Commit Graph

158906 Commits

Author SHA1 Message Date
agc
40127a027d Add definition of librefuse. 2007-05-16 06:48:41 +00:00
taca
8ea4278bd9 printtqtable.c was added to libipf. 2007-05-16 04:26:07 +00:00
christos
a77bf0b003 check if the source exists, not that it is a file. Reported by
Blair Sadewitz
2007-05-16 01:24:42 +00:00
lukem
c007c5280e * Modify parse_url() to consistently strip the leading `/' off ftp URLs.
Fixes PR 17617.
* Use 'RFCnnnn' (with leading 0) instead of 'RFC nnnn', to be
  consistent with the style in the RFC index.
* Refer to RFC3916 instead of 1738 or 2732.
* Expand the list of supported RFCs in ftp(1) to contain the document
  name as well.
2007-05-15 23:54:18 +00:00
lukem
8f20ed50e2 Add dumpfs & dumplfs to /rescue, as they may be useful during system
recovery.
2007-05-15 23:23:49 +00:00
martin
6f6f60f06c Note ipfilter update to version 4.1.22 2007-05-15 23:01:53 +00:00
martin
d21631d35f Update ipf state 2007-05-15 22:57:37 +00:00
agc
dcd3457a33 When parsing arguments for the directory to mount, search backwards from
the end of the argument vector for an argument that doesn't begin with '-',
and use it - this improves upon the previous naive approach of using the
last argument, which could have been placed there by one of the argument
appending functions.

Be consistent with the mount name processing, and always do the
puffs:refuse:filesystem substitution once and once only.

% priv mount.ntfs-3g ntfs-refuse.img /mnt
% df /mnt
Filesystem           1K-blocks      Used     Avail Capacity  Mounted on
puffs:refuse:ntfs-3g   1000943     66309    934634     6%    /mnt
% priv umount /mnt
% priv /usr/src/share/examples/refuse/id3fs/id3fs /mnt &
% df /mnt
Filesystem         1K-blocks      Used     Avail Capacity  Mounted on
puffs:refuse:id3fs         0         0         0   100%    /mnt
% priv umount /mnt
%
2007-05-15 22:56:16 +00:00
martin
6718c86598 Merge IP-Filter 4.1.22 2007-05-15 22:52:20 +00:00
agc
01b98414eb Fuse version 2.6 (and above) has a 4 argument version of fuse_main(),
whereas previous versions had a 3 argument one. Accept both.
2007-05-15 22:47:35 +00:00
agc
a6521ab14a When puffs_mount fails, display the name of the directory which wasn't
able to be mounted.
2007-05-15 22:46:06 +00:00
martin
29fd0d9db1 Import IPFilter 4.1.22 2007-05-15 22:26:02 +00:00
oster
9a9131c20f Add missing #include <sys/ioctl.h> to make this build without warnings. 2007-05-15 22:01:19 +00:00
uwe
8e85c1baf1 Use the same wording for '-p' as for other file related tests. 2007-05-15 22:00:51 +00:00
he
c80ab09cea Bump the miniroot size from 4M to 4300k so the contents fits again. 2007-05-15 20:47:17 +00:00
christos
6ae2c5aec7 append services that got lost during the services conversion. 2007-05-15 19:58:27 +00:00
christos
b13d830ce7 Change the way we parse so that the two lines"
foo	11/tcp
	bar	11/tcp
are equivalent to:
	foo	11/tcp	bar
This way we can use the IANA services file properly *and* be able to augment
it with our entries without needing to intersperse our fixes.
2007-05-15 19:57:40 +00:00
elad
6700cfccd6 Some Veriexec stuff that's been rotting in my tree for months.
Bug fixes:
  - Fix crash reported by Scott Ellis on current-users@.

  - Fix race conditions in enforcing the Veriexec rename and remove
    policies. These are NOT security issues.

  - Fix memory leak in rename handling when overwriting a monitored
    file.

  - Fix table deletion logic.

  - Don't prevent query requests if not in learning mode.


KPI updates:
  - fileassoc_table_run() now takes a cookie to pass to the callback.

  - veriexec_table_add() was removed, it is now done internally. As a
    result, there's no longer a need for VERIEXEC_TABLESIZE.

  - veriexec_report() was removed, it is now internal.

  - Perform sanity checks on the entry type, and enforce default type
    in veriexec_file_add() rather than in veriexecctl.

  - Add veriexec_flush(), used to delete all Veriexec tables, and
    veriexec_dump(), used to fill an array with all Veriexec entries.


New features:
  - Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
    database. This allows Veriexec to produce slightly more accurate
    logs under certain circumstances. In the future, this can be either
    replaced by vnode->pathname translation, or combined with it.

  - Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
    This can be used to recover a database if the file was lost.
    Example usage:

        # veriexecctl dump > /etc/signatures

    Note that only entries with the filename kept (that is, were loaded
    with the '-k' flag) will be dumped.

    Idea from Brett Lymn.

  - Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
    usage:

        # veriexecctl flush

  - Add a 'veriexec_flags' rc(8) variable, and make its default have
    the '-k' flag. On systems using the default signatures file
    (generaetd from running 'veriexecgen' with no arguments), this will
    use additional 32kb of kernel memory on average.

  - Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
    load. This is done automatically for files marked as 'untrusted'.


Misc. stuff:
  - The code for veriexecctl was massively simplified as a result of
    eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
    pass of the signatures file, making the loading somewhat faster.

