Commit Graph

3282 Commits

Author SHA1 Message Date
Takeshi Shibagaki
e5f0e62f96 Add new entry PLANEX GW-NS11H(PRISM3.0).
Submitted by [bsd-nomads:16322] Yasufumi Susuki <yasu@triaez.kaisei.org>
2002-05-29 21:16:51 +00:00
Peter Wemm
148c11ac62 Update g++ include subdirs 2002-05-29 00:46:33 +00:00
Warner Losh
51cf186eab Correct US Robotics Wireless Card 2410 entry 2002-05-24 15:28:38 +00:00
Gregory Neil Shapiro
34925ba6f7 Add a new make.conf knob, SENDMAIL_MAP_PERMS, which specifies the
permissions to use for alias and map database files built by
/etc/mail/Makefile.  The default is 0640 to assist users in avoiding
a file locking local denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:46:39 +00:00
Gregory Neil Shapiro
519c4f1816 Change the default permissions for the sendmail statistics file to 0640
instead of 0644 to help protect users against a file locking local
denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:44:53 +00:00
Gregory Neil Shapiro
b9888709dd Add a warning regarding localhost-only listening daemons inside jails.
Apparently binding only to 127.0.0.1 inside of a jail actually binds
to the jail IP address as well (in effect, bind to all available
interfaces in the jail).

Submitted by:	Helge Oldach <test-smtp@oldach.net>
MFC after:	1 day
		pending RE approval
2002-05-22 16:37:32 +00:00
Ruslan Ermilov
37d1dbf01d Build sccs(1) docs. 2002-05-22 11:55:47 +00:00
Ruslan Ermilov
0c2fe74da8 Added share/doc/[pu]sd entries.
Reviewed by:	grog
2002-05-22 10:38:25 +00:00
Gregory Neil Shapiro
b943c00ef4 There are still many broken nameservers out there in the wild. Even
though I would personally prefer to see the broken nameservers fixed
instead of standards compliant applications work around them, I can't
force FreeBSD users to help fight that battle.

Submitted by:	Damon Anton Permezel <dap@damon.com>
MFC after:	2 days
		pending RE approval
2002-05-21 02:02:23 +00:00
Gordon Tetlow
e21fb30dce Explictly set kerberos_stash to NO instead of blank. While we are at it,
fix a comment that suggested setting ipv6_ipv4mapping to blank. This
will aid in merging with rcng which requires all veriables to be
explicitly set.

Submitted by:	Mike Makonnen
MFC after:	1 week
2002-05-20 05:26:44 +00:00
Mark Murray
ccde38c38d Remove Perl and TCL/TK bits, neither of which are in the base system
(anymore).
2002-05-18 14:27:17 +00:00
Ruslan Ermilov
7662944182 Sigh, this README is not a shell script. 2002-05-18 12:37:19 +00:00
Ruslan Ermilov
0db47a7c6c Remind developers to update hier(7) if they make changes to these files. 2002-05-18 12:35:10 +00:00
David E. O'Brien
2582d4d13f We haven't needed libg++ since 1999-04-04 (pre 4.0). 2002-05-18 05:38:31 +00:00
Gordon Tetlow
6395b411cb Fix the order of shutdown scripts so it not only reverses the order of the
files in each ${local_startup} directory, it also reverses the order of the
directories.

Suggested by:	jhb
Reviewed by:	jake
Approved by:	dougb
MFC after:	1 week
2002-05-18 00:26:10 +00:00
Brian Somers
9e280368ad Temporarily change our umask to 066 so that the potential creation
of wtmp.0 is done as mode 600.

This ensures that tight permissions set in /etc/newsyslog.conf for
wtmp logging aren't ``betrayed''.

Suggested by:	lumpy <lumpy@the.whole.net>
MFC after:	3 days
2002-05-17 14:05:08 +00:00
Brian Somers
740b91b560 Change `dmesg -a'' to `dmesg''.
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.

However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.

MFC after:	3 days
2002-05-17 13:38:36 +00:00
Brian Somers
db1d04d6d9 Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}
Problem reported by:	lumpy <lumpy@the.whole.net>
MFC after:		3 days
2002-05-17 11:34:12 +00:00
Brian Somers
afa3985979 Return 3 unless $daily_status_security_enable != YES.
Returning $? masks security output when ``periodic security'' is successful !

