aboutsummaryrefslogtreecommitdiff
path: root/sbin
Commit message (Collapse)AuthorAgeFilesLines
* Fix sconfig(8) build.Gleb Smirnoff19 hours4-9/+3
| | | | | | | Missed that since sconfig(8) was built on i386 only. Since I enabled cp(4) on amd64, enable sconfig(8) as well. Fixes: 6aae3517ed25
* Retire synchronous PPP kernel driver sppp(4).Gleb Smirnoff21 hours6-573/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The last two drivers that required sppp are cp(4) and ce(4). These devices are still produced and can be purchased at Cronyx <http://cronyx.ru/hardware/wan.html>. Since Roman Kurakin <rik@FreeBSD.org> has quit them, they no longer support FreeBSD officially. Later they have dropped support for Linux drivers to. As of mid-2020 they don't even have a developer to maintain their Windows driver. However, their support verbally told me that they could provide aid to a FreeBSD developer with documentaion in case if there appears a new customer for their devices. These drivers have a feature to not use sppp(4) and create an interface, but instead expose the device as netgraph(4) node. Then, you can attach ng_ppp(4) with help of ports/net/mpd5 on top of the node and get your synchronous PPP. Alternatively you can attach ng_frame_relay(4) or ng_cisco(4) for HDLC. Actually, last time I used cp(4) back in 2004, using netgraph(4) instead of sppp(4) was already the right way to do. Thus, remove the sppp(4) related part of the drivers and enable by default the negraph(4) part. Further maintenance of these drivers in the tree shouldn't be a big deal. While doing that, remove some cruft and enable cp(4) compilation on amd64. The ce(4) for some unknown reason marks its internal DDK functions with __attribute__ fastcall, which most likely is safe to remove, but without hardware I'm not going to do that, so ce(4) remains i386-only. Reviewed by: emaste, imp, donner Differential Revision: https://reviews.freebsd.org/D32590 See also: https://reviews.freebsd.org/D23928
* ping: fix parsing of options including '4' and '6'Alan Somers3 days5-38/+84
| | | | | | | | | | | | | | | | | | ping uses a two-pass option parser. The first pass determines whether ipv4 or ipv6 is desired, and the second parses the rest of the options. But the first pass wrongly detects a '4' or '6' in an option's value as a request to use ipv6 or ipv6 respectively, for example in an invocation like "ping -c6 1.2.3.4". Fix this confusion by including all options in the first round of parsing, but ignoring those unrelated to ipv4/ipv6 selection. PR: 258048 Reported by: ghuckriede@blackberry.com Submitted by: ghuckriede@blackberry.com MFC after: 2 weeks Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D32344
* camcontrol(8): Clean up references to removed symbolsFelix Johnson3 days1-13/+3
| | | | | | | | | | | Patch the manpage to remove references to devq_openings and devq_queued. Document the allocated tag that has been added in the same commit. The relevant code change was committed as r271588 (959ec2581b23aefebb3bae26c527c1b25834a9e3) by mav@. PR: 223651 MFH after: 3 days Reported by: Bertrand Petit <bsdpr@phoe.frmug.org>
* devd(8): Note default config file search locationsFelix Johnson4 days1-1/+7
| | | | | | PR: 197003 MFC after: 3 days Reported by: Harald Schmalzbauer <bugzilla.freebsd@omnilan.de>
* pfctl: delay label macro expansion until after rule optimisationKristof Provost8 days3-49/+44
| | | | | | | | | | | | | We used to expand the $nr macro in labels into the rule number prior to the optimisation step. This would occasionally produce incorrect rule numbers in the labels. Delay all macro expansion until after the optimisation step to ensure that we expand the correct values. MFC after: 1 week Reported by: Özkan KIRIK <ozkan.kirik@gmail.com> Differential Revision: https://reviews.freebsd.org/D32488
* sbin/mount_fusefs/mount_fusefs.8: Fix typosElyes HAOUAS2021-10-091-3/+3
| | | | | | | | | | "expicitly" --> "explicitly" "uknown" --> "unknown" Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> MFC after: 3 days Pull Request: https://github.com/freebsd/freebsd-src/pull/552
* Avoid lost buffers in fsck_ffs.Kirk McKusick2021-10-071-7/+11
| | | | | | | | | The ino_blkatoff() and indir_blkatoff() functions failed to release the buffers holding second and third level indirect blocks. This commit ensures that these buffers are now properly released. MFC after: 1 week Sponsored by: Netflix
