This fixes mounting (non-root) USB drives on boot with fsck enabled
(with non-zero 'Pass#' field in fstab(5)).
Reported by: Graham Menhennitt <graham at menhennitt.com.au>
Reviewed by: jilles@
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D6221
Make kdc run BEFORE SERVERS instead of being REQUIREd by SERVERS,
so systems that pedantically check REQUIREs function after r270782
MFC after: 1 week
X-MFC with: r270782
Sponsored by: EMC / Isilon Storage Division
By default set to 'YES' so it does not change the current behaviour for users,
this variable allows to decide to not extract crach dumps from the dump
device at boot time by setting it to "NO" in rc.conf.
Sponsored by: Gandi.net
Check if pf.ko is loaded (i.e. /dev/pf exists) before trying to use it. This
means that '/etc/rc.d/pf status' will no longer return 'pfctl: /dev/pf: No such
file or directory' but 'pf.ko is not loaded'.
PR: 205671
Submitted by: Johannes Jost Meixner <xmj@FreeBSD.org>
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
When a user defines "jail_list" in rc.conf the jails are started in the
order defined. Currently the jails are not are stopped in reverse order
which may break dependencies between jails/services and prevent a clean
shutdown. The new parameter "jail_reverse_stop" will shutdown jails in
"jail_list" in reverse order when set to "YES".
Please note that this does not affect manual invocation of the jail rc
script. If a user runs the command
# service jail stop jail1 jail2 jail3
the jails will be stopped in exactly the order specified regardless of
jail_reverse_stop being defined in rc.conf.
PR: 196152
Approved by: jamie
MFC after: 1 week
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D5233
The working copy of leapfile resides in /var/dbntpd.leap-seconds.list.
/etc/ntp/leap-seconds (periodically updated from ftp://time.nist.gov/pub/
or ftp://tycho.usno.navy.mil/pub/ntp/) contains the master copy should
automatic leapfile updates be disabled (default).
Automatic leapfile updates are fetched from $ntp_leapfile_sources,
defaulting to https://www.ietf.org/timezones/data/leap-seconds.list,
within $ntp_leapfile_expiry_days (default 30 days) from leap-seconds
file expiry. Automatic updates can be enabled by setting
$daily_ntpd_leapfile_enable="YES" in periodic.conf. To avoid congesting
the ntp leapfile source the automatic update randomized by default but
can be disabled through daily_ntpd_avoid_congestion="NO" in
periodic.conf.
Suggested by: des
Reviewed by: des, roberto, dwmalone, ian, cperciva, glebius, gjb
MFC after: 1 week
X-MFC with: r289421, r293037
any root mount holds. The previous one used a wrong conditional - the
"err=$?" assignment resets "$?" to 0.
Submitted by: jilles@
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
contain characters not allowed in a shell variable (such as "-").
These will be replaced by an underscore in jail config variables,
e.g. for jail "foo-bar" you would set "jail_foo_bar_hostname".
This is separate from the current code that changes the jail names
if they contain "." or "/". It also doesn't apply to jails defined
in a jail.conf file.
PR: 191181
MFC after: 5 days
