Commit Graph

1657 Commits

Author SHA1 Message Date
Mike Smith
a66325ee96 Add another modem (Psion Dacom)
Submitted by:	"Gary Palmer" <gpalmer@FreeBSD.ORG>
1998-12-15 02:57:30 +00:00
Matthew Dillon
0c2383102b More locale directory structure updates for DIS_8859-15 1998-12-14 08:06:57 +00:00
Matthew Dillon
b76ad1a32a Fix installworld, forgot directories for locale DIS_8859-15 1998-12-14 07:44:47 +00:00
Matthew Dillon
d749f6f64f Remove rc.local (now deleted from CVS tree) from Makefile. 1998-12-14 02:01:22 +00:00
Matthew Dillon
86fba2f5a6 Grrr. removed. backed out. sorry. 1998-12-13 04:38:28 +00:00
Matthew Dillon
0c7b9cbdb0 This needs to be commited now to fix usbd for make world 1998-12-13 04:31:15 +00:00
Matthew Dillon
416db1f243 Reviewed by: cvs-current
Delete rc.local from CVS tree, its remaining functionality has been
    moved to /etc/rc.  /etc/rc still supports an rc.local but it is now
    a 100% user-controlled file.
1998-12-12 23:05:22 +00:00
Matthew Dillon
d27356d803 Reviewed by: cvs-current
Commit changes to rc and rc.local, removing the remaining minimal
    functionality of rc.local into rc and commenting it out of rc.local
    prior to the deletion of rc.local from the CVS tree.
1998-12-12 23:04:21 +00:00
John Birrell
73c84e252e Back out revs 1.181 and 1.182 which upset a few people. I hope those
(3?) people will make an effort to help those who would have benefitted from
this change. And just telling them that they should read and understand
the significance of each message posted to -current is not really good
enough IMHO.
1998-12-12 22:00:49 +00:00
Doug Rabson
2d58f2447f Add directories for KLD examples. 1998-12-11 10:45:29 +00:00
John Birrell
62bf5779e7 Should be sysctl -n. Yesterday wasn't one of my better days. Doh.
Reported by: Ben Smithurst & Makoto Matsushita
1998-12-11 08:25:12 +00:00
John Birrell
1e8cf44a58 Change to the current directory before doing the install. I !love make. 1998-12-11 00:09:39 +00:00
John Birrell
ad06d8fc41 Add a test for hw.machine == i386 before trying to run ldconfig for
legacy aout support.
1998-12-10 08:06:59 +00:00
John Birrell
e151cd1901 Add logic to check if any of the BIN1 files do not already exist in
${DESTDIR}/etc and an install target to install the missing ones. This
allows new files like pam.conf to be installed by the first installworld
after the file is added, but avoid clobbering files that might be
customized. This should save some support questions.
1998-12-10 05:34:11 +00:00
Matthew Dillon
cc6fef08db Since we do not pre-create /etc/namedb/s, add additional documentation
to the comments in named.conf to describe to the user how to create it.
    (named.conf does not use /etc/namedb/s by default anyway so us not
    pre-created it in the mtree does not hurt us terribly).
1998-12-02 19:59:24 +00:00
Matthew Dillon
cc0130a2a3 Remove mtree creation of /etc/namedb/s until we find a good way
to handle new user id's in buildworld/installworld.
1998-12-02 19:57:20 +00:00
Andrey A. Chernov
559fcf9493 Use /sbin/nologin as shell for operator
Replace non-existent directory for operator with /
Supply by default operator with non-existent but can be created directory
and /bin/csh is kinda security risk
1998-12-02 15:17:10 +00:00
Matthew Dillon
822ef72a9d comsat sandbox prevents biff/comsat from being able to print partial
mailbox contents.  comsat instead simply prints that new mail is
    available.  Add appropriate comment to inetd.conf but leave comsat in
    sandbox.
1998-12-01 22:01:59 +00:00
Matthew Dillon
128272b8c5 Reviewed by: freebsd-current, freebsd-security
Adjust rc.conf to run named in sandbox, adjust mtree to add /etc/namedb/s
    subdirectory (user bind, group bind) to hold secondaries, adjust
    comments in named.conf to reflect new secondary scheme.  (Note that
    core read-only zone files are left owned by root, increasing security even
    more).
1998-12-01 21:36:33 +00:00
Matthew Dillon
ac48aa416a Added group bind(53), added sandbox users tty(4), kmem(5), and bind(53),
adjustd inetd.conf to run comsat and ntalk from tty sandbox, and
    the (commented out) ident from the kmem sandbox.

