Copy stable/10@r272459 to releng/10.1 as part of
the 10.1-RELEASE process.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Cleanup gr_add() so it does not leak mem
This is part of ongoing work on sbin/pw

M libutil.h
M gr_util.c

Approved by: theraven

- Clean up previous gr_add use malloc instead of calloc
- Fix tinderbox error

Submitted by: db

New gr_add function to provide a clean and safe method to append a new member
into an existing group.

Submitted by: db

Consensus between bde and pjd seemed to be that if the function names
are lined up, then any * after a long type should appear after the
type instead of being in front of the function name on the following
line.

Make the comments consistent (capitalization, punctuation, and
format).

Requested by bde

Restore the parenthesis that are necessary around the constant values.

Requested by bde.

Fix more disorder in prototypes and constants.
Fix header comments for each section of constants.
Fix whitespace in #define lines.
Fix unnecessary parenthesis in constants.

Move struct pidfh definition into pidfile.c, and leave a forward declaration
for pidfh in libutil.h in its place.
This allows us to hide the contents of the pidfh structure, and also
allowed removal of the "#ifdef _SYS_PARAM_H" guard from around the
pidfile_* function prototypes.

Suggested by pjd.

More prototype formatting fixes, struct member formatting fixes,
and namespace fix for property_find() prototype.

Provided by bde.

Fix prototype formatting (indentation, long lines, and continued lines).

Requested by bde.

Fix namespace issues with prototype parameter names.
Add missing prototype parameter names.

Requested by bde.

Fix forward structure declaration and prototype disorder.

Requested by bde.

Constify arguments.

Add pidfile_fileno() to obtain the file descriptor for an open
pidfile.

Add new pw_make_v7 to make a passwd line (in v7 format) out of a struct passwd
while here, fix missing parentheses of the return statement of pw_make.

Approved by: des (mentor)

Modify pw_copy:
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user

add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.

Reviewed by: des
Approved by: des
MFC after: 1 month

- Commit work from libprocstat project. These patches add support for runtime
file and processes information retrieval from the running kernel via sysctl
in the form of new library, libprocstat. The library also supports KVM backend
for analyzing memory crash dumps. Both procstat(1) and fstat(1) utilities have
been modified to take advantage of the library (as the bonus point the fstat(1)
utility no longer need superuser privileges to operate), and the procstat(1)
utility is now able to display information from memory dumps as well.

The newly introduced fuser(1) utility also uses this library and able to operate
via sysctl and kvm backends.

The library is by no means complete (e.g. KVM backend is missing vnode name
resolution routines, and there're no manpages for the library itself) so I
plan to improve it further. I'm commiting it so it will get wider exposure
and review.

We won't be able to MFC this work as it relies on changes in HEAD, which
was introduced some time ago, that break kernel ABI. OTOH we may be able
to merge the library with KVM backend if we really need it there.

Discussed with: rwatson

Don't duplicate define the stdint types.

Add support for IEE/IEC (and now also SI) power of two notions of
prefixes (Ki, Mi, Gi...) for humanize_number(3).

Note that applications has to pass HN_IEC_PREFIXES to use this
feature for backward compatibility reasons.

Reviewed by: arundel
MFC after: 2 weeks

expand_number() needs uint64_t, declare it here if not already declared.

MFC after: 3 days

Simplify expand_number() by combining the (unrolled) loop with the
switch. Since expand_number() does not accept negative numbers, switch
from int64_t to uint64_t; this makes it easier to check for overflow.

MFC after: 3 weeks

Merger of the quota64 project into head.

This joint work of Dag-Erling Smørgrav and myself updates the
FFS quota system to support both traditional 32-bit and new 64-bit
quotas (for those of you who want to put 2+Tb quotas on your users).

By default quotas are not compiled into the kernel. To include them
in your kernel configuration you need to specify:

options QUOTA # Enable FFS quotas

If you are already running with the current 32-bit quotas, they
should continue to work just as they have in the past. If you
wish to convert to using 64-bit quotas, use `quotacheck -c 64';
if you wish to revert from 64-bit quotas back to 32-bit quotas,
use `quotacheck -c 32'.

There is a new library of functions to simplify the use of the
quota system, do `man quotafile' for details. If your application
is currently using the quotactl(2), it is highly recommended that
you convert your application to use the quotafile interface.
Note that existing binaries will continue to work.

Special thanks to John Kozubik of rsync.net for getting me
interested in pursuing 64-bit quota support and for funding
part of my development time on this project.

Remove login(3), logout(3) and logwtmp(3) from libutil.

These functions only apply to utmp(5). They cannot be kept intact when
moving towards utmpx. The login(3) function would break, because its
argument is an utmp structure. The logout(3) and logwtmp(3) functions
cannot be used, since they provide a functionality which partially
overlaps.

