cannot or does not want to be executed in a jail the
KEYWORDS line should contain the nojail keyword.
o Update Copyright
# I suggest people who use jails more extensively than I do
# make commits to the appropriate files.
Implement ``one'' prefix to allow a "one shot" operation as if
${rcvar}=yes yet all the other prerequisite tests are still performed.
The existing ``force'' prefix is a sledgehammer that ignores all the
prerequisite checks and always returns a zero exit status; this is a
more gentle approach to the problem of "manipulate this disabled
service without editing rc.conf(5)".
Obtained From: NetBSD
# We have a work-around in our version of rc.subr that
# makes force* return a non-zero exit status if the
# command/service could not be acted upon. The work-around
# is no longer necessary and should be removed.
run_rc_command(): when checking if ${command} exists before executing it,
be sure to check under ${name_chroot} (if set).
Fix from Ed Ravin in [bin/18523]
Obtained From: NetBSD
Change how internal boolean variables are used to:
if ! ${_somevar:-false}; then
_somevar=true
fi
(Consisent, slightly quicker, and slightly cleaner)
Obtained from: NetBSD
I committed it. Apologies to Juergen Unger <j.unger@addict.de>.
o When stopping jails output the hostname of the jails that
were stopped.
o Refactor
o Remove extraneous empty line
o Correct spelling error
that the keys are currently generated by computing the MD5 checksum of 512
bytes read from /dev/random, and are passed to gbde on the command line.
Sponsored by: Teleplan AS
it is still above the critical temperature on the next poll cycle. This
is a 10 second advance notice by default. Document the private
(non-standard) notify we will be using with devd(8).
This commit also removes the support for the sysutils/jailer port. This
is inline with the general policy to keep ports related knobs out
of the base system's configuration mechanism.
Submitted by: Juergen Unger <j.unger@addict.de>
- If there was an exiting dhclient running on the same interface as the
new iface that left and returned then dhclient would be told to use the
same interface twice. Dhclient would fail and exit after getting
confused. Use "sort -u" on them to ensure no duplicates.
This is a mostly a race condition on suspend and resume and how things
happen to occur.
- Check for netmask being set on an interface rather then up. An interface
can be up but not configured.
Reviewed by: mbr
targets, have "distribution" always install original (as from the release
media) files, whether SENDMAIL_MC is set or not. Do error handling the
make(1) way.
Reviewed by: gshapiro
Approved by: gshapiro
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than necessary).
The NetBSD ident string will be left intact, both for history and
also incase we wish to pull in future versions.
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than necessary).
The NetBSD ident string will be left intact, both for history and
also incase we wish to pull in future versions.
in keeping the scripts under rc.d in sync with us. So, begin removal
of NetBSD specific stuff (which made our scripts more complicated
than necessary), starting with the NetBSD KEYWORD.
case so that if devices need different initialization, we can key off
this in the rc scripts (currently unused). Also update the man page
which is a 100% duplicate of the rc scripts.
the throttling state in response to line transitions. Future plans
include adding support for CPU frequency changes.
Add a devd.conf entry for calling this script.
The default values for this are:
performance_cx_lowest="HIGH" # Use HLT (C0) online
performance_throttle_state="HIGH" # 100% (no throttling)
economy_cx_lowest="LOW" # Use the lowest Cx state possible
economy_throttle_state="HIGH" # 100% (no throttling)
systems are mounted. An example set of entries for /etc/rc.conf:
ataraid_enable="YES"
ataraid_devices="ar0"
ataraid_ar0_set="ad2 ad3"
ataraid_ar0_type="RAID1"
Because there is no "correct" way of doing ATA raid (ie, geom vs.
atacontrol vs. vinum) that is bikeshed proof, this rcng script stays within
the bounds of atacontrol and assumes that other RAID solutions for GEOM or
vinum will end up in a different rcNG script.
Reviewed by: green
then immediately terminate the shell (during boot this
also terminates the parent rc(8) shell). This was the pre-rcNG behaviour.
Also, remove an extraneous mount /.
PR: conf/57659
Submitted by: yar (with modifications)
as these ioctl's aren't MD. This also means they are installed in
/usr/include/dev/bktr now. Also provide compatability wrappers for
where these headers lived in 4.x.
time during the boot process. This is needed in the case where NFS mounts
from servers reachable only via IPSEC are in /etc/fstab.
PR: conf/42497
Submitted by: Volker Stolz
Approved by: re (rwatson)
default attempt to list Biba, LOMAC, and MLS label information
for the socket if they are present.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons
Tested with: i386, i386-PAE, and sparc64.
we are configured to use an MTA or MSP queue runner. Otherwise the
script used to complain about the missing PID file.
PR: conf/57075
Submitted by: Jonathan Chen <jonc@chen.org.nz>
MFC after: 2 weeks
the number of broken DNS servers out there in the world. Since we are
diverging from the sendmail.org submit.mc, it's time to make our own
freebsd.submit.mc.
PR: conf/57733
Reviewed by: nork
MFC after: 2 weeks
porting this stuff back.
