have it check to see that it doesn't contain any '/' characters. This
prevents possible silliness like ypcat "../../../kernel". We already
test the domain name for this in yp_validdomain(), and ypserv itself
tests the map name in yp_open_db(), but it doesn't hurt to be paranoid
and test for it in the generic access routine too. rpc.ypxfrd does not
test the map name for slashes, but it does call yp_access() with the
map name, so this removes a potential vulnerability from there.
Also make the tests for IPPORT_RESERVED a little more selective: make
sure it trips when map == master.passwd.*, prog == YPPROC and proc ==
YPPROC_XFR, and prog == YPXFRD_FREEBSD_PROG and proc == YPXFRD_GETMAP.
Also use IPPORT_RESERVED instead of hard-coded value.
by sysctl and never can be in their documented form (kern.name_max would
have to become fs.filesystemname.name_max, etc.).
Added missing references to user.stream_max and user.tzname_max. These
seem to misnamed. <sys/sysconf.h> says that they correspond to POSIX2
names, but the sysconf names don't have POSIX2 or "posix2" like all the
other POSIX2 names.
and use /dev/console.
I really think the proper test is to determine which device has been configured
to be the console (remember the RB_SERIAL flag?) and use it instead of always
trying to open /dev/ttyv0 first.
and the user inserts a floppy), read the config file to pre-define variables
for a custom installation.
[Note: I fixed one bug in LOAD_CONFIG_FILE code, but it's still not perfect.]
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
ask for matching confirmation. I'm sure there is a clever direct-from-perl
ioctl way of putting the terminal into noecho mode, but I don't feel like
learning perl so I just used system. [yes, I'll put stty on the installation
boot floppy as necessary]
works from startup, and works with XFree86 via /dev/sysmouse, it should
be started at boot and left running.
Pointed out by: Sujal Patel <smpatel@umiacs.umd.edu>
I could find. This change does the following:
- s/usage()/break;/ in handling the -s switch.
- use err/warn instead of fprintf(stderr, ... strerror()); exit(1);
- implement Hitachi PUMA HitTablet support from the XFree86 code,
whatever the hell that is. :-)
- correctly implement baud rate setting, too much was cut from the
XFree86 code, the critical parts were a sweep over all likely
mouse powerup baud rates to switch it to the reqested rate.
- logitech support was busted (at least on mine, which is autosensing
and runs in either mmseries or logitech mode depending on the handshake
code at startup. Among other things, you talk to it at 1200, then
switch to the target baud later.
Some remaining problems.. samplerate setting is missing, but I've not
found where this is meant to be set yet. I presume this is resolution
setting of some kind.
the real buffer size. Note that the strncpy(domain, ...) doesn't need to
be a strncpy(), since it is copying from itself to itself, but belts
and suspenders don't hurt and this is not time-critical code.
Fixes the half of PR bin/1581 that wasn't fixed in rev 1.7
Submitted by: Karl <karl@codebase.mcs.net>
- add ctm_conf.gnats from freefall
- add support for doing both the immediate mailout and the queued mailout.
- use "sendmail -odq -t" rather than "sendamil -t" to make it queue to
the mailqueue rather than immediately begin transmission. This allows
us to take advantage of our ordered dequeueing system without blowing
WC's T1 to hell with a 50 part mailout in parallel.
- bump the max ctm size from 3MB to 10MB.... This is mainly for the fast
list.
we actually look for the *group* and not the user's gid. user daemon
has traditionally been group 31 (guest).
Also clear out the groups vector so that it doesn't inherit the groups
of the invoking user (ever run rwhod by hand before?) Unfortunately, we
can't empty the supplemental groups list because the !&@^#! egid is stored
in there! :-(
of connections, we cannot afford to allow "disappeared" client to cause
us to leave one of the 14 connections open and hanging in a read() forever.
(SO_KEEPALIVE causes probe packets to be sent after a few hours of IDLE
time where no data has been transferred. Sup should NEVER do this, so the
only time it will have an effect is if it looses the remote machine)
files in /var/tmp. Sup needs to send the file size, so that
prevents running gzip in a pipeline (sigh).
It now opens a temporary file, and immediately unlinks it. It sends
gzip's output to the temp file, and when gzip is done, it rewinds the
file and sends it. When the last fd is closed, the file storage is
reclaimed. With luck, this will stop those 15MB
gzip < emacs-19.30.tgz > /var/tmp/tmp.xxxx files from being left behind
and blowing out /var on freefall.
While I have the platform, let me quote a fortune entry which sup reminds
me of: "It is a crock of sh!t, and it stinks!"
of copies to save is zero. Incorporate suggested fix with some stylistic
cleanup to make the resulting code more readable.
