case so that if devices need different initialization, we can key off
this in the rc scripts (currently unused). Also update the man page
which is a 100% duplicate of the rc scripts.
the throttling state in response to line transitions. Future plans
include adding support for CPU frequency changes.
Add a devd.conf entry for calling this script.
The default values for this are:
performance_cx_lowest="HIGH" # Use HLT (C0) online
performance_throttle_state="HIGH" # 100% (no throttling)
economy_cx_lowest="LOW" # Use the lowest Cx state possible
economy_throttle_state="HIGH" # 100% (no throttling)
systems are mounted. An example set of entries for /etc/rc.conf:
ataraid_enable="YES"
ataraid_devices="ar0"
ataraid_ar0_set="ad2 ad3"
ataraid_ar0_type="RAID1"
Because there is no "correct" way of doing ATA raid (ie, geom vs.
atacontrol vs. vinum) that is bikeshed proof, this rcng script stays within
the bounds of atacontrol and assumes that other RAID solutions for GEOM or
vinum will end up in a different rcNG script.
Reviewed by: green
then immediately terminate the shell (during boot this
also terminates the parent rc(8) shell). This was the pre-rcNG behaviour.
Also, remove an extraneous mount /.
PR: conf/57659
Submitted by: yar (with modifications)
as these ioctl's aren't MD. This also means they are installed in
/usr/include/dev/bktr now. Also provide compatability wrappers for
where these headers lived in 4.x.
time during the boot process. This is needed in the case where NFS mounts
from servers reachable only via IPSEC are in /etc/fstab.
PR: conf/42497
Submitted by: Volker Stolz
Approved by: re (rwatson)
default attempt to list Biba, LOMAC, and MLS label information
for the socket if they are present.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons
Tested with: i386, i386-PAE, and sparc64.
we are configured to use an MTA or MSP queue runner. Otherwise the
script used to complain about the missing PID file.
PR: conf/57075
Submitted by: Jonathan Chen <jonc@chen.org.nz>
MFC after: 2 weeks
the number of broken DNS servers out there in the world. Since we are
diverging from the sendmail.org submit.mc, it's time to make our own
freebsd.submit.mc.
PR: conf/57733
Reviewed by: nork
MFC after: 2 weeks
porting this stuff back.
* Test /etc/motd for writability before trying to update it. This is
especially useful when /etc/ is mounted ro, like on a diskless boot.
(Thanks to phk for the idea on this one.)
* Make the "updating" message reflect what actually happens.
A "driftfile" caches the oscillator offset estimate from boot to boot,
having this means faster and less bumpy time synchronization. Will
be overridden by any value in the config file.
thin blue air if the kenv doesn't have any info.
This improves the truth value of the comment above significantly and
reduces the bogous output on the console considerably.
- Use a more robust check to determine if we need to load ipl.ko.
- Don't try to run ipf -E if ipfilter is already enabled. Look at
the net.inet.ipf.fr_running sysctl to figure this out. This fixes
a warning message about ipfilter being already initialized.
- Only one ipf -E command is needed. We don't need an extra one for
the -6 case which would only print a warning message about ipfilter
being already initialized.
- Fix one occurence where we were running /sbin/ipf directly without
using the ${ipfilter_program} variable if set.
- In ipfilter_stop(), don't try to save the firewall state tables if
ipfilter is disabled. Similarly, don't try to disable it if it's
already disabled. This fixes some more error messages.
and use it in src/etc/sendmail/Makefile in case the user wants to use
a different path to the sendmail m4 sources (e.g., sendmail port users).
Submitted by: dinoex
MFC after: 21 days
X-MFC after: RELENG_4 code freeze ends
dhclient couldn't get killed.
If we execute 'dhclient -r', dhclient gets already
killed, so there is no need to do it twice. Only do
this if we really have to release some leases.
Reviewed by: silence on freebsd-rc@yahoogroups.com
written by Stuart Walsh and Duncan Barclay (with some kibbitzing by
me). I'm checking it in on Stuart's behalf.
The BCM4401 is built into several x86 laptop and desktop systems. For the
moment, I have only enabled it in the x86 kernel config because although
it's a PCI device, I haven't heard of any standalone NICs that use it. If
somebody knows of one, we can easily add it to the other arches.
This driver uses register/structure data gleaned from the Linux
driver released by Broadcom, but does not contain any of the code
from the Linux driver itself. It uses busdma.
device special files created by sio(4). The latter are the device
special files created by uart(4). As of this moment sio(4) is not
supported on ia64... by me, that is :-)
with the vendor sendmail distribution. By doing so, we avoid mergemaster
warnings after every 'make' in /etc/mail/.
Reported by: Jeremy Chadwick <koitsu@parodius.com>
MFC after: 3 days
X-MFC after: and re approval
o The following additional configuration attributes of a jail can be
controlled from rc.conf:
- mounting devfs(5)
- mounting fdescfs(5)
- mounting procfs(5)
- custom devfs(8) ruleset
If no ruleset is specified, the default jail ruleset is used.
o The output of executing /etc/rc in the jail is now redirected
to /dev/null. Instead, the hostname of the jail is echoed if
the jail(8) command exited successfully. If the output is wanted
it can probably be redirected to a file (/var/run/$jail maybe)
instead of /dev/null.
Submitted by: Scot W. Hetzel <hetzels@westbend.net>
with modifications by Jens Rehsack <rehsack@liwing.de>
and me.
the src/etc makefile. This list was used to manually
install the files from src/etc. Instead, simply change
directory and 'make install'.
o There is no reason for the files in src/etc/defaults to
be installed as writeable.
Reviewed by: ru
off by default.
o Apparently the routine displaying the informational messages wasn't
checking its knob in rc.conf, so fix that as well.
Requested by: obrien
devfs(8) rules in rc(8). It is most useful for applying
rules to devfs(5) mount points in /dev or inside jails.
The following line of script is sufficient to
mount a relatively useful+secure devfs(5) in a jail:
devfs_mount_jail /some/jail/dev
Some new shell routines available to scripts that source
rc.subr(5):
o devfs_link - Makes it a little easier to create symlinks
o devfs_init_rulesets - Create devfs(8) rulesets from devfs.rules
o devfs_set_ruleset - Set a ruleset to a devfs(5) mount
o devfs_apply_ruleset - Apply a ruleset to a devfs(5) mount
o devfs_domount - Mount devfs(5) and apply some ruleset
o devfs_mount_jail - Mount devfs(5) and apply a ruleset
appropriate to jails.
Additional rulesets can be specified in /etc/devfs.rules.
If the devfs_system_ruleset variable is defined in rc.conf
and it contains the name of a ruleset defined in /etc/defaults/devfs.rules
or user supplied rulesets in /etc/devfs.rules then that ruleset will
be applied to /dev at startup by the /etc/rc.d/devfs script. It can
also be applied post-startup:
/etc/rc.d/devfs start
This is a more flexible mechanism than the previous method of using
/etc/devfs.conf. However, that method is still available.
Note: since devfs(8) doesn't provide any way for creating symlinks
as part of a ruleset, anyone wishing to create symlinks in a devfs(5)
as part of the bootup sequence will still have to rely on /etc/devfs.conf.
use the atmconfig(8) utility instead of route(8) to install those routes.
For this we need a new rc.conf variable natm_static_routes that works
just like static_routes except that the referenced routes use the syntax
of atmconfig(8).
Okay'ed by: mtm
one internal device. Don't call the startup procedure again if
we already use start.
Support a manually started dhclient and keep its configured
interfaces after pccard removal.
Make pccard_ether working in single-user mode without /usr mounted.
There are now many configurations which have a NIC on board, and
pccard slots. If a dhclient is running on the internal nic, the
Improve the handling dhcp handling of pccard_ether.
Improve the dhcp handling of pccard_ether.
There are now many configurations which have a NIC on board and
Improve the dhcp handling of pccard_ether.
There are now many configurations which have a NIC on board and
cardbus slots too. If a dhclient was already running on the internal
NIC, the user was forced to kill a running dhclient manually.
If now a pccard is included at startup time, /etc/rc.d/dhclient
start does include it into the startup list for dhcp devices.
That means you can now do dhcp on the internal and the pccard devices
at the same time. If the card is plugged in later, a running dhclient
(working for the internal interface only) is killed, and restarted,
but the interface name of the new pccard is added to the internal
name. After removal, /etc/rc.d/dhclient is started again. This
script does nothing if there are no devices in /etc/rc.conf
This is only a workaround for a well known problem. After we have
a dhcp client which handles device adding and removal, it will go
away.
The original name was really a mistake since
/usr/local/etc/rc.d scripts can (and usually do) start
more than just daemons. Even the output in the script
uses 'local packages.' Also, the term 'local daemons' is
used by rc.d/local, which was etc/rc.local of rcOG fame.
No repo-copy because there isn't much history to save.
I will remove localdaemons shortly with all the other
files that don't belong in rc.d anymore.
Discussed with: dougb, freebsd-rc@yahoogroups.com
for the harp(4) pseudo driver and for loadable native HARP drivers
(like hfa_pci).
To use harp(4) the rc variable natm_interfaces must be set to the
list of NATM interfaces to be used for HARP. These interfaces
will be brought up with ifconfig and the harp(4) will be loaded.
