| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test verifies that the rc framework will OOM-protect a process
spawned by rc. It just wraps a 5-second /bin/sleep invocation as part
of this test.
The rc framework uses procctl to set the OOM-protect bit after the
process has started, i.e., it uses procctl -p. So, with a 5 second
timeout, it's possible for the process to exit before procctl actually
runs, if the system is heavily loaded. (I see this failure occasionally
with KMSAN configured and many tests running in parallel.)
Bump the timeout to reduce the risk of this happening. The timeout
value is arbitrary since the test will stop the rc process, i.e., we
don't have to wait for 60 seconds to elapse before the test passes.
MFC after: 1 week
|
| |
|
|
|
| |
MFC after: 3 days
Event: Berlin Hackathon 202507
|
| |
|
|
|
|
|
|
|
| |
PR: 282404
Reviewed by: markj, netchild
Approved by: markj (mentor)
MFC after: 2 weeks
Event: Berlin Hackathon 202507
Differential Revision: https://reviews.freebsd.org/D47329
|
| |
|
|
|
|
| |
This was copied from arm to aarch64 to riscv, but only arm uses it.
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently rtld delegates to libc or libthr to initialise the TCBs for
all existing threads when dlopen is called for a library that is using
static TLS. This creates an odd split where rtld manages all of TLS for
dynamically-linked executables except for this specific case, and is
unnecessarily complex, including having to reason about the locking due
to dropping the bind lock so libthr can take the thread list lock
without deadlocking if any of the code run whilst that lock is held ends
up calling back into rtld (such as for lazy PLT resolution).
The only real reason we call out into libc / libthr is that we don't
have a list of threads in rtld and that's how we find the currently used
TCBs to initialise (and at the same time do the copy in the callee
rather than adding overhead with some kind of callback that provides the
TCB to rtld. If we instead keep a list of allocated TCBs in rtld itself
then we no longer need to do this, and can just copy the data in rtld.
How these TCBs are mapped to threads is irrelevant, rtld can just treat
all TCBs equally and ensure that each TCB's static TLS data block
remains in sync with the current set of loaded modules, just as how
_rtld_allocate_tls creates a fresh TCB and associated data without any
embedded threading model assumptions.
As an implementation detail, to avoid a separate allocation for the list
entry and having to find that allocation from the TCB to remove and free
it on deallocation, we allocate a fake TLS offset for it and embed the
list entry there in each TLS block.
This will also make it easier to add a new TLS ABI downstream in
CheriBSD, especially in the presence of library compartmentalisation.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D50920
|
| |
|
|
|
|
|
|
| |
This will be used to allocate additional space for a TAILQ_ENTRY by rtld
at a known offset from the TCB, as if it were TLS data.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D51068
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows us to do things like:
```
local fp = assert(fbsd.exec({"ls", "-l"}, true))
local fpout = assert(fp:stdout())
while true do
local line = fpout:read("l")
if not line then break end
print("Read: " .. line)
end
fp:close()
```
The makeman lua rewrite will use it to capture `make showconfig` output
for processing.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D50539
|
| |
|
|
|
|
|
|
|
|
|
| |
This gives us some way to be able to write to stdin if we want to, or
as a future improvement, will allow us to extract stdout from the
process. The handle is setup to close and waitpid() on close/gc so that
existing users wouldn't necessarily leak for the lifetime of the script
if they weren't adopted to the new model.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D50538
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Additionally, there's no way to get to the end without a valid
stdin_pipe[1] at the moment, so don't check for it. stdin_pipe[0] is
closed earlier, as the parent shouldn't need the read-side of the pipe.
While we're here, also free the file actions earlier and on error --
they're not necessary once posix_spawnp() has returned.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D50537
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The posix module is subdivided according to C headers; for instance,
posix.unistd contains routines available from unistd.h, such as
chown(2).
A quirk of our implementation is that each of the modules is a direct
entry in the global table. That is, there is no "posix" table.
Instead, "posix.foo" and "posix.bar.baz" are both top-level tables.
This is surprising and goes against Lua's shorthand of using "." to
access keys in a table. lua-posix also doesn't work this way.
Rework things so that "posix" and "posix.sys" are proper tables.
