permitting the administrator to select a securelevel top operate
at. Include a helpfile summarizing some of the information from
init(8). This allows for explicit configuration of securelevels,
which was previously implicit in Security Profile selection.
Currently, there are no checkboxes for the active securelevel,
because sysinstall's facilities for deriving "current settings"
from rc.conf may use only one variable, not two, and I opted for
the simplest approach at this point.
Approved by: re (scottl)
selection is used to drive two configuration parameters:
(1) Default enable/disable for sshd
(2) Default enable/disable for securelevels
Replace this with an explicit choice to enable/disable sshd. A
follow-up commit will add a configuration option to the Security
post-install configuration menu to set the securelevel in rc.conf
explicitly. This should reduce the level of foot-shooting associated
with accidental enabling of securelevels, make the nature and
implications of the securelevel configuration options more explicit,
as well as make the choice to enable/disable sshd more explicit.
Approved by: re (scottl)
a partition size on ia64. It's not true.
o Ask for a mountpoint for EFI partitions as well and check that it
isn't "/".
o On ia64 we may need to add EFI partitions. Make sure we pass the
right arguments to Create_Chunk_DWIM() in that case.
to better deal with the fact that we need an EFI partition and
that we need to have a mountpoint for it.
o When creating a new partition, add EFI to the list of types
the user can select from. This makes it easy to create an EFI.
o Do not include wizard.c on ia64.
o The user cannot create a partition on ia64 that's a multiple of
the cylinder size. We don't have a notion of cyclinders.
o Also allow swap and filesystem partitions outside a freebsd slice.
This is typically the case for GPT.
o Allow chunks of type "whole" to be displayed at the top. This is
to allow a GPT disk to be labeled. We need a slice out of which we
can make partitions, but a GPT disk doesn't have slices. For GPT
disks a chunk of type "whole" can then be used as a placeholder.
(1) Don't modify the configuration of the NFS server as a result of
selecting a profile. We already explicitly prompt for the NFS
server configuration during install, and the user may not get
much advance notice that we're turning it off again. Instead,
use profiles (for better or for worse) only for security tuning.
(2) Don't modify the sendmail setting as part of the security profile:
use the default from /etc/defaults/rc.conf rather than explicitly
specifying. Note that the default in /etc/defaults/rc.conf is
more conservative than the explicit rc.conf entry added by
sysinstall during install, as it does not permit SMTP delivery.
(3) Update "congratulations on your profile" text to reflect these
changes.
Note that security profiles now affect only the securelevel and sshd
settings. My leaning would be to make sshd an explicit configuration
option, move securelevels to the security menu, and drop security
profiles entirely. However, that requires more plumbing of sendmail
than I'm currently willing to invest.
We may want to add a "permit SMTP delivery" question to the install
process.
archaic at this point in time. Pretend nobody runs FreeBSD 1.x anymore
in order to not confuse people needlessly.
Laplink support probably doesn't even work at this point in time anyway...
- Add 'enable_exim="YES"' to rc.conf(5)
- Use the default exim configuration file from the port
- When using sendmail, disable some more scripts that use sendmail specific
parameters
- Have sysinstall tweak mailer.conf(5) substitution
- Use 'N' flag for newsyslog(8)
Submitted by: Oliver Eikemeier <eikemeier@fillmore-labs.com>
Reviewed by: sheldonh, simon
Tested by: myself (trhodes) and submitter
written by Stuart Walsh and Duncan Barclay (with some kibbitzing by
me). I'm checking it in on Stuart's behalf.
The BCM4401 is built into several x86 laptop and desktop systems. For the
moment, I have only enabled it in the x86 kernel config because although
it's a PCI device, I haven't heard of any standalone NICs that use it. If
somebody knows of one, we can easily add it to the other arches.
This driver uses register/structure data gleaned from the Linux
driver released by Broadcom, but does not contain any of the code
from the Linux driver itself. It uses busdma.
rl(4) driver and put it in a new re(4) driver. The re(4) driver shares
the if_rlreg.h file with rl(4) but is a separate module. (Ultimately
I may change this. For now, it's convenient.)
rl(4) has been modified so that it will never attach to an 8139C+
chip, leaving it to re(4) instead. Only re(4) has the PCI IDs to
match the 8169/8169S/8110S gigE chips. if_re.c contains the same
basic code that was originally bolted onto if_rl.c, with the
following updates:
- Added support for jumbo frames. Currently, there seems to be
a limit of approximately 6200 bytes for jumbo frames on transmit.
