time, and this is used to reseed the random number generator at
boot time.
NOTE - this has no hope of working if you halt(); you need to
execute rc.shutdown to get the entropy stash.
- Remove unit numbers in config lines.
- Remove all of logger lines and add logstr lines for some cards. This
changes reduced file size from 84k to 45k.
- Use '/sbin/ifconfig $device delete' instead of /etc/pccard_ether_remove
which haven't merge from PAO yet.
- Cosmetic changes.
MAKE_foo for things like MAKE_KERBEROS etc. Use that. I managed to
confuse myself last time and made make.conf different to the code. ;-(
Reported by: Jun Kuriyama <kuriyama@FreeBSD.org>
wheel to trash logfiles is not exactly good security policy. There have
been several gid wheel holes in ports. Various other files were changed
as well (eg: the locate database were set to more restrictive modes (444)
by their generation scripts) so this should be safe for them. utmp and
wtmp are mode 644 already on all the systems we checked.
Submitted by: jkb
Reviewed by: kris
Seems to work great in the type II cf<->pccard adapter that came with
the card. Others have reported with different chipsets for the pccard
bridge that additional support is needed to make this card work with
the 3.3 volts it needs.
o The Shining PMIDE-ASC card is also used in Road Warrior's Bullet Drive, so
add that to the comments.
o Eiger Lab's fujitsu based ethernet card: EPX-10BT (thanks to Ryan Losh for
donating the card to the cause).
o Add place holder entry for the 3Com Megahertz 3CXEM556. It doesn't work
yet, but that will change in time.
I've seen some script kiddie tools out there that fake the timestamps
but don't preserve the inode number.
Note - this will cause a lot of output the first time it is run!
PR: 18947
Reviewed by: Sheldon Hearn <sheldonh@uunet.co.za>
(I had been busy for my own research activity until the last weekend)
Supported devices:
SB Midi Port (sbc + midi)
SB OPL3 (sbc + midi)
16550 UART (midi, needs a trick in your hint)
CS461x Midi Port (csa + midi)
OSS-compatible sequencer (seq)
Supported playing software:
playmidi (We definitely need more)
Notes:
/dev/midistat now reports installed midi drivers. /dev/sndstat reports
only pcm drivers. We need the new name(pcmstat?).
EMU8000(SB AWE) does not sound yet but does get probed so that the OPL3
synth on an AWE card works.
TODO:
MSS/PCI bridge drivers
Midi-tty interface to support general serial devices
Modules
time, I have no idea if there is equivalence of printf. So, stf
setup still depends on /usr. In addition, prefix(8) and gifconfig(8)
are in /usr/sbin. Should we move these into /sbin?
- Sync with latest stf behavior. Latest stf doesn't have link-local
address. And, latest stf is not gif but stf.
produced human-readable output. I like this, but it's certainly not
something to change willy-nilly without discussion. Revert to -k.
Anyway, the new variable allows folks to pick any units flag that
fits their fancy.
the command-line arguments to be used for the call to df(1) when
daily_status_disks_enable is set to YES.
The name of the new variable was chosen by the maintainer of our
periodic hierarchy, Brian Somers.
PR: 19631
The only change in the default functionality should be that
the output reports are slightly more verbose WRT files deleted.
Not objected to by: freebsd-arch
options. This allows you to set the standard dynamic port
assignment range prior to any network daemons (like named) starting
up, necessary if you are also using a firewall to restrict lower ports.
will be MFC'd in a few days
world as was our old way, rather than when building a kernel.
Some people do not like the new way, and the release building still assumes
modules are built with the world.
of perl man pages and site_perl directories for alpha and i386 in /usr/local,
and share/aclocal and share/doc/ja in /usr/local and /usr/X11R6.