* pfctl: Remove unused variableKristof Provost2021-10-072-2/+0
| | | | | MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate")
* ncurses: chase dependency changes in the source treeBaptiste Daroussin2021-10-041-1/+1
| | | | Differential Revision: https://reviews.freebsd.org/D32098
* pfctl: userspace adaptive syncookies configrationKristof Provost2021-09-294-5/+102
| | | | | | | | Hook up the userspace bits to configure syncookies in adaptive mode. MFC after: 1 week Sponsored by: Modirum MDPay Differential Revision: https://reviews.freebsd.org/D32136
* mount: make libxo support more locale-awarePiotr Pawel Stefaniak2021-09-271-3/+3
| | | | | | | "special", "node", and "mounter" are not guaranteed to be encoded with UTF-8. Use the appropriate modifier. Reported by: eugen@
* mount: Don't pass a NULL format string to xo_err().John Baldwin2021-09-251-1/+1
| | | | | | This fixes a -Wformat error from GCC 9. Fixes: e725ee7eb672 mount: add libxo(3) support
* mount: add libxo(3) supportCameron Katri2021-09-243-55/+114
| | | | | | Adds --libxo to mount(8). Differential Revision: https://reviews.freebsd.org/D30341
* pf: support dummynetKristof Provost2021-09-242-0/+50
| | | | | | | | | | | | Allow pf to use dummynet pipes and queues. We re-use the currently unused IPFW_IS_DUMMYNET flag to allow dummynet to tell us that a packet is being re-injected after being delayed. This is needed to avoid endlessly looping the packet between pf and dummynet. MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31904
* veriexec: Fix veriexec -i's confusion between loaded and locked statesStephane Rochoy2021-09-231-1/+1
| | | | | | | | Calling veriexec -i locked return the state of loaded and vice-versa. Differential revision: https://reviews.freebsd.org/D30952 Reviewed by: sjg,imp Obtained from: Stromshield
* Eliminate an unnecessary rerun request in fsck_ffs.Kirk McKusick2021-09-221-1/+0
| | | | | | | | | | | | When fsck_ffs is running in preen mode and finds a zero-length directory, it deletes that directory. In doing this operation, it unnecessary set its internal flag saying that fsck_ffs needed to be rerun. This patch deletes the rerun request for this case. Reported by: Mark Johnson PR: 246962 MFC after: 1 week Sponsored by: Netflix
* nvmecontrol: Display Metadata and Sanitize capabilities of the deviceAllan Jude2021-09-212-1/+43
| | | | | | | | | | | | | | | | Determine if a device supports "Extended" or "Separate" metadata, and what the current metadata setting is (None, Extended, Separate) Also determine if the device supports: - Sanitize Crypto Erase - Sanitize Block Erase - Sanitize Overwrite Reviewed by: chuck Sponsored by: NetApp, Inc. Sponsored by: Klara, Inc. X-NetApp-PR: #49 Differential Revision: https://reviews.freebsd.org/D31067
* camcontrol: depop commandWarner Losh2021-09-205-1/+377
| | | | | | | | | | | | | | | | | | | Implement and document the new depop command. This command manages drive elements for drives that support it. Storage elements are typically heads. Element status can be discovered. Elements may be removed or restored. And the status of any current depop operation can be assessed. depop -d elm will remove element elm and truncate available capacity. depop -l will list the current drive elements and their current status. depop -r elm will try to restore all retired elements and rebuild capacity. Changing storage elements may reinitialize the drive. This operation will lose data and may take hours to complete. Use the drive provided timeout for operations by default. Reviewed by: gbe (manpages) Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D29018
* md: Add MD_MUSTDEALLOC supportKa Ho Ng2021-09-112-3/+39
| | | | | | | | | | | This adds an option to detect if hole-punching is implemented by the underlying file system. If this flag is set, and if the underlying file system does not support hole-punching, md(4) fails BIO_DELETE requests with EOPNOTSUPP. Sponsored by: The FreeBSD Foundation Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D31883
* ipfw: Introduce dnctlKristof Provost2021-09-085-116/+189
| | | | | | | | | | | | | | Introduce a link to the ipfw command, dnctl, for dummynet configuration. dnctl only handles dummynet configuration, and is part of the effort to support dummynet in pf. /sbin/ipfw continues to accept pipe, queue and sched commands, but these can now also be issued via the new dnctl command. Reviewed by: donner MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30465
