Add a chroot dir for the _rtadvd user.
Drop privs to the user _rtadvd after acquiring our socket.
When rc.d/rtadvd starts or reloads, the rtadvd config file is copied
into the chroot before starting or reloading rtadvd itself.
Create a symlink from /var/run/rtadvd.dump to the chroot
Inital idea from OpenBSD patch rtadvd.c r1.36
the existing timer model and wait for each RA to expire itself after
sending the required number of transmissions.
This allows for a faster and saner shutdown.
Add support for SIGHUP to re-read the configuration for each interface.
If an invalid configuration is found, we continue to use the old one;
otherwise we expire the current one and then start advertising the new one.
Specififed interfaces don't have to exist at startup.
If specified interfaces arrive, load their config and start advertising.
If they depart, remove their rainfo structure and continue.
Fixes PR/43881 and PR/47311
Adjust various man pages and other documentation to point to capfile(5)
instead of termcap(5).
Remove getcap(3) as curses hasn't been building it for a long time.
Punt wrterm.c as tset no longer uses it.
- replace references to resolver(5) with ones to resolv.conf(5);
- remove references to FreeBSD (which were copied 1:1 from their
man page).
From patch by Bug Hunting.
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry. RedHat has
evidently built all "core system packages" with this option for some time.
This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.
This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros. Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.
Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default. Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
* Remove a few trailing whitespaces
* Rearrange and join to one #if for some headers
Patch contributed by Slava Semushin <slava.semushin@gmail.com>
in private mail.
RFC4191
- supports host-side router-preference
RFC3542
- if DAD fails on a interface, disables IPv6 operation on the
interface
- don't advertise MLD report before DAD finishes
Others
- fixes integer overflow for valid and preferred lifetimes
- improves timer granularity for MLD, using callout-timer.
- reflects rtadvd's IPv6 host variable information into kernel
(router only)
- adds a sysctl option to enable/disable pMTUd for multicast
packets
- performs NUD on PPP/GRE interface by default
- Redirect works regardless of ip6_accept_rtadv
- removes RFC1885-related code
From the KAME project via SUZUKI Shinsuke.
Reviewed by core.