diff --git a/share/examples/Makefile b/share/examples/Makefile
index 60e78b617f18..047ab6805195 100644
--- a/share/examples/Makefile
+++ b/share/examples/Makefile
@@ -1,9 +1,12 @@
-#	$Id: Makefile,v 1.4 1994/08/28 17:21:36 bde Exp $
+#	$Id: Makefile,v 1.5 1994/09/13 02:21:03 wollman Exp $
 #
 # Doing a make install builds /usr/share/examples
 
 DIRS=etc FreeBSD_version lkm sunrpc
 NOOBJ=	noobj
+ETCOWN= root
+ETCGRP= wheel
+ETCMODE=644
 
 # Define SHARED to indicate whether you want symbolic links to the system
 # source (``symlinks''), or a separate copy (``copies''); (latter useful
@@ -28,4 +31,8 @@ symlinks:
 		ln -s ${.CURDIR}/$$a ${DESTDIR}/usr/share/examples; \
 	done
 
+install-etc:
+	install -c -o ${ETCOWN} -g ${ETCGRP} -m ${ETCMODE} \
+		${.CURDIR}/etc/[a-z]* ${DESTDIR}/etc
+
 .include <bsd.prog.mk>
diff --git a/share/examples/etc/README.examples b/share/examples/etc/README.examples
new file mode 100644
index 000000000000..e15b3b7380a5
--- /dev/null
+++ b/share/examples/etc/README.examples
@@ -0,0 +1,43 @@
+$Id$
+
+The /usr/share/examples/etc directory contains the original
+distribution versions of the files which are shipped in /etc.  This is
+intended to make it easy to recover when the /etc versions are
+accidentally deleted or broken beyond repair.
+
+This directory contains the following files:
+
+aliases		- sendmail aliases file (see aliases(5))
+csh.cshrc	- sample .cshrc (see csh(1))
+csh.login	- sample .login
+csh.logout	- sample .logout
+dm.conf		- configuration file for games (see dm(6))
+fbtab		- configuration file for login(1)
+ftpusers	- user restriction file for ftpd(8)
+gettytab	- defines port configuration for getty(8)
+host.conf	- defines name resolution order for gethostbyname(3)
+hosts		- see hosts(5)
+hosts.equiv	- defines system-wide trusted hosts (see ruserok(3))
+hosts.lpd	- defines trusted hosts for lpd(8)
+inetd.conf	- configuration file for inetd(8)
+login.access	- configuration file for login(8) (see login.access(5))
+make.conf	- defines configuration variables for system builds
+manpath.config	- configuration file for man(1)
+motd		- sample Message of the Day
+myname		- probably doesn't belong here
+netstart	- network startup script run from /etc/rc
+networks	- see networks(5)
+phones		- phone number database for tip(1)
+printcap	- configuration file for lpr(1)
+protocols	- see protocols(5)
+rc		- system startup script (see init(8))
+rc.local	- sample local startup script, run from /etc/rc
+rc.serial	- sample local startup script fragments
+remote		- configuration file for tip(1)
+rpc		- see rpc(5)
+security	- script run from crontab to do nightly security checks
+services	- see services(5)
+shells		- list of configurable shells (see shells(5))
+skey.access	- configuration file for S/Key (see skey.access(5))
+syslog.conf	- configuration file for syslogd(8)
+ttys		- defines port configuration for init(8)
diff --git a/share/examples/etc/aliases b/share/examples/etc/aliases
new file mode 100644
index 000000000000..0b5ed72c7e30
--- /dev/null
+++ b/share/examples/etc/aliases
@@ -0,0 +1,30 @@
+#
+#	@(#)aliases	5.3 (Berkeley) 5/24/90
+#
+#  Aliases in this file will NOT be expanded in the header from
+#  Mail, but WILL be visible over networks or from /bin/mail.
+#
+#	>>>>>>>>>>	The program "newaliases" must be run after
+#	>> NOTE >>	this file is updated for any changes to
+#	>>>>>>>>>>	show through to sendmail.
+#
+
+# Basic system aliases -- these MUST be present
+MAILER-DAEMON: postmaster
+postmaster: root
+
+# General redirections for pseudo accounts
+bin:	root
+daemon:	root
+games:	root
+ingres:	root
+nobody:	root
+system:	root
+toor:	root
+uucp:	root
+
+# Well-known aliases -- these should be filled in!
+# root:
+# manager:
+# dumper:
+# operator:
diff --git a/share/examples/etc/csh.cshrc b/share/examples/etc/csh.cshrc
new file mode 100644
index 000000000000..4a3bf3ff3e9c
--- /dev/null
+++ b/share/examples/etc/csh.cshrc
@@ -0,0 +1 @@
+# System-wide .cshrc file for csh(1).
diff --git a/share/examples/etc/csh.login b/share/examples/etc/csh.login
new file mode 100644
index 000000000000..6ab227a7a24b
--- /dev/null
+++ b/share/examples/etc/csh.login
@@ -0,0 +1,7 @@
+# System-wide .login file for csh(1).
+# Uncomment this to give you the default 4.2 behavior, where disk 
+# information is shown in K-Blocks
+# setenv BLOCKSIZE	K
+# Uncomment next lines, if you want to setup your locale (russian example)
+# setenv ENABLE_STARTUP_LOCALE
+# setenv LANG ru_SU.KOI8-R
diff --git a/share/examples/etc/csh.logout b/share/examples/etc/csh.logout
new file mode 100644
index 000000000000..f8601c07d9c0
--- /dev/null
+++ b/share/examples/etc/csh.logout
@@ -0,0 +1 @@
+# System-wide .logout file for csh(1).
diff --git a/share/examples/etc/dm.conf b/share/examples/etc/dm.conf
new file mode 100644
index 000000000000..48c24de51f87
--- /dev/null
+++ b/share/examples/etc/dm.conf
@@ -0,0 +1,19 @@
+#
+# Game Control File
+#	@(#)dm.conf	5.5 (Berkeley) 4/12/89
+#
+
+#		TTYNAME
+# badtty	/dev/tty19				# news
+# badtty	/dev/tty20				# news/mail
+
+#		DAY OF WEEK	START		STOP
+# time		Monday		7		16	# 7am to 4pm
+# time		Tuesday		7		16
+# time		Wednesday	7		16
+# time		Thursday	7		16
+# time		Friday		7		16
+
+#		GAME		MAX LOAD	MAX USERS	PRIORITY
+# default must be the last entry for the ``game'' keyword
+game		default		5		*		*
diff --git a/share/examples/etc/ftpusers b/share/examples/etc/ftpusers
new file mode 100644
index 000000000000..d23c64ac3a57
--- /dev/null
+++ b/share/examples/etc/ftpusers
@@ -0,0 +1,4 @@
+# list of users disallowed any ftp access.
+# read by ftpd(8).
