bin: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by: Netflix

Remove $FreeBSD$: one-line nroff pattern

Remove /^\.\\"\s*\$FreeBSD\$$\n/

rm(1): Formalize non-functional status of -P flag

-P was introduced in 4.4BSD-Lite2 around 1994. It overwrote file contents
with a pass of 0xff, 0x00, then 0xff, in a low effort attempt to "really
delete" files.

It has no user-visible effect; at the end of the day, the file is unlinked via
the filesystem. Furthermore, the utility of overwriting files with patterned
data is extremely limited due to caveats at every layer of the stack[0] and
therefore mostly futile. At the least, three passes is likely wasteful on
modern hardware[1]. It could also be seen as a violation of the "Unix
Philosophy" to do one thing per tiny, composable program.

Since 1994, FreeBSD has left it alone; OpenBSD replaced it with a single
pass of arc4random(3) output in 2012[2]; and NetBSD implemented partial, but
explicitly incomplete support for U.S. DoD 5220.22-M, "National Industrial
Security Program Operating Manual" in 2004[3].

NetBSD's enhanced comment above rm_overwrite makes a strong case for removing
the flag entirely:

> This is an expensive way to keep people from recovering files from your
> non-snapshotted FFS filesystems using fsdb(8). Really. No more.
>
> It is impossible to actually conform to the exact procedure given in
> [NISPOM] if one is overwriting a file, not an entire disk, because the
> procedure requires examination and comparison of the disk's defect lists.
> Any program that claims to securely erase *files* while conforming to the
> standard, then, is not correct.
>
> Furthermore, the presence of track caches, disk and controller write
> caches, and so forth make it extremely difficult to ensure that data have
> actually been written to the disk, particularly when one tries to repeatedly
> overwrite the same sectors in quick succession. We call fsync(), but
> controllers with nonvolatile cache, as well as IDE disks that just plain lie
> about the stable storage of data, will defeat this.
>
> [NISPOM] requires physical media destruction, rather than any technique of
> the sort attempted here, for secret data.

As a first step towards evental removal, make it a placebo. It's not like
it was serving any security function. It is not defined in or mentioned by
POSIX.

If you are security conscious and need to erase your files, use a
woodchipper. At a minimum, the entire disk needs to be overwritten, not
just one file.

[0]: https://www.ru.nl/publish/pages/909282/draft-paper.pdf
[1]: https://commons.erau.edu/cgi/viewcontent.cgi?article=1131&context=jdfsl
[2]: https://github.com/openbsd/src/commit/7c5c57ba81b5fe8ff2d4899ff643af18c
[3]: https://github.com/NetBSD/src/commit/fdf0a7a25e59af958fca1e2159921562cd

Reviewed by: markj, Daniel O'Connor <darius AT dons.net.au> (previous version)
Differential Revision: https://reviews.freebsd.org/D17906

Fix unlink(1) for files starting with -

Restore the original behavior of unlink(1), passing the provided filename
directly to unlink(2), handling the first argument being "--" correctly.

This fixes "unlink -foo", broken in r97533.

PR: 228448
Submitted by: Brennan Vincent <brennan@umanwizard.com> (original version)
Submitted by: Yuri Pankov
Reported by: Brennan Vincent <brennan@umanwizard.com>
Reviewed by: emaste, kevans, vangyzen, 0mp
Approved by: re (delphij)
Differential Revision: https://reviews.freebsd.org/D17132

Renumber copyright clause 4

Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96

Protecting against rm -rf / is now POSIXLY_CORRECT per posix 1003.1
edition 2013. No need anymore to disable the protection if one set
the POXILY_CORRECT environment variable.

Reviewed by: imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D4092

mdoc: remove superfluous paragraph macros.

Add -x option to avoid crossing mount points when removing a hierarchy.

Discussed on: -hackers
Inspired by: DragonflyBSD
MFC After: 1 week

Add a few examples.

Obtained from: OpenBSD

Fix typo and grammar nit

Submitted by: arundel
MFC after: 7 days (or when the bikeshed has abated)

Elaborate some more on the non-security implications of using -P

Submitted by: delphij
Discussion at: svn-src-all

Language cleanup.

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

rm(1): clarify that -P works only when blocks are updated in-place

Suggested by: pjd, ivoras, arundel

Clarify the combination effect of -P and -f to make it clear.

Submitted by: arundel
MFC after: 2 weeks

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

- Import the HEAD csup code which is the basis for the cvsmode work.

Give a hint to the reader as to what the "whiteout" actually means.

Fix markup, add the EXIT STATUS section.

Correct a security issue introduced in previous commit:
instead of removing the file and issue a warning about
the removal, do not do any operation at all in case -P
is specified when the dinode has hard links.

With -f and -P specified together, we assume that the
user wants rm to overwrite the contents of the file
and remove it (destroy the contents of file but leave
its hard links as is).