* pkgbase: Move spppcontrol to FreeBSD-pppEmmanuel Vadot2021-09-071-0/+2
| | | | | | | This program belong with the other ppp-related programs. Differential Revision: https://reviews.freebsd.org/D31792 Reviewed by: emaste
* pkgbase: Create a FreeBSD-ggate packageEmmanuel Vadot2021-09-073-0/+3
| | | | | | Move ggate* to it. Differential Revision: https://reviews.freebsd.org/D31790
* pfctl: print counters in decimalKristof Provost2021-09-041-6/+6
| | | | | | | | | 795d78a46713 pfctl: Don't use PRIu64 mistakenly changed these to be printed as hexadecimal numbers. Reported by: Florian Smeets MFC after: 4 days Sponsored by: Rubicon Communications, LLC ("Netgate")
* pfctl: Don't use PRIu64Kristof Provost2021-09-021-7/+6
| | | | | | | | | Rather than PRIu64 we can just treat the data as uintmax_t, and use %jx instead. MFC after: 1 week Suggested by: kib Sponsored by: Rubicon Communications, LLC ("Netgate")
* mdconfig: Add a regression test for mediasize roundingMark Johnston2021-08-311-0/+31
| | | | | MFC after: 1 week Sponsored by: The FreeBSD Foundation
* Fix -Wformat errors in pfctl on 32-bit architecturesDimitry Andric2021-08-291-2/+2
| | | | | | | | | | Use PRIu64 to printf(3) uint64_t quantities, otherwise this will result in "error: format specifies type 'unsigned long' but the argument has type 'uint64_t' (aka 'unsigned long long') [-Werror,-Wformat]" on 32-bit architectures. Fixes: 80078d9d38fd MFC after: 1 week
* pfctl: use libpfctl to retrieve pf statusKristof Provost2021-08-293-37/+33
| | | | | | | | Rather than call DIOCGETSTATUS ourselves use the new libpfctl functions. MFC after: 1 week Sponsored by: Modirum MDPay Differential Revision: https://reviews.freebsd.org/D31697
* Fix a common typo in man pages and src commentsGordon Bergling2021-08-281-1/+1
| | | | | | - s/desciptor/descriptor/ MFC after: 5 days
* Fix remote code execution in ggatec(8).Gordon Tetlow2021-08-241-0/+20
| | | | | | Approved by: so Security: SA-21:14.ggatec Security: CVE-2021-29630
* pfctl: build fixKristof Provost2021-08-241-1/+2
| | | | | | | Fix the build issue introduced in e59eff9ad328 (pfctl: fix killing states by ID) MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate")
* pfctl: fix killing states by IDKristof Provost2021-08-241-2/+0
| | | | | | | | | | | Since the conversion to the new DIOCKILLSTATESNV the kernel no longer exists the id and creatorid to be big-endian. As a result killing states by id (i.e. `pfctl -k id -k 12345`) no longer worked. Reported by: Özkan KIRIK MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate")
* dhclient: skip_to_semi() consumes semicolon alreadyFranco Fichtner2021-08-191-10/+5
| | | | | | | | | When invalid statement is found the next statement is skipped even if it is valid. Reviewed by: markj MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D31527
* dhclient: remove patching of static values in BPF programsFranco Fichtner2021-08-191-28/+11
| | | | | | Reviewed by: markj MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D31502
* ipfw: use unsigned int for dummynet bandwidthLuiz Otavio O Souza2021-08-191-6/+7
| | | | | | | | | | | This allows the maximum value of 4294967295 (~4Gb/s) instead of previous value of 2147483647 (~2Gb/s). Reviewed by: np, scottl Obtained from: pfSense MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31582
* dhclient: support supersede statement for option 54Fabian Kurtz2021-08-181-4/+13
| | | | | | | | | PR: 217978 Reported by: Franco Fichtner <franco@opnsense.org> Reviewed by: markj Obtained from: OPNsense MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D31503
* md5(1): Fix a typo in the manual pageGordon Bergling2021-08-141-1/+1
| | | | | | - s/compatibilty/compatibility/ MFC after: 5 days
* dumpon: fix build on some architecturesEric van Gyzen2021-08-121-2/+2
| | | | | | | | | Fix a -Wsign-compare issue on some architectures. Fixes: 96f9bd46547d6dfbaf219ab449efacacb0dacccc Pointy hat to: me MFC after: 1 week Sponsored by: Dell EMC Isilon
* dumpon: fix encrypted dumps after commit 372557d8c3dEric van Gyzen2021-08-111-0/+14