+root
+uucp
diff --git a/share/examples/etc/gettytab b/share/examples/etc/gettytab
new file mode 100644
index 000000000000..c0ac99a0da25
--- /dev/null
+++ b/share/examples/etc/gettytab
@@ -0,0 +1,173 @@
+#	from: @(#)gettytab	5.14 (Berkeley) 3/27/91
+#
+# Most of the table entries here are just copies of the old getty table,
+# it is by no means certain, or even likely, that any of them are optimal
+# for any purpose whatever.  Nor is it likely that more than a couple are
+# even correct.
+#
+# The default gettytab entry, used to set defaults for all other
+# entries, and in cases where getty is called with no table name
+#
+# cb, ce and ck are desirable on most crt's.  The non-crt entries need to
+# be changed to turn them off (cb@:ce@:ck@:).
+#
+# Parity defaults to even.  There ought to be more alternative entries with
+# no parity.  The Pc entry already has no parity..  The different parities
+# are:
+#     (none): same as even except -inpck instead of inpck for login.
+#     ep:     getty will use raw mode (cs8 -parenb) (unless rw is set) and
+#             fake parity.  login will use even parity (cs7 parenb -parodd).
+#     op:     same as ep except odd parity (cs7 parenb parodd) for login.
+#             op overrides ep.
+#     ap:     same as ep except -inpck instead of inpck for login.
+#             ap overrides op and ep.
+#     np:     1. don't fake parity in getty.  The fake parity garbles
+#                characters on non-terminals (like pccons) that don't
+#                support parity.  It would probably better for getty not to
+#                try to fake parity.  It could just use cbreak mode so as
+#                as not to force cs8 and let the hardware handle the parity.
+#                login has to be rely on the hardware anyway.
+#             2. set PASS8, giving cs8 -parenb -istrip -inpck.
+#     np:ep:  same as np except inpck.
+#     np:op:  same as np:ep except for parodd (but parodd is overridden).
+#     np:ap:  same as np except istrip.
+#
+default:\
+	:cb:ce:ck:fd#1000:im=\r\n   FreeBSD (%h) (%t)\r\n\r\n:sp#1200:
+
+#
+# Fixed speed entries
+#
+#	The "std.NNN" names are known to the special case
+#	portselector code in getty, however they can
+#	be assigned to any table desired.
+#	The "NNN-baud" names are known to the special case
+#	autobaud code in getty, and likewise can
+#	be assigned to any table desired (hopefully the same speed).
+#
+a|std.110|110-baud:\
+	:np:nd#1:cd#1:uc:sp#110:
+b|std.134|134.5-baud:\
+	:np:nd#1:cd#2:ff#1:td#1:sp#134:ht:nl:
+1|std.150|150-baud:\
+	:np:nd#1:cd#2:td#1:fd#1:sp#150:ht:nl:lm=\E\72\6\6\17login\72 :
+c|std.300|300-baud:\
+	:np:nd#1:cd#1:sp#300:
+d|std.600|600-baud:\
+	:np:nd#1:cd#1:sp#600:
+f|std.1200|1200-baud:\
+	:np:fd#1:sp#1200:
+6|std.2400|2400-baud:\
+	:np:sp#2400:
+7|std.4800|4800-baud:\
+	:np:sp#4800:
+2|std.9600|9600-baud:\
+	:np:sp#9600:
+g|std.19200|19200-baud:\
+	:np:sp#19200:
+std.38400|38400-baud:\
+	:np:sp#38400:
+std.57600|57600-baud:\
+	:np:sp#57600:
+std.115200|115200-baud:\
+	:np:sp#115200:
+
+#
+# Dial in rotary tables, speed selection via 'break'
+#
+0|d300|Dial-300:\
+	:nx=d1200:cd#2:sp#300:
+d1200|Dial-1200:\
+	:nx=d150:fd#1:sp#1200:
+d150|Dial-150:\
+	:nx=d110:lm@:tc=150-baud:
+d110|Dial-110:\
+	:nx=d300:tc=300-baud:
+
+#
+# Fast dialup terminals, 2400/1200/300 rotary (can start either way)
+#
+D2400|d2400|Fast-Dial-2400:\
+	:nx=D1200:tc=2400-baud:
+3|D1200|Fast-Dial-1200:\
+	:nx=D300:tc=1200-baud:
+5|D300|Fast-Dial-300:\
+	:nx=D2400:tc=300-baud:
+
+#
+#telebit (19200)
+#
+t19200:\
+	:nx=t2400:tc=19200-baud:
+t2400:\
+	:nx=t1200:tc=2400-baud:
+t1200:\
+	:nx=t19200:tc=1200-baud:
+
+#
+#telebit (9600)
+#
+t9600:\
+	:nx=t2400a:tc=9600-baud:
+t2400a:\
+	:nx=t1200a:tc=2400-baud:
+t1200a:\
+	:nx=t9600:tc=1200-baud:
+
+#
+# Odd special case terminals
+#
+-|tty33|asr33|Pity the poor user of this beast:\
+	:tc=110-baud:
+
+4|Console|Console Decwriter II:\
+	:nd@:cd@:rw:tc=300-baud:
+
+e|Console-1200|Console Decwriter III:\
+	:fd@:nd@:cd@:rw:tc=1200-baud:
+
+i|Interdata console:\
+	:uc:sp#0:
+
+l|lsi chess terminal:\
+	:sp#300:
+
+X|Xwindow|X window system:\
+	:fd@:nd@:cd@:rw:sp#9600:
+
+P|Pc|Pc console:\
+	:ht:np:sp#115200:
+
+#
+# Wierdo special case for fast crt's with hardcopy devices
+#
+8|T9600|CRT with hardcopy:\
+	:nx=T300:tc=9600-baud:
+9|T300|CRT with hardcopy (300):\
+	:nx=T9600:tc=300-baud:
+
+#
+# Plugboard, and misc other terminals
+#
+plug-9600|Plugboard-9600:\
+	:pf#1:tc=9600-baud:
+p|P9600|Plugboard-9600-rotary:\
+	:pf#1:nx=P300:tc=9600-baud:
+q|P300|Plugboard-300:\
+	:pf#1:nx=P1200:tc=300-baud:
+r|P1200|Plugboard-1200:\
+	:pf#1:nx=P9600:tc=1200-baud:
+
+#
+# XXXX Port selector
+#
+s|DSW|Port Selector:\
+	:ps:sp#2400:
+
+#
+# Auto-baud speed detect entry for Micom 600.
+# Special code in getty will switch this out
+# to one of the NNN-baud entries.
+#
+A|Auto-baud:\
+	:ab:sp#2400:f0#040:
diff --git a/share/examples/etc/group b/share/examples/etc/group
new file mode 100644
index 000000000000..2bd4805a19fa
--- /dev/null
+++ b/share/examples/etc/group
@@ -0,0 +1,17 @@
+wheel:*:0:root
+daemon:*:1:daemon
+kmem:*:2:root
+sys:*:3:root
+tty:*:4:root
+operator:*:5:root
+bin:*:7:
+news:*:8:
+man:*:9:
+games:*:13:
+staff:*:20:root
+guest:*:31:root
+nobody:*:39:
+uucp:*:66:
+ingres:*:74:ingres
+dialer:*:117:
+nogroup:*:32766:
diff --git a/share/examples/etc/hosts b/share/examples/etc/hosts
new file mode 100644
index 000000000000..6528805a96f4
--- /dev/null
+++ b/share/examples/etc/hosts
@@ -0,0 +1,28 @@
+# $Id: hosts,v 1.4 1994/06/24 23:50:16 wollman Exp $
+#
+# Host Database
+# This file should contain the addresses and aliases
+# for local hosts that share this file.
