#
c7e64526 |
|
25-Jan-2024 |
Olivier Certner <olce@FreeBSD.org> |
login_cap.h: Remove LOGIN_DEFPRI This is an implementation detail which is likely to become irrelevant in the future, as we move to not resetting the priority if the corresponding capability is not present in the configuration file ('/etc/login.conf'). GitHub's code search and Google show no use of this public constant, and it doesn't exist in OpenBSD and NetBSD. So, remove this definition and its sole use in-tree. PR: 276570 (exp-run) Reviewed by: emaste Approved by: emaste (mentor) MFC after: 3 days Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D43609
|
#
f2a0277d |
|
30-May-2023 |
Olivier Certner <olce@FreeBSD.org> |
setusercontext(): Set priority from '~/.login_conf' as well Setting the process priority is done only when the current process' effective UID corresponds to that for which context is to be set. Consequently, setting priority is done with appropriate credentials and will fail if the target user tries to raise it unduly via his '~/.login_conf'. PR: 271751 Reviewed by: kib, Andrew Gierth <andrew_tao173.riddles.org.uk> Approved by: emaste (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40352
|
#
d162d7e2 |
|
21-Jun-2023 |
Olivier Certner <olce@FreeBSD.org> |
setclasspriority(): New possible value 'inherit' It indicates to the login.conf machinery (setusercontext() / setclasscontext()) to leave priority alone, effectively inheriting it from the parent process. PR: 271749 Reviewed by: emaste, yuripv Approved by: emaste (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40690
|
#
7b94ec55 |
|
29-May-2023 |
Olivier Certner <olce@FreeBSD.org> |
setusercontext(): Move priority setting in new setclasspriority() In preparation for setting priorities from '~/.login_conf' and to ease reading of setusercontext(). No functional change. Reviewed by: emaste Approved by: emaste (mentor) MFC after: 3 days Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40350
|
#
d988621b |
|
29-May-2023 |
Olivier Certner <olce@FreeBSD.org> |
setusercontext(): Better error messages when priority is not set correctly Polish the syslog messages to contain readily useful information. Behavior of capability 'priority' is inconsistent with what is done for all other contexts: 'umask', 'cpumask', resource limits, etc., where an absence of capability means to inherit the value. It is currently preserved for compatibility, but is subject to change on a future major release. Reviewed by: emaste, kib (older version) Approved by: emaste (mentor) MFC after: 3 days Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40349
|
#
771d5c93 |
|
25-May-2023 |
Olivier Certner <olce@FreeBSD.org> |
setlogincontext(): Comply to style(9) Remove indentation by inverting the big 'if (lc)' and using 'return'. Use explicit binary operators to produce booleans. Reviewed by: emaste, kib, dchagin Approved by: emaste (mentor) MFC after: 3 days Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40346
|
#
c328e6c6 |
|
20-Jun-2023 |
Olivier Certner <olce@FreeBSD.org> |
setclassumask(): Accept 'inherit' as a value 'inherit' explicitly indicates that the umask should not be changed. Reviewed by: emaste Approved by: emaste (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40687
|
#
0dd1705f |
|
20-Jun-2023 |
Olivier Certner <olce@FreeBSD.org> |
setusercontext(): Set umask in a separate function, setclassumask() Reviewed by: emaste Approved by: emaste (mentor) MFC after: 3 days Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40686
|
#
e99c28e9 |
|
25-May-2023 |
Olivier Certner <olce@FreeBSD.org> |
setusercontext(): umask: Set it only once (in the common case) Simplify the code and make it more coherent (umask was the only context setting not modified by setlogincontext() directly). Preserve the current behavior of not changing the umask if none is specified in the login class capabilities database, but without the superfluous umask() dance. (The only exception to this is that a special value no user is likely to input in the database now stands for no specification.) If some user has a 'umask' override in its '~/.login_conf', the umask will still be set twice as before (as is the case for all other context settings overriden in '~/.login_conf'). Log a warning in case of an invalid umask specification. This change makes it apparent that the value of LOGIN_DEFUMASK doesn't matter. It will be removed in a subsequent commit. PR: 271747 Reviewed by: emaste, kib (earlier version) Approved by: emaste MFC after: 3 days Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40344
|
#
a2f733ab |
|
24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
lib: Automated cleanup of cdefs and other formatting Apply the following automated changes to try to eliminate no-longer-needed sys/cdefs.h includes as well as now-empty blank lines in a row. Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/ Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/ Remove /\n+#if.*\n#endif.*\n+/ Remove /^#if.*\n#endif.*\n/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/ Sponsored by: Netflix
|
#
892654fe |
|
30-May-2023 |
Olivier Certner <olce.freebsd@certner.fr> |
setusercontext(): Apply personal settings only on matching effective UID Commit 35305a8dc114 (r211393) added a check on whether 'uid' was equal to getuid() before calling setlogincontext(). Doing so still allows a setuid program to apply resource limits and priorities specified in a user-controlled configuration file ('~/.login_conf') where a non-setuid program could not. Plug the hole by checking instead that the process' effective UID is the target one (which is likely what was meant in the initial commit). PR: 271750 Reviewed by: kib, des MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40351
