From owner-p4-projects@FreeBSD.ORG Sat Apr 22 15:57:06 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4C45E16A403; Sat, 22 Apr 2006 15:57:06 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E838316A400 for ; Sat, 22 Apr 2006 15:57:05 +0000 (UTC) (envelope-from soc-bushman@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 952EF43D45 for ; Sat, 22 Apr 2006 15:57:05 +0000 (GMT) (envelope-from soc-bushman@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k3MFv5UY048613 for ; Sat, 22 Apr 2006 15:57:05 GMT (envelope-from soc-bushman@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k3MFv5PU048604 for perforce@freebsd.org; Sat, 22 Apr 2006 15:57:05 GMT (envelope-from soc-bushman@freebsd.org) Date: Sat, 22 Apr 2006 15:57:05 GMT Message-Id: <200604221557.k3MFv5PU048604@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to soc-bushman@freebsd.org using -f From: soc-bushman To: Perforce Change Reviews Cc: Subject: PERFORCE change 95879 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Apr 2006 15:57:06 -0000 http://perforce.freebsd.org/chv.cgi?CH=95879 Change 95879 by soc-bushman@soc-bushman_stinger on 2006/04/22 15:56:22 cached script added to etc/rc.d Affected files ... .. //depot/projects/soc2005/nsswitch_cached/src/etc/defaults/rc.conf#3 integrate .. //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/SERVERS#2 integrate .. //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/cached#1 add .. //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/named#2 integrate .. //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/ntpd#2 integrate .. //depot/projects/soc2005/nsswitch_cached/src/etc/rc.subr#3 integrate .. //depot/projects/soc2005/nsswitch_cached/src/include/rpc/rpcent.h#3 edit .. //depot/projects/soc2005/nsswitch_cached/src/lib/libc/gen/wordexp.3#3 integrate .. //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/jexec/Makefile#3 integrate .. //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/jexec/jexec.8#3 integrate .. //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/jexec/jexec.c#3 integrate .. //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c#7 integrate Differences ... ==== //depot/projects/soc2005/nsswitch_cached/src/etc/defaults/rc.conf#3 (text+ko) ==== @@ -15,7 +15,7 @@ # For a more detailed explanation of all the rc.conf variables, please # refer to the rc.conf(5) manual page. # -# $FreeBSD: src/etc/defaults/rc.conf,v 1.280 2006/04/13 18:34:13 brooks Exp $ +# $FreeBSD: src/etc/defaults/rc.conf,v 1.281 2006/04/18 15:02:24 flz Exp $ ############################################################## ### Important initial Boot-time options #################### @@ -260,6 +260,7 @@ ntpdate_flags="-b" # Flags to ntpdate (if enabled). ntpd_enable="NO" # Run ntpd Network Time Protocol (or NO). ntpd_program="/usr/sbin/ntpd" # path to ntpd, if you want a different one. +ntpd_config="/etc/ntp.conf" # ntpd(8) configuration file ntpd_sync_on_start="NO" # Sync time on ntpd startup, even if offset is high ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntpd.drift" # Flags to ntpd (if enabled). ==== //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/SERVERS#2 (text+ko) ==== @@ -1,11 +1,11 @@ #!/bin/sh # # $NetBSD: SERVERS,v 1.9 2002/03/22 04:33:57 thorpej Exp $ -# $FreeBSD: src/etc/rc.d/SERVERS,v 1.6 2006/02/19 08:18:48 dougb Exp $ +# $FreeBSD: src/etc/rc.d/SERVERS,v 1.7 2006/04/19 05:10:34 delphij Exp $ # # PROVIDE: SERVERS -# REQUIRE: mountcritremote abi +# REQUIRE: mountcritremote abi ldconfig # This is a dummy dependency, for early-start servers relying on # some basic configuration. ==== //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/named#2 (text+ko) ==== @@ -1,6 +1,6 @@ #!/bin/sh # -# $FreeBSD: src/etc/rc.d/named,v 1.24 2006/02/13 08:45:50 dougb Exp $ +# $FreeBSD: src/etc/rc.d/named,v 1.26 2006/04/20 12:30:12 delphij Exp $ # # PROVIDE: named ==== //depot/projects/soc2005/nsswitch_cached/src/etc/rc.d/ntpd#2 (text+ko) ==== @@ -1,6 +1,6 @@ #!