#
4c6e656e |
|
07-Nov-2023 |
Elyes Haouas <ehaouas@noos.fr> |
rwhod: Use nitems(foo) instead of sizeof(foo)/sizeof(foo[0]) Pull Request: https://github.com/freebsd/freebsd-src/pull/888 Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
|
#
0b8224d1 |
|
24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove copyright strings ifdef'd out We've ifdef'd out the copyright strings for some time now. Go ahead and remove the ifdefs. Plus whatever other detritis was left over from other recent removals. These copyright strings are present in the comments and are largely from CSRG's attempt at adding their copyright to every binary file (which modern interpretations of the license doesn't require). Sponsored by: Netflix
|
#
8a7b6120 |
|
23-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
usr.sbin: Remove ancient SCCS tags. Remove ancient SCCS tags from the tree, automated scripting, with two minor fixup to keep things compiling. All the common forms in the tree were removed with a perl script. Sponsored by: Netflix
|
#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
a2cc93ec |
|
07-Jul-2023 |
Alfonso Gregory <gfunni234@gmail.com> |
Mark usage function as __dead2 in programs where it does not return In most cases, usage does not return, so mark them as __dead2. For the cases where they do return, they have not been marked __dead2. Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/735
|
#
377421df |
|
04-Nov-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
capsicum: use a new capsicum helpers in tools Use caph_{rights,ioctls,fcntls}_limit to simplify the code.
|
#
7672a014 |
|
19-Jun-2018 |
Mariusz Zaborski <oshogbo@FreeBSD.org> |
Convert `cap_enter() < 0 && errno != ENOSYS` to `caph_enter() < 0`. No functional change intended.
|
#
8a16b7a1 |
|
20-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
General further adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 3-Clause license. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. Special thanks to Wind River for providing access to "The Duke of Highlander" tool: an older (2014) run over FreeBSD tree was useful as a starting point.
|
#
fbbd9655 |
|
28-Feb-2017 |
Warner Losh <imp@FreeBSD.org> |
Renumber copyright clause 4 Renumber cluase 4 to 3, per what everybody else did when BSD granted them permission to remove clause 3. My insistance on keeping the same numbering for legal reasons is too pedantic, so give up on that point. Submitted by: Jan Schaumann <jschauma@stevens.edu> Pull Request: https://github.com/freebsd/freebsd/pull/96
|
#
cc94da1b |
|
08-Jan-2017 |
Enji Cooper <ngie@FreeBSD.org> |
Style(9) fixes - Sort sys/ #includes - Use nitems instead of hardcoding the length of `mib` MFC after: 3 days
|
#
a88289fc |
|
28-Jun-2014 |
David Malone <dwmalone@FreeBSD.org> |
Don't accidently skip every second line when calculating the idle time. MFC after: 2 weeks
|
#
b881b8be |
|
16-Mar-2014 |
Robert Watson <rwatson@FreeBSD.org> |
Update most userspace consumers of capability.h to use capsicum.h instead. auditdistd is not updated as I will make the change upstream and then do a vendor import sometime in the next week or two. MFC after: 3 weeks
|
#
f2b525e6 |
|
30-Nov-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Make process descriptors standard part of the kernel. rwhod(8) already requires process descriptors to work and having PROCDESC in GENERIC seems not enough, especially that we hope to have more and more consumers in the base. MFC after: 3 days
|
#
2057b58b |
|
04-Sep-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Remove fallback to fork(2) if pdfork(2) is not available. If the parent process dies, the process descriptor will be closed and pdfork(2)ed child will be killed, which is not the case when regular fork(2) is used. The PROCDESC option is now part of the GENERIC kernel configuration, so we can start depending on it. Add UPDATING entry to inform that this option is now required and log detailed instruction to syslog if pdfork(2) is not available: The pdfork(2) system call is not available; recompile the kernel with options PROCDESC Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org> Sponsored by: Google Summer of Code 2013
|
#
7008be5b |
|
04-Sep-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Change the cap_rights_t type from uint64_t to a structure that we can extend in the future in a backward compatible (API and ABI) way. The cap_rights_t represents capability rights. We used to use one bit to represent one right, but we are running out of spare bits. Currently the new structure provides place for 114 rights (so 50 more than the previous cap_rights_t), but it is possible to grow the structure to hold at least 285 rights, although we can make it even larger if 285 rights won't be enough. The structure definition looks like this: struct cap_rights { uint64_t cr_rights[CAP_RIGHTS_VERSION + 2]; }; The initial CAP_RIGHTS_VERSION is 0. The top two bits in the first element of the cr_rights[] array contain total number of elements in the array - 2. This means if those two bits are equal to 0, we have 2 array elements. The top two bits in all remaining array elements should be 0. The next five bits in all array elements contain array index. Only one bit is used and bit position in this five-bits range defines array index. This means there can be at most five array elements in the future. To define new right the CAPRIGHT() macro must be used. The macro takes two arguments - an array index and a bit to set, eg. #define CAP_PDKILL CAPRIGHT(1, 0x0000000000000800ULL) We still support aliases that combine few rights, but the rights have to belong to the same array