Clean up style and make more consistent.
Replace test with if-then-else to make the script more legible.
Replace the call to dirname with the shell %/* operator avoiding a
fork & exec.
Reorder the test for $var_run_autosave before the test for /var/run on
tmpfs. This avoids gratuitously scanning the mount table for a tmpfs
/var/run.
Initial concept by and in discussion with:
Harry Schmalzbauer <freebsd@omnilan.de>
No functional change intended.
MFC after: 2 weeks
Differnential revision: https://reviews.freebsd.org/D47773
Using the rc plumbing to setuid(2) is preferred as it allows the user
to use the -i option in ntpd_flags to chroot ntpd.
Chrooting ntpd by default will be a 2025 project.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D48191
Since we now have sdot, use it to get RC_LEVEL from rc.conf.d/rc_trace
also avoid logging execution of ':' when RC_LEVEL > 0
Reviewed by: stevek
Differential Revision: https://reviews.freebsd.org/D48856
Drivers, including those that support SR-IOV, can be loaded via kld_list
and it makes sense to process iovctl configuration files afer all
drivers have been loaded.
MFC after: 1 week
Sponsored by: Chelsio Communications
Reviewed by: 0mp, jhb
Differential Revision: https://reviews.freebsd.org/D47937
This reverts commit 2d17f44a5a. It hangs
the boot. It turns out I installed my test on the wrong machine and
rebooted the other one...
Sponsored by: Netflix
chkerr() ignores the exit code of a preceding mount command in case a
file ```remount_optional``` exists. The check is performed and a
subshell is launched to log the informational message and return. The
return is executed in the context of the subshell, not the context of
the chkerr() function, hence is a NOP. The remount_optional check is
hence ineffective.
Change the code to if/then/fi, so the return is evaluated in the context
of the chkerr function, to make the check effective.
Reviewed by: imp, emaste
Pull Request: https://github.com/freebsd/freebsd-src/pull/1497
Safe mode may be enabled because of some problem discovered with a kmod,
thus wanting to avoid devmatch. Honor it and let the user deal with
the fallout of not autoloading modules. We've at least made it to
userland and the user demonstrably has a local console as they selected
safe mode in the first place, so this shouldn't be fatal if we don't,
e.g., load a necessary NIC driver.
The sendmail startup script can run 4 daemons: sendmail, sendmail_submit,
sendmail_outbound, and sendmail_msp_queue. Of the first 3 at most one
can be enabled. There's a run_rc_command call for each and the ones for
sendmail and sendmail_msp_queue run unconditionally. For some rc
commands this triggers warnings or errors when sendmail_enable="NO" or
sendmail_msp_queue_enable="NO". Since d2e7bb630b these errors are
propagated and the whole script fails.
Fix this by first determining which daemons are enabled, setting ${name}
and ${rcvar} accordingly, and then always calling run_rc_command
conditionally.
Also replace ${name}.cf with sendmail.cf because ${name} isn't always
sendmail.
PR: 282585
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D47757
When we match a tag and turn tracing, see if we have any
$DEBUG_ON:debug_add:tag in DEBUG_SH and if so add the new tag.
This allows for more focused debugging during boot.
Reviewed by: stevek
It was originally /usr/src/contrib/ipfilter/rules and moved to
/usr/src/share/examples/ipfilter/rules in 41edb306f0.
Point to users to /usr/src/share/examples/ipfilter instead, as the base
directory also contains example rules.
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D47392
There is no easy way to set ipfilter optionlist variables during boot.
Add plumbing to the rc script to support this.
PR: 130555
Reviewed by: jlduran
MFC 1 week
Differential Revision: https://reviews.freebsd.org/D47346
Add naive support for openstack network config.
if no config driver have been found, try to detect that we are running a
VM on openstack via the smbios information, use the first iface
available and temporary activate dhcp on it, to be able to fetch the
necessary informations for cloudinit.
While here make the rc script execute after devmatch, some ethernet
device might be attached via devmatch and may be needed for cloudinit.
Tested on OVHCloud Public Cloud.
MFC after: 3 weeks
Sponsored by: OVHCloud
opensm itself is only installed when MK_OFED_EXTRA is set, so it only
makes sense for the same to be true of the rc script.
PR: 257646
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D47313
The rc_fast_and_loose variable allowed rc(8) to start services
by sourcing them into rc's own shell environment. Normally, each rc
service script is started by being sourced into its own subshell
instead. The feature was meant to speed up rc(8) by avoiding the extra
forking necessary to spawn subshells.
In practice, the feature has been broken for a long time now. One of the
reasons is that some rc service scripts call the exit builtin to return
non-zero error codes, which not only terminates the service subshell
but also rc(8) when rc_fast_and_loose is enabled. For example,
a system running any of the supported FreeBSD releases
with rc_fast_and_loose=yes would abort rc(8) as early as rc.d/hostid,
due to an "exit 0".
