file: normalize .result files to ensure trailing newline on install
Some upstream result files introduced in file 5.47 (e.g., bgcode.result)
lack a trailing newline, causing the contrib_file_tests ATF test to
fail with "cmp: EOF on bgcode.result". Generate normalized copies
of the expected results and install those instead.
MFC after: 3 days
Fixes: e949ce9dc0e6fff26e83904f1008b76d36ba0a37
limits: Fix pipebuf resource type
* pipebuf is a size but is listed as a count
PR: 295623
MFC after: 1 week
Fixes: f54f41403d14 ("usr.bin/limits: support RLIMIT_PIPEBUF")
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D57456
etcupdate: Make diff -l actually work
While here, remove unnecessary blank lines.
MFC after: 1 week
Fixes: 6d65c91b9a47 ("etcupdate: fix arguments order of diff command")
Reviewed by: Boris Lytochkin <lytboris at gmail.com>
Differential Revision: https://reviews.freebsd.org/D57330
libarchive: Fix typo in sed command
MFC after: 1 week
Fixes: eb3a0a74a069 ("libarchive: Clean up the build configuration")
Reported by: Shawn Webb <shawn.webb at hardenedbsd.org>
nfs_commonkrpc.c: Improve handling of NFSv4.1/4.2 recovery
Commit 4d80d4913e79 fixed a long standing bug in the recovery
code. However. glebius@ reported seeing multiple
recovery cycles with this patch during an NFSv4.1/4.2
server reboot.
This commit should minimize the risk of multiple
recovery cycles.
PR: 294925
Reported by: Jov <amutu at amutu.com>
MFC after: 2 weeks
Fixes: 4d80d4913e79 ("nfs: Fix argument typo to avoid a crash")
nuageinit: complete SSH support with ssh_deletekeys and disable_root
Add missing SSH cloud-config options from cloud-init spec:
- ssh_deletekeys: remove existing SSH host keys on first boot so
new ones are generated automatically by sshd(8).
Implemented as delete_ssh_host_keys() in nuage.lua using lfs.dir()
with a directory existence guard via lfs.attributes().
- disable_root: set PermitRootLogin to 'no' (or a custom value via
disable_root_opts) in /etc/ssh/sshd_config.
- disable_root_opts: optional string or array to override the
PermitRootLogin value used when disable_root is true. Only the
first array element is used.
nuageinit: refactor goto abuse in chpasswd()
Replace goto next/list pattern with proper elseif/else control
structure. The goto-based flow was fragile and hard to follow;
the elseif chain makes the validation logic explicit and linear.
nuageinit: fix update_sshd_config crash when file does not exist
Previously update_sshd_config() would assert-fail if sshd_config did
not exist. Now it creates a new file with the given key/value.
Also replace the fragile simultaneous r+ + temp file approach with
a cleaner read-then-write pattern: read all lines into memory, modify
as needed, then write to a temp file and rename. All assert() calls
replaced with proper error handling via warnmsg().
Add test case for missing file creation.
nuageinit: fix TOCTOU in addsshkey, adddoas, addsudo
Replace check-then-create patterns with direct creation:
- addsshkey: check what exists before creation, use mkdir_p() for
.ssh directory, handle errors with warnmsg() instead of assert().
Apply chmod/chown only on newly created files/directories.
- adddoas: same pattern for doas.conf and the etc directory.
- addsudo: same pattern for the sudoers file and sudoers.d directory.
All three functions now use warnmsg() for error handling instead of
returning nil,err or using assert().
nuageinit: fix non-standard f:close(cmd) and remove dead precmd
- f:close(cmd) -> f:close() in adduser() and exec_change_password():
the 'cmd' argument is not standard Lua and is silently ignored.
- Remove dead 'precmd' variable in adduser().
nuageinit: remove dead checkgroup(), inline check in purge_group()
Call getgroups() once instead of N times per call. Inline the
membership check directly, removing the now-unused checkgroup()
helper function.
nuageinit: add hostname validation (RFC 952/1123) to sethostname()
Validate hostnames before writing them:
- Reject empty hostnames
- Reject hostnames longer than 253 characters
- Reject hostnames with invalid characters
- Reject hostnames starting or ending with dot/hyphen
- Reject labels longer than 63 characters
- Reject labels starting or ending with hyphen
Expand the sethostname test to cover all rejection cases.
Update nuage.sh sethostname_body to ignore stderr (warnings).
nuageinit: add nil/empty guard to decode_base64()
Return an empty string when input is nil or zero-length instead
of processing it through the decoding loop.
uipc_usrreq: revert addition of EMPTYPATH for bindat(2)
The caller wants the parent vnode, which cannot be provided for emptypath
lookups.
Reported and reviewed by: markj
Fixes: 12c590a9abd7 ("bindat(2)/connectat(2): allow implicit EMPTYPATH for unix domain sockets")
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57448
ObsoleteFiles: Add some ancient locale symlinks
These were dropped in 2021 but were never listed in ObsoleteFiles.inc,
so systems that have been upgraded from source since before that date
(or from 13.x) may still have them.
PR: 295668
MFC after: 1 week
Fixes: 0a36787e4c1f ("locales: separate unicode from other locales")
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D57331
(cherry picked from commit 1cef7e9eb0822c606fc34f975efd14b6daeff756)
login_class: Fix kqueues, pipebuf resource types
* kqueues is a count but is listed as a size
* pipebuf is a size but is listed as a count
PR: 295623
MFC after: 1 week
Fixes: a4c04958f526 ("libutil: support RLIMIT_PIPEBUF")
Fixes: 85a0ddfd0b26 ("Add a resource limit for the total...")
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D57333
(cherry picked from commit b5dce0ae4f78251f56ffcb6c6a58b9e6c20380e0)
ObsoleteFiles: Add some ancient locale symlinks
These were dropped in 2021 but were never listed in ObsoleteFiles.inc,
so systems that have been upgraded from source since before that date
(or from 13.x) may still have them.
PR: 295668
MFC after: 1 week
Fixes: 0a36787e4c1f ("locales: separate unicode from other locales")
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D57331
(cherry picked from commit 1cef7e9eb0822c606fc34f975efd14b6daeff756)
login_class: Fix kqueues, pipebuf resource types
* kqueues is a count but is listed as a size
* pipebuf is a size but is listed as a count
PR: 295623
MFC after: 1 week
Fixes: a4c04958f526 ("libutil: support RLIMIT_PIPEBUF")
Fixes: 85a0ddfd0b26 ("Add a resource limit for the total...")
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D57333
(cherry picked from commit b5dce0ae4f78251f56ffcb6c6a58b9e6c20380e0)
