| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
r274138 (by des):
Hook up OpenPAM's own unit tests to the build.
r274149 (by markj):
Create a directory for the PAM tests.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r277912 (by markj):
Include required headers in DTrace test programs.
r278738 (by markj):
Tweak the fds test program so that it actually compiles. Also use 0 instead
of -1 for the bogus ioctl command so that dmesg doesn't get spammed with
sign extension warnings when the test program runs.
r279418 (by markj):
Add infrastructure to integrate the DTrace test suite with Kyua.
For each test category, we generate a script containing ATF test cases for
the tests under that category. Each test case simply runs dtest.pl (the
upstream test harness) with the corresponding test files. The exclude.sh
script is used to record info about tests which should be skipped or are
expected to fail; it is used to generate atf_skip and atf_expect_fail calls.
The genmakefiles.sh script can be used to regenerate the test makefiles when
new tests are brought it from upstream.
The test suite is currently not connected to the build as there is a small
number of lingering test issues which still need to be worked out. In the
meantime however, the test suite can be easily built and installed
manually from cddl/usr.sbin/dtrace/tests.
r280835 (by markj):
Replace dtest.pl, the upstream DTrace test suite harness, with a shell
script. This reimplementation is much simpler than dtest.pl and is more
amenable to being run under Kyua - dtest.pl writes error output to a
temporary directory that is deleted when the run finishes, making it hard
to debug test failures. This change also removes the test suite's dependency
on perl.
r288416 (by markj):
Update DTrace test makefiles after r288415.
|
|
|
|
|
|
|
|
| |
Provide some guidance when dealing with sections and variables contained
within them
For example, using variables designated for %usm requires uncommenting
%usm section header
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r310458,r310466:
r310458:
Group all loadable modules in the %default section
This will allow new users to uncomment the modules and have things work
with less head scratching, in the event they decide to uncomment any
of the section separators, e.g. %usm or %vcm, as the module loading is
only effective in the %default section.
r310466:
Don't hardcode $(securityModelUSM) (3) in the authPriv example under the %vacm
section
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
308664
hyperv/vss: Add driver and tools for VSS
VSS stands for "Volume Shadow Copy Service". Unlike virtual machine
snapshot, it only takes snapshot for the virtual disks, so both
filesystem and applications have to aware of it, and cooperate the
whole VSS process.
This driver exposes two device files to the userland:
/dev/hv_fsvss_dev
Normally userland programs should _not_ mess with this device file.
It is currently used by the hv_vss_daemon(8), which freezes and
thaws the filesystem. NOTE: currently only UFS is supported, if
the system mounts _any_ other filesystems, the hv_vss_daemon(8)
will veto the VSS process.
If hv_vss_daemon(8) was disabled, then this device file must be
opened, and proper ioctls must be issued to keep the VSS working.
/dev/hv_appvss_dev
Userland application can opened this device file to receive the
VSS freeze notification, hold the VSS for a while (mainly to flush
application data to filesystem), release the VSS process, and
receive the VSS thaw notification i.e. applications can run again.
The VSS will still work, even if this device file is not opened.
However, only filesystem consistency is promised, if this device
file is not opened or is not operated properly.
hv_vss_daemon(8) is started by devd(8) by default. It can be disabled
by editting /etc/devd/hyperv.conf.
Submitted by: Hongjiang Zhang <honzhan microsoft com>
Reviewed by: kib, mckusick
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8224
308742
hyperv/vss: Nuke unused variables.
Submitted by: markj
Reported by: markj
Sponsored by: Microsoft
308743
hyperv/vss: Install the userland daemon to /usr/sbin instead of /
Submitted by: markj
Reported by: markj
Sponsored by: Microsoft
|
|
|
|
|
|
|
|
| |
MFC r310457:
Clean up trailing whitespace
No functional change
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r299704 (by vangyzen):
iconvctl(3): remove superfluous NULL pointer tests
convname and dst are guaranteed to be non-NULL by iconv_open(3).
src is an array. Remove these tests for NULL pointers.