Submitted-By: Kenneth Stailey <kstailey@dol-esa.gov>
"." means the object directory, so it is just confusing to use it
when nothing is included from the object directory unless the object
directory is also the source directory. It is confusing for "."
not to mean the source directory anyway, so used `-I.'s should be
replaced by `-I${.OBJDIR}'.
hostname/IP twice on same line in /etc/exports' fix from dumping core
due to bogus /etc/exports entries.
Submitted by: Toshihiro Kanda <candy@fct.kgc.co.jp>
I couldn't make any sense of the sentence "Eval variables in this file." so I
left it alone.
also allow creation of new local group when NIS groups are used.
this can probably be done more elegantly, and needs more thought.
frame type in network byte order. The htons() that wasn't needed in
2.1 is now required in 2.2.
Ultimately, this rarpd should be replaced with the more recent one
supplied with the new BPF distribution.
- inet_ntoa() returns a pointer to a static buffer, dont use it twice
in the same printf().
- prevent the possibility of never timing out
- Report two more ICMP error types (prohibited nets etc)
And some (commented out) enhancements that I use, but some don't like.
-K Run as command kbdmap(1).
-V Run as command vidfont(1).
-p, -print
Print description of available keymaps or fonts to
stdout and exit.
Document that users should not choose MSDOS codepage keymaps or fonts.
bomb out. Unfortunately, FreeBSD's sio driver and certain internal
modems don't get along very well, which can cause the serial port to
wedge until it is closed and reopened.
Add new variable, connect-max-attempts, default = 1 (to mimic previous
behavior). If > 1, will try up to "n" times to dial remote site before
aborting.
Submitted by: archie@whistle.com
changes to allow inetd to bind to a single interface
for more complicated options see xinetd in ports.
Obtained from: whistle.com
by Peter Wemm:
- In yppasswdproc_update_1_svc(), I wasn't paying attention and put
a couple of lines of code _after_ a return() instead of before.
(*blush*)
- The removal of certain temp files didn't always work (this showed
up mostly if you were using /etc/master.passwd as your NIS passwd
template instead of /var/yp/master.passwd). This is because the
whole temp file creation mechanism I was using was tragically
broken (you can't rename across filesystems).
This problem I found myself:
- If you have a very large password database (30,000 or more entries),
there can be a delay of several seconds while pw_copy() copies the
ASCII template file and subsitutes in the modified/new entry. During
this time, the clnt_udp() code in the RPC library may get impatient
and retry its request. This will get queued at the server and be
treated as a second request. By then the password change will have
been completed and the second request will fail (the old password is
no longer valid). To attempt to fix this, we save the IP address and
port of each request and ignore any subsequent requests from the
same IP and same port that arrive within five minutes of each other.
Some things may still display text on the 24th line, but that's because
they've always been screens designed to fit into a minimal real-estate
and have hardwired assumptions about the dimensions. They'll be a little
harder to make dynamic.
later at pkg_delete time to verify that you're deleting what you added.
This, of course, does NOT cover the case where a file you still need
hasn't changed! That's a tougher problem to solve, and this provides
only the minimal amount of safety belt. MD5 checksums are stored in comment
fields, so packages produced with these tools are backwards compatible with
the older ones.
aliases of the "official" names as well, because now that getportbyname()
does a yp match, it no longer found the entries under the alias.
This broke rsh(1), because it looks up "shell/tcp" while the official
name in /etc/services is "cmd/tcp".
of line.
Also, fix existing bug in ethers.byname, it was passing an unknown option
to yppush. This appears to have been a cut/paste slip intended for a
$(DBLOAD) command above it.
the FreeBSD Makefile.yp structure by me. This allows you to have a single
amd map for all machines in a cluster.
In /etc/sysconfig, it would look something like:
amdflags="-p -a /net -c 1800 -l syslog /host amd.host"
with theirs (change the -I option to -s (but leave -I in for backwards compat.)
Also eliminate an make sane some magic numbers, and fix a small bug where we'd
send to an unopened socket.
Reviewed by: wollman
Obtained from: NetBSD
I usually test, so... :-( Guess we'll have to slide the tag forward on
these two files - Peter, could you do the honors? I've been up for the last
30 hours or so and I just *know* that any attempt on my part to do this would
probably end up deleting the entire repository somehow. :-)
option for installing distributions and/or packages to somewhere other than /,
say for a case where you're installing to an external disk on some other
machine's behalf. More miscellaneous fixes to various problems I stumbled
across while adding this stuff.
it with the CIRCLEQ macros. This simplifies the code a little, makes
it somewhat easier to read, and may be a little faster. (Actually I think
the performace is about the same.)
Also, in the non DB_CACHE case, save copies of data returned from
the database library in a static buffer, just in case we decide to use
it after the database has been closed. Technically, the memory that the
data pointers refer to belongs to the DB package and we can't count on
it being there after the database has been closed -- the DB package
frees its buffers. (With DB_CACHE #defined the databases are held
open so the buffers remain valid.) I don't think any of the utilities
that use the dblookup module have had any problems with this yet, but
there's no sense in taking any chances.