    Note that it is necessary to give each group access it's own uid to
    prevent programs running under a single uid from being able to gdb
    or otherwise mess with other programs (with different group perms) running
    under the same uid.
1998-12-01 21:19:49 +00:00
Joseph Koshy
8dbc5051b3 Direct std{err,out} to /dev/null when invoking sysctl(8) for setting
`nfs_access_cache_timeout'.

Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
1998-11-27 07:06:11 +00:00
Mike Smith
22d30a8a1b Don't suggest that NO is allowed here; you use "0" or "" to turn the cache
off.
Submitted by:	jdp
1998-11-25 21:16:43 +00:00
John Polstra
d08484e099 Add a sample "/etc/pam.conf" file that configures the authentication
methods used by login.  Changes to "/usr/bin/login" to use it will
be committed later today.  The format of the file is described in
pam(8).

This sample file makes login behave in the traditional way.  To
wit, it enables authentication via S/Key and passwd/NIS lookups.
KerberosIV authentication is present in the sample file but commented
out.

As a safety net and a transition aid, login will fall back on
built-in passwd/NIS authentication if this configuration file is
missing or if some other fatal PAM error occurs.

This file will eventually replace "/etc/auth.conf", but not until
I've finished converting the other utilities, such as passwd and su.
1998-11-20 23:20:01 +00:00
David E. O'Brien
4e6fcaf46f Bad default value of ${fs} for type:=host in /etc/amd.map.
PR:		conf/7054
Submitted by:	Amakawa Shuhei <amakawa@sf.t.u-tokyo.ac.jp>
1998-11-20 07:36:29 +00:00
John Polstra
ae5fd90c74 Add the directory "/usr/include/security", which is where the PAM
header files go.  I am not too happy about the name.  But if we are
to have any hope of being able to use 3rd party PAM modules, we'll
have to live with it.
1998-11-18 01:51:25 +00:00
Jordan K. Hubbard
ff6301aaf3 put hosts before bind. 1998-11-16 02:02:30 +00:00
Mike Smith
cda43ef612 Implement the nfs_access_cache variable, allowing us to set the timeout for
the NFS client's ACCESS cache.
1998-11-15 20:30:04 +00:00
Nicolas Souchu
d551f05381 Arrg, ppi*) corrected 1998-11-12 22:48:16 +00:00
Nicolas Souchu
5f3f114afa Add ppi*) iic*) and smb*) 1998-11-12 22:45:24 +00:00
Peter Wemm
29ddf71810 kldload the screen savers 1998-11-11 05:25:32 +00:00
Peter Wemm
2bfb2faded kldload ipfw, it's installed always and works on both kernel formats 1998-11-11 05:23:44 +00:00
Brian Somers
d7264d6e3a Suggest using ``iface clear'' under certain circumstances
in ppp.linkdown.
1998-11-05 23:14:19 +00:00
Poul-Henning Kamp
83713d0b04 Add example for the internal "ident server". 1998-11-04 19:42:35 +00:00
Poul-Henning Kamp
5707e03c5f Move the "root" entry up so people can see it. 1998-11-03 08:14:38 +00:00
Wolfram Schneider
de4f843d24 Write temp files with a uniq name into /var/run
instead the public writable directory /tmp
PR:	 conf/8330
1998-11-01 13:04:15 +00:00
David E. O'Brien
255e0e14be Backout rev 1.175. 1998-10-31 05:27:02 +00:00
David E. O'Brien
5b3ac95f28 ``MAKEDEV ccd3'' is now consistant with many of the other devices in that
*ccd{0,1,2}* will be created.
1998-10-30 06:02:48 +00:00
David E. O'Brien
ff51c4f27c ``MAKEDEV bpf3'' is now consistant with many of the other devices in that
bpf{0,1,2} will be created.
1998-10-29 22:16:29 +00:00
Peter Wemm
0bf607e3dd Some directories would like to install things into /modules 1998-10-17 01:21:35 +00:00
Peter Wemm
537aa6857b Commented out example of changing the default kernel format with warning. 1998-10-16 03:26:54 +00:00
Nate Williams
58645a5596 - Add a couple comment lines to note that spaces are not allowed as
field separators.