While I'm here, eliminate a strlcpy with a correct but suspicious-looking
calculation for the third parameter (i.e. not a simple sizeof).
Compare the strings in-place instead of copying.
Found by: bdrewery
Found by: Coverity
CID: 1130050, 1130056
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, '/etc/rc.d/swaplate stop' removes all swap devices. This can be
very slow and may not even be possible if there is a lot of swap space in
use. However, removing swap devices is only needed for late swap devices
that may depend on daemons that subsequent shutdown steps stop. Normal swap
devices such as hard disk partitions will remain available throughout the
shutdown process and need not be removed.
In swapoff, interpret -aL to remove late swap devices only, and use this in
etc/rc.d/swaplate. The meaning of -aL in swapon remains unchanged (add all
swap devices, both normal and late).
PR: 187081
|
|
|
|
|
|
|
|
|
| |
Make the autofs(5) -hosts map more robust, primarily to make it correctly
handle NFS shares containing whitespace. This also adds the -E parameter
to showmount(8).
PR: 207596
Differential Revision: https://reviews.freebsd.org/D5649
|
| |
|
|
|
|
|
| |
PR: 207149
Reported by: Jonathan de Boyne Pollard
|
|
|
|
|
|
|
|
|
|
|
| |
Fix periodic scripts when an NFS mount covers a local mount
100.chksetuid and 110.neggrpperm try to search through all UFS and ZFS
filesystems. But their logic contains an error. They also search through
remote filesystems that are mounted on top of the root of a local
filesystem. For example, if a user installs a FreeBSD system with the
default ZFS layout, he'll get a zroot/usr/home filesystem. If he then mounts
/usr/home over NFS, these scripts would search through /usr/home.
|
|
|
|
|
|
|
|
| |
Decrease the anti-congestion sleep in 480.leapfile-ntpd to 1 hour
24 hours is too long. Periodic scripts are executed serially, so when
combined with the sleep in 410.pkg-audit periodic could actually take more
than 24 hours and block the next invocation.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r304779:
Revert r298887 (spelling fix) and remove $FreeBSD$ because text changes
to leap-seconds invaldidates validation hash at the end of the file.
Remove svn:keywords and replace with fbsd:nokeywords=yes to
support this change.
r304780:
Change the algorithm by which /var/db/leap-seconds is updated.
1. Use the leap-seconds version number (update time) to determine
whether to update the file or not.
2. If the version numbers of the files is the same, use the later
expiry date to determine which file to use.
Suggested by: ian@
r304781:
Add logic to replace the working ntp leap-seconds file in /var/db
if it contains a $FreeBSD$ header. The header will cause the file
to fail checksum of the hash causing ntpd to ignore the file.
r304782:
Make validation of the leap-seconds file unconditional.
r304802:
Remove the gratuitous check for $FreeBSD$ and rename the function
to ntpd_init_leapfile, to ensure a copy exists in /var/db if a copy
isn't already there.
Reported by: ache@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update leap-seconds to leap-seconds.3676752000.
As per https://datacenter.iers.org/web/guest/eop/-/somos/5Rgv/latest/16:
UTC TIME STEP
on the 1st of January 2017
A positive leap second will be introduced at the end of December 2016.
The sequence of dates of the UTC second markers will be:
2016 December 31, 23h 59m 59s
2016 December 31, 23h 59m 60s
2017 January 1, 0h 0m 0s
The difference between UTC and the International Atomic Time TAI is:
from 2015 July 1, 0h UTC, to 2017 January 1 0h UTC : UTC-TAI = - 36s
from 2017 January 1, 0h UTC, until further notice : UTC-TAI = - 37s
Obtained from: ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.3676752000
See also: https://www.iers.org/SharedDocs/News/EN/BulletinC.html
https://datacenter.iers.org/web/guest/eop/-/somos/5Rgv/latest/16
Relnotes: yes
|
|
|
|
|
|
|
| |
Start jails non-parallel if jail_parallel_start is NO. This was true
for an explicitly specified jail list; now it's also true for all jails.
