Note: This also deprecates "NO" as a way to specify an empty list of
interfaces for gif_interfaces.
PR: conf/104884
Submitted by: nork
Harassed by: brd
Discussed with: brooks, dougb
o Remove ttyyX, created by the obsolete zs(4)
o Replace ttydX by ttyuX, which is created by uart(4)
o Enable ttyu0 as a console to better support the xserve.
MFC after: 1 week
modern dual-core systems as well.
- Parse the _CST packages for each cpu and track all the states individually,
on a per-cpu basis.
- Revert to generic FADT/P_BLK based Cx control if the _CST package
is not present on all cpus. In that case, the new driver will
still support per-cpu Cx state handling. The driver will determine the
highest Cx level that can be supported by all the cpus and configure the
available Cx state based on that.
- Fixed the case where multiple cpus in the system share the same
registers for Cx state handling. To do that, added a new flag
parameter to the acpi_PkgGas and acpi_bus_alloc_gas functions that
enable the caller to add the RF_SHAREABLE flag. This flag could also be
useful to other callers (acpi_throttle?) in the tree but this change is
not yet made.
- For Core Duo cpus, both cores seems to be taken out of C3 state when
any one of the cores need to transition out. This broke the short sleep
detection logic. It is disabled now if there is more than one cpu in
the system for now as it fixed it in my case. This quirk may need to
be re-enabled later differently.
- Added support to control cx_lowest on a per-cpu basis. There is still
a generic cx_lowest to enable changing cx_lowest for all cpus with a single
sysctl and for ease of use. Sample output for the new sysctl:
dev.cpu.0.cx_supported: C1/1 C2/1 C3/57
dev.cpu.0.cx_lowest: C3
dev.cpu.0.cx_usage: 0.00% 43.16% 56.83%
dev.cpu.1.cx_supported: C1/1 C2/1 C3/57
dev.cpu.1.cx_lowest: C3
dev.cpu.1.cx_usage: 0.00% 45.65% 54.34%
hw.acpi.cpu.cx_lowest: C3
This work was done by Stephane E. Potvin with some simple reworking by
myself. Thank you.
Submitted by: Stephane E. Potvin <sepotvin / videotron.ca>
MFC after: 2 weeks
in a previous commit to avoid namespace collisions, unfortunately I missed two
of them. This leads to the ip alias being incorrectly removed in some cases
when using the stop command.
Reported by: Philipp Wuensche <cryx-freebsd@h3q.com>
interpreted $command. Some "portable" sofware packages use such a
line to skip the task of figuring out the absolute pathname of the
interpreter at install time, e.g.:
#!/usr/bin/env python
It is insecure, but a popular book on Python seems to have advised
it to a wide audience. Hence a number of such scripts in the ports,
mostly written in Python.
PR: bin/100287
MFC after: 1 week
scripts, except for mdconfig* and jail. Such symbols are reserved
for the rc.subr internals. Most scripts can be fixed by just
declaring _foo symbols as local: few scripts actually need them to
be global.
Discussed with: dougb in freebsd-rc
With the second (and last) part of my previous Summer of Code work, we get:
-ipfw's in kernel nat
-redirect_* and LSNAT support
General information about nat syntax and some examples are available
in the ipfw (8) man page. The redirect and LSNAT syntax are identical
to natd, so please refer to natd (8) man page.
To enable in kernel nat in rc.conf, two options were added:
o firewall_nat_enable: equivalent to natd_enable
o firewall_nat_interface: equivalent to natd_interface
Remember to set net.inet.ip.fw.one_pass to 0, if you want the packet
to continue being checked by the firewall ruleset after being
(de)aliased.
NOTA BENE: due to some problems with libalias architecture, in kernel
nat won't work with TSO enabled nic, thus you have to disable TSO via
ifconfig (ifconfig foo0 -tso).
Approved by: glebius (mentor)
Implement the checks for required_* objects as two functions, one
to be run before precmd and the other after it. They get the current
rc command as an argument so they can choose what requirement tests
to perform. As of now, only "start" needs such tests.
