elad
53ca07b4d7
If Veriexec enforces access type, don't allow mmap() to use PROT_EXEC on
...
files that don't have the "indirect" flag. Also change the "library" alias
in veriexecctl(8) to mean "file, indirect".
okay blymn@
2006-09-30 10:56:31 +00:00
perseant
554662dc37
Call fcntl on the file descriptor *before* closing it.
2006-09-28 23:23:01 +00:00
elad
38e12255a4
Change error message to say "setuid", forgotten in previous commit.
...
Pointed out by Ray Lai, thanks!
2006-09-28 16:01:16 +00:00
christos
6bc6175052
Don't record runlvl transitions before we have a read-write /var. Noticed
...
by lrou at x dot ua.
2006-09-28 15:20:14 +00:00
christos
c5acbf4d6b
Coverity CID 3788: comment out impossible code.
2006-09-27 18:52:11 +00:00
wiz
730e1c55de
End sentence with a dot.
2006-09-27 17:42:34 +00:00
elad
5c38108d28
Change the PaX mprotect(2) restrictions' "global_protection" knob to
...
just "global" -- it's shorter and more readable. Update documentation.
2006-09-26 14:48:40 +00:00
elad
fd2bf79719
Add a DIAGNOSTICS section, specifically to address the "Operation not
...
supported by device" error. Reference options(4). Bump date.
2006-09-25 20:07:17 +00:00
christos
6accae529c
Error message consistency:
...
1. don't print the program name in the message [syslog does it]
2. no extraneous \n [syslog takes care of it]
3. quote strings as `%s' [we are using syslog]
4. use %m instead of error = %d
2006-09-25 19:42:04 +00:00
wiz
da100ff1d9
Use more macros. New sentence, new line.
2006-09-24 15:52:12 +00:00
jmcneill
4fd9dcb2a0
PR# 28660: how to remove bootmenu text from some partition
2006-09-24 15:22:01 +00:00
elad
d13f82cf17
On 2nd thought, setuid() is better here.
2006-09-24 11:17:09 +00:00
elad
545c393d67
PR/28741: Michael Santos: ping does [not] drop root privileges
...
Moved socket calls way up, and called seteuid(getuid()).
2006-09-24 11:05:09 +00:00
xtraeme
91254d0d23
It's WDCC_SECURITY_FREEZE not WCDD_SECURITY_FREEZE.
...
Noticed by Sergey Svishchev.
2006-09-24 08:33:30 +00:00
pooka
4df78a97d5
print the L flag for routes with llinfo. makes you not wonder why
...
non-llinfo routes are being printed for route show -llinfo
2006-09-23 23:01:01 +00:00
dyoung
6333e1495e
Let us qualify 'route flush' and 'route show' commands with -llinfo
...
and -host flags, which is useful for displaying/flushing ARP entries:
# route -n show -inet -llinfo -host
Routing table
Internet:
Destination Gateway Flags
169.254.1.119 link#1 UH
169.254.230.110 00:02:6f:21:e6:6e UH
# route -n flush -inet -llinfo -host
169.254.1.119 done
169.254.230.110 0.2.6f.21.e6.6e done
169.254.237.70 done
# route -n show -inet -llinfo -host
Routing table
#
This will help me address bin/11079, "dhclient may require arp and sed".
Extract common code from flushroutes() and show(), creating
parse_show_opts().
While I'm here, make small cosmetic changes to flushroutes().
2006-09-23 22:41:25 +00:00
dyoung
29655a0cbb
Move the #ifndef SMALL code together.
2006-09-23 21:55:47 +00:00
dyoung
07474a8f36
Use the symbol AF_UNSPEC instead of 0 as appropriate.
2006-09-23 21:51:05 +00:00
dyoung
bf71bcc951
Remove dead code.
2006-09-23 21:11:53 +00:00
he
fa8dee8628
Um, correct previous, so that current_state def/use is consistent.
2006-09-23 18:57:26 +00:00
elad
30d1b3f220
PR/30226: Nino Dehne: ping6(8) and ping(8) are inconsistent in the output
...
of round-trip times.
okay rpaulo@
2006-09-23 16:18:04 +00:00
xtraeme
e2e3ea2b19
Do not print "SMART not supported" when SMART was disabled, this
...
fixes PR bin/18666.
2006-09-23 15:24:24 +00:00
he
54f712bd18
Since current_state is conditionally defined, make sure its uses are as well.
2006-09-23 14:04:26 +00:00
christos
c34b6372d0
Try entertain who(1) because it has been sad since it was swallowed by the
...
Death Star: add utmpx entries for boot time, down time, run level, login
process.