PR:		conf/8162
Submitted by:	Sheldon Hearn <sheldonh@axl.training.iafrica.com>
1998-10-14 21:59:55 +00:00
Jordan K. Hubbard
4216dc7f84 Shut this thing up; most people don't even have this enabled. 1998-10-13 08:25:09 +00:00
Mark Murray
137d6f5705 Add extra directories required by Perl5. The one in local-land
is contoversial and may be removed later.
1998-10-11 17:31:35 +00:00
Dag-Erling Smørgrav
353803b997 Hand me the pointy hat, and make it big. 1998-10-09 17:11:14 +00:00
Dag-Erling Smørgrav
b354705227 Remove all references to tickadj(8) from rc, rc.conf and rc.conf.5.
Disable building tickadj(8) by removing util from SUBDIR in the xntpd
Makefile. Note that the sources are still there and tickadj can still
be built and installed by doing:

# cd /usr/src/usr.sbin/xntpd/util
# make all install

There are enough references to tickadj in e.g. the xntpd documentation
(not to mention the sysctl variables it uses etc.) that I don't feel
up to implementing the final solution right now.

Kinda-approved-by:	phk
1998-10-08 18:47:30 +00:00
Poul-Henning Kamp
0e8380df1f Avoid using dmesg to find devices, the buffer may not be big enough.
Reviewed by:	phk
Submitted by:	Mike Spengler <mks@networkcs.com>
1998-10-08 08:56:01 +00:00
Mark Murray
c67d21dd73 Add auth.conf. JKH Added the code to understand this to libutil, and
I will be following up with commits to use it in KerberosIV userland.
1998-10-08 06:12:04 +00:00
Jordan K. Hubbard
e19c816a01 Add spanish doc dirs.
Submitted by:	Motoyuki Konno <motoyuki@snipe.rim.or.jp>
1998-10-07 02:55:59 +00:00
Poul-Henning Kamp
7d5c779c86 Here are some scripts and man pages for configuring HARP ATM
interfaces.