Implement a new requirement variable, required_modules. It can
list kernel modules that need to be loaded after start_precmd
indicated success. Each name in the list can be just "file", or
"file:module", or "file~regex". This will allow us to remove a lot
of duplicated code from rc.d scripts.
Perform the checks not only for the default start method, but for
any method. This allows for more flexibility and fixes a few rc.d
scripts (namely newsyslog, pf, sendmail) that rely on a required_*
variable while providing a non-default start method.
To be able to call the new check_required* functions naturally,
remove lots of crufty duplicated code pieces from run_rc_command
and replace each of them by a call to the helper function providing
a single corrected instance of the respective code snippet. Now
run_rc_command isn't as scary as it used to be, and it even appears
to have quite a nice logic that was obscured by the old crufty code.
In the default handler for restart, run start from a subshell to
protect global varibles, e.g., _postcmd, from modification by the
start handler. This enables using restart_postcmd. [x]
PR: conf/98734 [x]
Submitted by: Rick van der Zwet <rick@wzoeterwoude.net> [x]
Reviewed by: freebsd-rc (silence for an older version)
MFC after: 1 month
After a change of devd.conf, devd(8) handles NIC attach/detach event
by using /etc/pccard_ether with the interface name as the argument.
This model does not work properly with IPv6 configuration because the
implementation of IPv6 stateless auto-configuration in the FreeBSD
rc.d scripts depends on whether there are any explicit configurations
for interfaces or not. It works this way: if no manual configuration,
it will perform auto-configuration, but otherwise no
auto-configuration will be performed. So, this behavior can only be
determined by all of the interfaces on a system, not a single one.
For this reason, the network6_interface_setup() function called from
the pccard_ether_start() does not work with a single interface name.
And what is worse, this combination of devd.conf and
pccard_ether_start() caused a bad side-effect that when
ipv6_enable=YES, all of interfaces marked as DOWN would be UP
unconditionally (and router solicitation was sent) just after devd(8)
was invoked. This should be fixed in a more sophisticated way.
A kernel with INET6 always has ::1 on lo0, so in the case of
ipv6_enable="NO" the lo0 can have ::1 with no link-local address.
This is a violation of the IPv6 specification. As a workaround for
this situation, fe80::1 is added in rc.d/auto_linklocal when lo0 has
no link-local address. This should not be harmful for IPv4-only users.
- add better checks on non-existing directories to prevent error
messages at run time;
- introduce a function log() to help debugging diskless booting
when things don't work;
- modify the parsing of diskless_remount so you can add mount_nfs
options after the pathname. You could use 'remount' to do something
similar, but this way is more convenient because you don't have to
hardwire the server name in the command.
- document the above.
I have been running the above in a diskless lab since february on RELENG_6.
MFC after: 1 week
There's no dollar use in variable assignment in sh.
Assuming this is can be expected behavior for some
people, this change won't be MFC'ed to RELENG_6.
Discussed with: yar on -rc
how to change the auditd instance. When using a port/package-based
OpenBSM, changing the auditd pointer may be desirable.
Obtained from: TrustedBSD Project
MFC after: 3 weeks
Factor out the loopback setup
Use "me" instead of hardcoded $ip where possible.
Add "workstation" which protects just this machine with stateful
firewalling. Put the variables for this in rc.conf.
Submitted by: Flemming Jacobsen <fj@batmule.dk>
Reviewed by: cperciva
+ Use rc.subr(8) features properly.
+ Do the whole job of obliterating /tmp contents in find(1).
+ Leave lost+found and quota.{user,group} in /tmp only if root-owned.
+ Make the overall structure clearer by first removing the X dirs
(perhaps along with the rest of /tmp) and then re-creating them.
+ Use "find -exec rm -rf {} +" for efficiency: each rm instance gets
a chance to kill as much files in /tmp as ARG_MAX permits.
PR: bin/104044
Submitted by: Andrey Simonenko <see PR for email>
Hacked by: yar
MFC after: 1 month