To use loadable native HARP drivers atm_load must be set to
the list of drivers to load.
Reviewed by: mtm, gordon (partly)
and PAM configuration. Remove the line concerning "auth_list"
from the template, since it's referenced only in the tinyware
password command, and only #ifdef KERBEROS, which isn't defined
in tinyware. Add a comment about auth.conf being on the way
out the door. The one remaining consumer of auth.conf is
crypt(3).
the address, also kill the dhclient process. Instead of doing the
release in the stop command, move it to the precmd stage and allow
rc.subr(8) to automatically kill the dhclient process by leaving the
stop command undefined.
Noticed by: mbr
evaluating the $_precmd command as a string. We're not actually
trying to evaluate the contents of the command.
Reported by: Glenn Johnson <gjohnson@srrc.ars.usda.gov>
variable in rc.conf to have sshd from ports (or somewhere else) installed.
So, don't make the sshd_config for the base system a required file
to start the service.
PR: conf/45766
instead of SENDMAIL_MC but don't remove on it 'make clean' as the
user may not have the original .mc file and removing it could be
dangerous (e.g., make SENDMAIL_CF=/etc/mail/sendmail.cf clean).
Noticed by: peter
MFC after: 3 days
defined. The only two files installed in this case are aliases (which
I believe other MTAs may use) and mailer.conf (which isn't sendmail,
it belongs to mailwrapper).
PR: 50477
MFC after: 5 days
`hostname`.submit.mc which is templated from freebsd.submit.mc if the
default file does not exist. This makes the building of the submit.cf
behavior identical to that of the the sendmail.cf.
PR: 44256
Submitted by: Matt Emmerton <matt@gsicomp.on.ca>
MFC after: 5 days
- Stop 'make clean' from removing SENDMAIL_CF
- install and distribute targets should not attempt to build anything
- SENDMAIL_ADDITIONAL_CF were not installed in the distribution case
- If SENDMAIL_SET_USER_ID was defined, submit.cf was needlessly installed
in the distribution case
- Collapse install and distribution target into one to remove code
duplication
Submitted by: ru
MFC after: 5 days
network interfaces could only be turned on and off as a group (all
static interfaces or all dhcp interfaces).
When used to start the interface a 'long form' ifconfig output is
used to show the status of the interface, but when stopping an interface
the script will simply output the name of the interface. This is simply my
personal preference. Hopefully as this functionality matures we can
stabilize on a prefered form of output for these scripts.
A stop command to the dhclient script now explicitly releases the dhcp lease.
Behaviour at system shutdown; however, is unchanged since dhclient is not,
by default, run at that time. The client will not release its lease
at shutdown.
o Ensure rc.d/network2 and rc.d/network3 are not automatically run
during boot
o Modify script headers so rcorder(8) can put the two scripts in the
correct sequence.
o Change the provider names.
o Separate routing into two parts: static routing and routing options. The
start command will run both parts, but they can be run separately using
the static and options command, respectively:
(/etc/rc.d/routing static; /etc/rc.d/routing options)
This commit has two pieces. One half is the watchdog kernel code which lives
primarily in hardclock() in sys/kern/kern_clock.c. The other half is a userland
daemon which, when run, will keep the watchdog from firing while the userland
is intact and functioning.
Approved by: jeff (mentor)
than duplicate it. This requires OpenPAM Dianthus, which was committed two
weeks ago; installing these files on a system running a world older than
June 1st, 2003 will cause login(1) and su(1) to fail.
It currently supports the PMC Sierra Lite, Ultra and 622 chips and
the IDT 77105. The driver handles media options and state in a consistent
manner for ATM drivers. The next commit to the midway driver will make
it use utopia.
exception of the default 'status' command) regardless of whether the
executed command was actually successfull or not. Forced scripts should
always correctly reflect the outcome of the command.
NOTE: exit values are treated as booleans. We don't care what
the actual exit value was, only whether it was successfull or not.
interfaces, interface aliases, user supplied ifconfig scripts, and
ipx interfaces. The ipx routine fails unconditionaly at the moment.
Someone who has a need for it can fill it in with the appropriate incantations.
take advantage of the rc.subr(8) glue. They are renamed dhclient_program
and dhclient_flags.
o Rename them in rc.conf(5)
o Rename them in /etc/defaults/rc.conf
o Add the deprecated variables to /etc/rc.subr
o Isolate the use of the 'command' variable to the
NetBSD specific parts in /etc/rc.d/dhclient.
o Now that dhcp_flags has also been renamed it will
be applied properly by rc.subr(8) glue code.
Reported by: John Nielsen <john@jnielsen.net>
really make much difference since this script is not used during startup
and is due to be removed before RELENG_5.
Submitted by: "Simon L. Nielsen" <simon@nitro.dk>
down to the section of optional mail/news services. Change the nntpd
location to /usr/local/libexec since it's an optional software.
Henceforth, nntpd will be advised to run as "news", which is a
standard user in the system, instead of "usenet", which has never
existed in the default master.passwd(5).
Note: It's not "news:news" since inetd(8) runs a service at the
specified user's login group by default.
Add a blank comment line above the uucpd line so the section looks uniform.
Partly pointed out by: Alexey Neyman <alex.neyman at auriga.ru>
MFC after: 1 week
with the rest of the options following it. This caused problems for
people using ldconfig_insecure=yes because the '-i' switch was being
positioned before the format argument.
Approved by: markm/mentor (implicit), re/rwatson
PR: 47430
script to read /etc/devfs.conf, and take appropriate actions based on
what it finds there.
The (commented out) examples in the new devfs.conf file are taken in
part from the old rc.devfs script.
sessions if the mailer is dynamically linked. This happens because
on some systems the ldconfig script is run after the vi recovery
script.
I thought I had already fixed this with revision 1.5 of rc.d/ldconfig,
but apparently not. So, in addition I'm making ldconfig a requirement
of this script.
Approved by: markm (mentor)(implicit)
PR: bin/51767
We can't remove the sourcing of /etc/rc.devfs yet in case the user
might have custom entries in it. We will have to come up with an
/etc/devfs.rules or something to make this kind of thing easier.
Approved by: markm (mentor)(implicit)
All functionality from the previous system has been preserved, and
users should still customize their system boot with the familiar
methods, rc.conf, rc.conf.local, rc.firewall, sysctl.conf, etc.
Users who have customized versions of scripts that have been removed
should take great care when upgrading, since the compatibility code
that used those old scripts has also been removed.
script at which a filesystem will be mounted in FreeBSD. Without this
the script was being inserted later in the boot than necessary.
Approved by: markm (mentor) (implicit)
Reviewed by: dougb
Noticed by: Andrzej ToboÅa <san@wilk.2a.pl>
it doesn't work because the start_cmd doesn't enable ipfilter if
it is currently disabled.
Approved by: markm (mentor) (implicit)
Submitted by: Michael Lyngbøl <lyngbol@bifrost.lyngbol.dk>
PR: conf/46103
o group them together so they run one right after another
o use the NetBSD supplied ipfs script instead of tacking
it on to the end of ipnat
o Load the ipl module in ipnat and ipfilter, if it's not already
loaded
o In ipmon and ipnat show a warning if neither ipfilter nor
ipnat is enabled or the ipl module is not loaded, and exit
Approved by: markm (mentor) (implicit)
Tested by: leafy <leafy@leafy.idv.tw>
This is how it has always been done (before and after rc.d) but
I somehow failed to include it when I broke up network1.
Submitted by: bmah
Approved by: markm (mentor)(implicit)
no longer plan on shipping a TE MAC module independent from SEBSD.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
o /etc/network.subr contains common subroutines used for seting
up network interfaces
o rc.d/hostname sets the hostname if not already set
o rc.d/nisdomain sets the nis domain *after* rpcbind but
before the yp* daemons. This fixes issues with temporary
hangs when looking up informaion in nis before it's ready.
o rc.d/netif brings network interfaces (minus dhcp) up.
o rc.d/network1 has been disabled and will be retired before
RELENG_5. It will be replaced by rc.d/netif
Approved by: markm (mentor)
stop ipfw, but not enable it again.
Aesthetic changes
o Use positve logic (instead of negative)
o create a 'stop' function, rather than putting the
commands in the stop_cmd variable.
Submitted by: des
Approved by: markm (mentor) (implicit)
but it's no longer a part of the base-system and buildworld works fine
here after deleting them both on disk and from the mtree spec files.
Not objected to by: kris, silence on -audit
devd later in the boot process. This should fix all the problems
people have had with those commits. Diskless should be working again,
and those that mount /usr with nfs should be able to do that again too.
critical remote systems. This lets us run commands from devd that
aren't on the / partition. This also means we can remove some kludges
from the networking startup that I added a while ago that caused other
problems.
There's still a race in starting devd that needs to be fixed in devd
so that things present at boot will be configured by the time devd
does daemon(). That race will be fixed later.
device node exists directly to see if OLDCARD is compiled into the
kernel. This eliminates the scary warning that people using NEWCARD
are seeing when they have pccard_enable=YES in their /etc/rc.conf
files.
be). Using that string leads rc.network to execute:
# sysctl -w vfs.nfs.bufpackets=DEFAULT
vfs.nfs.bufpackets: 4 -> 0
Which isn't what was intended.