Fixing rc_fast_and_loose support would require rewriting some rc scripts
to support being sourced directly into rc(8) process. This would muddy
the code base and also would prove difficult to maintain long term
as this is simply not how rc(8) users write scripts. The potential
performance benefits are unlikely to be significant even for use cases
such as Morello under qemu.
Instead, remove support for rc_fast_and_loose completely from rc(8)
and inform users about the change.
PR: 282255
Reviewed by: brooks, christos, mhorne
Approved by: christos (mentor), markj (mentor)
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D47264
Some kernel modules will print informative messages when they are
loaded, making the output confusing. Print everything up front instead.
Fixes: 152382e661 ("rc.d/kld: Print the kernel modules being loaded")
Sometimes it is desirable while debugging one script for it to enable
debugging of a child.
We can do that with
$DEBUG_DO DebugAdd tag
to add tag to DEBUG_SH but only when we are already debugging.
If you have a mail server that is running sendmail daemon
(sendmail_enable=YES) and sendmail queue runner (sendmail_msp_queue=YES)
and the sendmail daemon dies, /etc/rc.d/sendmail status does see the
daemon is not running but returns 0 as the exit code. This prevents
other programs (like puppet) from restarting sendmail to fix the issue.
Make sure that the exit code is propagated towards the end of the script
if any of the sendmail services fail.
This patch does not call exit directly but instead just sets the exit
status code by calling exit in a subshell. This way we do not exit the
current shell in case the service script is sourced (e.g., when
rc_fast_and_loose is active).
PR: 223132
MFC after: 2 weeks
Reported by: pirzyk
Discussed with: jilles, eugen
Reviewed by: christos, gshapiro (previous version), markj
Approved by: christos (mentor), markj (mentor)
Differential Revision: https://reviews.freebsd.org/D46862
Co-authored-by: Jim Pirzyk <pirzyk@FreeBSD.org>
The sendmail service script needs to be stopped during shutdown
to ensure a clean shutdown of active SMTP connections (and writing
any in memory queue files).
rcorder(8) requires the rcorder block to be an uninterrupted sequence of
REQUIRE, PROVIDE, BEFORE, and KEYWORD lines. Having a comment in between
REQUIRE and KEYWORD makes rcorder stop parsing the block when it reaches
the comment.
Fix that by moving the comment out from the rcorder block.
Reviewed by: bnovkov, christos, gshapiro, markj
Approved by: bnovkov (mentor), christos (mentor), markj (mentor)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D46924
Silence a warning emitted by fread(3) in fstyp(8)'s read_buf(), when
detecting the file system type of the cloud-init device:
% fstyp /dev/iso9660/cidata
fstyp: fread: Invalid argument
cd9660
Also rephrase slightly a comment while here.
Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
If the ZFS key is setup in prompt mode, use zfs to prompt to load the key
during boot to unlock it.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D36081
Allow Debug{On,Off} to run associated hooks.
This makes it feasible to collect extra debug info at runtime
without needing to modify any potentially verified and hence immutable
scripts.
Like debug.sh, hooks.sh is extremely handy and used extensively
in many parts of Junos and its build environment.
It is provided here in the hope that others may benefit.
We do not dot hooks.sh by default to reduce overhead, but it can
but done from rc.conf et al using
$_HOOKS_SH . /libexec/hooks.sh
to avoid including more than once.
Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D46552
Ensure that run_rc_script returns the true return code of the
rc command and not the return code of DebugOff
Reviewed by: sjg
Approved by: kp
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46626
As of 1b5be7204e we setup parts of IPv6
before IPv4 if configured. For consistency change a case in ifn_start()
calling ipv6_up() before ipv4_up() and reverse in ifn_stop().
MFC after: 10 days
Reviewed by: zlei
Differential Revision: https://reviews.freebsd.org/D33426
As with various other rc scripts, we don't want the output from this
being visible in the boot log.
Fixes: 6437872c1d ("New sysctl to disable NOMATCH until devmatch runs")
MFC after: 1 week
Since we are being paranoid, check that each arg to safe_dot is
actually a file as well as non-empty.
Check for white-space in filenames - these require special handling.
Introduce a new rc.conf option to not wait for ARP resolution within
dhclient. This is plausible on many modern networks where it is possible
to trust the DHCP server to know whether an IP address is available.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
We only need to check kenv for DEBUG_SH once.
We also need to export DEBUG_SH to be useful.
Sponsored by: Juniper Networks, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D46219
11da791920 switched Leap-seconds source from IANA to IERS, as IERS
is the canonoical source. The problem ist that IERS is not accessible
from IPv6 only networks. To work around this we must add IANA back in
order to provide IPv6-only users a source for leap-seconds fetch.
PR: 279413
Fixes: 11da791920
MFC after: 3 days
Add some sanity checks when service jails are used in jails:
- children.max > 0
- children.max - children.cur > 0
The nesting is too deep at those places to have a sane formatting, so no
line wrapping at the usual column.
If someone has a better idea how to format this: feel free to go ahead.
Clarify that the "sysvipc" svcj option inherits from the host / parent.
Add "sysvipcnew" which creates a new SysV namespace for the service
jail.
Sanity check that only one of them is used.