MFC after:	3 days
2002-05-17 11:31:45 +00:00
Mark Murray
f365887c6c No need to build perl dirs anymore. 2002-05-16 09:29:40 +00:00
Ruslan Ermilov
f82979375c MF4: sync with RELENG_4 version as much as possible. 2002-05-16 08:06:07 +00:00
Tom Rhodes
db4f576472 Consistancy, file system > filesystem 2002-05-16 02:10:03 +00:00
David E. O'Brien
567924ccb9 Time to enter modern age and default to NFS version 3. 2002-05-15 22:24:29 +00:00
Jacques Vidrine
dfc4c48df7 It is dangerous to use globbing like so in startup scripts:
rm -f /tmp/.X11-unix/*

If /tmp/.X11-unix didn't already exist, a user could symlink it to a directory
with files that he wants to wipe out, and wait for next reboot.

Reported by:	lumpy <lumpy@the.whole.net>
2002-05-08 14:47:44 +00:00
Gregory Neil Shapiro
8b637659da Fix typo.
Submitted by:	Marius Strom <marius@marius.org>
MFC after:	1 day
		and RE approval
2002-05-08 05:17:46 +00:00
Dag-Erling Smørgrav
a87cdc1598 Use pam_lastlog(8)'s new no_fail option.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:33:02 +00:00
Michael C . Wu
b9d862a225 This is two new entries for Taiwanese 16bit PCMCIA cards.
The Blue Concentric CF 802.11b card is a compactflash form-factored card
that does 802.11b, including 128bit encryption.
The Zonet modem pccard is a simple FAX/Modem card.

Both are sold in Guang-Hua Market in Taipei, and functions perfectly
with -current and -stable.
2002-05-07 16:50:15 +00:00
Brian Somers
9472aac628 Fix the output when daily_status_mailq_shorten is set to YES
PR:			23766
Mostly submitted by:	lambert@ssabsd.csw.net
MFC after:		3 days
2002-05-07 13:11:05 +00:00
Maxim Konovalov
44ded06713 Include 'www' in the list of forbidden ftp users.
Reviewed by:	sheldonh
MFC after:	3 days
2002-05-07 11:07:39 +00:00
Crist J. Clark
f5a8f1482c Remove leading whitespace from the setuid file lists.
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."

PR:		conf/37618
Reviewed by:	brian
MFC after:	3 days
2002-05-05 00:59:37 +00:00
Dag-Erling Smørgrav
05ade9be70 Add a PAM policy for rexecd(8).
Sponsored by:	DARPA, NAI Labs
2002-05-02 05:05:28 +00:00
Dag-Erling Smørgrav
48988cd4bd xdm plays horrid tricks with PAM, and dumps core if it's allowed to call
pam_lastlog, so add a dummy session chain to avoid using the one from
pam.d/other.  I assume gdm does something similar, so give it a dummy
session chain as well.

Sponsored by:	DARPA, NAI Labs.
2002-05-02 05:00:40 +00:00
Brian Somers
ee9336d9b7 Handle .bz2 files created by newsyslog
PR:			37529
Partially submitted by:	Peter Hollaubek <fifteen@inext.hu>
MFC after:		1 week
2002-04-30 17:07:32 +00:00
David Malone
d00a7c247a Don't use ISO_8859 when I should use ISO8859. 2002-04-29 20:57:36 +00:00
Dag-Erling Smørgrav
4b448ce5d5 Add no_warn to pam_lastlog. This should prevent xdm from dumping core
when linked with Linux-PAM.
2002-04-29 15:22:00 +00:00
David Malone
df374705d2 Add a French calendar.
PR:		32265
Submitted by:	Thierry Thomas <thierry@pompo.net>
MFC after:	1 week
2002-04-28 23:22:13 +00:00
Doug Barton
421ec878ab Remove reference to the TCP_RESTRICT_RST option, which was removed
over a year ago.

Small ws twiddle while I'm here.
2002-04-27 06:24:58 +00:00
Wes Peters
8373917257 Rename the file used to specify the nextboot to make it clear that this
is a loader configuration file and can be used for more than just a
kernel name.