Reviewed by: the ports list
Approved by: steve (alpha part)
2. Newbusify the driver.
3. Build as a module.
4. Use correct minor numbers when creating device files.
5. Correctly lock control characters.
6. Return ENXIO when device not configured.
Submitted by: Tor Egge <Tor.Egge@fast.no>
7. Fix the baud_table.
Submitted by: Elliot Dierksen <ebd@oau.org>
Note:
- the old driver still lives in src/sys/i386/isa, so that you can
revert to it if something goes wrong.
- The module does not detach very well. Attaching works fine.
patches to work properly). These are the ones I managed to save since
the first of the year. While I tried to make sure all the entries
would work, some of them were converted by hand from the PAO entries.
MELCO LPC3-TX (Hiroshi Yamashita-san <bluemoon@msj.biglobe.ne.jp>)
Allied Telesis CentreCOM LA100-PCM-T V2
(hideaki yoshimura-san <Hideaki_Yoshimura@YAM-YAMASYS5.ccgw.nec.co.jp>)
Planex FNW-3600-T (Satoru Sawada-san <sawada@angel.ne.jp>)
Planex FNW-3700-T (Shigeru Ishida-san <ishida@isl.intec.co.jp>)
ADVANTECH COMpad-32/85 (Kuo Chun Fan-san) (one of two ports)
TDK DN1280R (Toshihisa Eto-san <eto@clave.gr.jp> and
<masahiro@inet.isogo.yokohama.jp> Masahiro Higuchi-san)
Panasonic TO-CAF56K FAX/Data Modem (katsutoshi ito
<itokatsu@mns.lsi.melco.co.jp>)
NTT DoCoMo (formerly NTT Personal) Paldio 611S (Yoshihiko SARUMARU-san
<mistral@imasy.or.jp>)
KME (TAXAN ICD-400PN, etc.) (ncv not in tree yet) (HASEGAWA-san Tomoki
<thasegawa@mta.biglobe.ne.jp>)
WORKBIT Ninja SCSI series (nsp not in tree yet) (HASEGAWA-san Tomoki
<thasegawa@mta.biglobe.ne.jp>)
SMC EtherEZ Combo (Masanori Takeishi-san <marina@yaya.forks.co.jp>)
KANSAI ELECTRIC KLA-PCM/T (Hideaki FUKUI-san <hideman@infosakyu.ne.jp>)
Plus Two cards from Kazuya Kodama-san <kodama@rd.nacsis.ac.jp> which
were in the last commit.
Added two ata devices (Kazuya Kodama <kodama@rd.nacsis.ac.jp> in nomads)
Added CyQ've ELA-110E (mihira-san <sanpei@sanpei.org>)
The CyQ card doesn't have a PR number (yet).
Fix D-Link 660 entry (PR 1340, Annelise Anderson)
Add more comments to very generic pcmcia ethernet card
entry (PR 17006, Georg Graf)
Add Linksys EtherFast 10/100 Intergrated PC Card (PCM100) (private mail
from Sean O'Connell)
PRs: 17006, 13402, 17992
batch the rest:
Add EXP DVD-780 DVD rom drive (brian reichert)
Generic cdrom (???)
Two modems eicon DIVA and com1 mc218 from oliver breuninger
Farallon SkyLINE (Dirk-Willem van Gulik)
Nits to the xe cards for xe driver!
maintained, and has been replaced by msun. The libm sources
shouldn't be removed just yet as there are parts that should be
merged into msun first.
PR: misc/17848
Discussed with: phk & bde
from the sys Makefile's SUBDIRs. This is conditioned in make.conf by the
NO_MODULES variable and the existence of the modules directory. The
actual location of the modules is not modified. Changes in Makefiles
only, this does not affect Peter's recent changes.
Reviewed by: Peter Wemm, who warned me I would get some flack, and
he had the good idea for the NO_MODULES variable.
/dev/xxx and one /dev/rxxx. This changes them to a hard link so that
less inodes are consumed and so that the permissions are always in sync.
There are lots more of these still.
scripts may use to source safely overrides in ${rc_conf_files}
files.
