the submit and outbound daemon, else if sendmail_submit_enable=yes, don't
start the outbound daemon. Only one daemon should be started.
Also, do not rebuild database maps at boot time. The code didn't pay
attention to SENDMAIL_MAP_TYPE and assumed 'hash'. Also, admins may
not want maps automatically rebuilt just because the back end database
has changed. Finally, some maps are built with mode tools than just
makemap (e.g., using cidrexpand on the access text file before sending
it to makemap).
Noticed by: ache
Reviewed by: ache
than one interface from the command line:
# /etc/rc.d/netif start bfe0 xl0
It's also possible to restart an interface(s):
# /etc/rc.d/netif restart bfe0
This required some changes to rc.subr(8) so that if the start/stop commands
are overidden the rest of the command line (after the start/stop/etc... cmd)
is passed through to the subroutines.
o Separate out local (ports) scripts that use rc.d, and the old style
startup/shutdown scripts and execute them separately. On startup the
rc.d style scripts are executed first and then the old-style scripts.
On shutdown, exactly the reverse happens.
o The rc.d ports scripts should now behave more like base system scripts.
Scripts ending in .sh will be sourced into the current shell, while the
rest will be executed in a subshell. Previously, all ports scripts,
regardless of the .sh suffix, were executed in a subshell.
o The parent script, /etc/rc.d/localpkg, passes its command line arguments
straight to the rc.d ports scripts. This means they should now honor
faststop and faststart commands as well. Old style scripts, should not see
any differences. They will still get either a start or stop command.
o The initial phrase shown during shutdown has been changed to use
"local packages" instead of "daemon processes" to be more inline with the
phrase used during local package startup. The phrases are also used only for
old-style ports script startup/shutdown, whereas previously they were being
used for both rc.d and old-style scripts. This should make startup/shutdown
output a bit less ugly.
Discussed with: portmgr
Has Reservations: eik
- Ask the user up to X times (3 by default) for the pass-phrase, if
it is incorrect the first time.
- Add support for storing the lockfiles in another other directory
than /etc.
- Document that it is possible to override the location of each single
lockfile.
Approved by: pjd
ip6addrctl_enable is set to YES, address selection policy is installed
into kernel.
If there is /etc/ip6addrctl.conf, it is used for address selection
policy. Even if there is no /etc/ip6addrctl.conf, we install default
policy. In this case, if ipv6_enable is set to YES, we use address
selection policy described in RFC 3484 as default. Otherwise, we
install priority policy for IPv4 address.
The default of ip6addrctl_enable is NO for now. However, it may
better to enable it by default.
The reason for doing this is that (at least some) 4.x binaries are very
unhappy if host.conf does not exist, and if we create host.conf but not
nsswitch.conf, nsswitch.conf will be created at the next reboot, so it
is better to create a correct nsswitch.conf right away.
use the conf/* stuff for their firewall configuration.
Running ipfw before could seem to make sense in that it would allow
one to setup access to the NFS server on a "default-deny" kernel,
but it is pretty obvious to the casual observer that such a configuration
never makes it far enough to mount the NFS-root in the first place.
debug.watchdog since it is not created by hardware watchdog(4) devices.
The watchdog(4) device is always compiled in the kernel, so removing the
check should not cause any problems.
Approved by: phk
initdiskless. The output of several commands and if available the
contents of /entropy are feed into /dev/random to kickstart the PRNG.
/etc/rc.d/initrandom is left alone to maintain the previous behavior as
much as possiable.
Further work in this area is probably needed.
Discussed with: markm
and permissions specified per rc.conf(5) now apply both to the md
device and to the mountpoint directory, after the mount has completed.
This has to be done in two steps, because chown is not available
until after /usr has been mounted, but the mdconfig and newfs steps
have to complete before fstab processing.
(when new natd is started before old natd died) and allows to manage natd
without touching ipfw.
natd should probably be killed with SIGKILL when stopping natd.
- Use sendmail_foo variables after load_rc_config so that they actually work.
- Utilize sendmail_procname.
- Check sendmail_submit_enable instead of sendmail_enable when dealing
with mail submission MTA.
comments and empty lines have been touched.
All of this should go in the diskless(8) manpage, now if we had
some kind of 'literate programming' tool to extract the comments
from the script and put them in a reasonable nroff format, it
would be a lot easier to keep code and docs in sync
+ SUBDIR.cpio.gz prevents files from SUBDIR/ to be copied when
priming the memory filesystems. This restores the old behaviour
and makes the copy process a lot more efficient
+ look for templates also in the list of directories supplied by
bootp/dhcp via the T134 option aka kern.bootp_cookie
+ keep track of directories temporarily mounted with "remount"
or "diskless_remount" commands and unmount them once we are done
with them (at the end of this script).