+# In the presence of the domain name service or NIS, this file may
+# not be consulted at all; see /etc/host.conf for the resolution order.
+#
+#
+127.0.0.1		localhost localhost.my.domain
+#
+# Imaginary network.
+#10.0.0.2		myname.my.domain myname
+#10.0.0.3		myfriend.my.domain myfriend
+#
+# According to RFC 1597, you can use the following IP networks for
+# private nets which will never be connected to the Internet:
+#
+#        10.0.0.0        -   10.255.255.255
+#        172.16.0.0      -   172.31.255.255
+#        192.168.0.0     -   192.168.255.255
+#
+# In case you want to be able to connect to the Internet, you need
+# real official assigned numbers.  PLEASE PLEASE PLEASE do not try
+# to invent your own network numbers but instead get one from your
+# network provider (if any) or from the Internet Registry (ftp to
+# rs.internic.net, directory `/templates').
+#
diff --git a/share/examples/etc/hosts.equiv b/share/examples/etc/hosts.equiv
new file mode 100644
index 000000000000..f6efd09ac550
--- /dev/null
+++ b/share/examples/etc/hosts.equiv
@@ -0,0 +1,2 @@
+localhost
+my_very_good_friend.domain
diff --git a/share/examples/etc/hosts.lpd b/share/examples/etc/hosts.lpd
new file mode 100644
index 000000000000..1be6dadac28d
--- /dev/null
+++ b/share/examples/etc/hosts.lpd
@@ -0,0 +1 @@
+machine.domain
diff --git a/share/examples/etc/inetd.conf b/share/examples/etc/inetd.conf
new file mode 100644
index 000000000000..127fe26017c6
--- /dev/null
+++ b/share/examples/etc/inetd.conf
@@ -0,0 +1,45 @@
+#
+# Internet server configuration database
+#
+#	@(#)inetd.conf	5.4 (Berkeley) 6/30/90
+#
+ftp	stream	tcp	nowait	root	/usr/libexec/ftpd	ftpd -l
+telnet	stream	tcp	nowait	root	/usr/libexec/telnetd	telnetd
+shell	stream	tcp	nowait	root	/usr/libexec/rshd	rshd
+login	stream	tcp	nowait	root	/usr/libexec/rlogind	rlogind
+exec	stream	tcp	nowait	root	/usr/libexec/rexecd	rexecd
+#uucpd	stream	tcp	nowait	root	/usr/libexec/uucpd	uucpd
+#nntp	stream	tcp	nowait	usenet	/usr/libexec/nntpd	nntpd
+finger	stream	tcp	nowait	nobody	/usr/libexec/fingerd	fingerd
+#tftp	dgram	udp	wait	nobody	/usr/libexec/tftpd	tftpd
+comsat	dgram	udp	wait	root	/usr/libexec/comsat	comsat
+#talk	dgram	udp	wait	root	/usr/old/talkd		talkd
+ntalk	dgram	udp	wait	root	/usr/libexec/ntalkd	ntalkd
+echo	stream	tcp	nowait	root	internal
+discard	stream	tcp	nowait	root	internal
+chargen	stream	tcp	nowait	root	internal
+daytime	stream	tcp	nowait	root	internal
+time	stream	tcp	nowait	root	internal
+echo	dgram	udp	wait	root	internal
+discard	dgram	udp	wait	root	internal
+chargen	dgram	udp	wait	root	internal
+daytime	dgram	udp	wait	root	internal
+time	dgram	udp	wait	root	internal
+# Kerberos authenticated services
+klogin	stream	tcp	nowait	root	/usr/libexec/rlogind	rlogind -k
+eklogin	stream	tcp	nowait	root	/usr/libexec/rlogind	rlogind -k -x
+kshell	stream	tcp	nowait	root	/usr/libexec/rshd	rshd -k
+# Services run ONLY on the Kerberos server
+# Neither of these work in FreeBSD 1.x.
+#krbupdate stream tcp	nowait	root	/usr/libexec/registerd	registerd
+#kpasswd	stream	tcp	nowait	root	/usr/libexec/kpasswdd	kpasswdd
+#
+# RPC based services
+#  You MUST have portmapper running to use these!
+#rstatd/1-3	dgram	rpc/udp	wait	root	/usr/libexec/rpc.rstatd	rpc.rstatd
+#rusersd/1-2	dgram	rpc/udp	wait	root	/usr/libexec/rpc.rusersd	rpc.rusersd
+#walld/1	dgram	rpc/udp	wait	root	/usr/libexec/rpc.rwalld	rpc.rwalld
+#
+# example entry for the pop3 server
+#pop3	stream	tcp	nowait	root	/usr/local/etc/popper	popper
+#
diff --git a/share/examples/etc/login.access b/share/examples/etc/login.access
new file mode 100644
index 000000000000..5cf54541463d
--- /dev/null
+++ b/share/examples/etc/login.access
@@ -0,0 +1,44 @@
+# Login access control table.
+# 
+# When someone logs in, the table is scanned for the first entry that
+# matches the (user, host) combination, or, in case of non-networked
+# logins, the first entry that matches the (user, tty) combination.  The
+# permissions field of that table entry determines whether the login will 
+# be accepted or refused.
+# 
+# Format of the login access control table is three fields separated by a
+# ":" character:
+# 
+# 	permission : users : origins
+# 
+# The first field should be a "+" (access granted) or "-" (access denied)
+# character. The second field should be a list of one or more login names,
+# group names, or ALL (always matches).  The third field should be a list
+# of one or more tty names (for non-networked logins), host names, domain
+# names (begin with "."), host addresses, internet network numbers (end
+# with "."), ALL (always matches) or LOCAL (matches any string that does
+# not contain a "." character). If you run NIS you can use @netgroupname
+# in host or user patterns.
+#
+# The EXCEPT operator makes it possible to write very compact rules.
+#
+# The group file is searched only when a name does not match that of the
+# logged-in user. Only groups are matched in which users are explicitly
+# listed: the program does not look at a user's primary group id value.
+#
+##############################################################################
+# 
+# Disallow console logins to all but a few accounts.
+#
+#-:ALL EXCEPT wheel shutdown sync:console
+#
+# Disallow non-local logins to privileged accounts (group wheel).
+#
+#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
+#
+# Some accounts are not allowed to login from anywhere:
+#
+#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
+#
+# All other accounts are allowed to login from anywhere.
+#
diff --git a/share/examples/etc/motd b/share/examples/etc/motd
new file mode 100644
index 000000000000..776706f36207
--- /dev/null
+++ b/share/examples/etc/motd
@@ -0,0 +1,4 @@
+FreeBSD ?.?.?  (UNKNOWN)
+
+Welcome to FreeBSD!
