d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
46,070 Commits 72 Branches 135 Tags 3.2 GiB
787f01b364
Commit Graph

62 Commits

Author SHA1 Message Date
nik
c695346248 Document that securelevel >= 2 clamps time changes to at most one second. 
PR:             docs/14449
Submitted by:   James FitzGibbon <james@targetnet.com>
 1999-12-16 02:15:53 +00:00
sheldonh
b870a5a3a1 Correct the ttys.5 and init.8 manpages with respect to the incorrect 
assumption that only getty processes can be managed.  Describe the
SysV-like ability to keep arbitrary long-running processes alive
using a non-device first field in /etc/ttys.

PR:		12767
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
 1999-12-06 09:07:14 +00:00
dillon
81405ca661 Finish up umntall support. init now passed an argument to the 
rundown script 'reboot' or 'single'.  ISO support (which never
    worked) has been removed from mount_nfs.  mount_nfs and umount
    now use mounttab, which allows umntall to work properly.  The
    rc scripts now call umntall as appropriate.

Submitted by:	Martin Blapp <mb@imp.ch>
 1999-11-22 04:23:11 +00:00
kato
b50419cd2e FreeBSD kernel doesn't allow any process to decrease securelevel. So, 
init(8) cannot decrease securelevel.  The manual page explains this
and single_user() doesn't try to downgrade kernel to insecure mode.

Reviewed by:	bde (manual page)
 1999-09-06 08:41:32 +00:00
peter
e226894fa0 $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
ru
40fb3a8dd3 Backup existing init(8) as /sbin/init.bak. 
PR:		12976
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
 1999-08-05 09:13:57 +00:00
ru
40c8f9e504 Fix a non-critical memory leak. 
PR:		12769
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
 1999-07-23 08:28:46 +00:00
mph
9ba6097d3f "Cannot" is one word. "Can not" has a different meaning if taken 
literally.
 1999-07-05 18:12:13 +00:00
ru
5a67b5c03e Turn System V command line syntax ``on'' by default. 
Requested by:		peter
Reviewed by:		des, billf
 1999-07-01 13:33:56 +00:00
ru
05fc41ca8d Bring in System V run-level patches (turned off by default). 
While I'm here, fix some typos in the manpage.

Requested by:	des
 1999-06-18 09:08:09 +00:00
ru
03c823ed1f Init(8) will halt the system if sent USR1 signal, 
or halt and turn the power off if sent SIGUSR2.

PR:		5451
Submitted by:	Leif Neland <leifn@image.dk>
Reworked by:	ru
Reviewed by:	-hackers
 1999-06-16 20:01:19 +00:00
ghelmer
58c6d6876f Mention securelevel 3 as affecting ipfw and dummynet. Generalize comment 
about fdisk and securelevel 2.
PR:		docs/7785
 1998-12-16 16:50:12 +00:00
phk
e67aac5fd5 Memory management error in init. 
PR:		7320
Reviewed by:	phk
Submitted by:	Anders Thulin <Anders.X.Thulin@telia.se>
 1998-07-22 05:45:11 +00:00
charnier
063ace8c51 Correct .Nm use. Add rcsid. Use min for minutes instead of mn. 1998-07-06 06:56:08 +00:00
jkoshy
506996f064 Fixes per PR 2850: 
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.

and one spelling fix.