PR: conf/31280
MFC after: 3 days
name of the device that it creates. Update /etc/ttys accordingly.
An alias is created for the old name so that old /etc/ttys will continue to
work, but due to aliases being implemented as symlinks in devfs you cannot
login as root when using the alias device.
Discussed with: grehan
withough the $natd_interface having to be explicitly specified on the
command line.
Approved by: markm (mentor)
Submitted by: Aaron D. Gifford <agifford@infowest.com>
PR: conf/47024
MFC: upon re approval
named(8) daemon by providing a new rc.conf knob: named_pidfile
that defaults to the path specified in the system-installed named.conf(5).
Approved by: markm (mentor)
Reviewed by: dougb
Noticed by : Galen Sampson <galen_sampson@yahoo.com>
Dan Pelleg <daniel+bsd@pelleg.org>
PR: conf/46402
MFC: 2 weeks (with re@ approval)
to /dev/raidctl, don't set the group to operator. (This isn't a
storage device, it's a control device).
Also, since umask here is already restrictive, we don't need to
explicitly set the mode.
Submitted by: bde
Instead, load them as part of the rc.d system. This allows us to prioritize
the initidiskless script so it runs before the configuration files are loaded
and allows us to get rid of the exit 2 hack in /etc/rc. The exit 2 never
worked anyway since it did not unset the prior configuration, causing the
diskless code to not operate properly.
Do a major cleanup and revamping of the diskless code for RCNG. This will
be backported to the non-RCNG scripts as well as -stable.
With suggestions from: Mike Makonnen <mtm@identd.net>
MFC after: 7 days
the whole thing generic. That is, /conf/base, /conf/default,
/conf/${ipba}, and /conf/${ip} are all handled the same way.
Introduce an NFS remounting feature via the /conf/base/<dir>/diskless_remount
so you can avoid dup'ing system directories in /conf (described in rc file).
Introduce a memory filesystem sizing feature via the /conf/base/<dir>/md_size
file that allows you to override the default memory filesystem size.
Introduce a file containing relative paths to remove for each memory filesystem
directory as /conf/base/<dirname>.remove.
Make the cpio feature more generic (applies to any filesystem) (aka
/conf/base/<dirname>.cpio.gz).
Allow any root directories to be created as a memory filesystem via the
/conf/*/* mechanism.
Replace the copyright notice with a reference to the COPYRIGHT file and
do other cleanups.
(documentation and man page updates to follow).
MFC after: 3 days
background fsck. The delay defaults to sixty seconds to allow
large applications such as the X server to start before disk I/O
bandwidth is monopolized by fsck.
Submitted by: Brooks Davis <brooks@one-eyed-alien.net>
Sponsored by: DARPA & NAI Labs.
from "unix" back to "local". Add some compat stuff so both
ways work for some time.
Reviewed by: phk
Approved by: imp (UPDATING)
Requested by: iedowse, lukem@netbsd.org
that's being replaced here. This is what /etc/rc does now.
There is no NetBSD devfs, so there is no compatibility issue.
Not objected to by: FreeBSD-rc@yahoogroups.com
Approved by: re (murray)
where people want to have the cards configured. Lack of -z is a speed
optimization.
Submitted by: many voices on mobile@
Approved by: re@ (rwatson)
MFC after: 3 days
Fix a minor grammer nit.
Get rid of _echo that uses logger and just call logger in the 3 routines
that need it.
Add a comment referencing rc.conf(5) in the case of an incorrectly set
variable.
This pulls rc.subr up to 1.51 of rc.subr. I skipped 1.49 (systrace support)
since I don't have systrace.
Obtained from: NetBSD
to specify rules definition file for ipfilter. The default is
/etc/ipf6.rules. If there is a file which is specified by
'ipv6_ipfilter_rules', IPv6 rule is installed.
Reviewed by: Ronald van der Pol <Ronald.vanderPol@rvdp.org>
MFC after: 1 week
an entry in /etc/sysctl.conf didn't exist. Fixing this exposed a minor
typo "exits" vs. "exist".
However, there doesn't appear to be any provision to run this with
the "lastload" argument, meaning that the error will never appear.
whatever random value was already in $unit. It happened to work
because the variable is often unset, but this is not always the
case e.g. when you call "MAKEDEV sio2 usb ..."
This affects -stable as well.
Reviewed by: n_hibma
Silence from: re
MFC after: 3 days
# or any login.conf resource limits or features; use it only if this is
# appropriate for your environment. If you require these features, use
# the regular FreeBSD ftpd below.
Discourage users from using lukemftpd if they rely any of these standard
FreeBSD features that are fully supported by our native ftpd. There
may be other features that are not yet supported that I have not yet
discovered.
tells applications to print labels for all of the TrustedBSD-
generated policies, if they are present.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
the wheel group has no explicit members listed in /etc/group. This adds
the "exempt_if_empty" flag to pam_wheel in the default configuration;
in some environments, it may be appropriate to remove this flag, however,
this default is the same as pre-pam_wheel.
Reviewed by: markm
Sponsored by: DARPA, Network Associates Laboratories
configuration. Root privileges override DAC on local file systems and
therefore root does not generally need to be a member of a group to
access files owned by that group. In the NFS case, require explicit
authorization for root to have these privileges.
Leave root in operator for dump/restore broadcast reasons; leave root
in wheel until discrepencies in the "no users in wheel means any user
can su" policy are resolved (possibly indefinitely).
* Space -> tabs conversion.
* Removed blanks before semicolon in "if ... ; then".
* Proper indentation of misindented lines.
* Put a full stop after some comments.
* Removed whitespace at end of line.
Approved by: silence from gordon
script did. Stuff in rc.local frequently has lines like
"echo -n ' service_name'" which look ugly without a prefix and a
trailing period. Likewise for rc.shutdown.local for consistency.
and atime only, but also the ctime. Otherwise, files extracted from
tar or zip archives will immediately be declared stale since they've
got their mtime reset to the original mtime.
Reviewed by: brian
MFC after: 1 week
a per-machine or per-cluster (with different ways of expressing what's
part of a cluster) basis. In order for this to be effective, rc.conf
has to be reread after initdiskless is finished. Implement this by
adding a hook to etc/rc which rereads rc.conf by request. This can
also be implemented by renaming initdiskless to initdiskless.sh and
sourcing rc.conf there manually, but it was decided that, that would
be uglier than a hook in etc/rc.
Developed in concert with: gordon
PR: 38919
Submitted by: Tommy Johnson
o IBM IDE CDROM
PR: 39537
Submitted by: Kevin Van Maren
o T-Sunus 130 card
PR: 41802
Submitted by: Oliver Schneider
o No-name OEM Prism card
o ActionTec Prism card
o ZoomAir 11Mbps High Rate wireless networking
PR: 41929, 41928
Submitted by: Bruce M Simpson
o Dynalink L100C16
PR: 41938
Submitted by: Marco van de Voort
1) Add new card entry for nortel eMobility wi card (from email
that I've lost the sender on :-(
2) put ata devices at config 0x1 rather than auto. This should be
better for nearly all cases.
MFC after: 3 days
rcNG. The $amd_flags variable was already taken over into $rc_flags
by run_rc_command() when amd_precmd() is executed, so changing
$amd_flags there no longer effects the actual execution of amd.
Hence in amd_precmd() the $rc_flags have to be adjusted instead.
o Recognize AMD Elan SC520 hostbridge.
o Add initialization code for the AMD Elan sc520 which maps the MMCR
into KVM and sets the i8254 frequency to the correct value.
o MAKEDEV entry for elan-mmcr device
Reviewed by: phk, jhb
Approved by: re(jhb)
under way to move the remnants of the a.out toolchain to ports. As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL. It has already lasted WAY beyond
that.
Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
all instances of `${CMD_OSTYPE}` to just using ${OSTYPE}. This saves us a
shell invocation on anything that is OS-dependent. I seriously doubt that we
will be spontaneously changing OS types during bootup.
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.
PR: bin/40960
Submitted by: frf <frf@xocolatl.com>
MFC after: 3 days
xntpd_* -> ntpd_*
portmap_* -> rpcbind_*
Also change single_mountd_enable -> mountd_enable
Changing the mountd flags brings us closer to NetBSD.
All of the old variable names are shimmed so you can continue to use the
old variable name.
Finally make /etc/rc.d/mountd no longer dependent on nfs as there are
(apparently) other consumers of mountd.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
xntpd_* -> ntpd_*
portmap_* -> rpcbind_*
Also change single_mountd_enable to mountd_enable.
We also include shims for all the old variable names.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
and others, because test(1) does not do shortcut evaluation.
Fix the same off-by-one error for acd*t* that revision 1.326 fixed
for other *cd devices.
Suggested by: bde
Reviewed by: bde
created cd1 as well due to an off-by-one error left over from
revision 1.249.
PR: conf/20436
Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
MFC after: 1 week
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
sets ${MP} to an empty string so the next line:
set ${MP}
actually just dumps all of the shells variables to stdout (and therefore
the security report). Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.