Submitted by:	Gordon Tetlow <gordont@gnf.org>
2002-04-26 22:32:15 +00:00
Ruslan Ermilov
6bde859f40 Milestone #1 in cross-arch make releases.
Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.

Eliminate the need in the second installworld.  For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.

Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1.  Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).

Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).

In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.

Moved the creation of the "crypto" dist from release.5 to
release.2.

In release.3 and doMFSKERN, build kernels in the "world"
environment.  KERNELS now means "additional" kernels, GENERIC is
always built.

Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.

Inline createBOOTMFS target.

Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules.  GC doMODULES as such.

Assorted fixes:

Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".

Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.

gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.

release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists.  Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories.  This will be fixed
soon.

Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage.  Most of the userland makefiles did not test it for "YES"
anyway.

XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists?  (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)

Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.

Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
2002-04-26 17:55:27 +00:00
Wes Peters
1de372dcd4 Add a -k option to reboot to specify the kernel to boot next time
around.  If the kernel boots successfully, the record of this kernel
is erased, it is intended to be a one-shot option for testing
kernels.

This could be improved by having the loader remove the record of
the next kernel to boot, it is currently removed in /etc/rc immediately
after disks are mounted r/w.

I'd like to MFC this before the 4.6 freeze unless there is violent
objection.

Reviewed by:	Several on IRC
MFC after:	4 days
2002-04-26 07:31:04 +00:00
David E. O'Brien
01df2ec328 Change the name of the 'bin' distribution to 'base'.
This is done since it contains much more than /bin, and also gets in the
way when making a combined install+fixit CD.

OK'ed by:	jkh
2002-04-23 22:16:41 +00:00
Gregory Neil Shapiro
4a49265d15 sys.mk no longer includes bsd.own.mk so I need to include it here for
the definition of SHAREMODE.

Submitted by:	Udo Schweigert <Udo.Schweigert@siemens.com>
2002-04-23 17:08:08 +00:00
Maxim Sobolev
c1deb99469 Correct default value of drainwait: it should be 300 seconds, not forever.
PR:		37370
Submitted by:	Daniel O'Connor <doconnor@gsoft.com.au>
MFC after:	2 weeks
2002-04-23 08:26:50 +00:00
David E. O'Brien
8a57f7e245 Do not use 'ps -e' for entropy gathering. It uses /proc/*/mem to rummage
around *user* memory to extract the environment variable strings.  This
is problematic for us.

Submitted by:	peter
2002-04-23 00:05:48 +00:00
David E. O'Brien
c1ab4f157d Utilize dhcp information in the kernel environment if we don't have
hostname and DNS information already.

Submitted by:	Danny Braniss <danny@cs.huji.ac.il>
2002-04-22 21:42:18 +00:00
Sheldon Hearn
87d8c3b497 Bring in changes from smbfs-1.4.4. 2002-04-22 16:18:36 +00:00
Dag-Erling Smørgrav
d397408818 Usage style sweep: spell "usage" with a small 'u'.
Also change one case of blatant __progname abuse (several more remain)
This commit does not touch anything in src/{contrib,crypto,gnu}/.
2002-04-22 13:44:47 +00:00
Gregory Neil Shapiro
3bf762b7f6 Non-sendmail users use the FreeBSD sendmail startup functionality to start
alternative MTAs.  Therefore, always install rc.sendmail, regardless of
NO_SENDMAIL make.conf setting.  Users can still set mta_start_script to a
different script.

This commit is after a repo-copy of src/etc/sendmail/rc.sendmail to
src/etc/rc.sendmail.

Noticed by:	Calvin NG <calvinng@brel.com>
MFC after:	3 days
2002-04-21 20:32:28 +00:00
Crist J. Clark
aad6ba1940 Consistently use full pathnames for files, especially executables.
PR:		conf/37292
Submitted by:	Helge Oldach <send-pr@oldach.net>
MFC after:	3 days
2002-04-21 08:32:35 +00:00
Gregory Neil Shapiro
5b7a235bb6 In my continuing crusade to make life better for non-sendmail users, avoid
the creation of /var/spool/clientmqueue and therefore the need for the
smmsp user and group if NO_SENDMAIL is defined.  This required breaking out
the creation of the directory into a new BSD.sendmail.dist mtree file.

MFC after:	1 week
2002-04-20 19:00:11 +00:00