Commit Graph

3343 Commits

Author SHA1 Message Date
David E. O'Brien
01df2ec328 Change the name of the 'bin' distribution to 'base'.
This is done since it contains much more than /bin, and also gets in the
way when making a combined install+fixit CD.

OK'ed by:	jkh
2002-04-23 22:16:41 +00:00
Gregory Neil Shapiro
4a49265d15 sys.mk no longer includes bsd.own.mk so I need to include it here for
the definition of SHAREMODE.

Submitted by:	Udo Schweigert <Udo.Schweigert@siemens.com>
2002-04-23 17:08:08 +00:00
Maxim Sobolev
c1deb99469 Correct default value of drainwait: it should be 300 seconds, not forever.
PR:		37370
Submitted by:	Daniel O'Connor <doconnor@gsoft.com.au>
MFC after:	2 weeks
2002-04-23 08:26:50 +00:00
David E. O'Brien
8a57f7e245 Do not use 'ps -e' for entropy gathering. It uses /proc/*/mem to rummage
around *user* memory to extract the environment variable strings.  This
is problematic for us.

Submitted by:	peter
2002-04-23 00:05:48 +00:00
David E. O'Brien
c1ab4f157d Utilize dhcp information in the kernel environment if we don't have
hostname and DNS information already.

Submitted by:	Danny Braniss <danny@cs.huji.ac.il>
2002-04-22 21:42:18 +00:00
Sheldon Hearn
87d8c3b497 Bring in changes from smbfs-1.4.4. 2002-04-22 16:18:36 +00:00
Dag-Erling Smørgrav
d397408818 Usage style sweep: spell "usage" with a small 'u'.
Also change one case of blatant __progname abuse (several more remain)
This commit does not touch anything in src/{contrib,crypto,gnu}/.
2002-04-22 13:44:47 +00:00
Gregory Neil Shapiro
3bf762b7f6 Non-sendmail users use the FreeBSD sendmail startup functionality to start
alternative MTAs.  Therefore, always install rc.sendmail, regardless of
NO_SENDMAIL make.conf setting.  Users can still set mta_start_script to a
different script.

This commit is after a repo-copy of src/etc/sendmail/rc.sendmail to
src/etc/rc.sendmail.

Noticed by:	Calvin NG <calvinng@brel.com>
MFC after:	3 days
2002-04-21 20:32:28 +00:00
Crist J. Clark
aad6ba1940 Consistently use full pathnames for files, especially executables.
PR:		conf/37292
Submitted by:	Helge Oldach <send-pr@oldach.net>
MFC after:	3 days
2002-04-21 08:32:35 +00:00
Gregory Neil Shapiro
5b7a235bb6 In my continuing crusade to make life better for non-sendmail users, avoid
the creation of /var/spool/clientmqueue and therefore the need for the
smmsp user and group if NO_SENDMAIL is defined.  This required breaking out
the creation of the directory into a new BSD.sendmail.dist mtree file.

MFC after:	1 week
2002-04-20 19:00:11 +00:00
Dag-Erling Smørgrav
214f3239c0 Don't list pam_unix in the session chain, since it does not provide any
session management services.

Sponsored by:	DARPA, NAI Labs
2002-04-18 17:40:27 +00:00
Ruslan Ermilov
5b3e868df5 Fixed bugs in previous revision:
Added NOOBJ if anyone even attempts to "make obj" here.
Revert to installing files with mode 644 except README.
Make this overall look like a BSD-style Makefile rather
than roll-your-own (this is not a bug).

For the record.  Previous revision also fixed the breakage
introduced by the sys.mk,v 1.60 commit: bsd.own.mk is no
longer automatically included from sys.mk.

Reported by:	jhay
2002-04-18 10:58:14 +00:00
Dag-Erling Smørgrav
8abb6072c1 Use ${FILES} and <bsd.prog.mk> rather than roll-your-own. 2002-04-18 10:07:36 +00:00
Gerald Pfeifer
e6c0365295 Mention that terminal type vt220 will work better if one needs
interoperability with other systems like Solaris or GNU/Linux.

PR:		33810
Approved by:	obrien
2002-04-17 10:42:41 +00:00
Ruslan Ermilov
c059859e2c Really sort entries. 2002-04-16 07:55:20 +00:00
Dag-Erling Smørgrav
a64210378b Add PAM policy for the "passwd" service, including a sample config line
for pam_passwdqc.