Reviewed by: brian
MFC after: 3 days
/etc filesystem isn't enough; consequently, add "-i 4096" to the newfs
command for /etc. This results in 1022 inodes, which should be enough
for the forseeable future (although I don't know why we would ever
have more than 1000 files in a default /etc).
Silence by: -current
Submitted by: matt peterson
While I'm here, kill the flags 0x10000 on all the prism based cards.
Both stable and current figure this out on their own and we've had at
least one releases where this is the case.
card behind it (without the pcmcia form factor). This entry gets to
the point of attaching, but there's something wrong with the '29
support, so it doesn't quite work yet.
while. This is only the script pieces, the glue for the build comes next.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
Reviewed by: silence on -current and -hackers
Prodded by: rwatson
Once upon a time (in rev. 1.81), COPYRIGHT and FREEBSD
were multi-value.
Moved installation of /var/log/cron to where it belongs
(this finishes the change in rev. 1.205).
Removed (with extreme prejudice) a bunch of parentheses
that unnecessarily obfuscated this makefile.
Run pwd_mkdb(8) right after master.passwd is installed.
Install nsmb.conf to /usr/share/examples/etc/.
MAKEDEV: Add MAKEDEV glue for the ti(4) device nodes.
ti.4: Update the ti(4) man page to include information on the
TI_JUMBO_HDRSPLIT and TI_PRIVATE_JUMBOS kernel options,
and also include information about the new character
device interface and the associated ioctls.
man9/Makefile: Add jumbo.9 and zero_copy.9 man pages and associated
links.
jumbo.9: New man page describing the jumbo buffer allocator
interface and operation.
zero_copy.9: New man page describing the general characteristics of
the zero copy send and receive code, and what an
application author should do to take advantage of the
zero copy functionality.
NOTES: Add entries for ZERO_COPY_SOCKETS, TI_PRIVATE_JUMBOS,
TI_JUMBO_HDRSPLIT, MSIZE, and MCLSHIFT.
conf/files: Add uipc_jumbo.c and uipc_cow.c.
conf/options: Add the 5 options mentioned above.
kern_subr.c: Receive side zero copy implementation. This takes
"disposable" pages attached to an mbuf, gives them to
a user process, and then recycles the user's page.
This is only active when ZERO_COPY_SOCKETS is turned on
and the kern.ipc.zero_copy.receive sysctl variable is
set to 1.
uipc_cow.c: Send side zero copy functions. Takes a page written
by the user and maps it copy on write and assigns it
kernel virtual address space. Removes copy on write
mapping once the buffer has been freed by the network
stack.
uipc_jumbo.c: Jumbo disposable page allocator code. This allocates
(optionally) disposable pages for network drivers that
want to give the user the option of doing zero copy
receive.
uipc_socket.c: Add kern.ipc.zero_copy.{send,receive} sysctls that are
enabled if ZERO_COPY_SOCKETS is turned on.
Add zero copy send support to sosend() -- pages get
mapped into the kernel instead of getting copied if
they meet size and alignment restrictions.
uipc_syscalls.c:Un-staticize some of the sf* functions so that they
can be used elsewhere. (uipc_cow.c)
if_media.c: In the SIOCGIFMEDIA ioctl in ifmedia_ioctl(), avoid
calling malloc() with M_WAITOK. Return an error if
the M_NOWAIT malloc fails.
The ti(4) driver and the wi(4) driver, at least, call
this with a mutex held. This causes witness warnings
for 'ifconfig -a' with a wi(4) or ti(4) board in the
system. (I've only verified for ti(4)).
ip_output.c: Fragment large datagrams so that each segment contains
a multiple of PAGE_SIZE amount of data plus headers.
This allows the receiver to potentially do page
flipping on receives.
if_ti.c: Add zero copy receive support to the ti(4) driver. If
TI_PRIVATE_JUMBOS is not defined, it now uses the
jumbo(9) buffer allocator for jumbo receive buffers.
Add a new character device interface for the ti(4)
driver for the new debugging interface. This allows
(a patched version of) gdb to talk to the Tigon board
and debug the firmware. There are also a few additional
debugging ioctls available through this interface.
Add header splitting support to the ti(4) driver.
Tweak some of the default interrupt coalescing
parameters to more useful defaults.
Add hooks for supporting transmit flow control, but
leave it turned off with a comment describing why it
is turned off.
if_tireg.h: Change the firmware rev to 12.4.11, since we're really
at 12.4.11 plus fixes from 12.4.13.
Add defines needed for debugging.
Remove the ti_stats structure, it is now defined in
sys/tiio.h.
ti_fw.h: 12.4.11 firmware.
ti_fw2.h: 12.4.11 firmware, plus selected fixes from 12.4.13,
and my header splitting patches. Revision 12.4.13
doesn't handle 10/100 negotiation properly. (This
firmware is the same as what was in the tree previously,
with the addition of header splitting support.)
sys/jumbo.h: Jumbo buffer allocator interface.
sys/mbuf.h: Add a new external mbuf type, EXT_DISPOSABLE, to
indicate that the payload buffer can be thrown away /
flipped to a userland process.
socketvar.h: Add prototype for socow_setup.
tiio.h: ioctl interface to the character portion of the ti(4)
driver, plus associated structure/type definitions.
uio.h: Change prototype for uiomoveco() so that we'll know
whether the source page is disposable.
ufs_readwrite.c:Update for new prototype of uiomoveco().
vm_fault.c: In vm_fault(), check to see whether we need to do a page
based copy on write fault.
vm_object.c: Add a new function, vm_object_allocate_wait(). This
does the same thing that vm_object allocate does, except
that it gives the caller the opportunity to specify whether
it should wait on the uma_zalloc() of the object structre.
This allows vm objects to be allocated while holding a
mutex. (Without generating WITNESS warnings.)
vm_object_allocate() is implemented as a call to
vm_object_allocate_wait() with the malloc flag set to
M_WAITOK.
vm_object.h: Add prototype for vm_object_allocate_wait().
vm_page.c: Add page-based copy on write setup, clear and fault
routines.
vm_page.h: Add page based COW function prototypes and variable in
the vm_page structure.
Many thanks to Drew Gallatin, who wrote the zero copy send and receive
code, and to all the other folks who have tested and reviewed this code
over the years.
which needs an empty directory into which to chroot(2).
Hint to the operator that this directory really _should_ be empty
by creating it with mode 0555 and the system immutable flag (schg)
set.
Reviewed by: des
while. This is only the script pieces, the glue for the build comes next.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
Reviewed by: silence on -current and -hackers
Prodded by: rwatson
permissions to use for alias and map database files built by
/etc/mail/Makefile. The default is 0640 to assist users in avoiding
a file locking local denial of service.
MFC after: 1 day
pending RE approval
Apparently binding only to 127.0.0.1 inside of a jail actually binds
to the jail IP address as well (in effect, bind to all available
interfaces in the jail).
Submitted by: Helge Oldach <test-smtp@oldach.net>
MFC after: 1 day
pending RE approval
though I would personally prefer to see the broken nameservers fixed
instead of standards compliant applications work around them, I can't
force FreeBSD users to help fight that battle.
Submitted by: Damon Anton Permezel <dap@damon.com>
MFC after: 2 days
pending RE approval
fix a comment that suggested setting ipv6_ipv4mapping to blank. This
will aid in merging with rcng which requires all veriables to be
explicitly set.
Submitted by: Mike Makonnen
MFC after: 1 week
files in each ${local_startup} directory, it also reverses the order of the
directories.
Suggested by: jhb
Reviewed by: jake
Approved by: dougb
MFC after: 1 week
of wtmp.0 is done as mode 600.
This ensures that tight permissions set in /etc/newsyslog.conf for
wtmp logging aren't ``betrayed''.
Suggested by: lumpy <lumpy@the.whole.net>
MFC after: 3 days
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.
However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.
MFC after: 3 days
rm -f /tmp/.X11-unix/*
If /tmp/.X11-unix didn't already exist, a user could symlink it to a directory
with files that he wants to wipe out, and wait for next reboot.
Reported by: lumpy <lumpy@the.whole.net>
The Blue Concentric CF 802.11b card is a compactflash form-factored card
that does 802.11b, including 128bit encryption.
The Zonet modem pccard is a simple FAX/Modem card.
Both are sold in Guang-Hua Market in Taipei, and functions perfectly
with -current and -stable.
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."
PR: conf/37618
Reviewed by: brian
MFC after: 3 days
pam_lastlog, so add a dummy session chain to avoid using the one from
pam.d/other. I assume gdm does something similar, so give it a dummy
session chain as well.
Sponsored by: DARPA, NAI Labs.
Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.
Eliminate the need in the second installworld. For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.
Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1. Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).
Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).
In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.
Moved the creation of the "crypto" dist from release.5 to
release.2.
In release.3 and doMFSKERN, build kernels in the "world"
environment. KERNELS now means "additional" kernels, GENERIC is
always built.
Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.
Inline createBOOTMFS target.
Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules. GC doMODULES as such.
Assorted fixes:
Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".
Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.
gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.
release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists. Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories. This will be fixed
soon.
Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage. Most of the userland makefiles did not test it for "YES"
anyway.
XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists? (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)
Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.
Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
around. If the kernel boots successfully, the record of this kernel
is erased, it is intended to be a one-shot option for testing
kernels.