PR: 2850
 1998-06-19 08:34:52 +00:00
jraynard
9e6ecbd5b4 Don't assume sigset_t and int are equivalent. 1998-03-02 23:19:29 +00:00
bde
d194d95de3 Removed definition of _NEW_VFSCONF. The new vfsconf interface is now 
the default.
 1998-01-20 10:40:18 +00:00
peter
3fef32ccfc This has always bugged me. At single user, the implied example it gives 
is not valid - it says that "sh" is the default, but you can't
actually type "sh" at this prompt - it has to be /bin/sh or some other
full pathname.
 1997-10-10 12:14:48 +00:00
davidn
c43f12647c ".if exists(${CURDIR}/../../secure)" rather than testing relative to the 
object directory.
 1997-08-18 03:32:09 +00:00
davidn
4d58ef4a52 Test that rc.shutdown exists before attempting to run it - silently 
return success if it doesn't to prevent any unwanted error msgs.
 1997-08-18 01:40:12 +00:00
ache
729863a7d7 runshutdown(): get rid of getdtablesize loop, it gains nothing now 
but can waste time if many descriptors are available
 1997-08-06 16:34:51 +00:00
ache
f1950e7c84 rc.shutdown fixes: 
1) revoke -> HUP
2) controlling terminal already present
3) add missing setprocresources call
 1997-08-06 16:07:52 +00:00
davidn
4853c7909e Add /etc/rc.shutdown capability to init. 
Add sample /etc/rc.shutdown (which is just a shell for now).
Submitted by:	Ollivier Robert <roberto@keltia.freenix.fr>
 1997-08-02 00:22:52 +00:00
ache
8a20d1648e Move logwtmp(shutdown) call before any real action in death(). 1997-07-08 11:51:11 +00:00
ache
6481ab2428 1. Replace malloc+bzero by calloc 
2. Revoke internal active session list only now, not whole /etc/ttys
 1997-07-05 19:36:55 +00:00
ache
ecb9791fb8 Add -D_NEW_VFSCONF to eliminate compilation warning 1997-07-05 19:34:51 +00:00
ache
d1c5187363 death: revoke all lines listed in /etc/ttys instead of sending HUP 
to all processes
 1997-07-04 22:09:07 +00:00
ache
a7978d47a0 Include <libutil.h> instead of private declarations 1997-07-03 11:37:43 +00:00
ache
02eb0bec22 Remove unneded cast in login_getclassbyname which cause warning 1997-07-02 13:53:31 +00:00
pst
4446f86910 Attempt to open the device for reading before actually adding the device 
to the session list.  If the device comes back as unconfigured, just
ignore that line in /etc/ttys.  If someone HUP's init, we'll try again.

This change stops getty's from hanging on vty and sio ports that don't
exist, either due to LKM drivers not being loaded, or probes failing.
Reviewed by:	bde
 1997-06-28 08:18:29 +00:00
charnier
d38cb4b71e Use err(3). 1997-06-13 06:24:42 +00:00
mpp
36d0320a68 Be more specific as to which flags may not be turned off when the 
system is running in secure mode.

Obtained from: NetBSD PR# 3299
 1997-04-01 20:41:04 +00:00
phk
7cc377fa7f Fix mount call for devfs. 
Submitted by:	bde
 1997-03-30 09:22:41 +00:00
peter
4997d39dce Revert $FreeBSD$ to $Id$ 1997-02-22 14:40:44 +00:00
dg
4a6e8413e8 Protect from stack overrun via /etc/ttys, which could possibly allow a 
root user to change the securelevel. Pointed out by Thomas H. Ptacek
<tqbf@enteract.com>.
 1997-02-19 08:04:58 +00:00
markm
d515c432d5 Part two of a "fix-and-move". There were some macros declared in ../sbin's 
Makefile that were a) broken and b) bogusly placed. This brings the
repeared macros in.

Pointed-out-by:	BDE
 1997-02-10 17:44:34 +00:00
adam
b386c04896 typo 1997-01-22 12:38:40 +00:00
davidn
4074666461 Style police. 1997-01-22 02:07:55 +00:00
davidn
a9de8ad809 Impose login_cap resource limits on processes started by init. 
/etc/rc started with "daemon" settings.
	"window=" started with "default" settings
	gettys started with "default" settings.
This should open the way to junk kernel options MAX_{OPEN,CHILD}
and the corresponding sysctl vars.
 1997-01-19 16:49:13 +00:00
jkh
9c0cd3f9df Make the long-awaited change from $Id$ to $FreeBSD$ 
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
 1997-01-14 07:20:47 +00:00
wosch
e902881dbf Sort cross references. 1997-01-13 00:25:51 +00:00
phk
6ba2e6cdb9 If passed the -d flag, mount devfs on /dev 1996-10-28 11:03:19 +00:00
bde
945be221b0 Rewrote the section about the "normal" setting of the security level to 
match reality.

Say that secured devices `may not be opened for writing' instead of
`are read-only'.
 1996-10-12 15:37:23 +00:00
bde
218243765f Fixed DPADD. 1996-09-05 17:16:10 +00:00
markm
6eee7b4f63 Better method of choosing libdescrypt/libscrypt. 1996-05-04 08:16:20 +00:00
mpp
dfbf6cbddc Correct some man page xrefs, and some other minor changes to bring some 
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
 1996-04-08 04:18:31 +00:00
joerg
25b4d85c19 The DES-based init(8) belongs to the "des" distribution. 1996-02-13 09:12:10 +00:00
dima
489fa148a1 If root does not have a password, `init' should not ask to enter it. 
otherwise it's not possible to get into single-user mode, if root
does not have password and console insecure.
 1995-11-10 07:06:59 +00:00
phk
5e807c6843 Define TRUE & FALSE rather than depending on bogus #includes. 1995-10-29 09:44:09 +00:00
bde
40da5d871c Fix $Id$. 1995-10-03 15:11:11 +00:00