| | | | | | | | | | | | | | | | | That commit moved key generation into a child process, including a memory allocation referenced by a structure. The child wrote the structure to the parent over a pipe, but did not write the referenced allocation. The parent read the structure from the child and used its pointer, which was bogus in the parent. In the child, send both chunks of data to the parent. In the parent, make a corresponding allocation and read both chunks. Fixes: 372557d8c3d37dd0c1d9be56513a436393963848 Reviewed by: bdrewery, markj MFC after: 1 week Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D31452
* iscontrol(8): Fix a typo in a structGordon Bergling2021-08-111-1/+1
| | | | | | - s/suport/support/ MFC after: 5 days
* ipfw(8): Fix a typo in an error messageGordon Bergling2021-08-111-1/+1
| | | | | | - s/suport/support/ MFC after: 5 days
* devmatch: Ignore the pnp fields tagged as ignore ('#')Warner Losh2021-08-101-0/+14
| | | | | | | | | | | | When matching entries, we should ignore those with a name of '#'. It's the standard way to skip elements and need to be present to have the proper offsets to the fields that are observed. No bus has a pnp attribute of '#' and that is now disallowed for future buses that are written. Sponsored by: Netflix Reviewed by: kbowling Differential Revision: https://reviews.freebsd.org/D31482
* pkgbase: Add nfsiod to the FreeBSD-nfs packageEmmanuel Vadot2021-08-061-0/+2
| | | | Missed in 081fb644925f
* etherswitch: Add a new striptagingress port flagKornel Duleba2021-08-032-1/+9
| | | | | | | | | | | Felix switch found in LS1028A supports stripping VLAN tag on ingress, instead of egress. The striptag flag excepts the latter behaviour. Add a new flag to support the feature. Obtained from: Semihalf Sponsored by: Alstom Group Differential Revision: https://reviews.freebsd.org/D30922
* socket: Implement SO_RERRORRoy Marples2021-07-281-1/+12
| | | | | | | | | | | | | | | | | | SO_RERROR indicates that receive buffer overflows should be handled as errors. Historically receive buffer overflows have been ignored and programs could not tell if they missed messages or messages had been truncated because of overflows. Since programs historically do not expect to get receive overflow errors, this behavior is not the default. This is really really important for programs that use route(4) to keep in sync with the system. If we loose a message then we need to reload the full system state, otherwise the behaviour from that point is undefined and can lead to chasing bogus bug reports. Reviewed by: philip (network), kbowling (transport), gbe (manpages) MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D26652
* bpf: Add an ioctl to set the VLAN Priority on packets sent by bpfLuiz Otavio O Souza2021-07-266-1/+26
| | | | | | | | | | This allows the use of VLAN PCP in dhclient, which is required for certain ISPs (such as Orange.fr). Reviewed by: bcr (man page) MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31263
* dumpon: Fix unconfiguring netdump with "off" and "/dev/null".Bryan Drewery2021-07-261-0/+18
| | | | | | | | | | | Netdump has its own configuration tracking such that ioctl(/dev/null, DIOCSKERNELDUMP) does a dumper_remove() but does not notify netdump about the removal. Simply sending the same ioctl to /dev/netdump handles the situation. Reviewed by: markj, cem Sponsored by: Dell EMC Differential Revision: https://reviews.freebsd.org/D31300
* dumpon: Fix -v causing error when configuring an encrypted dumpBryan Drewery2021-07-261-1/+46
| | | | | | | | | | | | | | | | If -v is specified when adding a new device then a full listing of configured devices is displayed. This requires sysctl access which genkey()'s use of capability mode was blocking permission to access. This leads to both confusing console spam but also incorrectly returning an error status even if no other had been encountered. dumpon: Sysctl get 'kern.shutdown.dumpdevname': Operation not permitted Fix this by generating the key in a child process. Reviewed by: markj Sponsored by: Dell EMC Differential Revision: https://reviews.freebsd.org/D31266
* init: execute /etc/rc.final after all user processes have terminatedKyle Evans2021-07-233-3/+66
| | | | | | | | | | | This can be useful for, e.g., unmounting filesystems that were needed for shutdown. Reviewed by: kib Sponsored by: NetApp, Inc. Sponsored by: Klara, Inc. X-NetApp-PR: #63 Differential Revision: https://reviews.freebsd.org/D31230
* pfctl: syncookie configurationKristof Provost2021-07-204-6/+54
| | | | | | | | | pfctl and libpfctl code required to enable/disable the syncookie feature. MFC after: 1 week Sponsored by: Modirum MDPay Differential Revision: https://reviews.freebsd.org/D31140