(This was determined via experimentation.) The 8169S/8110S chips
apparently are limited to 7.5K frames on transmit. This may require
some more work, though the framework to handle jumbo frames on RX
is in place: the re_rxeof() routine will gather up frames than span
multiple 2K clusters into a single mbuf list.
- Fixed bug in re_txeof(): if we reap some of the TX buffers,
but there are still some pending, re-arm the timer before exiting
re_txeof() so that another timeout interrupt will be generated, just
in case re_start() doesn't do it for us.
- Handle the 'link state changed' interrupt
- Fix a detach bug. If re(4) is loaded as a module, and you do
tcpdump -i re0, then you do 'kldunload if_re,' the system will
panic after a few seconds. This happens because ether_ifdetach()
ends up calling the BPF detach code, which notices the interface
is in promiscuous mode and tries to switch promisc mode off while
detaching the BPF listner. This ultimately results in a call
to re_ioctl() (due to SIOCSIFFLAGS), which in turn calls re_init()
to handle the IFF_PROMISC flag change. Unfortunately, calling re_init()
here turns the chip back on and restarts the 1-second timeout loop
that drives re_tick(). By the time the timeout fires, if_re.ko
has been unloaded, which results in a call to invalid code and
blows up the system.
To fix this, I cleared the IFF_UP flag before calling ether_ifdetach(),
which stops the ioctl routine from trying to reset the chip.
- Modified comments in re_rxeof() relating to the difference in
RX descriptor status bit layout between the 8139C+ and the gigE
chips. The layout is different because the frame length field
was expanded from 12 bits to 13, and they got rid of one of the
status bits to make room.
- Add diagnostic code (re_diag()) to test for the case where a user
has installed a broken 32-bit 8169 PCI NIC in a 64-bit slot. Some
NICs have the REQ64# and ACK64# lines connected even though the
board is 32-bit only (in this case, they should be pulled high).
This fools the chip into doing 64-bit DMA transfers even though
there is no 64-bit data path. To detect this, re_diag() puts the
chip into digital loopback mode and sets the receiver to promiscuous
mode, then initiates a single 64-byte packet transmission. The
frame is echoed back to the host, and if the frame contents are
intact, we know DMA is working correctly, otherwise we complain
loudly on the console and abort the device attach. (At the moment,
I don't know of any way to work around the problem other than
physically modifying the board, so until/unless I can think of a
software workaround, this will have do to.)
- Created re(4) man page
- Modified rlphy.c to allow re(4) to attach as well as rl(4).
Note that this code works for the sample 8169/Marvell 88E1000 NIC
that I have, but probably won't work for the 8169S/8110S chips.
RealTek has sent me some sample NICs, but they haven't arrived yet.
I will probably need to add an rlgphy driver to handle the on-board
PHY in the 8169S/8110S (it needs special DSP initialization).
This option adds Postfix and Exim to the list, however, qmail is not added
due to license restrictions.
Collaborated with: Simon L. Nielsen <simon@nitro.dk>
Reviewed by: jhb, re@, -audit.
'use entire disk'. Neither for ia64 while I'm here - it needs a MBR if
its going to use fdisk+disklabel. The ia64 case is mostly academic though
because you'd be creating two partitions (dos + freebsd) rather than
a single freebsd-only partition.
PC98 boot blocks don't support UFS2. We keep newfs(8) defaulting to
UFS2.
Warn users that FreeBSD can only boot from a root file system smaller
than 1.5TB; hopefully this will get fixed by the patches currently
floating around on -CURRENT.
Reviewed by: nyan
ethernet controller. The driver has been tested with the LinkSys
USB200M adapter. I know for a fact that there are other devices out
there with this chip but don't have all the USB vendor/device IDs.
Note: I'm not sure if this will force the driver to end up in the
install kernel image or not. Special magic needs to be done to exclude
it to keep the boot floppies from bloating again, someone please
advise.
FreeBSD 5.1-RELEASE and later:
- newfs(8) will now create UFS2 file systems unless UFS1 is specifically
requested (-O1). To do this, I just twiddled the Oflag default.
