- Use pool.ntp.org servers where possible, thanks to
Chuck Swiger <cswiger at mac dot com> .
- Update list of Swedish NTP servers, thanks to
Fredrik Lindberg <fli+freebsd-current at shapeshifter dot se> .
PR: bin/75479
MFC after: 1 day
the NTP server list.
The servers are by Internet Multifeed Co., and connected to their
IX service JPNAP. It would be a good NTP server for machines in Japan.
See also http://www.jst.mfeed.ad.jp/ for more details (Japanese only).
Reviewed by: nork
concensus seems to be that is best left for doing post-install.
Discussed on: freebsd-current@
Tested with: make release
Approved by: re@
MFC after: 3 days
to get used to the fact that Perl is no longer part of the base system.
It is practically impossible to install any useful package and not get
Perl automatically pulled in as a dependency. So the typical user will
get their Perl.
This change greatly reduces the amount of manual labor in building the
miniinst.iso in release building.
contents of /usr/src/rescue. Until now, the files were shipped with
releases but sysinstall would ignore them (resulting in a non-buildable
source tree).
Sanity checked by: jhb
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.
Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004
installation as far as most people are concerned but both 'Standard' and
'Select' begin with S and 'Select' is winning. This makes it so 'Select'
is not select-able using a keystroke but that is probably for the best
and the text on the screen adequately describes how to move back and forth
between 'Select' and 'Exit'.
Adapted from work by: josef@
PR: i386/37999
MFC after: 1 week
(Lite Edition) respectively. These "lite" packages are streamlined to
provide users with the core essentials for each desktop and to fit on the
release disc 1.
Approved by: re (scottl)
permitting the administrator to select a securelevel top operate
at. Include a helpfile summarizing some of the information from
init(8). This allows for explicit configuration of securelevels,
which was previously implicit in Security Profile selection.
Currently, there are no checkboxes for the active securelevel,
because sysinstall's facilities for deriving "current settings"
from rc.conf may use only one variable, not two, and I opted for
the simplest approach at this point.
Approved by: re (scottl)
selection is used to drive two configuration parameters:
(1) Default enable/disable for sshd
(2) Default enable/disable for securelevels
Replace this with an explicit choice to enable/disable sshd. A
follow-up commit will add a configuration option to the Security
post-install configuration menu to set the securelevel in rc.conf
explicitly. This should reduce the level of foot-shooting associated
with accidental enabling of securelevels, make the nature and
implications of the securelevel configuration options more explicit,
as well as make the choice to enable/disable sshd more explicit.
Approved by: re (scottl)
archaic at this point in time. Pretend nobody runs FreeBSD 1.x anymore
in order to not confuse people needlessly.
Laplink support probably doesn't even work at this point in time anyway...
This option adds Postfix and Exim to the list, however, qmail is not added
due to license restrictions.
Collaborated with: Simon L. Nielsen <simon@nitro.dk>
Reviewed by: jhb, re@, -audit.
'base' dist rename.
- Rework struct dist to allow for different types of dists. There are
currently three types of dists: DT_TARBALL, the traditonal gzipped and
split tar file; DT_PACKAGE, a package; and DT_SUBDIST, a meta-dist in
the tree that has its own array of dists as its contents. For example,
the 'base' dist is a DT_TARBALL dist, the 'perl' dist is a DT_PACKAGE
dist, and the 'src' dist is a DT_SUBDIST dist with its own dist table
that contains 'sbase', 'ssys', etc.
- Add helper macros for defining array entries for the different types of
dists to try and make the statically defined dist table in dist.c more
readable.
- Split the logic to deal with a DT_TARBALL dist out of distExtract()
and into its own distExtractTarball() function. distExtract() now
calls other functions to extract each dist.
- Tweak the percentage complete calculation in distExtractTarball() to
do the multiply prior to the divide so it doesn't have to use floating
point.
- Axe the installPackage() function along with the special handling for
the perl and XFree86 dists in distExtractAll() since distExtract()
handles package dists directly now.
- Add back in subdists for the X packages based on the split up packages
that XFree86-4 uses that as closely map to the X dists we used with
X 3.3.x.
- Lots of things like distSetX() and the X dist masks are no longer
#ifndef X_AS_PKG since we use them in both cases now.
- Make the entire installFixupXFree() function #ifndef X_AS_PKG, we only
call it in that case anyways, and it's not suitable for the X_AS_PKG
case.
- Add in X dist menus for the X_AS_PKG case.
Approved by: re
rather than installX11package().
- Add a perl psuedo-dist that installs the perl package. The perl
distribution is selected by default when a User distribution set is
selected. It is not selected when a Minimal distribution set is
selected. The perl distribution may be toggled manually in the
custom menu just as other distributions.
Approved by: re
WITH_SYSCONS is defined.
- Only define mouse menus and mouse menu items if WITH_MICE is defined.
- Use WITH_SLICES instead of explicit lists of architectures to control
the layout of menus dependent on if slices are used on this arch or not.
- Only include the linux startup option if WITH_LINUX is defined.
- Only include the SVR4 startup option on i386. It doesn't work on sparc64,
and it is debatable that it even works on i386.
