This waits for the requested process(es) to terminate, rather than polling
with an interval of 2 seconds.
If pwait is not available, the old method is used.
PR: conf/132766
Use an unique directory name instead of hardcoded /tmp/.diskless.
A malicious user could create a file named /tmp/.diskless and cause
the script to misbehave.
PR: conf/141258
Add rc.d script for the rtsold(8) daemon.
The rtsol(8) handles just one RA then exit. So, the OtherConfig flag
may not be handled well by rtsol(8) in the environment where there are
multiple RA servers on the segment. In such case, rtsold(8) will be
your friend.
Introduce new rc.conf variable firewall_coscripts. It can be used to
specify list of executables and/or rc scripts that should be executed
after firewall starts/stops.
Submitted by: Yuri Kurenkov <y dot kurenkov at init dot ru>
Reviewed by: rhodes, rc@
Git has been added as port 9418:
http://www.iana.org/assignments/port-numbers
The Erlang Port Mapper Daemon (from ports/lang/erlang) has been
assigned official port number 4369 by IANA.
PR: conf/143259 conf/113265
Submitted by: Denny Lin <dennylin93@cnmc32.hs.ntnu.edu.tw> Jimmy Olgeni <olgeni@freebsd.org>
Don't complain when we encounter the "cache" source, it's valid. Also fix
the error message to include a line feed and not include a stray comma.
Submitted by: Artis Caune artis.caune gmail.com
While here, change "> /dev/stderr" for more usual ">&2"
Submitted by: jilles
PR: bin/121671
Approved by: ed (mentor, implicit)
Add support for configuring vlan(4) interfaces as child devices similar to
wlan(4) interfaces. vlan(4) interfaces are listed via a new 'vlans_<IF>'
variable. If a vlan interface is a number, then that number is treated as
the vlan tag for the interface and the interface will be named '<IF>.<tag>'.
Otherwise, the vlan tag must be provided via a vlan parameter in a
'create_args_<vlan>' variable.
While I'm here, fix a few nits in rc.conf(5) and mention create_args_<IF> in
the description of cloned_interfaces.
Expose the upper 256 ptys in the default devfs rules. I should have updated
this when expanding the old pty(4) driver to use 512 ptys by default. This
is more important for 7.x.
Since the change to rc.subr in r198162 it's not necessary to specify
command in the rc.d script if we have a corresponding ${name}_program
entry, which we do for named.
Rename named_precmd to named_prestart to make it more clear and match
convention.
Move the command_args definition related to -u up into _prestart().
It (and the associated $named_uid value) are only used there, and
unlike required_* and pidfile don't need to be used until this stage.
Fix a silly bug that would only have affected people who were using
the new named_wait or named_auto_forward features, AND had set up an
rndc.conf file instead of using the automatically generated rndc.key.
For named_conf:
Add "-c $named_conf" to command_args if it's not set to the
default. If it is set to the default and we're using the base
BIND it's not necessary. If we're using BIND from the ports
the user is likely to have included it in _flags (due to long
necessity for doing so) so don't duplicate that if it's set.
Add $named_conf to required_files
MFC r200563:
The named process needs to have a "working directory" that it can
write to. This is specified in "options { directory }" in named.conf.
So, create /etc/namedb/working with appropriate permissions, and
update the entry in named.conf to match.
In addition to specifying the working directory, file and path names
in named.conf can be specified relative to the directory listed.
However, since that directory is now different from /etc/namedb
(where the configuration, zone, rndc.*, and other files are located)
further update named.conf to specify all file names with fully
qualified paths. Also update the comment about file and path names
so users know this should be done for all file/path names in the file.
This change will eliminate the 'working directory is not writable'
messages at boot time without sacrificing security. It will also
allow for features in newer versions of BIND (9.7+) to work as
designed.
Update to the December 12, 2008 version of this file. The one
substantive change is to add the IPv6 address of L. The other
changes are all CAPS LOCK related.
