it at boot time closer to the way we want it to be in the final version.
* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
and files before the disks are mounted. This gives /dev/random
a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
possibility of accidentally overwriting something other
than a regular file.
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.
For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.
Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
multifunction cards and I recieved reports that the card does not
workd by `config auto'. (MFPAO)
o Remove static assign of the IRQ number.
o Remove two duplicated entries.
o Join some entries using regex and fixed matching order problem.
These changes for boot.flp.
Suggested by: sanpei
require the addition of flag 0x80000 to their config line in
pccard.conf(5). This flag is not optional. These Linksys cards will
not be recognized without it.
Reviewed by: imp, iwasaki
from "PCMCIA SCSI MBH1040" to "PCMCIA SCSI MBH10401" "01". They are
based on the spc driver.
This will fix the conflicts of entry with REX-5536AM, REX-9836A,
and ICM PSC-2401 ("MBH10404" ones) which are based on stg driver.
The problem was pointed out in bsd-nomads several times since PAO2 days.
-Comment out the entry for "MBH10401" ones. The spc driver is
not supported yet.
-Add more comment about cards which has broken CIS
(some cards which has tuple of "PCMCIA SCSI MBH10404" "01").
Reported by: takachan@running-dog.net, y-nakaga@nwsl.mesh.ad.jp,
yuki@dayo.ne.jp
Obtained from: discussion in bsd-nomads mailing list
ENABLE_SUID_SSH being defined reenable it for those that want it.
This follows discussion favoring the change from September. It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).
Submitted by: jedgar
cosmetic changes
use /etc/pccard_ether for Xircom CreditCard Netwave
and 3Com Corporation" "3C562" (BUT NOT SUPPORTED).
fix `card line' of RATOC REX-5572 (as SCSI only)
use `config auto' for RATOC REX-5536AM, REX-9836A,
ICM PSC-2401 SCSI
- rtsol should be work for only one interface
- new variable ipv6_defaultrouter is added
- option name of rtadvd in comment are corrected
- ipv6_firewall_enable, ipv6_firewall_type, ipv6_firewall_script,
ipv6_firewall_logging are added to introduce rc.firewall6.
IPv6 firewall rule is just starting point and should be brushed up.
This commit includes PR18621, PR21694, PR22051.
PR: conf/18621, conf/21694, conf/22051
Reviewed by: asmodai
used in lower layer (scsi_low.c).
The flag of ncv for KME KXLC004 was chaged from 0x1 to 0x100.
The flag of nsp for PIO mode was chaged from 0x1 to 0x100.
This confilcted with the entry of non PIO mode.
If you want to use them in PIO mode comment out entry of the non PIO mode
and uncommnet the PIO mode entry.
and stg drivers. Also all config indexes for these cards are changed
to auto.
Note, still if you would like to use cards which has a comment;
# (Do not put this entry under Bustoaster)
you need some quick hack. Uncomment the entry above.
Reviewed by: sanpei@FreeBSD.org
brought them to BSDcon and gratiously allowed me to test each one with
the wireless setup here. In addition, support another CF card which
YAMAMOTO-san also brought.
Also add a Lexar CF card which didn't work with auto on many laptops.
the 'ifconfig ifN delete' into pccard_ether under the 'stop'
function.
In addition start dhclient with a pid file based on the interface
name, e.g. /var/run/dhclient.ep0.pid, and kill the correct dhclient
(or dhcpc) process when the card is removed.
the appropriate documentation added to rc.conf(5). If all goes well
with this over the next few weeks, the PR will be closed with the
pullup of patches back to 4-STABLE.
PR: 20202
Submitted by: Gerhard Sittig <Gerhard.Sittig@gmx.net>
Reviewed by: Darren Reed <darrenr@freebsd.org>
Approved by: Darren Reed <darrenr@freebsd.org>
Obtained from: Gerhard Sittig <Gerhard.Sittig@gmx.net>
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8). Output may be masked based on variable values in
periodic.conf.
It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.
The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).
PR: 21250
-- Unknown
Now that the RSA algorithm is released into the public domain, build
librsaintl by default unless NO_RSAINTL is set in make.conf.
The native OpenSSL implementation of RSA is much faster, doesn't have
an artificial keysize limitation, has 30% fewer calories and tastes great!
cached when not in use. This changes the FreeBSD default from 30 minutes
to 5 minutes. JKH was the one that added the override to amd_flags, but
there was no reason given other to serve as an example of what could be
done.
IPX folks a fighting chance of figuring this out themselves. I can't
work out how to document this carefully in rc.conf(5), but this ought
to close the PR.
PR: 17904
Reported by: John Gelnaw <jeg@hawk.circa.ufl.edu>
SUPFLAGS when a 'make update' is run. This means that the supfile
doesn't need to be edited because the -h will override the
CHANGE_THIS.FreeBSD.org host.
Make sysinstall override this on install, so the effective behavioural
change for a newly installed system is null. Overall, this makes a system
with an empty /etc/rc.conf not run any network services, and makes the
FreeBSD-provided network services that are running visible in /etc/rc.conf
(instead of making people look through /etc/defaults/rc.conf to find the
things they need to disable to secure the system.)
Reviewed by: jhb
Discussed with: The usual cabal
time, and this is used to reseed the random number generator at
boot time.
NOTE - this has no hope of working if you halt(); you need to
execute rc.shutdown to get the entropy stash.
- Remove unit numbers in config lines.
- Remove all of logger lines and add logstr lines for some cards. This
changes reduced file size from 84k to 45k.
- Use '/sbin/ifconfig $device delete' instead of /etc/pccard_ether_remove
which haven't merge from PAO yet.
- Cosmetic changes.
MAKE_foo for things like MAKE_KERBEROS etc. Use that. I managed to
confuse myself last time and made make.conf different to the code. ;-(
Reported by: Jun Kuriyama <kuriyama@FreeBSD.org>
Seems to work great in the type II cf<->pccard adapter that came with
the card. Others have reported with different chipsets for the pccard
bridge that additional support is needed to make this card work with
the 3.3 volts it needs.
