While it's true that it's part of the traditional 4.4BSD security model,
there may come a time where a different "primary" security model used for
fine-grained privileges (ie., splitting root's responsibilities to various
privileges that can be assigned) may want to still have a securelevel
setting.
Idea from Daniel Carosone:
http://mail-index.netbsd.org/tech-security/2006/08/25/0001.html
The location of the removed files, for reference, was:
src/secmodel/bsd44/secmodel_bsd44_securelevel.c
src/secmodel/bsd44/securelevel.h
will be extended to other appropriate ports in future. Note as such in the
bugs section.
This is an MI man page, so should not be flagged as i386 in the header.
This allows easy configuration of banner text, console device and timeout
as well as allowing menus of commands to be displayed. If /boot.cfg
is not present, then the existing behaviour does not change.
The sections in the boot loader source are surrounded by #ifdef SMALL
allowing this functionality to be removed if space is at a premium.
and we need to add 1 to it to get the size of the LUN.
Revert Max LBA calculation when returning the Maximum LBA from the target
to the iinitiator, following an email conversation with Jonathan Kollasch,
who points out a number of things:
+ the NetBSD scsipi driver reads the value returned by the drive and adds
one to it, so that standard SCSI drives return the 0-based Max LBA in a
READ CAPACITY command.
+ it is up to the initiator to add 1 to the Max LBA to find out the size
of the LUN (Jonathan verified this by using the UNH iSCSI initiator on
to a NetBSD target)
+ an analogous change to the NetBSD target (revision 1.34 of
disk.c) is needed.
http://mail-index.netbsd.org/tech-kern/2007/11/09/0001.html
sysmon_envsys_create() and sysmon_envsys_destroy() were added to
create/destroy sysmon_envsys objects (and its TAILQ/LIST for sensors/events).
sysmon_envsys_sensor_attach() and sysmon_envsys_sensor_detach() were
added to attach/detach sensors to a specified sysmon_envsys device.
The events framework is now per device and configurable via the
ENVSYS_SETDICTIONARY ioctl or /etc/envsys.conf and envstat(8).
Update all users and documentation to reflect these changes.
- The driver now uses the Super I/O address port as port argument in
the configuration file. The Environmental Controller base address is
fetched by the Super I/O EC LDN configuration registers.
- Invalidate voltage sensors if data returned is 0xff.
- Use the Super I/O Global Configuration Registers Chip ID[12] and Device
Revision to store/print the correct information.
- Use only the Fan Extended Tachometer registers on IT871[68]F for now;
this gives us correct data for IT8705/IT8712F again.
Inspired by the smsc(4) driver. The UPDATING file has been updated to
reflect the rename.
Modify the afterboot(8) manual page to explain how to run the tests
installed alongside the system. This is something the user should do
after configuring it to ensure that it works and that it is stable on
his hardware.
This adds a new tests.tgz set to releases which includes all the tests
for the system. It is important to note that this set does not rely on
comp.tgz: a user of the system can run the tests without having the
development tools installed, which can be useful in a production machine.
This file simplifies the build of test programs, either written in C++
or in sh. It hides the internals of atf, e.g. by silently linking
against -latf or calling atf-compile.
It also takes care of installing an Atffile for each new test directory.
This adds support for a new set of variables, PROGS and PROGS_CXX, that
allow the developer to build multiple different programs from a single
source directory.
This change adds the ATF manual pages that are not tied to any specific
tool nor library. It also adds some distribution documentation to the
system, as this is linked to by the manual pages (plus we have to install
the license text to comply with its terms).
This adds reachover Makefiles to build the libatf library and enables it in
the parent Makefile.
Things to review in this change:
* Add proper version numbers in the shlib_version files.
* Is libatf properly listed in lib/Makefile? It theoretically needs
libstdc++, but the resulting binary library is not linked against it.
the code. This provides 14 voltage sensors in addition to the previous
3 temperature sensors supported in the TMS logical device.
Adapted from OpenBSD, tested by dyoung.
libpuffs.
With a round of applause to Antti Kantee for helping out with puffs
debugging, and a huge thank you to Greg Oster, who has fixed numerous
bugs over the last week (unfortunately, the bugs are all mine), and
provided enthusiasm and drive.
Right now, the initiator is fulling working for only a single target,
and should be considered to be in a state of flux. Having said that,
Greg completed a run of build.sh with the storage on the iSCSI target,
and found times to be within 0.5% of direct attached storage. Cache
effects apply.
The initiator should be portable to everything that uses the FUSE
interface. That's right - a portable iSCSI initiator.
Storage (LUNs exported by the target) is, at the present time,
presented as a regular file called "storage". This will likely
change in the future.
% priv obj/iscsifs -u agc inspiron1300 /mnt &
[1] 13158
inspiron1300.wherever.co.uk: 10.4.0.42:3260,1 iqn.1994-04.org.netbsd.iscsi-target:target0
inspiron1300.wherever.co.uk: 10.4.0.42:3260,1 iqn.1994-04.org.netbsd.iscsi-target:target1
% ls -al /mnt/inspiron1300.wherever.co.uk/target0/
total 576
drwxr-xr-x 2 agc agc 512 Nov 8 21:07 .
drwxr-xr-x 2 agc agc 512 Nov 8 21:07 ..
lrw-r--r-- 1 agc agc 44 Nov 8 21:07 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 9 Nov 8 21:07 ip -> 10.4.0.42
lrw-r--r-- 1 agc agc 16 Nov 8 21:07 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 104857088 Nov 8 21:07 storage
lrw-r--r-- 1 agc agc 43 Nov 8 21:07 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target0
lrw-r--r-- 1 agc agc 8 Nov 8 21:07 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Nov 8 21:07 version -> 0
FFS needs a block device, and so vnconfig can be used to sit on top of
the regular file.
% mount -vv | grep iscsifs
/dev/puffs on /mnt type puffs|refuse:iscsifs (nosuid, nodev, fsid: 0xcb04/0x6acb, reads: sync 0 async 0, writes: sync 0 async 0)
% priv vnconfig vnd0 /mnt/inspiron1300.wherever.co.uk/target0/storage
% priv mount /dev/vnd0a /iscsi
% df
Filesystem 1K-blocks Used Avail %Cap Mounted on
/dev/dk0 28101396 21491182 5205146 80% /
kernfs 1 1 0 100% /kern
procfs 4 4 0 100% /proc
ptyfs 1 1 0 100% /dev/pts
/dev/puffs 0 0 0 100% /mnt
/dev/vnd0a 99214 8209 86045 8% /iscsi
% mount -vv | grep iscsi
/dev/puffs on /mnt type puffs|refuse:iscsifs (nosuid, nodev, fsid: 0xcb04/0x6acb, reads: sync 0 async 0, writes: sync 0 async 0)
/dev/vnd0a on /iscsi type ffs (local, fsid: 0xe00/0x78b, reads: sync 1 async 0, writes: sync 2 async 0)
