Looks like the nfs server does enforce that after all, in spite of
the rather oblique commentary in the BUGS section about export
options being tied to local mount point options with which they must
be noncontradictory.
And there's no reason in principle it shouldn't enforce this -- it
just need to block various file system _operations_, rather than the
subtree issue where the criteria for evaluating whether operations
are allowed on particular _file handles_ are too painful to
contemplate.
PR misc/58063
The exports(5) man page is full of walls of turgid prose that should
be itemized lists with syntax templates, and I'm itching to rewrite
it, but let's get the security-relevant warnings out of the way
first.
PR misc/58063
keep track of the highest usbN value, not the count of busses.
fixes a problem where you do "drvctl -d usb0" (or a parent), and then
"usbdevs" won't print info on the last bus.
At least one user reported thinking that the previous wording implied
that usernames required padding to 8 characters.
This syncs the english translation with the german.
- use proper local variables instead of adding _ or other prefixes.
- centralize rm use
- use grep -q instead of > /dev/null
- reduce constant duplication
According to POSIX 2018, the syntax between `then' and `elif' and
`fi' must be a _non-empty_ list of commands:
compound_list : linebreak term
| linebreak term separator
;
...
if_clause : If compound_list Then compound_list else_part Fi
| If compound_list Then compound_list Fi
;
else_part : Elif compound_list Then compound_list
| Elif compound_list Then compound_list else_part
| Else compound_list
;
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_10_02
NetBSD's sh(1) currently doesn't enforce this and allows an empty
sequence of commands, but let's not rely on that nonstandard quirk.
Noted in PR 57997.
Saves some time running subprocesses. Since this is only used for
non-directories (i.e., there's never trailing / on the inputs), it
suffices to delete the longest prefix matching glob `*/' with shell
parameter expansion -- much cheaper than spawning a subprocess.
Shaves off about 1/3 of the time spent in `certctl list' on an
aarch64 VM in qemu.
PR bin/57993
"path + cur->name" is not same as "cur->root + cur->path + cur->name"
for extra-directory files, as extra-directory files are
in different location. Do what makefs ffs code does.
reproducible.
When we specify a label, the volume label is used to create the root dir
and it gets stamped by the timestamp. We were trying to set the timestamp
in the fs-specific part of the options parsing which did not work since
the method was called only for fs_specific options. Move setting of the
timestamp just before we create the fs, where we reconcile the rest of
the options.
ignore differences in the install target flag - the backend might have
flipped it off already to ensure only a single partition is marked
as install target.
Use tagged lists, mark up literals, be consistent about options
(global): vs parameters (of a TLS action), fold TLS authentication
description into the TLS options section.
transfer). Make this method the default for all downloads.
Try to make sure the binary pkg installation (which runs in a chroot
in the already installed system) can make use of SSL verification.
This does NOT fix the missing SSL verification in most install media
even if using https (due to not fully populated /etc/openssl/certs).