Ben Smithurst
8afbbd41f4
Explicitly document the fact that securelevel > 0 means that kernel modules
...
may not be (un)loaded.
PR: 23350
Submitted by: Gordon Tetlow <gordont@bluemtn.net>
2000-12-07 21:09:22 +00:00
Ruslan Ermilov
7c7fb079b9
mdoc(7) police: use the new features of the Nm macro.
2000-11-20 16:52:27 +00:00
Sheldon Hearn
01de01168f
Improve the clarification of the handling of the securelevel.
...
Submitted by: bde
2000-09-13 08:39:41 +00:00
Sheldon Hearn
67b661fd0a
Clarify the handling of the securelevel.
...
PR: 20974
2000-09-12 12:30:13 +00:00
Poul-Henning Kamp
64ec80423e
Mount DEVFS with no options.
2000-08-26 11:53:53 +00:00
Alexander Langer
aeca5be56b
Add MLINK init.8 --> securelevel.8
...
Requested by: Brett Glass <brett@lariat.org>
PR: 13792
Submitted by: nik
2000-06-09 09:40:34 +00:00
Jeroen Ruigrok van der Werven
1552a9dbad
Remove unused include.
2000-05-01 20:20:05 +00:00
Warner Losh
37736675d1
Add include of errno.h where needed, remove extern int errno where not.
...
These commits were inspired by a similar commit to netbsd.
2000-04-14 06:15:01 +00:00
Sheldon Hearn
ef8f7ac935
Remove single-space hard sentence breaks. These degrade the quality
...
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 11:27:47 +00:00
Mark Murray
21fd828d7c
Change DISTRIBUTION to match new world order.
2000-02-29 11:40:57 +00:00
Alfred Perlstein
b0b670ee94
detect deleted tty lines in /etc/ttys.
2000-02-19 20:28:45 +00:00
Nik Clayton
ae11003873
Document that securelevel >= 2 clamps time changes to at most one second.
...
PR: docs/14449
Submitted by: James FitzGibbon <james@targetnet.com>
1999-12-16 02:15:53 +00:00
Sheldon Hearn
f0f4f75620
Correct the ttys.5 and init.8 manpages with respect to the incorrect
...
assumption that only getty processes can be managed. Describe the
SysV-like ability to keep arbitrary long-running processes alive
using a non-device first field in /etc/ttys.
PR: 12767
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
1999-12-06 09:07:14 +00:00
Matthew Dillon
a69497d73f
Finish up umntall support. init now passed an argument to the
...
rundown script 'reboot' or 'single'. ISO support (which never
worked) has been removed from mount_nfs. mount_nfs and umount
now use mounttab, which allows umntall to work properly. The
rc scripts now call umntall as appropriate.
Submitted by: Martin Blapp <mb@imp.ch>
1999-11-22 04:23:11 +00:00
KATO Takenori
a4edcf8989
FreeBSD kernel doesn't allow any process to decrease securelevel. So,
...
init(8) cannot decrease securelevel. The manual page explains this
and single_user() doesn't try to downgrade kernel to insecure mode.
Reviewed by: bde (manual page)
1999-09-06 08:41:32 +00:00
Peter Wemm
7f3dea244c
$Id$ -> $FreeBSD$
1999-08-28 00:22:10 +00:00
Ruslan Ermilov
ec3e2c5d4f
Backup existing init(8) as /sbin/init.bak.
...
PR: 12976
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
1999-08-05 09:13:57 +00:00
Ruslan Ermilov
6be40c9535
Fix a non-critical memory leak.
...
PR: 12769
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
1999-07-23 08:28:46 +00:00
Matthew Hunt
ec32ddd693
"Cannot" is one word. "Can not" has a different meaning if taken
...
literally.
1999-07-05 18:12:13 +00:00
Ruslan Ermilov
5d94d8b6a2
Turn System V command line syntax ``on'' by default.
...
Requested by: peter
Reviewed by: des, billf
1999-07-01 13:33:56 +00:00
Ruslan Ermilov
1681d65976
Bring in System V run-level patches (turned off by default).
...
While I'm here, fix some typos in the manpage.
Requested by: des
1999-06-18 09:08:09 +00:00
Ruslan Ermilov
a0a549c7fd
Init(8) will halt the system if sent USR1 signal,
...
or halt and turn the power off if sent SIGUSR2.
PR: 5451
Submitted by: Leif Neland <leifn@image.dk>
Reworked by: ru
Reviewed by: -hackers
1999-06-16 20:01:19 +00:00
Guy Helmer
04b2ac6e73
Mention securelevel 3 as affecting ipfw and dummynet. Generalize comment
...
about fdisk and securelevel 2.
PR: docs/7785
1998-12-16 16:50:12 +00:00
Poul-Henning Kamp
63322c283d
Memory management error in init.
...
PR: 7320
Reviewed by: phk
Submitted by: Anders Thulin <Anders.X.Thulin@telia.se>
1998-07-22 05:45:11 +00:00
Philippe Charnier
5df42cf4ae
Correct .Nm use. Add rcsid. Use min for minutes instead of mn.
