| Age | Commit message (Collapse) | Author |
|---|
|
that abbreviated syntax is explicitly allowed by group(5). While here,
warn if it isn't the last line in the group file.
Regression reported, fix tested and ok miod@, and seems good to ajacoutot@.
Note: I'm not removing the advice to put "+\n" at the end of the group file
right now because i'm not 100% sure that advice is pointless, even though
guenther@ looked at the code an came to the conclusion OpenBSD libc ought
to cope. And i'd rather have the manuals and the syntax checker be
consistent. In case this really annoys people, it can be carefully tested
and changed later.
|
|
|
|
outside the file the call is in. Since the function is empty, gcc
optmizes the call away, breaking the gdb hook needed to resolve symbols in
lazy bound shared libs. Analysis by kettenis@; ok miod@ kettenis@
|
|
with lots of help from claudio@. Earlier version was ok mikeb@ and looks
good to markus@.
Note: tftp-proxy rdr-to rules must be changed to use divert-to and must
specify the address family.
pass in quick on internal proto udp to port tftp rdr-to 127.0.0.1 port 6969
-changes to-
pass in quick on internal inet proto udp to port tftp divert-to 127.0.0.1 port 6969
|
|
it from usage(); if any developer wants to confirm that it will never
be an option, let me know and i'll zap the text entirely;
this is one half of a diff from Amit Kulkarni - i won;t be touching the other
half;
|
|
undefined data got used.
Fix this by reporting the UID/GID numerically in that case.
Problem reported and patch provided by rd at thrush dot com.
While here, use // rather than || everywhere to detect get*id failure,
as suggested by RD Thrush. The edge case where it matters - a username
of "0" - is rather insane, but the // is more precise anyway.
|
|
>> "return if !%changed;" in check_filelist would never return
because just above "for @{$changed{xxx}}" autovivifys $changed{xxx} = []
if it is not set already. <<
I hate autovivification, and it hates me.
|
|
to the new Perl script /usr/libexec/security.
The new script was tested by sthen@ and ajacoutot@.
Committing now due to repeated prodding from deraadt@.
In case problems show up, they will be fixed in tree.
|
|
|
|
user %s mailbox is %s, group %s
This is easy because we now have the strmode() function.
From Andrew Fresh, minimally tweaked myself.
|
|
keep the format of the "Block device changes:" output exactly the same
as it was in the past. As a bonus, this also avoids lies in variable
names, making it more obvious what is actually being compared here.
|
|
|
|
heavily based on code written by Andrew Fresh,
but with considerable tweaking, mainly for simplicity;
lightly tested - there are probably still bugs, but auditing and
fixing it in the tree will be easier than with floating diffs
|
|
|
|
for chars.
|
|
* include the colon into $check_title, where needed
* always use the same style for stat calls
* and a few minor points
|
|
heavily based on code written by Andrew Fresh;
tweaked in team-work
|
|
large parts from a submission by Andrew Fresh <andrew at afresh1 dot com>
|
|
|
|
Main design goals:
1. Safely handle untrusted file names and file content.
2. Output compatibility with current security(8) to please people
parsing the output with scripts (except when improving functionality
right away saves considerable implementation effort). Substantial
functional enhancements are for later.
Prodding to do this in Perl by deraadt@.
Using some feedback from espie@.
Agree to put this in now and at this place even though only about
one third of the functionality is ready, to complete it in the tree:
beck@ espie@ millert@ deraadt@
|
|
ok jmc@
|
|
my goof noticed by Boudewijn Dijkstra.
ok beck@
|
|
|
|
value from spamd/grey.c; mostly from ohauer@gmx.de in PR/6142.
ok beck@
|
|
|
|
|
|
okay miod@
|
|
"Makes sense" markus@ and "i don't see a reason not to" henning@
|
|
|
|
|
|
races between ldconfig and ld.so
(simple commit, hours of bug hunt...)
okay kettenis@, deraad@, miod@
|
|
extended word argument slots required by the ABI.
Apparently gcc4 uses them in cases where gcc3 didn't. Fixes segmentation
faults with gcc4 because the space for the slots was colliding with
the space for dl_data that we allocated on the stack.
ok miod@, drahn@
|
|
ok espie@
|
|
library, but other library needs the one loaded. mostly ok kurt@
|
|
ship since ages. ok deraadt@ millert@
|
|
sparc has 4 byte long, but needs 8 byte alignment. recently the DIR
struct was changed to contain some off_t, which needs 8 byte alignment.
turns out the allocator calculated the bias for alignment, and then
subtracted out it's private linkage storage afterwards. on hppa this
worked because a 8-byte object can be loaded at a 4-byte boundary; on
all other architectures the situation was either 4/4 or 8/8.
thanks for a bit of help from drahn
|
|
|
|
so it works correctly with large offsets (and matches other systems).
This requires adding a new getdirentries syscall, with the old one
renamed to ogetdirentries. All in-tree consumers of getdirentries()
have been updated. Bump libc and libpthread major numbers.
OK and with deraadt@
|
|
|
|
|
|
|
|
|
|
telnet portion partially from the latest heimdal.
ok mikeb@
|
|
was imported over four years ago, so we don't need to link libdes
for kerberos anymore.
ok mikeb@ deraadt@
|
|
Fixes pr/6467. (from boudewijn at indes dot com) - ok beck@
|
|
always points to a pointer that is initialized to NULL. Consistently use
NULL instead of mixing NULL and 0 to make the pattern more obvious.
Fixes nm(1) crashes that happen when you pass it multiple object files on
the command line.
ok miod@
|
|
|
|
Update our sources appropriately. OK deraadt@ jsg@
|
|
ok and suggestion from jmc@ ok tobias@
|
|
meaningful usage when a snprintf call was removed, rendering ident useless. Time to remove remaining code.
ok tobias@
|