|
#
bd572be7 |
|
25-May-2023 |
Olivier Certner <olce.freebsd@certner.fr> |
setusercontext(): Fix gap when setting a realtime-class priority The login.conf's "priority" capability allows to set priorities in the idle or realtime classes in addition to the classical nice values (-20 to 20), through a natural extension where values greater than 20 put the processes in the idle class (with priority adjusted within RTP_PRIO_MIN and RTP_PRIO_MAX, 21 being converted to 0, 22 to 1, etc.) and values lower than -20 put the process in the realtime class (with priority adjusted within RTP_PRIO_MIN and RTP_PRIO_MAX, -21 being converted to RTP_PRIO_MAX (31), -22 to 30, etc.). Before this fix, in the latter case (realtime class), -21 was converted to 30, and RTP_PRIO_MAX (31) could never be specified. While here, change the priority computation for the idle-class case to be symmetrical and use RTP_PRIO_MIN (in practice, this changes nothing at all, since RTP_PRIO_MIN is 0; but this is the correct theoretical formula, which would work as well with other values of RTP_PRIO_MIN). PR: 271727 Reviewed by: imp, kib MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40339
|
#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
eeaf9d56 |
|
11-Apr-2021 |
Yuri Pankov <yuripv@FreeBSD.org> |
setclassenvironment: trim leading spaces in variable names Trim leading spaces in variable names when the list is e.g. pretty-formatted in /etc/login.conf or ~/.login_conf. PR: 247947 Reviewed by: allanjude Differential Revision: https://reviews.freebsd.org/D25649
|
#
acf2957e |
|
04-Feb-2020 |
Kyle Evans <kevans@FreeBSD.org> |
login.conf(5): split MAIL env var out into a "mail" capability This allows it to be easily suppressed in, e.g., the "daemon" class where it will not be properly expanded. This is a part of D21481. Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
|
#
ebea9e6d |
|
02-Sep-2019 |
Mateusz Guzik <mjg@FreeBSD.org> |
libutil: remove SIGSYS handling from setusercontext It was a workaround for cases where the kernel lacks setloginclass(2), added in the 9.x era. Submitted by: Pawel Biernacki
|
#
250d9fd8 |
|
12-Mar-2016 |
Konstantin Belousov <kib@FreeBSD.org> |
Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add login.conf(5) support. Reviewed by: jilles Sponsored by: The FreeBSD Foundation Differential revision: https://reviews.freebsd.org/D5610
|
#
b149798e |
|
29-Oct-2014 |
Dimitry Andric <dim@FreeBSD.org> |
Fix a clang 3.5 warning about abs(3) being given an argument of type quad_t in setusercontext(). While here, sanitize the clamping of the priority value, and use the correct type for the return value of login_getcapnum(). Reviewed by: kib MFC after: 3 days
|
#
85a0ddfd |
|
21-Oct-2013 |
Konstantin Belousov <kib@FreeBSD.org> |
Add a resource limit for the total number of kqueues available to the user. Kqueue now saves the ucred of the allocating thread, to correctly decrement the counter on close. Under some specific and not real-world use scenario for kqueue, it is possible for the kqueues to consume memory proportional to the square of the number of the filedescriptors available to the process. Limit allows administrator to prevent the abuse. This is kernel-mode side of the change, with the user-mode enabling commit following. Reported and tested by: pho Discussed with: jmg Sponsored by: The FreeBSD Foundation MFC after: 2 weeks
|
#
0bdc3ecf |
|
09-Feb-2012 |
Eitan Adler <eadler@FreeBSD.org> |
Fix NULL ptr dereference in setusercontext if pwd is null, LOGIN_SETPRIORITY is set, and setting the priority (rtprio or setpriority) fails. PR: kern/164238 Submitted by: Alexander Wittig <alexander@wittig.name> Reviewed by: des Approved by: cperciva MFC after: 1 month
|
#
2bfc50bc |
|
04-Mar-2011 |
Edward Tomasz Napierala <trasz@FreeBSD.org> |
Add two new system calls, setloginclass(2) and getloginclass(2). This makes it possible for the kernel to track login class the process is assigned to, which is required for RCTL. This change also make setusercontext(3) call setloginclass(2) and makes it possible to retrieve current login class using id(1). Reviewed by: kib (as part of a larger patch)
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
35305a8d |
|
16-Aug-2010 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
In setusercontext(), do not apply user settings unless running as the user in question (usually but not necessarily because we were called with LOGIN_SETUSER). This plugs a hole where users could raise their resource limits and expand their CPU mask. MFC after: 3 weeks
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
c9253e93 |
|
23-Jun-2009 |
Konstantin Belousov <kib@FreeBSD.org> |
Usermode portion of the support for swap allocation accounting: - update for getrlimit(2) manpage; - support for setting RLIMIT_SWAP in login class; - addition to the limits(1) and sh and csh limit-setting builtins; - tuning(7) documentation on the sysctls controlling overcommit. In collaboration with: pho Reviewed by: alc Approved by: re (kensmith)
|
#
ea234e65 |
|
04-Nov-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
MFH (r184633, r184635): build at WARNS level 6
|
#
b8a5cd86 |
|
04-Nov-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Avoid assigning a const char * to a char *. MFC after: 3 weeks
|
#
06927900 |
|
04-Nov-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Committed to wrong branch.