- sysinstall(8) will now select UFS2 as the default layout for new
file systems unless specifically requested (use '1' and '2' to change
the file system layout in the disk labeler). To do this, I inverted
the ufs2 flag into a ufs1 flag, since ufs2 is now the default and
ufs1 is the edge case. There's a slight semantic change in the
key behavior: '2' no longer toggles, it changes the selection to UFS2.
This is very similar to a patch David O'Brien sent me at one point, and
that I couldn't find.
Approved by: re (telecon)
Reviewed by: mckusick, phk, bmah
read from CD from 2k to 16k, because in the modern world of meta-packages
(Gnome et al) the length of this list could easily owerflow limit causing
strange things to happen, ranging from installation failure due to list
truncation to complete stack trashing (there is very vague bounds checking).
For example, x11/gnome2-fifth-toe runtime dependencies list is 2,418 bytes
long.
Due to obvious reasons, this is an immediate MFC candidate.
Sponsored by: Porta Software Ltd
MFC after: 1 day
If we already have a lease and restart sysinstall (or something with
the net configuration goes wrong), we would have to reboot just
because there is a dhclient hanging around.
Reviewed by: murray (re)
MFC after: 5 days
physical memory. The default is still 2x physical memory. The nominal
calculation is used to back-off swap auto-allocation ('A'uto command)
when the disk is not large enough to accomodate all filesystem auto-defaults.
This gives other partitions (like /usr) more priority over swap on smaller
disks.
This should help solve reported auto-sizing failures on machines with small
hard drives and huge amounts of memory. For example, a machine with 2G of
disk and 4G of memory will fail to auto-size without this fix.
MFC after: 3 days
'base' dist rename.
- Rework struct dist to allow for different types of dists. There are
currently three types of dists: DT_TARBALL, the traditonal gzipped and
split tar file; DT_PACKAGE, a package; and DT_SUBDIST, a meta-dist in
the tree that has its own array of dists as its contents. For example,
the 'base' dist is a DT_TARBALL dist, the 'perl' dist is a DT_PACKAGE
dist, and the 'src' dist is a DT_SUBDIST dist with its own dist table
that contains 'sbase', 'ssys', etc.
- Add helper macros for defining array entries for the different types of
dists to try and make the statically defined dist table in dist.c more
readable.
- Split the logic to deal with a DT_TARBALL dist out of distExtract()
and into its own distExtractTarball() function. distExtract() now
calls other functions to extract each dist.
- Tweak the percentage complete calculation in distExtractTarball() to
do the multiply prior to the divide so it doesn't have to use floating
point.
- Axe the installPackage() function along with the special handling for
the perl and XFree86 dists in distExtractAll() since distExtract()
handles package dists directly now.
- Add back in subdists for the X packages based on the split up packages
that XFree86-4 uses that as closely map to the X dists we used with
X 3.3.x.
- Lots of things like distSetX() and the X dist masks are no longer
#ifndef X_AS_PKG since we use them in both cases now.
- Make the entire installFixupXFree() function #ifndef X_AS_PKG, we only
call it in that case anyways, and it's not suitable for the X_AS_PKG
case.
- Add in X dist menus for the X_AS_PKG case.
Approved by: re
load drivers from the driver floppy if the "driver_floppy" variable is set
in the kernel environment and call this function after probing devices but
before displaying the main menu.
X-MFC after: as soon as I finish committing to current
Approved by: re@ (blanket)
i386, remove the seatbelt preventing users from setting the UFS2 flag
on the root file system on i386. This seatbelt did not exist on
other platforms.
MFC candidate.
type of new slices and to change the type of existing slices. This also
has the advantage of moving a few #ifdef PC98's up to where the macros
are defined instead of in the middle of the code.
- Change the behavior of the 'T' option in the slice editor so that the
default value in the dialog box is the current type of the existing
slice rather than defaulting to changing the slice to a FreeBSD slice as
this is more intuitive.
Approved by: re
editor, in order to support specifying UFS2 as a newfs option.
(1) Support three different newfs types: NEWFS_UFS, NEWFS_MSDOS, and
NEWFS_CUSTOM. Don't mix up the arguments to them: you can't use
soft updates on an msdos file system.