+
diff --git a/share/examples/etc/myname b/share/examples/etc/myname
new file mode 100644
index 000000000000..a0d6cce38a33
--- /dev/null
+++ b/share/examples/etc/myname
@@ -0,0 +1 @@
+myname.my.domain
diff --git a/share/examples/etc/netstart b/share/examples/etc/netstart
new file mode 100644
index 000000000000..dc1187f9db7a
--- /dev/null
+++ b/share/examples/etc/netstart
@@ -0,0 +1,46 @@
+#!/bin/sh -
+#
+#	$Id: netstart,v 1.13 1994/09/15 01:19:43 phk Exp $
+#	From: @(#)netstart	5.9 (Berkeley) 3/30/91
+
+defaultrouter=NO
+routedflags=-q
+timedflags=NO
+xntpdflags="NO"
+ntpdate="NO"
+rwhod=NO
+sendmail_flags="-bd -q30m"
+#kerberos_server=YES
+#nfs_server=YES
+#name_server=YES
+#gated=YES
+
+# my-name is my symbolic name
+# my-netmask is specified in /etc/networks
+#
+hostname=`cat /etc/myname`
+hostname $hostname
+
+for i in /etc/hostname.*
+do
+	ifn=`expr $i : '/etc/hostname\.\(.*\)'`
+	if [ -e /etc/hostname.$ifn ]; then
+		if [ -e /etc/start_if.$ifn ]; then
+			sh /etc/start_if.$ifn $ifn
+		fi
+		ifconfig $ifn `cat /etc/hostname.$ifn`
+		ifconfig $ifn
+	fi
+done
+
+# set the address for the loopback interface
+ifconfig lo0 inet localhost
+
+if [ -n "$defaultrouter" -a "x$defaultrouter" != "xNO" ] ; then
+	route add default $defaultrouter
+elif [ -f /etc/defaultrouter ] ; then
+	route add default `cat /etc/defaultrouter`
+fi
+
+# use loopback, not the wire
+# route add $hostname localhost
diff --git a/share/examples/etc/networks b/share/examples/etc/networks
new file mode 100644
index 000000000000..71aeb5b05a53
--- /dev/null
+++ b/share/examples/etc/networks
@@ -0,0 +1,16 @@
+#	@(#)networks	5.1 (Berkeley) 6/30/90
+#
+# Your Local Networks Database
+#
+your-net	127				# your comment
+your-netmask	255.255.255			# subnet mask for your-net
+
+#
+# Your subnets
+#
+subnet1		127.0.1		alias1		# comment 1
+subnet2		127.0.2		alias2		# comment 2
+
+#
+# Internet networks (from nic.ddn.mil)
+#
diff --git a/share/examples/etc/phones b/share/examples/etc/phones
new file mode 100644
index 000000000000..c6ab472d9951
--- /dev/null
+++ b/share/examples/etc/phones
@@ -0,0 +1,12 @@
+#	$Id: phones,v 1.4 1994/01/24 00:39:01 rgrimes Exp $
+#	From: @(#)phones	5.2 (Berkeley) 6/30/90
+#
+# phones -- remote host phone number data base
+# see tip(1), phones(5)
+# [tip cannot currently accept comments in this file,
+#  so this and the above lines must be removed.]
+system1		9=3156427750
+system2		  9148841241
+netcom		1(408)241-9760
+netcom		1(415)328-9940
+omen		1(503)621-3746
diff --git a/share/examples/etc/printcap b/share/examples/etc/printcap
new file mode 100644
index 000000000000..06791f85fc6c
--- /dev/null
+++ b/share/examples/etc/printcap
@@ -0,0 +1,4 @@
+#	@(#)printcap	5.3 (Berkeley) 6/30/90
+
+#lp|local line printer:\
+#	:lp=/dev/lp:sd=/var/spool/lpd:lf=/var/log/lpd-errs:
diff --git a/share/examples/etc/protocols b/share/examples/etc/protocols
new file mode 100644
index 000000000000..1b9129c5aba3
--- /dev/null
+++ b/share/examples/etc/protocols
@@ -0,0 +1,28 @@
+#
+# Internet (IP) protocols
+#
+#	$Id: protocols,v 1.2 1993/11/07 00:31:22 wollman Exp $
+#	from: @(#)protocols	5.1 (Berkeley) 4/17/89
+#
+# Updated for FreeBSD based on RFC 1340, Assigned Numbers (July 1992).
+#
+ip	0	IP		# internet protocol, pseudo protocol number
+icmp	1	ICMP		# internet control message protocol
+igmp	2	IGMP		# Internet Group Management
+ggp	3	GGP		# gateway-gateway protocol
+ipencap	4	IP-ENCAP	# IP encapsulated in IP (officially ``IP'')
+st	5	ST		# ST datagram mode
+tcp	6	TCP		# transmission control protocol
+egp	8	EGP		# exterior gateway protocol
+pup	12	PUP		# PARC universal packet protocol
+udp	17	UDP		# user datagram protocol
+hmp	20	HMP		# host monitoring protocol
+xns-idp	22	XNS-IDP		# Xerox NS IDP
+rdp	27	RDP		# "reliable datagram" protocol
+iso-tp4	29	ISO-TP4		# ISO Transport Protocol class 4
+xtp	36	XTP		# Xpress Tranfer Protocol
+idpr-cmtp	39	IDPR-CMTP	# IDPR Control Message Transport
+vmtp	81	VMTP		# Versatile Message Transport
+ospf	89	OSPFIGP		# Open Shortest Path First IGP
+ipip	94	IPIP		# Yet Another IP encapsulation
+encap	98	ENCAP		# Yet Another IP encapsulation
diff --git a/share/examples/etc/rc b/share/examples/etc/rc
new file mode 100644
index 000000000000..10599dfa1b01
--- /dev/null
+++ b/share/examples/etc/rc
@@ -0,0 +1,243 @@
+#!/bin/sh
+#	$Id: rc,v 1.29 1994/09/15 02:21:39 phk Exp $
+#	From: @(#)rc	5.27 (Berkeley) 6/5/91
+
+# System startup script run by init on autoboot
+# or after single-user.
+# Output and error are redirected to console by init,
+# and the console is the controlling terminal.
+
+stty status '^T'
+
+# Set shell to ignore SIGINT (2), but not children;
+# shell catches SIGQUIT (3) and returns to single user after fsck.
+trap : 2
+trap : 3	# shouldn't be needed
+
+HOME=/; export HOME
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+export PATH
+
+if [ $1x = autobootx ]
+then
+	echo Automatic reboot in progress...
+	fsck -p
+	case $? in
+	0)
+		;;
+	2)
+		exit 1
+		;;
+	4)
+		reboot
+		echo "reboot failed... help!"
+		exit 1
+		;;
+	8)
+		echo "Automatic file system check failed... help!"
