Add FreeBSD support, round 1 #7765
Conversation
|
Hi @fluffykhv, Is "Add FreeBSD support, round 1" a single huge patch in FreeBSD repo? |
|
Patches in the FreeBSD ports collection are typically per-file rather than per-logical-change, so it may not be straightforward to recreate an incremental patch set. If you look at the URL above you'll see the per-file patches. This is admittedly not ideal from the perspective of collaboration with an upstream. Looking at the history (e.g. https://github.com/freebsd/freebsd-ports/commits/main/security/sssd2/files) gives some insight, and you can see some logical changes that could be applied individually e.g. freebsd/freebsd-ports@9a40ff8. If you want a patch set of logical changes we'll have to curate the patches in the ports tree. |
|
Well, that's going to be tough... As I'm not familiar with FreeBSD, it would help greatly if you could provide a rationale for additional includes.
I think I'll cherry pick trivial / non-questionable patches in a separate PR, and once it's merged, you'll have to rebase. In case of headers that might be finding a common ground where possible and, where it's impossible, putting conditional includes in a single common header to reduce clutter overall. Wrt |
The general answer is - the transitive dependencies between FreeBSD headers are different from the Linux ones. It often comes up when porting software for FreeBSD that a single
If I'm not mistaken, POSIX dictates what header should be included to be able to use a given struct or function. So it is not matter of finding a common ground between different OSes, but simply following the standard.
Yes, we're still at 2.9 at the moment. Hopefully we'll catch up soon. |
Where it is POSIX mandated it will be "non questionable" and it is where some help with pointers would be appreciated. It will be just WAY slower for non FreeBSD user to figure out a reason for inclusion of particular header. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| /* | ||
| CatchSignal(SIGSEGV, sig_segv_abrt); | ||
| CatchSignal(SIGABRT, sig_segv_abrt); | ||
| */ |
Check notice
Code scanning / CodeQL
Commented-out code Note
| @@ -21,6 +21,9 @@ | |||
|
|
|||
| #include "config.h" | |||
|
|
|||
| #ifdef __FreeBSD__ | |||
| #include <sys/param.h> | |||
There was a problem hiding this comment.
Since b928dbe , "util/util.h" included below, includes <sys/param.h>
But what in confdb.c requires it?
| @@ -18,6 +18,9 @@ | |||
| along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
| */ | |||
|
|
|||
| #ifdef __FreeBSD__ | |||
| #include <sys/param.h> | |||
There was a problem hiding this comment.
Since b928dbe , "util/util.h" included below, includes <sys/param.h>
But what in radius_kdcpreauth.c requires it?
| @@ -22,6 +22,8 @@ | |||
| along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
| */ | |||
|
|
|||
| #include <sys/types.h> | |||
| #include <sys/time.h> | |||
There was a problem hiding this comment.
Why are those 2 headers required?
| @@ -29,6 +29,8 @@ | |||
| #include <stdbool.h> | |||
|
|
|||
| #include <core/ntstatus.h> | |||
| #include <unistd.h> | |||
| #include <time.h> | |||
| @@ -27,7 +27,9 @@ | |||
| #include <stdlib.h> | |||
| #include <string.h> | |||
| #include <popt.h> | |||
| #ifndef __FreeBSD__ | |||
| #include <sys/prctl.h> | |||
There was a problem hiding this comment.
There is still a call to prctl() in this file. How do you compile it?
|
Let's approach this from a different angle. Would you be OK with enabling FreeBSD CI for this project via Cirrus CI? I will be happy to provide a configuration file, but you'll need to enable the Cirrus application for this repo. With CI in place we can work through all the FreeBSD compilation errors, so it'd be clear what actual problem a commit fixes. |
|
It seems huge problem for adoption of sssd-2.10+ by FreeBSD will be usage of 'files capabilities' (Linux specific) and management of effective/permitted 'capabilities' (again, as meant in Linux) via You are patching sssd-2.9 where |
| @@ -19,6 +19,9 @@ | |||
| You should have received a copy of the GNU General Public License | |||
| along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
| */ | |||
| #ifdef __FreeBSD__ | |||
| #include <sys/param.h> | |||
|
All right, let's close this for now. I'll reach our folks that are maintaining the SSSD port and ask them if they're working on 2.10. But in case they are, the question about the CI stands. |
| @@ -32,6 +32,8 @@ | |||
| #ifdef ldb_val | |||
| #error Please make sure to include ad_pac.h before ldb.h | |||
| #endif | |||
| #include <unistd.h> | |||
| #include <time.h> | |||
| @@ -21,6 +21,9 @@ | |||
| */ | |||
|
|
|||
|
|
|||
| #include <sys/types.h> | |||
| #include <sys/time.h> | |||
There was a problem hiding this comment.