(2) Distinguish adding new arguments to the newfs command line from
replacing it. Permit the addition of new arguments by the user for
NEWFS_UFS. If we entirely replace the command line provided by
sysinstall, call it NEWFS_CUSTOM. 'N' will now add additional
arguments; 'Z' will opt to replace the newfs command line entirely,
but will prompt the user with their current command line as a
starting point.
(3) Construct the newfs command line dynamically based on the options
provided by the user at label-time. Right now, this means selecting
UFS1 vs. UFS2, and the soft updates flag. Drop in some variables
to support ACLs and MAC Multilabel in the future also, but don't
expose them now.
This provides sysinstall with the ability to do more "in band" editing
of the newfs command line, so we can provide more support for the user,
but doesn't sacrifice the ability to entirely specify the newfs command
line of the user is willing to give up on the cushiness factor. It
also makes it easier for us to specify defaults in the future, and
define conditional behavior based on user configuration selections.
For now, we default to UFS1, and permit UFS2 to be used as the root
only on non-i386 systems.
While I was there, I dropped the default fragment and block sizes,
since newfs has much more sensible defaults now.
Reviewed by: jhb, marcel
Approved by: re
ia64 bits from: marcel
rather than installX11package().
- Add a perl psuedo-dist that installs the perl package. The perl
distribution is selected by default when a User distribution set is
selected. It is not selected when a Minimal distribution set is
selected. The perl distribution may be toggled manually in the
custom menu just as other distributions.
Approved by: re
bug fixed yesterday. New slices created in the fdisk editor and slices
whose sub-type is changed are of type 'mbr' if their sub-type is not a
magic type, not type 'unknown'.
Approved by: re
o Mount the EFI file system as msdosfs and not ufs as it's a FAT
file system. Introduce Mount_msdos() for this to go side-by-side
with Mount().
o Also, since mounting is performed as a command (which means it's
queued, sorted, lost, found and executed), we cannot create a
directory on the file system by calling mkdir. We must make sure
the mkdir happens after the mount. Introduce Mkdir_command() to
allow mkdir operations to be queued, sorted, lost, found and
executed as well.
Approved by: re (jhb, rwatson)
- Only declare mouse menus if WITH_MICE.
- Only declare syscons menus if WITH_SYSCONS.
- Only declare fdisk editor functions if WITH_SLICES.
Approved by: re
WITH_SYSCONS is defined.
- Only define mouse menus and mouse menu items if WITH_MICE is defined.
- Use WITH_SLICES instead of explicit lists of architectures to control
the layout of menus dependent on if slices are used on this arch or not.
- Only include the linux startup option if WITH_LINUX is defined.
- Only include the SVR4 startup option on i386. It doesn't work on sparc64,
and it is debatable that it even works on i386.
- Change the OSF1 startup option to execute configOSF1() instead of just
setting the variable so that /compat/osf1 gets created.
Tested on: i386, alpha, sparc64
Approved by: re
fdisk editor if WITH_SLICES. Before this on arch's that didn't support
slices such as alpha and sparc64 you would drop into the fdisk editor after
doing an Undo in the label editor.
Approved by: re
of an explicit list of architecture defines.
- Tweak the message prior to the label editor in the !WITH_SLICES case to
make it slightly less awkward since this is the first dialog we see after
starting an install.
- Only offer to customize syscons settings if WITH_SYSCONS.
- Offer to enable Linux compat if WITH_LINUX. Before we only did this for
i386.
- On the alpha, offer to enable OSF/1 compat after asking about Linux
compat.
- Only offer to configure moused(8) if WITH_MICE is defined.
Tested on: i386, alpha, sparc64
Approved by: re
and more maintainable.
- WITH_SYSCONS: defined on all arch's that support syscons (currently i386,
alpha, and ia64)
- WITH_MICE: defined on all arch's that support moused(8) (currently i386,
alpha, and ia64)
- WITH_SLICES: defined on all arch's that use disk slices (currently i386
and ia64)
- WITH_LINUX: defined on all arch's that support Linux binary compat
(currently i386 and alpha)
Approved by: re
the two GNOME 1-based alternatives.
While here, note that a majority of the items in this menu are not
sentences, and remove trailing dots to make the remainder consistent.
Reviewed by: marcus
Approved by: re (bmah)
of the EFI file system. This makes the EFI partition non-optional.
