rwatson [Mon, 11 Mar 2002 19:26:29 +0000 (19:26 +0000)]
Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
auth.info and authpriv.info by default. Rotate on the same schedule
as most other logs. Create at installation.
o Remove logging of auth.info from /var/log/security.log, which will
return to being only for security feature subsystems (such as ipfw,
and so on).
This creates a special authentication log, which can now be searched
by scripts for authentication events.
iedowse [Mon, 11 Mar 2002 19:13:22 +0000 (19:13 +0000)]
Fix a bug in ufsdirhash_adjfree() that caused it to incorrectly
update the free-space statistics in some cases. The problem affected
directory blocks when the free space dropped below the size of the
maximum allowed entry size. When this happened, the free-space
summary information could claim that there are no further blocks
that can fit a maximum-size entry, even if there are.
The effect of this bug is that the directory may be enlarged even
though there is space within the directory for the new entry. This
wastes disk space and has a negative impact on performance.
Fix it by correctly computing the dh_firstfree array index, adding
a helper macro for clarity. Put an extra sanity check into
ufsdirhash_checkblock() to detect the situation in future.
Found by: dwmalone
Reviewed by: dwmalone
MFC after: 1 week
phk [Mon, 11 Mar 2002 13:53:00 +0000 (13:53 +0000)]
As a XXX bandaid open the mounted device READ/WRITE even if we only mount
read-only.
The trouble here is that we don't reopen the device in read/write mode
when we remount in read/write mode resulting in a filesystem sending
write requests to a device which was only opened read/only.
I'm not quite sure how such a reopen would best be done and defer
the problem to more agile hackers.
markm [Mon, 11 Mar 2002 11:26:17 +0000 (11:26 +0000)]
Fix a prototype to match our headers. I am not convinced that doing
this in this file is the correct way round. (Maybe our definition of
__assert is wrong?)
Anyway, perhaps we should revisit this later. For the time being,
building lint libraries here does not blow up.
mux [Mon, 11 Mar 2002 09:26:07 +0000 (09:26 +0000)]
Simplify the interface cloning framework by handling unit
unit allocation with a bitmap in the generic layer. This
allows us to get rid of the duplicated rman code in every
clonable interface.
cjc [Mon, 11 Mar 2002 08:47:02 +0000 (08:47 +0000)]
Don't protect savecore(8) from being run with a bad dumpdir
argument. Don't fail silently, but let savecore(8) make noise. It
won't behave badly, it doesn't need protection.
At the same time, allow the administrator to have dumpdev enabled
while dumpdir (savecore(8)) is disabled and document how to do it.
tmm [Mon, 11 Mar 2002 03:18:17 +0000 (03:18 +0000)]
Fix some bugs that would prevent %fsr to be set correctly, and add
support for fcmp and fcmpe instructions with a condition code
specification other than %fcc0.
This (primarily the first part) seems to fix a lot of problems that
people were seeing, e.g. perl and gawk failures.
tmm [Mon, 11 Mar 2002 02:53:03 +0000 (02:53 +0000)]
Save/restore the %y register around calls to the C user trap handler;
gcc emits the deprecated sparc v8 instructions that use this register
when optimizing for UltraSparc machines because they are apparetly
faster then their v9 counterpars there.
dwmalone [Sun, 10 Mar 2002 23:12:43 +0000 (23:12 +0000)]
Don't assign strcmp to a variable called err and then compare it
with zero, just compare strcmp with zero. This fixes the same bug
which Maxim just fixed and fixes some odd style too.
eivind [Sun, 10 Mar 2002 21:52:48 +0000 (21:52 +0000)]
- Remove a number of extra newlines that do not belong here according to
style(9)
- Minor space adjustment in cases where we have "( ", " )", if(), return(),
while(), for(), etc.
- Add /* SYMBOL */ after a few #endifs.
luigi [Sun, 10 Mar 2002 20:08:44 +0000 (20:08 +0000)]
Export a (machine dependent) kernel variable bootdev as
machdep.guessed_bootdev, and add code to sysctl to parse its value
and give a (not necessarily correct) name to the device we booted
from (the main motivation for this code is to use the info in the
PicoBSD boot scripts, and the impact on the kernel is minimal).
NOTE: the information available in bootdev is not always reliable,
so you should not trust it too much. The parsing code is the same
as in boot2.c, and cannot cover all cases -- as it is, it seems to
work fine with floppies and IDE disks recognised by the BIOS. It
_should_ work as well with SCSI disks recognised by the BIOS.
Booting from a CDROM in floppy emulation will return /dev/fd0 (because
this is what the BIOS tells us).
Booting off the network (e.g. with etherboot) leaves bootdev unset so
the value will be printed as "invalid (0xffffffff)".
Finally, this feature might go away at some point, hopefully when we
have a more reliable way to get the same information.
sobomax [Sun, 10 Mar 2002 19:20:01 +0000 (19:20 +0000)]
Fix a breakage introduced in rev.1.75 (supposedly style cleanup), which results
in "missing dependencies" error when loading some kld modules. It is sad to
see how often these days style cleanus break doesn't broken things. Perhaps
people should recall good old principle: "don't fix it if it isn't broken".
rwatson [Sun, 10 Mar 2002 15:20:36 +0000 (15:20 +0000)]
/var/log/security gets almost no (if not no) activity on many FreeBSD
systems due to sshd not using the security log class. Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.
dd [Sun, 10 Mar 2002 09:21:50 +0000 (09:21 +0000)]
Link scbus(4) to scsi(4). Most of the other CAM devices have their
own manual pages, but this is better than nothing until someone writes
a real scbus(4).
PR: 35641
Submitted by: Gary W. Swearingen <swear@blarg.net>
__FreeBSD__ is a compiler predefine,
__FreeBSD_version is defined in <sys/param.h> .
Given that in this case (and all others in sys/dev/usb and sys/i4b)
the goal is to adapt to a different kernel interface, and not to
a compiler feature, I believe the correct form is the second one
(in the best case the two are synonyms so the change does not break
anything anyways).
mike [Sun, 10 Mar 2002 06:42:27 +0000 (06:42 +0000)]
o Add INET_ADDRSTRLEN and INET6_ADDRSTRLEN defines to <arpa/inet.h>
for POSIX.1-2001 conformance.
o Add magic to <netinet/in.h> and <netinet6/in6.h> to prevent
redefining INET_ADDRSTRLEN and INET6_ADDRSTRLEN.
o Add a note about missing typedefs in <arpa/inet.h>.
jake [Sat, 9 Mar 2002 23:35:50 +0000 (23:35 +0000)]
Increase VM_KMEM_SIZE to 16 megs from 12. Define VM_KMEM_SIZE_SCALE so that
the number of physical pages per KVA page allocated scales properly with
memory size. This fixes problems with kmem_map being too small.