kdc: Add restart option
Add a new kdc_restart rc variable that manages kdc (or krb5kdc) under
daemon(8). This automatically restarts the kdc should it fail, i.e.
when it's configured to use LDAP as a backend and cannot connect to its
LDAP directory.
Set kdc_restart="YES" to auto restart kdc on abnormal termination.
Set kdc_restart_delay="N" to the number of seconds to delay before
restarting the kdc. The daemon(8) default seconds applies when not set.
Reported by: Lexi Winter <lexi.freebsd at le-fay.org>
PR: 278395
Differential Revision: https://reviews.freebsd.org/D44898
MFV: less: Do not trust st_size if it equals zero
This is a smaller version of upstream
1fafd968b48e5cea6c85f126d77071a8de707a55 to address the
issue that less not being able to operate on files
residing in pseudo-filesystems that advertize a zero
size value.
PR: bin/276133
MFC after: 3 days
release: Use the ABI of the target release to fetch packages
- Point --rootdir at the installed destdir in the dvd tree. This
causes pkg to determine the ABI from the installed destdir instead
of the host's binaries. Previously the result was that packages
for the host's ABI were always downloaded breaking cross-releases
(e.g. arm64 releases built on an amd64 host included amd64
packages on the DVD ISO image rather than arm64 packages). This
also handles version mismatches, and I tested this by cross-building
a 15.x arm64 release on a 14.x amd64 host.
- As a result, pkg now does a chdir(3) to the rootdir before running,
so the -o argument to fetch needs to be updated to be relative to
rootdir instead of the CWD as make runs.
- Add a new ROOTDIR variable to limit references to "dvd" to one
place. Ideally ROOTDIR would be an argument to this script so
that it didn't really know about the dvd layout at all.
[12 lines not shown]
release: Support r/o /usr/ports for cloudware
Set WRKDIRPREFIX=/tmp/ports DISTDIR=/tmp/distfiles when building tools
needed for uploading cloudware images.
While I'm here, adjust the bsdec2-image-upload build target to match
the style used by the Azure/GCE/Vagrant Makefiles.
MFC after: 3 days
(cherry picked from commit 6c87aed39c3053cd338c1ec18fba5b1d773beca9)
release/Makefile.vm: Support read-only ports tree
Build qemu (if needed) with WRKDIRPREFIX=/tmp/ports DISTDIR=/tmp/distfiles
so that we can have a read-only /usr/ports and don't contaminate it. This
became an issue when I enabled parallel release building, since one image
might be creating its ports.txz file at the same time as we're building
qemu as a prerequisite for building another image.
MFC after: 5 days
(cherry picked from commit 6f454c211b295ad13e80fc5b858efc9bad33e33b)
Revert "bsdinstall/distfetch.c: check environment variables before downloading and handle memory allocation errors"
This reverts commit 91bdebc958bb0da03f604bad19f99e3b10e96ac7. It wasn't
as ready as I thought
Revert "swapon: Do not overwrite Linux swap header"
This reverts commit cf04a7775a4e8ff6fd28c768be9daa3d83dd382e.This is
broken on armv7, and closer scrutiny of the reviews shows I was in error
when I thought it was ready.
ktrace: Remove CAPFAIL from default trace points
The CAPFAIL tracepoint was recently extended to report ECAPMODE
capability violations for processes that do not enter capability mode.
This allows developers that are interested in Capsicumizing their
programs to determine where violations are being raised.
Previously, CAPFAIL only produced output for processes using Capsicum(4)
capabilties. Thus, most ktrace users never received log output from the
trace point. With the recent changes, this is no longer the case.
Having this trace point enabled by default will produce output for all
processes that use syscalls that are not permitted in capability mode.
This may lead to confusion for users that are not familiar with the
feature. Remove KTRFAC_CAPFAIL from ktrace's default points to avoid
this.
Approved by: markj (mentor)
Reviewed by: markj
[2 lines not shown]
ktrace: Describe CAPFAIL trace point in man page
Update the ktrace(1) man page to describe the recently improved
capability failure tracing.
Approved by: markj (mentor)
Reviewed by: markj
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D44886
bsdinstall/distfetch.c: check environment variables before downloading and handle memory allocation errors
1. Currently, distfetch checks environment variables existence
when it will use them or in a case (in chdir()) it doesn't check
at all. As they are necessary to set before doing anything with
it, check them, if they set or not, before proceeding any further.
This also avoids extra cleaning when that environment variable
isn't set.
2. Handle memory allocation error in malloc(PATH_MAX) and replace
(sizeof const char *) with (sizeof char *). Both are similar and
const doesn't have a size.
3. Indent the error message a bit in chdir().
Signed-off-by: rilysh <nightquick at proton.me>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1071
nanobsd: Set a GPT label for EFI and cfg partitions
Use efiboot0 for the EFI partition, the nomenclature efiboot + #index
was taken from bsdinstall (zfsboot).
Use cfg for the cfg partition. Poudriere firmware images are already
using this label.
PR: 278480
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1187
sys/*/conf: do not use "../../conf/" when including std.*
Since config(8) searches sys/conf by default, there's no need to specify
the full relative path here; replace it by the filename alone.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1124