This could be improved by having the loader remove the record of
the next kernel to boot, it is currently removed in /etc/rc immediately
after disks are mounted r/w.
I'd like to MFC this before the 4.6 freeze unless there is violent
objection.
Reviewed by: Several on IRC
MFC after: 4 days
alternative MTAs. Therefore, always install rc.sendmail, regardless of
NO_SENDMAIL make.conf setting. Users can still set mta_start_script to a
different script.
This commit is after a repo-copy of src/etc/sendmail/rc.sendmail to
src/etc/rc.sendmail.
Noticed by: Calvin NG <calvinng@brel.com>
MFC after: 3 days
the creation of /var/spool/clientmqueue and therefore the need for the
smmsp user and group if NO_SENDMAIL is defined. This required breaking out
the creation of the directory into a new BSD.sendmail.dist mtree file.
MFC after: 1 week
Added NOOBJ if anyone even attempts to "make obj" here.
Revert to installing files with mode 644 except README.
Make this overall look like a BSD-style Makefile rather
than roll-your-own (this is not a bug).
For the record. Previous revision also fixed the breakage
introduced by the sys.mk,v 1.60 commit: bsd.own.mk is no
longer automatically included from sys.mk.
Reported by: jhay
the .mc file used for /etc/mail/submit.cf. By default,
/etc/mail/freebsd.submit.mc is installed and used.
Requested by: fenner
Submitted by: ume
MFC after: 1 week
Add /etc/rc.d to the startup dirs list. It is a convenient place to put
custom startup scripts instead of hacking a shared rc.local. eg: ftpd in
listener mode, or maybe even sendmail or another mailer, etc.
<peril sensitive sunglasses off>
clientmqueue (submit mail queue).
The new mailq display is only active if both the old
daily_status_mailq_enable is set to "YES" and the new
daily_status_include_submit_mailq is set to "YES" so people who disabled
440.status-mailq won't have any surprises.
Likewise, the new queue run is only active if both the old
daily_queuerun_enable is set to "YES" and the new daily_submit_queuerun
is set to "YES" so people who disabled 500.queuerun won't have any
surprises.
While I am here, remove the [ ! -d /var/spool/mqueue ] checks from
both scripts as the queue directory isn't always /var/spool/mqueue for
the main daemon -- it can be set to anything in the sendmail.cf file.
MFC after: 1 week
prevent the interfaces from being initialized by /etc/rc.network6
wrongly. So, you can explicitly initialize the interfaces by
/etc/pccard_ether.
With previous rc.network6, if you specify pccardd_flags="-z",
net.inet6.ip6.accept_rtadv was wronly set to 0, then RA was not
accepted.
again."
As an alternative to sendmail_enable=NONE, solve the boot time problem
for non-sendmail users completely by moving all of the sendmail startup
code from /etc/rc to /etc/rc.sendmail. The source for that script will
be kept in src/etc/sendmail/rc.sendmail so make.conf's NO_SENDMAIL will
prevent it from being installed. A new rc.conf variable,
mta_start_script specifies the script to run to start the user's
preferred MTA. For backward compatibility, it will default to
/etc/rc.sendmail. The specified script is called out of /etc/rc after
checking to make sure it exists. A new rc.sendmail.8 man page has also
been added which now houses the sendmail_* variable descriptions
formerly in rc.conf.5.
Use /etc/rc.sendmail in /etc/mail/Makefile to reduce code duplication.
Reviewed by: -current, -stable, obrien, peter, ru
MFC after: 1 week
was apparently smoking something when I committed the last fix, because as
ume was kindly enough to set me straight on, amd *will* start with no
arguments at all, as long as there is an /etc/amd.conf file for it to
read. What it won't do is start with *just* -p.
In any case, now it's fixed.
(65536 * 32 - 1), but MAKEDEV only supports up to (32 * 32 -1). Device
names use the unit number in base 32 for all "digits".
This required fixing an old bug in MAKEDEV:ttyminor(). Its arg was the
global $unit instead of $1.
Reminded by: Valentin K. Ponomarenko <valka@krog.ukrtel.net>
MFC-after: 1 week
logic and added a new set of targets for controlling the MSP queue runner
(start-mspq, stop-mspq, and restart-mspq).
Reminded by: Mark Santcroos <marks@ripe.net>
MFC after: 1 week
at boot time.
Instead of rc.conf's sendmail_enable only accepting YES or NO, it can now
also accept NONE. If set to NONE, none of the other sendmail related
startup items will be done.
Remove an extra queue running daemon might be started that wasn't necessary
(it didn't hurt anything but it wasn't needed).
The new logic is:
# MTA
if ${sendmail_enable} == NONE
# Do nothing
else if ${sendmail_enable} == YES
start sendmail with ${sendmail_flags}
else if ${sendmail_submit_enable} == YES
start sendmail with ${sendmail_submit_flags}
else if ${sendmail_outbound_enable} == YES
start sendmail with ${sendmail_outbound_flags}
endif
# MSP Queue Runner
if ${sendmail_enable} != NONE &&
[ -r /etc/mail/submit.cf] && ${sendmail_msp_queue_enable} == YES
start sendmail with ${sendmail_msp_queue_flags}
endif
Discussed with: Thomas Quinot <Thomas.Quinot@Cuivre.FR.EU.ORG>,
Christopher Schulte <schulte+freebsd@nospam.schulte.org>
MFC after: 1 week
Install sys/<arch>/include/pc/*.h to /usr/include/machine/pc/.
PR: docs/29534
Install sys/netatm/*/*.h to /usr/include/netatm/*/.
Don't install compatibility symlinks for <machine/soundcard.h>
and <machine/joystick.h>. Three years is enough to be aware of
the change, and these weren't visible in the SHARED=symlinks
case.
Back out include/Makefile,v 1.160 that was a null change anyway
due to the bug in the path, and we now don't want to install
these headers because they would otherwise be invisible in the
SHARED=symlinks case.
Don't install IPFILTER headers. Userland utilities fetch them
directly, and they were not visible in the SHARED=symlinks case.
Resurrect SHARED=symlinks in Makefile.inc1.
PR: bin/28002
Prodded by: bde
MFC after: 2 weeks
black lists in the default config, give a pointer to a non-static list.
I was convinced this was the right thing to do after getting a PR
asking to add ORBZ the day before ORBZ went off the air.
PR: conf/35884
MFC after: 4 days
only doing ipnat(8). Go back to using $ipfilter_active, but turn off
$ipfilter_active when loading ipl.ko has failed.
Submitted by: devet@devet.org (Arjan de Vet)
MFC after: 3 days
conf file, or command line options. I brought this up in PR 12432,
which (ironically) obrien assigned to me after I became a committer. :)
PR: conf/12432
Submitted by: Me
administrator wishes to run commands outside of the PATH, he should
use a full pathname for the executable or set the PATH as appropriate
in any local startup scripts.
PR: misc/35770
addition, take out the checks on the $dumpdev. dumpon(8) behaves well
if given a non-existent filename. It gives a nice error message which
is better rather than the current silent failure.
Reviewed by: des
$ipfilter_active. $ipfilter_enable is set to "NO" if modules fail to
load, and $ipfilter_active can be "YES" when we are not using ipf(8).
MFC after: 3 days
and teach it to look for more general classes of failures, including
SSH login failures. This is similar but not identical to a patch
submitted by aeonflux@synapse.subneural.net.
o Introduce /var/log/authentication.log, which will be the target for
auth.info and authpriv.info by default. Rotate on the same schedule
as most other logs. Create at installation.
o Remove logging of auth.info from /var/log/security.log, which will
return to being only for security feature subsystems (such as ipfw,
and so on).
This creates a special authentication log, which can now be searched
by scripts for authentication events.
argument. Don't fail silently, but let savecore(8) make noise. It
won't behave badly, it doesn't need protection.
At the same time, allow the administrator to have dumpdev enabled
while dumpdir (savecore(8)) is disabled and document how to do it.
PR: conf/35725
systems due to sshd not using the security log class. Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.
Submitted by: aeonflux@synapse.subneural.net
MFC after: 4 weeks
Kerberized CVS (kserver) listens on the same port as normal CVS
(pserver). In /etc/inetd.conf cvs kserver is disabled by default,
but set to listen to the service port 'cvs' which doesn't exist. It
should listen to 'cvspserver'.
PR: 34317
Submitted by: Sean Chittenden <sean@chittenden.org>
seperate the short name and the long name. This was present for most
but not all entries. Because the parsing doesn't reject unrecognized
entries, this didn't cause failures, but it wasn't strictly correct.
Submitted by: Martin Faxer <gmh003532@brfmasthugget.se>
MFC after: 2 weeks
some new IANA-blessed services and close some PRs. Ports for
Jabber and PostgreSQL.
PR: conf/35219, conf/35220
Submitted by: Sean Chittenden <sean@chittenden.org>
MFC after: 1 day
and looks like no other Unix diskless configuration I've ever seen.
Thus allow a more traditional /etc.
Note, the use of an MFS /var should also be settable.
Otherwise installing ports(packages) is just a total PITA.
rc.conf(5) and the files' inline documentation.
- Add the "closed"-type, documented in both places, but which did not
exist in the code.
- When provided a ruleset, the system should not make any assumptions
about the sites's policy and should add no rules of its own.
