| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
PR: 47607
Submitted by: Eric van Gyzen <vangyzen@stat.duke.edu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
properly, clean up quota(1). quota(1) has the ability to query
quotas either directly from the kernel, or if that fails, by reading
the quota.user or quota.group files specified for the file system
in /etc/fstab. The setuid bit existed solely (apparently) to let
non-operator users query their quotas and consumption when quotas
weren't enabled for the file system.
o Remove the setuid bit from quota(1).
o Remove the logic used by quota(1) when running setuid to prevent
users from querying the quotas of other users or groups. Note
that this papered over previously broken kernel access control;
if you queried directly using the system call, you could access
some of the data "restricted" by quota(1).
In the new world order, the ability to inspect the (live) quotas of
other uids and gids via the kernel is controlled by the privilege
requirement sysctl. The ability to query via the file is controlled
by the file permissions on the quota database backing files
(root:operator, group readable by default).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
properly, clean up quota(1). quota(1) has the ability to query
quotas either directly from the kernel, or if that fails, by reading
the quota.user or quota.group files specified for the file system
in /etc/fstab. The setuid bit existed solely (apparently) to let
non-operator users query their quotas and consumption when quotas
weren't enabled for the file system.
o Remove the setuid bit from quota(1).
o Remove the logic used by quota(1) when running setuid to prevent
users from querying the quotas of other users or groups. Note
that this papered over previously broken kernel access control.
|
|
|
|
|
| |
PR: bin/12939
Submitted by: Neil Blakey-Milner <nbm@rucus.ru.ac.za>
|
|
|
|
| |
output match the synopsis.
|
|
|
|
|
|
|
|
| |
are down. Avoid trying to send RPCs to the pidXXX@machine names
used in the special amd(8) mounts.
PR: bin/6183
Submitted by: Petr Lampa <lampa@fee.vutbr.cz>
|
|
|
|
| |
sort out some const issues.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
a ufs filesystem and it may be reporting in K instead of 512b blocks.
This is true when using a vxfs filesystem (on a solaris box) for instance.
PR: bin/14545
Submitted by: Jim Pirzyk
Reviewed by: jkh
MFC after: 1 week
|
|
|
|
| |
Options: -> The following options are available:
|
| |
|
|
|
|
| |
Submitted by: "D. Rock" <rock@cs.uni-sb.de>
|
|
|
|
| |
Submitted by: J. Assange a long time ago.
|
|
|
|
| |
instead of by number.
|
| |
|
|
|
|
| |
posix standard on the topic.
|
|
|
|
| |
used as truth value.
|
|
|
|
| |
(thanks to bruce)
|
|
|
|
|
|
| |
replaced our quota with the NetBSD one, then added all changes we made
to our - this is done to support the displaying of quota's over nfs
using the rpc.rquotad
|
|
|
|
| |
mismatches.
|
|
|