| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
| |
Increase group limit for kerberized NFSv4
PR: 202659
Submitted by: matthew.l.dailey@dartmouth.edu
Reviewed by: rmacklem dfr
Sponsored by: iXsystems
|
| |
|
|
|
|
| |
Relnotes: yes
|
| |
|
| |
|
| |
|
|
|
|
|
| |
We may need to pass negotiated value to kernel level, but so far it is
not necessary, since it does not use any new features without request.
|
| |
|
| |
|
| |
|
|
|
|
| |
They are going to be useful in clustered setups.
|
|
|
|
| |
Not all changes take effect, but that is a different question.
|
| |
|
|
|
|
|
|
| |
Its idea was to be a simple initiator and execute several commands from
kernel level, but FreeBSD never had consumer for that functionality,
while its implementation polluted many unrelated places.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new sesutil(8) utility
This is an utility for managing SCSI Enclosure Services (SES) device.
For now only one command is supported "locate" which will change the test of the
external LED associated to a given disk.
Usage if the following:
sesutil locate disk [on|off]
Disk can be a device name: "da12" or a special keyword: "all".
Reviewed by: mav
Relnotes: yes
Sponsored by: gandi.net
|
| |
|
| |
|
| |
|
|
|
|
| |
Replace afterinstall: hack from r54681 with 'make delete-old' functionality.
|
|
|
|
| |
working.
|
|
|
|
|
| |
All supported releases have the -m support from r186678, so remove the
mention of it and reword this a bit to remove 'you'.
|
|
|
|
|
| |
Document the post-merge actions of calling tzsetup(8) and services_mkdb(8)
added in r259134.
|
|
|
|
|
|
|
|
|
|
| |
pmcstat.8: fix -a flag description; improve -m flag to match
The -a flag reads a file saved by -O, not -o.
The -m flag requires the -R flag. Copy that paragraph from -a.
Sponsored by: Dell Inc.
|
|
|
|
|
|
|
| |
Use strlcpy() instead of strncpy() because subsequent mkstemps expects
the string be nul-terminated.
Reviewed by: neel
|
|
|
|
| |
Remove redundant beforeinstall.
|
|
|
|
|
|
|
|
|
| |
Use the cpuset API more consistently:
- Fetch the root set from cpuset_getaffinity() instead of assuming all CPUs
from 0 to hw.ncpu are the root set.
- Use CPU_SETSIZE and CPU_FFS.
- The original notion of halted CPUs the manpage and code refers to is gone.
Use the term "available" instead.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
transport specific form of a universal transport address. The
structure is expected to be opaque to consumers. In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.
In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer. When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.
Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.
Security: FreeBSD-SA-15:24.rpcbind
Security: CVE-2015-7236
|
|
|
|
| |
Remove unsupported S5 (power off) state.
|
|
|
|
| |
Document 'k' option for acpiconf(8).
|
|
|
|
|
|
| |
Fix typo.
Sponsored by: iXsystems
|
|
|
|
|
|
| |
Use strlcpy() in favor of strncpy() as it's defined to have a nul character
at the end of string buffer, and the code context do expects this to behave
correctly (e.g. strchr).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fix a crash on a rpc entry when an IPv6 address is explicitly
specified in -a flag.
- Fix a bug that sockaddr_in was used where sockaddr_in6 should have
been used. This was not actually harmful because offsetof(struct
sockaddr_in, sin_port) is equal to offsetof(struct sockaddr_in6,
sin6_port).
- Remove unused union p_un.
- Use NI_MAXHOST-long buffer for getnameinfo().
Although INET6_ADDRSTRLEN was designed to hold the longest
IPv6 address in IPv4-mapped address format a long time ago,
getnameinfo() can return scope identifier in addition to it.
|
|
|
|
| |
Remove extra debug that crept in
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement pubkey support for the bootstrap
Note that to not interfer with finger print it expects a signature on pkg itself
which is named pkg.txz.pubkeysign
To genrate it:
echo -n "$(sha256 -q pkg.txz)" | openssl dgst -sha256 -sign /thekey \
-binary -out ./pkg.txz.pubkeysig
Note the "echo -n" which prevent signing the '\n' one would get otherwise
PR: 202622
|
|
|
|
|
|
|
|
|
|
| |
Regression: fix pw usermod -d
Mark the user has having been edited if -d option is passed to usermod and
so the request change of home directory actually happen
PR: 203052
Reported by: lenzi.sergio@gmail.com
|
|
|
|
|
|
|
|
|
|
| |
Prefer pciids database from ports if present
Given the pciids database on ports is updated more often than the one in base
prefer this version if present, otherwise read the one from base.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D3391
|
|
|
|
|
|
|
|
|
| |
- Ansify function definitions.
- Change the type of addr argument in dump() function to be able
disambiguate link-local addresses from different zones.
- Add static and remove unused variables.
|
|
|
|
| |
Remove obsolete API (SIOCGDRLST_IN6 and SIOCGPRLST_IN6) support.
|
| |
|
|
|
|
|
|
|
| |
Check for invalid length or more than max length for the interpreter, instead
of the validity of the string pointer holding the interpreter.
Submitted by: sson
|
|
|
|
| |
Add ATF functional tests for fstyp(8). No ZFS or GELI tests yet.
|
|
|
|
|
|
|
|
|
| |
Serve /etc/eui64 via NIS.
The C library already knows how to lookup eui64 entries from NIS. For
example, fwcontrol(8) does it. But /var/yp/Makefile.dist doesn't build the
eui64 maps, and ypinit(8) doesn't push them to slaves. This change fixes
that.
|
|
|
|
|
|
|
|
|
| |
Manpage cleanup.
- new sentence -> new line
- fix manpage references
- fix macro usage
- fix a typo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r285396,r285398,r285401,r285403,r285405,r285406,r285408,r285409,r285411,
r285412,r285413,r285415,r285418,r285430,r285433,r285434,r285442,r285948,
r285984,r285985,r285989,r285996,r285997,r286045,r286047,r286066,r286150,
r286151,r286152,r286154,r286155,r286156,r286157,r286173,r286196,r286197,
r286198,r286199,r286200,r286201,r286202,r286203,r286204,r286210,r286211,
r286217,r286218,r286258,r286259,r286341,r286775,r286982,r286986,r286991,
r286993
Validate most pw inputs.
Rewrite the way parsing sub arguments is made to simplify code and improve
maintenability
Add -y (NIS) to userdel/usermod
pw userdel -r <rootdir> now deletes directories in the rootdir
Only parse pw.conf when needed
Reject usermod and userdel if the user concerned is not on the user database
supposed to be manipulated
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue warning and refuse to proceed further if the configured
repository signature_type is unsupported by bootstrap pkg(7).
Previously, when signature_type specified an unsupported method,
the bootstrap pkg(7) would proceed like when signature_type is
"none". MITM attackers may be able to use this vulnerability and
bypass validation and install their own versions of pkg(8).
At this time, only fingerprint and none are supported by the
bootstrap pkg(7).
FreeBSD's official pkg(8) repository uses the fingerprint method
and is therefore unaffected.
Errata candidate.
|
| |
|
| |
|