diff options
Diffstat (limited to 'usr.sbin')
60 files changed, 1729 insertions, 295 deletions
diff --git a/usr.sbin/Makefile.riscv b/usr.sbin/Makefile.riscv new file mode 100644 index 000000000000..8987110dba31 --- /dev/null +++ b/usr.sbin/Makefile.riscv @@ -0,0 +1,3 @@ +# $FreeBSD$ + +SUBDIR+= ofwdump diff --git a/usr.sbin/apmd/Makefile b/usr.sbin/apmd/Makefile index 20a4e5620ee7..4afd417eeb0d 100644 --- a/usr.sbin/apmd/Makefile +++ b/usr.sbin/apmd/Makefile @@ -1,5 +1,6 @@ # $FreeBSD$ +CONFS= apmd.conf PROG= apmd MAN= apmd.8 MANSUBDIR= /i386 diff --git a/usr.sbin/apmd/apmd.conf b/usr.sbin/apmd/apmd.conf new file mode 100644 index 000000000000..be4a6c3ddd4c --- /dev/null +++ b/usr.sbin/apmd/apmd.conf @@ -0,0 +1,55 @@ +# apmd Configuration File +# +# $FreeBSD$ +# + +apm_event SUSPENDREQ { + exec "/etc/rc.suspend apm suspend"; +} + +apm_event USERSUSPENDREQ { + exec "sync && sync && sync"; + exec "sleep 1"; + exec "apm -z"; +} + +apm_event NORMRESUME { + exec "/etc/rc.resume apm suspend"; +} + +apm_event STANDBYRESUME { + exec "/etc/rc.resume apm standby"; +} + +# resume event configuration for serial mouse users by +# reinitializing a moused(8) connected to a serial port. +# +#apm_event NORMRESUME { +# exec "kill -HUP `cat /var/run/moused.pid`"; +#} + +# suspend request event configuration for ATA HDD users: +# execute standby instead of suspend. +# +#apm_event SUSPENDREQ { +# reject; +# exec "sync && sync && sync"; +# exec "sleep 1"; +# exec "apm -Z"; +#} + +# Sample entries for battery state monitoring +#apm_battery 5% discharging { +# exec "logger -p user.emerg battery status critical!"; +# exec "echo T250L8CE-GE-C >/dev/speaker"; +#} +#apm_battery 1% discharging { +# exec "logger -p user.emerg battery low - emergency suspend"; +# exec "echo T250L16B+BA+AG+GF+FED+DC+CC >/dev/speaker"; +# exec "apm -z"; +#} +#apm_battery 99% charging { +# exec "logger -p user.notice battery fully charged"; +#} + +# apmd Configuration ends here diff --git a/usr.sbin/autofs/Makefile b/usr.sbin/autofs/Makefile index 760ec561ba6b..d901e35a523c 100644 --- a/usr.sbin/autofs/Makefile +++ b/usr.sbin/autofs/Makefile @@ -1,5 +1,6 @@ # $FreeBSD$ +CONFS= auto_master PACKAGE=autofs PROG= automountd SRCS= automount.c @@ -30,4 +31,6 @@ LINKS+= ${BINDIR}/automountd ${BINDIR}/autounmountd .PATH: ${MOUNT} +SUBDIR= autofs + .include <bsd.prog.mk> diff --git a/usr.sbin/autofs/auto_master b/usr.sbin/autofs/auto_master new file mode 100644 index 000000000000..55ee99172ea0 --- /dev/null +++ b/usr.sbin/autofs/auto_master @@ -0,0 +1,9 @@ +# $FreeBSD$ +# +# Automounter master map, see auto_master(5) for details. +# +/net -hosts -nobrowse,nosuid,intr +# When using the -media special map, make sure to edit devd.conf(5) +# to move the call to "automount -c" out of the comments section. +#/media -media -nosuid,noatime +#/- -noauto diff --git a/usr.sbin/autofs/autofs/Makefile b/usr.sbin/autofs/autofs/Makefile new file mode 100644 index 000000000000..772efd38266f --- /dev/null +++ b/usr.sbin/autofs/autofs/Makefile @@ -0,0 +1,15 @@ +# $FreeBSD$ + +CONFS= include_ldap \ + include_nis \ + include_nis_nullfs \ + special_hosts \ + special_media \ + special_noauto \ + special_null + +NO_OBJ= +CONFDIR= /etc/autofs +CONFMODE= 755 + +.include <bsd.prog.mk> diff --git a/usr.sbin/autofs/autofs/include_ldap b/usr.sbin/autofs/autofs/include_ldap new file mode 100644 index 000000000000..4cf70bfeef81 --- /dev/null +++ b/usr.sbin/autofs/autofs/include_ldap @@ -0,0 +1,55 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# Modify this to suit your needs. The "$1" is the map name, eg. "auto_master". +# To debug, simply run this script with map name as the only parameter. It's +# supposed to output map contents ("key location" pairs) to standard output. +SEARCHBASE="ou=$1,dc=example,dc=com" +ENTRY_ATTRIBUTE="cn" +VALUE_ATTRIBUTE="automountInformation" + +/usr/local/bin/ldapsearch -LLL -x -o ldif-wrap=no -b "$SEARCHBASE" "$ENTRY_ATTRIBUTE" "$VALUE_ATTRIBUTE" | awk ' +$1 == "'$ENTRY_ATTRIBUTE':" { + key = $2 +} + +$1 == "'$VALUE_ATTRIBUTE':" { + for (i = 2; i <= NF; i++) { + value[i] = $(i) + } + nvalues = NF + b64 = 0 +} + +# Double colon after attribute name means the value is in Base64. +$1 == "'$VALUE_ATTRIBUTE'::" { + for (i = 2; i <= NF; i++) { + value[i] = $(i) + } + nvalues = NF + b64 = 1 +} + +# Empty line - end of record. +NF == 0 && key != "" && nvalues > 0 { + printf "%s%s", key, OFS + for (i = 2; i < nvalues; i++) { + printf "%s%s", value[i], OFS + } + if (b64 == 1) { + printf "%s", value[nvalues] | "b64decode -rp" + close("b64decode -rp") + printf "%s", ORS + } else { + printf "%s%s", value[nvalues], ORS + } +} + +NF == 0 { + key = "" + nvalues = 0 + delete value +} +' diff --git a/usr.sbin/autofs/autofs/include_nis b/usr.sbin/autofs/autofs/include_nis new file mode 100644 index 000000000000..5289984639a1 --- /dev/null +++ b/usr.sbin/autofs/autofs/include_nis @@ -0,0 +1,14 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +if [ -n "$2" ]; then + ypmatch $2 $1 + exit 0 +fi + +if [ -n "$1" ]; then + ypcat -k $1 + exit 0 +fi diff --git a/usr.sbin/autofs/autofs/include_nis_nullfs b/usr.sbin/autofs/autofs/include_nis_nullfs new file mode 100644 index 000000000000..6ef815d57c6b --- /dev/null +++ b/usr.sbin/autofs/autofs/include_nis_nullfs @@ -0,0 +1,180 @@ +#!/usr/bin/awk -f +#- +# Copyright (c) 2017 G. Paul Ziemba +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ +# + +# +# /etc/autofs/include_nis_nullfs +# +# automountd Directory Services script for NIS +# +# SYNOPSIS +# include_nis_nullfs <mapname> +# +# include_nis_nullfs <mapname> <key> +# +# DESCRIPTION +# +# This script provides a Directory Services map for automountd +# based on NIS. Please see auto_master(5) for general information. +# +# The first form, with one argument, emits the entire named NIS map. +# The second form, with two arguments, emits the map entry for the +# key given in the second argument. +# +# This script attempts to determine the names and IP addresses +# of the local host. Map entries matching the local host are +# rewritten to specify nullfs mounts (instead of the default +# NFS) to reduce access overhead in the kernel. +# +# If a map entry contains multiple location fields, it is not changed. +# + + +# Populate list of names and IP addrs thet mean "this host" +# into myhostnames array +BEGIN { + # + # Set self hostnames + # + + "hostname -s" | getline; + myhostnames[$0] = 1; + + "hostname -f" | getline; + myhostnames[$0] = 1; + + myhostnames["localhost"] = 1 + + "hostname -f" | getline; + localdomain=$0 + myhostnames["localhost."localdomain] = 1 + + while ("ifconfig" | getline) { + if ($1 == "inet") { + myhostnames[$2] = 1; + } + } + + # debug +# print "--- hostname list start ----" +# for (i in myhostnames) { +# print i +# } +# print "--- hostname list end ----" + + if (ARGC == 2) { + # mapname only + while ("ypcat -k " ARGV[1] | getline) { + proc_mapline(1) + } + } + if (ARGC == 3) { + # mapname and keyname + while ("ypmatch " ARGV[2] " " ARGV[1] | getline) { + proc_mapline(0) + } + } + exit 0 +} + +function is_self(hostname) +{ + if (myhostnames[hostname]) { + return 1 + } + return 0 +} + +# +# Lines are of the form [key] [-opts] location1 [... locationN] +# +# indicate index of key field with first positional parameter +# 1 means keyfield is the first field +# 0 means keyfield is not present +# +function proc_mapline(keyfield) +{ + optionsfield = 0 + locationfield = 0 + locationcount = 0 + + for (i=keyfield+1; i <= NF; ++i) { + if (!optionsfield) { + if ($i ~ /^-/) { + # the first options field found on the line + optionsfield = i; + continue + } + } + # Assumption: location contains colon (":") + if (optionsfield && ($i ~ /:/) && ($i !~ /^-/)) { + ++locationcount + if (!locationfield) { + # the first location field found on the line + locationfield = i + } + } + } + + # + # If location not found, do not modify. + # + # If there is more than one location, do not modify. Rationale: + # Options are applied to all locations. We ca not have "nullfs" + # for only some locations and "nfs" for others for a given + # map key (i.e., a line). The usual reason for multiple + # locations is for redundancy using replicated volumes on + # multiple hosts, so multiple hosts imply fstype=nfs (the + # FreeBSD default for automounter maps). + # + # Hypothetically there could be a map entry with multiple + # locations all with host parts matching "me". In that case, + # it would be safe to rewrite the locations and specify + # nullfs, but the code does not handle this case. + # + if (locationcount == 1) { + # + # We have a line with exactly one location field + # + # Assumption: location has no more than one colon (":") + # + n=split($locationfield,location,":") + if (is_self(location[1])) { + $locationfield = ":" location[2] + if (optionsfield) { + # append to existing options + $optionsfield = $optionsfield ",fstype=nullfs" + } else { + # sneak in ahead of location + $locationfield = "-fstype=nullfs " $locationfield + } + } + } + + print +} diff --git a/usr.sbin/autofs/autofs/special_hosts b/usr.sbin/autofs/autofs/special_hosts new file mode 100644 index 000000000000..c49854681451 --- /dev/null +++ b/usr.sbin/autofs/autofs/special_hosts @@ -0,0 +1,17 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +if [ $# -eq 0 ]; then + out=`getent hosts` + [ $? -eq 0 ] || exit 1 + echo "$out" | awk '{ print $2 }' | sort -u + exit 0 +fi + +out=`showmount -E "$1"` +[ $? -eq 0 ] || exit 1 +echo "$out" | awk -v host="$1" \ + '{ printf "\"%s\"\t\"%s:%s\" ", $0, host, $0 } END { printf "\n" }' + diff --git a/usr.sbin/autofs/autofs/special_media b/usr.sbin/autofs/autofs/special_media new file mode 100755 index 000000000000..dbd7457b445f --- /dev/null +++ b/usr.sbin/autofs/autofs/special_media @@ -0,0 +1,136 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# Print newline-separated list of devices available for mounting. +# If there is a filesystem label - use it, otherwise use device name. +print_available() { + local _fstype _fstype_and_label _label _p + + for _p in ${providers}; do + _fstype_and_label="$(fstyp -l "/dev/${_p}" 2> /dev/null)" + if [ $? -ne 0 ]; then + # Ignore devices for which we were unable + # to determine filesystem type. + continue + fi + + _fstype="${_fstype_and_label%% *}" + if [ "${_fstype}" != "${_fstype_and_label}" ]; then + _label="${_fstype_and_label#* }" + # Replace plus signs and slashes with minuses; + # leading plus signs have special meaning in maps, + # and multi-component keys are just not supported. + _label="$(echo ${_label} | sed 's,[+/],-,g')" + echo "${_label}" + continue + fi + + echo "${_p}" + done +} + +# Print a single map entry. +print_map_entry() { + local _fstype _p + + _fstype="$1" + _p="$2" + + case "${_fstype}" in + "exfat") + if [ -f "/usr/local/sbin/mount.exfat" ]; then + echo "-mountprog=/usr/local/sbin/mount.exfat,fstype=${_fstype},nosuid :/dev/${_p}" + else + /usr/bin/logger -p info -t "special_media[$$]" \ + "Cannot mount ${_fstype} formatted device /dev/${_p}: Install sysutils/fusefs-exfat first" + exit 1 + fi + ;; + "ntfs") + if [ -f "/usr/local/bin/ntfs-3g" ]; then + echo "-mountprog=/usr/local/bin/ntfs-3g,fstype=${_fstype},nosuid :/dev/${_p}" + else + /usr/bin/logger -p info -t "special_media[$$]" \ + "Cannot mount ${_fstype} formatted device /dev/${_p}: Install sysutils/fusefs-ntfs first" + exit 1 + fi + ;; + "ext2fs" | "msdosfs") + echo "-fstype=${_fstype},nosuid,async :/dev/${_p}" + ;; + *) + echo "-fstype=${_fstype},nosuid :/dev/${_p}" + ;; + esac +} + +# Determine map entry contents for the given key and print out the entry. +print_one() { + local _fstype _fstype_and_label _label _key _p + + _key="$1" + + _fstype="$(fstyp "/dev/${_key}" 2> /dev/null)" + if [ $? -eq 0 ]; then + print_map_entry "${_fstype}" "${_key}" + return + fi + + for _p in ${providers}; do + _fstype_and_label="$(fstyp -l "/dev/${_p}" 2> /dev/null)" + if [ $? -ne 0 ]; then + # Ignore devices for which we were unable + # to determine filesystem type. + continue + fi + + _fstype="${_fstype_and_label%% *}" + if [ "${_fstype}" = "${_fstype_and_label}" ]; then + # No label, try another device. + continue + fi + + _label="${_fstype_and_label#* }" + # Replace plus signs and slashes with minuses; + # leading plus signs have special meaning in maps, + # and multi-component keys are just not supported. + _label="$(echo ${_label} | sed 's,[+/],-,g')" + if [ "${_label}" != "${_key}" ]; then + # Labels don't match, try another device. + continue + fi + + print_map_entry "${_fstype}" "${_p}" + done + + # No matching device - don't print anything, autofs will handle it. +} + +# Obtain a list of (geom-provider-name, access-count) pairs, turning this: +# +# z0xfffff80005085d00 [shape=hexagon,label="ada0\nr2w2e3\nerr#0\nsector=512\nstripe=0"]; +# +# Into this: +# +# ada0 r2w2e3 +# +# XXX: It would be easier to use kern.geom.conftxt instead, but it lacks +# access counts. +pairs=$(sysctl kern.geom.confdot | sed -n 's/^.