summaryrefslogtreecommitdiff
path: root/bin
AgeCommit message (Collapse)Author
2021-10-24For open/openat, if the flags parameter does not contain O_CREAT, theTheo de Raadt
3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
2021-10-23stty(1) can't be pledged for all modes, but it can be unveiled. the only file toRicardo Mestre
be opened is on stty -f `file', so call unveil(2) afterwards to restrict all fs access. OK deraadt@
2021-10-15Don't declare variables as "unsigned char *" that are passed toChristian Weisgerber
functions that take "char *" arguments. Where such chars are assigned to int or passed to ctype functions, explicitly cast them to unsigned char. For OpenBSD's clang, -Wpointer-sign has been disabled by default, but when the parse.y code was built elsewhere, the compiler would complain. With help from millert@ ok benno@ deraadt@
2021-10-09In ksh(1) emacs search-history mode, emitting a NUL character causesAlexander Hall
invalid matches and unexpected behaviour. Fix this by instead making a NUL character abort the search-history mode, leaving the handling of said input to the "ordinary" command editing. ok tb@
2021-08-31add support for obtaining sense status and source slot of a mediaRobert Nagy
this fixes a bug in bacula where the catalog was not properly kept up-to-date if a tape was in a drive becuse its source slot was unknown based on code from FreeBSD; ok krw@ picker 0: sense: <0x00/0x00> voltag: <:0> avoltag: <:0> source: <> slot 0: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1168L1:0> avoltag: <:0> source: <slot 0> slot 1: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1187L1:0> avoltag: <:0> source: <slot 1> slot 2: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1184L1:0> avoltag: <:0> source: <slot 2> slot 3: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1195L1:0> avoltag: <:0> source: <slot 3> slot 4: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1037L1:0> avoltag: <:0> source: <slot 4> slot 5: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1038L1:0> avoltag: <:0> source: <slot 5> slot 6: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1166L1:0> avoltag: <:0> source: <slot 6> slot 7: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1167L1:0> avoltag: <:0> source: <slot 7> slot 8: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1180L1:0> avoltag: <:0> source: <slot 8> slot 9: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1186L1:0> avoltag: <:0> source: <slot 9> slot 10: <ACCESS> sense: <0x00/0x00> voltag: <:0> avoltag: <:0> source: <picker 0> slot 11: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1182L1:0> avoltag: <:0> source: <slot 11> slot 12: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1181L1:0> avoltag: <:0> source: <slot 12> slot 13: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1196L1:0> avoltag: <:0> source: <slot 13> slot 14: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1169L1:0> avoltag: <:0> source: <slot 14> slot 15: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1197L1:0> avoltag: <:0> source: <slot 15> slot 16: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1165L1:0> avoltag: <:0> source: <slot 16> slot 17: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1199L1:0> avoltag: <:0> source: <slot 17> slot 18: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1189L1:0> avoltag: <:0> source: <slot 18> slot 19: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1185L1:0> avoltag: <:0> source: <slot 19> slot 20: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1198L1:0> avoltag: <:0> source: <slot 20> slot 21: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1039L1:0> avoltag: <:0> source: <slot 21> slot 22: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1035L1:0> avoltag: <:0> source: <slot 22> slot 23: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1188L1:0> avoltag: <:0> source: <slot 23> drive 0: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1183L1:0> avoltag: <:0> source: <slot 10>
2021-08-28/bin/ps: Implement reporting of supplemental groupsChristopher Zimmermann
with help from sthen@ and tim@. OK tim@
2021-08-11If the -f argument includes %s, we need to use timegm(3) ratherIngo Schwarze
than mktime(3) because the UNIX Epoch is defined in UTC rather than in the local timezone. Combining %s with other format specifiers is usually not useful. But if a user does that, then parsing the whole input as UTC seems better than parsing some of it as UTC and some of it in the local time zone. Bug found by Bryan Vyhmeister. The final patch is joint work with and OK by gerhard@. No objection when shown on tech@.
2021-07-12Change the error reporting pattern throughout the tree when unveilBob Beck
fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion. Work done and verified by Ashton Fagg <ashton@fagg.id.au> ok deraadt@ semarie@ claudio@
2021-07-05Do not permit an empty list between "while" and "do".Todd C. Miller
This avoids a cpu loop for "while do done" and is consistent with the behavior of AT&T ksh and most other shells. OK jca@ halex@
2021-07-02Before calling setrlimit(), pull cur up to max.Theo de Raadt
ok millert
2021-06-27In addition to 2-byte and 3-byte UTF-8 sequences, correctly identify allIngo Schwarze
4-byte UTF-8 sequences and not just some of them, to keep them together and avoid passing them on byte by byte, helping tools like tmux(1). While here, also do all the range tests with < and > rather than & for uniformity and readability, and add some comments. Input and OK jca@ and nicm@. Soeren at Soeren dash Tempel dot net originally reported the bug and provided an incomplete patch that was used as a starting point, and he also tested this final patch.