This protects users who insist on the bad practice of copying
/etc/defaults/rc.conf to /etc/rc.conf from a recursive loop
that exhausts available file descriptors.
Several people have expressed interest in breaking this function
out into its own shell script. Anyone who wants to embark on
such an undertaking would do well to study the attributed PR.
PR: 17595
Reported by: adrian
Submitted by: Doug Barton <Doug@gorean.org>
purpose of the hook was to provide the ability for a shell program to
instantiate the firewall rules instead of forcing them to be
statically coded. This functionality was already present through the
use of ${firewall_script}, and I see no need to keep the
${firewall_type} hook around.
Reminded by: Dag-Erling Smorgrav <des@freebsd.org>
symlinks to fd/0, fd/1, and fd/2 respectively. This will make
things easier for upcoming changes to fdesc (and does not break
anything for the current state of things) and hopefully its
position as the replacement for our existing static /dev/fd nodes.
Suggested (and reviewed) by: phk
of forcing them to be an 'ipfw' rules file. This allows one to
determine interface addresses dynamically, etc. The rule is if the
file referenced by ${firewall_type} is executable, it is sourced, but
if it is just readable, it is used as input to 'ipfw' like before.
for pccardd.
Please install /etc/defaults/pccard.conf and update /etc/defaults/rc.conf
as well.
Note that old pccard.conf.sample still remains for while but
no longer to be maintained.
Reviewed by: imp, -mobile ML and nomads ML in Japan.
reserve, in maximal NFS packets. Originally only 2 packets worth of
space was reserved. The default is now 4, which appears to greatly
improve performance for slow to mid-speed machines on gigabit networks.
Add documentation and correct some prior documentation.
Problem Researched by: Andrew Gallatin <gallatin@cs.duke.edu>
Approved by: jkh
have set me. This goes from now back to sometime in January 2000. Last
years' entries might result in more. But it will need to wait for another
time.
o XJEM3288 entry (Ron Rosson <insane@lunatic.oneinsane.net>)
o Fix Xircom CreditCard Modem 56 entry ("Juriy Goloveshkin <juriy@avias.com> ")
o Add pcmcia cd-rom entry from juriy as well, even though it doesn't work
o Add Intellegent Modem (sos)
o 3C562 entries (Marat Fayzullin <fms@cs.umd.edu>)
o Digiteam expresso modem (joerg_wunsch)
o RFI Hotline serial card (joerg_wunsch)
o EP401 Ethernet (jkoshy)
o Novatel wireless modem (nsayer)
o Intel modem 2400+ (aka US Roboitcs Worldport 14400) (sos)
o Option I18n GSM fax modem (markm)
o Toshiba SLIMV90 (roberto)
o Comment out display of fortune by default.
o Synch root's .cshrc/.login and non-root's .cshrc/.login in terms of
gratuitous variables set (EDITOR).
o Remove some commented out variables set inconsistently or gratuitously,
such as Interviews settings, 8-bit German locale for root only.
o Synchronize comments in header, as well as references to appropriate man
pages.
o Remove MANPATH setting as apparently /etc/manpath.config does all that
already.
Similar changes probably need to be made in other dot.* files for root
and skel, as all of these files seem to set different aliases, environmental
variables, prompts, and have different semantics.
As a result of this patch, leaving aside the setting of a special prompt
for root, users of csh and tcsh should find similar environments when
logging in or su'ing to any account using that shell.
Reviewed by: asmodai, nbm, will
On a K6-2/450 with fairly fast SCSI disks, building+installing src/share/
takes 2m51.3s, where src/share/doc/ is 1m9.9s of that.
However on a slow Alpha (233MHz) the times are 7m39.3s and 4m58.3s
respectively.
This commit allows one to speed up their build time, without not getting
any important and required changes if one used "NOSHARE".
driver that they use, followed by the MFG CIS string, followed by the
model CIS.