*hexagon,label="\([^\]*\)\\n\([^\]*\).*/\1 \2/p') + +# Obtain a list of GEOM providers that are not already open - not mounted, +# and without other GEOM class, such as gpart, attached. In other words, +# grep for "r0w0e0". Skip providers with names containing slashes; we're +# not interested in geom_label(4) creations. +providers=$(echo "$pairs" | awk '$2 == "r0w0e0" && $1 !~ /\// { print $1 }') + +if [ $# -eq 0 ]; then + print_available + exit 0 +fi + +print_one "$1" +exit 0 + diff --git a/usr.sbin/autofs/autofs/special_noauto b/usr.sbin/autofs/autofs/special_noauto new file mode 100755 index 000000000000..219ec7ea6994 --- /dev/null +++ b/usr.sbin/autofs/autofs/special_noauto @@ -0,0 +1,29 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +print_available() { + sed 's/#.*//' /etc/fstab | awk '$4 ~ /noauto/ { print $2 }' +} + +print_one() { + local _mntpoint + + _mntpoint="${1%/}" + + sed 's/#.*//' /etc/fstab | awk ' + $2 == "'"${_mntpoint}"'" && $4 ~ /noauto/ { + if ($1 ~ /:/) { dev=$1 } else { dev=":"$1 } + print "-fstype=" $3 "," $4, dev + }' +} + +if [ $# -eq 0 ]; then + print_available + exit 0 +fi + +print_one "$1" +exit 0 + diff --git a/usr.sbin/autofs/autofs/special_null b/usr.sbin/autofs/autofs/special_null new file mode 100644 index 000000000000..41c10001e676 --- /dev/null +++ b/usr.sbin/autofs/autofs/special_null @@ -0,0 +1,4 @@ +#!/usr/bin/true +# +# $FreeBSD$ +# diff --git a/usr.sbin/bhyve/bhyverun.c b/usr.sbin/bhyve/bhyverun.c index f52f8b2b5819..23be74bf2bf8 100644 --- a/usr.sbin/bhyve/bhyverun.c +++ b/usr.sbin/bhyve/bhyverun.c @@ -1112,6 +1112,11 @@ main(int argc, char *argv[]) if (lpc_bootrom()) fwctl_init(); + /* + * Change the proc title to include the VM name. + */ + setproctitle("%s", vmname); + #ifndef WITHOUT_CAPSICUM caph_cache_catpages(); @@ -1123,11 +1128,6 @@ main(int argc, char *argv[]) #endif /* - * Change the proc title to include the VM name. - */ - setproctitle("%s", vmname); - - /* * Add CPU 0 */ fbsdrun_addcpu(ctx, BSP, BSP, rip); diff --git a/usr.sbin/blacklistd/Makefile b/usr.sbin/blacklistd/Makefile index 6f2b64476a11..8c9a354a7fb3 100644 --- a/usr.sbin/blacklistd/Makefile +++ b/usr.sbin/blacklistd/Makefile @@ -3,6 +3,7 @@ BLACKLIST_DIR=${SRCTOP}/contrib/blacklist .PATH: ${BLACKLIST_DIR}/bin ${BLACKLIST_DIR}/port +CONFS= blacklistd.conf PROG= blacklistd SRCS= blacklistd.c conf.c run.c state.c support.c internal.c \ sockaddr_snprintf.c pidfile.c strtoi.c popenve.c diff --git a/usr.sbin/blacklistd/blacklistd.conf b/usr.sbin/blacklistd/blacklistd.conf new file mode 100644 index 000000000000..2b1cf87e60c9 --- /dev/null +++ b/usr.sbin/blacklistd/blacklistd.conf @@ -0,0 +1,17 @@ +# $FreeBSD$ +# +# Blacklist rule +# adr/mask:port type proto owner name nfail disable +[local] +ssh stream * * * 3 24h +ftp stream * * * 3 24h +smtp stream * * * 3 24h +submission stream * * * 3 24h +#6161 stream tcp6 christos * 2 10m +* * * * * 3 60 + +# adr/mask:port type proto owner name nfail disable +[remote] +#129.168.0.0/16 * * * = * * +#6161 = = = =/24 = = +#* stream tcp * = = = diff --git a/usr.sbin/camdd/camdd.c b/usr.sbin/camdd/camdd.c index 040920ad9562..1133c6c182aa 100644 --- a/usr.sbin/camdd/camdd.c +++ b/usr.sbin/camdd/camdd.c @@ -429,23 +429,6 @@ static sig_atomic_t need_status = 0; #define min(a, b) (a < b) ? a : b #endif -/* - * XXX KDM private copy of timespecsub(). This is normally defined in - * sys/time.h, but is only enabled in the kernel. If that definition is - * enabled in userland, it breaks the build of libnetbsd. - */ -#ifndef timespecsub -#define timespecsub(vvp, uvp) \ - do { \ - (vvp)->tv_sec -= (uvp)->tv_sec; \ - (vvp)->tv_nsec -= (uvp)->tv_nsec; \ - if ((vvp)->tv_nsec < 0) { \ - (vvp)->tv_sec--; \ - (vvp)->tv_nsec += 1000000000; \ - } \ - } while (0) -#endif - /* Generically useful offsets into the peripheral private area */ #define ppriv_ptr0 periph_priv.entries[0].ptr @@ -3069,7 +3052,7 @@ camdd_print_status(struct camdd_dev *camdd_dev, struct camdd_dev *other_dev, return; } - timespecsub(&done_time, start_time); + timespecsub(&done_time, start_time, &done_time); total_ns = done_time.tv_nsec + (done_time.tv_sec * 1000000000); total_sec = total_ns; diff --git a/usr.sbin/config/mkmakefile.c b/usr.sbin/config/mkmakefile.c index 11ed92ed1f36..c9c2fbcdd06f 100644 --- a/usr.sbin/config/mkmakefile.c +++ b/usr.sbin/config/mkmakefile.c @@ -65,6 +65,7 @@ static void do_before_depend(FILE *); static int opteq(const char *, const char *); static void read_files(void); static void sanitize_envline(char *result, const char *src); +static bool preprocess(char *line, char *result); static void process_into_file(char *line, FILE *ofp); static void process_into_nvlist(char *line, nvlist_t *nvl); static void dump_nvlist(nvlist_t *nvl, FILE *ofp); @@ -243,16 +244,29 @@ sanitize_envline(char *result, const char *src) *dst = 0; } +/* + * Returns true if the caller may use the string. + */ +static bool +preprocess(char *line, char *result) +{ + char *s; + + /* Strip any comments */ + if ((s = strchr(line, '#')) != NULL) + *s = '\0'; + sanitize_envline(result, line); + /* Return true if it's non-empty */ + return (*result != '\0'); +} + static void process_into_file(char *line, FILE *ofp) { char result[BUFSIZ]; - sanitize_envline(result, line); - /* anything left? */ - if (*result == '\0') - return; - fprintf(ofp, "\"%s\\0\"\n", result); + if (preprocess(line, result)) + fprintf(ofp, "\"%s\\0\"\n", result); } static void @@ -260,15 +274,13 @@ process_into_nvlist(char *line, nvlist_t *nvl) { char result[BUFSIZ], *s; - sanitize_envline(result, line); - /* anything left? */ - if (*result == '\0') - return; - s = strchr(result, '='); - *s = 0; - if (nvlist_exists(nvl, result)) - nvlist_free(nvl, result); - nvlist_add_string(nvl, result, s + 1); + if (preprocess(line, result)) { + s = strchr(result, '='); + *s = '\0'; + if (nvlist_exists(nvl, result)) + nvlist_free(nvl, result); + nvlist_add_string(nvl, result, s + 1); + } } static void diff --git a/usr.sbin/cxgbetool/cxgbetool.8 b/usr.sbin/cxgbetool/cxgbetool.8 index 102050d8115c..080fc8559b33 100644 --- a/usr.sbin/cxgbetool/cxgbetool.8 +++ b/usr.sbin/cxgbetool/cxgbetool.8 @@ -31,7 +31,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 14, 2018 +.Dd Aug 8, 2018 .Dt CXGBETOOL 8 .Os .Sh NAME @@ -60,7 +60,7 @@ .It .Nm Ar nexus Cm filter Ar idx Ar filter-specification .It -.Nm Ar nexus Cm filter Ar idx Cm delete +.Nm Ar nexus Cm filter Ar idx Cm delete Op Cm prio Bro Cm 0 | 1 Brc .It .Nm Ar nexus Cm filter list .It @@ -381,7 +381,7 @@ TCAM filters: The number of available filters is in dev.<nexus>.<instance>.nfilters. .Ar idx must be an unused index between 0 and nfilters - 1. -IPv6 filters consume 4 consecutive entries on T4/T5 and and 2 on T6 and +IPv6 filters consume 4 consecutive entries on T4/T5 and 2 on T6 and .Ar idx must be aligned to 4 or 2 in this case. .Pp diff --git a/usr.sbin/cxgbetool/cxgbetool.c b/usr.sbin/cxgbetool/cxgbetool.c index 117f88866a05..be76948d4f01 100644 --- a/usr.sbin/cxgbetool/cxgbetool.c +++ b/usr.sbin/cxgbetool/cxgbetool.c @@ -94,7 +94,7 @@ usage(FILE *fp) "\tcontext <type> <id> show an SGE context\n" "\tdumpstate <dump.bin> dump chip state\n" "\tfilter <idx> [<param> <val>] ... set a filter\n" - "\tfilter <idx> delete|clear delete a filter\n" + "\tfilter <idx> delete|clear [prio 1] delete a filter\n" "\tfilter list list all filters\n" "\tfilter mode [<match>] ... get/set global filter mode\n" "\thashfilter [<param> <val>] ... set a hashfilter\n" @@ -147,7 +147,6 @@ real_doit(unsigned long cmd, void *data, const char *cmdstr) rc = errno; return (rc); } - chip_id = nexus[1] - '0'; } rc = ioctl(fd, cmd, data); @@ -934,7 +933,7 @@ do_show_one_filter_info(struct t4_filter *t, uint32_t mode) printf("(hash)"); } } - if (t->fs.prio) + if (chip_id <= 5 && t->fs.prio) printf(" Prio"); if (t->fs.rpttid) printf(" RptTID"); @@ -944,7 +943,7 @@ do_show_one_filter_info(struct t4_filter *t, uint32_t mode) static int show_filters(int hash) { - uint32_t mode = 0, header = 0; + uint32_t mode = 0, header, hpfilter = 0; struct t4_filter t; int rc; @@ -953,6 +952,29 @@ show_filters(int hash) if (rc != 0) return (rc); + if (!hash && chip_id >= 6) { + header = 0; + bzero(&t, sizeof (t)); + t.idx = 0; + t.fs.hash = 0; + t.fs.prio = 1; + for (t.idx = 0; ; t.idx++) { + rc = doit(CHELSIO_T4_GET_FILTER, &t); + if (rc != 0 || t.idx == 0xffffffff) + break; + + if (!header) { + printf("High Priority TCAM Region:\n"); + do_show_info_header(mode); + header = 1; + hpfilter = 1; + } + do_show_one_filter_info(&t, mode); + } + } + + header = 0; + bzero(&t, sizeof (t)); t.idx = 0; t.fs.hash = hash; for (t.idx = 0; ; t.idx++) { @@ -961,11 +983,13 @@ show_filters(int hash) break; if (!header) { + if (hpfilter) + printf("\nNormal Priority TCAM Region:\n"); do_show_info_header(mode); header = 1; } do_show_one_filter_info(&t, mode); - }; + } return (rc); } @@ -1092,10 +1116,11 @@ set_filter_mode(int argc, const char *argv[]) } static int -del_filter(uint32_t idx, int hashfilter) +del_filter(uint32_t idx, int prio, int hashfilter) { struct t4_filter t; + t.fs.prio = prio; t.fs.hash = hashfilter; t.idx = idx; @@ -1225,6 +1250,15 @@ set_filter(uint32_t idx, int argc, const char *argv[], int hash) } else if (!parse_val("hitcnts", args, &val)) { t.fs.hitcnts = val; } else if (!parse_val("prio", args, &val)) { + if (hash) { + warnx("Hashfilters doesn't support \"prio\"\n"); + return (EINVAL); + } + if (val != 0 && val != 1) { + warnx("invalid priority \"%s\"; must be" + " \"0\" or \"1\"", argv[start_arg + 1]); + return (EINVAL); + } t.fs.prio = val; } else if (!parse_val("rpttid", args, &val)) { t.fs.rpttid = 1; @@ -1406,10 +1440,33 @@ filter_cmd(int argc, const char *argv[], int hashfilter) } idx = (uint32_t) val; - /* <idx> delete|clear */ - if (argc == 2 && + /* <idx> delete|clear [prio 0|1] */ + if ((argc == 2 || argc == 4) && (strcmp(argv[1], "delete") == 0 || strcmp(argv[1], "clear") == 0)) { - return del_filter(idx, hashfilter); + int prio = 0; + + if (argc == 4) { + if (hashfilter) { + warnx("stray arguments after \"%s\".", argv[1]); + return (EINVAL); + } + + if (strcmp(argv[2], "prio") != 0) { + warnx("\"prio\" is the only valid keyword " + "after \"%s\", found \"%s\" instead.", + argv[1], argv[2]); + return (EINVAL); + } + + s = str_to_number(argv[3], NULL, &val); + if (*s || val < 0 || val > 1) { + warnx("%s \"%s\"; must be \"0\" or \"1\".", + argv[2], argv[3]); + return (EINVAL); + } + prio = (int)val; + } + return del_filter(idx, prio, hashfilter); } /* skip <idx> */ @@ -2862,15 +2919,20 @@ sched_class(int argc, const char *argv[]) warnx("sched params \"level\" parameter missing"); errs++; } - if (op.u.params.mode < 0) { + if (op.u.params.mode < 0 && + op.u.params.level == SCHED_CLASS_LEVEL_CL_RL) { warnx("sched params \"mode\" parameter missing"); errs++; } - if (op.u.params.rateunit < 0) { + if (op.u.params.rateunit < 0 && + (op.u.params.level == SCHED_CLASS_LEVEL_CL_RL || + op.u.params.level == SCHED_CLASS_LEVEL_CH_RL)) { warnx("sched params \"rate-unit\" parameter missing"); errs++; } - if (op.u.params.ratemode < 0) { + if (op.u.params.ratemode < 0 && + (op.u.params.level == SCHED_CLASS_LEVEL_CL_RL || + op.u.params.level == SCHED_CLASS_LEVEL_CH_RL)) { warnx("sched params \"rate-mode\" parameter missing"); errs++; } @@ -2878,7 +2940,9 @@ sched_class(int argc, const char *argv[]) warnx("sched params \"channel\" missing"); errs++; } - if (op.u.params.cl < 0) { + if (op.u.params.cl < 0 && + (op.u.params.level == SCHED_CLASS_LEVEL_CL_RL || + op.u.params.level == SCHED_CLASS_LEVEL_CL_WRR)) { warnx("sched params \"class\" missing"); errs++; } @@ -2889,15 +2953,14 @@ sched_class(int argc, const char *argv[]) "rate-limit level"); errs++; } - if (op.u.params.weight < 0 && - op.u.params.level == SCHED_CLASS_LEVEL_CL_WRR) { - warnx("sched params \"weight\" missing for " - "weighted-round-robin level"); + if (op.u.params.level == SCHED_CLASS_LEVEL_CL_WRR && + (op.u.params.weight < 1 || op.u.params.weight > 99)) { + warnx("sched params \"weight\" missing or invalid " + "(not 1-99) for weighted-round-robin level"); errs++; } if (op.u.params.pktsize < 0 && - (op.u.params.level == SCHED_CLASS_LEVEL_CL_RL || - op.u.params.level == SCHED_CLASS_LEVEL_CH_RL)) { + op.u.params.level == SCHED_CLASS_LEVEL_CL_RL) { warnx("sched params \"pkt-size\" missing for " "rate-limit level"); errs++; @@ -3551,6 +3614,7 @@ main(int argc, const char *argv[]) } nexus = argv[1]; + chip_id = nexus[1] - '0'; /* progname and nexus */ argc -= 2; diff --git a/usr.sbin/daemon/daemon.8 b/usr.sbin/daemon/daemon.8 index b63994e1a7db..6c4dacc12e82 100644 --- a/usr.sbin/daemon/daemon.8 +++ b/usr.sbin/daemon/daemon.8 @@ -66,7 +66,7 @@ Redirect standard input, standard output and standard error to .It Fl S Enable syslog output. This is implicitly applied if other syslog parameters are provided. -The default values are daemon, notice, and daemon for facility, priority, and +The default values are daemon, notice, and daemon for facility, priority, and tag, respectively. .It Fl o Ar output_file Append output from the daemonized process to @@ -117,7 +117,7 @@ option is used or not. .It Fl r Supervise and restart the program after a one-second delay if it has been terminated. -.It Fl R restart_delay_seconds +.It Fl R Ar restart_delay_seconds Supervise and restart the program after the specified delay if it has been terminated. .It Fl t Ar title diff --git a/usr.sbin/efibootmgr/efibootmgr.8 b/usr.sbin/efibootmgr/efibootmgr.8 index 7d0b3fde1f0c..a169f29fc93a 100644 --- a/usr.sbin/efibootmgr/efibootmgr.8 +++ b/usr.sbin/efibootmgr/efibootmgr.8 @@ -36,7 +36,7 @@ .Op Fl T .Op Fl o Ar bootorder .Op Fl verbose -.Op Fl c -k Ar kernel -l Ar loader [-L Ar label] [--dry-run] +.Op Fl c -k Ar kernel -l Ar loader [-L Ar label] [--dry-run] [-b Bootvar] .Sh "DESCRIPTION" .Nm manipulates how UEFI Boot Managers boot the system. @@ -70,6 +70,9 @@ Create a new Boot Variable The path to and name of the loader. .It Fl k -kernel Ar kernel The path to and name of the kernel. +.It Fl b Bootvar +When creating an entry, use Bootvar as the index. +Fail if it already exists. .It Fl L -label Ar label An optional description for the entry. .It Fl D -dry-run diff --git a/usr.sbin/efibootmgr/efibootmgr.c b/usr.sbin/efibootmgr/efibootmgr.c index bc36df00dcc9..eaf7a1c1903f 100644 --- a/usr.sbin/efibootmgr/efibootmgr.c +++ b/usr.sbin/efibootmgr/efibootmgr.c @@ -82,6 +82,7 @@ typedef struct _bmgr_opts { bool delete_bootnext; bool del_timeout; bool dry_run; + bool has_bootnum; bool once; int cp_src; bool set_active; @@ -170,7 +171,7 @@ set_bootvar(const char *name, uint8_t *data, size_t size) #define USAGE \ " [-aAnNB Bootvar] [-t timeout] [-T] [-o bootorder] [-O] [--verbose] [--help] \n\ - [-c -l loader [-k kernel ] [-L label] [--dry-run]]" + [-c -l loader [-k kernel ] [-L label] [--dry-run] [-b Bootvar]]" #define CREATE_USAGE \ " efibootmgr -c -l loader [-k kernel] [-L label] [--dry-run]" @@ -201,6 +202,10 @@ parse_args(int argc, char *argv[]) opts.set_active = true; opts.bootnum = strtoul(optarg, NULL, 16); break; + case 'b': + opts.has_bootnum = true; + opts.bootnum = strtoul(optarg, NULL, 16); + break; case 'B': opts.delete = true; opts.bootnum = strtoul(optarg, NULL, 16); @@ -266,11 +271,6 @@ parse_args(int argc, char *argv[]) errx(1, "%s",CREATE_USAGE); return; } - if (opts.set_bootnext && !(opts.bootnum)) - errx(1, "%s", BOOTNEXT_USAGE); - - if ((opts.set_active || opts.set_inactive) && !(opts.bootnum)) - errx(1, "%s", ACTIVE_USAGE); if (opts.order && !(opts.order)) errx(1, "%s", ORDER_USAGE); @@ -557,6 +557,22 @@ make_next_boot_var_name(void) return name; } +static char * +make_boot_var_name(uint16_t bootnum) +{ + struct entry *v; + char *name; + + LIST_FOREACH(v, &efivars, entries) { + if (v->idx == bootnum) + return NULL; + } + + asprintf(&name, "%s%04X", "Boot", bootnum); + if (name == NULL) + err(1, "asprintf"); + return name; +} static size_t create_loadopt(uint8_t *buf, size_t bufmax, uint32_t attributes, efidp dp, size_t dp_size, @@ -605,7 +621,8 @@ create_loadopt(uint8_t *buf, size_t bufmax, uint32_t attributes, efidp dp, size_ static int -make_boot_var(const char *label, const char *loader, const char *kernel, const char *env, bool dry_run) +make_boot_var(const char *label, const char *loader, const char *kernel, const char *env, bool dry_run, + int bootnum) { struct entry *new_ent; uint32_t load_attrs = 0; @@ -617,7 +634,10 @@ make_boot_var(const char *label, const char *loader, const char *kernel, const c assert(label != NULL); - bootvar = make_next_boot_var_name(); + if (bootnum == -1) + bootvar = make_next_boot_var_name(); + else + bootvar = make_boot_var_name((uint16_t)bootnum); if (bootvar == NULL) err(1, "bootvar creation"); if (loader == NULL) @@ -894,7 +914,8 @@ main(int argc, char *argv[]) * side effect, adds to boot order, but not yet active. */ make_boot_var(opts.label ? opts.label : "", - opts.loader, opts.kernel, opts.env, opts.dry_run); + opts.loader, opts.kernel, opts.env, opts.dry_run, + opts.has_bootnum ? opts.bootnum : -1); else if (opts.set_active || opts.set_inactive ) handle_activity(opts.bootnum, opts.set_active); else if (opts.order != NULL) diff --git a/usr.sbin/freebsd-update/Makefile b/usr.sbin/freebsd-update/Makefile index c5d4b0014ea6..b64d5c78a88d 100644 --- a/usr.sbin/freebsd-update/Makefile +++ b/usr.sbin/freebsd-update/Makefile @@ -1,5 +1,6 @@ # $FreeBSD$ +CONFS= freebsd-update.conf SCRIPTS=freebsd-update.sh MAN= freebsd-update.8 diff --git a/usr.sbin/freebsd-update/freebsd-update.conf b/usr.sbin/freebsd-update/freebsd-update.conf new file mode 100644 index 000000000000..7f0917053750 --- /dev/null +++ b/usr.sbin/freebsd-update/freebsd-update.conf @@ -0,0 +1,76 @@ +# $FreeBSD$ + +# Trusted keyprint. Changing this is a Bad Idea unless you've received +# a PGP-signed email from <security-officer@FreeBSD.org> telling you to +# change it and explaining why. +KeyPrint 800651ef4b4c71c27e60786d7b487188970f4b4169cc055784e21eb71d410cc5 + +# Server or server pool from which to fetch updates. You can change +# this to point at a specific server if you want, but in most cases +# using a "nearby" server won't provide a measurable improvement in +# performance. +ServerName update.FreeBSD.org + +# Components of the base system which should be kept updated. +Components src world kernel + +# Example for updating the userland and the kernel source code only: +# Components src/base src/sys world + +# Paths which start with anything matching an entry in an IgnorePaths +# statement will be ignored. +IgnorePaths + +# Paths which start with anything matching an entry in an IDSIgnorePaths +# statement will be ignored by "freebsd-update IDS". +IDSIgnorePaths /usr/share/man/cat +IDSIgnorePaths /usr/share/man/whatis +IDSIgnorePaths /var/db/locate.database +IDSIgnorePaths /var/log + +# Paths which start with anything matching an entry in an UpdateIfUnmodified +# statement will only be updated if the contents of the file have not been +# modified by the user (unless changes are merged; see below). +UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile + +# When upgrading to a new FreeBSD release, files which match MergeChanges +# will have any local changes merged into the version from the new release. +MergeChanges /etc/ /boot/device.hints + +### Default configuration options: + +# Directory in which to store downloaded updates and temporary +# files used by FreeBSD Update. +# WorkDir /var/db/freebsd-update + +# Destination to send output of "freebsd-update cron" if an error +# occurs or updates have been downloaded. +# MailTo root + +# Is FreeBSD Update allowed to create new files? +# AllowAdd yes + +# Is FreeBSD Update allowed to delete files? +# AllowDelete yes + +# If the user has modified file ownership, permissions, or flags, should +# FreeBSD Update retain this modified metadata when installing a new version +# of that file? +# KeepModifiedMetadata yes + +# When upgrading between releases, should the list of Components be +# read strictly (StrictComponents yes) or merely as a list of components +# which *might* be installed of which FreeBSD Update should figure out +# which actually are installed and upgrade those (StrictComponents no)? +# StrictComponents no + +# When installing a new kernel perform a backup of the old one first +# so it is possible to boot the old kernel in case of problems. +# BackupKernel yes + +# If BackupKernel is enabled, the backup kernel is saved to this +# directory. +# BackupKernelDir /boot/kernel.old + +# When backing up a kernel also back up debug symbol files? +# BackupKernelSymbolFiles no diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index 0f396a0a3298..6e39b8f31f00 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -3300,7 +3300,7 @@ export PATH=/sbin:/bin:/usr/sbin:/usr/bin:${PATH} # Set a pager if the user doesn't if [ -z "$PAGER" ]; then - PAGER=/usr/bin/more + PAGER=/usr/bin/less fi # Set LC_ALL in order to avoid problems with character ranges like [A-Z]. diff --git a/usr.sbin/fstyp/Makefile b/usr.sbin/fstyp/Makefile index f3fb038ed542..ebdfcc5ab6b5 100644 --- a/usr.sbin/fstyp/Makefile +++ b/usr.sbin/fstyp/Makefile @@ -31,7 +31,6 @@ CFLAGS+= -I${SRCTOP}/cddl/contrib/opensolaris/lib/libnvpair CFLAGS+= -I${SRCTOP}/cddl/contrib/opensolaris/lib/libzpool/common CFLAGS+= -I${SRCTOP}/sys/cddl/contrib/opensolaris/uts/common/fs/zfs CFLAGS+= -I${SRCTOP}/sys/cddl/contrib/opensolaris/uts/common -CFLAGS+= -I${SRCTOP}/sys/cddl/contrib/opensolaris/uts/common/sys CFLAGS+= -I${SRCTOP}/cddl/contrib/opensolaris/head .endif diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8 index 54f6577edab5..f5ea5d1fce75 100644 --- a/usr.sbin/jail/jail.8 +++ b/usr.sbin/jail/jail.