I don't think that the links are actually correct, given that all
the mount points are under /mnt when sysinstall is run as init.
(ie a non-upgrade). Thus: I think I need to go in once more, but
at least this doesn't get lost...
partitions marked as being of type efi. This change adds code to
1. actually run the newfs command at mount time (install.c),
2. display the newfs state on screen (label.c)
3. allow toggling of the newfs state (label.c)
Even though newfs(8)-ing FAT partitions can be of use on i386
machines in general, it has been opted to minimize impact for
now.
With this change there's no a priori difference between EFI and
FAT partitions. With this change and the corresponding change to
libdisk, we can create EFI partitions, just like regular FAT
partitions.
the loop that runs through the environment variables to be a bit more
intuitive. Also, change some 'continue's in failure cases to 'break's
instead. If we are going to fail, we should just do it.
PR: bin/40654
Submitted by: Thomas Zenker <thz@Lennartz-electronic.de> (partially)
argument as of revision 1.52 (July 12, 1996, about a month after I
graduated from high school) when 'newfs -u' support was axed, so remove it.
This also allows us to remove a hack in the create partition case where we
created the partition twice since we didn't have the size the first time.
- Disabled 'Syscons, Font', 'Syscons, Screenmap' and 'Syscons, Ttys' menus
on pc98.
- Fixed the MenuMouseType and MenuMousePort menus for pc98.
- Fixed some comments for pc98.
something applies to. So change #ifndef to an explicit list of defines.
* Treate sparc64 and ia64 as 64-bit platforms, which means larger roots.
* sparc64 should halt back to the firmware, not reset.
* sparc64 doesn't need to play MS-DOS/BIOS partition crap games.
Reviewed by: jake
actually does work. Ignore errors from kldload(2) if the errno value is
EEXIST. It would help if this return value were documented in the
kldload(2) manual page.
one can set the 'noError' variable to ignore any errors that occur for the
next command. However, the code was only unsetting 'noError' when an error
actually occurred, so if you set 'noError', the next command completed ok,
and the command after that failed, the second command's failure would be
ignored. This fixes this by performing the 'noError' check earlier and
then unsetting 'noError' after every command that is run.
Sponsored by: The Weather Channel
temporarily turn off the nonInteractive variable around the DHCP and IPv6
Yes/No questions in a network device setup so that those questions are
asked.
Also add the ability to use Bzip'ed distributions -- but this is exclusive
of being able to use Gzip'ed distributions.
Sponsored by: FreeBSD Mall, Inc.
present, this field specifies the media volume that the disc is
contained on. If the volume of a given packages is different than the
current volume of mediaDevice, then the user is prompted --
"This is disc #%d. Package %s is on disc #%d\n"
"Would you like to switch discs now?\n"
If the user selects yes, then DEVICE_SHUTDOWN is called and the user
is then prompted --
"Please remove disc #%d from you drive, and add disc #%d"
This works well for a carefully crafted INDEX file, but more work
needs to be done to sort dependencies on a given package based on the
volume that they reside on, to minimize the amount of disc flipping
required of the user.
This commit is a no-op for normal INDEX files and FreeBSD CDs. These
additional features are only used if the INDEX and cdrom.inf file have
multi-volume support.
so know we have proper PKG registration and dependency information.
This is a WIP for 5.0 DP #1, so it is still rough around the edges and
does not GC the old XFree86 3.3.6 handling stuff that should be GC'ed.
Sponsored by: FreeBSD Mall, Inc.
from CD-ROM in 4-stable. Note that in 5-current, we use devfs so this
change (hopefully) shouldn't change anything.
I'll MFC to 4-stable later.
Tested with: FreeBSD/i386, 4.5-STABLE-20020330-JPSNAP
While I'm here, make the menu entries on the documentation menu begin
with "1" instead of "2".
Reviewed by: imp, rwatson, murray
Approved by: imp, rwatson, murray
MFC after: 1 week
installed ones under /boot (which we may not even have in the
case of a cross build).
This introduced chicken and egg problem - we need boot images
early in the "depend" stage but they have not yet been built.
Work around this by excluding the generated makeboot.c source
from the "depend" list; it's okay because we hardcode all its
dependencies explicitly. We actually lose the dependency bit
on <sys/types.h> but it's probably okay too as the only thing
we use is the u_char datatype and this is unlikely to change.