Future entries *WILL* follow this convention, or I'll be grumpy.
Please let me know if this messes anybody up. There were one or two
pentries that were duplicated. Some were removed since they were
identical, others were left in place.
Approved, in principle, by the nomads mailing list.
new sample database files, so that they will be installed with make
distribution. NOSPAM probably ought to be renamed to MAIL.
Reviewed by: peter
Approved by: jkh
as well as rename access.txt back to the standard access. Also modify
the Makefile to know how to build hashes for each of these databases.
If one of the databases is missing when Make is run, use a commented
out version of the sample.
Reviewed by: peter
Approved by: jkh
- 6to4(stf) interface configuration.
- Static route configuration.
- Comment additions.
- Replaced a still existed '@' to '%' in IPv6 scoped addr format.
(This became necessary as previous IPv6 scoped addr format change.)
Much thanks to ume, who helped me reviewing, testing, and finding problems
with these changes.
Approved by: jkh
Reviewed by: ume
to avoid error messages printed on /var/log/messages.
Recently added "stf" interface has IFF_MULTICAST bit set,
because IPv6 don't work on non IFF_MULTICAST set interfaces
in current implementation.
But "stf" interface is multi-dest IPv6 over IPv4 tunnel, so
can't treat multicast packet with no special configuration.
On the other hand, tools like "rtadvd", "pim6dd", "pim6sd"
send messages on IFF_MULTICAST set interfaces by default.
So there will be many bogus error message on /var/log/messages,
that multicast packets sent to "stf0" failed.
So,
-strip "stf0" from rtadvd sending interfaces in rc.network6
("rtadvd" is a daemon used only for local subnet, so it
will never need to send its packets over "stf0" interfaces.)
-Add default configuration files for "pim6dd" and "pim6sd",
and disable "stf0" in those files.
Approved by: jkh
modem side of my Xircom CreditCard Ethernet+Modem 33.6. Eliminate bad
Xircom entry. Complete IBM Push/Pop Modem(14.4 -> Push/Pop
Modem(14.4K).
Approved in concept by: jkh
o Correct Entry for Intel EtherExpress (jkoshy)
o Add Option International 56K modem (markm)
o Socket LP-E low power WinCE ethernet card (imp)
Correction approved by: jkh
Adding devices approved in principle by: jkh
even simple things like md5 and ping aren't in your path. This patch
moves the custom root-path setting from .login to .cshrc, so that users
who su to root get a decent (and consistent) path. An appeal to change
/etc/login.conf to provide a decent path for all users seems to have been
vetoed for the time being. As a result, users will still, by default,
not find ping or md5 in their path. However, at least root gets a decent
default now.
Reviewed by: asmodai
Approved by: jkh
o use ata2 consistanty, even though it doesn't matter too much
o SunDisk (aka SanDisk) SDP's need a different config to actualy work
(tested on the 10M part) by me.
o Non-name ata card.
o WIT IDE controller
o IBM FLASH card
o Megahert 28.8 cellular modem that I thought I'd added before.
o LinkMake LM 336 combo modem/fax.
Submitted by various people and gleaned from the nomads and mobile
mailing lists, but I've lost the names. I'm sorry.
Also enable some standard IPv6 apps by default.
These entries will be simply ignored on systems with no INET6 defined.
Approved by: jkh
Suggested by: peter
interfaces passed to rtadvd
-Comment out example sentences more completely
-Redirect error message of ifconfig output into /dev/null, to correctly
find out working IPv6 interfaces
Approved by: jkh
Initial version created by, and kindly much tested by:
bmah@CA.Sandia.GOV (Bruce A. Mah)
Approved by: jkh
Reviewed by: bmah@CA.Sandia.GOV (Bruce A. Mah),
Ollivier Robert <roberto@keltia.freenix.fr>
Obtained from: KAME project
MAKEDEV all, making DHCP on multiple interfaces happier, and allowing use
of tcpdump to to debug DHCP, without creating more devices.