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 20, 2018 +.Dd July 30, 2018 .Dt JAIL 8 .Os .Sh NAME @@ -553,6 +553,16 @@ with non-jailed parts of the system. Sockets within a jail are normally restricted to IPv4, IPv6, local (UNIX), and route. This allows access to other protocol stacks that have not had jail functionality added to them. +.It Va allow.mlock +Locking or unlocking physical pages in memory are normally not available +within a jail. +When this parameter is set, users may +.Xr mlock 2 +or +.Xr munlock 2 +memory subject to +.Va security.bsd.unprivileged_mlock +and resource limits. .It Va allow.reserved_ports The jail root may bind to ports lower than 1024. .El @@ -640,6 +650,12 @@ See .Xr zfs 8 for information on how to configure the ZFS filesystem to operate from within a jail. +.It Va allow.vmm +The jail may access +.Xr vmm 4 . +This flag is only available when the +.Xr vmm 4 +kernel module is loaded. .It Va linux Determine how a jail's Linux emulation environment appears. A value of @@ -1284,6 +1300,7 @@ environment of the first jail. .Xr ps 1 , .Xr quota 1 , .Xr jail_set 2 , +.Xr vmm 4 , .Xr devfs 5 , .Xr fdescfs 5 , .Xr jail.conf 5 , diff --git a/usr.sbin/makefs/ffs.c b/usr.sbin/makefs/ffs.c index 6a00c8727c36..61969ef72475 100644 --- a/usr.sbin/makefs/ffs.c +++ b/usr.sbin/makefs/ffs.c @@ -980,7 +980,7 @@ ffs_write_file(union dinode *din, uint32_t ino, void *buf, fsinfo_t *fsopts) errno = bwrite(bp); if (errno != 0) goto bad_ffs_write_file; - brelse(bp, 0); + brelse(bp); if (!isfile) p += chunk; } diff --git a/usr.sbin/makefs/ffs/buf.c b/usr.sbin/makefs/ffs/buf.c index 0ad8058eade2..959734cacddf 100644 --- a/usr.sbin/makefs/ffs/buf.c +++ b/usr.sbin/makefs/ffs/buf.c @@ -93,7 +93,7 @@ bread(struct vnode *vp, daddr_t blkno, int size, struct ucred *u1 __unused, } void -brelse(struct buf *bp, int u1 __unused) +brelse(struct buf *bp) { assert (bp != NULL); diff --git a/usr.sbin/makefs/ffs/buf.h b/usr.sbin/makefs/ffs/buf.h index 84fa384ac98e..3821f14222a2 100644 --- a/usr.sbin/makefs/ffs/buf.h +++ b/usr.sbin/makefs/ffs/buf.h @@ -67,7 +67,7 @@ struct buf { void bcleanup(void); int bread(struct vnode *, daddr_t, int, struct ucred *, struct buf **); -void brelse(struct buf *, int); +void brelse(struct buf *); int bwrite(struct buf *); struct buf * getblk(struct vnode *, daddr_t, int, int, int, int); diff --git a/usr.sbin/makefs/ffs/ffs_alloc.c b/usr.sbin/makefs/ffs/ffs_alloc.c index a9598153c404..88d95d6e5dda 100644 --- a/usr.sbin/makefs/ffs/ffs_alloc.c +++ b/usr.sbin/makefs/ffs/ffs_alloc.c @@ -305,13 +305,13 @@ ffs_alloccg(struct inode *ip, int cg, daddr_t bpref, int size) error = bread(ip->i_devvp, fsbtodb(fs, cgtod(fs, cg)), (int)fs->fs_cgsize, NULL, &bp); if (error) { - brelse(bp, 0); + brelse(bp); return (0); } cgp = (struct cg *)bp->b_data; if (!cg_chkmagic_swap(cgp, needswap) || (cgp->cg_cs.cs_nbfree == 0 && size == fs->fs_bsize)) { - brelse(bp, 0); + brelse(bp); return (0); } if (size == fs->fs_bsize) { @@ -334,7 +334,7 @@ ffs_alloccg(struct inode *ip, int cg, daddr_t bpref, int size) * allocated, and hacked up */ if (cgp->cg_cs.cs_nbfree == 0) { - brelse(bp, 0); + brelse(bp); return (0); } bno = ffs_alloccgblk(ip, bp, bpref); @@ -449,12 +449,12 @@ ffs_blkfree(struct inode *ip, daddr_t bno, long size) error = bread(ip->i_devvp, fsbtodb(fs, cgtod(fs, cg)), (int)fs->fs_cgsize, NULL, &bp); if (error) { - brelse(bp, 0); + brelse(bp); return; } cgp = (struct cg *)bp->b_data; if (!cg_chkmagic_swap(cgp, needswap)) { - brelse(bp, 0); + brelse(bp); return; } cgbno = dtogd(fs, bno); diff --git a/usr.sbin/makefs/ffs/ffs_balloc.c b/usr.sbin/makefs/ffs/ffs_balloc.c index aad9e43c1512..d56ed061457b 100644 --- a/usr.sbin/makefs/ffs/ffs_balloc.c +++ b/usr.sbin/makefs/ffs/ffs_balloc.c @@ -138,7 +138,7 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) error = bread(ip->i_devvp, lbn, fs->fs_bsize, NULL, bpp); if (error) { - brelse(*bpp, 0); + brelse(*bpp); return (error); } } @@ -164,7 +164,7 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) error = bread(ip->i_devvp, lbn, osize, NULL, bpp); if (error) { - brelse(*bpp, 0); + brelse(*bpp); return (error); } } @@ -250,7 +250,7 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) error = bread(ip->i_devvp, indirs[i].in_lbn, fs->fs_bsize, NULL, &bp); if (error) { - brelse(bp, 0); + brelse(bp); return error; } bap = (int32_t *)bp->b_data; @@ -259,14 +259,14 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) break; i++; if (nb != 0) { - brelse(bp, 0); + brelse(bp); continue; } if (pref == 0) pref = ffs_blkpref_ufs1(ip, lbn, 0, (int32_t *)0); error = ffs_alloc(ip, lbn, pref, (int)fs->fs_bsize, &newb); if (error) { - brelse(bp, 0); + brelse(bp); return error; } nb = newb; @@ -280,7 +280,7 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) */ if ((error = bwrite(nbp)) != 0) { - brelse(bp, 0); + brelse(bp); return error; } bap[indirs[i - 1].in_off] = ufs_rw32(nb, needswap); @@ -296,7 +296,7 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) pref = ffs_blkpref_ufs1(ip, lbn, indirs[num].in_off, &bap[0]); error = ffs_alloc(ip, lbn, pref, (int)fs->fs_bsize, &newb); if (error) { - brelse(bp, 0); + brelse(bp); return error; } nb = newb; @@ -316,11 +316,11 @@ ffs_balloc_ufs1(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) bwrite(bp); return (0); } - brelse(bp, 0); + brelse(bp); if (bpp != NULL) { error = bread(ip->i_devvp, lbn, (int)fs->fs_bsize, NULL, &nbp); if (error) { - brelse(nbp, 0); + brelse(nbp); return error; } *bpp = nbp; @@ -389,7 +389,7 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) error = bread(ip->i_devvp, lbn, fs->fs_bsize, NULL, bpp); if (error) { - brelse(*bpp, 0); + brelse(*bpp); return (error); } } @@ -415,7 +415,7 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) error = bread(ip->i_devvp, lbn, osize, NULL, bpp); if (error) { - brelse(*bpp, 0); + brelse(*bpp); return (error); } } @@ -501,7 +501,7 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) error = bread(ip->i_devvp, indirs[i].in_lbn, fs->fs_bsize, NULL, &bp); if (error) { - brelse(bp, 0); + brelse(bp); return error; } bap = (int64_t *)bp->b_data; @@ -510,14 +510,14 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) break; i++; if (nb != 0) { - brelse(bp, 0); + brelse(bp); continue; } if (pref == 0) pref = ffs_blkpref_ufs2(ip, lbn, 0, (int64_t *)0); error = ffs_alloc(ip, lbn, pref, (int)fs->fs_bsize, &newb); if (error) { - brelse(bp, 0); + brelse(bp); return error; } nb = newb; @@ -531,7 +531,7 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) */ if ((error = bwrite(nbp)) != 0) { - brelse(bp, 0); + brelse(bp); return error; } bap[indirs[i - 1].in_off] = ufs_rw64(nb, needswap); @@ -547,7 +547,7 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) pref = ffs_blkpref_ufs2(ip, lbn, indirs[num].in_off, &bap[0]); error = ffs_alloc(ip, lbn, pref, (int)fs->fs_bsize, &newb); if (error) { - brelse(bp, 0); + brelse(bp); return error; } nb = newb; @@ -567,11 +567,11 @@ ffs_balloc_ufs2(struct inode *ip, off_t offset, int bufsize, struct buf **bpp) bwrite(bp); return (0); } - brelse(bp, 0); + brelse(bp); if (bpp != NULL) { error = bread(ip->i_devvp, lbn, (int)fs->fs_bsize, NULL, &nbp); if (error) { - brelse(nbp, 0); + brelse(nbp); return error; } *bpp = nbp; diff --git a/usr.sbin/makefs/msdos.c b/usr.sbin/makefs/msdos.c index fd19ced4f6b8..b445f146ae06 100644 --- a/usr.sbin/makefs/msdos.c +++ b/usr.sbin/makefs/msdos.c @@ -75,7 +75,7 @@ msdos_prep_opts(fsinfo_t *fsopts) { struct msdos_options_ex *msdos_opt = ecalloc(1, sizeof(*msdos_opt)); const option_t msdos_options[] = { -#define AOPT(_opt, _type, _name, _min, _desc) { \ +#define AOPT(_opt, _type, _name, _min, _desc) { \ .letter = _opt, \ .name = # _name, \ .type = _min == -1 ? OPT_STRPTR : \ @@ -91,7 +91,7 @@ msdos_prep_opts(fsinfo_t *fsopts) .desc = _desc, \ }, ALLOPTS -#undef AOPT +#undef AOPT { 'U', "utf8", &msdos_opt->utf8, OPT_BOOL, 0, 1, "Use UTF8 names" }, { .name = NULL } @@ -169,7 +169,7 @@ msdos_makefs(const char *image, const char *dir, fsnode *root, fsinfo_t *fsopts) fsopts->sectorsize = msdos_opt->options.bytes_per_sector; } else if (fsopts->sectorsize != msdos_opt->options.bytes_per_sector) { err(1, "inconsistent sectorsize -S %u" - "!= -o bytes_per_sector %u", + "!= -o bytes_per_sector %u", fsopts->sectorsize, msdos_opt->options.bytes_per_sector); } @@ -223,8 +223,8 @@ msdos_populate_dir(const char *path, struct denode *dir, fsnode *root, assert(dir != NULL); assert(root != NULL); - assert(fsopts != NULL); - + assert(fsopts != NULL); + for (cur = root->next; cur != NULL; cur = cur->next) { if ((size_t)snprintf(pbuf, sizeof(pbuf), "%s/%s", path, cur->name) >= sizeof(pbuf)) { diff --git a/usr.sbin/makefs/msdos/msdosfs_denode.c b/usr.sbin/makefs/msdos/msdosfs_denode.c index 42469447b4ba..79f5aad172ed 100644 --- a/usr.sbin/makefs/msdos/msdosfs_denode.c +++ b/usr.sbin/makefs/msdos/msdosfs_denode.c @@ -160,7 +160,7 @@ deget(struct msdosfsmount *pmp, u_long dirclust, u_long diroffset, return (error); } DE_INTERNALIZE(ldep, direntptr); - brelse(bp, 0); + brelse(bp); } /* diff --git a/usr.sbin/makefs/msdos/msdosfs_vfsops.c b/usr.sbin/makefs/msdos/msdosfs_vfsops.c index be15d535bf38..06aaa330e2ef 100644 --- a/usr.sbin/makefs/msdos/msdosfs_vfsops.c +++ b/usr.sbin/makefs/msdos/msdosfs_vfsops.c @@ -108,7 +108,7 @@ msdosfs_mount(struct vnode *devvp, int flags) if (!(flags & MSDOSFSMNT_GEMDOSFS)) { if (bsp->bs50.bsBootSectSig0 != BOOTSIG0 || bsp->bs50.bsBootSectSig1 != BOOTSIG1) { - DPRINTF(("bootsig0 %d bootsig1 %d\n", + DPRINTF(("bootsig0 %d bootsig1 %d\n", bsp->bs50.bsBootSectSig0, bsp->bs50.bsBootSectSig1)); error = EINVAL; @@ -142,10 +142,10 @@ msdosfs_mount(struct vnode *devvp, int flags) pmp->pm_SecPerTrack, pmp->pm_Heads, pmp->pm_Media)); if (!(flags & MSDOSFSMNT_GEMDOSFS)) { /* XXX - We should probably check more values here */ - if (!pmp->pm_BytesPerSec || !SecPerClust - || pmp->pm_SecPerTrack > 63) { + if (!pmp->pm_BytesPerSec || !SecPerClust + || pmp->pm_SecPerTrack > 63) { DPRINTF(("bytespersec %d secperclust %d " - "secpertrack %d\n", + "secpertrack %d\n", pmp->pm_BytesPerSec, SecPerClust, pmp->pm_SecPerTrack)); error = EINVAL; @@ -317,7 +317,7 @@ msdosfs_mount(struct vnode *devvp, int flags) * must be a power of 2 */ if (pmp->pm_bpcluster ^ (1 << pmp->pm_cnshift)) { - DPRINTF(("bpcluster %lu cnshift %lu\n", + DPRINTF(("bpcluster %lu cnshift %lu\n", pmp->pm_bpcluster, pmp->pm_cnshift)); error = EINVAL; goto error_exit; @@ -326,7 +326,7 @@ msdosfs_mount(struct vnode *devvp, int flags) /* * Release the bootsector buffer. */ - brelse(bp, BC_AGE); + brelse(bp); bp = NULL; /* @@ -353,7 +353,7 @@ msdosfs_mount(struct vnode *devvp, int flags) pmp->pm_nxtfree = getulong(fp->fsinxtfree); else pmp->pm_fsinfo = 0; - brelse(bp, 0); + brelse(bp); bp = NULL; } diff --git a/usr.sbin/makefs/msdos/msdosfs_vnops.c b/usr.sbin/makefs/msdos/msdosfs_vnops.c index 20a81c9cd37d..6b32380168a5 100644 --- a/usr.sbin/makefs/msdos/msdosfs_vnops.c +++ b/usr.sbin/makefs/msdos/msdosfs_vnops.c @@ -101,7 +101,7 @@ msdosfs_times(struct msdosfsmount *pmp, struct denode *dep, struct timespec at; struct timespec mt; - if (stampst.st_ino) + if (stampst.st_ino) st = &stampst; #ifndef HAVE_NBTOOL_CONFIG_H @@ -133,7 +133,7 @@ msdosfs_times(struct msdosfsmount *pmp, struct denode *dep, * memory denode's will be in synch. */ static int -msdosfs_findslot(struct denode *dp, struct componentname *cnp) +msdosfs_findslot(struct denode *dp, struct componentname *cnp) { daddr_t bn; int error; @@ -230,7 +230,7 @@ msdosfs_findslot(struct denode *dp, struct componentname *cnp) slotoffset = diroff; } if (dep->deName[0] == SLOT_EMPTY) { - brelse(bp, 0); + brelse(bp); goto notfound; } } else { @@ -291,7 +291,7 @@ msdosfs_findslot(struct denode *dp, struct componentname *cnp) * Release the buffer holding the directory cluster just * searched. */ - brelse(bp, 0); + brelse(bp); } /* for (frcn = 0; ; frcn++) */ notfound: @@ -494,7 +494,7 @@ msdosfs_wfile(const char *path, struct denode *dep, fsnode *node) 0, &bp)) != 0) { DPRINTF(("bread %d\n", error)); goto out; - } + } cpsize = MIN((nsize - offs), blsize - on); memcpy((char *)bp->b_data + on, dat + offs, cpsize); bwrite(bp); diff --git a/usr.sbin/mergemaster/mergemaster.8 b/usr.sbin/mergemaster/mergemaster.8 index 329e74d090d2..b37b173d3c67 100644 --- a/usr.sbin/mergemaster/mergemaster.8 +++ b/usr.sbin/mergemaster/mergemaster.