Existing flua code which uses require() to bind posix submodules to a
name will be unaffected. Code which accesses them directly using
something like _G["posix.sys.utsname"].uname() will be broken, but I
don't think anything like that exists. In particular, it is now
possible to call posix.sys.utsname.uname() without any require
statements.
Reviewed by: imp, bapt
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D51158
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the wrappers, check for errors and abort if one is raised. At some
point it may be useful to have a mechanism to ignore errors, but I'm not
sure yet how that should look.
For chmod, let the mode be specified as an octal number, otherwise it's
hard to understand what's happening. Note that this must be specified
as a string, otherwise tonumber() will raise an error.
Reviewed by: bapt
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D51159
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The implementation of chown() in the posix module handles user and group
names as well as numeric IDs. When resolving names, be sure to use
reentrant lookup functions rather than assuming it's safe to clobber the
internal buffers used by getpwnam() and getgrnam().
Fix some style nits while here.
Reviewed by: imp, bapt
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D46555
|
| |
|
|
|
|
|
|
| |
This is rather cosmetic correction.
PR: 287872
MFC-after: 2 weeks
X-MFC-With: 6d3bc576abbd84f736d917f5bfec4e3fe7e6c125
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace "ifconfig -ul" with "ifconfig -n" because netlink-enabled
/sbin/ifconfig utility has sub-optimal performance for listing.
Combined with the commit b1b17432aa1be670564161232d110461a5dde4ce,
these changes mostly eliminate performance regression of the command
"service devd start" for a system having hundreds of network interfaces
created before devd starts, after FreeBSD 14+ switched
/sbin/ifconfig to netlink(4)
PR: 287872
MFC-after: 2 weeks
|
| |
|
|
|
|
|
|
| |
At least nuageinit is broken after this commit, breaking some downstream
CI systems. It also disables globbing for rc.local scripts, which is
likely to break users in surprising ways.
This reverts commit 4deb9760a9d84d5861ee45162ffebe83f13503b8.
|
| |
|
|
|
|
| |
The commit which motivated this is being reverted.
This reverts commit 7faddeb395b7976b44393db24f48ec47040eff07.
|
| | |
|
| |
|
|
|
| |
from the cloudinit specification sudo rules can be a string or an
array of string
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ftpd provides the -n option to disable anonymous FTP access, meaning the
username 'ftp' cannot log in to the FTP server without a password stored
in the password database. This feature helps prevent users who lack the
background knowledge of how this special username 'ftp' conventionally
works in FTP from mistakenly creating an account with the username
'ftp,' assuming it behaves like other usernames that require a password
to log in to the FTP server, which it does not.
Differential Revision: https://reviews.freebsd.org/D46547
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
write_files is a list of files that should be created at the first boot
each file content can be either plain text or encoded in base64 (note
that cloudinit specify that gzip is supported, but we do not support it
yet.)
All other specifier from cloudinit should work:
by default all files will juste overwrite exesiting files except if
"append" is set to true, permissions, ownership can be specified.
The files are create before packages are being installed and user
created.
if "defer" is set to true then the file is being created after packages
installation and package manupulation.
This feature is requested for KDE's CI.
|
| |
|
|
| |
Sponsored by: OVHCloud
|
| |
|
|
|
|
|
|
|
| |
This fixes case where vendors or cloudinit consumers are using all
features from yaml.
KDE is using reference for its CI for example.
lima-vm uses syntax for which our previous yaml.lua has bug in the
parser (https://github.com/lima-vm/lima/issues/1508)
|
| | |
|
| |
|
|
|
|
|
|
| |
Add the AT_HWCAP3 and AT_HWCAP4 format strings to auxfmt.
Reviewed by: brooks, kib
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D51007
|
| |
|
|
|
|
|
|
|
|
| |
This fixes the test case libexec.nuageinit.nuageinit.config2_userdata_packages
Signed-off-by: Siva Mahadevan <me@svmhdvn.name>
Event: Kitchener-Waterloo Hackathon 202506
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/1734
|
| |
|
|
| |
Reviewed by: bapt
|
| |
|
|
|
|
|
|
| |
Check for a "#" at the start of the line regardless whether it is its
own token or not. We avoid unecessary calls to rc.d/zpool.
Suggested by: ivy
Fixes: b6e33f0cd536
|
| | |
|
| |
|
|
|
| |
Reviewed by: imp, ziaee (both a previous version)
Differential Revision: https://reviews.freebsd.org/D50878
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
refactor nuageinit to allow a 3rd execution point during boot:
1. nuageinit is invoked before NETWORKING with a minimalistic network setup
for openstrack and potentially other network config setup. it tries
to configure everything which is not requiring any network.