1. Add the shutdown keyword so that the script is run at shutdown time,
and the mixer* files are saved.
2. Twiddle whitespace.
3. Remove an unecessary function, and therefore collapse one variable.
hostname, resolve, tmp, and var scripts. The latter three are new and
were repo copied. These scripts no longer depend on being booted with
and NFS root instead attempt to automaticly create mfs /tmp and /var
volumes if the they are not writable. This behavior can be overridden
in /etc/rc.conf.
Reviewed by: luigi, pjd
Yes, this means for stuff OTHER than jails, too. Example usage:
#devfs_system_ruleset="root"
devfs_set_rulesets="/dev=root /etc/namedb/dev=named_devfs"
in the system on shutdown and restores the settings on boot. The settings
can also be reset to the saved values via 'mixer reload'.
Reviewed by: current@
thing, but we're ready to move on.
2. Remove the -g default argument in named_flags. It doesn't actually do
what most users think it does, and what most users want it to do is already
accomplished with a proper default group for the bind user, which we have.
Also, the -g knob does something entirely different in BIND 9, which leads
to a lot of needless confusion/aggravation.
3. In the rc.d script, don't bogusly override $command, or $rc_flags. Both
are adequately handled in rc.conf[.local].
4. DO properly override $rc_flags if user has named_chrootdir set.
This may need to be revisited, but should be ok for now.
5. Protect all chrootdir-related bits under that variable, instead of
named_rcng.
There is more work to be done here, especially in the area of BIND 9
compatibility, but this is a start at least.
Prompted in part by (legitmate) grousing from: kuriyama, Randy Bush
In particular, this allows a "virgin" system installed from
source (installworld, installkernel, cd etc && make distribution)
to boot correctly and modestly simplifies the creation
of single-partition network/cdrom/CF bootable images.
Trigger not only on diskless booting sysctls being set, but also
on the existence of the file "/etc/diskless". But do not try to
extract IP# related keywords in that case.
Add a general "remount" facility to allow non-NFS remounting.
included a start_precmd check for gated. The precommand was not
executed in the FreeBSD branch. When I did a mass removal of
NetBSD specific logic a while back this file apparently got only
a partial treatement. This bug did not have any functional consequences,
however, since the precommand was not declared to the rc.subr routines.
Noticed by: pjd
Certain MTA configurations mean that the notifications from
virecover keep bouncing; so here's a patch to allow administrators
to turn them off.
PR: conf/54910
Submitted by: bms (with a minor cleanup)
I committed it. Apologies to Juergen Unger <j.unger@addict.de>.
o When stopping jails output the hostname of the jails that
were stopped.
o Refactor
o Remove extraneous empty line
o Correct spelling error
that the keys are currently generated by computing the MD5 checksum of 512
bytes read from /dev/random, and are passed to gbde on the command line.
Sponsored by: Teleplan AS
This commit also removes the support for the sysutils/jailer port. This
is inline with the general policy to keep ports related knobs out
of the base system's configuration mechanism.
Submitted by: Juergen Unger <j.unger@addict.de>
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than necessary).
The NetBSD ident string will be left intact, both for history and
also incase we wish to pull in future versions.
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than necessary).
The NetBSD ident string will be left intact, both for history and
also incase we wish to pull in future versions.
in keeping the scripts under rc.d in sync with us. So, begin removal
of NetBSD specific stuff (which made our scripts more complicated
than necessary), starting with the NetBSD KEYWORD.
the throttling state in response to line transitions. Future plans
include adding support for CPU frequency changes.
Add a devd.conf entry for calling this script.
The default values for this are:
performance_cx_lowest="HIGH" # Use HLT (C0) online
performance_throttle_state="HIGH" # 100% (no throttling)
economy_cx_lowest="LOW" # Use the lowest Cx state possible
economy_throttle_state="HIGH" # 100% (no throttling)
systems are mounted. An example set of entries for /etc/rc.conf:
ataraid_enable="YES"
ataraid_devices="ar0"
ataraid_ar0_set="ad2 ad3"
ataraid_ar0_type="RAID1"
Because there is no "correct" way of doing ATA raid (ie, geom vs.
atacontrol vs. vinum) that is bikeshed proof, this rcng script stays within
the bounds of atacontrol and assumes that other RAID solutions for GEOM or
vinum will end up in a different rcNG script.
Reviewed by: green