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 6, 2017 +.Dd August 8, 2018 .Dt MERGEMASTER 8 .Os .Sh NAME @@ -299,7 +299,7 @@ utility uses the .Ev PAGER environment variable if set. Otherwise it uses -.Xr more 1 . +.Xr less 1 . If .Ev PAGER specifies a program outside @@ -451,7 +451,7 @@ comparison, use: .Sh SEE ALSO .Xr diff 1 , .Xr make 1 , -.Xr more 1 , +.Xr less 1 , .Xr sdiff 1 , .Xr pwd_mkdb 8 .Pp diff --git a/usr.sbin/mergemaster/mergemaster.sh b/usr.sbin/mergemaster/mergemaster.sh index 8561503a6d19..31904e8efa09 100755 --- a/usr.sbin/mergemaster/mergemaster.sh +++ b/usr.sbin/mergemaster/mergemaster.sh @@ -426,19 +426,19 @@ check_pager () { echo '' echo " or you may type an absolute path to PAGER for this run" echo '' - echo " Default is to use plain old 'more' " + echo " Default is to use 'less' " echo '' - echo -n "What should I do? [Use 'more'] " + echo -n "What should I do? [Use 'less'] " read FIXPAGER case "${FIXPAGER}" in [eE]) exit 0 ;; - [lL]) + [lL]|'') PAGER=less ;; - [mM]|'') + [mM]) PAGER=more ;; /*) @@ -458,11 +458,11 @@ check_pager () { esac # If user has a pager defined, or got assigned one above, use it. -# If not, use more. +# If not, use less. # -PAGER=${PAGER:-more} +PAGER=${PAGER:-less} -if [ -n "${VERBOSE}" -a ! "${PAGER}" = "more" ]; then +if [ -n "${VERBOSE}" -a ! "${PAGER}" = "less" ]; then echo " *** You have ${PAGER} defined as your pager so we will use that" echo '' sleep 3 @@ -1127,7 +1127,7 @@ for COMPFILE in `find . -type f | sort`; do else # Ok, the files are different, so show the user where they differ. # Use user's choice of diff methods; and user's pager if they have one. - # Use more if not. + # Use less if not. # Use unified diffs by default. Context diffs give me a headache. :) # # If the user chose the -F option, test for that before proceeding diff --git a/usr.sbin/newsyslog/Makefile b/usr.sbin/newsyslog/Makefile index 6a06941eb497..7e9da95d5226 100644 --- a/usr.sbin/newsyslog/Makefile +++ b/usr.sbin/newsyslog/Makefile @@ -5,6 +5,7 @@ PROG= newsyslog MAN= newsyslog.8 newsyslog.conf.5 SRCS= newsyslog.c ptimes.c +LIBADD= sbuf HAS_TESTS= SUBDIR.${MK_TESTS}+= tests diff --git a/usr.sbin/newsyslog/newsyslog.c b/usr.sbin/newsyslog/newsyslog.c index c45c89f0f727..cd97b373f55e 100644 --- a/usr.sbin/newsyslog/newsyslog.c +++ b/usr.sbin/newsyslog/newsyslog.c @@ -60,6 +60,7 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> #include <sys/queue.h> +#include <sys/sbuf.h> #include <sys/stat.h> #include <sys/wait.h> @@ -87,27 +88,6 @@ __FBSDID("$FreeBSD$"); #include "extern.h" /* - * Compression suffixes - */ -#ifndef COMPRESS_SUFFIX_GZ -#define COMPRESS_SUFFIX_GZ ".gz" -#endif - -#ifndef COMPRESS_SUFFIX_BZ2 -#define COMPRESS_SUFFIX_BZ2 ".bz2" -#endif - -#ifndef COMPRESS_SUFFIX_XZ -#define COMPRESS_SUFFIX_XZ ".xz" -#endif - -#ifndef COMPRESS_SUFFIX_ZST -#define COMPRESS_SUFFIX_ZST ".zst" -#endif - -#define COMPRESS_SUFFIX_MAXLEN MAX(MAX(sizeof(COMPRESS_SUFFIX_GZ),sizeof(COMPRESS_SUFFIX_BZ2)),sizeof(COMPRESS_SUFFIX_XZ)) - -/* * Compression types */ #define COMPRESS_TYPES 5 /* Number of supported compression types */ @@ -133,8 +113,7 @@ __FBSDID("$FreeBSD$"); #define CE_NODUMP 0x0200 /* Set 'nodump' on newly created log file. */ #define CE_PID2CMD 0x0400 /* Replace PID file with a shell command.*/ #define CE_PLAIN0 0x0800 /* Do not compress zero'th history file */ - -#define CE_RFC5424 0x0800 /* Use RFC5424 format rotation message */ +#define CE_RFC5424 0x1000 /* Use RFC5424 format rotation message */ #define MIN_PID 5 /* Don't touch pids lower than this */ #define MAX_PID 99999 /* was lower, see /usr/include/sys/proc.h */ @@ -152,24 +131,21 @@ struct compress_types { const char *flag; /* Flag in configuration file */ const char *suffix; /* Compression suffix */ const char *path; /* Path to compression program */ - char **args; /* Compression program arguments */ + const char **flags; /* Compression program flags */ + int nflags; /* Program flags count */ }; -static char f_arg[] = "-f"; -static char q_arg[] = "-q"; -static char rm_arg[] = "--rm"; -static char *gz_args[] ={ NULL, f_arg, NULL, NULL }; -#define bzip2_args gz_args -#define xz_args gz_args -static char *zstd_args[] = { NULL, q_arg, rm_arg, NULL, NULL }; +static const char *gzip_flags[] = { "-f" }; +#define bzip2_flags gzip_flags +#define xz_flags gzip_flags +static const char *zstd_flags[] = { "-q", "--rm" }; -#define ARGS_NUM 4 static const struct compress_types compress_type[COMPRESS_TYPES] = { - { "", "", "", NULL}, /* none */ - { "Z", COMPRESS_SUFFIX_GZ, _PATH_GZIP, gz_args}, /* gzip */ - { "J", COMPRESS_SUFFIX_BZ2, _PATH_BZIP2, bzip2_args}, /* bzip2 */ - { "X", COMPRESS_SUFFIX_XZ, _PATH_XZ, xz_args }, /* xz */ - { "Y", COMPRESS_SUFFIX_ZST, _PATH_ZSTD, zstd_args } /* zst */ + { "", "", "", NULL, 0 }, + { "Z", ".gz", _PATH_GZIP, gzip_flags, nitems(gzip_flags) }, + { "J", ".bz2", _PATH_BZIP2, bzip2_flags, nitems(bzip2_flags) }, + { "X", ".xz", _PATH_XZ, xz_flags, nitems(xz_flags) }, + { "Y", ".zst", _PATH_ZSTD, zstd_flags, nitems(zstd_flags) } }; struct conf_entry { @@ -2021,52 +1997,18 @@ do_sigwork(struct sigwork_entry *swork) static void do_zipwork(struct zipwork_entry *zwork) { - const char *pgm_name, *pgm_path; - int errsav, fcount, zstatus; + const struct compress_types *ct; + struct sbuf *command; pid_t pidzip, wpid; - char zresult[MAXPATHLEN]; - char command[BUFSIZ]; - char **args; - int c; + int c, errsav, fcount, zstatus; + const char **args, *pgm_name, *pgm_path; + char *zresult; + command = NULL; assert(zwork != NULL); - pgm_path = NULL; - strlcpy(zresult, zwork->zw_fname, sizeof(zresult)); - args = calloc(ARGS_NUM, sizeof(*args)); - if (args == NULL) - err(1, "calloc()"); - if (zwork->zw_conf != NULL && - zwork->zw_conf->compress > COMPRESS_NONE) - for (c = 1; c < COMPRESS_TYPES; c++) { - if (zwork->zw_conf->compress == c) { - pgm_path = compress_type[c].path; - (void) strlcat(zresult, - compress_type[c].suffix, sizeof(zresult)); - /* the first argument is always NULL, skip it */ - for (c = 1; c < ARGS_NUM; c++) { - if (compress_type[c].args[c] == NULL) - break; - args[c] = compress_type[c].args[c]; - } - break; - } - } - if (pgm_path == NULL) { - warnx("invalid entry for %s in do_zipwork", zwork->zw_fname); - return; - } - pgm_name = strrchr(pgm_path, '/'); - if (pgm_name == NULL) - pgm_name = pgm_path; - else - pgm_name++; - - args[0] = strdup(pgm_name); - if (args[0] == NULL) - err(1, "strdup()"); - for (c = 0; args[c] != NULL; c++) - ; - args[c] = zwork->zw_fname; + assert(zwork->zw_conf != NULL); + assert(zwork->zw_conf->compress > COMPRESS_NONE); + assert(zwork->zw_conf->compress < COMPRESS_TYPES); if (zwork->zw_swork != NULL && zwork->zw_swork->sw_runcmd == 0 && zwork->zw_swork->sw_pidok <= 0) { @@ -2077,20 +2019,54 @@ do_zipwork(struct zipwork_entry *zwork) return; } - strlcpy(command, pgm_path, sizeof(command)); + ct = &compress_type[zwork->zw_conf->compress]; + + /* + * execv will be called with the array [ program, flags ... , + * filename, NULL ] so allocate nflags+3 elements for the array. + */ + args = calloc(ct->nflags + 3, sizeof(*args)); + if (args == NULL) + err(1, "calloc"); + + pgm_path = ct->path; + pgm_name = strrchr(pgm_path, '/'); + if (pgm_name == NULL) + pgm_name = pgm_path; + else + pgm_name++; + + /* Build the argument array. */ + args[0] = pgm_name; + for (c = 0; c < ct->nflags; c++) + args[c + 1] = ct->flags[c]; + args[c + 1] = zwork->zw_fname; + + /* Also create a space-delimited version if we need to print it. */ + if ((command = sbuf_new_auto()) == NULL) + errx(1, "sbuf_new"); + sbuf_cpy(command, pgm_path); for (c = 1; args[c] != NULL; c++) { - strlcat(command, " ", sizeof(command)); - strlcat(command, args[c], sizeof(command)); + sbuf_putc(command, ' '); + sbuf_cat(command, args[c]); } + if (sbuf_finish(command) == -1) + err(1, "sbuf_finish"); + + /* Determine the filename of the compressed file. */ + asprintf(&zresult, "%s%s", zwork->zw_fname, ct->suffix); + if (zresult == NULL) + errx(1, "asprintf"); + + if (verbose) + printf("Executing: %s\n", sbuf_data(command)); + if (noaction) { printf("\t%s %s\n", pgm_name, zwork->zw_fname); change_attrs(zresult, zwork->zw_conf); - return; + goto out; } - if (verbose) { - printf("Executing: %s\n", command); - } fcount = 1; pidzip = fork(); while (pidzip < 0) { @@ -2108,34 +2084,34 @@ do_zipwork(struct zipwork_entry *zwork) } if (!pidzip) { /* The child process executes the compression command */ - execv(pgm_path, (char *const*) args); - err(1, "execv(`%s')", command); + execv(pgm_path, __DECONST(char *const*, args)); + err(1, "execv(`%s')", sbuf_data(command)); } wpid = waitpid(pidzip, &zstatus, 0); if (wpid == -1) { /* XXX - should this be a fatal error? */ warn("%s: waitpid(%d)", pgm_path, pidzip); - return; + goto out; } if (!WIFEXITED(zstatus)) { - warnx("`%s' did not terminate normally", command); - free(args[0]); - free(args); - return; + warnx("`%s' did not terminate normally", sbuf_data(command)); + goto out; } if (WEXITSTATUS(zstatus)) { - warnx("`%s' terminated with a non-zero status (%d)", command, - WEXITSTATUS(zstatus)); - free(args[0]); - free(args); - return; + warnx("`%s' terminated with a non-zero status (%d)", + sbuf_data(command), WEXITSTATUS(zstatus)); + goto out; } - free(args[0]); - free(args); /* Compression was successful, set file attributes on the result. */ change_attrs(zresult, zwork->zw_conf); + +out: + if (command != NULL) + sbuf_delete(command); + free(args); + free(zresult); } /* @@ -2442,8 +2418,18 @@ age_old_log(const char *file) { struct stat sb; const char *logfile_suffix; - char tmp[MAXPATHLEN + sizeof(".0") + COMPRESS_SUFFIX_MAXLEN + 1]; + static unsigned int suffix_maxlen = 0; + char *tmp; time_t mtime; + int c; + + if (suffix_maxlen == 0) { + for (c = 0; c < COMPRESS_TYPES; c++) + suffix_maxlen = MAX(suffix_maxlen, + strlen(compress_type[c].suffix)); + } + + tmp = alloca(MAXPATHLEN + sizeof(".0") + suffix_maxlen + 1); if (archtodir) { char *p; diff --git a/usr.sbin/newsyslog/tests/legacy_test.sh b/usr.sbin/newsyslog/tests/legacy_test.sh index 24791ecda256..853f68392110 100644 --- a/usr.sbin/newsyslog/tests/legacy_test.sh +++ b/usr.sbin/newsyslog/tests/legacy_test.sh @@ -451,7 +451,7 @@ tests_rfc5424() { tmpdir_clean } -echo 1..128 +echo 1..180 mkdir -p ${TMPDIR} cd ${TMPDIR} @@ -498,6 +498,12 @@ tests_normal_rotate ".gz" echo "$LOGFPATH 640 3 * @T00 NCJ" > newsyslog.conf tests_normal_rotate ".bz2" +echo "$LOGFPATH 640 3 * @T00 NCX" > newsyslog.conf +tests_normal_rotate ".xz" + +echo "$LOGFPATH 640 3 * @T00 NCY" > newsyslog.conf +tests_normal_rotate ".zst" + # Normal, archive dir echo "$LOGFPATH 640 3 * @T00 NC" > newsyslog.conf tests_normal_rotate "" "${TMPDIR}/alog/" @@ -508,6 +514,12 @@ tests_normal_rotate ".gz" "${TMPDIR}/alog/" echo "$LOGFPATH 640 3 * @T00 NCJ" > newsyslog.conf tests_normal_rotate ".bz2" "${TMPDIR}/alog/" +echo "$LOGFPATH 640 3 * @T00 NCX" > newsyslog.conf +tests_normal_rotate ".xz" "${TMPDIR}/alog/" + +echo "$LOGFPATH 640 3 * @T00 NCY" > newsyslog.conf +tests_normal_rotate ".zst" "${TMPDIR}/alog/" + # Time based, no archive dir echo "$LOGFPATH 640 3 * @T00 NC" > newsyslog.conf tests_time_rotate @@ -518,6 +530,12 @@ tests_time_rotate "gz" "" echo "$LOGFPATH 640 3 * @T00 NCJ" > newsyslog.conf tests_time_rotate "bz2" "" +echo "$LOGFPATH 640 3 * @T00 NCX" > newsyslog.conf +tests_time_rotate "xz" "" + +echo "$LOGFPATH 640 3 * @T00 NCY" > newsyslog.conf +tests_time_rotate "zst" "" + # Time based, archive dir echo "$LOGFPATH 640 3 * @T00 NC" > newsyslog.conf tests_time_rotate "" "${TMPDIR}/alog/" @@ -528,6 +546,12 @@ tests_time_rotate "gz" "${TMPDIR}/alog/" echo "$LOGFPATH 640 3 * @T00 NCJ" > newsyslog.conf tests_time_rotate "bz2" "${TMPDIR}/alog/" +echo "$LOGFPATH 640 3 * @T00 NCX" > newsyslog.conf +tests_time_rotate "xz" "${TMPDIR}/alog/" + +echo "$LOGFPATH 640 3 * @T00 NCY" > newsyslog.conf +tests_time_rotate "zst" "${TMPDIR}/alog/" + # RFC-5424; Normal, no archive dir echo "$LOGFPATH5424 640 3 * @T00 NCT" > newsyslog.conf echo "$LOGFPATH 640 3 * @T00 NC" >> newsyslog.conf diff --git a/usr.sbin/nfsd/Makefile b/usr.sbin/nfsd/Makefile index 147a056cc0d7..592a1e429cc7 100644 --- a/usr.sbin/nfsd/Makefile +++ b/usr.sbin/nfsd/Makefile @@ -2,6 +2,6 @@ # $FreeBSD$ PROG= nfsd -MAN= nfsd.8 nfsv4.4 stablerestart.5 pnfs.4 +MAN= nfsd.8 nfsv4.4 stablerestart.5 pnfs.4 pnfsserver.4 .include <bsd.prog.mk> diff --git a/usr.sbin/nfsd/nfsd.8 b/usr.sbin/nfsd/nfsd.8 index d2b993ee38d5..6e5157bae969 100644 --- a/usr.sbin/nfsd/nfsd.8 +++ b/usr.sbin/nfsd/nfsd.8 @@ -28,7 +28,7 @@ .