2021-06-26delete extra explanations in the usage: messages which are describedTheo de Raadt
far better in the manual pages ok jmc
2021-06-1432-bit systems incorrectly parse the (64-bit) length of ustar extendedTheo de Raadt
headers (hd->size) using a 32-bit operation. from Samanta Navarro ok guenther
2021-05-04shell scripts should use getopts instead of getoptChristian Weisgerber
Add a prominent deprecation notice to getopt.1. Add examples of the getopts idiom to sh.1 and ksh.1. Requested by and ok espie@, ok jmc@
2021-04-29Use a universally understood example time (with AM, which is even easierTheo de Raadt
to understand) from Edgar Pettijohn
2021-04-05Remove unused variableskn
From Daniel Kovacic <daniel dot kovacic at unbugd dot com>, thanks! No object change.
2021-03-12Provide definition of CTRL in vi.c like we do for emacs.c.Todd C. Miller
Fixes a portability issue. From Benjamin Baier
2021-03-11groff complains about the word "An" in an Rs/Re block, believing it a macro,Jason McIntyre
so escape it;
2021-03-10Add support for ^R (redraw) in insert mode too.Todd C. Miller
From gotroyb127, OK tb@
2021-03-10Fix redrawing of a multiline PS1 prompt in vi mode.Todd C. Miller
From gotroyb127 OK tb@
2021-03-08use a journal reference instead of cstr when possibleJonathan Gray
2021-03-08Add some references, most of these were removed when we stopped buildingJonathan Gray
and installing USD/SMM/PSD docs. jmc@ agrees with the direction, ok millert@ on an earlier diff
2021-03-05Fix old ksh bug: wrong variable being looked up when value is provided.Vadim Zhukov
This results, e.g., in allowing the first item of a read-only array to be overwritten, as found by Jordan Geoghegan. okay tb@
2020-12-11cat(1): -n flag: correctly enumerate files with more than INT_MAX linescheloha
If we bump 'lines' from an int to an unsigned long long we can trivially support files with more than INT_MAX lines. ok millert@
2020-12-04cat(1): misc. style(9)cheloha
- Use getprogname(3) instead of __progname. - Sprinkle in some missing braces. - Prefer err(..., NULL) when malloc(3) fails. - Remove an unnecessary cast to from ssize_t to size_t.
2020-12-04cat(1): simplify argv processing loopscheloha
cook_args() and raw_args() do some peculiar things in order to avoid calling cook_buf() and raw_cat(), respectively, in more than one place. The result is a convoluted. If we isolate the special cases from the normal case and just call these functions in multiple places the loops will be easier to read. Three things: 1. Pull the no-args case out of the loop. If *argv is NULL when we get into the argv processing function we just want to operate on the standard input and return early. It makes no sense to handle this case *in* the loop. 2. Isolate the "-" case from the filename case. If *argv is "-" we want to operate on the standard input. We can then do any stdin-specific cleanup within the same branch, which makes it easier to understand both the "-" case and the normal filename case. This also allows us to remove the 'filename' intermediate variable from both argv processing functions. 3. While we're here, use a for-loop and iterate argv in the loop header. Now argv is incremented in one place. ok martijn@
2020-12-03cat(1): remove global 'filename' variablecheloha
There is no need for the global filename variable. Both cook_buf() and raw_cat() can accept a filename variable from the caller to use for printing warnings. ok martijn@
2020-10-29replace the "write a floppy image" example with a more up to date one;Jason McIntyre
input/ok deraadt jca
2020-10-26In lib/libc/gen/charclass.h r1.3 guenther made cclasses const.Theo Buehler
Mark the pointer used to walk the array in ksh const as well. From Matthew Martin ok guenther
2020-10-19Add explicit casts to double to quiet a clang warning.Todd C. Miller
OK deraddt@
2020-10-15Explicitly skip a leading "/dev/" and do not rely on basename(3) andChristian Weisgerber
non-POSIX basename semantics. ok millert@
2020-10-07If we are asked to print the total number of blocks, do so even ifTodd C. Miller
we have no entries to print (either due to an empty directory or an error). This makes the -l and -s options more consistent, and matches the behavior of AT&T and GNU ls. From FreeBSD (das). OK kn@
2020-10-06I observed "csh i < file-containing-^T" to hit tenex(), which proceeds toTheo de Raadt
perform tty(4) ioctl operations against a non-tty. That is a pledge violation, you can only do a subset of tty(4) ioctl against a fd which references a tty device. Sidestep this problem if the input descriptor is not a tty ok anton millert
2020-10-05-f - can respresent both stdin and stdout; rework the text a littleJason McIntyre
to make it read better; reported by roderick ok millert
2020-10-03Use ferror() to check for write error, not the fflush() return value.Todd C. Miller
We can't rely on buffering to catch write errors in fflush(). Based on a diff from Demi M. Obenour, OK kn@
2020-09-20Clear screen before redrawing the line with ^L, also in input mode.Todd C. Miller
This is similar to the emacs mode clear-screen command. Unlike bash, but like zsh, ^L also works in input mode, not just command mode. OK kn@ tb@
2020-09-13Fix "$@" splitting with empty IFSTheo Buehler