|
#
ceae29a4 |
|
04-Nov-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Avoid assigning a const char * to a char *. MFC after: 3 weeks
|
#
2d057ca6 |
|
20-Oct-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Parenthesize return values.
|
#
7cc027a3 |
|
20-Oct-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
include and whitespace cleanup.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
bc093719 |
|
20-Aug-2008 |
Ed Schouten <ed@FreeBSD.org> |
Integrate the new MPSAFE TTY layer to the FreeBSD operating system. The last half year I've been working on a replacement TTY layer for the FreeBSD kernel. The new TTY layer was designed to improve the following: - Improved driver model: The old TTY layer has a driver model that is not abstract enough to make it friendly to use. A good example is the output path, where the device drivers directly access the output buffers. This means that an in-kernel PPP implementation must always convert network buffers into TTY buffers. If a PPP implementation would be built on top of the new TTY layer (still needs a hooks layer, though), it would allow the PPP implementation to directly hand the data to the TTY driver. - Improved hotplugging: With the old TTY layer, it isn't entirely safe to destroy TTY's from the system. This implementation has a two-step destructing design, where the driver first abandons the TTY. After all threads have left the TTY, the TTY layer calls a routine in the driver, which can be used to free resources (unit numbers, etc). The pts(4) driver also implements this feature, which means posix_openpt() will now return PTY's that are created on the fly. - Improved performance: One of the major improvements is the per-TTY mutex, which is expected to improve scalability when compared to the old Giant locking. Another change is the unbuffered copying to userspace, which is both used on TTY device nodes and PTY masters. Upgrading should be quite straightforward. Unlike previous versions, existing kernel configuration files do not need to be changed, except when they reference device drivers that are listed in UPDATING. Obtained from: //depot/projects/mpsafetty/... Approved by: philip (ex-mentor) Discussed: on the lists, at BSDCan, at the DevSummit Sponsored by: Snow B.V., the Netherlands dcons(4) fixed by: kan
|
#
d84c4292 |
|
25-Jul-2008 |
Brooks Davis <brooks@FreeBSD.org> |
Add support for a new login capability, cpumask which allows login sessions to be pinned to cpus by login class.
|
#
f855462a |
|
01-May-2007 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix one kind of style(9) bug and a typo in a comment. Tested with: md5(1)
|
#
d210c39f |
|
29-Oct-2003 |
Tim J. Robbins <tjr@FreeBSD.org> |
Remove __NETBSD_SYSCALLS.
|
#
547fa0d9 |
|
18-Oct-2003 |
Mark Murray <markm@FreeBSD.org> |
ANSIfy, WARNSify, CONSTify. Bit of style(9)-ify.
|
#
0ebec5d3 |
|
14-Jun-2003 |
Mark Murray <markm@FreeBSD.org> |
Tidy up. Sort headers.
|
#
433c28e0 |
|
12-Nov-2002 |
Robert Watson <rwatson@FreeBSD.org> |
Add LOGIN_SETMAC to the list of flags that can't be set without class information, since we rely on the pwd entry to know what MAC labels to set as part of the login process. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
#
84333872 |
|
22-Oct-2002 |
Robert Watson <rwatson@FreeBSD.org> |
If LOGIN_SETMAC is set and MAC is enabled in the kernel, then see if the user has a 'label' entry in their login class. If so, attempt to set that label on the process as part of the credential setup. If we're unable to parse the label, or unable to set the label, fail. In the future, we may also want to warn if a label is set but the kernel doesn't support MAC. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
#
cc1b8dcb |
|
28-Jun-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Add additional field 'overwrite' to login_vars. It mainly needed to handle "term" according to manpage, i.e. not overwrite it, if already present in environment.
