* Reindent
Sponsored by: Klara, Inc.
(cherry picked from commit f285f41498)
getty: Avoid NULL deref if stdin is not a tty.
Sponsored by: Klara, Inc.
Obtained from: Apple OSS Distributions
Differential Revision: https://reviews.freebsd.org/D37265
(cherry picked from commit eb4d86d529)
There are still references to timed(8) and timedc(8) in the base system,
which were removed in 2018.
PR: 255425
Reported by: Ceri Davies <ceri at submonkey dot net>
Reviewed by: ygy, gbe
Differential Revision: https://reviews.freebsd.org/D30232
(cherry picked from commit 1760799b4c)
The "shutdown" keyword invokes rcorder with the -k flag, for rc scripts
with the keyword at shutdown.
Reported by: bdrewery
Fixes: 27b9777c28
(cherry picked from commit b77b309968)
Certain configurations need to use a different path for pidfile.
Allow rc.conf to overwrite it.
Reviewed by: cy, 0mp
Differential Revision: https://reviews.freebsd.org/D36141
(cherry picked from commit e196317370)
Users with a tmpfs /var/run will lose the directory tree state of
/var/run at reboot. This rc script will optionally (by default)
capture the state of the directory structure in /var/run prior to
shutdown and recreate it at system boot.
Alternatively a user can save the state of the /var/run directories
manually using service var_run save and disable the autosaving of
/var/run state using the var_run_autosave variable, for those
paranoid SSD users.
PR: 259585, 259699
Reported by: freebsd@walstatt-de.de,
Reviewed by: philip, gbe (previous version)
Differential Revision: https://reviews.freebsd.org/D36386
(cherry picked from commit 27b9777c28)
bapt@ had discovered a noticeable boot improvement without the sleep.
Without the sleep does not affect warm or cold boot however a
service netif restart may cause dhclient to spend a few extra seconds
to rerequest the DHCP request.
Reported by: bapt
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D35457
(cherry picked from commit 116679b39c)
55abf23dd3 inverted the value passed to origin_subst_one when rolling
up the existing code into a loop. If the first token is found ($ORIGIN),
this results in a wild free of part of strtab. Processing the second
token works fine and will act how the first should have regardless of
whether found, allocating memory for the string without freeing.
Processing subsequent tokens however will then leak, regardless of
whether found, as they will also believe they need to allocate memory
and can't free the string.
Found by: CHERI
Reviewed by: kib, markj
Fixes: 55abf23dd3 ("rtld: make token substitution table-driven")
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D35792
(cherry picked from commit becd9908be)
In 2018, the commit r328100 (0fdf7fa846)
removed libxo(3) support from ls(1), so ftpd has no reasons to link
with libxo since then.
(cherry picked from commit 796d48ec41)
The rc(8) framework support protecting services from OOM killer.
The current implementation applies the protection after the service has
already started. This works fine if only the main process is to be
protected (*_oomprotect=yes). However, the current implementation fails
to protect existing children when children are also to be protected
(*_oomprotect=all). This patch fixes that.
Note: it is not easy to apply the protectoin earlier because we want to
support both the services which use the "command" variable and those
that use the "start_cmd" variable.
PR: 256148
Approved by: adrian, osogbo
Tested by: Jamie Landeg-Jones <jamie@catflap.org>
Fixes: 3bead71e95 - Add a global option where we can protect
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35747
(cherry picked from commit 68e035c017)
If one boots up multiple copies of a template VM image containing a
zpool, the pool GUIDs will be identical, making it impossible to, e.g.,
share datasets between them.
This diff introduces a simple workaround for the problem: one can use
the script to, upon first boot, assign a new GUID to one or more zpools.
This will be useful when building ZFS-based VM images from release(7).
Reviewed by: mav, allanjude, asomers
Reviewed by: Pau Amma (docs)
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 227caacc91)
ntpd does not always gracefully handle clock steps during resume.
This is probably most useful in conjunction with
ntpd_sync_on_start=YES which will work around any clock skew while
suspended.
Reviewed by: manu
Differential Revision: https://reviews.freebsd.org/D35479
(cherry picked from commit 1442fed7e2)
The home directory of the ftp user is /var/spool/ftp according to
hier(7). Update the manual page of ftpd(8) to reflect that.
MFC after: 2 weeks
(cherry picked from commit bad2f716f4)
The mountd script in rc.d sets vfs.nfsd.server_max_nfsvers correctly
when it is run at system startup, relying on the kernel default.
However, if NFSv4 was enabled in /etc/rc.conf later, and the script
was re-run to restart mountd, the sysctl was still set to 3.
Set the sysctl to the right value in all cases.
Reviewed by: rmacklem
(cherry picked from commit 1cf8e6339e)
This is a more reliable method that accounts for existing pidfiles,
procname and interpreter settings.
Current method of obtaining the pid for oomprotect="YES"|"ALL" processes
in certain cases fails to find a unique pid.
One such case are rc.d scripts defining command as:
command="daemon"
which results in all processes started via daemon being selected and
passed to protect(1) which fails and prints usage:
$ /etc/rc.d/exampled restart
Stopping exampled.
Starting exampled.
usage: protect [-i] command
protect [-cdi] -g pgrp | -p pid
Running the same with -x reveals what happens:
+ pid='3051 4268 4390 4421 4427 4470 4588 4733 4740 4870 4949 4954 4979
5835 5866 55487 55583 56525 57643 57789 57882 58072 58167 99419'
+ /usr/bin/protect -p 3051 4268 4390 4421 4427 4470 4588 4733 4740 4870
4949 4954 4979 5835 5866 55487 55583 56525 57643 57789 57882 58072 58167
99419
usage: protect [-i] command
protect [-cdi] -g pgrp | -p pid
We have a more reliable way of obtaining pid already defined in rc.subr
and available when protect(1) needs it. We can simply `eval $_pidcmd`
which also invokes `check_process` but properly accounts for existing
pidfile, procname and interpreter settings.
With the change the pidfile is properly obtained.
Submitted by: Adam Wolk <a.wolk at fudosecurity.com>
Sponsored by: Fudo Security
Differential Revision: https://reviews.freebsd.org/D30367
Approved by: oshogbo
(cherry picked from commit 6ba108e52d)
