| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
mac_enforce_system toggle, rather than several separate toggles.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
|
|
|
| |
not initialized before use, and _http_growbuf() did not return a value
on success.
Reported by: Peter Edwards <pmedwards@eircom.net>
MFC after: 2 weeks
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Re-add alarm(2) calls around the calls to fetchStat(3) and fetchXGet(3),
since these calls can still time out on DNS lookups or TCP connect(2).
Remove the alarm(2) calls in the main loop, since all methods properly
handle transfer timeouts (as opposed to connection timeouts).
Set the sigalrm flag if a timeout occurs in the main loop.
Move the signal: label up a little so we still set the atime and mtime
when the transfer times out or is interrupted, so that restarted transfers
will work as expected (as long as the file still exists).
MFC after: 2 weeks
|
|
|
|
|
|
|
| |
symptoms: make timeouts and short transfers fatal, and set errno to an
appropriate value (ETIMEDOUT for a timeout, EPIPE for a short transfer).
MFC after: 2 weeks
|
|
|
|
| |
CISS_DEBUG case by appropriately using %z and %j.
|
|
|
|
| |
- Use -DCISS_DEBUG rather than -DCISS_DEBUG=0.
|
| |
|
|
|
|
|
| |
did not exist in ISO C Amd. 1. Add #ifdef __LONG_LONG_SUPPORTED and lint
comments around wcstoll() and wcstoull().
|
|
|
|
|
|
| |
root is on from the root mount path.
Spotted by: imp
|
| |
|
|
|
|
| |
issues a useless warning now.
|
| |
|
| |
|
|
|
|
|
|
| |
hardware/alpha/proc-alpha.sgml: 1.44 -> 1.45
hardware/common/dev.sgml: 1.110 -> 1.111
relnotes/common/new.sgml: 1.437 -> 1.439
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
permit MAC policies to augment the security protections on sysctl()
operations. This is not really a wonderful entry point, as we
only have access to the MIB of the target sysctl entry, rather than
the more useful entry name, but this is sufficient for policies
like Biba that wish to use their notions of privilege or integrity
to prevent inappropriate sysctl modification. Affects MAC kernels
only. Since SYSCTL_LOCK isn't in sysctl.h, just kern_sysctl.c,
we can't assert the SYSCTL subsystem lockin the MAC Framework.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
|
|
|
|
| |
permits MAC modules to augment system security decisions regarding
the reboot() system call, if MAC is compiled into the kernel.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
|
|
|
|
|
|
| |
mac_check_system_swapon(), to reflect the fact that the primary
object of this change is the running kernel as a whole, rather
than just the vnode. We'll drop additional checks of this
class into the same check namespace, including reboot(),
sysctl(), et al.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
| |
Submitted by: nyan@ (Yoshihiro-san)
|
|
|
|
| |
upgrade.
|
|
|
|
| |
intmax_t.)
|
|
|
|
|
|
|
|
| |
so this should be officially TC1 before the New Year.)
Add TrustedBSD pathconf parameters.
Add compilation support for -stable (to be merged momentarily).
|
|
|
|
| |
Submitted by: Sergey Mokryshev <mokr@mokr.net>
|
|
|
|
| |
off the execution test.
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Use DCE compliant UUID functions and provide local
implementations if they don't exist,
o Move dumping of the map to show.c and print the
partition type,
o Some cleanups and rearrangements.
The default GPT partition type is UFS. When no starting block
or size are specified, the tool will create a partition in the
first free space it find (or that fits, depending on the size).
|
|
|
|
| |
Submitted by: terry
|
| |
|
|
|
|
|
| |
are expected and normal when you've booted a 5.0 kernel with a 4.x
userland.
|
| |
|
|
|
|
| |
I've cloned write_ia64_disk.c from write_i386_disk.c.
|
|
|
|
| |
MFC after: 3 weeks
|
|
|
|
|
| |
If /tmp is on /, then blowing away its contents, as appropriate,
may get you enough space to do the installworld.
|
|
|
|
|
|
| |
you are going to get hurt badly if you try to do an update from
sources. Make a note of this. While 'experts' could install it in
less space, I think 30MB is a good number.
|
|
|
|
|
| |
Disable check for supposedly magic "IPL1" string for PC98 labels, its
thaumaturgical power is in doubt.
|
|
|
|
| |
MFC after: 5 days
|
| |
|
|
|
|
|
| |
when ISLASTCN is not set. The actual file which is being
looked up may live in a different filesystem.
|
| |
|
|
|
|
| |
as suggested by the sparc v9 ABI.
|
| |
|
|
|
|
| |
of compatability slices.
|
|
|
|
|
| |
and point to the Early Adopter's Guide instead, at least for the next
release or two.
|
| |
|
| |
|
|
|
|
| |
MFC after: 3 days
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"refreshing" the label on the vnode before use, just get the label
right from inception. For single-label file systems, set the label
in the generic VFS getnewvnode() code; for multi-label file systems,
leave the labeling up to the file system. With UFS1/2, this means
reading the extended attribute during vfs_vget() as the inode is
pulled off disk, rather than hitting the extended attributes
frequently during operations later, improving performance. This
also corrects sematics for shared vnode locks, which were not
previously present in the system. This chances the cache
coherrency properties WRT out-of-band access to label data, but in
an acceptable form. With UFS1, there is a small race condition
during automatic extended attribute start -- this is not present
with UFS2, and occurs because EAs aren't available at vnode
inception. We'll introduce a work around for this shortly.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
| |
|
| |
|