Sponsored by:	DARPA, NAI Labs
2002-04-15 03:01:32 +00:00
Dag-Erling Smørgrav
ce93a006f1 Add pam_lastlog(8) here since I removed lastlog support from sshd.
Sponsored by:	DARPA, NAI Labs
2002-04-15 02:46:24 +00:00
Doug Barton
48c3e9339b Remove ws at EOL 2002-04-14 22:35:46 +00:00
Gregory Neil Shapiro
84481e5e4b Fix up submit.cf alternation instructions in light of new SENDMAIL_SUBMIT_MC
make.conf knob.

MFC after:	1 week
2002-04-14 19:24:28 +00:00
Gregory Neil Shapiro
14d6d7657a Provide a new make.conf knob, SENDMAIL_SUBMIT_MC to allow users to pick
the .mc file used for /etc/mail/submit.cf.  By default,
/etc/mail/freebsd.submit.mc is installed and used.

Requested by:	fenner
Submitted by:	ume
MFC after:	1 week
2002-04-14 19:20:26 +00:00
Hellmuth Michaelis
7b59113e2f update german national holidays file for 2002, 2003 and 2004 2002-04-13 12:23:38 +00:00
Dag-Erling Smørgrav
e5df14bff8 Use pam_rhosts(8). 2002-04-12 23:20:30 +00:00
Gregory Neil Shapiro
e6b0d580e7 Add my Copyright on this file so I can allow others to use it 2002-04-12 20:28:06 +00:00
Dag-Erling Smørgrav
f5e2abb7fa Add etc/pam.d. 2002-04-12 16:22:58 +00:00
Dag-Erling Smørgrav
cec161f9e1 Cosmetic changes to the previous commit, bringing it closer to what I
already had in my tree but didn't want to commit.
2002-04-11 22:06:27 +00:00
Hajimu UMEMOTO
4dfe2f93fb Add an IPv6 sample line for tftpd.
MFC after:	2 weeks
2002-04-11 17:17:28 +00:00
Peter Wemm
8adaef858d Back out /etc/rc.d addition. I'd like to see something come of what has
already been imported.  It would have been nice to get it out there
in DP1, but that is too late now.
2002-04-11 08:48:52 +00:00
Peter Wemm
863e2b4c84 <peril sensitive sunglasses on>
Add /etc/rc.d to the startup dirs list.  It is a convenient place to put
custom startup scripts instead of hacking a shared rc.local.  eg: ftpd in
listener mode, or maybe even sendmail or another mailer, etc.
<peril sensitive sunglasses off>
2002-04-10 22:42:27 +00:00
Peter Wemm
6636027fe4 Since sshd expects /etc/ssh/ssh_host_rsa_key to exist, we had better
create it.  Also specify protocol v1/v2 in case people wonder why we
generate two RSA keys.
2002-04-10 22:30:54 +00:00
Gregory Neil Shapiro
14a349d554 Update mail queue related periodic scripts to account for sendmail 8.12's
clientmqueue (submit mail queue).

The new mailq display is only active if both the old
daily_status_mailq_enable is set to "YES" and the new
daily_status_include_submit_mailq is set to "YES" so people who disabled
440.status-mailq won't have any surprises.

Likewise, the new queue run is only active if both the old
daily_queuerun_enable is set to "YES" and the new daily_submit_queuerun
is set to "YES" so people who disabled 500.queuerun won't have any
surprises.

While I am here, remove the [ ! -d /var/spool/mqueue ] checks from
both scripts as the queue directory isn't always /var/spool/mqueue for
the main daemon -- it can be set to anything in the sendmail.cf file.

MFC after:	1 week
2002-04-10 03:58:40 +00:00
Dag-Erling Smørgrav
540d48b77c If used, pam_ssh should be marked "sufficient", not "required".
Sponsored by:	DARPA, NAI Labs
2002-04-08 09:52:47 +00:00
Jeroen Ruigrok van der Werven
cdf08a837b Correct path for saver to reflect reality.
Submitted by:	Martin Faxer <gmh003532@brfmasthugget.se>
2002-04-06 18:02:52 +00:00
Hajimu UMEMOTO
7ae24d3f0d Now, you can specify "" or "NONE" for ipv6_network_interfaces to
prevent the interfaces from being initialized by /etc/rc.network6
wrongly.  So, you can explicitly initialize the interfaces by
/etc/pccard_ether.
With previous rc.network6, if you specify pccardd_flags="-z",
net.inet6.ip6.accept_rtadv was wronly set to 0, then RA was not
accepted.
2002-04-06 15:15:43 +00:00
Poul-Henning Kamp
193eadc319 Per discussion on current: Don't spam root with syslog messages. 2002-04-06 11:22:01 +00:00
Dima Dorfman
ceb03991ef Correct grammar(?) in comments.
PR:		36808
Submitted by:	Andrew Boothman <andrew@cream.org>
2002-04-06 09:28:37 +00:00
Alexey Zelkin
c1222b7e56 Add directories for pt_BR.ISO8859-1 locale 2002-04-05 14:58:03 +00:00
Gregory Neil Shapiro
5bcd1d05cf Add the missing hoststat and purgestat commands. These are normally
symlinks to the sendmail binary but in FreeBSD's case, they are
symlinks to mailwrapper.