/bin/sh # -# $FreeBSD: src/etc/rc.d/ntpd,v 1.12 2005/12/21 09:48:41 dougb Exp $ +# $FreeBSD: src/etc/rc.d/ntpd,v 1.13 2006/04/18 15:02:24 flz Exp $ # # PROVIDE: ntpd @@ -15,12 +15,17 @@ command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" start_precmd="ntpd_precmd" -required_files="/etc/ntp.conf" + +load_rc_config $name + +required_files="${ntpd_config}" ntpd_precmd() { + rc_flags="-c ${ntpd_config} ${ntpd_flags}" + if checkyesno ntpd_sync_on_start; then - rc_flags="-g ${ntpd_flags}" + rc_flags="-g $rc_flags" fi if [ -z "$ntpd_chrootdir" ]; then @@ -47,5 +52,4 @@ rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags" } -load_rc_config $name run_rc_command "$1" ==== //depot/projects/soc2005/nsswitch_cached/src/etc/rc.subr#3 (text+ko) ==== @@ -1,5 +1,5 @@ -# $NetBSD: rc.subr,v 1.65 2004/10/12 14:45:29 lukem Exp $ -# $FreeBSD: src/etc/rc.subr,v 1.55 2006/04/13 08:30:43 flz Exp $ +# $NetBSD: rc.subr,v 1.66 2006/04/01 10:05:50 he Exp $ +# $FreeBSD: src/etc/rc.subr,v 1.56 2006/04/18 15:16:55 flz Exp $ # # Copyright (c) 1997-2004 The NetBSD Foundation, Inc. # All rights reserved. @@ -245,7 +245,9 @@ # If interpreter != ".", read the first line of procname, remove the # leading #!, normalise whitespace, append procname, and attempt to # match that against each command, either as is, or with extra words -# at the end. +# at the end. As an alternative, to deal with interpreted daemons +# using perl, the basename of the interpreter plus a colon is also +# tried as the prefix to procname. # _find_processes() { @@ -265,9 +267,10 @@ warn "\$command_interpreter $_interpreter != $1" fi _interp="$* $_procname" # cleanup spaces, add _procname + _interpbn=${1##*/} _fp_args='_argv' _fp_match='case "$_argv" in - ${_interp}|"${_interp} "*)' + ${_interp}|"${_interp} "*|"${_interpbn}: ${_procname}"*)' else # a normal daemon _procnamebn=${_procname##*/} _fp_args='_arg0 _argv' @@ -1119,8 +1122,6 @@ fi } -_rc_subr_loaded=: - # make_symlink src link # Make a symbolic link 'link' to src from basedir. If the # directory in which link is to be created does not exist @@ -1460,3 +1461,5 @@ } fi + +_rc_subr_loaded=: ==== //depot/projects/soc2005/nsswitch_cached/src/include/rpc/rpcent.h#3 (text+ko) ==== @@ -53,11 +53,10 @@ }; __BEGIN_DECLS -extern int getrpcbyname_r(const char *, struct rpcent *, char *, size_t, - struct rpcent **); -extern int getrpcbynumber_r(int, struct rpcent *, char *, size_t, - struct rpcent **); -extern int getrpcent_r(struct rpcent *, char *, size_t, struct rpcent **); +extern struct rpcent *getrpcbyname_r(const char *, struct rpcent *, char *, + int); +extern struct rpcent *getrpcbynumber_r(int, struct rpcent *, char *, int); +extern struct rpcent *getrpcent_r(struct rpcent *, char *, int); /* These interfaces are currently implemented through nsswitch and MT-safe */ extern struct rpcent *getrpcbyname(char *); ==== //depot/projects/soc2005/nsswitch_cached/src/lib/libc/gen/wordexp.3#3 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/lib/libc/gen/wordexp.3,v 1.8 2004/07/28 15:43:33 tjr Exp $ +.\" $FreeBSD: src/lib/libc/gen/wordexp.3,v 1.9 2006/04/18 21:37:24 ceri Exp $ .\" .Dd July 29, 2004 .Dt WORDEXP 3 @@ -167,7 +167,7 @@ wordexp_t we; wordexp("${EDITOR:-vi} *.c /etc/motd", &we, 0); -execvp(we->we_wordv[0], we->we_wordv); +execvp(we.we_wordv[0], we.we_wordv); .Ed .Sh DIAGNOSTICS Diagnostic messages from the shell are written to the standard error output ==== //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/jexec/Makefile#3 (text+ko) ==== @@ -1,7 +1,9 @@ -# $FreeBSD: src/usr.sbin/jexec/Makefile,v 1.1 2003/04/09 03:04:12 mike Exp $ +# $FreeBSD: src/usr.sbin/jexec/Makefile,v 1.2 2006/04/19 10:12:10 delphij Exp $ PROG= jexec MAN= jexec.8 +DPADD= ${LIBUTIL} +LDADD= -lutil WARNS?