- Make the "UNKNOWN" (documented in-line) actual work as advertised,
load no rules.
Prodded by: Igor M Podlesny <poige@morning.ru>
MFC after: 1 week
when running natd(8) out of the rc-files. It is perfectly valid for
the interface or alias address to be set in a natd(8) configuration
file, not on the command line. Also, loosen up the restrictions on
identifying an IP address argument in 'natd_interface.'
Fix the documentation, rc.conf(5), to reflect this change.
Take the bogus default for 'natd_interface' out of /etc/defaults/rc.conf.
MFC after: 3 days
at boot (sendmail_enable=NO), a localhost-only daemon may started
(sendmail_submit_enable) as it is needed to accept mail from command line
submissions. If this isn't desired, see etc/mail/README for more hints.
Optionally (sendmail_msp_queue_enable) start a queue runner for the
submission queue in case a daemon isn't available to accept command line
submitted mail at submission time.
Note that the syslog labels for all of these sendmail processes have been
uniquified for easier log parsing.
works and ways to work around common problems people might have.
Include information on reverting to a set-user-ID root sendmail binary in
case anyone really needs to do this.
Checking for the existence of sendmail.cf is rather silly when someone
is using the mailwrapper(8) to run a mail daemon that is not actually
sendmail(8). It is also probably better to let sendmail(8) actually
try to start and error out if the administrator has
'sendmail_enable="YES"' but no sendmail.conf. At present, it would
fail silently.
Reviewed by: gshapiro
MFC after: 2 days
updated driver. The newer driver in current outputs a version string
that contains a space, so we need to eat two words in between RocketPortX
and the number of ports on the board.
values at all if they are not purposefully set. What if the
administrator messed with them in /etc/sysctl.conf? We don't want to
overwrite them.
If 'log_in_vain' is zero, do not force the issue. If it is non-zero,
set it.
pam_login_access(8) and pam_securetty(8) to enforce various checks
previously done by login(1) but now handled by PAM, and pam_lastlog(8) to
record login sessions in utmp / wtmp / lastlog.
Sponsored by: DARPA, NAI Labs
10 in -STABLE), pccardd's string comparison between
pccard.conf's entry and PC card's CIS tupple became strict
matching.
As influences of this commit, some PC cards don't work since
some /etc/default/pccard.conf's card identifiers entries are
incorrectly described.
- Lexar Media compact flash
- IO DATA CBIDE2 in 16 bit mode
- TOSHIBA Portable 24X Speed CD-ROM Drive PA2673UJ
- Hewlett Packard M820e (CD-writer)
Update these card configs.
PR: 33815
Obtained from: [bsd-nomads:16128]
/usr/share/examples/pppd.
Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.
Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.
/usr/share/examples/pppd.
Update pppd(8) documentation to reflect this, usr.sbin/pppd/pppd.8.
Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.
Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.
The files from etc/ppp, ppp.shells.sample and ppp.deny, were moved
with a repo copy. Note it in the logs with a forced commit to these
two.
Submitted by: Maxim Konovalov <maxim@macomnet.ru> provided the new samples.
This change was submitted to the freebsd-audit mailing list for review
but received no feedback. Hindsight-enabled reviews are welcome.
PR: conf/31358
Submitted: Thomas Quinot <thomas@cuivre.fr.eu.org>
# This card has the same PCMCIA and OEM id as ELSA XI300 wireless card, which
# appears to be listed elsewhere in this file.
Submitted by: Abe Toshiaki-san <ans@sun-tec.co.jp>
MFC After: 5 days
Try this out in -CURRENT, MFC, and then consider dropping the
'log_in_vain' knob all together. It really is something for
sysctl.conf(5).
PR: bin/32953
Reviewed by: -bugs discussion
MFC after: 1 week
The code will be fixed for all known security vulnerabilities,
and a make.conf(5) knob (ENABLE_SUID_MAN) will be provided for
those who still want it installed setuid for whatever reasons.
users who don't wish to use it. If the admin is worried about leaking
information about which users exist and which have OPIE enabled, the
no_fake_prompts option can simply be removed.
Also insert the appropriate pam_opieaccess lines after pam_opie to break
the chain in case the user is logging in from an untrusted host, or has a
.opiealways file. The entire opieaccess / opiealways concept is slightly
unpammish, but admins familiar with OPIE will expect it to work.
Reviewed by: ache, markm
Sponsored by: DARPA, NAI Labs
We now do it as a "camcontrol rescan all" which is something ken
promised to implement; for the time being it's not worse than the old
"camcontrol rescan $device" which ended up in something like
"camcontrol rescan aic1". Currently, camcontrol misinterprets the
third non-numeric arg as number 0, and rescans bus 0, which is about
the best we could get at this time.
Approved by: imp
MFC after: 1 week
The catpaging and setuidness features of man(1) combined make
it vulnerable to a number of security attacks. Specifically,
it was possible to overwrite system catpages with arbitrarily
contents by either setting up a symlink to a directory holding
system catpages, or by writing custom -mdoc or -man groff(1)
macro packages and setting up GROFF_TMAC_PATH in environment
to point to them. (See PR below for details).
This means man(1) can no longer create system catpages on a
regular user's behalf. (It is still able to if the user has
write permissions to the directory holding catpages, e.g.,
user's own manpages, or if the running user is ``root''.)
To create and install catpages during ``make world'', please
set MANBUILDCAT=YES in /etc/make.conf. To rebuild catpages
on a weekly basis, please set weekly_catman_enable="YES" in
/etc/periodic.conf.
PR: bin/32791
Submitted by: Michael Johansson <micke@nevermind.net>
o Sony PCWA-C100 WaveLAN card
Submitted by: "Jeremiah Gowdy" <jgowdy@home.com>
o Corega KK Wireless LAN PCCA-11 (version b?)
Submitted by: Masahide *MAC* Noda <mac@clave.gr.jp>
to have backward compatibility symbolic links.
This code should check existence of deprecated locales and
fix them using following scheme:
. if new locale directory exisists and is a symlink -- remove it
. if old locale directory exists and not a symlink -- rename it to
its new name
This should allow to mtree(1) and existing locale aliases make(1)
rules to setup locale dirs correctly (avoid self-referenced symlinks)
BTW, this commit brings in backward compatibility support for ru_SU
locales (aliased to appropriate ru_RU ones).
- The disktab was taken from etc.alpha.
- rc.sparc64 doesn't do anything right now.
- The ttys file has all the vty's commented out since we don't know how
those will work yet. Also, an entry is added for the Openfirmware
console device.
Submitted by: jake (partially)
a packed array so sizeof work. This broke RFMON mode and passing
up 802.11 packets.
The Linux emulation code was derived from the open source Linux driver to
maintain compatibility.
LEAP support is added, hints from Richard Johnson. I've verified this
locally with PC350v42510.img firmware. More bug fixing from Marco to
fix long passwords.
Change DELAYs in flash part of driver to FLASH_DELAY which uses tsleep
so it doesn't look like your system died during a flash update.
Install header files in /usr/include/dev/an
Cleanup some ifmedia bugs add "Home" key mode to ifmedia and ancontrol.
This way you can manage 2 keys a little easier. Map the home mode into
key 5. Enhance ifconfig to dump the various configured SSIDs. I use
a bunch of different ones and roam between them. Use the syntax similar
to the WEP keys to deal with setting difference SSIDs.
Bump up up the Card capabilities RID since they added 2 bytes to it
in the latest firmware. Thankfully we changed it from a terminal
failure so the card still worked but the driver whined.
Some cleanup patches from Marco Molteni.
Submitted by: Richard Johnson <raj@cisco.com>
Marco Molteni <molter@tin.it>
and myself
Various checks: David Wolfskill <david@catwhisker.org>
Reviewed by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Approved by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Obtained from: Linux emulation API's from Aironet driver.
types (networkfs_types) with a version that includes the original
list.
This increases the scope for user error and also means that systems with
networkfs_types set in /etc/rc.conf will not benefit from changes to the
list in /etc/defaults/rc.conf on upgrade.
Instead, store the default list in /etc/rc itself and allow the operator
to append to that list by specifying her own list in networkfs_types.
Rename networkfs_types to extra_netfs_types accordingly, as the new name
better describes the purpose of the variable. Default the value to
'NO'.
the network is initialized. This was first implemented in rev 1.268
of src/etc/rc, but was backed out at wollman's request.
The objection was that the right place for the fix is in mount(8).
Having looked at that problem, I find it hard to believe that
the hoops one would have to jump through can be justified by the
desire for purity alone.
Note that there are reported issues surrounding nfsclient kernel
support and mount_nfs(8), which currently make NFS an ugly exception
to the general case.
With this change, systems with non-NFS network filesystems configured
for mounting on startup in /etc/fstab are no longer guaranteed to
fail on startup.
o uncommnent joy stuff (me)
o Add BONDWELL B236 joystick card (me)
o Add Buffalo WLI-CF-S11G wi card (me)
o CNF CD-m (submitted by gda)
Submitted by: Dmitry A Goncharov <gda@sani.ru>
md device and file system creation occurs *after* mtree is run, and
as such an /var/tmp/* or /tmp/* entries will be under the mountpoint
(or fail) rather than appearing in the md filesystems. This prevents
the creation of vi.recover, and might affect other localizations that
rely on the mtree calls affecting these directories.