Reviewed by:	phk
Submitted by:	Mike Spengler <mks@networkcs.com>
1998-10-06 19:24:31 +00:00
Doug Rabson
f92f33e090 Doh! Change the correct version of disktab and backout the change to
the i386 disktab.
1998-10-06 12:42:55 +00:00
Doug Rabson
c51b835505 Add a 2880k disk prototype for building MFS install images. 1998-10-06 12:06:43 +00:00
Joerg Wunsch
3dc4ead535 Avoid the ``ruptime: no hosts in /var/rwho.'' message by not calling
rwho iff /var/rwho is empty.  Call `uptime' instead.  This doesn't
belong under `network' right away, but at least reports the same
informaton about the local system.  rwhod is not turned on by default
(for good reason), and i've already seen too many of the above
messages...
1998-10-06 09:46:46 +00:00
Brian Somers
8842b72734 Show how to create a secure (ssh) VPN 1998-10-03 13:12:14 +00:00
David E. O'Brien
2795f965bb Re-enable creating sd*s* devices.
Add note, that one should use da*s* however.
1998-10-02 22:33:52 +00:00
Jordan K. Hubbard
2100232adf Add /boot, while I happen to be thinking about it. 1998-09-30 22:27:27 +00:00
Wolfram Schneider
b78e5d76ba Limit the fingerd daemon to:
runs only 3 simultaneous fingerd processes and
        limit the connections-per-ip-per-minute to 10.
1998-09-30 16:12:40 +00:00
Martin Cracauer
043076cc06 Put guard shells around stuff started from $local_startup. If you type
SIGINT (C-c), you'll get control passed to the next script even if
the current one blocks signals. The child is not killed, though.
1998-09-30 14:44:57 +00:00
David E. O'Brien
0fb365abae We don't support SUID `games' games anymore. 1998-09-27 03:39:55 +00:00
Jordan K. Hubbard
7afd3aa98c Make a /usr/lib/compat/aout directory. Folks should remember to
re-run mtree over this if they want to populate the compat dirs
during a build or that step will fall over.
1998-09-26 11:56:35 +00:00
Brian Somers
04c6e85b06 Add an entry for the HAYES OPTIMA 28.8k 1998-09-25 22:08:53 +00:00
Dima Ruban
033b33635c Backout my previous commit. Oops. 1998-09-25 08:21:15 +00:00
Dima Ruban
577d442f10 ${DISTDIR}/bin/etc/objformat -> ${DISTDIR}/etc/objformat 1998-09-25 07:42:29 +00:00
Jordan K. Hubbard
e413bb5ca1 initialize /etc/objformat for new installs, just to be sure. 1998-09-23 08:06:30 +00:00
Jordan K. Hubbard
2a31c441b4 I'm not sure how/when router_enable got set to YES, but it doesn't
seem right to me.
Noticed by:	jkb
1998-09-23 04:42:02 +00:00
Masafumi Max NAKANE
c663ec72c6 Add fbtab and rc.devfs to BIN1 sothat they are included in the
distribution.
1998-09-22 15:10:18 +00:00
Søren Schmidt
82c4640c65 Put the right path on the devices.
Submitted by:	 Vanilla Pooh Shu <vanilla@oneway.net>
1998-09-20 18:49:04 +00:00
David E. O'Brien
be0cde6f10 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:06 +00:00
David E. O'Brien
fe840f95a8 Simplify these now that default owner is root.wheel.
Partially reviewed by: bde
1998-09-19 18:50:27 +00:00
Vanilla I. Shu
f185cce38a Remove tcl directory.
Forgotten by:	asami
Approved by:	jkh
1998-09-19 10:41:35 +00:00
Dmitrij Tejblum
0aba3bf3d2 Fix typo: s/;/:/
PR:		conf/7964
PR:		conf/7966
Submitted by:	Zach Heilig <zach@gaffaneys.com>
Submitted by:	Jos Backus <Jos.Backus@nl.origin-it.com>
1998-09-17 17:02:39 +00:00
Brian Somers
5fd86945a2 Spaces -> tabs, don't use touch before it's available
Pointed out by: bde
1998-09-16 22:42:56 +00:00
Martin Cracauer
47aabea273 rc.conf variable $amd_map_program needs to be eval'ed.
PR:		misc/7435
Submitted by:	David Wolfskill <dhw@whistle.com>
1998-09-16 20:38:23 +00:00
Mike Smith
a4b3203d07 Effectively disable resource limit setting by default, leaving the
original contents of the file preserved as examples for administrators
that need to enable them.

Also add a comment to the examples pointing out that the authentication
functionality is largely unused and requires rebuilding libutil.

Reviewed by:	jkh
1998-09-16 19:18:36 +00:00
Dag-Erling Smørgrav
83e2676ff1 Add entries to make CodaFS run out of the box.
PR:		misc/5855
Submitted by:	Robert Watson <robert@cyrus.watson.org>
1998-09-16 15:42:32 +00:00
Doug Rabson
9cf0e9186b Sync with etc.i386/MAKEDEV version 1.171. 1998-09-16 09:21:43 +00:00
John Polstra
34908526f4 Fix up the boot-time ldconfig handling to deal with dual object
file formats.  I have added a new rc.conf variable ${ldconfig_paths_aout}
which is like ${ldconfig_paths}, but only for a.out shared libraries.

On a "standard" ELF system, the ELF ldconfig path is taken from
${ldconfig_paths}, while the a.out ldconfig path is taken from
${ldconfig_paths_aout}.