\" @(#)nfsd.8 8.4 (Berkeley) 3/29/95 .\" $FreeBSD$ .\" -.Dd June 30, 2018 +.Dd August 5, 2018 .Dt NFSD 8 .Os .Sh NAME @@ -117,15 +117,10 @@ The .Ar pnfs_setup string is a set of fields separated by ',' characters: .Bl -tag -width Ds -Each of these fields specifies one Data Server. +Each of these fields specifies one DS. It consists of a server hostname, followed by a ':' and the directory path where the DS's data storage file system is mounted on this MDS server. -At this time, only IPv4 addresses are supported by the interface to the kernel, -so the -.Dq server hostname -must resolve to an IPv4 address and support mounts on that address. -This needs to be extended to support IPv6 addresses in the near future. This can optionally be followed by a '#' and the mds_path, which is the directory path for an exported file system on this MDS. If this is specified, it means that this DS is to be used to store data @@ -161,6 +156,18 @@ data files for and nfsv4-data1 will be used to store data files for .Dq /export2 . .El +.sp +When using IPv6 addresses for DSs +be wary of using link local addresses. +The IPv6 address for the DS is sent to the client and there is no scope +zone in it. +As such, a link local address may not work for a pNFS client to DS +TCP connection. +When parsed, +.Nm +will only use a link local address if it is the only address returned by +.Xr getaddrinfo 3 +for the DS hostname. .It Fl m Ar mirror_level This option is only meaningful when used with the .Fl p @@ -306,6 +313,7 @@ just do a .Xr nfssvc 2 , .Xr nfsv4 4 , .Xr pnfs 4 , +.Xr pnfsserver 4 , .Xr exports 5 , .Xr stablerestart 5 , .Xr gssd 8 , diff --git a/usr.sbin/nfsd/nfsd.c b/usr.sbin/nfsd/nfsd.c index c6a14ae6b894..2414ba8d7b85 100644 --- a/usr.sbin/nfsd/nfsd.c +++ b/usr.sbin/nfsd/nfsd.c @@ -1179,14 +1179,16 @@ backup_stable(__unused int signo) static void parse_dsserver(const char *optionarg, struct nfsd_nfsd_args *nfsdargp) { - char *ad, *cp, *cp2, *dsaddr, *dshost, *dspath, *dsvol, nfsprt[9]; - char *mdspath, *mdsp; + char *cp, *cp2, *dsaddr, *dshost, *dspath, *dsvol, nfsprt[9]; + char *mdspath, *mdsp, ip6[INET6_ADDRSTRLEN]; + const char *ad; int ecode; u_int adsiz, dsaddrcnt, dshostcnt, dspathcnt, hostsiz, pathsiz; u_int mdspathcnt; size_t dsaddrsiz, dshostsiz, dspathsiz, nfsprtsiz, mdspathsiz; - struct addrinfo hints, *ai_tcp; + struct addrinfo hints, *ai_tcp, *res; struct sockaddr_in sin; + struct sockaddr_in6 sin6; cp = strdup(optionarg); if (cp == NULL) @@ -1275,22 +1277,55 @@ parse_dsserver(const char *optionarg, struct nfsd_nfsd_args *nfsdargp) /* Get the fully qualified domain name and IP address. */ memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - hints.ai_family = AF_INET; + hints.ai_flags = AI_CANONNAME | AI_ADDRCONFIG; + hints.ai_family = PF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; ecode = getaddrinfo(cp, NULL, &hints, &ai_tcp); if (ecode != 0) err(1, "getaddrinfo pnfs: %s %s", cp, gai_strerror(ecode)); - if (ai_tcp->ai_addr->sa_family != AF_INET || - ai_tcp->ai_addrlen < sizeof(sin)) - err(1, "getaddrinfo() returned non-INET address"); - /* Mips cares about sockaddr_in alignment, so copy the addr. */ - memcpy(&sin, ai_tcp->ai_addr, sizeof(sin)); + ad = NULL; + for (res = ai_tcp; res != NULL; res = res->ai_next) { + if (res->ai_addr->sa_family == AF_INET) { + if (res->ai_addrlen < sizeof(sin)) + err(1, "getaddrinfo() returned " + "undersized IPv4 address"); + /* + * Mips cares about sockaddr_in alignment, + * so copy the address. + */ + memcpy(&sin, res->ai_addr, sizeof(sin)); + ad = inet_ntoa(sin.sin_addr); + break; + } else if (res->ai_family == AF_INET6) { + if (res->ai_addrlen < sizeof(sin6)) + err(1, "getaddrinfo() returned " + "undersized IPv6 address"); + /* + * Mips cares about sockaddr_in6 alignment, + * so copy the address. + */ + memcpy(&sin6, res->ai_addr, sizeof(sin6)); + ad = inet_ntop(AF_INET6, &sin6.sin6_addr, ip6, + sizeof(ip6)); + + /* + * XXX + * Since a link local address will only + * work if the client and DS are in the + * same scope zone, only use it if it is + * the only address. + */ + if (ad != NULL && + !IN6_IS_ADDR_LINKLOCAL(&sin6.sin6_addr)) + break; + } + } + if (ad == NULL) + err(1, "No IP address for %s", cp); /* Append this address to dsaddr. */ - ad = inet_ntoa(sin.sin_addr); adsiz = strlen(ad); if (dsaddrcnt + adsiz + nfsprtsiz + 1 > dsaddrsiz) { dsaddrsiz *= 2; diff --git a/usr.sbin/nfsd/pnfs.4 b/usr.sbin/nfsd/pnfs.4 index ea822198bf38..d63775bcc662 100644 --- a/usr.sbin/nfsd/pnfs.4 +++ b/usr.sbin/nfsd/pnfs.4 @@ -23,7 +23,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 10, 2018 +.Dd August 5, 2018 .Dt PNFS 4 .Os .Sh NAME @@ -159,13 +159,11 @@ After a disabled mirrored DS is repaired, it is possible to recover the DS as a mirror while the pNFS service continues to function. .Pp See -.Bd -literal -offset indent -http://people.freebsd.org/~rmacklem/pnfs-planb-setup.txt -.Ed -.sp +.Xr pnfsserver 4 for information on how to set up a FreeBSD pNFS service. .Sh SEE ALSO .Xr nfsv4 4 , +.Xr pnfsserver 4 , .Xr exports 5 , .Xr fstab 5 , .Xr rc.conf 5 , diff --git a/usr.sbin/nfsd/pnfsserver.4 b/usr.sbin/nfsd/pnfsserver.4 new file mode 100644 index 000000000000..9d5960cf2603 --- /dev/null +++ b/usr.sbin/nfsd/pnfsserver.4 @@ -0,0 +1,414 @@ +.\" Copyright (c) 2018 Rick Macklem +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd August 8, 2018 +.Dt PNFSSERVER 4 +.Os +.Sh NAME +.Nm pNFSserver +.Nd NFS Version 4.1 Parallel NFS Protocol Server +.Sh DESCRIPTION +A set of FreeBSD servers may be configured to provide a +.Xr pnfs 4 +service. +One FreeBSD system needs to be configured as a MetaData Server (MDS) and +at least one additional FreeBSD system needs to be configured as one or +more Data Servers (DS)s. +.Pp +These FreeBSD systems are configured to be NFSv4.1 servers, see +.Xr nfsd 8 +and +.Xr exports 5 +if you are not familiar with configuring a NFSv4.1 server. +.Sh DS server configuration +The DS(s) need to be configured as NFSv4.1 server(s), with a top level exported +directory used for storage of data files. +This directory must be owned by +.Dq root +and would normally have a mode of +.Dq 700 . +Within this directory there needs to be additional directories named +ds0,...,dsN (where N is 19 by default) also owned by +.Dq root +with mode +.Dq 700 . +These are the directories where the data files are stored. +The following command can be run by root when in the top level exported +directory to create these subdirectories. +.Bd -literal -offset indent +jot -w ds 20 0 | xargs mkdir -m 700 +.Ed +.sp +Note that +.Dq 20 +is the default and can be set to a larger value on the MDS as shown below. +.sp +The top level exported directory used for storage of data files must be +exported to the MDS with the +.Dq maproot=root sec=sys +export options so that the MDS can create entries in these subdirectories. +It must also be exported to all pNFS aware clients, but these clients do +not require the +.Dq maproot=root +export option and this directory should be exported to them with the same +options as used by the MDS to export file system(s) to the clients. +.Pp +It is possible to have multiple DSs on the same FreeBSD system, but each +of these DSs must have a separate top level exported directory used for storage +of data files and each +of these DSs must be mountable via a separate IP address. +Alias addresses can be set on the DS server system for a network +interface via +.Xr ifconfig 8 +to create these different IP addresses. +Multiple DSs on the same server may be useful when data for different file systems +on the MDS are being stored on different file system volumes on the FreeBSD +DS system. +.Sh MDS server configuration +The MDS must be a separate FreeBSD system from the FreeBSD DS system(s) and +NFS clients. +It is configured as a NFSv4.1 server with file system(s) exported to +clients. +However, the +.Dq -p +command line argument for +.Xr nfsd +is used to indicate that it is running as the MDS for a pNFS server. +.Pp +The DS(s) must all be mounted on the MDS using the following mount options: +.Bd -literal -offset indent +nfsv4,minorversion=1,soft,retrans=2 +.Ed +.sp +so that they can be defined as DSs in the +.Dq -p +option. +Normally these mounts would be entered in the +.Xr fstab 5 +on the MDS. +For example, if there are four DSs named nfsv4-data[0-3], the +.Xr fstab 5 +lines might look like: +.Bd -literal -offset +nfsv4-data0:/ /data0 nfs rw,nfsv4,minorversion=1,soft,retrans=2 0 0 +nfsv4-data1:/ /data1 nfs rw,nfsv4,minorversion=1,soft,retrans=2 0 0 +nfsv4-data2:/ /data2 nfs rw,nfsv4,minorversion=1,soft,retrans=2 0 0 +nfsv4-data3:/ /data3 nfs rw,nfsv4,minorversion=1,soft,retrans=2 0 0 +.Ed +.sp +The +.Xr nfsd 8 +command line option +.Dq -p +indicates that the NFS server is a pNFS MDS and specifies what +DSs are to be used. +.br +For the above +.Xr fstab 5 +example, the +.Xr nfsd 8 +nfs_server_flags line in your +.Xr rc.conf 5 +might look like: +.Bd -literal -offset +nfs_server_flags="-u -t -n 128 -p nfsv4-data0:/data0,nfsv4-data1:/data1,nfsv4-data2:/data2,nfsv4-data3:/data3" +.Ed +.sp +This example specifies that the data files should be distributed over the +four DSs and File layouts will be issued to pNFS enabled clients. +If issuing Flexible File layouts is desired for this case, setting the sysctl +.Dq vfs.nfsd.default_flexfile +non-zero in your +.Xr sysctl.conf 5 +file will make the +.Nm +do that. +.br +Alternately, this variant of +.Dq nfs_server_flags +will specify that two way mirroring is to be done, via the +.Dq -m +command line option. +.Bd -literal -offset +nfs_server_flags="-u -t -n 128 -p nfsv4-data0:/data0,nfsv4-data1:/data1,nfsv4-data2:/data2,nfsv4-data3:/data3 -m 2" +.Ed +.sp +With two way mirroring, the data file for each exported file on the MDS +will be stored on two of the DSs. +When mirroring is enabled, the server will always issue Flexible File layouts. +.Pp +It is also possible to specify which DSs are to be used to store data files for +specific exported file systems on the MDS. +For example, if the MDS has exported two file systems +.Dq /export1 +and +.Dq /export2 +to clients, the following variant of +.Dq nfs_server_flags +will specify that data files for +.Dq /export1 +will be stored on nfsv4-data0 and nfsv4-data1, whereas the data files for +.Dq /export2 +will be store on nfsv4-data2 and nfsv4-data3. +.Bd -literal -offset +nfs_server_flags="-u -t -n 128 -p nfsv4-data0:/data0#/export1,nfsv4-data1:/data1#/export1,nfsv4-data2:/data2#/export2,nfsv4-data3:/data3#/export2" +.Ed +.sp +This can be used by system administrators to control where data files are +stored and might be useful for control of storage use. +For this case, it may be convenient to co-locate more than one of the DSs +on the same FreeBSD server, using separate file systems on the DS system +for storage of the respective DS's data files. +If mirroring is desired for this case, the +.Dq -m +option also needs to be specified. +There must be enough DSs assigned to each exported file system on the MDS +to support the level of mirroring. +The above example would be fine for two way mirroring, but four way mirroring +would not work, since there are only two DSs assigned to each exported file +system on the MDS. +.Pp +The number of subdirectories in each DS is