After all, it's normal for sloppy cleaning to cause problems.
beast.FreeBSD.org running 5.0-CURRENT alpha has been able to
cross build i386 world with this patch.
Prodded by: gallatin
all facilities that previously relied on /proc have been rewritten
to use ptrace(). procfs has presented a substantial security
hazard for years, with several user->root compromises in the last
few years. Procfs will continue to be available but will require
administrator intervention to use.
Reviewed by: scottl, jedgar, mike, tmm
attention to the sub-optimal way that we deal with package
dependencies. Traditionally, for each package in an INDEX that the
user wants to add, we check all of the dependencies first even if the
package is already installed. With some GNOME packages, this can
cause package_extract to be called for 50 different dependencies when
we know the top level package is already installed.
The new behavior is to not check dependencies for packages that are
already installed. This fixes a bug where sysinstall gets itself into
a CPU intensive loop when trying to install sawfish gnome with the
most recent ports/INDEX. There is a bug somewhere in the ports INDEX,
but with over 6,400 ports we need to be a little more forgiving here.
block sizees larger than 8192 bytes have been resolved, as per the
following deltas:
rev 1.34 src/sys/boot/i386/boot2/boot2.c
rev 1.5 src/sys/boot/alpha/boot1/sys.c
filesystem using a block size of 8192. Since this seems unlikely to
be fixed soon (specifically in time for 4.5-RELEASE on the RELENG_4
branch), fall back to the old default block and frag sizes of 8192 and
1024 in sysinstall on the alpha.
Reported by: jhb
to recover its space into the previous partition. Revert 'D'elete
to not attempt to recover any space.
Do not auto-create /home as per release engineers decision (though
I think this is a mistake). However, all of this code will be
replaced later on anyway either with Jordan's stuff or with
some other sort of templater, so it isn't a big deal.
o Move nfs_reserved_port_only out of security profiles (where it was
set somewhat improperly) to the Security options menu directly.
Previously, the variable was set to true for Moderate, but not for
Extreme, which is at best inconsistent.
o Update the Security Profiles help file to remove reference to the
NFS reserved port.
o Note that the kernel currently defaults the sysctl to '0', but
sysinstall has changed it to '1' as a default as of late; however,
rc.conf sets the value to NO as the default. This change brings
them relatively into sync.
Sponsored by: DARPA, NAI Labs
and pull configSecurityProfile under that menu. Add a menu option
to determine whether LOMAC is enabled at boot. Probably, eventually,
many of the 'Security Profile' menu choices should be pulled out
independently into the Security Menu, so as to make them individually
selectable.
Sponsored by: DARPA, NAI Labs
The user can still toggle it back off in the label editor (or post-install
for that matter) if they explicitly do not want soft updates to be used
for some reason.
Agreed to be a good thing by: kirk
16384/2048.
Following recent discussions on the -arch mailing list, involving dillon
and mckusick, this change parallels the one made over a decade ago when
the default was bumped up from 4096/512.
This should provide significant performance improvements for most
folks, less significant performance losses for a few folks and
wasted space lost to large fragments for many folks.
For discussion, please see the following thread in the -arch archive:
Subject: Using a larger block size on large filesystems
The discussion ceases to be relevant when the issue of partitioning
schemes is raised.
have a USB mouse. Here's the deal on how this works: USB mouse have
moused run for them automatically by usbd so we don't need to setup moused
for them. We do need to setup moused for other mice though, so if the
user has a USB mouse, we don't need to do anything. Hence the wording
"Do you have a non-USB mouse installed?" for the question. The question
can be reworded as "Do you have a PS/2 or Serial mouse installed?" instead
if that is preferred.
(1) We don't need compat3x and compat4x as we build the bits on the proper
release now (vs. getting them from the XFree people).
(2) We handle the compat2x needs thru proper port dependancies now.
sysinstall will automatically expand the previous partition to take up
the freed up space. So you can 'D'elete /home and /usr will get the
combined space, or you can 'D'elete /tmp and /var will get the combined space.
This gives the user, developer, or lay person a huge amount of flexibility
in constructing partitions from an 'A'uto base. It takes only 3 or 4
keystrokes to achieve virtually any combination of having or not having
a /tmp and/or /home after doing an 'A'uto create.