= 6 .include ==== //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/jexec/jexec.8#3 (text+ko) ==== @@ -23,9 +23,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/usr.sbin/jexec/jexec.8,v 1.2 2003/05/31 18:24:40 ru Exp $ +.\" $FreeBSD: src/usr.sbin/jexec/jexec.8,v 1.3 2006/04/19 10:12:10 delphij Exp $ .\" -.Dd April 8, 2003 +.Dd April 19, 2006 .Dt JEXEC 8 .Os .Sh NAME @@ -33,6 +33,7 @@ .Nd "execute a command inside an existing jail" .Sh SYNOPSIS .Nm +.Op Fl u Ar username | Fl U Ar username .Ar jid command ... .Sh DESCRIPTION The @@ -41,6 +42,17 @@ .Ar command inside the jail identified by .Ar jid . +.Pp +The following options are available: +.Bl -tag -width indent +.It Fl u Ar username +The user name from host environment as whom the +.Ar command +should run. +.It Fl U Ar username +The user name from jailed environment as whom the +.Ar command +should run. .Sh SEE ALSO .Xr jail_attach 2 , .Xr jail 8 , ==== //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/jexec/jexec.c#3 (text+ko) ==== @@ -23,33 +23,91 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/usr.sbin/jexec/jexec.c,v 1.2 2003/07/04 19:14:27 bmilekic Exp $ + * $FreeBSD: src/usr.sbin/jexec/jexec.c,v 1.3 2006/04/19 10:12:10 delphij Exp $ */ #include #include #include +#include +#include #include #include +#include #include static void usage(void); +#define GET_USER_INFO do { \ + pwd = getpwnam(username); \ + if (pwd == NULL) { \ + if (errno) \ + err(1, "getpwnam: %s", username); \ + else \ + errx(1, "%s: no such user", username); \ + } \ + lcap = login_getpwclass(pwd); \ + if (lcap == NULL) \ + err(1, "getpwclass: %s", username); \ + ngroups = NGROUPS; \ + if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \ + err(1, "getgrouplist: %s", username); \ +} while (0) + int main(int argc, char *argv[]) { int jid; + login_cap_t *lcap = NULL; + struct passwd *pwd = NULL; + gid_t groups[NGROUPS]; + int ch, ngroups, uflag, Uflag; + char *username; + ch = uflag = Uflag = 0; + username = NULL; - if (argc < 3) + while ((ch = getopt(argc, argv, "u:U:")) != -1) { + switch (ch) { + case 'u': + username = optarg; + uflag = 1; + break; + case 'U': + username = optarg; + Uflag = 1; + break; + default: + usage(); + } + } + argc -= optind; + argv += optind; + if (argc < 2) + usage(); + if (uflag && Uflag) usage(); - jid = (int)strtol(argv[1], NULL, 10); + if (uflag) + GET_USER_INFO; + jid = (int)strtol(argv[0], NULL, 10); if (jail_attach(jid) == -1) err(1, "jail_attach(): %d", jid); if (chdir("/") == -1) err(1, "chdir(): /"); - if (execvp(argv[2], argv + 2) == -1) - err(1, "execvp(): %s", argv[2]); + if (username != NULL) { + if (Uflag) + GET_USER_INFO; + if (setgroups(ngroups, groups) != 0) + err(1, "setgroups"); + if (setgid(pwd->pw_gid) != 0) + err(1, "setgid"); + if (setusercontext(lcap, pwd, pwd->pw_uid, + LOGIN_SETALL & ~LOGIN_SETGROUP & ~LOGIN_SETLOGIN) != 0) + err(1, "setusercontext"); + login_close(lcap); + } + if (execvp(argv[1], argv + 1) == -1) + err(1, "execvp(): %s", argv[1]); exit(0); } @@ -57,6 +115,8 @@ usage(void) { - fprintf(stderr, "usage: jexec jid command [...]\n"); + fprintf(stderr, "%s%s\n", + "usage: jexec [-u username | -U username]", + " jid command [...]"); exit(1); } ==== //depot/projects/soc2005/nsswitch_cached/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c#7 (text+ko) ==== @@ -11,7 +11,7 @@ * * See README and COPYING for more details. * - * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v 1.11 2006/04/17 00:17:29 sam Exp $ + * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v 1.12 2006/04/20 05:03:21 sam Exp $ */ #include @@ -430,6 +430,9 @@ else authmode = IEEE80211_AUTH_OPEN; + wpa_printf(MSG_DEBUG, "%s alg 0x%x authmode %u", + __func__, auth_alg, authmode); + return set80211param(drv, IEEE80211_IOC_AUTHMODE, authmode); }