1998-07-06 06:56:08 +00:00
Joseph Koshy
6ebaa024df
Fixes per PR 2850:
...
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.
and one spelling fix.
PR: 2850
1998-06-19 08:34:52 +00:00
James Raynard
39034633c8
Don't assume sigset_t and int are equivalent.
1998-03-02 23:19:29 +00:00
Bruce Evans
87f01287d2
Removed definition of _NEW_VFSCONF. The new vfsconf interface is now
...
the default.
1998-01-20 10:40:18 +00:00
Peter Wemm
1bc5fcd008
This has always bugged me. At single user, the implied example it gives
...
is not valid - it says that "sh" is the default, but you can't
actually type "sh" at this prompt - it has to be /bin/sh or some other
full pathname.
1997-10-10 12:14:48 +00:00
David Nugent
80f69e57cd
".if exists(${CURDIR}/../../secure)" rather than testing relative to the
...
object directory.
1997-08-18 03:32:09 +00:00
David Nugent
86bf62dc4a
Test that rc.shutdown exists before attempting to run it - silently
...
return success if it doesn't to prevent any unwanted error msgs.
1997-08-18 01:40:12 +00:00
Andrey A. Chernov
3ee1f2280e
runshutdown(): get rid of getdtablesize loop, it gains nothing now
...
but can waste time if many descriptors are available
1997-08-06 16:34:51 +00:00
Andrey A. Chernov
25cf4a545a
rc.shutdown fixes:
...
1) revoke -> HUP
2) controlling terminal already present
3) add missing setprocresources call
1997-08-06 16:07:52 +00:00
David Nugent
8889c700f3
Add /etc/rc.shutdown capability to init.
...
Add sample /etc/rc.shutdown (which is just a shell for now).
Submitted by: Ollivier Robert <roberto@keltia.freenix.fr>
1997-08-02 00:22:52 +00:00
Andrey A. Chernov
3f31fb330d
Move logwtmp(shutdown) call before any real action in death().
1997-07-08 11:51:11 +00:00
Andrey A. Chernov
1054bb1e43
1. Replace malloc+bzero by calloc
...
2. Revoke internal active session list only now, not whole /etc/ttys
1997-07-05 19:36:55 +00:00
Andrey A. Chernov
19e00c1345
Add -D_NEW_VFSCONF to eliminate compilation warning
1997-07-05 19:34:51 +00:00
Andrey A. Chernov
c3d7c52e04
death: revoke all lines listed in /etc/ttys instead of sending HUP
...
to all processes
1997-07-04 22:09:07 +00:00
Andrey A. Chernov
423b6a39ff
Include <libutil.h> instead of private declarations
1997-07-03 11:37:43 +00:00
Andrey A. Chernov
a2ee73bcc6
Remove unneded cast in login_getclassbyname which cause warning
1997-07-02 13:53:31 +00:00
Paul Traina
4cbf8903a2
Attempt to open the device for reading before actually adding the device
...
to the session list. If the device comes back as unconfigured, just
ignore that line in /etc/ttys. If someone HUP's init, we'll try again.
This change stops getty's from hanging on vty and sio ports that don't
exist, either due to LKM drivers not being loaded, or probes failing.
Reviewed by: bde
1997-06-28 08:18:29 +00:00
Philippe Charnier
c584283545
Use err(3).
1997-06-13 06:24:42 +00:00
Mike Pritchard
7966553397
Be more specific as to which flags may not be turned off when the
...
system is running in secure mode.
Obtained from: NetBSD PR# 3299
1997-04-01 20:41:04 +00:00
Poul-Henning Kamp
a6534afb2a
Fix mount call for devfs.
...
Submitted by: bde
1997-03-30 09:22:41 +00:00
Peter Wemm
c0ec1f37ef
Revert $FreeBSD$ to $Id$
1997-02-22 14:40:44 +00:00
David Greenman
33a20f8291
Protect from stack overrun via /etc/ttys, which could possibly allow a
...
root user to change the securelevel. Pointed out by Thomas H. Ptacek
<tqbf@enteract.com>.
1997-02-19 08:04:58 +00:00
Mark Murray
35c6fcd43b
Part two of a "fix-and-move". There were some macros declared in ../sbin's
...
Makefile that were a) broken and b) bogusly placed. This brings the
repeared macros in.
Pointed-out-by: BDE
1997-02-10 17:44:34 +00:00
Adam David
4f3cac8f23
typo
1997-01-22 12:38:40 +00:00
David Nugent
e82d554503
Style police.
1997-01-22 02:07:55 +00:00
David Nugent
1ef60eb115
Impose login_cap resource limits on processes started by init.
...
/etc/rc started with "daemon" settings.
"window=" started with "default" settings
gettys started with "default" settings.
This should open the way to junk kernel options MAX_{OPEN,CHILD}
and the corresponding sysctl vars.
1997-01-19 16:49:13 +00:00
Jordan K. Hubbard
1130b656e5
Make the long-awaited change from $Id$ to $FreeBSD$
...