defined by the +.Dq vfs.nfs.dsdirsize +sysctl on the MDS. +This value can be increased from the default of 20, but only when the +.Xr nfsd 8 +is not running and after the additional ds20,... subdirectories have been +created on all the DSs. +For a service that will store a large number of files this sysctl should be +set much larger, to avoid the number of entries in a subdirectory from +getting too large. +.Sh Client mounts +Once operational, NFSv4.1 FreeBSD client mounts done with the +.Dq pnfs +option should do I/O directly on the DSs. +The clients mounting the MDS must be running the +.Xr nfscbd +daemon for pNFS to work. +Set +.Bd -literal -offset indent +nfscbd_enable="YES" +.Ed +.sp +in the +.Xr rc.conf 5 +on these clients. +Non-pNFS aware clients or NFSv3 mounts will do all I/O RPCs on the MDS, +which acts as a proxy for the appropriate DS(s). +.Sh Backing up a pNFS service +Since the data is separated from the metadata, the simple way to back up +a pNFS service is to do so from an NFS client that has the service mounted +on it. +If you back up the MDS exported file system(s) on the MDS, you must do it +in such a way that the +.Dq system +namespace extended attributes get backed up. +.Sh Handling of failed mirrored DSs +When a mirrored DS fails, it can be disabled one of three ways: +.sp +1 - The MDS detects a problem when trying to do proxy +operations on the DS. +This can take a couple of minutes +after the DS failure or network partitioning occurs. +.sp +2 - A pNFS client can report an I/O error that occurred for a DS to the MDS in +the arguments for a LayoutReturn operation. +.sp +3 - The system administrator can perform the pnfsdskill(8) command on the MDS +to disable it. If the system administrator does a pnfsdskill(8) and it fails +with ENXIO (Device not configured) that normally means the DS was already +disabled via #1 or #2. Since doing this is harmless, once a system +administrator knows that there is a problem with a mirrored DS, doing the +command is recommended. +.sp +Once a system administrator knows that a mirrored DS has malfunctioned +or has been network partitioned, they should do the following as root/su +on the MDS: +.Bd -literal -offset indent +# pnfsdskill <mounted-on-path-of-DS> +# umount -N <mounted-on-path-of-DS> +.Ed +.sp +Note that the <mounted-on-path-of-DS> must be the exact mounted-on path +string used when the DS was mounted on the MDS. +.Pp +Once the mirrored DS has been disabled, the pNFS service should continue to +function, but file updates will only happen on the DS(s) +that have not been disabled. Assuming two way mirroring, that implies +the one DS of the pair stored in the +.Dq pnfsd.dsfile +extended attribute for the file on the MDS, for files stored on the disabled DS. +.Pp +The next step is to clear the IP address in the +.Dq pnfsd.dsfile +extended attribute on all files on the MDS for the failed DS. +This is done so that, when the disabled DS is repaired and brought back online, +the data files on this DS will not be used, since they may be out of date. +The command that clears the IP address is +.Xr pnfsdsfile 8 +with the +.Dq -r +option. +.Bd -literal -offset +For example: +# pnfsdsfile -r nfsv4-data3 yyy.c +yyy.c: nfsv4-data2.home.rick ds0/207508569ff983350c000000ec7c0200e4c57b2e0000000000000000 0.0.0.0 ds0/207508569ff983350c000000ec7c0200e4c57b2e0000000000000000 +.Ed +.sp +replaces nfsv4-data3 with an IPv4 address of 0.0.0.0, so that nfsv4-data3 +will not get used. +.Pp +Normally this will be called within a +.Xr find 1 +command for all regular +files in the exported directory tree and must be done on the MDS. +When used with +.Xr find 1 , +you will probably also want the +.Dq -q +option so that it won't spit out the results for every file. +If the disabled/repaired DS is nfsv4-data3, the commands done on the MDS +would be: +.Bd -literal -offset +# cd <top-level-exported-dir> +# find . -type f -exec pnfsdsfile -q -r nfsv4-data3 {} \; +.Ed +.sp +There is a problem with the above command if the file found by +.Xr find 1 +is renamed or unlinked before the +.Xr pnfsdsfile 8 +command is done on it. +This should normally generate an error message. +A simple unlink is harmless +but a link/unlink or rename might result in the file not having been processed +under its new name. +To check that all files have their IP addresses set to 0.0.0.0 these +commands can be used (assuming the +.Xr sh 1 +shell): +.Bd -literal -offset +# cd <top-level-exported-dir> +# find . -type f -exec pnfsdsfile {} \; | sed "/nfsv4-data3/!d" +.Ed +.sp +Any line(s) printed require the +.Xr pnfsdsfile 8 +with +.Dq -r +to be done again. +Once this is done, the replaced/repaired DS can be brought back online. +It should have empty ds0,...,dsN directories under the top level exported +directory for storage of data files just like it did when first set up. +Mount it on the MDS exactly as you did before disabling it. +For the nfsv4-data3 example, the command would be: +.Bd -literal -offset +# mount -t nfs -o nfsv4,minorversion=1,soft,retrans=2 nfsv4-data3:/ /data3 +.Ed +.sp +Then restart the nfsd to re-enable the DS. +.Bd -literal -offset +# /etc/rc.d/nfsd restart +.Ed +.sp +Now, new files can be stored on nfsv4-data3, +but files with the IP address zeroed out on the MDS will not yet use the +repaired DS (nfsv4-data3). +The next step is to go through the exported file tree on the MDS and, +for each of the +files with an IPv4 address of 0.0.0.0 in its extended attribute, copy the file +data to the repaired DS and re-enable use of this mirror for it. +This command for copying the file data for one MDS file is +.Xr pnfsdscopymr 8 +and it will also normally be used in a +.Xr find 1 . +For the example case, the commands on the MDS would be: +.Bd -literal -offset +# cd <top-level-exported-dir> +# find . -type f -exec pnfsdscopymr -r /data3 {} \; +.Ed +.sp +When this completes, the recovery should be complete or at least nearly so. +As noted above, if a link/unlink or rename occurs on a file name while the +above +.Xr find 1 +is in progress, it may not get copied. +To check for any file(s) not yet copied, the commands are: +.Bd -literal -offset +# cd <top-level-exported-dir> +# find . -type f -exec pnfsdsfile {} \; | sed "/0\.0\.0\.0/!d" +.Ed +.sp +If this command prints out any file name(s), these files must +have the +.Xr pnfsdscopymr 8 +command done on them to complete the recovery. +.Bd -literal -offset +# pnfsdscopymr -r /data3 <file-path-reported> +.Ed +.sp +If this commmand fails with the error +.br +.Dq pnfsdscopymr: Copymr failed for file <path>: Device not configured +.br +repeatedly, this may be caused by a Read/Write layout that has not +been returned. +The only way to get rid of such a layout is to restart the +.Xr nfsd 8 . +.sp +All of these commands are designed to be +done while the pNFS service is running and can be re-run safely. +.Pp +For a more detailed discussion of the setup and management of a pNFS service +see: +.Bd -literal -offset indent +http://people.freebsd.org/~rmacklem/pnfs-planb-setup.txt +.Ed +.sp +.Sh SEE ALSO +.Xr nfsv4 4 , +.Xr pnfs 4 , +.Xr exports 5 , +.Xr fstab 5 , +.Xr rc.conf 5 , +.Xr sysctl.conf 5 , +.Xr nfscbd 8 , +.Xr nfsd 8 , +.Xr nfsuserd 8 , +.Xr pnfsdscopymr 8 , +.Xr pnfsdsfile 8 , +.Xr pnfsdskill 8 +.Sh HISTORY +The +.Nm +command first appeared in +.Fx 12.0 . +.Sh BUGS +Since the MDS cannot be mirrored, it is a single point of failure just +as a non +.Tn pNFS +server is. +For non-mirrored configurations, all FreeBSD systems used in the service +are single points of failure. diff --git a/usr.sbin/nscd/Makefile b/usr.sbin/nscd/Makefile index 96a2e8a8f457..0a3af09ac2ac 100644 --- a/usr.sbin/nscd/Makefile +++ b/usr.sbin/nscd/Makefile @@ -1,5 +1,6 @@ # $FreeBSD$ +CONFS= nscd.conf PROG= nscd MAN= nscd.conf.5 nscd.8 diff --git a/usr.sbin/nscd/nscd.conf b/usr.sbin/nscd/nscd.conf new file mode 100644 index 000000000000..19a8b5b95452 --- /dev/null +++ b/usr.sbin/nscd/nscd.conf @@ -0,0 +1,12 @@ +# +# Default caching daemon configuration file +# $FreeBSD$ +# + +enable-cache passwd yes +enable-cache group yes +enable-cache hosts yes +enable-cache services yes +enable-cache protocols yes +enable-cache rpc yes +enable-cache networks yes diff --git a/usr.sbin/pciconf/pciconf.8 b/usr.sbin/pciconf/pciconf.8 index f0f47b8aabf9..eb2e038d7e82 100644 --- a/usr.sbin/pciconf/pciconf.8 +++ b/usr.sbin/pciconf/pciconf.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 23, 2015 +.Dd June 14, 2018 .Dt PCICONF 8 .Os .Sh NAME @@ -40,6 +40,8 @@ .Fl r Oo Fl b | h Oc Ar device addr Ns Op : Ns Ar addr2 .Nm .Fl w Oo Fl b | h Oc Ar device addr value +.Nm +.Fl D Oo Fl b | h | x Oc Ar device addr Op start Ns Op : Ns Ar count .Sh DESCRIPTION The .Nm @@ -305,17 +307,38 @@ into a configuration space register at byte offset .Ar addr of device .Ar selector . -For both operations, the flags -.Fl b +.Pp +The +.Fl D +option request a dump of the specified BAR. +Dump is performed to the standard output, raw register values +are written. +Use +.Xr hexdump 1 +to convert them to human-readable dump, +or redirect into a file to save the snapshot of the device state. +Optionally, the +.Ar start and -.Fl h +.Ar count +of the registers dumped can be specified, in multiple of the operation width, +see next paragraph. +.Pp +For read, write, and dump operations, the flags +.Fl b , +.Fl h , +and +.Fl x select the width of the operation; .Fl b indicates a byte operation, and .Fl h indicates a halfword (two-byte) operation. +.Fl x +indicates a quadword (four-byte) operation. The default is to read or write a longword (four bytes). +The quadword mode is only valid for BAR dump. .Sh ENVIRONMENT PCI vendor and device information is read from .Pa /usr/local/share/pciids/pci.ids . @@ -368,3 +391,11 @@ to provide the device with a driver KLD, and reading of configuration space registers may cause a failure in badly designed .Tn PCI chips. +.Pp +There is currently no way to specify the caching mode for the mapping +established by the +.Fl D +option, +.Nm +always uses uncached access. +This is fine for control register BARs. diff --git a/usr.sbin/pciconf/pciconf.c b/usr.sbin/pciconf/pciconf.c index 692eae395603..47b8f96422de 100644 --- a/usr.sbin/pciconf/pciconf.c +++ b/usr.sbin/pciconf/pciconf.c @@ -34,6 +34,13 @@ static const char rcsid[] = #include <sys/types.h> #include <sys/fcntl.h> +#include <sys/mman.h> +#include <sys/pciio.h> +#include <sys/queue.h> + +#include <vm/vm.h> + +#include <dev/pci/pcireg.h> #include <assert.h> #include <ctype.h> @@ -44,10 +51,6 @@ static const char rcsid[] = #include <stdio.h> #include <string.h> #include <unistd.h> -#include <sys/pciio.h> -#include <sys/queue.h> - -#include <dev/pci/pcireg.h> #include "pathnames.h" #include "pciconf.h" @@ -82,32 +85,37 @@ static int load_vendors(void); static void readit(const char *, const char *, int); static void writeit(const char *, const char *, const char *, int); static void chkattached(const char *); +static void dump_bar(const char *name, const char *reg, const char *bar_start, + const char *bar_count, int width, int verbose); static int exitstatus = 0; static void usage(void) { - fprintf(stderr, "%s\n%s\n%s\n%s\n", - "usage: pciconf -l [-BbcevV] [device]", - " pciconf -a device", - " pciconf -r [-b | -h] device addr[:addr2]", - " pciconf -w [-b | -h] device addr value"); - exit (1); + + fprintf(stderr, "%s", + "usage: pciconf -l [-BbcevV] [device]\n" + " pciconf -a device\n" + " pciconf -r [-b | -h] device addr[:addr2]\n" + " pciconf -w [-b | -h] device addr value\n" + " pciconf -D [-b | -h | -x] device bar [start [count]]" + "\n"); + exit(1); } int main(int argc, char **argv) { - int c; - int listmode, readmode, writemode, attachedmode; + int c, width; + int listmode, readmode, writemode, attachedmode, dumpbarmode; int bars, bridge, caps, errors, verbose, vpd; - int byte, isshort; - listmode = readmode = writemode = attachedmode = 0; - bars = bridge = caps = errors = verbose = vpd = byte = isshort = 0; + listmode = readmode = writemode = attachedmode = dumpbarmode = 0; + bars = bridge = caps = errors = verbose = vpd= 0; + width = 4; - while ((c = getopt(argc, argv, "aBbcehlrwVv")) != -1) { + while ((c = getopt(argc, argv, "aBbcDehlrwVv")) != -1) { switch(c) { case 'a': attachedmode = 1; @@ -119,19 +127,23 @@ main(int argc, char **argv) case 'b': bars = 1; - byte = 1; + width = 1; break; case 'c': caps = 1; break; + case 'D': + dumpbarmode = 1; + break; + case 'e': errors = 1; break; case 'h': - isshort = 1; + width = 2; break; case 'l': @@ -154,6 +166,10 @@ main(int argc, char **argv) vpd = 1; break; + case 'x': + width = 8; + break; + default: usage(); } @@ -162,7 +178,9 @@ main(int argc, char **argv) if ((listmode && optind >= argc + 1) || (writemode && optind + 3 != argc) || (readmode && optind + 2 != argc) - || (attachedmode && optind + 1 != argc)) + || (attachedmode && optind + 1 != argc) + || (dumpbarmode && (optind + 2 > argc || optind + 4 < argc)) + || (width == 8 && !dumpbarmode)) usage(); if (listmode) { @@ -171,16 +189,20 @@ main(int argc, char **argv) } else if (attachedmode) { chkattached(argv[optind]); } else if (readmode) { - readit(argv[optind], argv[optind + 1], - byte ? 