- Change the OSF1 startup option to execute configOSF1() instead of just
setting the variable so that /compat/osf1 gets created.
Tested on: i386, alpha, sparc64
Approved by: re
the two GNOME 1-based alternatives.
While here, note that a majority of the items in this menu are not
sentences, and remove trailing dots to make the remainder consistent.
Reviewed by: marcus
Approved by: re (bmah)
- Disabled 'Syscons, Font', 'Syscons, Screenmap' and 'Syscons, Ttys' menus
on pc98.
- Fixed the MenuMouseType and MenuMousePort menus for pc98.
- Fixed some comments for pc98.
something applies to. So change #ifndef to an explicit list of defines.
* Treate sparc64 and ia64 as 64-bit platforms, which means larger roots.
* sparc64 should halt back to the firmware, not reset.
* sparc64 doesn't need to play MS-DOS/BIOS partition crap games.
Reviewed by: jake
so know we have proper PKG registration and dependency information.
This is a WIP for 5.0 DP #1, so it is still rough around the edges and
does not GC the old XFree86 3.3.6 handling stuff that should be GC'ed.
Sponsored by: FreeBSD Mall, Inc.
While I'm here, make the menu entries on the documentation menu begin
with "1" instead of "2".
Reviewed by: imp, rwatson, murray
Approved by: imp, rwatson, murray
MFC after: 1 week
o Move nfs_reserved_port_only out of security profiles (where it was
set somewhat improperly) to the Security options menu directly.
Previously, the variable was set to true for Moderate, but not for
Extreme, which is at best inconsistent.
o Update the Security Profiles help file to remove reference to the
NFS reserved port.
o Note that the kernel currently defaults the sysctl to '0', but
sysinstall has changed it to '1' as a default as of late; however,
rc.conf sets the value to NO as the default. This change brings
them relatively into sync.
Sponsored by: DARPA, NAI Labs
and pull configSecurityProfile under that menu. Add a menu option
to determine whether LOMAC is enabled at boot. Probably, eventually,
many of the 'Security Profile' menu choices should be pulled out
independently into the Security Menu, so as to make them individually
selectable.
Sponsored by: DARPA, NAI Labs
useful for post install configuration or other cases that might not be
handled by usb.c. (usb.c already sets usbd_enable iff sysinstall
detects usb during install).
PR: bin/18946
Submitted by: Peter van Heusden <pvh@egenetics.com>
Reviewed by: jhb
post-configuration "Startup" menu. In the event that diskcheckd is
removed, this can easily be trimmed also; in the mean time, it allows
diskcheckd to be easily disabled using our documented management
tool
conservative default, and actually prompt specifically for inetd rather
than handling it as a side effect of the security profile. Update the
help file to reflect this change.
o Rename "Fascist" to "Extreme" in the source code, to match the names
presented to the user.
o Remove portmap and inetd from profile management. Portmap is now
disabled by default, but automatically turned on if a feature requires
it (such as NFS, etc).
This is an MFC candidate for 4.4-RELEASE.
Reviewed by: freebsd-arch@FreeBSD.org
Approved by: re@FreeBSD.org
MFC after: 2 days
post-install config, reduce the potential confusion from the existence
of both configTTYs and configTtys by renaming configTTYs to
configEtcTtys. While this is not a C naming conflict, it was probably
a poor choice of names on my part.
system installation process. This allows users installing via serial
console to enable serial console login during the installation
process using an un-customized install. The user is not prompted to
modify /etc/ttys during a normal install, but is offered the
opportunity during post-install configuration.
- Introduce configTTYs(), which describes the benefits of editing
/etc/ttys, and asks for confirmation before spawning the editor.
- add configTTYs to the post-install configuration, as well as to
the global configuration index.
by providing the opportunity to edit inetd.conf during the system
installation process. The following modifications were made:
(1) Expand the Anonymous FTP description dialog to indicate that inetd
and ftpd must be enabled before it can be used.
(2) Introduce a new configInetd() pair of dialogs, the first describing
inetd, giving a couple of examples of services that require it, and
hinting at potential risk, then asking the user if they wish to
enable it. The second indicates that inetd.conf must be configured
to enabled specific services, and asks if the user would like to
load inetd.conf into the editor to modify it. Add this
configuration action to the index.
There are some further improvements that might be considered:
(1) Provide a more inetd.conf-specific configuration tool that speaks
inetd.conf(5). However, this is made difficult by the "yet another
configuration format" nature of inetd.conf, as well as its use of
commenting to disable services, rather than an in-syntax way to
disable a service without commenting it out. Submissions here
would probably be welcome.
(2) There's some overlap between settings in the somewhat obtuse
Security Profile mechanism and other settings, including the inetd
setting, and NFS server configuration. As features become
individually tunable, they should probably be removed from the
security profile mechanism. Otherwise, somewhat counter-intuitively,
sysinstall (in practice) queries multiple times whether inetd, nfsd,
etc, should be enabled/disabled. A possible future direction might
be to drive profiles not by degree of paranoia, rather, the set
of services desired. Or simply to remove the Security Profile
mechanism and resort to feature-driven configuration.
Reviewed by: imp, chris, jake, nate, -arch, -stable