2. nuageinit is invoked again post NETWORKING but pre SERVERS, in the
phase it does all that requires network, like dealing with packages.
Note that creating users have been moved to this phase to allow the
installation of shells like bash or zsh prior the creation of the
users, before that the user creation was failing if a non installed
shell was requested.
3. nuageinit will execute at the rc.local time all the specified scripts
and commands.
MFC After: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MIT KRB5 krb5kdc differs from the Heimdal kdc.
- The MIT kdc is named krb5kdc while the Heimdal one is named kdc.
- krb5kdc -d flag has a different meaning. krb5kdc -d specifies a
database name. While the Heimdal kdc uses the -d flag to daemonize
it. krb5kdc automaticially daemonizes itself unless the -n flag is
specified.
We do this by looking at the name of the kdc program to determine if
we assume it's a Heimdal kdc or the MIT krb5kdc.
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D50813
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Legacy ZFS uses fstab to mount its datasets. In an attempt to fix
another problem 900bc0206348 broke legacy ZFS in fstab(5). This
comit works around the problem by mountcritlocal scanning /etc/fstab
for zfs mountpoint and if any are found invoke /etc/rc.d/zpool start.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D50844
|
| |
|
|
|
| |
Reported by: Kenneth Raplee
Differential Revision: https://reviews.freebsd.org/D45855
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In cases where the `/boot` directory is mounted from a different disk,
`/boot/zfs/zpool.cache` will not be found during a `rc.d/zpool`
run. This is because `/etc/fstab` mounts are mounted in
`rc.d/mountcritlocal`, which currently runs AFTER (i.e. `REQUIRE:`)
`rc.d/zpool`.
This change swaps the `rcorder` of `rc.d/zpool`'s dependency on
`mountcritlocal` from `BEFORE:` to `REQUIRE:`. This will ensure that
`/boot` (or even `/etc/` in some configurations) to be visible while
searching for `zpool.cache`.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1614
Closes: https://github.com/freebsd/freebsd-src/pull/1614
|
| |
|
|
|
| |
PR: 287503
Reported by: crest@rlwinm.de
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Variables for command-line options like $foo_flags can contain characters
that perform pathname expansions, such as '[', ']', and '*'. They were
passed without escaping, and the matched entries in the working directory
affected the command-line options. This change turns off the expansion
when run_rc_command() is called.
While this changes the current behavior, an invocation of a service
program should not depend on entries in the working directory.
Differential Revision: https://reviews.freebsd.org/D45855
|
| |
|
|
|
|
|
|
| |
Rename path into ni_path (ni stands for nuageinit) which is more
understandable and avoid a shadowing warning because we also use a
variable named path later.
Add a missing local
|
| |
|
|
|
|
| |
Execute the runcmd specified in cloudinit at the same moment as the
user_data script aka late in the boot process, to respect cloudinit
specifications
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In official cloudinit, when a user_data file starts with '#!' it
should be execute late in the boot process. To respect this nuageinit
now copy the user_data script into a /var/cache/nuageinit/user_data if
found and a new "firsboot" rcscript anchored to the 'local' rc script is
responsible to execute it if found.
Note by doing this, we fix another issue we had with nuageinit, if the
cloudinit provider provides the user_data scriptout with the executable
permission, previous implementation was not working, like apparently
what Digital Ocean is doing.
PR: 287183
Reported by: olgeni@
|
| |
|
|
|
|
|
| |
Implement package_update and package_upgrade, which allows to launch
an update of the metadata and an upgrade of the packages.
Sponsored by: OVHCloud
|
| |
|
|
|
|
| |
Installs a list of packages
Sponsored by: OVHCloud
|
| |
|
|
| |
Sponsored by: OVHCloud
|
| |
|
|
|
|
| |
runcmd contains a list of string, each item will be executed in order.
Sponsored by: OVHCloud
|
| |
|
|
|
|
|
| |
To carry out the userdata unit tests, you need to set up the environment in
order to skip adding the default user (nuage.adduser(default_user)
Sponsored by: OVHCloud
|
| |
|
|
| |
Sponsored by: OVHCloud
|
