This disables the random (between zero and one seconds) delay before
rtsol and rtsold send a a Router Solicitation packet. This delay is
specified as a SHOULD by RFC 4861 for avoidance of network congestion,
but network speeds have increased enough in the 25 years since this
first appeared (in RFC 1970) that it seems unnecessary as a default
at this point.
This speeds up the FreeBSD boot process by an average of 500 ms.
Reviewed by: kp
Relnotes: yes
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D33089
(cherry picked from commit e29711da23)
Variables must be quoted if they contain non-alphanumeric characters.
Warner noted in the review that the lack of quoting causing problems
here is rather an edge case. I believe that it's worth adding the quotes
here anyway because this is what the specification says and there is no
good reason not to follow it.
Reviewed by: imp
Approved by: imp (src)
MFC after: 7 days
(cherry picked from commit 169e06fa78)
Since vfs.nfsd.srvmaxio can only be set when nfsd.ko
is loaded, but nfsd is not running, setting it in
/etc/sysctl.conf is not feasible when "options NFSD"
was not specified for the kernel.
This patch adds a new rc variable nfs_server_maxio,
which sets vfs.nfsd.srvmaxio at the correct time.
rc.conf.5 will be patched separately.
(cherry picked from commit 5509bad74e)
Both rctl and used xargs utility live in /usr/bin
so add REQUIRE: FILESYSTEMS
Reported by: Peter <pmc@citylink.dinoex.sub.org>
(cherry picked from commit 0c54fe172a)
This has the effect of installing the same file twice at the same location
and confuse pkgbase as we add this file twice in the package config part.
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
(cherry picked from commit d0f0e0bd74)
5fcdc19a81 didn't fully resolve the issue. There remains a report
that an ifconfig wlan0 up by itself is insufficient. Ifconfig down
must precede it.
Reported by: Filipe da Silva Santos <contact _ shiori_com_br>
Fixes: 5fcdc19a81
(cherry picked from commit d06d7eb091)
Some installations may experience CTRL-EVENT-SCAN-FAILED when
associating to an AP. Installations that specify
ifconfig_wlan0="WPA ... up" in rc.conf do not experience
the problem whereas those which specify ifconfig_wlan0="WPA" without
the "up" will experience CTRL-EVENT-SCAN_FAILED.
However those that specify "up" in ifconfig_wlan0 will be able to
reproduce this problem by service netif stop wlan0;
service netif start wlan0. Interestingly The service netif stop/start
problem is reproducible on the older wpa 2.9 as well.
Reported by: dhw
Reported by: "Oleg V. Nauman" <oleg _ theweb_org_ua>
Reported by: Filipe da Silva Santos <contact _ shiori_com_br>
Reported by: Jakob Alvermark <jakob _ alvermark_net>
(cherry picked from commit 5fcdc19a81)
We'd likely be better served by converting these to the equivalent mem*
calls, but just kill the knob for now. The b* macros being defined get
in the way of _FORTIFY_SOURCE.
(cherry picked from commit cfb9be5062)
Jails with jails is a supported. This change allows the script to run
upon startup with a jail. Without this, jails are not automatically
started within jails.
(cherry picked from commit 35cf9fecbd)
Delete code killed by SVN r13139 in 1996. Little chance that it would
still compile today.
PR: 257317
Reported by: Alan Shearer <sakison@gmail.com>
Sponsored by: Axcient
(cherry picked from commit 674400eb20)
ZFS in 13 supports encryption, but for the use case where keys are
available in plaintext on disk there is no mechanism for automatically
loading keys on startup.
This script will, by default, look for any dataset with encryption and
keylocation prefixed with file://. It will attempt to unlock, timing
out after 10 seconds for each dataset found.
User can optionally specify explicitly which datasets to attempt to
unlock.
Also supports (optionally by force) unmounting filesystems and unloading
associated keys.