1 : isshort ? 2 : 4); + readit(argv[optind], argv[optind + 1], width); } else if (writemode) { writeit(argv[optind], argv[optind + 1], argv[optind + 2], - byte ? 1 : isshort ? 2 : 4); + width); + } else if (dumpbarmode) { + dump_bar(argv[optind], argv[optind + 1], + optind + 2 < argc ? argv[optind + 2] : NULL, + optind + 3 < argc ? argv[optind + 3] : NULL, + width, verbose); } else { usage(); } - return exitstatus; + return (exitstatus); } static void @@ -1027,3 +1049,117 @@ chkattached(const char *name) printf("%s: %s%s\n", name, pi.pi_data == 0 ? "not " : "", "attached"); close(fd); } + +static void +dump_bar(const char *name, const char *reg, const char *bar_start, + const char *bar_count, int width, int verbose) +{ + struct pci_bar_mmap pbm; + uint32_t *dd; + uint16_t *dh; + uint8_t *db; + uint64_t *dx, a, start, count; + char *el; + size_t res; + int fd; + + start = 0; + if (bar_start != NULL) { + start = strtoul(bar_start, &el, 0); + if (*el != '\0') + errx(1, "Invalid bar start specification %s", + bar_start); + } + count = 0; + if (bar_count != NULL) { + count = strtoul(bar_count, &el, 0); + if (*el != '\0') + errx(1, "Invalid count specification %s", + bar_count); + } + + pbm.pbm_sel = getsel(name); + pbm.pbm_reg = strtoul(reg, &el, 0); + if (*reg == '\0' || *el != '\0') + errx(1, "Invalid bar specification %s", reg); + pbm.pbm_flags = 0; + pbm.pbm_memattr = VM_MEMATTR_UNCACHEABLE; /* XXX */ + + fd = open(_PATH_DEVPCI, O_RDWR, 0); + if (fd < 0) + err(1, "%s", _PATH_DEVPCI); + + if (ioctl(fd, PCIOCBARMMAP, &pbm) < 0) + err(1, "ioctl(PCIOCBARMMAP)"); + + if (count == 0) + count = pbm.pbm_bar_length / width; + if (start + count < start || (start + count) * width < (uint64_t)width) + errx(1, "(start + count) x width overflow"); + if ((start + count) * width > pbm.pbm_bar_length) { + if (start * width > pbm.pbm_bar_length) + count = 0; + else + count = (pbm.pbm_bar_length - start * width) / width; + } + if (verbose) { + fprintf(stderr, + "Dumping pci%d:%d:%d:%d BAR %x mapped base %p " + "off %#x length %#jx from %#jx count %#jx in %d-bytes\n", + pbm.pbm_sel.pc_domain, pbm.pbm_sel.pc_bus, + pbm.pbm_sel.pc_dev, pbm.pbm_sel.pc_func, + pbm.pbm_reg, pbm.pbm_map_base, pbm.pbm_bar_off, + pbm.pbm_bar_length, start, count, width); + } + switch (width) { + case 1: + db = (uint8_t *)(uintptr_t)((uintptr_t)pbm.pbm_map_base + + pbm.pbm_bar_off + start * width); + for (a = 0; a < count; a += width, db++) { + res = fwrite(db, width, 1, stdout); + if (res != 1) { + errx(1, "error writing to stdout"); + break; + } + } + break; + case 2: + dh = (uint16_t *)(uintptr_t)((uintptr_t)pbm.pbm_map_base + + pbm.pbm_bar_off + start * width); + for (a = 0; a < count; a += width, dh++) { + res = fwrite(dh, width, 1, stdout); + if (res != 1) { + errx(1, "error writing to stdout"); + break; + } + } + break; + case 4: + dd = (uint32_t *)(uintptr_t)((uintptr_t)pbm.pbm_map_base + + pbm.pbm_bar_off + start * width); + for (a = 0; a < count; a += width, dd++) { + res = fwrite(dd, width, 1, stdout); + if (res != 1) { + errx(1, "error writing to stdout"); + break; + } + } + break; + case 8: + dx = (uint64_t *)(uintptr_t)((uintptr_t)pbm.pbm_map_base + + pbm.pbm_bar_off + start * width); + for (a = 0; a < count; a += width, dx++) { + res = fwrite(dx, width, 1, stdout); + if (res != 1) { + errx(1, "error writing to stdout"); + break; + } + } + break; + default: + errx(1, "invalid access width"); + } + + munmap((void *)pbm.pbm_map_base, pbm.pbm_map_length); + close(fd); +} diff --git a/usr.sbin/pkg/FreeBSD.conf b/usr.sbin/pkg/FreeBSD.conf new file mode 100644 index 000000000000..e4eec8f11451 --- /dev/null +++ b/usr.sbin/pkg/FreeBSD.conf @@ -0,0 +1,16 @@ +# $FreeBSD$ +# +# To disable this repository, instead of modifying or removing this file, +# create a /usr/local/etc/pkg/repos/FreeBSD.conf file: +# +# mkdir -p /usr/local/etc/pkg/repos +# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf +# + +FreeBSD: { + url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", + mirror_type: "srv", + signature_type: "fingerprints", + fingerprints: "/usr/share/keys/pkg", + enabled: yes +} diff --git a/usr.sbin/pkg/Makefile b/usr.sbin/pkg/Makefile index 145523d4bf2b..6ca341f0ad4e 100644 --- a/usr.sbin/pkg/Makefile +++ b/usr.sbin/pkg/Makefile @@ -1,5 +1,8 @@ # $FreeBSD$ +CONFS= FreeBSD.conf +CONFSDIR= /etc/pkg +CONFSMODE= 644 PROG= pkg SRCS= pkg.c dns_utils.c config.c MAN= pkg.7 diff --git a/usr.sbin/pnfsdscopymr/pnfsdscopymr.c b/usr.sbin/pnfsdscopymr/pnfsdscopymr.c index 5eac0aaecf43..9526d04eabab 100644 --- a/usr.sbin/pnfsdscopymr/pnfsdscopymr.c +++ b/usr.sbin/pnfsdscopymr/pnfsdscopymr.c @@ -295,7 +295,7 @@ main(int argc, char *argv[]) pnfsdarg.mdspath = *argv; ret = nfssvc(NFSSVC_PNFSDS, &pnfsdarg); if (ret < 0 && errno != EEXIST) - err(1, "Copymr failed args %s, %s", argv[1], argv[2]); + err(1, "Copymr failed for file %s", *argv); exit(0); } diff --git a/usr.sbin/portsnap/portsnap/Makefile b/usr.sbin/portsnap/portsnap/Makefile index e8f42b85f1b0..6acd3f523751 100644 --- a/usr.sbin/portsnap/portsnap/Makefile +++ b/usr.sbin/portsnap/portsnap/Makefile @@ -1,5 +1,6 @@ # $FreeBSD$ +CONFS= portsnap.conf SCRIPTS=portsnap.sh MAN= portsnap.8 diff --git a/usr.sbin/portsnap/portsnap/portsnap.conf b/usr.sbin/portsnap/portsnap/portsnap.conf new file mode 100644 index 000000000000..261be1bafffb --- /dev/null +++ b/usr.sbin/portsnap/portsnap/portsnap.conf @@ -0,0 +1,35 @@ +# $FreeBSD$ + +# Default directory where compressed snapshots are stored. +# WORKDIR=/var/db/portsnap + +# Default location of the ports tree (target for "update" and "extract"). +# PORTSDIR=/usr/ports + +# Server or server pool from which to fetch updates. You can change +# this to point at a specific server if you want, but in most cases +# using a "nearby" server won't provide a measurable improvement in +# performance. +SERVERNAME=portsnap.FreeBSD.org + +# Trusted keyprint. Changing this is a Bad Idea unless you've received +# a PGP-signed email from <security-officer@FreeBSD.org> telling you to +# change it and explaining why. +KEYPRINT=9b5feee6d69f170e3dd0a2c8e469ddbd64f13f978f2f3aede40c98633216c330 + +# Example of ignoring parts of the ports tree. If you know that you +# absolutely will not need certain parts of the tree, this will save +# some bandwidth and disk space. See the manual page for more details. +# +# WARNING: Working with an incomplete ports tree is not supported and +# can cause problems due to missing dependencies. If you have REFUSE +# directives and experience problems, remove them and update your tree +# before asking for help on the mailing lists. +# +# REFUSE arabic chinese french german hebrew hungarian japanese +# REFUSE korean polish portuguese russian ukrainian vietnamese + +# List of INDEX files to build and the DESCRIBE file to use for each +#INDEX INDEX-10 DESCRIBE.10 +#INDEX INDEX-11 DESCRIBE.11 +INDEX INDEX-12 DESCRIBE.12 diff --git a/usr.sbin/pw/pw_vpw.c b/usr.sbin/pw/pw_vpw.c index ea87f715a2b0..192d588ab0cf 100644 --- a/usr.sbin/pw/pw_vpw.c +++ b/usr.sbin/pw/pw_vpw.c @@ -39,10 +39,13 @@ static const char rcsid[] = #include <string.h> #include <stdlib.h> #include <err.h> +#include <unistd.h> #include "pwupd.h" static FILE * pwd_fp = NULL; +static int pwd_scanflag; +static const char *pwd_filename; void vendpwent(void) @@ -71,7 +74,18 @@ vnextpwent(char const *nam, uid_t uid, int doclose) line = NULL; linecap = 0; - if (pwd_fp != NULL || (pwd_fp = fopen(getpwpath(_MASTERPASSWD), "r")) != NULL) { + if (pwd_fp == NULL) { + if (geteuid() == 0) { + pwd_filename = _MASTERPASSWD; + pwd_scanflag = PWSCAN_MASTER; + } else { + pwd_filename = _PASSWD; + pwd_scanflag = 0; + } + pwd_fp = fopen(getpwpath(pwd_filename), "r"); + } + + if (pwd_fp != NULL) { while ((linelen = getline(&line, &linecap, pwd_fp)) > 0) { /* Skip comments and empty lines */ if (*line == '\n' || *line == '#') @@ -79,10 +93,10 @@ vnextpwent(char const *nam, uid_t uid, int doclose) /* trim latest \n */ if (line[linelen - 1 ] == '\n') line[linelen - 1] = '\0'; - pw = pw_scan(line, PWSCAN_MASTER); + pw = pw_scan(line, pwd_scanflag); if (pw == NULL) errx(EXIT_FAILURE, "Invalid user entry in '%s':" - " '%s'", getpwpath(_MASTERPASSWD), line); + " '%s'", getpwpath(pwd_filename), line); if (uid != (uid_t)-1) { if (uid == pw->pw_uid) break; diff --git a/usr.sbin/route6d/route6d.c b/usr.sbin/route6d/route6d.c index 07765de70431..7d873d4dfa40 100644 --- a/usr.sbin/route6d/route6d.c +++ b/usr.sbin/route6d/route6d.c @@ -2223,8 +2223,10 @@ ifrt(struct ifc *ifcp, int again) goto next; } - TAILQ_REMOVE(&riprt_head, rrt, rrt_next); - delroute(&rrt->rrt_info, &rrt->rrt_gw); + TAILQ_REMOVE(&riprt_head, search_rrt, rrt_next); + delroute(&search_rrt->rrt_info, + &search_rrt->rrt_gw); + free(search_rrt); } /* Attach the route to the list */ trace(1, "route: %s/%d: register route (%s)\n", diff --git a/usr.sbin/tzsetup/tzsetup.c b/usr.sbin/tzsetup/tzsetup.c index 3e422ade25ff..dcf9f6863b43 100644 --- a/usr.sbin/tzsetup/tzsetup.c +++ b/usr.sbin/tzsetup/tzsetup.c @@ -481,7 +481,7 @@ read_zones(void) char contbuf[16]; FILE *fp; struct continent *cont; - size_t len; + size_t len, contlen; char *line, *tlc, *file, *descr, *p; int lineno; @@ -504,12 +504,16 @@ read_zones(void) path_zonetab, lineno, tlc); /* coord = */ strsep(&line, "\t"); /* Unused */ file = strsep(&line, "\t"); + /* get continent portion from continent/country */ p = strchr(file, '/'); if (p == NULL) errx(1, "%s:%d: invalid zone name `%s'", path_zonetab, lineno, file); - contbuf[0] = '\0'; - strncat(contbuf, file, p - file); + contlen = p - file + 1; /* trailing nul */ + if (contlen > sizeof(contbuf)) + errx(1, "%s:%d: continent name in zone name `%s' too long", + path_zonetab, lineno, file); + strlcpy(contbuf, file, contlen); cont = find_continent(contbuf); if (!cont) errx(1, "%s:%d: invalid region `%s'", path_zonetab, diff --git a/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8 b/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8 index fe9fdce4f7fa..7ba6e4c2f8aa 100644 --- a/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8 +++ b/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 7, 2012 +.Dd July 28, 2018 .Dt WPA_SUPPLICANT 8 .Os .Sh NAME @@ -144,8 +144,6 @@ Send log messages through instead of to the terminal. .It Fl t Include timestamp in debug messages. -.It Fl u -Enable DBus control interface. .It Fl v Display version information on the terminal and exit. .It Fl W |