PR: 209112
|
|
|
|
|
|
|
|
| |
Wait for jails to complete startup if jail_parallel_start is YES,
instead of assuming they'll take less than one second.
PR: 203172
Submitted by: dmitry2004@yandex.ru
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Better document security_show_{success,info,badconfig} in /etc/periodic.conf
periodic(8) already handles the security_show_{success,info,badconfig}
variables correctly. However, those variables aren't explicitly set in
/etc/defaults/periodic.conf or anywhere else, which suggests to the user
that they shouldn't be used.
etc/defaults/periodic.conf
Explicitly set defaults for security_show_{success,info,badconfig}
usr.sbin/periodic/periodic.sh
Update usage string
usr.sbin/periodic/periodic.8
Minor man page updates
One thing I'm _not_ doing is recommending setting security_output to
/var/log/security.log or adding that file to /etc/newsyslog.conf, because
periodic(8) would create it with default permissions, usually 644, and
that's probably a bad idea.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r299529,r299540:
Update libarchive to 3.2.0
New features:
- new bsdcat command-line utility
- LZ4 compression (in src only via external utility from ports)
- Warc format support
- 'Raw' format writer
- Zip: Support archives >4GB, entries >4GB
- Zip: Support encrypting and decrypting entries
- Zip: Support experimental streaming extension
- Identify encrypted entries in several formats
- New --clear-nochange-flags option to bsdtar tries to remove noschg and
similar flags before deleting files
- New --ignore-zeros option to bsdtar to handle concatenated tar archives
- Use multi-threaded LZMA decompression if liblzma supports it
- Expose version info for libraries used by libarchive
r299576,r299896:
Fix broken cpio behavior.
Relnotes: yes
|
|
|
|
|
|
| |
Fix typo with description for $ipv6_cpe_wanif (upstram -> upstream)
PR: 210146
|
|
|
|
|
|
|
|
|
|
| |
Enable daily_ntpd_leapfile_enable by default. Otherwise an expired
leapfile will be ignored and ntpd will behave as if it has no
leapfile.
While here, remove an extraneous blank line.
Suggested by: ache
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r299844:
Make hostid_save depend on hostid
r300931:
Make netif REQUIRE hostid
As noted in the PR, if etc/rc.d/zvol is removed, netif will be run before
hostid, and the MAC address generated for any bridge devices will be
non-deterministic. Make the MAC address generated be deterministic for
bridge devices by explicitly REQUIRE'ing hostid.
This fixes up the rest of the PR, inadvertently committed in r299844
PR: 195188
|
|
|
|
|
|
|
| |
Fix broken dependency with routed when MK_ROUTED != no
Remove routed as a requirement in NETWORKING, and put it in routed as a BEFORE
requirement instead
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r299839:
Make FILESYSTEMS, dumpon, and var not depend on zfs and zvol
Make zfs and zvol come before all of the items that depended on them
previously
r299840:
Conditionalize etc/rc.d/{zfs,zvol} install on MK_ZFS != no
r299841:
Remove etc/rc.d/{zfs,zvol} if MK_ZFS != no
|
|
|
|
|
|
| |
Don't rely on $ntpd_enable to periodically fetch the latest leapfile.
Suggested by: cperciva
|
|
|
|
|
|
|
|
| |
This is a direct commit to stable/10, because it's fixing a mistake made in
an MFC. I forgot to commit etc/mtree/BSD.tests.dist.
Pointyhat to: asomers
Sponsored by: Spectra Logic Corp
|
|
|
|
|
|
|
|
| |
Update leap-seconds to leap-seconds.3661459200.
NO leap second will be introduced at the end of June 2016.
Obtained from: ftp://tycho.usno.navy.mil/pub/ntp/.
See also: http://www.iers.org/SharedDocs/News/EN/BulletinC.html
|
|
|
|
|
|
|
|
| |
Use the expiry date to determine whether to replace the DB copy of
leapfile instead of using the leapfile serial number (create
timestamp).
PR: 209577
|
|
|
|
|
|
|
|
|
| |
Make "-S" a default option for mountd.