(we need devfs)
Modify MAKEDEV to create four tun devices in MAKEDEV all as well, since
we're being gratuitous with network pseudo-devices.
(we need devfs)
Approved by: The Hubbard
action when denying access to a service. Unfortunately, this also makes
a dandy denial-of-service attack possible. Change to just log the event
and shoot a "go away" response back down the socket.
S/Key authentication for ftpd was not working due to ftp implementation and
/etc/pam.conf missmatch.
So add ftpd entries into /etc/pam.conf.
Reported by: "Jose M. Alcaide" <jose@we.lc.ehu.es>
Approved by: jkh
Reviewed by: markm
interface on the dhclient command line. Not doing so screws up vmware's
network interface by attempting to configure it for DHCP (which will
never work, of course). It also would impact any other interface that
may be present that, again, would likely be manually configured for
some other purpose.
Approved by: jkh
strictly a security hole, but neither is it a very good idea. Replace
it with a symlink to /dev/null to happify programs that expect it.
It is suggested that users of the jail environment modify the jail's
syslog.conf to not send stuff to /dev/console, but instead syslog
it somewhere else. Such as a loghost, potentially even to the host
environment's syslog.
Approved by: jkh
/etc/Makefile so that if it is defined, MAKEDEV all is not called
during a make distribution. This helps clean up the messy userland
in jail(), by reducing the number of devices exposed in jail.
Modifications to jail(2) to follow.
Approved by: jkh-arius
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.
Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism. Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.
Approved by: jkh
Reviewed by: freebsd-security
Reviewed by: joerg
The isdnd is able to listen on a socket for isdnmonitor to connect to
it to remotely control it (similar to ppp and pppctl). When this is
enabled in the isdnd config file, it will fail currently because isdnd
is started before the network interfaces are configured.
It is necessary to move the isdnd start after the ifconfig of the network
interfaces, then this problem will not occur.
happen with a keyboard and monitor the console change was not as needed
in the i386 case as the Alpha case. IMO >50% of Alpha installs are using
a serial console, the change matching rev 1.7 should not be backed out.
devices because accessible by group wheel instead of group operator.
Didn't fix fishy group for rsa*.ctl. This device should have group operator
if that is safe, or mode 600 and group wheel.
Removed ssc and uk*.
Removed bogus (redundant) chmod's to 600.
# Apollo PCMCIA Ethernet Adapter
# Olicom OC2220
# National Semiconductor InfoMover NE4100
I forgot who submitted the first two, but the third one was submitted
by Jim Bloom.
draft-manning-dsua-01.txt.
Stop using public addresses as samples and use the recommended
192.0.2.0/24 netblock that has specifically been set aside for
documentation purposes.
Reviewed by: readers of freebsd-security did not respond to a request
for review
o Fix entry for Megahertz XJ4336-CC4336. Old config (sio1) seems
conflict with IrDA port or COM port on some laptop and sometimes
totally hang up after insertion.
o Add 'NTT DoCoMo Mobile D Card 96P1' which is used by many
people in Japan.
Reviewed by: imp
that it does not reset the printer when opened. This fixes the problem
of printing a document almost till the end and then resetting the
printer when the next print job is started.
Submitted by: Christopher Masto <chris@netmonger.net>
Also, remove all but the ums0 device from the fixit target 'to save
precious i-nodes on the fixit floppy'.
o Make sure every entry has a logger event on insert/delete
o Make sure that the order of loggers is consistant
o Add D-Link DEF-650
o use /sbin/ifconfig consistantly
o Add Elecom Laneed LD-CDE, NTT DoCoMo Paldio 321S and 341S
(from shige@FreeBSD.org)
We were supposed to get these in far earlier and didn't, hence
the commit after feature freeze. A promise is a promise. :)
Submitted by: Sascha Schumann <sascha@schumann.cx>