2006-09-22 21:49:21 +00:00
thorpej
ef731d9e00
- Add a new DRVCTLCOMMAND ioctl to /dev/drvctl. This is a generic
...
"execute a command" ioctl that takes a dictionary as an argument
(specifying the command and arguments) and returns a dictionary
with the results (error code, optional error message, optional
result data).
- Define and implement a "get-properties" command for DRVCTLCOMMAND
that returns the properties dictionary of the specified device.
- Add a -p flag to drvctl(8) to fetch and display the properties of
the specified device.
This is a great example of how to use prop_dictionary_sendrecv_ioctl().
2006-09-22 04:37:36 +00:00
elad
58375355b4
.Sh -> .Ss
...
mmm mdoclint. :)
2006-09-17 13:03:02 +00:00
elad
efffcc37c4
Reference veriexecgen(8) instead of the old scripts. Bump date.
2006-09-16 21:06:13 +00:00
hubertf
8e46fd3f16
Fix typo, noted by Nino Dehne <ndehne@gmail.com>
2006-09-16 20:15:49 +00:00
elad
3ea3b1e63e
Scripts don't have to be *shell* scripts.
2006-09-16 17:17:23 +00:00
elad
172a3fa471
Remove securelevel-related text from init(8) man-page as they're now in
...
secmodel_bsd44(9).
I'm not sure I agree with the BUGS section, but for now move it to
secmodel_bsd44(9) as well.
2006-09-15 20:20:06 +00:00
wiz
d4ee8b696e
Bump date for previous.
2006-09-15 20:11:13 +00:00
elad
56b99b4fca
Remove sentence no longer true.
2006-09-15 14:41:57 +00:00
wiz
49751ff510
Sort options in usage and SYNOPSIS.
2006-09-10 20:28:52 +00:00
xtraeme
a0a2046917
- Change the cast of st_size to uint64_t to avoid future problems
...
with large files.
- u_uintXX_t -> uintXX_t
2006-09-08 12:38:32 +00:00
riz
7bbc0ebe95
include <bsd.own.mk>. From Geoff Wing on source-changes.
2006-09-07 23:53:41 +00:00
dogcow
f2d329dca0
remove more vestiges of CCITT, LLC, HDLC, NS, and NSIP.
2006-09-07 02:40:31 +00:00
xtraeme
96734c01d1
Change -f to -F, per mrg's suggestion.
2006-09-07 02:24:51 +00:00
xtraeme
7aa92d971b
Add -f file support. Useful to search for partitions on disk images.
2006-09-07 00:48:21 +00:00
riz
d28b2bee5d
Deal with wedges and the new disk geometry structures, instead of using
...
struct disklabel. (Shrinking a file system still seems to have problems,
though, independent of this change)
2006-09-05 19:46:14 +00:00
riz
3d1e464b85
Deal with wedges and the new disk geometry structures, instead of using
...
struct disklabel. From Christos Zoulas.
2006-09-05 19:44:44 +00:00
elad
95ed982c27
Fix two horrible bugs found during a routine audit session with Brett Lymn.
...
First one was incorrectly loading entries -- we were treating each file as
a mount, which resulted in huge mess. I have no excuse for how I didn't
catch this earlier.
Second, use the table name we create for the Veriexec sysctl node and not
the fixed "table0".
Both are fileassoc(9) integration fallout.
2006-09-05 13:02:16 +00:00
rpaulo
2fb2ae3251
Import of TCP ECN algorithm for congestion control.
...
Both available for IPv4 and IPv6.
Basic implementation test results are available at
http://netbsd-soc.sourceforge.net/projects/ecn/testresults.html .
Work sponsored by the Google Summer of Code project 2006.
Special thanks to Kentaro Kurahone, Allen Briggs and Matt Thomas for their
help, comments and support during the project.
2006-09-05 00:29:35 +00:00
liamjfoy
2e60755ac8
add net.inet.ip.maxflows. Bump date.
2006-09-04 23:40:18 +00:00
wiz
fa959b48e1
Bump date for previous.
2006-09-04 18:34:42 +00:00
wiz
9f28457331
errx() provides a newline on its own, so remove the one from the error string.
2006-09-04 18:34:22 +00:00
riz
16da560700
Correct usage: "-s" is the flag for the new size of the LFS, not "-n".
2006-09-04 15:45:29 +00:00
simonb
ea0fd530d1
One "const" is enough...
2006-09-04 01:20:44 +00:00
simonb
f87636ddd9
Const poisoning.
2006-09-04 01:20:14 +00:00
wiz
84f9a9145e
Sort sections. Fix typo. Start sentence with upper-case letter.
2006-09-02 23:58:41 +00:00
uwe
cc439cea4f
New NetBSD/landisk port uses MBR too.
2006-09-01 21:44:02 +00:00