  - Lots of minor fixes found using the (still under development)
    Veriexec regression testsuite.

  - Some of the messages Veriexec prints were improved.

  - Various documentation fixes.


All relevant man-pages were updated to reflect the above changes.

Binary compatibility with existing veriexecctl binaries is maintained.
2007-05-15 19:47:43 +00:00
dogcow
c2fc013d5f missed these in the mini-/etc/services migration. 2007-05-15 19:16:18 +00:00
skrll
ad81397a3c Pull across #include file fix from yamt-idlelwp. 2007-05-15 18:00:34 +00:00
bouyer
95b42c31ad add jmide(4), a driver for the JMicron Technology JMB36x PCIe to SATA II/PATA
controllers. These controllers can be found on add-on PCIe cards, or
on some motherboards to provide the PATA connectivity (e.g. some intel
ICH8-based motherboards).

Thanks to JMicron Technology for providing me documentation and
different sample boards for this work.
2007-05-15 17:53:41 +00:00
skrll
7b1e89b840 Add LOADLIBES= -lkvm - it's needed when someone(tm) feeds this upstream.
src/gnu/usr.bin/gdb6 and mknative should probably pay attention to
LOADLIBES.... one day.
2007-05-15 17:49:08 +00:00
christos
ab7e2cbd0e add rcsid 2007-05-15 17:13:16 +00:00
pooka
ddf4b3708e * free framebuf after use (even in the common path ;)
* simplify a loop
2007-05-15 17:08:34 +00:00
skrll
795d937239 All platforms are MD_DO_NOT_NEED_FALLTHRU now so no need to keep it
conditional.
2007-05-15 16:51:37 +00:00
skrll
c97173f648 MD_DO_NOT_NEED_FALLTHRU for amd64.
Thanks to Juan Romero Pardines for testing.
2007-05-15 16:48:13 +00:00
pooka
13d0372f38 memset freshly allocated puffs_usermount to 0 2007-05-15 16:45:22 +00:00
fvdl
4a58254657 Reran mknative for kvm target support. 2007-05-15 15:44:40 +00:00
fvdl
cdfcd42972 target kvm support for amd64 2007-05-15 15:40:49 +00:00
xtraeme
c58471c2ca wizd said: no extra comma and no extra dot. 2007-05-15 14:39:30 +00:00
tnn
4407197569 Add missing underscore to wchan name. 2007-05-15 14:35:29 +00:00
xtraeme
7ec9c258a6 No extra comma at the end of Xr's. 2007-05-15 14:33:56 +00:00
xtraeme
ef2e01a9b8 Missing whitespace in Xr. 2007-05-15 14:32:16 +00:00
xtraeme
efc6c2a0b8 cosmetic: use a single line for the global vars of same type. 2007-05-15 14:29:36 +00:00
xtraeme
6de650008c Add agr(4). 2007-05-15 14:27:47 +00:00
pooka
8427494a96 don't leak memory if getting data from the buffer fails
CID 4485
2007-05-15 14:22:58 +00:00
pooka
eaf4ddfb76 remember to free longname if getting vattr from the message fails
CID 4486
2007-05-15 14:17:30 +00:00
macallan
ee079a2263 new ADB man pages 2007-05-15 14:15:11 +00:00
pooka
9fec81140f In case we counter a protocol error while parsing the readdir response,
completely release our directory cookie - it's unlike we'll be coming
back to it.  And if we do, it'll just be autogenerated.

CID 4487
2007-05-15 14:12:41 +00:00
macallan
3a2edc4bcf add a couple man pages for the new ADB subsystem 2007-05-15 14:12:08 +00:00
pooka
5252a3b094 free name from proto_getstat() after use
CID 4488
2007-05-15 13:56:00 +00:00
pooka
e3468dbcce adapt to "step 3" of puffs_framebuf changes 2007-05-15 13:46:47 +00:00
pooka
291fe845cd Step 3 and currently final step of a more general purpose event loop:
support removal and addition of i/o file descriptors on the fly.

* detect closed file descriptors
* automatically free waiters of a dead file descriptor
* give the file server the possibility to specify a callback which
  notifies of a dead file descriptor
* move loop function to be a property of the mainloop instead of
  framebuf (doesn't change effective behaviour)
* add the possibility to configure a timespec parameter which
  attempts to call the loop function periodically
* move the event loop functions from the puffs_framebuf namespace
  to puffs_framev to differential between pure memory management
  functions
2007-05-15 13:44:46 +00:00
martti
96f087cc74 /etc/services needs special attention. 2007-05-15 12:59:27 +00:00
pooka
d79dbd3583 In case strategy memory allocation for B_ASYNC|B_READ fails,
make sure to release the buf.
2007-05-15 12:48:48 +00:00
christos
5b9bddf888 PR/36319: Michael van Elst: rpcinfo -p requires root privileges
Explicitly chmod 777 the local socket.
2007-05-13 21:19:56 +00:00
fvdl
cfcd9426ff Initialize a few PCB fields explicity in more places. 2007-05-13 20:48:23 +00:00
xtraeme
8d72c34523 Don't mention ltsleep(9), it's obsolete. workqueue(9) uses condvar(9). 2007-05-13 20:24:57 +00:00
dsl
2e12e4f4e1 Fallout from caddr_t deletion - remove a load of redundant (void *) casts. 2007-05-13 20:24:21 +00:00
veego
9ec62257da Using ${NETBSDSRCDIR} requires <bsd.own.mk> 2007-05-13 20:22:45 +00:00