Submitted by:	tisco
MFC after:	4 days
2002-04-05 04:25:14 +00:00
Gregory Neil Shapiro
619b80c4e6 Quoting Peter Wemm, "At great personal risk, touch the sendmail startup
again."

As an alternative to sendmail_enable=NONE, solve the boot time problem
for non-sendmail users completely by moving all of the sendmail startup
code from /etc/rc to /etc/rc.sendmail.  The source for that script will
be kept in src/etc/sendmail/rc.sendmail so make.conf's NO_SENDMAIL will
prevent it from being installed.  A new rc.conf variable,
mta_start_script specifies the script to run to start the user's
preferred MTA.  For backward compatibility, it will default to
/etc/rc.sendmail.  The specified script is called out of /etc/rc after
checking to make sure it exists.  A new rc.sendmail.8 man page has also
been added which now houses the sendmail_* variable descriptions
formerly in rc.conf.5.

Use /etc/rc.sendmail in /etc/mail/Makefile to reduce code duplication.

Reviewed by:	-current, -stable, obrien, peter, ru
MFC after:	1 week
2002-04-05 02:30:49 +00:00
Ruslan Ermilov
fffd793af9 Back out last commit. (This file is installed under /etc/mail.)
Requested by:	gshapiro
2002-04-04 07:42:12 +00:00
Ruslan Ermilov
b8aa2e2243 Use a relative path to contrib/sendmail/cf. 2002-04-04 07:18:29 +00:00
Doug Barton
41cf829909 The good news is that my initial PR was correct... the bad news is that I
was apparently smoking something when I committed the last fix, because as
ume was kindly enough to set me straight on, amd *will* start with no
arguments at all, as long as there is an /etc/amd.conf file for it to
read. What it won't do is start with *just* -p.

In any case, now it's fixed.
2002-04-01 18:33:45 +00:00
Bruce Evans
8fdb202d85 Support more than 32 sio unit numbers. The maximum unit number is now
(65536 * 32 - 1), but MAKEDEV only supports up to (32 * 32 -1).  Device
names use the unit number in base 32 for all "digits".

This required fixing an old bug in MAKEDEV:ttyminor().  Its arg was the
global $unit instead of $1.

Reminded by:	Valentin K. Ponomarenko <valka@krog.ukrtel.net>
MFC-after:	1 week
2002-03-31 09:15:43 +00:00
Gregory Neil Shapiro
278bc2896a Update the /etc/mail/Makefile "start" target code to match the new startup
logic and added a new set of targets for controlling the MSP queue runner
(start-mspq, stop-mspq, and restart-mspq).

Reminded by: Mark Santcroos <marks@ripe.net>
MFC after:	1 week
2002-03-28 03:30:27 +00:00
Gregory Neil Shapiro
4bfef13db0 Provide a way for users to completely prevent sendmail from trying to start
at boot time.

Instead of rc.conf's sendmail_enable only accepting YES or NO, it can now
also accept NONE.  If set to NONE, none of the other sendmail related
startup items will be done.

Remove an extra queue running daemon might be started that wasn't necessary
(it didn't hurt anything but it wasn't needed).