After a discussion on freebsd-fs@ there seemed to be a consensus that
the "-S" option for mountd should become the default.
Since the only known issue w.r.t. using "-S" was fixed by r299201,
this commit adds "-S" to the default mountd_flags.
|
|
|
|
|
|
|
| |
Minor spelling fixes in:
tools, share, bluetooth, pmcstat, etc
Many of these have user-visible strings.
|
|
|
|
|
|
|
| |
Make SERVERS REQUIRE clean when MK_KERBEROS==no
Make kdc run BEFORE SERVERS instead of being REQUIREd by SERVERS,
so systems that pedantically check REQUIREs function after r270782
|
|
|
|
| |
Regenerate usb.conf .
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new rc.conf parameter "jail_reverse_stop"
When a user defines "jail_list" in rc.conf the jails are started in the
order defined. Currently the jails are not are stopped in reverse order
which may break dependencies between jails/services and prevent a clean
shutdown. The new parameter "jail_reverse_stop" will shutdown jails in
"jail_list" in reverse order when set to "YES".
Please note that this does not affect manual invocation of the jail rc
script. If a user runs the command
# service jail stop jail1 jail2 jail3
the jails will be stopped in exactly the order specified regardless of
jail_reverse_stop being defined in rc.conf.
MFC r295568:
Document the new jail_reverse_stop parameter
While here clean up the documentation for jail_list
PR: 196152
Submitted by: feld
|
|
|
|
|
|
|
|
|
| |
Don't remove the /var/run/jail_name.id file if a jail fails to start.
This messes up ezjail (and possibly others), when attempting to start
a jail that already exists.
PR: 208806
Reviewed by: tj
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r293833 | asomers | 2016-01-13 10:33:50 -0700 (Wed, 13 Jan 2016) | 16 lines
Fix Coverity warnings regarding r293229
rpcbind/check_bound.c
Fix CID1347798, a memory leak in mergeaddr.
rpcbind/tests/addrmerge_test.c
Fix CID1347800 through CID1347803, memory leaks in ATF tests. They
are harmless because each ATF test case runs in its own process, but
they are trivial to fix. Fix a few other leaks that Coverity didn't
detect, too.
r293229 | asomers | 2016-01-05 17:00:11 -0700 (Tue, 05 Jan 2016) | 36 lines
"source routing" in rpcbind
Fix a bug in rpcbind for multihomed hosts. If the server had interfaces on
two separate subnets, and a client on the first subnet contacted rpcbind at
the address on the second subnet, rpcbind would advertise addresses on the
first subnet. This is a bug, because it should prefer to advertise the
address where it was contacted. The requested service might be firewalled
off from the address on the first subnet, for example.
usr.sbin/rpcbind/check_bound.c
If the address on which a request was received is known, pass that
to addrmerge as the clnt_uaddr parameter. That is what addrmerge's
comment indicates the parameter is supposed to mean. The previous
behavior is that clnt_uaddr would contain the address from which the
client sent the request.
usr.sbin/rpcbind/util.c
Modify addrmerge to prefer to use an IP that is equal to clnt_uaddr,
if one is found. Refactor the relevant portion of the function for
clarity, and to reduce the number of ifdefs.
etc/mtree/BSD.tests.dist
usr.sbin/rpcbind/tests/Makefile
usr.sbin/rpcbind/tests/addrmerge_test.c
Add unit tests for usr.sbin/rpcbind/util.c:addrmerge.
usr.sbin/rpcbind/check_bound.c
usr.sbin/rpcbind/rpcbind.h
usr.sbin/rpcbind/util.c
Constify some function arguments
|
|
|
|
|
|
|
| |
Require firewall setup before running rc.d/netwait, otherwise the ping
packets sent by netwait may not get through.
PR: 207916
|
| |
|
|
|
|
|
|
|
| |
Require firewall setup before running rc.d/netwait, otherwise the ping
packets sent by netwait may not get through.