* Test /etc/motd for writability before trying to update it. This is
especially useful when /etc/ is mounted ro, like on a diskless boot.
(Thanks to phk for the idea on this one.)
* Make the "updating" message reflect what actually happens.
A "driftfile" caches the oscillator offset estimate from boot to boot,
having this means faster and less bumpy time synchronization. Will
be overridden by any value in the config file.
thin blue air if the kenv doesn't have any info.
This improves the truth value of the comment above significantly and
reduces the bogous output on the console considerably.
- Use a more robust check to determine if we need to load ipl.ko.
- Don't try to run ipf -E if ipfilter is already enabled. Look at
the net.inet.ipf.fr_running sysctl to figure this out. This fixes
a warning message about ipfilter being already initialized.
- Only one ipf -E command is needed. We don't need an extra one for
the -6 case which would only print a warning message about ipfilter
being already initialized.
- Fix one occurence where we were running /sbin/ipf directly without
using the ${ipfilter_program} variable if set.
- In ipfilter_stop(), don't try to save the firewall state tables if
ipfilter is disabled. Similarly, don't try to disable it if it's
already disabled. This fixes some more error messages.
and use it in src/etc/sendmail/Makefile in case the user wants to use
a different path to the sendmail m4 sources (e.g., sendmail port users).
Submitted by: dinoex
MFC after: 21 days
X-MFC after: RELENG_4 code freeze ends
dhclient couldn't get killed.
If we execute 'dhclient -r', dhclient gets already
killed, so there is no need to do it twice. Only do
this if we really have to release some leases.
Reviewed by: silence on freebsd-rc@yahoogroups.com
written by Stuart Walsh and Duncan Barclay (with some kibbitzing by
me). I'm checking it in on Stuart's behalf.
The BCM4401 is built into several x86 laptop and desktop systems. For the
moment, I have only enabled it in the x86 kernel config because although
it's a PCI device, I haven't heard of any standalone NICs that use it. If
somebody knows of one, we can easily add it to the other arches.
This driver uses register/structure data gleaned from the Linux
driver released by Broadcom, but does not contain any of the code
from the Linux driver itself. It uses busdma.
device special files created by sio(4). The latter are the device
special files created by uart(4). As of this moment sio(4) is not
supported on ia64... by me, that is :-)
with the vendor sendmail distribution. By doing so, we avoid mergemaster
warnings after every 'make' in /etc/mail/.
Reported by: Jeremy Chadwick <koitsu@parodius.com>
MFC after: 3 days
X-MFC after: and re approval
o The following additional configuration attributes of a jail can be
controlled from rc.conf:
- mounting devfs(5)
- mounting fdescfs(5)
- mounting procfs(5)
- custom devfs(8) ruleset
If no ruleset is specified, the default jail ruleset is used.
o The output of executing /etc/rc in the jail is now redirected
to /dev/null. Instead, the hostname of the jail is echoed if
the jail(8) command exited successfully. If the output is wanted
it can probably be redirected to a file (/var/run/$jail maybe)
instead of /dev/null.
Submitted by: Scot W. Hetzel <hetzels@westbend.net>
with modifications by Jens Rehsack <rehsack@liwing.de>
and me.
the src/etc makefile. This list was used to manually
install the files from src/etc. Instead, simply change
directory and 'make install'.
o There is no reason for the files in src/etc/defaults to
be installed as writeable.
Reviewed by: ru
off by default.
o Apparently the routine displaying the informational messages wasn't
checking its knob in rc.conf, so fix that as well.
Requested by: obrien
devfs(8) rules in rc(8). It is most useful for applying
rules to devfs(5) mount points in /dev or inside jails.
The following line of script is sufficient to
mount a relatively useful+secure devfs(5) in a jail:
devfs_mount_jail /some/jail/dev
Some new shell routines available to scripts that source
rc.subr(5):
o devfs_link - Makes it a little easier to create symlinks
o devfs_init_rulesets - Create devfs(8) rulesets from devfs.rules
o devfs_set_ruleset - Set a ruleset to a devfs(5) mount
o devfs_apply_ruleset - Apply a ruleset to a devfs(5) mount
o devfs_domount - Mount devfs(5) and apply some ruleset
o devfs_mount_jail - Mount devfs(5) and apply a ruleset
appropriate to jails.
Additional rulesets can be specified in /etc/devfs.rules.
If the devfs_system_ruleset variable is defined in rc.conf
and it contains the name of a ruleset defined in /etc/defaults/devfs.rules
or user supplied rulesets in /etc/devfs.rules then that ruleset will
be applied to /dev at startup by the /etc/rc.d/devfs script. It can
also be applied post-startup:
/etc/rc.d/devfs start
This is a more flexible mechanism than the previous method of using
/etc/devfs.conf. However, that method is still available.
Note: since devfs(8) doesn't provide any way for creating symlinks
as part of a ruleset, anyone wishing to create symlinks in a devfs(5)
as part of the bootup sequence will still have to rely on /etc/devfs.conf.