The new logic is:

# MTA
if ${sendmail_enable} == NONE
        # Do nothing
else if ${sendmail_enable} == YES
        start sendmail with ${sendmail_flags}
else if ${sendmail_submit_enable} == YES
        start sendmail with ${sendmail_submit_flags}
else if ${sendmail_outbound_enable} == YES
        start sendmail with ${sendmail_outbound_flags}
endif
# MSP Queue Runner
if ${sendmail_enable} != NONE &&
   [ -r /etc/mail/submit.cf] && ${sendmail_msp_queue_enable} == YES
        start sendmail with ${sendmail_msp_queue_flags}
endif

Discussed with: Thomas Quinot <Thomas.Quinot@Cuivre.FR.EU.ORG>,
		Christopher Schulte <schulte+freebsd@nospam.schulte.org>
MFC after:	1 week
2002-03-28 03:29:22 +00:00
David E. O'Brien
4ebfe536d8 Add a sample line for lukemftp. 2002-03-26 19:54:12 +00:00
Gregory Neil Shapiro
5d4e6c0c05 Fix typos
Noticed by:	Larry Rosenman <ler@lerctr.org>
2002-03-26 16:46:27 +00:00
Ruslan Ermilov
9f1207d517 Install sys/security/lomac/*.h to /usr/include/security/lomac/.
Install sys/<arch>/include/pc/*.h to /usr/include/machine/pc/.

PR:		docs/29534

Install sys/netatm/*/*.h to /usr/include/netatm/*/.

Don't install compatibility symlinks for <machine/soundcard.h>
and <machine/joystick.h>.  Three years is enough to be aware of
the change, and these weren't visible in the SHARED=symlinks
case.

Back out include/Makefile,v 1.160 that was a null change anyway
due to the bug in the path, and we now don't want to install
these headers because they would otherwise be invisible in the
SHARED=symlinks case.

Don't install IPFILTER headers.  Userland utilities fetch them
directly, and they were not visible in the SHARED=symlinks case.

Resurrect SHARED=symlinks in Makefile.inc1.

PR:		bin/28002

Prodded by:	bde
MFC after:	2 weeks
2002-03-26 16:05:14 +00:00
Ruslan Ermilov
19ef9c1630 Removed some redundant stuff that causes compilation warnings. 2002-03-26 13:00:03 +00:00
Ruslan Ermilov
2735cfee64 Switch over to using pam_login_access(8) module in sshd(8).
(Fixes static compilation.  Reduces diffs to OpenSSH.)

Reviewed by:	bde
2002-03-26 12:52:28 +00:00
David E. O'Brien
1004420008 Don't start any sendmail process in the back ground.
Requested by:	gshapiro
2002-03-26 02:38:08 +00:00
David E. O'Brien
0ef30ec620 Don't background the sendmail-clientmqueue process -- can give:
sm-queue[181]: NOQUEUE: SYSERR(root): fill_fd: before readcf: fd 1 not open: Bad file descriptor
2002-03-25 20:53:48 +00:00
David E. O'Brien
68141defd1 Sendmail can be slow to startup.
So start it in the background to speed up booting.
2002-03-22 23:45:13 +00:00
Gregory Neil Shapiro
68cbd14239 Instead of dealing with the endless requests to provide more DNS based
black lists in the default config, give a pointer to a non-static list.
I was convinced this was the right thing to do after getting a PR
asking to add ORBZ the day before ORBZ went off the air.

PR:		conf/35884
MFC after:	4 days
2002-03-22 06:40:26 +00:00
Dag-Erling Smørgrav
d221a687b8 Install moduli instead of primes 2002-03-21 21:44:03 +00:00
Dag-Erling Smørgrav
e516274c3e This commit was generated by cvs2svn to compensate for changes in r92894,
which included commits to RCS files with non-trunk default branches.
2002-03-21 21:43:25 +00:00
Dag-Erling Smørgrav
8b04ebcbfe Import OpenBSD's moduli file. 2002-03-21 21:43:25 +00:00
Gregory Neil Shapiro
aaf24e105d Use the proper terminology. 2002-03-21 06:09:20 +00:00
Dag-Erling Smørgrav
dde1888c4a Don't try to generate ssh keys if ssh isn't installed. 2002-03-19 03:45:02 +00:00
Crist J. Clark
5b7e37d2b7 IPFilter may need to be re-sync'ed even if we are not filtering, but
only doing ipnat(8). Go back to using $ipfilter_active, but turn off
$ipfilter_active when loading ipl.ko has failed.

Submitted by:	devet@devet.org (Arjan de Vet)
MFC after:	3 days
2002-03-19 01:56:04 +00:00
Warner Losh
c9ed81a16e Home Wireless Network Airway wireless card 2002-03-18 04:51:01 +00:00
Doug Barton
3f9ff585ed Make sure that rc.syctl gets its own version of positional parameters
Submitted by:	cjc
2002-03-18 00:56:51 +00:00
Doug Barton
c84f8c0e17 Distinguish between first and last passes of rc.sysctl, and only set
mibs whose values are not already what is specified in sysctl.conf.
2002-03-17 20:14:11 +00:00
Doug Barton
f7699dd6a4 Add a late rc.sysctl pass to catch sysctl's for things that were
not loaded yet on the first pass.