PR: 207916
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integrate
tools/regression/geom_{concat,eli,gate,mirror,nop,raid3,shsec,stripe,uzip}
in to the FreeBSD test suite as
tests/sys/geom/class/{concat,eli,gate,mirror,nop,raid3,shsec,stripe,uzip}
The tools/regression/geom and tools/regression/geom_part testcases are being
left alone because both test sets are both currently broken.
The majority of this work was done on ^/user/ngie/more-tests2 . The differences
are as follows:
- tests/sys/geom/class/Makefile.inc is not present; it was
inlined into the class's Makefiles for explicitness.
- The testcases officially require root via kyua
- The geom_gate(4) tests don't use the pidfile changes proposed in
https://reviews.freebsd.org/D4836 .
|
|
|
|
| |
Load linux64 module for amd64 if Linux abi enabled.
|
|
|
|
| |
of failed `zpool history`.
|
|
|
|
|
|
| |
PR: 207095
Submitted by: madpilot
Approved by: re (marius)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ntp leap-leapseconds support.
r289421:
Add default leap-seconds file. This should help ntp networks get the
leap second date correct
Updates to the file can be obtained from ftp://time.nist.gov/pub/ or
ftp://tycho.usno.navy.mil/pub/ntp/.
r293037:
Update leap-seconds to latest. This will satisfy the ntpd leap-second
version check.
r294773:
Add support for automatic leap-second file updates.
The working copy of leapfile resides in /var/dbntpd.leap-seconds.list.
/etc/ntp/leap-seconds (periodically updated from ftp://time.nist.gov/pub/
or ftp://tycho.usno.navy.mil/pub/ntp/) contains the master copy should
automatic leapfile updates be disabled (default).
Automatic leapfile updates are fetched from $ntp_leapfile_sources,
defaulting to https://www.ietf.org/timezones/data/leap-seconds.list,
within $ntp_leapfile_expiry_days (default 30 days) from leap-seconds
file expiry. Automatic updates can be enabled by setting
$daily_ntpd_leapfile_enable="YES" in periodic.conf. To avoid congesting
the ntp leapfile source the automatic update randomized by default but
can be disabled through daily_ntpd_avoid_congestion="NO" in
periodic.conf.
r294884:
Allow specification of fetch options for ntp leap-seconds fetch.
Approved by: re (gjb)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use '^[>+][^+]' instead of '^[>+]' with grep(1) when filtering the
diff(1) output between two files in "new_only"-mode. Otherwise,
with the default of using unified format a remnant of the header
in the output is the result. This is especially irritating when
the two files differ but the second one is empty, amounting to the
vestige of the header being the only readout.
Reported by: Stefan Haemmerl
Approved by: re (delphij)
|
|
|
|
|
|
|
|
| |
Allow the (old rc-style) exec_afterstart jail parameters to start numbering
at 0, like exec_prestart and the others do. Make param0 optional, i.e.
still look for param1.
PR: 142973
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enhance rc.d/netwait script to wait for late-attaching interfaces such as
USB NICs.
USB network hardware may not be enumerated and available when the rc.d
networking scripts run. Eventually the USB attachment completes and devd
events cause the network initialization to happen, but by then other rc.d
scripts have already failed, because services which depend on NETWORKING
(such as mountcritremote) may end up running before the network is actually
ready.
There is an existing netwait script, but because it is dependent on
NETWORKING it runs too late to prevent failure of some other rc
scripts. This change flips the order so that NETWORKING depends on netwait,
and netwait now depends on devd and routing (the former is needed to make
interfaces appear, and the latter is needed to run the ping tests in
netwait).
The netwait script used to be oriented primarily towards "as soon as any
host is reachable the network is fully functional", so you gave it a list of
IPs to try and you could optionally name an interface and it would wait for
carrier on that interface. That functionality still works the same, but now
you can provide a list of interfaces to wait for and it waits until each one
of them is available. The ping logic still completes as soon as the first IP
on the list responds.
These changes were submitted by Brenden Molloy <brendan+freebsd@bbqsrc.net>
in PR 205186, and lightly modified by me to allow a list of interfaces
instead of just one.
PR: 205186
Relnotes: yes
|