On a not-yet-converted a.out system, only the a.out ldconfig path
is set, and it is taken from ${ldconfig_paths_aout}.  If that
variable is unset, /etc/rc defaults it to the value of ${ldconfig_paths},
on the assumption that the system's "/etc/rc.conf" file hasn't been
updated.
1998-09-16 05:42:38 +00:00
Kenneth D. Merry
90377c4bc7 Change the permissions for the transport layer (xpt) and passthrough (pass)
devices from 644 to 600.

Reviewed by:	imp, gibbs
1998-09-16 00:10:26 +00:00
Jordan K. Hubbard
e45f8facfb Add scsi_target to examples. This is the 3rd such breakage I've
committed a fix for in 2 days and 3 different people have forgotten
to update this file.  GRRR!  What's it going to take, electrodes to
the sensitive bits, people?? :-)
1998-09-15 17:17:02 +00:00
Jordan K. Hubbard
02a1dfdc96 Add /usr/share/examples/atm
Forgotten by:	phk
1998-09-15 12:08:49 +00:00
Poul-Henning Kamp
3f8c45065e (this is an extract from src/share/examples/atm/README)
===================================
                HARP  |  Host ATM Research Platform
                ===================================

                              HARP 3

What is this stuff?
-------------------
The Advanced Networking Group (ANG) at the Minnesota Supercomputer Center,
Inc. (MSCI), as part of its work on the MAGIC Gigabit Testbed, developed
the Host ATM Research Platform (HARP) software, which allows IP hosts to
communicate over ATM networks using standard protocols.  It is intended to
be a high-quality platform for IP/ATM research.

HARP provides a way for IP hosts to connect to ATM networks.  It supports
standard methods of communication using IP over ATM.  A host's standard IP
software sends and receives datagrams via a HARP ATM interface.  HARP provides
functionality similar to (and typically replaces) vendor-provided ATM device
driver software.

HARP includes full source code, making it possible for researchers to
experiment with different approaches to running IP over ATM.  HARP is
self-contained; it requires no other licenses or commercial software packages.

HARP implements support for the IETF Classical IP model for using IP over ATM
networks, including:

   o IETF ATMARP address resolution client
   o IETF ATMARP address resolution server
   o IETF SCSP/ATMARP server
   o UNI 3.1 and 3.0 signalling protocols
   o Fore Systems's SPANS signalling protocol

What's supported
----------------
The following are supported by HARP 3:

   o ATM Host Interfaces
        - FORE Systems, Inc. SBA-200 and SBA-200E ATM SBus Adapters
        - FORE Systems, Inc. PCA-200E ATM PCI Adapters
        - Efficient Networks, Inc. ENI-155p ATM PCI Adapters

   o ATM Signalling Protocols
        - The ATM Forum UNI 3.1 signalling protocol
        - The ATM Forum UNI 3.0 signalling protocol
        - The ATM Forum ILMI address registration
        - FORE Systems's proprietary SPANS signalling protocol
        - Permanent Virtual Channels (PVCs)

   o IETF "Classical IP and ARP over ATM" model
        - RFC 1483, "Multiprotocol Encapsulation over ATM Adaptation Layer 5"
        - RFC 1577, "Classical IP and ARP over ATM"
        - RFC 1626, "Default IP MTU for use over ATM AAL5"
        - RFC 1755, "ATM Signaling Support for IP over ATM"
        - RFC 2225, "Classical IP and ARP over ATM"
        - RFC 2334, "Server Cache Synchronization Protocol (SCSP)"
        - Internet Draft draft-ietf-ion-scsp-atmarp-00.txt,
                "A Distributed ATMARP Service Using SCSP"

   o ATM Sockets interface
        - The file atm-sockets.txt contains further information

What's not supported
--------------------
The following major features of the above list are not currently supported:

        o UNI point-to-multipoint support
        o Driver support for Traffic Control/Quality of Service
        o SPANS multicast and MPP support
        o SPANS signalling using Efficient adapters

This software was developed under the sponsorship of the Defense Advanced
Research Projects Agency (DARPA).

