summaryrefslogtreecommitdiffstats
path: root/sbin
Commit message (Collapse)AuthorAgeFilesLines
* Better build fix.glebius2014-02-151-6/+7
|
* Fix build on 32bit arches broken by me in r261882.glebius2014-02-141-4/+5
|
* Once pf became not covered by a single mutex, many counters in it becameglebius2014-02-141-4/+4
| | | | | | | | | | | | | | | | | | | | race prone. Some just gather statistics, but some are later used in different calculations. A real problem was the race provoked underflow of the states_cur counter on a rule. Once it goes below zero, it wraps to UINT32_MAX. Later this value is used in pf_state_expires() and any state created by this rule is immediately expired. Thus, make fields states_cur, states_tot and src_nodes of struct pf_rule be counter(9)s. Thanks to Dennis for providing me shell access to problematic box and his help with reproducing, debugging and investigating the problem. Thanks to: Dennis Yusupoff <dyr smartspb.net> Also reported by: dumbbell, pgj, Rambler Sponsored by: Nginx, Inc.
* Fix world build WITHOUT_PF.glebius2014-02-122-2/+13
| | | | Sponsored by: Nginx, Inc.
* If the main casperd process exits, zygote process should exit as wellpjd2014-02-091-1/+6
| | | | | | instead of spinning. Reported by: Mikhail <mp@lenta.ru>
* Refer newfs and growfs users to fsck_ffs instead ofbrueffer2014-02-092-2/+2
| | | | | | | | | | | fsck, the latter does not accept the referred to "-b" flag. This change was accidently committed directly to 9-STABLE in r237505. PR: 82720 Submitted by: David D.W. Downey MFC after: 1 week
* init: Remove code to track line numbers in /etc/ttys.jilles2014-02-081-16/+4
| | | | | | | The tracking generated warnings when the line number of an existing tty in /etc/ttys changed, which would corrupt utmp (as it was indexed by the line number). With utmpx, the line number no longer matters, so the tracking is no longer needed.
* Use CAP_EVENT instead of the deprecated CAP_POLL_EVENT.brueffer2014-02-062-2/+2
| | | | | | | PR: 185382 (based on) Submitted by: Loganaden Velvindron Reviewed by: pjd MFC after: 1 week
* Drop the 3rd clause from all 3 clause BSD licenses where I am the solejhb2014-02-051-3/+0
| | | | | | holder to convert them to 2 clause BSD licenses. MFC after: 1 week
* Add a license (1) and do some cleanup.brueffer2014-02-041-4/+36
| | | | | Approved by: Stefan Bethke (original author, by private mail) (1) MFC after: 1 week
* Protect ping(8) using Capsicum and Casper. This is protection against maliciouspjd2014-02-042-37/+183
| | | | | | | | network packets that we parse and not against local users trying to gain root access through ping's set-uid bit - this is handled by dropping privileges very early in ping. Submitted by: Mikhail <mp@lenta.ru>
* Unbreak mount_udf by passing the correct iovec length intobrueffer2014-02-041-3/+3
| | | | | | | | nmount(). This has been broken since r247856. PR: bin/186193 Submitted by: Arnot Belohlavek MFC after: 1 week
* dhclient: change the pidfile's permissions to 644eadler2014-02-031-1/+1
| | | | | | | This change permits non-root users to determine if dhclient is running ('service dhclient status wlan0'). Discussed with: mjg, cperciva
* Remove the .Ex macro that I used for testing.brueffer2014-02-011-1/+0
| | | | Pointy hat: brueffer
* Bring the exit status wording closer to what .Ex would produce.brueffer2014-02-011-1/+4
| | | | | | Fixes a typo in the process. MFC after: 1 week
* Add quiet support for kldstat -nbapt2014-01-222-4/+10
| | | | | | PR: bin/180014 Submitted by: Olivier Cochard-Labbé <olivier@cochard.me> MFC after: 1 week
* Fix dmesg(1) -> dmesg(8)bapt2014-01-131-1/+1
| | | | Reported by: trasz
* Fix typobapt2014-01-131-1/+1
| | | | Reported by: dumbbell
* Point the user to dmesg(1) to get informations about why loading a module ↵bapt2014-01-131-2/+12
| | | | | | | | did fail instead of printing the cryptic "Exec format error" MFC after: 1 week
* Bump dates in nestat(1) and route(8) man pages.melifaro2014-01-111-5/+4
| | | | | | | Fix several small errors introduced by r260524. Suggested by: glebius MFC after: 2 weeks
* Add -4/-6 shorthand for -finet/-finet6 in route(8) and netstat(8).melifaro2014-01-103-4/+44
| | | | MFC after: 2 weeks
* Replace several instances of -1 with appropriate CAM_*_WILDCARD and types.mav2014-01-101-22/+30
| | | | | | It was equal before r259397, but for good or bad, not any more for LUNs. This change fixes at least CAM debugging.
