is exhausted.
How to use:
Basically we need to add on rc.conf an another option like:
If we want to protect only the main processes.
syslogd_oomprotect="YES"
If we want to protect all future children of the specified processes.
syslogd_oomprotect="ALL"
PR: 204741 (based on)
Submitted by: eugen@grosbein.net
Reviewed by: jhb, allanjude, rpokala and bapt
MFC after: 4 weeks
Relnotes: Yes
Sponsored by: gandi.net
Differential Revision: https://reviews.freebsd.org/D5176
As of r294068 boot1.efi can load loader.efi from ZFS.
As of r295320 boot1.efi prefers to load loader.efi from the same device
it was loaded from.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
go asking what debug flags to set for GEOM to make it work. Advice
them to use gpart(8) instead.
Something similar should probably done with disklabel,
but I need to rewrite the disklabel examples first.
Reviewed by: wblock@
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D3315
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
While I'm there also correct typos in OptionalObsoleteFiles and add
information of the command line options for hv_kvp_daemon(8).
Reported by: jmg [1]
Reviewed by: jmg
MFC after: 2 weeks
appropriate (i.e. where syscons was already mentioned and vt supports the
feature). Comments in defaults/rc.conf are updated to match the contents
of the modified man-page rc.conf(5).
Reviewed by: pluknet, emaste
MFC after: 3 days
for FreeBSD standards. Very little, if any, content was
modified.
These are not yet linked to the build.
Submitted by: Abhishek Gupta (abgupta!microsoft dot com)
Sponsored by: The FreeBSD Foundation
These scripts, containing
# KEYWORD: firstboot
will only be run if a sentinel file (default: /firstboot, configurable
via the rc.conf ${firstboot_sentinel} variable) exists; this sentinel
file will be deleted at the end of the boot process.
Scripts can request that the system reboot after the first boot by
creating the file ${firstboot_sentinel}-reboot.
This functionality is expected to be useful for embedded systems and
virtual machine images, where it may be desirable to
(a) download and install updates which became available between when
the image was created and when it was "turned on";
(b) download and install packages which may be newer than those
which were available when the image was created;
(c) install packages which run binaries during their install process,
bypassing the problem of cross-architecture installs;
(d) resize filesystems to match the disk onto which a VM image was
installed;
(e) perform initialization tasks relevant to cloud systems (e.g.,
Amazon's Elastic Compute Cloud);
and likely to perform many other one-time initialization functions.
Document this new functionality in rc.conf(5) and rc(8). [2]
Reviewed by: freebsd-current, freebsd-rc [1]
Reviewed by: Warren Block [2]
MFC after: 3 days
and enable the usage by sendmail if sendmail is enabled. Include and
document knobs to disable this feature and also set the Common Name of
the certificate created.
As the certificate is signed w/ a discarded key, it only helps prevent
Eve, but not Malory from knowing the contents of the emails.
This means that new installs (and people that use the updated freebsd.mc
file) will automaticly have STARTTLS enabled allowing incoming email to
be encrypted in most cases.
Reviewed by: gshapiro
MFC after: 3 days
Security: Yes, please.
generates a configuration suitable for running unbound as a caching
forwarding resolver, and configures resolvconf(8) to update unbound's
list of forwarders in addition to /etc/resolv.conf. The initial list
is taken from the existing resolv.conf, which is rewritten to point to
localhost. Alternatively, a list of forwarders can be provided on the
command line.
To assist this script, add an rc.subr command called "enabled" which
does nothing except return 0 if the service is enabled and 1 if it is
not, without going through the usual checks. We should consider doing
the same for "status", which is currently pointless.
Add an rc script for unbound, called local_unbound. If there is no
configuration file, the rc script runs local-unbound-setup to generate
one.
Note that these scripts place the unbound configuration files in
/var/unbound rather than /etc/unbound. This is necessary so that
unbound can reload its configuration while chrooted. We should
probably provide symlinks in /etc.
Approved by: re (blanket)
Document the current semantics of the 'quiet' command prefix
in the rc.subr(8).
Fix dhclient rc.d script: it should not call err() for
non-DHCP-enabled interface when it is called from devd, because the
latter just blindly calls 'service dhclient quietstart' on each "link
up" event.
Since the 'quietstart' will silence the message "Cannot 'start' <foo>.
Set <foo>_enable to YES in /etc/rc.conf or use 'onestart' instead of
'start'." and running dhclient on the non-DHCP-enabled interface is
the same thing as running the service <foo> without <foo>_enable set,
such modification is in sync with the current semantics of the 'quiet'
prefix.
Approved by: glebius
Reviewed by: freebsd-rc list
MFC after: 2 weeks