element, eg: #define CAP_LOOKUP CAPRIGHT(0, 0x0000000000000400ULL) #define CAP_FCHMOD CAPRIGHT(0, 0x0000000000002000ULL) #define CAP_FCHMODAT (CAP_FCHMOD | CAP_LOOKUP) There is new API to manage the new cap_rights_t structure: cap_rights_t *cap_rights_init(cap_rights_t *rights, ...); void cap_rights_set(cap_rights_t *rights, ...); void cap_rights_clear(cap_rights_t *rights, ...); bool cap_rights_is_set(const cap_rights_t *rights, ...); bool cap_rights_is_valid(const cap_rights_t *rights); void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src); void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src); bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little); Capability rights to the cap_rights_init(), cap_rights_set(), cap_rights_clear() and cap_rights_is_set() functions are provided by separating them with commas, eg: cap_rights_t rights; cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT); There is no need to terminate the list of rights, as those functions are actually macros that take care of the termination, eg: #define cap_rights_set(rights, ...) \ __cap_rights_set((rights), __VA_ARGS__, 0ULL) void __cap_rights_set(cap_rights_t *rights, ...); Thanks to using one bit as an array index we can assert in those functions that there are no two rights belonging to different array elements provided together. For example this is illegal and will be detected, because CAP_LOOKUP belongs to element 0 and CAP_PDKILL to element 1: cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL); Providing several rights that belongs to the same array's element this way is correct, but is not advised. It should only be used for aliases definition. This commit also breaks compatibility with some existing Capsicum system calls, but I see no other way to do that. This should be fine as Capsicum is still experimental and this change is not going to 9.x. Sponsored by: The FreeBSD Foundation
|
#
d9216799 |
|
18-Aug-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Cast argument of is*() ctype functions to unsigned char. Without the cast there is ambiguity between 0xFF and -1 (EOF). Suggested by: jilles Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org> Sponsored by: Google Summer of Code 2013
|
#
10966d45 |
|
17-Aug-2013 |
Hiroki Sato <hrs@FreeBSD.org> |
Unbreak rwhod(8): - It did not work with GENERIC kernel after r250603 because options PROCDESC was required for pdfork(2). It now just uses fork(2) instead when this syscall is not available. - Fix verify(). This function was broken in r250602 because the outermost "()" was removed from the condition !(isalnum() || ispunct()). It prevented hostnames including "-", for example.
|
#
6f691f7e |
|
03-Jul-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Sandbox rwhod(8) receiver process using capability mode and Capsicum capabilities. rwhod(8) receiver can now only receive packages, write to /var/rwho/ directory and log to syslog. Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org> Sponsored by: Google Summer of Code 2013 Reviewed by: pjd MFC after: 1 month
|
#
223eee08 |
|
03-Jul-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
The whole sending functionality was implemented within signal handler, which is very bad idea. Split sending and receiving in two processes, which fixes this problem and will help to sandbox rwhod. Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org> Sponsored by: Google Summer of Code 2013 Reviewed by: pjd MFC after: 1 month
|
#
90173d7d |
|
03-Jul-2013 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Style cleanups. Submitted by: Mariusz Zaborski <oshogbo@FreeBSD.org> Sponsored by: Google Summer of Code 2013 Reviewed by: pjd MFC after: 1 month
|
#
b3608ae1 |
|
03-Jan-2012 |
Ed Schouten <ed@FreeBSD.org> |
Replace index() and rindex() calls with strchr() and strrchr(). The index() and rindex() functions were marked LEGACY in the 2001 revision of POSIX and were subsequently removed from the 2008 revision. The strchr() and strrchr() functions are part of the C standard. This makes the source code a lot more consistent, as most of these C files also call into other str*() routines. In fact, about a dozen already perform strchr() calls.
|
#
11522ca5 |
|
23-Apr-2011 |
Simon L. B. Nielsen <simon@FreeBSD.org> |
Check return code of setuid(), setgid(), and setgroups() in rwhod. While they will not fail in normal circumstances, better safe than sorry. MFC after: 1 week
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
b5810e94 |
|
13-Jan-2010 |
Ed Schouten <ed@FreeBSD.org> |
Port all applications in usr.sbin/ from libulog to utmpx.
|
#
41477e05 |
|
27-Dec-2009 |
Ed Schouten <ed@FreeBSD.org> |
Let rwhod use libulog. I am not planning on providing a mechanism tot stat() the database files directly. The disadvantage of this, is that rwhod will now be a little bit more heavy than it used to be. It normally used to fstat() the file descriptor to see whether the file had changed, but this is now impossible to implement, meaning we have to parse the entire utmp file each 180 seconds. This is probably not an issue on modern 16-way servers, but if it turns out to be a problem, we'll think of something.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
83eb8428 |
|
03-Jun-2005 |
Suleiman Souhlal <ssouhlal@FreeBSD.org> |
- Avoid a memory leak if realloc(3) fails by using reallocf(3) Submitted by: Liam J. Foy <liamfoy@dragonflybsd.org> Approved by: mdodd (in-lieu of mentor who is away) MFC after: 1 week
|
#
78e3eed0 |
|
14-Feb-2005 |
Stefan Farfeleder <stefanf@FreeBSD.org> |
Fix most cases where the address of an int is passed to a function expecting a socklen_t * argument.