Change 'A'uto creation of /var/tmp to 'A'uto creation /tmp, which should
be less controversial.
MFC after: 6 days
defaults both in regards to the size of the partitions that are created
and in regards to safety and functional separation.
Still TODO: extend the previous partition to cover a deleted partition
if the previous partiton was auto-created, and supply some sort of
solution for /tmp.
Reviewed by: Just about everyone
Approved by: Nobody except maybe my pet mouse fred
Obtained from: God, so complain to HIM
MFC after: 1 week
1) Use devfs to mount filesystems. If mounting devfs is fail,
fallback to old code.
2) When fscking filesystems, use 'fsck_ffs' explicitly. As a
result, we no longer need 'fsck' the wrapper program.
Reviewed by: jkh
Since userconfig feature is implemented by tweaking variables (hint.*)
with loader(8), we can put back an equivalent feature. Maybe the first
step for this is to commit yokota-san's patch (add userconfig command
for loader).
Approved by: jkh
with 'HEAD' method.
Actually, when http.c was born, it used 'GET' method. This was changed
with revision 1.4 (which was submitted as PR: 21449). I've confirmed
to Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>,
the submitter of PR: 21449, and it's absolutely OK that we can use
GET method.
Add missing 'FreeBSD' tag, and copyright notice. This file is originally
submitted by PR: 11316; I've contacted to the PR originator to submit it.
PR: 32238
Submitted by: Christoph Weber-Fahr <christoph.weber-fahr@arcor.de> (patch),
and Philipp Mergenthaler <un1i@rz.uni-karlsruhe.de> (copyright)
MFC after: 1 week
ethernet controllers. This adds support for the 3Com 3c996-T, the
SysKonnect SK-9D21 and SK-9D41, and the built-in gigE NICs on
Dell PowerEdge 2550 servers. The latter configuration hauls ass:
preliminary measurements show TCP speeds of over 900Mbps using
only normal size frames.
TCP/IP checksum offload, jumbo frames and VLAN tag insertion/stripping
are supported, as well as interrupt moderation.
Still need to fix autonegotiation support for 1000baseSX NICs, but
beyond that, driver is pretty solid.
floppies if you try to actually use it. This code will work fine if
you build and use sysinstall on a running system, since you have the
benefit of an installed termcap file. However, this code does not
work on an MFSROOT, where you must set the TERMCAP environment
variable properly. Unfortunately the quick fix of setting the TERMCAP
variable doesn't seem to fix the problem either. olgeni will add this
functionality back once it's been fully implemented (hopefully using
the working code in termcap.c).
PR: bin/30739
Submitted by: Alexey V. Neyman <alex.neyman@auriga.ru>
Discussed with / Pointy hat to: olgeni
MFC after: 3 days
survive a sysinstall Ctrl-C -> 'Restart'. This fixes another annoying
bug where restarting sysinstall will try to reload kernel modules and
do other external things that have already been done. For now, use
these persistent variables to keep track of module, usbd, and pccardd
initialization.
Bug found by: rwatson
MFC after: 1 week
environment. This fixes an annoying bug where hitting Ctrl-C and
telling sysinstall to 'restart' will do no such thing since many of
the options are still set and so you won't be prompted for them
again.
MFC after: 1 week
variable to check for debug functionality. Previously, you had to set
both 'debug' and 'SYSINSTALL_DEBUG' to get a log of sysinstall's
activities. Now, only 'debug' is necessary.
for each option in the DHCP lease file. The DHCP lease parsing code
specifically ignores more than the first nameserver, but it didn't
previously deal with the case of more than one router. This caused
segfaults and a painful death when installing on a network with
multiple routers.
PR: misc/16003
interactive case. This already works for non-interactive installs,
but at least one user thinks it would be useful and it certainly seems
more correct to allow it here as well.
So, this will now work :
# sysinstall netDev=fxp0 tcpMenuSelect
PR: bin/30229
Submitted by: Mikhail Teterin <mi@aldan.algebra.com>
This will now allow sysinstall to work properly if a FreeBSD CD/DVD is
already mounted as /cdrom, instead of just crapping out when it tries
to mount as /dist and gets EBUSY.
PR: conf/28081
Tested by: jhb
useful for post install configuration or other cases that might not be
handled by usb.c. (usb.c already sets usbd_enable iff sysinstall
detects usb during install).