Increment SHLIB_MAJOR to 9 to indicate the removal.

Make <libutil.h> work when included by itself.

There are several reasons why it didn't work:

- It was missing <sys/cdefs.h> for __BEGIN_DECLS.
- It uses various primitive types that were not declared.

Merge user/peter/kinfo branch as of r185547 into head.

This changes struct kinfo_filedesc and kinfo_vmentry such that they are
same on both 32 and 64 bit platforms like i386/amd64 and won't require
sysctl wrapping.

Two new OIDs are assigned. The old ones are available under
COMPAT_FREEBSD7 - but it isn't that simple. The superceded interface
was never actually released on 7.x.

The other main change is to pack the data passed to userland via the
sysctl. kf_structsize and kve_structsize are reduced for the copyout.
If you have a process with 100,000+ sockets open, the unpacked records
require a 132MB+ copyout. With packing, it is "only" ~35MB. (Still
seriously unpleasant, but not quite as devastating). A similar problem
exists for the vmentry structure - have lots and lots of shared libraries
and small mmaps and its copyout gets expensive too.

My immediate problem is valgrind. It traditionally achieves this
functionality by parsing procfs output, in a packed format. Secondly, when
tracing 32 bit binaries on amd64 under valgrind, it uses a cross compiled
32 bit binary which ran directly into the differing data structures in 32
vs 64 bit mode. (valgrind uses this to track file descriptor operations
and this therefore affected every single 32 bit binary)

I've added two utility functions to libutil to unpack the structures into
a fixed record length and to make it a little more convenient to use.

Merge hexdump(9) to userland as hexdump(3) in libutil. I'm tired of doing
this by hand in userland utilities.

MFC after: 1 month

Add four utility functions related to struct grp processing modeled in-part
after similar calls related to struct pwd in libutil/pw_util.c:
- gr_equal()
Perform a deep comparison of two struct grp's. It does a thorough, yet
unoptimized comparison of all the members regardless of order.

- gr_make()
Create a string (see group(5)) from a struct grp.

- gr_dup()
Duplicate a struct grp. Returns a value that is a single contiguous
block of memory.

- gr_scan()
Create a struct grp from a string (as produced by gr_make()).

MFC after: 3 weeks

Constify the first argument to expand_number() so that it can
be called with a const without the compiler grisling.

Implement expand_number(3), which is the opposite of humanize_number(3), ie.
a number in human-readable form is converted to int64_t, for example:
123b -> 123
10k -> 10240
16G -> 17179869184

First version submitted by: Eric Anderson <anderson@freebsd.org>
Approved by: re (bmah)

Well gag me with a spoon... I'm so used to working at high WARNS levels
that I make stupid fundamental mistakes like this when I don't.

I'm tired of seeing this done incorrectly and non-portably, so add a
flopen(3) function which reliably opens and locks a file.

MFC after: 3 weeks

Add utility functions for checking if a given kernel module is loaded,
and loading it.

Add a family of functions for reliable pidfiles handling.

Idea from: jmg
Discussed on: arch@

Add humanize_number(3) to libutil for formating numbers into a human
readable form.

Obtained from: NetBSD

Add the clean_environment call to libutil.h also.

MFC after: 2 weeks

ANSIfy, WARNSify, CONSTify. Bit of style(9)-ify.

Add passwd manipulation code based on parts of vipw and chpass.

Sponsored by: DARPA, NAI Labs

Remove multi-line __P() usage.

Remove __P() usage.

remove emalloc,ecalloc,erealloc,estrdup

add ecalloc, emalloc, erealloc, estrdup - versions of the e-less
functions that exit instead of failing

o Slap some "_"'s in front of variable names relating to extattr functions,
so as not to pollute application namespace.

Submitted by: bde

o Rename "namespace" argument to "attrnamespace" as namespace is a C++
reserved word, causing breakage when a C++ program included libutil.h
This change will be propagated elsewhere shortly.

Submitted by: jkh
Obtained from: TrustedBSD Project

o To support new EA interface with explicit namespaces, introduce two
utility functions which convert between string namespace names and
numeric constants used by the interface. Right now, two namespaces
are supported, EXTATTR_NAMESPACE_SYSTEM ("system") and
EXTATTR_NAMESPACE_USER ("user"). These functions are used by
various userland EA utilities, rather than hard coding the routines
all over the place.

Obtained from: TrustedBSD Project

Added PROPERTY_MAX_VALUE and PROPERTY_MAX_NAME defines to libutil.h so
that applications know how large of a buffer they must allocate before
calling property_find(). Also added a $FreeBSD$ tag while I'm here.