+		exit 1
+		;;
+	12)
+		echo "Reboot interrupted"
+		exit 1
+		;;
+	130)
+		# interrupt before catcher installed
+		exit 1
+		;;
+	*)
+		echo "Unknown error in reboot"
+		exit 1
+		;;
+	esac
+else
+	echo Skipping disk checks ...
+fi
+
+trap "echo 'Reboot interrupted'; exit 1" 3
+
+swapon -a
+
+# Check for diskless boot, and remount the root RW.
+a=`mount`
+if [ 0 != `expr "$a" : '^[^/]*:/.* on /'` ] ; then
+        mount -u -o rw /
+fi
+
+umount -a >/dev/null 2>&1
+mount -a -t nonfs
+
+# If the machine runs wall CMOS clock (compatible with MSDOS),
+# activate following line by creating empty file /etc/wall_cmos_clock
+# If this file not exist, following line does nothing (assumed
+# the machine runs UTC CMOS clock). See adjkerntz(8) for details.
+adjkerntz -i
+
+# configure serial devices
+if [ -f /etc/rc.serial ]
+then
+	sh /etc/rc.serial
+fi
+
+# set hostname, turn on network
+echo 'starting network'
+. /etc/netstart
+
+# clean up left-over files
+rm -f /etc/nologin
+rm -f /var/spool/lock/*
+rm -f /var/spool/uucp/.Temp/*
+# don't add .[a-z]* to rm, because of .adjkerntz file name
+(cd /var/run && { rm -rf -- *; cp /dev/null utmp; chmod 644 utmp; })
+
+echo -n 'starting system logger'
+rm -f /dev/log
+syslogd
+
+# $timedflags is imported from /etc/netstart;
+# if $timedflags == NO, timed isn't run.
+if [ X${timedflags} != X"NO" ]; then
+	echo -n ', time daemon'; timed $timedflags
+fi
+echo '.'
+
+# /var/crash should be a directory or a symbolic link
+# to the crash directory if core dumps are to be saved.
+if [ -d /var/crash ]; then
+	echo checking for core dump...
+	savecore /var/crash
+fi
+
+#				echo -n 'checking quotas:'
+#quotacheck -a
+#				echo ' done.'
+#quotaon -a
+
+# build ps databases
+kvm_mkdb /kernel
+dev_mkdb
+
+chmod 666 /dev/tty[pqrs]*
+
+# check the password temp/lock file
+if [ -f /etc/ptmp ]
+then
+	logger -s -p auth.err \
+	'password file may be incorrect -- /etc/ptmp exists'
+fi
+
+# Recover elvis editor files.
+echo preserving editor files
+(cd /var/tmp && /usr/libexec/elvispreserve "-the system rebooted" elv* &&
+	rm -f elvis[0-9a-f][0-9a-f][0-9a-f][0-9a-f]* \
+	elvis_[0-9a-f][0-9a-f][0-9a-f][0-9a-f]*)
+
+# Recover vi editor files.
+virecovery=/var/tmp/vi.recover/recover.*
+if [ "$virecovery" != "/var/tmp/vi.recover/recover.*" ]; then
+	echo 'Recovering vi editor sessions'
+	for i in $virecovery; do
+		sendmail -t < $i
+	done
+fi
+
+echo clearing /tmp
+
+# prune quickly with one rm, then use find to clean up /tmp/[lq]*
+# (not needed with mfs /tmp, but doesn't hurt there...)
+(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
+    find -d . ! -name . ! -name lost+found ! -name quotas -exec rm -rf -- {} \;)
+
+# echo 'turning on accounting';	accton /var/account/acct
+
+echo -n standard daemons:
+echo -n ' cron';		cron
+echo '.'
+
+echo -n starting network daemons:
+
+# Portmapper should always be run, to provide RPC services for inetd.
+if [ -x /usr/sbin/portmap ]; then
+	echo -n ' portmap';		portmap
+fi
+
+# $gated and $routedflags are imported from /etc/netstart.
+# If $gated == YES, gated is used; otherwise routed.
+# If $routedflags == NO, routed isn't run.
+if [ X${gated} = X"YES" -a -r /etc/gated.conf ]; then
+	echo -n ' gated';	gated $gatedflags
+elif [ X"${routedflags}" != X"NO" ]; then
+	echo -n ' routed';	routed $routedflags
+fi
+
+if [ X${name_server} = X"YES" -a -r /etc/named.boot ]; then
+	echo -n ' named';		named
+fi
+
+# $ntpdate and $xntpdflags are imported from /etc/netstart.
+# If $ntpdate != NO, run ntpdate $ntpdate to set the date correctly.
+# If $xntpdflags != NO, start xntpd.
+if [ X"${ntpdate}" != X"NO" ]; then
+	echo ' ntpdate';	ntpdate $ntpdate
+fi
+
+if [ X"${xntpdflags}" != X"NO" ]; then
+	if [ X"${tickadjflags}" != X"NO" ]; then
+		echo 'adjusting kernel for xntpd'; tickadj ${tickadjflags--A}
+	fi
+	echo 'starting xntpd';	xntpd ${xntpdflags}
+fi
+
+if [ X"${ntpdate}" != X"NO" -o X"${xntpdflags}" != X"NO" ]; then
+	echo -n 'starting more network daemons:'
+fi
+
+# $rwhod is imported from /etc/netstart;
+# if $rwhod is set to something other than NO, rwhod is run.
+if [ ${rwhod-NO} != "NO" ]; then
+	echo -n ' rwhod';	rwhod
+fi
+
+echo -n ' printer';		lpd
+
+if [ X${nfs_server} = X"YES" -a -r /etc/exports ]; then
+	echo -n ' mountd';		mountd
+	echo -n ' nfsd';		nfsd -u -t 4
+fi
+
+if grep nfs /etc/fstab > /dev/null ; then
+	echo -n ' nfsiod';		nfsiod -n 4
+fi
+
+# $sendmail_flags is imported from /etc/netstart;
+# if $sendmail_flags is something other than NO, sendmail is run.
+if [ X"${sendmail_flags}" != X"NO" -a -r /etc/sendmail.cf ]; then
+	echo -n ' sendmail';		sendmail ${sendmail_flags} 
+fi
+
+echo -n ' inetd';		inetd
+echo '.'
+
+mount -a -t nfs >/dev/null 2>&1 &	# XXX shouldn't need background
+
+# if [ -x /usr/libexec/xtend ]; then
+# 	echo -n ' xtend';   /usr/libexec/xtend
+# fi
+
+# Make shared lib searching a little faster.  Leave /usr/lib first if you
+# add your own entries or you may come to grief.