PR:		conf/19629
Submitted by:	Stephen J. Roznowski <sjr@home.com>
2002-03-17 08:38:03 +00:00
Doug Barton
4072b4a6a1 Answer the question posed in 1.126. amd won't start without either a
conf file, or command line options. I brought this up in PR 12432,
which (ironically) obrien assigned to me after I became a committer. :)

PR:		conf/12432
Submitted by:	Me
2002-03-17 07:35:51 +00:00
Mark Murray
5ad400ab91 Update for Perl 5.6.1 2002-03-16 21:41:09 +00:00
Mark Murray
d429f05204 Correct a comment; FreeBSD-4 --> FreeBSD-5. 2002-03-16 21:39:26 +00:00
Crist J. Clark
903163ac3e Only put standard FreeBSD directories in the PATH. If the
administrator wishes to run commands outside of the PATH, he should
use a full pathname for the executable or set the PATH as appropriate
in any local startup scripts.

PR:		misc/35770
2002-03-16 20:01:25 +00:00
Robert Watson
cd2cc2c1a8 Allow LOMAC to be loaded as part of the boot scripts using "lomac_enable"
setting in rc.conf.

Extracted from the still clammy hands of:	green
Sponsored by:	DARPA, NAI Labs
2002-03-12 21:47:31 +00:00
Robert Watson
2e1fc052bc No need to explicitly check for both cases when using grep -i. 2002-03-12 21:44:33 +00:00
Crist J. Clark
6abb238df8 Run dumpon(8) early so crashes during startup can be caught. In
addition, take out the checks on the $dumpdev. dumpon(8) behaves well
if given a non-existent filename. It gives a nice error message which
is better rather than the current silent failure.

Reviewed by:	des
2002-03-12 20:59:35 +00:00
Crist J. Clark
7a82d7421f The reload of ipf(8) rules should depend on $ipfilter_enable, not
$ipfilter_active. $ipfilter_enable is set to "NO" if modules fail to
load, and $ipfilter_active can be "YES" when we are not using ipf(8).

MFC after:	3 days
2002-03-12 20:25:25 +00:00
David E. O'Brien
3cbb824a64 Background the startup of `Amd', it often blocks on startup. 2002-03-12 01:04:35 +00:00
David E. O'Brien
ec6a10cd53 Why shouldn't amd always write its PID to a file?
Since I cannot answer that question, make it.
2002-03-12 01:01:53 +00:00
Robert Watson
cd9281b380 Update login failure checking to check auth.log instead of messages,
and teach it to look for more general classes of failures, including
SSH login failures.  This is similar but not identical to a patch
submitted by aeonflux@synapse.subneural.net.
2002-03-11 19:39:08 +00:00
Robert Watson
30d6457c9e Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by:	asmodai, aeonflux, green, ....
2002-03-11 19:34:57 +00:00
Robert Watson
0ec9497e58 Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
2002-03-11 19:26:29 +00:00
Crist J. Clark
1e1d598496 Don't protect savecore(8) from being run with a bad dumpdir
argument. Don't fail silently, but let savecore(8) make noise. It
won't behave badly, it doesn't need protection.

At the same time, allow the administrator to have dumpdev enabled
while dumpdir (savecore(8)) is disabled and document how to do it.

PR:		conf/35725
2002-03-11 08:47:02 +00:00
Crist J. Clark
a710c16edf Remove a mention of the worm(4) device that was missed when it was
removed from MAKEDEV in 1.171.

PR:		misc/35729
MFC after:	1 day
2002-03-10 22:34:56 +00:00
Robert Watson
179e0241ea /var/log/security gets almost no (if not no) activity on many FreeBSD
systems due to sshd not using the security log class.  Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.

Submitted by:	aeonflux@synapse.subneural.net
MFC after:	4 weeks
2002-03-10 15:20:36 +00:00
Dima Dorfman
2f1791f580 In the words of the submitter:
Kerberized CVS (kserver) listens on the same port as normal CVS
        (pserver).  In /etc/inetd.conf cvs kserver is disabled by default,
        but set to listen to the service port 'cvs' which doesn't exist.  It
        should listen to 'cvspserver'.