Approved by: jkh

Constify the arg to logout(3). It is const-safe.
(cosmetic: drop some "register" qualifications too.)

Move setproctitle() from libutil to libc (after a repo-copy)
and bump __FreeBSD_version to 500012 to mark the occasion.

setproctitle() is prototyped in unistd.h as opposed to stdlib.h
where OpenBSD and NetBSD have it.

Reviewed by: peter

Use a more conventional copyright message.

several tcp apps IPv6 update
-inetd
-rshd
-rlogind
-telnetd
-rsh
-rlogin

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project

Connect fparseln(3) for mailwrapper(8)

$Id$ -> $FreeBSD$

Add realhostname() - a function to correctly lookup
a name by address and ensure that the name resolves
back to the original address.

Declare setproctitle() as printf0-like.

o move path in libutil.h to paths.h
o make property_read() take a fd instead to avoid stdio.h mess
o update auth to new interface.

Take the path spec back out.

remove stdio.h include; I forgot Bruce's cardinal rule that header files
shouldn't include other ones (which, unfortunately, is also a hellish
rule since he broke interfaces like sysctl this way by requiring undocumented
header files to be included just in order to be able to use them now - SIGH!).

Add a simple mechanism for reading property lists from files (which
I'll convert sysinstall to use shortly) and a simple call which uses
this mechanism to implement an /etc/auth.conf file. I'll let Mark Murray
handle the format and checkin of the sample auth.conf file.
Reviewed by: markm

Add missing uu_lock_txfr() prototype

Trim a domain part for wtmp as same as showed by "netstat -r".
Here is a some example for avoiding a confusion.

It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.

1) turbo.tama.spec.co.jp: 192.19.0.2 -> trubo.tama
2) turbo.tama.foo.co.jp : 192.19.0.2 -> 192.19.0.2
3) specgw.spec.co.jp : 202.32.13.1 -> specgw

Submitted by: Atsushi Murai <amurai@spec.co.jp>

Add uu_lock_txfr() to transfer ownership of a successful
uu_lock() to another process.

The parameters to logwtmp should be const char's

Remove login_progok()
Suggested by: guido

Add full support for determining if a user
is restricted from running a given program.

Implement canonical locking protocol
Suggested by: joerg

Now I really understand the reason for the style.9 rule about not having
visible type names in prototypes in user space headers. libutil.h
generates warnings with -Wall over the use of "const char *ttyname".
It's lucky it wasn't a #define conflict.
Is a single '_' prefix acceptable? or does it need to be two?

Make uu_* const correct.

Suggested by: joerg

Summary of login.conf support changes:

o Incorporated BSDI code and enhancements, better logging for error
checking (which has been shown to be a problem, and is therefore
justified, imho); also some minor things we were missing, including
better quad_t math, which checks for under/overflows.

o setusercontext() now allows user resource limit overrides, but
does this AFTER dropping root privs, to restrict the user to
droping hard limits and set soft limits within the kernel's
allowed user limits.

o umask() only set once, and only if requested.

o add _secure_path(), and use in login.conf to guard against
symlinks etc. and non-root owned or non-user owned files being
used. Derived from BSDI contributed code.

o revamped authentication code to BSDI's latest api, which
includes deleting authenticate() and adding auth_check()
and a few other functions. This is still marked as depecated
in BSDI, but is included for completeness. No other source
in the tree uses this anyway, so it is now bracketed with
#ifdef LOGIN_CAP_AUTH which is by default not defined. Only
auth_checknologin() and auth_cat() are actually used in
module login_auth.c.

o AUTH_NONE definition removed (collided with other includes
in the tree). [bde]

o BSDI's login_getclass() now accepts a char *classname
parameter rather than struct passwd *pwd. We now do likewise,
but added login_getpwclass() for (sort of) backwards
compatiblity, namely because we handle root as a special
case for the default class. This will require quite a few
changes elsewhere in the source tree.

o We no longer pretend to support rlim_t as a long type.

o Revised code formatting to be more bsd-ish style.

Remove the syslog stuff, and allow various return values
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.

Suggested by: ache@freebsd.org

Move uucplock into libutil and create a manual page.

Revert $FreeBSD$ to $Id$

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Finally document the interfaces found in libutil. While being here,
also add the missing declaration of forkpty() to libutil.h.

Btw., the calling interface for login(3) is crude. Some better
abstraction is needed, perhaps similar to logwtmp(3).

2.2 candidate, but i'll wait for the spelling police first. :)

Bump libutil revision after recent addition of setproctitle().

Install (optional) libutil.h with prototypes for the functions and
document this in the man page.

minor cleanups to the various routines, include the prototype file, declare
return codes etc.