The reason of doing it this way is that, in case where
a hard link is created by a malicious user (currently
this is permitted even if the user has no access to the
file). Losing the link can potentially mean that the
actual owner would lose control completely to the user
who wants to obtain access in a future day.

Discussed with: Peter Jermey

Be more reasonable when overwrite mode is specified while there
is hard links. Overwritting when links > 1 would cause data
loss, which is usually undesired.

Inspired by: discussion on -hackers@
Suggested by: elessar at bsdforen de
Obtained from: OpenBSD

-mdoc sweep.

Give .Dd a tummy rub, forgotten on my last commit.

Handle the case where the -P flag is specified for a read-only file
earlier, and more gracefully. Previously, this combination would be
ignored early in the code where permissions are tested and fail later
with a very unhelpful "permission denied" error.

Instead, test for this flag in the same block that generates the
"override?" messages for read-only files, but instead of trying
to guess what the user has in mind, generate an error and exit.

Update the man page to reflect this new behavior.

Not objected to by: freebsd-hackers@

Sync program's usage() with manpage's SYNOPSIS.

Add the new standard EXIT STATUS section where appropriate.
Sort standard sections in the (documented) preferred order.

/*- or .\"- or #- to begin license clauses.

Correct a typo and make the documentation more mdoc(7) complaint.

Pointed out by: dd
Approved by: murray (mentor)

Add -I, an option that asks for confirmation once if recursively
removing directories or if more than 3 files are listed in the
command line.

This feature is intended to provide a safe net but not being too
annoying like having "rm -i" for every deleting operations, and
is generally good for both newbies and power users, preventing
them from being so easily run into ``rm -rf /'', ``rm -rf *''
and so forth.

Originally implemented by Matthew Dillon for DragonFly, plus
some improvements done by various DragonFly contributors.

Approved by: murray (mentor; the original dillon's version)
Discussed with: des
Obtained from: DragonFly's bin/rm/
rm.c rev. 1.4 - 1.8
rm.1 rev. 1.3 - 1.4
MFC After: 1 month

Markup fixes.

Pointed out by: ru

Find out how flame-proof my underwear really is.

Mechanically kill hard sentence breaks.

Remove clause 3 from the UCB licenses.

OK'ed by: imp, core

Cross ref chflags(1).

Suggested by: Craig Carey <research@ijs.co.nz) on -doc.

s/filesystem/file system/ as discussed on -developers

Consistancy check s/file system/filesystem/

Reviewed by: brian

Update STANDARDS section on rm(1) to reflect current conformance.

PR: 35471

Remove whitespace at EOL.

mdoc(7) police: use the default ``file ...'' feature of the .Ar macro.

Prepare for mdoc(7)NG.

mdoc(7) police: use the new features of the Nm macro.

Fix cut'n'paste niggles in previous commit.

Add link(1) and unlink(1) as special cases of ln(1) and rm(1)
respectively, in accordance with SUSv2.

This differs from the approach taken in NetBSD, but provides
less obscure error messages in at least the EISDIR case and
does not take up additional disk space for new binaries.

PR: 13071
PR: 13074
Requested by: James Howard <howardjp@wam.umd.edu>

brucify, `v' before `W', mention -v is non-standard in manpage and
make code slightly easier to read

Reviewed by: obrien

add verbose flag
exit(1) --> exit(EX_USAGE)

Reviewed by: obrien

$Id$ -> $FreeBSD$

Use .Dq instead of ``'' in manpage
Use optimal blocksize for rm -P, instead of always using 8192-byte blocks
to overwrite the file.

Obtained from: OpenBSD

Fix synopsis to match 1003.2. Add text describing the way in which
our implementation does not meet 1003.2 (rather than the now outdated
``is expected to comply' language).

.Nm rm -> .Nm.

Remove remaining Lite1 stuff from the man page and uphold the
precedence in changing sccsid to rcsid as set by Phillippe
Charnier in his previous 100 or so commits.

pointed out by: Bruce Evans <bde@zeta.org.au>

Import Lite2's src/bin. All files in src/bin are off the vendor branch,
so this doesn't change the active versions.

Enable whiteout code since we now have the lite2 support for them.

Provide examples of how to remove file names that begin with
a dash in non-getopt implementations. E.g.:
rm /home/mpp/-filename
rm ./-filename

Requested by: bde

Improve the wording in the NOTES section. Closes PR# 3223.

Revert $FreeBSD$ to $Id$

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Merge Lite2 mods, and -Wall cleaning. Unimplemented undelete(2)
cruft is protected by a #ifdef (BSD4_4_LITE) that should be
removed when this is supported by the kernel.

[HISTORY] command appeared in Version 1 AT&T UNIX
Obtained from: A Quarter Century of UNIX, Peter H. Salus, page 41

fix usage string
respond `Y' is equal to `y'

Add a note how to delete file name with beginning `-'

Added $Id$

BSD 4.4 Lite bin Sources