What for?
Also note you already added time.h to ad_pac.h that is included here.
| Authors: | ||
| Lukas Slebodnik <[email protected]> | ||
|
|
||
| Copyright (C) 2013 Red Hat |
There was a problem hiding this comment.
Where is this file from?
|
|
||
| #include <errno.h> | ||
|
|
||
| #define BSD_ERR_MASK (0xB5DE <<16) |
There was a problem hiding this comment.
A comment would help to understand this mask.
|
|
||
| #define BSD_ERR_MASK (0xB5DE <<16) | ||
|
|
||
| #ifndef EUCLEAN |
There was a problem hiding this comment.
EUCLEAN, EMEDIUMTYPE, EOWNERDEAD and ECONNRESET aren't used.
| @@ -23,6 +23,9 @@ | |||
| #include "providers/data_provider/dp.h" | |||
| #include "providers/data_provider/dp_private.h" | |||
| #include "providers/backend.h" | |||
| #ifdef __FreeBSD__ | |||
| #include "util/sss_bsd_errno.h" | |||
There was a problem hiding this comment.
Please include it once in util/util_errors.h
| @@ -25,6 +25,8 @@ | |||
| #include <sys/types.h> | |||
| #include <sys/stat.h> | |||
| #include <sys/socket.h> | |||
| #include <netinet/in.h> | |||
| #include <arpa/inet.h> | |||
| @@ -23,6 +23,8 @@ | |||
| #include "providers/ipa/ipa_deskprofile_rules_util.h" | |||
| #include "providers/ipa/ipa_deskprofile_private.h" | |||
| #include "providers/ipa/ipa_rules_common.h" | |||
| #include <sys/types.h> | |||
| #include <signal.h> | |||
| struct tm tm; | ||
| time_t t = 0; | ||
| tzset(); | ||
| localtime_r(&t, &tm); |
There was a problem hiding this comment.
Man page for 'localtime_r' says:
It need not set tzname, timezone, and daylight.
so looks like tzset() isn't needed
| @@ -64,12 +64,25 @@ typedef void * SEC_CTX; | |||
| #endif /* done HAVE_SELINUX */ | |||
|
|
|||
| #include <sys/socket.h> | |||
| #ifdef __FreeBSD__ | |||
| #include <sys/param.h> | |||
| #include <sys/ucred.h> | |||
There was a problem hiding this comment.
|
@alexey-tikhonov Like I wrote in #7765 (comment) I see little sense in reviewing this PR in its current state. We (FreeBSD) should start over with master branch and this PR is better be closed. I still want to hear if you would like us to prepare a FreeBSD CI. |
| @@ -1445,8 +1446,14 @@ errno_t sss_mmap_cache_init(TALLOC_CTX *mem_ctx, const char *name, | |||
| /* Attempt allocation several times, in case of EINTR */ | |||
| for (int i = 0; i < POSIX_FALLOCATE_ATTEMPTS; i++) { | |||
| ret = posix_fallocate(mc_ctx->fd, 0, mc_ctx->mmap_size); | |||
| if (ret != EINTR) | |||
| break; | |||
| if (ret != EINTR && ret == EINVAL) { | |||
There was a problem hiding this comment.
ret != EINTR && part doesn't make sense.
| @@ -28,6 +28,7 @@ | |||
| #include "tests/cmocka/common_mock.h" | |||
|
|
|||
| #include "util/authtok.h" | |||
| #include "util/sss_endian.h" | |||
There was a problem hiding this comment.
This header defines htole32 and le32toh that aren't used in this file.
Well, there are some differences, but most of questions will be still valid. In general I'd like to propose to use ./configure checks more extensively instead of abrupt '#ifdef FreeBSD' inserts. Could you please take a look at #7808 - will the check of '_XOPEN_SOURCE' work around absence of 'timezone' on FreeBSD?
That's more question to @pbrezina. But there is no CI automation that would not need a maintenance. And we already have quite a lot of items that likes to get broken... In any case, I would really appreciate comments for '#include'-s being added. |
Not sure what's being talked about here - FreeBSD does have |
I thought this PR gets rids of its usage for a reason...
Ok. |
Port patches from FreeBSD ports tree (https://github.com/freebsd/freebsd-ports/tree/main/security/sssd2/files), round one