This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
As the ABI breaks everything, there is no point to keep the full source
upgrade documentation tweaks preceding the merge.
Change-Id: I1d5dcc7a7586e6aabd6b671dc2693f4fc9c5391c
- Enable installing binutils from the base system.
- Import texinfo which is required for the binutils tools
to be compiled.
- Also adapted the fetch rules to correctly generate the
gitignore files for gcc, and allow the case of multiple
modules in the same directory, as found in gnu/dist.
Warning: This patch has an entry in docs/UPDATING
Change-Id: Ib781734e8fd7f9c6265fa65d62ba2cf3fccbc5ba
There where two reasons for needing root access while making ARM builds. The
first reason was that we needed root permissions to create device nodes and
assign permissions to files. The second reason we needed root was that we used
loop mounted files to copy the build output to the file backed storage.
The first problem is solved by building in unprivileged mode (adding -U) during
compilation. The second problem is solved by using mcopy to put files on the
fat partition and use the mkfs.mfs proto files to create MFS file system.
Future work might be to replace this script by the netbsd makefs tool.
Change-Id: Ibba61d4cad053f7c1ede26169d5214065a4939d8
To use the new SD building script, Linux has to be configured with
loop.max_part=15 on the command line (or set at module load time)
to make the loopback device see the partitions.
This commit removes a lot of differences between the ARM and x86
boot ramdisk and rc scripts. It changes the ARM build from running
from ramdisk to requiring a full filesystem on the SD image and
booting into it.
. ramdisk: remove some arm-only utilities only used for running
from the shell
. remove ARM-only rc.arm, proto.arm.small, ttys and mylogin.sh
boot-time ramdisk files
. change kernel to add "arch" variable so userland knows what
we're running on from sysenv
. make ARM use the regular ramdisk rc file, changed to distinguish
i386-only and ARM-only drivers; requires rootdevname to be set
. change /etc/rc and /usr/etc/rc to start i386-only drivers only on
i386 systems
. change the kernel/arm to have a special case for the memory
driver to load it higher so it can be bigger
. add uEnv.txt, cmdline.txt and a for now highly linux-dependent
SD preparation script arm_sdimage.sh to the git repository in
releasetools/
Change-Id: I68910ba4e96ee80f7a12b65e48b5d39b43ca6397
Also did some cleanup in ash sources, to make minix modifications
more obvious, as well as some simplifications (by removing code which
is never compiled)
Removed EDITLINE support, use libedit, which does the termcap/terminfo
handling.
Change-Id: I19f7f425ed6a61298844631f9d7f3173cf7f30c0
WARNING: this will break existing dynamically linked binaries if they
exist. If you have any:
. re-build world statically first if necessary
. remove libraries from /lib and /usr/lib
. then build world
This change:
. avoids possible future dismay when interfacing other
systems' binaries; done until they are abi-compatible
Thanks to Antoine Leca for pointing this out.
See UPDATING about upgrading clang for dynamic linking.
. allow executables on ramdisk to be dynamically linked; this means
putting a few required shared libraries and ld.elf_so on the ramdisk.
. this makes the ramdisk (usage) smaller when they are dynamic, but
bigger when they're not.
. also we can safely ditch newroot and call mount directly as that is
all newroot does.
. create proto.common to share a bunch of entries between
small/nonsmall cases
You might have to update the compiler-rt package! See UPDATING.
. the purpose of this -L was solely to find compiler-rt, which contains
runtime support code for clang-compiled binaries
. this also makes all other packaged libraries visible, however
. it is cleaner to isolate the base system from packages, and so
compiler-rt puts itself in /usr/pkg/compiler-rt/lib/ too, which the
base system henceforth uses exclusively
. e.g. this solves a link failure when libfetch is installed as a
package
. the new compiler-rt package also puts itself in /usr/pkg/lib for 'old'
systems; that is harmless. The benefit of 'new' systems is that the other
packages are hidden.
There is important information about booting non-ack images in
docs/UPDATING. ack/aout-format images can't be built any more, and
booting clang/ELF-format ones is a little different. Updating to the
new boot monitor is recommended.
Changes in this commit:
. drop boot monitor -> allowing dropping ack support
. facility to copy ELF boot files to /boot so that old boot monitor
can still boot fairly easily, see UPDATING
. no more ack-format libraries -> single-case libraries
. some cleanup of OBJECT_FMT, COMPILER_TYPE, etc cases
. drop several ack toolchain commands, but not all support
commands (e.g. aal is gone but acksize is not yet).
. a few libc files moved to netbsd libc dir
. new /bin/date as minix date used code in libc/
. test compile fix
. harmonize includes
. /usr/lib is no longer special: without ack, /usr/lib plays no
kind of special bootstrapping role any more and bootstrapping
is done exclusively through packages, so releases depend even
less on the state of the machine making them now.
. rename nbsd_lib* to lib*
. reduce mtree
Also following functionality was added:
- Add install_master to the installboot from NetBSD.
- Check if enough space for bootxx.
Old installboot was renamed to installboot_minix.
This driver can be loaded as an overlay on top of a real block
device, and can then be used to generate block-level failures for
certain transfer requests. Specifically, a rule-based system allows
the user to introduce (overt and silent) data corruption and errors.
It exposes itself through /dev/fbd, and a file system can be mounted
on top of it. The new fbdctl(8) tool can be used to control the
driver; see ``man fbdctl'' for details. It also comes with a test
set, located in test/fbdtest.
. detect both formats in /etc/rc
. generate new format in setup
. obsoletes /etc/fstab.local: everything can go in /etc/fstab
. put shutdown/reboot/halt and a copy of /usr/adm/wtmp
(/etc/wtmp) on root FS so that we can do shutdown checks before
mounting /usr
. new fstab format makes getfsent() and friends work
. add bsd-style MLINKS to minix man set, restoring aliases
(e.g. man add64 -> int64)
. update daily cron script to run makewhatis and restore makewhatis
in man Makefile (makedb), restores functionality of man -k
. netbsd imports of man, mdocml, makewhatis, libutil, apropos
. update man.conf with manpage locations, restoring man [-s] <section>
. throws out some obsolete manpages
* VFS and installed MFSes must be in sync before and after this change *
Use struct stat from NetBSD. It requires adding new STAT, FSTAT and LSTAT
syscalls. Libc modification is both backward and forward compatible.
Also new struct stat uses modern field sizes to avoid ABI
incompatibility, when we update uid_t, gid_t and company.
Exceptions are ino_t and off_t in old libc (though paddings added).
1. ack, a.out, minix headers (moved to /usr/include.ack),
minix libc
2. gcc/clang, elf, netbsd headers (moved to /usr/include),
netbsd libc (moved to /usr/lib)
So this obsoletes the /usr/netbsd hierarchy.
No special invocation for netbsd libc necessary - it's always used
for gcc/clang.
David van Moolenbroek
Lionel Sambuc
Kees Jongenburger
Thomas Cort
Ben Gras
Thomas Veerman
Mohamed Katri
Kees Jongenburger
Evgeniy Ivanov
Antoine Leca
Arun Thomas
Vivek Prakash