+if [ -x /sbin/ldconfig ]; then
+	_LDC=/usr/lib
+	if [ -d /usr/X11R6/lib ]; then _LDC="${_LDC} /usr/X11R6/lib" ; fi
+	if [ -d /usr/X386/lib ]; then _LDC="${_LDC} /usr/X386/lib" ; fi
+	if [ -d /usr/local/lib ]; then _LDC="${_LDC} /usr/local/lib" ; fi
+	if [ -d /usr/gnu/lib ]; then _LDC="${_LDC} /usr/gnu/lib" ; fi
+	echo 'setting ldconfig path:' ${_LDC}
+	ldconfig ${_LDC}
+fi
+
+sh /etc/rc.local
+
+date
+
+exit 0
diff --git a/share/examples/etc/rc.local b/share/examples/etc/rc.local
new file mode 100644
index 000000000000..8f74b384ed13
--- /dev/null
+++ b/share/examples/etc/rc.local
@@ -0,0 +1,23 @@
+#
+# site-specific startup actions, daemons
+#
+#	@(#)rc.local	5.4 (Berkeley) 12/14/90
+#
+
+T=/tmp/_motd
+rm -f $T
+uname -rs > $T
+echo "" >> $T
+sed '1,/^$/d' < /etc/motd >> $T
+cp $T /etc/motd
+chmod 644 /etc/motd
+rm -f $T
+
+echo -n 'starting local daemons:'
+
+# Kerberos runs ONLY on the Kerberos server machine
+if [ X${kerberos_server} = X"YES" ]; then
+	echo -n ' kerberos';	kerberos >> /var/log/kerberos.log &
+fi
+
+echo '.'
diff --git a/share/examples/etc/rc.serial b/share/examples/etc/rc.serial
new file mode 100644
index 000000000000..7f042e84e666
--- /dev/null
+++ b/share/examples/etc/rc.serial
@@ -0,0 +1,91 @@
+# Change some defauls for serial devices.
+# Standard defaults are:
+#	dtrwait 300
+#	initial cflag from <sys/ttydefaults.h> = cread cs8 hupcl
+#	initial iflag, lflag and oflag all 0
+#	speed 9600
+#	special chars from <sys/ttydefaults.h>
+#	nothing locked
+# except for serial consoles the initial iflag, lflag and oflag are from
+# <sys/ttydefaults.h> and clocal is locked on.
+
+default() {
+	# Reset everything changed by the other functions to initial defaults.
+	for i in $*
+	do
+		comcontrol /dev/ttyd$i dtrwait 300
+		stty </dev/ttyid$i -clocal  crtscts  hupcl 9600 reprint ^R
+		stty </dev/ttyld$i -clocal -crtscts -hupcl 0
+		stty </dev/cuai0$i -clocal  crtscts  hupcl 9600 reprint ^R
+		stty </dev/cual0$i -clocal -crtscts -hupcl 0
+	done
+}
+
+maybe() {
+	# Special settings.
+	for i in $*
+	do
+		# Don't use ^R; it breaks bash's ^R when typed ahead.
+		stty </dev/ttyid$i reprint undef
+		stty </dev/cuai0$i reprint undef
+		# Lock clocal off on dialin device for security.
+		stty </dev/ttyld$i clocal
+		# Lock the speeds to use old binaries that don't support them.
+		# Any legal speed works to lock the initial speed.
+		stty </dev/ttyld$i 300
+		stty </dev/cual0$i 300
+	done
+}
+
+modem() {
+	# Modem that supports CTS and perhaps RTS handshaking.
+	for i in $*
+	do
+		comcontrol /dev/ttyd$i dtrwait 100	# may depend on modem
+		# Lock crtscts on.
+		# Speed reasonable for V42bis.
+		stty </dev/ttyid$i crtscts 57600
+		stty </dev/ttyld$i crtscts
+		stty </dev/cuai0$i crtscts 57600
+		stty </dev/cual0$i crtscts
+	done
+}
+
+mouse() {
+	# Mouse on either callin or callout port.
+	for i in $*
+	do
+		# Lock clocal on, hupcl off.
+		# Standard speed for Microsoft mouse.
+		stty </dev/ttyid$i clocal -hupcl 1200
+		stty </dev/ttyld$i clocal  hupcl
+		stty </dev/cuai0$i clocal -hupcl 1200
+		stty </dev/cual0$i clocal  hupcl
+	done
+}
+
+terminal() {
+	# Terminal that supports CTS and perhaps RTS handshaking
+	# with the cable or terminal arranged so that DCD is on
+	# at least while the terminal is on.
+	# Also works for bidirectional communications to another pc
+	# provided at most one side runs getty.
+	# Same as modem() except we want a faster speed and no dtrwait.
+	modem $*
+	for i in $*
+	do
+		comcontrol /dev/ttyd$i dtrwait 0
+		stty </dev/ttyid$i 115200
+		stty </dev/cuai0$i 115200
+	done
+}
+
+# Don't use anything from this file unless you have some buggy programs
+# that require it.
+#
+# Edit the functions and the examples to suit your system.
+#
+# maybe		0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v
+# mouse		    2
+# modem		  1
+# terminal	0
diff --git a/share/examples/etc/remote b/share/examples/etc/remote
new file mode 100644
index 000000000000..a860a2666db7
--- /dev/null
+++ b/share/examples/etc/remote
@@ -0,0 +1,50 @@
+#	@(#)remote	5.2 (Berkeley) 6/30/90
+#
+# remote -- remote host description file
+# see tip(1), remote(5)
+#
+# dv	device to use for the tty
+# el	EOL marks (default is NULL)
+# du	make a call flag (dial up)
+# pn	phone numbers (@ =>'s search phones file; possibly taken from
+#	PHONES environment variable)
+# at	ACU type
+# ie	input EOF marks (default is NULL)
+# oe	output EOF string (default is NULL)
+# cu	call unit (default is dv)
+# br	baud rate (defaults to 300)
+# fs	frame size (default is BUFSIZ) -- used in buffering writes on
+#	receive operations
+# tc	to continue a capability
+
+# Systems definitions
+netcom|Netcom Unix Access:\
+	:pn=@:tc=unix1200:
+omen|Omen BBS:\
+	:pn=@:tc=dos1200:
+
+# UNIX system definitions
+unix1200|1200 Baud dial-out to a UNIX system:\
+	:el=^U^C^R^O^D^S^Q:ie=%$:oe=^D:tc=dial1200:
+unix300|300 Baud dial-out to a UNIX system:\
+	:el=^U^C^R^O^D^S^Q:ie=%$:oe=^D:tc=dial300:
+
+# DOS system definitions
+dos1200|1200 Baud dial-out to a DOS system:\
+	:el=^U^C^R^O^D^S^Q:ie=%$:oe=^Z:pa=none:tc=dial1200:
+
+# General dialer definitions used below
+#
+# COURIER switch settings:
+# switch:	1 2 3 4 5 6 7 8 9 10
+# setting:	D U D U D D U D U U
+# Rackmount:	U U D U D U D D U D
+#
+dial2400|2400 Baud Hayes attributes:\
+        :dv=/dev/tty00:br#2400:cu=/dev/tty00:at=hayes:du:
+dial1200|1200 Baud Hayes attributes:\
+        :dv=/dev/tty00:br#1200:cu=/dev/tty00:at=hayes:du:
+
+# Hardwired line
+tty00b|tty0b:dv=/dev/tty00:br#2400
+tty00c|tty0c:dv=/dev/tty00:br#9600
diff --git a/share/examples/etc/rpc b/share/examples/etc/rpc
new file mode 100644
index 000000000000..0ce30ecc4ec2
--- /dev/null
+++ b/share/examples/etc/rpc
@@ -0,0 +1,34 @@
+#
+# rpc 88/08/01 4.0 RPCSRC; from 1.12   88/02/07 SMI
+#
+portmapper	100000	portmap sunrpc
+rstatd		100001	rstat rstat_svc rup perfmeter
+rusersd		100002	rusers
+nfs		100003	nfsprog
+ypserv		100004	ypprog
+mountd		100005	mount showmount
+ypbind		100007
+walld		100008	rwall shutdown
+yppasswdd	100009	yppasswd
+etherstatd	100010	etherstat
+rquotad		100011	rquotaprog quota rquota
+sprayd		100012	spray
+3270_mapper	100013
+rje_mapper	100014
+selection_svc	100015	selnsvc
+database_svc	100016
+rexd		100017	rex
+alis		100018
+sched		100019
+llockmgr	100020
+nlockmgr	100021
+x25.inr		100022
+statmon		100023
+status		100024
+bootparam	100026
+ypupdated	100028	ypupdate
+keyserv		100029	keyserver
+tfsd		100037 
+nsed		100038
+nsemntd		100039
+pcnfsd		150001	pcnfs
diff --git a/share/examples/etc/security b/share/examples/etc/security
new file mode 100644
index 000000000000..76d5a6c7173c
--- /dev/null
+++ b/share/examples/etc/security
@@ -0,0 +1,41 @@
+#!/bin/sh -
+#
+#	@(#)security	5.3 (Berkeley) 5/28/91
+#	$Id: security,v 1.6 1994/01/22 10:54:13 rgrimes Exp $
+#
+PATH=/sbin:/bin:/usr/bin
+
+host=`hostname -s`
+echo "Subject: $host security check output"
+
+LOG=/var/log
+TMP=/tmp/_secure.$$
+
+umask 027
+
+echo "checking setuid files and devices:"
+
+# don't have ncheck, but this does the equivalent of the commented out block.