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Wolfram Schneider
af20215665
Sort cross references.
1997-01-13 00:25:51 +00:00
Poul-Henning Kamp
57622f2291
If passed the -d flag, mount devfs on /dev
1996-10-28 11:03:19 +00:00
Bruce Evans
38058917d5
Rewrote the section about the "normal" setting of the security level to
...
match reality.
Say that secured devices `may not be opened for writing' instead of
`are read-only'.
1996-10-12 15:37:23 +00:00
Bruce Evans
5b963fa12e
Fixed DPADD.
1996-09-05 17:16:10 +00:00
Mark Murray
24136561dc
Better method of choosing libdescrypt/libscrypt.
1996-05-04 08:16:20 +00:00
Mike Pritchard
edf0e5b3f8
Correct some man page xrefs, and some other minor changes to bring some
...
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
1996-04-08 04:18:31 +00:00
Joerg Wunsch
b6729ee0c2
The DES-based init(8) belongs to the "des" distribution.
1996-02-13 09:12:10 +00:00
Dima Ruban
28b2e97b28
If root does not have a password, `init' should not ask to enter it.
...
otherwise it's not possible to get into single-user mode, if root
does not have password and console insecure.
1995-11-10 07:06:59 +00:00
Poul-Henning Kamp
77103ea36a
Define TRUE & FALSE rather than depending on bogus #includes.
1995-10-29 09:44:09 +00:00
Bruce Evans
7d2c66ed67
Fix $Id$.
1995-10-03 15:11:11 +00:00
Mark Murray
090bf93cd1
Make this make work the same way as passwd and xntpd. Here it will allow
...
secure/sbin/init to be cleaned out, and sbin/Makefile to be tidied up.
1995-10-01 15:12:47 +00:00
Mike Pritchard
bb2e87c4a2
Fix init to correctly detect processes that are exiting multiple
...
times per second.
1995-08-08 06:49:59 +00:00
Andrey A. Chernov
228d7ef2cc
nspace count was incremented only in child, so warning never displayed
...
Pointed by: Mike Pritchard <mpp@mpp.minn.net>
1995-08-08 02:29:12 +00:00
Rodney W. Grimes
5ebc7e6281
Remove trailing whitespace.
1995-05-30 06:12:45 +00:00
Andrey A. Chernov
81ab7fb2a7
Add better argument handling
...
Submitted by: jmz
1995-01-10 21:19:57 +00:00
Andrey A. Chernov
b5df27e29f
revision 1.6
...
date: 1994/03/06 08:55:02; author: ache; state: Exp; lines: +4 -1
Stop count getty spacing problem, if we issue kill -1 1
----------------------------
revision 1.5
date: 1994/03/04 17:51:39; author: ache; state: Exp; lines: +9 -2
I got a lot of
"getty repeating too quickly on port %s, sleeping"
from init.bsdi, it means that getty start and exit in five seconds.
This is common situation for poor quality Russian phone lines:
modem got CONNECT message and after retries got NO CARRIER.
So I introduce spacing count, it means that this warning and
sleep occurse only after GETTY_NSPACE times of sequental attempts.
----------------------------
revision 1.4
date: 1994/02/28 21:53:52; author: ache; state: Exp; lines: +71 -10
I found (and fix) ugly bugs in init.bsdi (this bugs not present
in old init)
1) Init don't setup TERM environment variable for default terminal
type from /etc/ttys before calling getty/window.
2) When "kill -1 1" issued, init don't restart getty when
/etc/ttys parameters was changed (it only kill "off" end empty entries).
3) Small memory leak if "window" /etc/ttys parameter specified and
"kill -1 1" issued.
Obtained from: FreeBSD 1.x
1994-10-14 17:15:40 +00:00
Jordan K. Hubbard
db8ad19dab
What cretin named both a global and a function "reboot"? Global
...
changed to Reboot.
Submitted by: jkh
1994-08-28 10:00:49 +00:00
Nate Williams
e460cfd33f
Bring in my changes from the 1.1 init.bsdi which causes a reboot (was a
...
halt before) if init is sent an interrupt signal. This is necessary
for <CTL><ALT><DEL> to do the right thing if enabled.
1994-08-27 21:32:01 +00:00
David Greenman
40eaff5d0f
Nuked the 2 second DTR wait; this is handled correctly in the sio driver.
1994-08-23 04:42:45 +00:00
Garrett Wollman
053b68b9ae
`init' needs crypt() for insecure consoles.
1994-08-15 02:45:37 +00:00
Garrett Wollman
404c1a5fc1
Convert to our man installation style. Also fixed long-standing bug
...
in `fastboot'/`fasthalt' in which the interpreter would hang around
after `reboot' or `halt' is run, causing an irritating ``Killed'' message.
1994-08-05 02:42:42 +00:00
Rodney W. Grimes
8fae3551ec
BSD 4.4 Lite sbin Sources
...
Note: XNSrouted and routed NOT imported here, they shall be imported with
usr.sbin.
1994-05-26 06:35:07 +00:00