Add a new rc.d script, static_arp, which enables the administrator to
statically bind IPv4 <-> MAC address at boot time.
In order to use this, the administrator needs to configure the following
rc.conf(5) variable:
- static_arp_pairs: A list of names for static bind pairs, and,
- a series of static_arp_(name): the arguments that is being passed to
``arp -S'' operation.
Example:
static_arp_pairs="gw"
static_arp_gw="192.168.1.1 00:01:02:03:04:05"
See the rc.conf(5) manual page for more details.
r197144:
- Add an extension of set_rcvar(), a new function set_rcvar_obsolete(),
and $desc.
The set_rcvar_obsolete() is to mark a variable as obsolete and define
the new one. More specifically, a warning is displayed when
a variable is removed or changed in the source tree and the user
still defines the old one.
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
SVN r197174:
Make sure we never place the cursor outside the screen.
For some vague reason, it may be possible that scp->cursor_pos exceeds
scp->ysize * scp->xsize. This means that teken_set_cursor() may get
called with an invalid position. Just ignore the old cursor position in
this case.
Reported by: Paul B. Mahol <onemda gmail com>
SVN r198213:
Make lock devices work properly.
It turned out I did add the code to use the init state devices to set
the termios structure when opening the device, but it seems I totally
forgot to add the bits required to force the actual locking of flags
through the lock state devices.
Reported by: ru
SVN r198215, r198217:
Fix a typo in the jail(8) manpage.
Submitted by: Jille Timmermans <jille quis cx>
SVN r198216:
Fix qouting in a comment, to make it look more consistent
Submitted by: Jille Timmermans <jille quis cx>
SVN r198223:
Properly set the low watermarks when reducing the baud rate.
Now that buffers are deallocated lazily, we should not use
tty*q_getsize() to obtain the buffer size to calculate the low
watermarks. Doing this may cause the watermark to be placed outside the
typical buffer size.
This caused some regressions after my previous commit to the TTY code,
which allows pseudo-devices to resize the buffers as well.
Reported by: yongari, dougb
In regards to the "Starting foo:" type messages at boot time, create
and employ a more generic solution, and use it in the individual rc.d
scripts that also have an $rc_quiet test:
1. Add check_startmsgs() to rc.subr.
2. In the rc.d scripts that use rc_quiet (and rc.subr) substitute
variations of [ -z "$rc_quiet" ] with check_startmsgs
3. In savecore add a trailing '.' to the end of the message to make it
more consistent with other scripts.
4. In newsyslog remove a : before the terminal '.' since we do not
expect there to be anything printed out in between to make it more
consistent.
5. In the following scripts change "quotes" to 'quotes' where no
variables exist in the message: savecore pf newsyslog
6. [Does not apply in RELENG_8]
7. In the following scripts separate the "Starting foo:" from the
terminal '.' to make them more consistent: moused hostname pf
8. In nfsclient move the message to its own line to avoid a style bug
9. In pf rc_quiet does not apply to the _stop method, so remove the
test there.
10. In motd add 'quotes' around the terminal '.' for consistency
Approved by: re (kib)
Fix the typo mentioned in the PR, and one additional.
Fix caps while I'm here.
PR: conf/138087
Submitted by: Chris Petrik <c.petrik.sosa@gmail.com>
Approved by: re (kib)
Add a knob to show 'Starting foo:' messages when faststart is used,
such as at boot time.
MFC 197619
By popular acclaim, enable "Starting foo:" messages by default
Approved by: re (bz)
for stable branches:
- shift to MALLOC_PRODUCTION
- turn off automatic crash dumps
- Remove kernel debuggers, INVARIANTS*[1], WITNESS* from
GENERIC kernel config files[2]
[1] INVARIANTS* left on for ia64 by request marcel
[2] sun4v was left as-is
Reviewed by: marcel, kib
Approved by: re (implicit)
Do the first step in removing lukemftpd from the base system. Disconnect
it from the build.