+# note that one of the original problem, the possibility of overrunning
+# the args to ls, is still here...
+#
+MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $3 }'`
+set $MP
+while test $# -ge 1; do
+	mount=$1
+	shift
+	find $mount -xdev -perm -u+s -or -perm -g+s | sort
+done | xargs -n 20 ls -lgTd > $TMP
+
+if cmp $LOG/setuid.today $TMP >/dev/null; then :; else
+	echo "$host setuid/device diffs:"
+	diff $LOG/setuid.today $TMP
+	mv $LOG/setuid.today $LOG/setuid.yesterday
+	mv $TMP $LOG/setuid.today
+fi
+rm -f $TMP
+
+echo ""
+echo ""
+echo "checking for uids of 0:"
+awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd
diff --git a/share/examples/etc/services b/share/examples/etc/services
new file mode 100644
index 000000000000..61440a190ede
--- /dev/null
+++ b/share/examples/etc/services
@@ -0,0 +1,180 @@
+#
+# Network services, Internet style
+#
+# Note that it is presently the policy of IANA to assign a single well-known
+# port number for both TCP and UDP; hence, most entries here have two entries
+# even if the protocol doesn't support UDP operations.
+# Updated from RFC 1340, ``Assigned Numbers'' (July 1992).  Not all ports
+# are included, only the more common ones.
+#
+#	$Id: services,v 1.7 1994/03/02 17:58:29 wollman Exp $
+#	From: @(#)services	5.8 (Berkeley) 5/9/91
+#
+tcpmux		1/tcp		# TCP port service multiplexer
+echo		7/tcp
+echo		7/udp
+discard		9/tcp		sink null
+discard		9/udp		sink null
+systat		11/tcp		users
+daytime		13/tcp
+daytime		13/udp
+netstat		15/tcp
+qotd		17/tcp		quote
+msp		18/tcp		# message send protocol
+msp		18/udp		# message send protocol
+chargen		19/tcp		ttytst source
+chargen		19/udp		ttytst source
+ftp		21/tcp
+# 22 - unassigned
+telnet		23/tcp
+# 24 - private
+smtp		25/tcp		mail
+# 26 - unassigned
+time		37/tcp		timserver
+time		37/udp		timserver
+rlp		39/udp		resource	# resource location
+nameserver	42/tcp		name		# IEN 116
+whois		43/tcp		nicname
+domain		53/tcp		nameserver	# name-domain server
+domain		53/udp		nameserver
+mtp		57/tcp				# deprecated
+bootps		67/tcp		# BOOTP server
+bootps		67/udp
+bootpc		68/tcp		# BOOTP client
+bootpc		68/udp
+tftp		69/udp
+gopher		70/tcp		# Internet Gopher
+gopher		70/udp
+rje		77/tcp		netrjs
+finger		79/tcp
+www		80/tcp		http	# WorldWideWeb HTTP
+www		80/udp			# HyperText Transfer Protocol
+link		87/tcp		ttylink
+#kerberos	88/tcp		krb5	# Kerberos v5
+#kerberos	88/udp
+supdup		95/tcp
+# 100 - reserved
+hostnames	101/tcp		hostname	# usually from sri-nic
+iso-tsap	102/tcp		tsap		# part of ISODE.
+csnet-ns	105/tcp		cso-ns	# also used by CSO name server
+csnet-ns	105/udp		cso-ns
+rtelnet		107/tcp		# Remote Telnet
+rtelnet		107/udp
+pop2		109/tcp		postoffice	# POP version 2
+pop2		109/udp
+pop3		110/tcp		# POP version 3
+pop3		110/udp
+sunrpc		111/tcp
+sunrpc		111/udp
+auth		113/tcp		authentication
+sftp		115/tcp
+uucp-path	117/tcp
+nntp		119/tcp		readnews untp	# USENET News Transfer Protocol
+ntp		123/tcp
+ntp		123/udp				# Network Time Protocol
+netbios-ns	137/tcp				# NETBIOS Name Service
+netbios-ns	137/udp
+netbios-dgm	138/tcp				# NETBIOS Datagram Service
+netbios-dgm	138/udp
+netbios-ssn	139/tcp				# NETBIOS session service
+netbios-ssn	139/udp
+imap2		143/tcp				# Interim Mail Access Proto v2
+imap2		143/udp
+snmp		161/udp				# Simple Net Mgmt Proto
+snmp-trap	162/udp		snmptrap	# Traps for SNMP
+cmip-man	163/tcp				# ISO mgmt over IP (CMOT)
+cmip-man	163/udp
+cmip-agent	164/tcp
+cmip-agent	164/udp
+xdmcp		177/tcp				# X Display Mgr. Control Proto
+xdmcp		177/udp
+nextstep	178/tcp		NeXTStep NextStep	# NeXTStep window
+nextstep	178/udp		NeXTStep NextStep	# server
+bgp		179/tcp				# Border Gateway Proto.