One uncommon but useful way of writing shell scripts is to start off by disabling field/word splitting (IFS='') and pathname expansion/globbing (set -f), re-enabling either or both only for the commands that need them, e.g. within a subshell. This helps avoid a lot of snags with field splitting and globbing if you forget to quote a variable somewhere, adding to the general robustness of a script. (In fact it eliminates much of the need to quote variable/parameter expansions, with empty removal remaining as the only issue.) Unfortunately OpenBSD ksh (like all pdksh variants except mksh) has a POSIX compliance bug that is a show stopper for this approach: "$@" does not generate words (arguments) if IFS is empty. As a result, the separate command arguments represented by "$@" become a single argument. So passing on an intact set of positional parameters to a command or function is impossible with field splitting disabled. Of course this is illogical: the quoted special parameter "$@" generates zero or more words, it doesn't split any words, so the contents of IFS (or lack thereof) should be neither here nor there. It's old ksh88 behaviour copied by the original pdksh, but it violates POSIX and it has been fixed many years ago in ksh93 and all other POSIX shells. From Martijn Dekker (who also wrote the above paragraphs) back in 2016. Thanks to Avi Halachmi for reminding us of the issue. ok czarkoff deraadt kn
2020-08-30Fix multiple variable definitions to avoid errors with -fno-common.mortimer
ok millert@
2020-08-03clang10 identifies an argv[] comparison against '\0' instead of NULL,Theo de Raadt
it results in the same, but is incorrect. ok millert
2020-07-22Collapse consecutive stars to avoid exponential behavior.Todd C. Miller
OK tb@
2020-07-08Clarify that csh's -f flag is not just about .cshrc.Todd C. Miller
We don't need to be too specific about this in su(1), leave the details for csh(1). OK jca@
2020-07-07Add support for set -o pipefailJeremie Courreges-Anglas
With the pipefail option set, the exit status of a pipeline is 0 if all commands succeed, or the return status of the rightmost command that fails. This can help stronger error checking, but is not a silver bullet. For example, commands will exhibit a non-zero exit status if they're killed by a SIGPIPE when writing to a pipe. Yet pipefail was considered useful enough to be included in the next POSIX standard. This implementation remembers the value of the pipefail option when a pipeline is started, as described as option 1) in https://www.austingroupbugs.net/view.php?id=789#c4102 Requested by ajacoutot@, ok millert@
2020-07-06Always print the directory name in -R mode; matches historical behavior.Todd C. Miller
Previously, our ls would only print the directory name when listing more than one directory, which is the correct behavior for non-recursive ls but not for -R mode. OK deraadt@
2020-07-06Fix skipping of directories that begin with a '.' in -R mode.Todd C. Miller
It is not enough to avoid displaying the contents of the directory, we need to set FTS_SKIP to avoid descending into any subdirs too. Otherwise, if a ".foo" directory has a subdirectory "bar", ls will descend into bar and display its contents. OK deraadt@
2020-05-22Fix the exit code when eval()uating a || compound list, it wouldSebastian Benoit
terminate the shell when running under -e. See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=269067 and Bug reported including fix by Leah Neukirchen, Thanks! ok millert@
2020-05-17Change install images called *.fs to *.img. These are UFS filesystem images,Theo de Raadt
but additionally have a bootblock in the first 8K (since UFS does not use that space). There are some UEFI direct-from-internet bootloaders that require the name *.img. So this makes things more convenient for those, while keeping it consistant in all architectures. ok kettenis beck kn
2020-05-08Use proper function pointer type instead of void *Jeremie Courreges-Anglas
Mixing up function and void pointers isn't defined by POSIX or the C standard. POSIX only specifies that casting the result of dlsym(3) to an appropriate function pointer works. Avoid all this by using a typedef. from Michael Forney, ok tb@
2020-03-23in case we can't create intermediate directories because of permissions,Marc Espie
show a less confusing track okay millert@ (with a small tweak to the error message by millert@)
2020-02-25sleep(1): style(9) and other dustingcheloha
- Sort includes alphabetically - Sort prototypes alphabetically - Sort stack variables by size - Add missing braces to the getopt(3) loop - Be explicit: there is *one* argument, so use argv[0], not *argv - If nanosleep(2) somehow fails, say that "nanosleep" failed when we err(3) - Remove extra parentheses from the return statement - De-(void) the obvious fprintf(3) in usage() - __progname -> getprogname(3) - POSIX 1003.2 has long since become POSIX.1 - Remove an ARGUSED linter comment - stdio(3) flushing is not the only potential issue with an exit(3) from a signal handler. Just note that exit(3) isn't safe and leave it at that.
2020-02-21Enforce that TMOUT is an integer literal to prevent command execution fromTheo Buehler
the environment at shell initialization time. During startup, ksh calls 'eval typeset -i TMOUT="${TMOUT:-0}"'. which allows command injection via arithmetic expansion, e.g., by setting TMOUT to 'x[`/bin/echo Hi >&2`]'. Problem noted by Andras Farkas and tj, inspired by a similar issue in AT&T's ksh. Tested in snaps for two weeks. "go for it" deraadt