* Check if the given argument to 'gpart add' is actually a geom device andlme2014-01-091-2/+13
| | | | | | give a hint to use 'gpart create' before trying to add a partition. Approved by: pjd
* Fix error countingbapt2014-01-091-4/+3
|
* Import error message shown to the user when trying to load a module that isbapt2014-01-091-2/+8
| | | | | | already loaded or compiled withing the kernel MFC after: 1 week
* Do some more sanity checks in route(8): require netmask to havemelifaro2014-01-091-0/+7
| | | | | | | the same address family as destination. Found by: jmg MFC after: 2 weeks
* Always create /var/run/casper with correct permissions and don't depend on thepjd2014-01-091-0/+3
| | | | | | calling process' umask. Submitted by: Mikhail <mp@lenta.ru>
* For "nvmecontrol devlist", show namespace sizes in terms of MB instead ofjimharris2014-01-061-2/+2
| | | | | | | | GB to improve granularity of the reporting - especially for namespaces that are on the order of 1 or 2 GB. Submitted by: Tony Beltran <anthony.beltran@emc.com> MFC after: 3 days
* Don't allow to create GELI providers with a sector size, which is no apjd2014-01-041-1/+1
| | | | | | | power of 2. Noticed by: rwatson MFC after: 3 days
* getopt returns an int, not a char, so use the correct data type forscottl2013-12-301-1/+1
| | | | | | the return value. Fixes powerpc tinderbox. MFC after: 2 days
* Add globs.c, missed in r260068,260069scottl2013-12-301-0/+165
| | | | | | Submitted by: peter Obtained from: Netflix MFC after: 3 Days
* Add globs.c to the build now that it's a separate file.scottl2013-12-301-1/+1
| | | | | | Reviewed by: max Obtained from: Netflix MFC after: 3 days
* Add the -R option to allow fsck_ffs to restart itself when too many criticalscottl2013-12-3010-108/+183
| | | | | | | | | | | | | | | | | | | | | | | | errors have been detected in a particular run. Clean up the global state variables so that a restart can happen correctly. Separate the global variables in fsck_ffs and fsdb to their own file. This fixes header sharing with fscd. Correctly initialize, static-ize, and remove global variables as needed in dir.c. This fixes a problem with lost+found directories that was causing a segfault. Correctly initialize, static-ize, and remove global variables as needed in suj.c. Initialize the suj globals before allocating the disk object, not after. Also ensure that 'preen' mode doesn't conflict with 'restart' mode Submitted by: scottl, max Reviewed by: max, mckusick (earlier version) Obtained from: Netflix MFC after: 3 days
* Add the '-b' flag to 'camcontrol devlist'. This prints only the existingscottl2013-12-292-8/+31
| | | | | | | buses and their parent sims, useful for creating a sim->bus->device map. Obtained from: Netflix MFC after: 3 days
* Improve wording slightly.joel2013-12-271-3/+1
|
* Add an ability to stop gmirror and clear its metadata in one command.ae2013-12-272-1/+20
| | | | | | | | | | | | | | This fixes the problem, when gmirror starts again just after stop. The problem occurs when gmirror's component has geom label with equal size. E.g. gpt and gptid have the same size as partition, diskid has the same size as entire disk. When gmirror's geom has been destroyed, glabel creates its providers and this initiate retaste. Now "gmirror destroy" command is available. It destroys geom and also erases gmirror's metadata. MFC after: 2 weeks
* Use feature_present(3) to determine whether to open an INET or anbz2013-12-264-4/+35
| | | | | | | | | | INET6 socket when needed to allow pfctl to work on noinet and noinet6 kernels (and try to provide a fallback using AF_LINK as best effort). Adjust the Makefile to also respect relevant src.conf(5) options for compile time decisions on INET and INET6 support. Reviewed by: glebius (no objections) MFC after: 1 week
* Minor grammar fixcrees2013-12-211-2/+1