+bgp		179/udp
+prospero	191/tcp				# Cliff Neuman's Prospero
+prospero	191/udp
+irc		194/tcp				# Internet Relay Chat
+irc		194/udp
+smux		199/tcp				# SNMP Unix Multiplexer
+smux		199/udp
+at-rtmp		201/tcp				# AppleTalk routing
+at-rtmp		201/udp
+at-nbp		202/tcp				# AppleTalk name binding
+at-nbp		202/udp
+at-echo		204/tcp				# AppleTalk echo
+at-echo		204/udp
+at-zis		206/tcp				# AppleTalk zone information
+at-zis		206/udp
+z3950		210/tcp		wais		# NISO Z39.50 database
+z3950		210/udp		wais
+ipx		213/tcp				# IPX
+ipx		213/udp
+imap3		220/tcp				# Interactive Mail Access
+imap3		220/udp				# Protocol v3
+ulistserv	372/tcp				# UNIX Listserv
+ulistserv	372/udp
+#
+# Berkeley-specific services
+#
+exec		512/tcp
+biff		512/udp		comsat
+login		513/tcp
+who		513/udp		whod
+shell		514/tcp		cmd		# no passwords used
+syslog		514/udp
+printer		515/tcp		spooler		# line printer spooler
+talk		517/udp
+ntalk		518/udp
+route		520/udp		router routed	# RIP
+timed		525/udp		timeserver
+tempo		526/tcp		newdate
+courier		530/tcp		rpc
+conference	531/tcp		chat
+netnews		532/tcp		readnews
+netwall		533/udp				# -for emergency broadcasts
+uucp		540/tcp		uucpd		# uucp daemon
+remotefs	556/tcp		rfs_server rfs	# Brunhoff remote filesystem
+#klogin		543/tcp				# Kerberized `rlogin' (v5)
+#kshell		544/tcp				# Kerberized `rsh' (v5)
+kerberos-adm	749/tcp				# Kerberos `kadmin' (v5)
+#
+webster		765/tcp				# Network dictionary
+webster		765/udp
+#
+# From ``Assigned Numbers'':
+#
+#> The Registered Ports are not controlled by the IANA and on most systems
+#> can be used by ordinary user processes or programs executed by ordinary
+#> users.
+#
+#> Ports are used in the TCP [45,106] to name the ends of logical
+#> connections which carry long term conversations.  For the purpose of
+#> providing services to unknown callers, a service contact port is
+#> defined.  This list specifies the port used by the server process as its
+#> contact port.  While the IANA can not control uses of these ports it
+#> does register or list uses of these ports as a convienence to the
+#> community.
+#
+ingreslock	1524/tcp
+ingreslock	1524/udp
+prospero-np	1525/tcp		# Prospero non-privileged
+prospero-np	1525/udp
+rfe		5002/tcp		# Radio Free Ethernet
+rfe		5002/udp		# Actually uses UDP only
+#
+#
+# Kerberos (Project Athena/MIT) services
+# Note that these are for Kerberos v4, and are unofficial.  Sites running
+# v4 should uncomment these and comment out the v5 entries above.
+#
+kerberos	750/udp		kdc	# Kerberos (server) udp
+kerberos	750/tcp		kdc	# Kerberos (server) tcp
+krbupdate	760/tcp		kreg	# Kerberos registration
+kpasswd		761/tcp		kpwd	# Kerberos "passwd"
+klogin		543/tcp			# Kerberos rlogin
+eklogin		2105/tcp		# Kerberos encrypted rlogin
+kshell		544/tcp		krcmd	# Kerberos remote shell
+#
+supfilesrv	871/tcp			# for SUP
+supfiledbg	1127/tcp		# for SUP
diff --git a/share/examples/etc/shells b/share/examples/etc/shells
new file mode 100644
index 000000000000..df377f133737
--- /dev/null
+++ b/share/examples/etc/shells
@@ -0,0 +1,6 @@
+# List of acceptable shells for chpass(1).
+# Ftpd will not allow users to connect who are not using
+# one of these shells.
+
+/bin/sh
+/bin/csh
diff --git a/share/examples/etc/skey.access b/share/examples/etc/skey.access
new file mode 100644
index 000000000000..22cdb69fe107
--- /dev/null
+++ b/share/examples/etc/skey.access
@@ -0,0 +1,8 @@
+# First word says if UNIX passwords are to be permitted or denied.
+# remainder of the rule is a networknumber and mask. A rule matches a
+# host if any of its addresses satisfies:
+# 
+#	network = (address & mask)
+# 
+#what	network		mask
+permit	0.0.0.0		0.0.0.0
diff --git a/share/examples/etc/syslog.conf b/share/examples/etc/syslog.conf
new file mode 100644
index 000000000000..73d56b70a784
--- /dev/null
+++ b/share/examples/etc/syslog.conf
@@ -0,0 +1,9 @@
+*.err;kern.debug;auth.notice;mail.crit		/dev/console
+*.notice;kern.debug;lpr,auth.info;mail.crit	/var/log/messages
+mail.info					/var/log/maillog
+lpr.info					/var/log/lpd-errs
+cron.*						/var/cron/log
+*.err						root
+*.notice;auth.debug				root
+*.alert						root
+*.emerg						*
diff --git a/share/examples/etc/ttys b/share/examples/etc/ttys
new file mode 100644
index 000000000000..93406544ad30
--- /dev/null
+++ b/share/examples/etc/ttys
@@ -0,0 +1,53 @@
+#
+#	@(#)ttys	5.1 (Berkeley) 4/17/89
+#
+# name	getty				type	status		comments
+#
+# This entry needed for asking password when init goes to single-user mode
+# If you want to be asked for password, change "secure" to "insecure" here
+console	none				unknown	off secure
+#
+ttyv0	"/usr/libexec/getty Pc"		cons25	on  secure
+# Virtual terminals
+ttyv1	"/usr/libexec/getty Pc"		cons25	on secure
+ttyv2	"/usr/libexec/getty Pc"		cons25	on secure
+ttyv3	"/usr/libexec/getty Pc"		cons25	off secure
+# Hardwired terminals
+tty00	"/usr/libexec/getty std.9600"	unknown	off secure
+tty01	"/usr/libexec/getty std.9600"	unknown	off secure
+# Dialin terminals
+ttyd2	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd3	"/usr/libexec/getty std.9600"	unknown	off secure
+# Pseudo terminals
+ttyp0	none			network
+ttyp1	none			network
+ttyp2	none			network
+ttyp3	none			network
+ttyp4	none			network
+ttyp5	none			network
+ttyp6	none			network
+ttyp7	none			network
+ttyp8	none			network
+ttyp9	none			network
+ttypa	none			network
+ttypb	none			network
+ttypc	none			network
+ttypd	none			network
+ttype	none			network
+ttypf	none			network
+ttyq0	none			network
+ttyq1	none			network
+ttyq2	none			network
+ttyq3	none			network
+ttyq4	none			network
+ttyq5	none			network
+ttyq6	none			network
+ttyq7	none			network
+ttyq8	none			network
+ttyq9	none			network
+ttyqa	none			network
+ttyqb	none			network
+ttyqc	none			network
+ttyqd	none			network
+ttyqe	none			network
+ttyqf	none			network