PR: bin/18946
Submitted by: Peter van Heusden <pvh@egenetics.com>
Reviewed by: jhb
and RTSOL in sysinstall. If the respective TRY_FOO variable is set to
"YES" then it will be tried without prompting the user.
However, if the TRY_FOO variable is set to "NO" then the user will not
be prompted for a choice. This is the correct behavior, since we want
people to be able to script sysinstall in either case.
However, the default TRY_FOO variable has been "NO" since 1999. This
is incorrect, and when the logic was corrected in tcpip.c this has the
effect of never giving the user a choice to use DHCP or IPv6. The
value should be undefined until it is set by a script or by the user.
Submitted by: Randy Pratt, Chern Lee, many others.
UPGRADE.TXT along with a YesNo dialog requesting confirmation of
the upgrade. During the transition to RELNOTESng, UPGRADE.TXT got
folded into a file that eventually renders as INSTALL.TXT, which
makes sysinstall complain about a non-existent file. As a
solution/workaround, point the user at INSTALL.TXT, and then request
confirmation.
Noticed by: rpratt (on 4.4-RC3)
Approved by: jkh
post-configuration "Startup" menu. In the event that diskcheckd is
removed, this can easily be trimmed also; in the mean time, it allows
diskcheckd to be easily disabled using our documented management
tool
the name for the moderate security profile is "moderate", not
"medium", so update this one reference to it as "medium".
This is a 4.4-RELEASE MFC candidate.
MFC after: 2 days
Add a timestamp to the comment so that it's possible to see when
changes were made.
e.g.:
# -- sysinstall generated deltas -- # Wed Aug 15 18:10:20 2001
conservative default, and actually prompt specifically for inetd rather
than handling it as a side effect of the security profile. Update the
help file to reflect this change.
o Rename "Fascist" to "Extreme" in the source code, to match the names
presented to the user.
o Remove portmap and inetd from profile management. Portmap is now
disabled by default, but automatically turned on if a feature requires
it (such as NFS, etc).
This is an MFC candidate for 4.4-RELEASE.
Reviewed by: freebsd-arch@FreeBSD.org
Approved by: re@FreeBSD.org
MFC after: 2 days
post-install config, reduce the potential confusion from the existence
of both configTTYs and configTtys by renaming configTTYs to
configEtcTtys. While this is not a C naming conflict, it was probably
a poor choice of names on my part.
system installation process. This allows users installing via serial
console to enable serial console login during the installation
process using an un-customized install. The user is not prompted to
modify /etc/ttys during a normal install, but is offered the
opportunity during post-install configuration.
- Introduce configTTYs(), which describes the benefits of editing
/etc/ttys, and asks for confirmation before spawning the editor.
- add configTTYs to the post-install configuration, as well as to
the global configuration index.
by providing the opportunity to edit inetd.conf during the system
installation process. The following modifications were made:
(1) Expand the Anonymous FTP description dialog to indicate that inetd
and ftpd must be enabled before it can be used.
(2) Introduce a new configInetd() pair of dialogs, the first describing
inetd, giving a couple of examples of services that require it, and
hinting at potential risk, then asking the user if they wish to
enable it. The second indicates that inetd.conf must be configured
to enabled specific services, and asks if the user would like to
load inetd.conf into the editor to modify it. Add this
configuration action to the index.
There are some further improvements that might be considered:
(1) Provide a more inetd.conf-specific configuration tool that speaks
inetd.conf(5). However, this is made difficult by the "yet another
configuration format" nature of inetd.conf, as well as its use of
commenting to disable services, rather than an in-syntax way to
disable a service without commenting it out. Submissions here
would probably be welcome.
(2) There's some overlap between settings in the somewhat obtuse
Security Profile mechanism and other settings, including the inetd
setting, and NFS server configuration. As features become
individually tunable, they should probably be removed from the
security profile mechanism. Otherwise, somewhat counter-intuitively,
sysinstall (in practice) queries multiple times whether inetd, nfsd,
etc, should be enabled/disabled. A possible future direction might
be to drive profiles not by degree of paranoia, rather, the set
of services desired. Or simply to remove the Security Profile
mechanism and resort to feature-driven configuration.
Reviewed by: imp, chris, jake, nate, -arch, -stable