|
#
67577126 |
|
25-Jun-2002 |
Matthew Dillon <dillon@FreeBSD.org> |
Make libutil aware of vmemoryuse in its login.conf cap processing (aka sshd, /usr/bin/login, etc)
|
#
b00ba4cc |
|
08-Apr-2002 |
Ruslan Ermilov <ru@FreeBSD.org> |
Const poisoning.
|
#
8719c58f |
|
30-Sep-2001 |
Matthew Dillon <dillon@FreeBSD.org> |
Add __FBSDID()s to libutil
|
#
0c697857 |
|
14-Jul-2000 |
Sheldon Hearn <sheldonh@FreeBSD.org> |
Make sbsize a size instead of a number. This allows the usual suffixes to be applied to the value given. This does not break installed /etc/login.conf files, since un-suffixed numbers are interpreted as they were before. PR: 19750 Submitted by: Paul Herman <pherman@frenchfries.net>
|
#
36807a7b |
|
19-Jan-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Do not set the default terminal type to "su", leave it empty. PR: bin/5084 Reviewed by: asmodai, davidn, sef
|
#
6b3ced11 |
|
09-Oct-1999 |
Brian Feldman <green@FreeBSD.org> |
This implements the RLIMIT_SBSIZE ("sbsize") administrative limits for userland. Currently, it can be enforced by login and csh. More shells supporting sbsize are welcome.
|
#
7f3dea24 |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
121ba32d |
|
13-May-1999 |
Andrey A. Chernov <ache@FreeBSD.org> |
fix potential memory overwrite in escape parsing PR: 11687 Submitted by: Don Lewis <Don.Lewis@tsc.tdk.com>
|
#
9f3a9c3a |
|
29-Jul-1998 |
Andrey A. Chernov <ache@FreeBSD.org> |
Print uid/gid as u_long per bde suggestion
|
#
e8f9ae6c |
|
27-Jul-1998 |
Andrey A. Chernov <ache@FreeBSD.org> |
cast arg to (long) to match format
|
#
ac4898ab |
|
03-Jun-1998 |
John Birrell <jb@FreeBSD.org> |
If using NetBSD syscalls the rtprio syscall doesn't exist, so just don't try to use it to set special priorities.
|
#
e172f0e5 |
|
24-May-1998 |
Steve Price <steve@FreeBSD.org> |
Allow setting of idle or realtime processing priorities per login class. PR: 6636 Submitted by: Jason Young <doogie@forbidden-donut.anet-stl.com>
|
#
56c04344 |
|
10-May-1997 |
David Nugent <davidn@FreeBSD.org> |
Summary of login.conf support changes: o Incorporated BSDI code and enhancements, better logging for error checking (which has been shown to be a problem, and is therefore justified, imho); also some minor things we were missing, including better quad_t math, which checks for under/overflows. o setusercontext() now allows user resource limit overrides, but does this AFTER dropping root privs, to restrict the user to droping hard limits and set soft limits within the kernel's allowed user limits. o umask() only set once, and only if requested. o add _secure_path(), and use in login.conf to guard against symlinks etc. and non-root owned or non-user owned files being used. Derived from BSDI contributed code. o revamped authentication code to BSDI's latest api, which includes deleting authenticate() and adding auth_check() and a few other functions. This is still marked as depecated in BSDI, but is included for completeness. No other source in the tree uses this anyway, so it is now bracketed with #ifdef LOGIN_CAP_AUTH which is by default not defined. Only auth_checknologin() and auth_cat() are actually used in module login_auth.c. o AUTH_NONE definition removed (collided with other includes in the tree). [bde] o BSDI's login_getclass() now accepts a char *classname parameter rather than struct passwd *pwd. We now do likewise, but added login_getpwclass() for (sort of) backwards compatiblity, namely because we handle root as a special case for the default class. This will require quite a few changes elsewhere in the source tree. o We no longer pretend to support rlim_t as a long type. o Revised code formatting to be more bsd-ish style.
|
#
7e546392 |
|
22-Feb-1997 |
Peter Wemm <peter@FreeBSD.org> |
Revert $FreeBSD$ to $Id$
|
#
0df75c02 |
|
28-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
#include <sys/stat.h> for umask() prototype.
|
#
1130b656 |
|
14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$ This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
1c594de5 |
|
07-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
Various bugfixes.
|
#
68bbf3ad |
|
04-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
Library functions relating to the login class capabilities database, including manpages. See also login_cap.h.
|