| | | | | | PR: docs/185057 Submitted by: Yuri (yuri@rawbw.com) Approved by: gjb (mentor)
* swapon: Fix buffer overflow when configuring encrypted swap on GBDE.jilles2013-12-211-1/+2
| | | | | | PR: bin/184950 Tested by: Radim Kolar MFC after: 3 days
* Add net.inet.ip.fw.dyn_keep_states sysctl whichmelifaro2013-12-181-0/+5
| | | | | | | | | | | re-links dynamic states to default rule instead of flushing on rule deletion. This can be useful while performing ruleset reload (think about `atomic` reload via changing sets). Currently it is turned off by default. MFC after: 2 weeks Sponsored by: Yandex LLC
* Reword the part about mutual CHAP.trasz2013-12-171-5/+4
| | | | | MFC after: 2 weeks Sponsored by: The FreeBSD Foundation
* MFp4 @1189141:pjd2013-12-151-0/+2
| | | | | | Change casperd's zygote process title. MFC after: 1 week
* sbin/devd/devd.ccasomers2013-12-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | Promoting the SIGINFO handler's log message from LOG_INFO to LOG_NOTICE, and promoting the "Processing event ..." message from LOG_DEBUG to LOG_INFO. Setting the logfile to LOG_NOTICE with this change will have the same result as setting it to LOG_INFO without this change. Setting it to LOG_INFO with this change will include the useful "Processing event ..." messages that were previously at LOG_DEBUG, without including useless messages like "Pushing table". The intent of this change is that one can log "Processing event ..." without logging "Pushing table" and related messages that are sent for every event. The number of lines actually logged is reduced by about 75% by making this change and setting syslog to LOG_INFO vs setting syslog to LOG_DEBUG. etc/syslog.conf Changing the recommended loglevel to notice instead of info. Sponsored by: Spectra Logic Corp MFC after: 4 weeks
* sbin/devd/devd.ccasomers2013-12-131-1/+20
| | | | | | | | | | | | | | Increase the size of devd's client socket's send buffer from the default (8k) to 128k. This prevents clients from getting POLLHUPped during event storms. For example, during zpool creation, the kernel emits a resource.fs.zfs.statechange event for every vdev in the pool. A 128k buffer is large enough to hold the statechange events for a pool with nearly 800 drives. Reviewed by: ian, imp Approved by: ken (mentor) Sponsored by: Spectra Logic Corp MFC after: 4 weeks
* Somehow stable/10 branch contains correct version, but head doesn't.glebius2013-12-121-1/+1
|
* Check remote protocol version only for the first connection (when ittrociny2013-12-101-6/+6
| | | | | | | | | is actually sent by the remote node). Otherwise it generated confusing "Negotiated protocol version 1" debug messages when processing the second connection. MFC after: 2 weeks
* Send wakeup to threads waiting on empty queue before releasing thetrociny2013-12-102-16/+7
| | | | | | | lock to decrease spurious wakeups. Submitted by: davidxu MFC after: 2 weeks
* In remote_send_thread, if sending a request fails don't take thetrociny2013-12-101-11/+2
| | | | | | | | | | | | | | | | | | request back from the receive queue -- it might already be processed by remote_recv_thread, which lead to crashes like below: (primary) Unable to receive reply header: Connection reset by peer. (primary) Unable to send request (Connection reset by peer): WRITE(954662912, 131072). (primary) Disconnected from kopusha:7772. (primary) Increasing localcnt to 1. (primary) Assertion failed: (old > 0), function refcnt_release, file refcnt.h, line 62. Taking the request back was not necessary (it would properly be processed by the remote_recv_thread) and only complicated things. MFC after: 2 weeks
* Fix compiler warnings.trociny2013-12-102-4/+4
| | | | MFC after: 2 weeks
* Add some macros to make the code more readable (no functional chages).trociny2013-12-101-6/+9
| | | | MFC after: 2 weeks
OpenPOWER on IntegriCloud