|
#
486c8cc4 |
|
06-Aug-2004 |
Warner Losh <imp@FreeBSD.org> |
Per letter dated July 22, 1999 remove 3rd clause of Berkeley derived software (with permission of addtional copyright holders where appropriate)
|
#
0b46c085 |
|
13-Apr-2004 |
Luigi Rizzo <luigi@FreeBSD.org> |
Replace ROUNDUP/ADVANCE with SA_SIZE
|
#
51f5c480 |
|
06-Jul-2003 |
Philippe Charnier <charnier@FreeBSD.org> |
de-__P use port/proto to represent services (not proto/port). add FBSDID
|
#
26175573 |
|
11-Jul-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
WARNS=4, de-__P()
|
#
170ac683 |
|
19-Jan-2002 |
Matthew Dillon <dillon@FreeBSD.org> |
I've been meaning to do this for a while. Add an underscore to the time_to_xxx() and xxx_to_time() functions. e.g. _time_to_xxx() instead of time_to_xxx(), to make it more obvious that these are stopgap functions & placemarkers and not meant to create a defacto standard. They will eventually be replaced when a real standard comes out of committee.
|
#
d4474241 |
|
28-Oct-2001 |
Matthew Dillon <dillon@FreeBSD.org> |
Convert time_t to/from 32 bit representations for transmission over a network and storage.
|
#
4de93204 |
|
22-Dec-2000 |
Ian Dowse <iedowse@FreeBSD.org> |
Ensure that received packets are at least as long as the rwho packet header before trying to process them. Without this sanity check, rwhod can attempt to byte-swap all of memory when a short packet is received, and so dies with a SIGBUS. While I'm here, change two other syslog messages to be more informative: use dotted quad rather than hex notation for IP addresses, and include the source IP in the 'bad from port' message. PR: bin/14844 Reviewed by: dwmalone
|
#
ed9ee320 |
|
11-Jul-2000 |
Kris Kennaway <kris@FreeBSD.org> |
Don't call syslog() without a format string.
|
#
48060c09 |
|
27-Nov-1999 |
Philippe Charnier <charnier@FreeBSD.org> |
Name of program and trailing \n will be added by syslog(3)
|
#
97d92980 |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
6cb57679 |
|
25-Jun-1999 |
Brian Somers <brian@FreeBSD.org> |
Correct usage message
|
#
2a7bd795 |
|
16-Jun-1999 |
Brian Somers <brian@FreeBSD.org> |
Add the -p switch - tells rwhod to ignore POINTOPOINT interfaces. Mostly submitted by: Stefan Zehl <sec@42.org> PR: 12216
|
#
21358153 |
|
10-Jan-1999 |
Steve Price <steve@FreeBSD.org> |
Implement the -l commandline option which turns off broadcast of information, but still allows you to monitor other machines. PR: 9301 Submitted by: Matthew Fuller <fullermd@futuresouth.com>
|
#
ae94be3f |
|
17-Dec-1998 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Add an option for insecure mode, in which rwhod does not discard packets from incorrect source ports.
|
#
11588fbd |
|
13-Oct-1997 |
Philippe Charnier <charnier@FreeBSD.org> |
Use err(3). Add usage. Use syslog instead of fprintf when being a daemon. Change sprintf to snprintf obtained from OpenBSD. Obtained from: OpenBSD
|
#
471595b0 |
|
31-Oct-1996 |
Warner Losh <imp@FreeBSD.org> |
Fix minor buffer problems: Off by one in verify allowed one to march one byte off the end of wd.wd_hostname if wd.wd_hostname had no NUL characters in it. strncpy of myname into mywd used the source buffer's length, rather than the dest.
|
#
90ff7992 |
|
06-Sep-1996 |
Peter Wemm <peter@FreeBSD.org> |
When looking for "group daemon" (since that's what's in mtree), make sure we actually look for the *group* and not the user's gid. user daemon has traditionally been group 31 (guest). Also clear out the groups vector so that it doesn't inherit the groups of the invoking user (ever run rwhod by hand before?) Unfortunately, we can't empty the supplemental groups list because the !&@^#! egid is stored in there! :-(
|
#
30959c76 |
|
26-Aug-1996 |
Paul Traina <pst@FreeBSD.org> |
Run as daemon.daemon, not nobody.daemon
|
#
28f0ced1 |
|
25-Aug-1996 |
Paul Traina <pst@FreeBSD.org> |
Fix buffer overrun, and run as nobody
|
#
84f8341e |
|
16-Aug-1995 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Here are patches to add full multicast support to rwhod, and an updated man page. I tried all three modes (rwhod, rwhod -m, rwhod -m 32) on a machine with 2 ethernet interfaces and they all worked. Submitted by: Bill Fenner <fenner@parc.xerox.com>
|
#
dea673e9 |
|
25-May-1994 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
BSD 4.4 Lite usr.sbin Sources
|