LC_MESSAGES related data was installed to <locale>/LC_MESSAGES file.
Now it go to <locale>/LC_MESSAGES/SYS_LC_MESSAGES file. LC_MESSAGES
directory is supposed to be storage of message catalogs of userland tools.
This should allow us to avoid many potential problems with future
libintl related functionality introduction.
Thanks for useful suggestions about correct way how to replace plain
files with directories at installworld stage to: Ruslan Ermilov <ru>
so swap the order.
Also allow rpc.lockd and rpc.statd to be turned on if nfsclient is
enabled. They are needed to provide client side locking support.
PR: conf/27811
already set (e.g. a failed/skipped mergemaster run during an upgrade).
Without this, if script_name_sep was not set in the rc.conf files,
local scripts will not be executed on startup or shutdown.
PR: misc/32687
Submitted by: Nicholas Paufler <echofox@discordia.ca> (the problem)
Sheldon Hearn (the idea behind the fix)
Reviewed by: sheldonh
MFC after: 1 week
- Add instructions regarding replacing 'my.domain', as this has come up
on freebsd-questions.
- Remove reference to rs.internic.net/templates, as that directory no
longer exists. Instead, encourage them gently to talk to their network
provider.
MFC after: 1 week
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.
Reviewed by: ru
Approved by: ru
kernel TCP timer code: rather than checking for tcp_keepalive being
set to "YES", check for "NO" and turn off keepalives if the variable
is set in that manner.
o Note: eventually, it would make sense to remove this variable from
rc.conf management, and instead rely on sysctl.conf. In fact, this
is probably true of a number of rc.conf variables whose sole aim
is to drive the setting of sysctls at boot time.
installed instead of pam.conf. This is for testing; the conditionals will
be removed once we are confident that pam.d works as intended.
Sponsored by: DARPA, NAI Labs
conversion script generated the wrong format, so the configuration files
didn't actually work. Good thing I hadn't thrown the switch yet...
Sponsored by: DARPA, NAI Labs (but the f***ups are all mine)
backward compatibility symlinks for good measure.
DEVFS already gets this right (except for the symlinks).
PR: 24781
Submitted by: Christian Weisgerber <naddy@mips.inka.de>
MFC after: 3 days
to get it all right, allowing ipnat to be enabled independantly of ipfilter
in rc.conf (among other things).
PR: multiple
Submitted by: Arjan de Vet <devet@devet.org>
Reviewed by: Giorgos Keramidas <keramida@FreeBSD.org>
Use these new functions instead of printf(1), which is scheduled for
removal as a shell builtin command, and which will not be available as a
standalone utility if MAKEDEV is run prior to mounting /usr.
Requested by: knu
smmsp - sendmail 8.12 operates as a set-group-ID binary (instead of
set-user-ID). This new user/group will be used for command line
submissions. UID/GID 25 is suggested in the sendmail documentation and has
been adopted by other operating systems such as OpenBSD and Solaris 9.
mailnull - The default value for DefaultUser is now set to the uid and gid
of the first existing user mailnull, sendmail, or daemon that has a
non-zero uid. If none of these exist, sendmail reverts back to the old
behavior of using uid 1 and gid 1. Currently FreeBSD uses daemon for
DefaultUser but I would prefer not to use an account used by other
programs, hence the addition of mailnull. UID/GID 26 has been chosen for
this user.
This was discussed on -arch on October 18-19, 2001.
MFC after: 1 week
the idea of not masking passwords on comments in case the
administrator comments out an entry without clearing the
password. Instead completely ignore comments (since they have no
security impact) when doing the diff of the old and new passwd file.
Suggested by: rwatson
extracted and recreating device files.
Without this, you'll see following messages when 'MAKEDEV all':
[: : out of range
[: : out of range
acd0t is invalid -- can't have more than 32 devices or 169 tracks
Reported by: David Syphers <dsyphers@uchicago.edu> (at current@FreeBSD.org)
continuation lines, extra whitespace, and to use the last matching
line in the file. This syncs the host.conf generation with how
the nsswitch.conf is parsed.
Only print " host.conf" instead of a multi-line message, since this
happens on every boot.
- if nsswitch.conf exists, host.conf is auto-generated for compatibility
with legacy applications and libraries.
- if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto-
generated as usual.
`localhost'. If your /etc/nsswitch.conf has ``hosts: files dns'', and
you changed `myname.my.domain' in /etc/hosts to match hostname(1), and
you run inetd(8) with the -l option, any connect to `myname' using its
real IP address through inetd(8), e.g. `ftp -a myname', will spam your
/var/log/messages with:
inetd[PID]: warning: /etc/hosts.allow, line 23: host name/name mismatch: myname.my.domain != localhost
This is especially bad for -STABLE, where /etc/host.conf defaults to
"files first then DNS" resolution order.
Noticed by: Igor Kucherenko <kivvy@sunbay.com>
MFC after: 1 week
Many people like to use generic devices in rc.syscons, etc..
So rc.devfs needs to run before those rc files.
Requested by: Jos Backus <josb@cncdsl.com>
the original commit of local_startup depended on the scripts being
executable; so there is too much precedence to change it now. About all
anyone could agree on is that rev 1.274 broke POLA and before rev 1.274
also broke POLA.
dhclient and pccard_ether, introduce the concept of a "settle time" to
pccard_ether with the new pccard_ether_delay variable. Defaults to 5
seconds, which is enough time for the ed driver to finish its
autoconfiguration for newer Linksys based cards. This also can
eliminate the ed0: timeout messages that happen at startup as well.
MFC: after RE says OK.
appears to be another OEM version of the Netgear FA411. This is a
guess, since the original didn't include the flags, but this is too
similar to my netgear card...
Submitted by: neal@nelsonnet.org
permissions on some files, and give hints as to what those permissions
might be. Note also that the current more liberal permissions might
get changed in future revisions.
discussed on the arch@ mailinglist (after repo-copy).
sys.mk will .error if it finds /etc/defaults/make.conf but include
it anyways (this is the same behaviour as with the make.conf.local
removal).
/usr/share/examples/etc/make.conf has BDEFLAGS commented out now,
since it's only an example file.
Adjust all textes that talk about make.conf or defaults/make.conf to
match the new situation.
value, it forces GCC to not optimize above this level. For intance, GCC
made with "WANT_FORCE_OPTIMIZATION_DOWNGRADE=1" is a good setting for the
Alpha platform when building ports.
rc.firewall6. Specifically, don't do anything
if [ -z ${source_rc_confs_defined} ]. Not doing this leads to a problem
with dependencies: chkdepend will set, e.g., portmap_enable to YES if
some service that needs portmap is enabled, but rc.network sources
rc.firewall, which used to source defaults/rc.conf unconditionally,
which would result in portmap_enable being set back to NO.
PR: 29631
Submitted by: OGAWA Takaya <t-ogawa@triaez.kaisei.org>
and ftpd. This more conservative default reduces the exposure of
freshly installed machines, which is especially valuable for machines
that receive minimal further configuration before being put into
production. Generally speaking, SSH has superseded the use of both
telnet and ftp in many environments. In light of recent remotely
exploitable security holes in both telnetd and ftpd, this choice
retains flexibility (both telnetd and ftpd daemons remain installed
and easily enableable) while protecting users who don't need the
additional risk. This change brings our configuration into line with
the majority of other UNIX vendors, including OpenBSD and NetBSD.
To address the concerns of those requiring remote access via telnet
from first install, changes will shortly be committed to sysinstall
to provide the ability to edit inetd.conf during the installation
process, allowing telnetd and ftp to be re-enabled during the
installation process.
While I'm at it, slightly improve commenting for inetd.conf so that
it's more clear to users how to enable and disable services.
Further commenting to indicate the functions of various columns would
probably also be useful.
Reviewed by: imp, chris, jake, nate, -arch, -stable
is required into rc.network.
Person failed to use a real name so both email addresses from PR included
(Sent was different to From).
PR: 22998
Submitted by: dl@leo.org/spock@empire.trek.org
us anyway because it doesn't work right on the x86 and alpha. On
K&R code, small ints would be promoted to int. ANSI-C doesn't require
this and the small ints can be passed taking 8 or 16 bits of stack
space. However, the x86 abi that we use *does* promote to 32 bit,
and the alpha ABI passes them in 64 bit registers so we dont have
that aspect of the problem here. Losing float precision by having it
cast down to int because the funtion prototype specifies int is the
least of our problems. -Wmissing-prototypes helps here anyway.
correct some ommissions of udp ports.
Update IANA web page.
Clean up/correct some comments. I went a little further than the PR.
PR: conf/23416
Submitted by: Rudolf Cejka <cejkar@dcse.fee.vutbr.cz>
install /etc/mail/sendmail.cf to /etc/mail/sendmail.cf and exits with an
error:
===> etc/sendmail
install -c -o root -g wheel -m 644 /etc/mail/sendmail.cf /etc/mail/sendmail.cf
install: /etc/mail/sendmail.cf and /etc/mail/sendmail.cf are the same file
*** Error code 64
Catch this in the Makefile and don't call install if the source and target
are the same file.