If you are using the FTP daemon, please consider using the port ftp/tnftpd
which is the same FTP server, but newer and might have more/better
functionality.
This results in us providing only one ftp daemon by default.
Reviewed by: bz
Approved by: imp (mentor, implicit)
MFC after: 3 days
Silence from: obrien
Approved by: re (kib), imp (mentor, implicit)
Prior to the dire warning about values of network_interfaces other than
AUTO the biggest mistake users made was leaving lo0 off the list. Since
lo0 is effectively mandatory, check for it and add it to the list if
it's not there.
MFC 196523:
Improve the case test to detect the presence of lo0 in the list of
network_interfaces.
Submitted by: Christoph Mallon <christoph.mallon@gmx.de>
Approved by: re (kib)
In the loop through the list of interfaces in network6_interface_setup()
rtsol_interface gets reset to "yes" each time through the loop, but
rtsol_available does not. If a user has lo0 first in their list of
interfaces rtsol_available will get set to "no" the first time through
the loop and subsequent interfaces will not get rtsol'ed when they should.
Therefore change the conditional for the is_wired() test to _interface.
Approved by: re (kib)
Move is_wired_interface() from rc.d/wpa_supplicant into network.subr,
simplify it a bit, and make use of that method to determine if an
interface is a candidate for IPv6 rtsol rather than listing all of the
possible wireless interfaces that should _not_ get rtsol'ed.
This change is only relevant for 8.0+ unless the "wlan mandatory" code
gets ported back to RELENG_7.
Approved by: re (kib)
Add support for backing up the old kernel when installing a new kernel
using freebsd-update. This applies to using freebsd-update in "upgrade
mode" and normal freebsd-update on a security branch.
The backup kernel will be written to /boot/kernel.old, if the directory
does not exist, or the directory was created by freebsd-update in a
previous backup. Otherwise freebsd-update will generate a new directory
name for use by the backup. By default symbol files are not backed up
to save diskspace and avoid filling up the root partition.
This feature is fully configurable in the freebsd-update config file,
but defaults to enabled.
Reviewed by: cperciva
Approved by: re (kib)
top of ZVOLs. The problem is that rc.d/fsck runs before rc.d/zfs. The
latter makes ZVOLs to appear in /dev/. In such case rc.d/fsck cannot
find devfs entry and aborts. We cannot simply move rc.d/zfs before
rc.d/fsck, because we first want kern.hostid to be configured (by
rc.d/hostid). If we won't wait (hostid will be 0) we can reuse disks
which are in use by different systems (eg. in SAN/NAS environment).
We also cannot move rc.d/hostid before rc.d/fsck, because rc.d/hostid on
first system start stores generated kern.hostuuid in /etc/hostid file,
so it needs root file system to be mounted read-write.
The fix is to split rc.d/hostid so that rc.d/hostid (which will now run
before rc.d/fsck) only generates hostid and sets up sysctls, but doesn't
touch root file system and rc.d/hostid_save (which is run after
rc.d/root) and only creates /etc/hostid file.
With that in place, we can move ZVOL initialization to dedicated
rc.d/zvol script which runs before rc.d/fsck.
PR: conf/120194
Reported by: James Snow <snow@teardrop.org>
Reviewed by: brooks
Approved by: re (kib)
MFC after: 2 weeks
The Portsnap buildbox now generates teh bits needed for portsnap to produce
INDEX-8; and it hasn't built INDEX-5 for a long time, although the bits are
still distributed for an INDEX-5 from when FreeBSD 5.x reached its EoL.
Approved by: re (kib)
MFC after: 3 days (INDEX-8 addition only)
2) Point people at the pool website and encourage
people to provide a server in the pool (as a
courtesy to the pool guys).
3) Fix a spelling.
4) Comment out the local clock and include a link
to documentation for use of the local clock on
the ntp.org site.
Approved by: re (kib)