Sponsored by: Modirum
Differential Revision: https://reviews.freebsd.org/D30015
(cherry picked from commit 33ff39796f)
lld emits several GOT relocations referencing the null sumbol in libc.so
when compiled with -ftls-model=initial-exec. This symbol is specified
to be undefined.
We generally do not handle dynamic TLS relocations against weak,
undefined symbols, so avoid printing a warning here. This makes it
possible to compile libc.so using the initial-exec TLS model on arm64.
Reviewed by: jrtc27, kib
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f238ebd142)
Previously it would try to load linux.ko instead of linux64.ko
and fail. While here, don't try to match 'linuxaout'; even if
implemented, it's the same module as `linuxelf`.
Reviewed By: emaste
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D29288
(cherry picked from commit e026f4243c)
devmatch rc script would announce it was loading a module multiple
times. It used kldload -n so it really wasn't loading it that many
times, but the message is confusing. Use kldstat to see if we need to
load the module before saying we do. This fixes the vast majority of the
problems. It may be possible to race devmatch with a user invocation and
devd, though quite hard. In that case we'll announce things twice, but
still only load it once. No attempt is made to fix this.
PR: 232782
MFC After: 2 weeks
Sponsored by: Netflix
(cherry picked from commit 5549c6a62f)
We document that we did not need .ko on the module names in
devmatch_blocklist, but we really needed them. Keep the documentation
the same, but strip the .ko when we need to use the names so you can
specify either.
PR: 256240
MFC After: 2 weeks
Sponsored by: Netflix
(cherry picked from commit b29ebb9c65)
devmatch loads a number of things automatically. Allow the list of
things to load to happen first in case those drivers affect what would
be loaded. Normally, this will produce the same results, but there's
some special cases that may not when drivers are loaded that report
other drivers missing, like virtio_pci.
PR: 253287
Reviewed by: imp
MFC After: 2 weeks
(cherry picked from commit f68e3ea831)
Currently ipfw has multiple components that are not parts
of GENERIC kernel like dummynet etc. They can bring in important
sysctls if enabled with rc.conf(5) and loaded with ipfw startup script
by means of "required_modules" after initial consult
with /etc/sysctl.conf at boot time. Here is an example of one
increasing limit for dummynet hold queues that defaults to 100:
net.inet.ip.dummynet.pipe_slot_limit=1000
This makes it possible to use ipfw/dummynet rules such as:
ipfw pipe 1 config bw 50Mbit/s queue 1000
Such rule is rejected unless above sysctl is applied.
Another example is a group of net.inet.ip.alias.* sysctls
created after libalias.ko loaded as dependency of ipfw_nat.
This is not a problem if corresponding code compiled in custom kernel
so sysctls exist when sysctl.conf is read early or kernel modules
loaded with a loader. This change makes it work also for GENERIC
and modules loaded by means of rc.conf(5) settings.
(cherry picked from commit f5b5de1a32)
/etc/rc.d/securelevel is supposed to run /etc/rc.d/sysctl lastload
late at boot time to apply /etc/sysctl.conf settings that fail
to apply early. However, this does not work in default configuration
because of kern_securelevel_enable="NO" by default.
Add new script /etc/rc.d/sysctl_lastload that starts unconditionally.
Reported by: Marek Zarychta
(cherry picked from commit f4b38c360e)
Accept the old rc.conf variable if the new one is not present for
compatability.
Approved by: imp
Differential Revision: https://reviews.freebsd.org/D30806
(cherry picked from commit c43b0081fa)
The mprotect() call was failing on CheriBSD when changing rtld's relro
page permissions due to missing CHERI capability permissions on the
mprotect() argument but did not report an error since the return value
was being ignored. It should never fail on any supported FreeBSD
architecture, but checking the return value seems like a good
sanity check to me.
Reviewed By: kib, imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D30820
(cherry picked from commit e3be51b2bc)
And move all the nfs related commands there.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D30754
Sponsored by: Diablotin Systems