Reported by: Alexandr Listopad <laa@reis.zp.ua>
MFC after: 1 week
building a .cf file from a .mc file.
Include -D_FFR_TLS_O_T to enable tls policy control since the sendmail binary
build enables that FFR as well.
PR: conf/28361
MFC after: 1 week
for separating the startup scripts' list into individual filenames.
Run the shutdown scripts in reverse alphabetical order, so dependent
services are stopped before the services they depend upon.
Reviewed by: -arch, -audit
MFC after: 3 weeks
non-printable characters to sneak into /var/log/messages (e.g.
someone aims a Solaris/Linux RCP exploit at your FreeBSD box and
you end up with his shellcode as part of a log entry). You might
get something like,
host.mydom.org login failures:
Binary file (standard input) matches
In the daily security script as a result. Allowing attackers to
mess with your security script's ability to accurately report
is a Bad Thing. Tell grep(1) to treat /var/log/messages like a
text file even if it has non-printable characters.
Submitted by: Tim Zingelman <zingelman@fnal.gov> on freebsd-security
Approved by: ru
MFC after: 1 week
the default section and into the papchap section.
It's really irritating when you run ppp with no arguments and end up
blowing away your default route !
the following description in RFC2461:
AdvSendAdvertisements
A flag indicating whether or not the router sends
periodic Router Advertisements and responds to
Router Solicitations.
Default: FALSE
Note that AdvSendAdvertisements MUST be FALSE by
default so that a node will not accidentally start
acting as a router unless it is explicitly
configured by system management to send Router
Advertisements.
Submitted by: JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
MFC after: 1 week
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.
TODO:
- The definitions of SADB_* in sys/net/pfkeyv2.h are still different
from RFC2407/IANA assignment because of binary compatibility
issue. It should be fixed under 5-CURRENT.
- ip6po_m member of struct ip6_pktopts is no longer used. But, it
is still there because of binary compatibility issue. It should
be removed under 5-CURRENT.
Reviewed by: itojun
Obtained from: KAME
MFC after: 3 weeks
after the network is configured.
Future remote filesystem types should be added to remote_fstypes, which
is a whitespace-delimited list of type:description pairs.
The specific problem this fixes right now is that smbfs mounts described
in /etc/ftsab were failing.
Make the default setting YES for now to get some experience with it.
Note: If people starts seeing disk errors because of this then it
should not be backed.
With a small disk being 20GB these days, chances are pretty good that
an ailing sector will not be read while still being recoverable by
the drive.
Diskcheck daemon will read disks in the background at a low rate and
that way give the diskdrive a chance to detect and correct soft read
errors before they become hard errors.
Idea by: phk
Written by: ben
about non-existent mount directories (which would come
into existence after the real mount has occured) when just
testing for if there are any NFS filesystems in /etc/fstab.
PR: bin/26597
Submitted by: Dmitry Morozovsky <marck@rinet.ru>
MFC after: 3 days
systems were repo-copied from sys/miscfs to sys/fs.
- Renamed the following file systems and their modules:
fdesc -> fdescfs, portal -> portalfs, union -> unionfs.
- Renamed corresponding kernel options:
FDESC -> FDESCFS, PORTAL -> PORTALFS, UNION -> UNIONFS.
- Install header files for the above file systems.
- Removed bogus -I${.CURDIR}/../../sys CFLAGS from userland
Makefiles.
is not set. This allows admins to create a per-machine configuration file
while leaving the freebsd.mc template pristine. Provide a rule to create
`hostname`.mc from freebsd.mc if it doesn't exist.
PR: misc/26299
MFC after: 8 days
fsck checking. Applying these changes (typically via mergemaster)
will cause your system to start running background checks on all
your soft update enabled filesystems (provided that you have
a kernel with the required functionality, e.g., one built since
the end of April). Please report any and all problems to
mckusick@mckusick.com (not mckusick@freebsd.org which I read
infrequently). See the comment above the fsck command in /etc/rc
for instructions on how to disable background checking should it
cause you too much trouble.
Several FAQs:
1) Can I reboot before the background checks are done?
Ans) Yes, when the system restarts the checks will pick up
where they left off.
2) Can a crash during checking corrupt my filesystem?
Ans) No, recovered resources are returned to the system using soft
updates which ensure that the freeing is done in a safe order.
3) How will I know if any background checks are being done?
Ans) Filesystems that are to be checked in background will be listed
as `DEFER FOR BACKGROUND CHECKING' at the usual fsck check time
during system startup.
4) What happens to the output of the background checks?
Ans) It is sent to syslog `daemon' facility log level `notice'.
5) When will this feature be available in the 4.X kernel?
Ans) Never. It is much too radical and extensive a change to be
MFC'ed. Besides, it needs many months of experience and
tuning before it is ready for widespread use.
6) What happens if a background fsck fails (i.e., fsck finds
errors that would normally require a manual fsck)?
Ans) The filesystem will be marked as needing a manual fsck.
At the next system reboot, the check will be done in
foreground and the usual actions taken (usually a failure
to go multi-user until fsck has been run by hand on the
affected filesystem).
the null mount, we currently create a temporary mfs on /tmp, copy
/etc to /tmp, then mount /etc as mfs and copy everything back from
/tmp, then delete the /tmp mfs.
The patch eliminates the temporary /tmp mfs and the subsequent
copying and simply populates the /etc mfs by copying from
/conf/default/etc. This requires that /conf/default/etc contain a
complete copy of all the /etc stuff instead of just overrides. I
don't think that is too much of an extra step in setting up a
diskless environment.
* Provide the ability to make /tmp a memory filesystem independent
of /var. This removes the requirement that /tmp be a symlink to
/var/tmp and this makes the diskless code work with the default
filesystem layout. If a seperate /tmp memory filesystem is
created, the 'tmpsize' environment variable is used to determine
its size (default to 10 Meg).
* Reduce diffs between the -current and -stable versions of these
files to a bare minimum. Only the definition of the shell
function 'mount_md' is different.
Not Objected to by: -arch@, -small@
MFC after: 2 days
This driver supports PCI Xr-based and ISA Xem Digiboard cards.
dgm will go away soon if there are no problems reported. For now,
configuring dgm into your kernel warns that you should be using
digi. This driver is probably close to supporting Xi, Xe and Xeve
cards, but I wouldn't expect them to work properly (hardware
donations welcome).
The digi_* pseudo-drivers are not drivers themselves but contain
the BIOS and FEP/OS binaries for various digiboard cards and are
auto-loaded and auto-unloaded by the digi driver at initialisation
time. They *may* be configured into the kernel, but waste a lot
of space if they are. They're intended to be left as modules.
The digictl program is (mainly) used to re-initialise cards that
have external port modules attached such as the PC/Xem.
o create a simple wrapper function mount_md that makes it easy to
move from mount_mfs.
# NOTE: you will need to MAKEDEV md[0123] in order for this to work.
Reviewed by: bsd, keichii
/dev/log like this: if [ ! -h /dev/log ];
The man page for test(1) says that the -h switch is depracated and that
users should NOT rely on it being available. It suggest the -L switch instead.
They both do the same thing: check for the existence of the symbolic link.
PR: 26596
Submitted by: mikem <mike_makonnen@yahoo.com>
BSDPAN is the collection of modules that provides tighter than ever
integration of Perl into BSD Unix.
Currently, BSDPAN does the following:
o makes p5- FreeBSD ports PREFIX-clean;
o registers Perl modules in the FreeBSD package database with a
package name derived from the module name.
The name is of the form: bsdpan-ModuleName-V.VV.
Anyone interested in where BSDPAN is developing should read Anton's
message to the ports mailling list:
Message-ID: <20010105040828.A26011@heechee.tobez.org>
Submitted by: Anton Berezin <tobez@tobez.org>
default first, then network-specific files, then host-specific files.
I think this was the original intent, as Matt indicated the previous
code appeared to be a bug.
out of sync. A similar change was made by itojun on the OpenBSD tree
a few weeks ago. This should stop people disabling one server and
forgetting the other one (eg: ftp and/or telnet)
NO_MAKEDEV_INSTALL and NO_MAKEDEV_RUN. The former implying the latter.
The names imply what they do. The last commit by DES based on a PR defeated
the original idea behind NO_MAKEDEV, which was not to run MAKEDEV, but to do
the installation of MAKEDEV. This should satisfy both parties on the MAKEDEV
challenge.
Note that "right" in this case is not universally recognized, but
NTP-practittioners as opposed to theoretians generally agree that
getting "inside the window" using ntpdate is TRTTD on PC hardware.
PR: 25514
Submitted by: Chris Johnson <cjohnson-pr@palomine.net>
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c
Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>
very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.
(second of three commits)
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
Xircom CreditCard Netwave cnw
Intel PRO/Wireless 2011 (PRISM II) wi
3COM 3CRWE737A (PRISM II) wi
Note: I've had some reports that the latter two cards work, but I've not
been able to get them to work for me.
enable all harvesting options by default since having them on for
devices not present doesn't hurt anything. Leave them on by default
since for the most part they are not producing noticable slowdown,
and are about to get a lot more efficient.
Re-order part of the cheesy entropy process in preparation for
its complete removal.
