editor, in order to support specifying UFS2 as a newfs option.
(1) Support three different newfs types: NEWFS_UFS, NEWFS_MSDOS, and
NEWFS_CUSTOM. Don't mix up the arguments to them: you can't use
soft updates on an msdos file system.
(2) Distinguish adding new arguments to the newfs command line from
replacing it. Permit the addition of new arguments by the user for
NEWFS_UFS. If we entirely replace the command line provided by
sysinstall, call it NEWFS_CUSTOM. 'N' will now add additional
arguments; 'Z' will opt to replace the newfs command line entirely,
but will prompt the user with their current command line as a
starting point.
(3) Construct the newfs command line dynamically based on the options
provided by the user at label-time. Right now, this means selecting
UFS1 vs. UFS2, and the soft updates flag. Drop in some variables
to support ACLs and MAC Multilabel in the future also, but don't
expose them now.
This provides sysinstall with the ability to do more "in band" editing
of the newfs command line, so we can provide more support for the user,
but doesn't sacrifice the ability to entirely specify the newfs command
line of the user is willing to give up on the cushiness factor. It
also makes it easier for us to specify defaults in the future, and
define conditional behavior based on user configuration selections.
For now, we default to UFS1, and permit UFS2 to be used as the root
only on non-i386 systems.
While I was there, I dropped the default fragment and block sizes,
since newfs has much more sensible defaults now.
Reviewed by: jhb, marcel
Approved by: re
ia64 bits from: marcel
o Move nfs_reserved_port_only out of security profiles (where it was
set somewhat improperly) to the Security options menu directly.
Previously, the variable was set to true for Moderate, but not for
Extreme, which is at best inconsistent.
o Update the Security Profiles help file to remove reference to the
NFS reserved port.
o Note that the kernel currently defaults the sysctl to '0', but
sysinstall has changed it to '1' as a default as of late; however,
rc.conf sets the value to NO as the default. This change brings
them relatively into sync.
Sponsored by: DARPA, NAI Labs
conservative default, and actually prompt specifically for inetd rather
than handling it as a side effect of the security profile. Update the
help file to reflect this change.
o Rename "Fascist" to "Extreme" in the source code, to match the names
presented to the user.
o Remove portmap and inetd from profile management. Portmap is now
disabled by default, but automatically turned on if a feature requires
it (such as NFS, etc).
This is an MFC candidate for 4.4-RELEASE.
Reviewed by: freebsd-arch@FreeBSD.org
Approved by: re@FreeBSD.org
MFC after: 2 days
and also obey most of the rules of english in their construction.
Add a help screen for the security menu which gives the user a rough idea
just what the various security profiles do.
Applied modified patch, since ATA/ATAPI is the keyword nowadays.
PR: 16507
Submitted by: Dan Papasian <bugg@bugg.strangled.net>
No need for an OK since we can exercise our divine rights as docpersons
according to: jkh
more consistant in our use of the terms for differentiation between PC
partitions and traditional BSD partitions.
Submitted-By: obrien@cs.ucdavis.edu (David O'Brien)
I went over the code.
Add shortcuts for addUser and addGroup, documenting same.
Add a password field for adduser and use no-echo string field for it.
This requires my latest libdialog changes (in RELENG_2_2 or -current) to work.
obvious effects are that most of the automagically chosen defaults
will now be displayed while going through the menu, and an improved
error handling thanks to the more detailed error status reporting.
2.2 fodder, but i'll leave it to Jordan's review.
which will also need to be brought in before this screen will work.
Add some commentary about how the slip startup code is bogus.
Steal Joerg's loop for more properly closing all files and graft it into
the EHS startup. My loop was functional but more bogus.