Reviewed (lightly) by:	phk
Submitted by:	Network Computing Services, Inc.
1998-09-15 11:44:44 +00:00
Joseph Koshy
61a4defd54 Turn off replies to ICMP echo requests for broadcast and multicast
addresses by default.

Add a knob "icmp_bmcastecho" to "rc.network" to allow this
behaviour to be controlled from "rc.conf".

Document the controlling sysctl variable "net.inet.icmp.bmcastecho"
in sysctl(3).

Reviewed by: dg, jkh
Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
1998-09-15 10:49:03 +00:00
Justin T. Gibbs
78e7747291 Add new cam include hierarchy. 1998-09-15 10:22:37 +00:00
Justin T. Gibbs
712f3941ea Update for CAM. 1998-09-15 10:21:35 +00:00
David E. O'Brien
24b66c5360 Too late in the 3.0-game to deal with a setgid /usr/bin/man. 1998-09-14 20:05:46 +00:00
David E. O'Brien
d78e925749 Wanted to set uname to root, not gname. 1998-09-14 18:19:45 +00:00
Jordan K. Hubbard
cde2c8b084 Boy, Mr. Obrien is committing in his sleep again; there is also no
user named wheel. :)
1998-09-14 11:14:11 +00:00
Jordan K. Hubbard
9ca57e33cd There is no group name of "root"; assume man was what was intended. 1998-09-14 10:52:30 +00:00
Søren Schmidt
c77c6e0cbb Make /dev/vga a softlink to /dev/ttyv0 under DEVFS using /etc/rc.devfs
Remove the hack from syscons that added a /dev/vga node in DEVFS
it broke root acces on ttyv0 because dev_mkdb screwed up.
1998-09-14 09:14:46 +00:00
David E. O'Brien
5ecaf9a866 Change file ownership from bin.bin to root.wheel. 1998-09-14 08:34:45 +00:00
Brian Somers
9f67f727aa Gasp ! Bitten by the wonders of diff/patch ! Now's your chance to
say ``I told you so'' Andrey !
Move the Id keyword to the right Makefile
1998-09-13 23:14:20 +00:00
Brian Somers
965066d630 Add Id keyword 1998-09-13 23:11:13 +00:00
David E. O'Brien
6f729f168e Port #s 1-599 checked agaist Robert Watson <robert@cyrus.watson.org>'s
formated IANA Port assignment list.

Prodded from:	freebsd-current list
1998-09-13 20:22:19 +00:00
Jordan K. Hubbard
96de0f8b63 add entry for /usr/share/examples/atapi so the world build doesn't
fall over.
Forgotten by:	sos
1998-09-12 21:16:16 +00:00
Mike Smith
7f4fca29df Add Compex Net-A and 3Com/USR/Megahertz 3CM556
Submitted by:	Willem Jan  Withagen <wjw@surf.IAE.nl> and Brian Handy <handy@lambic.physics.montana.edu>
1998-09-12 18:53:49 +00:00
Mike Smith
c6446f7ff9 Add the Fujitsu MBH10303
Submitted by:	David Kulp <dkulp@neomorphic.com>
1998-09-11 18:35:57 +00:00
Poul-Henning Kamp
efc22bbdd3 make the fla stuff actually work. 1998-09-10 18:47:20 +00:00
Bruce Evans
9646002cc5 Fixed ownership of share/man/man1aout.
Didn't fix misformatting of all the perl entries.
1998-09-10 15:46:41 +00:00
James Raynard
f2e8db8e76 Disable kernel_secure_level unless explicitly set in rc.conf. Previously,
it was enabled unless explicitly unset, creating a pitfall for people
like me who upgraded /etc/rc without upgrading /etc/rc.conf.
1998-09-09 22:27:21 +00:00
Søren Schmidt
e778b30d48 Add the wst device (ATAPI tape)
Allow 8 wcd devices instead of 4.
1998-09-09 18:59:46 +00:00
Mark Murray
54e14f5c1d Add the dirs for Perl5. 1998-09-09 17:54:47 +00:00