PR:		34317
Submitted by:	Sean Chittenden <sean@chittenden.org>
2002-03-09 04:55:35 +00:00
Nick Hibma
2d827ed272 Add an entry for coldsync, to facilitate synchronising a Handspring Visor
with FreeBSD.
2002-03-08 14:46:13 +00:00
David E. O'Brien
fc994f232c fix backwards spelling 2002-03-07 07:17:15 +00:00
Crist J. Clark
90bbf5454c Environmental variable was not being passed to a subshell as intended.
PR:		bin/35558
Submitted by:	Nicolas Rachinsky <list@rachinsky.de>
2002-03-05 19:13:05 +00:00
Warner Losh
78a30c40c2 Buffalo LPC3-CLT
Submitted by: TANAKA Tomohiko <tomo@oso.to>
PR: 34954
2002-03-05 05:51:30 +00:00
Warner Losh
8ad7b5c2c1 Fix Simple Tech STI-ATA
Submitted by: dwhite@paypal.com
PR: 34243
2002-03-05 05:48:32 +00:00
Warner Losh
cc076b2a5c US Robotics Wireless Card 2410
Submitted by: Jerry A! <jerry@thehutt.org>
PR: 33858
2002-03-05 05:44:28 +00:00
Dima Dorfman
1998c28f48 Redirect stdout of `ipf -y' to /dev/null. This removes a stray
"filter sync'd" in the middle of the boot output if IPFilter is
enabled, but does not hide any potential errors, which go to stderr.
2002-03-04 10:30:24 +00:00
Robert Watson
2d141f428e Fix typo. '|' looks a lot like 'l' in my xterm font. 2002-03-01 15:42:27 +00:00
Robert Watson
c34ccd0dea When having an expanded name for a class, use '|' instead if ':' to
seperate the short name and the long name.  This was present for most
but not all entries.  Because the parsing doesn't reject unrecognized
entries, this didn't cause failures, but it wasn't strictly correct.

Submitted by:	Martin Faxer <gmh003532@brfmasthugget.se>
MFC after:	2 weeks
2002-03-01 15:30:24 +00:00
Ruslan Ermilov
32564f75c8 Fixed a few typos. 2002-02-27 14:43:55 +00:00
Crist J. Clark
45c2f0c12b After getting IANA to fix a typo in their port assignments, add
some new IANA-blessed services and close some PRs. Ports for
Jabber and PostgreSQL.

PR:		conf/35219, conf/35220
Submitted by:	Sean Chittenden <sean@chittenden.org>
MFC after:	1 day
2002-02-26 02:36:49 +00:00
Gregory Neil Shapiro
d7bbec76f2 Make sure we don't remove /etc/mail/sendmail.cf on make clean since this
will break a running system during a buildworld.

Noticed by:	Alexandr Listopad <laa@laa.zp.ua>
MFC after:	1 week
2002-02-24 02:38:23 +00:00
Mitsuru IWASAKI
eac1840126 Use the regular expression form to solve the ambiguous card parameters
which have tailing spaces.
Some card entries had problem because of incorrect number of spaces.

Approved by:	imp
MFC after:	1 week
2002-02-23 16:38:45 +00:00
Crist J. Clark
b36cde4c79 Long overdue whitespace cleanup. To give yourself an idea of how
ugly it was,

  $ awk '/[[:space:]]$/ { sub(/$/,"\$"); print; }' /etc/services

On the previous revision. And that's only the trailing whitespace.
2002-02-23 11:59:42 +00:00
David E. O'Brien
04e7d65aeb The usage of 'newaliases' needs to be after we know for sure that /usr
is mounted.

Submitted by:	rizzo
2002-02-23 01:49:20 +00:00
David E. O'Brien
5158a0f59f The existing bazaar and site-specific policy in rc.diskless1 is Just Wrong;
and looks like no other Unix diskless configuration I've ever seen.
Thus allow a more traditional /etc.

Note, the use of an MFS /var should also be settable.
Otherwise installing ports(packages) is just a total PITA.
2002-02-22 19:05:22 +00:00
Crist J. Clark
5439c489f8 Bring rc.firewall{,6} more in line with the word and spirit of
rc.conf(5) and the files' inline documentation.

  - Add the "closed"-type, documented in both places, but which did not
    exist in the code.

  - When provided a ruleset, the system should not make any assumptions
    about the sites's policy and should add no rules of its own.

  - Make the "UNKNOWN" (documented in-line) actual work as advertised,
    load no rules.

Prodded by:	Igor M Podlesny <poige@morning.ru>
MFC after:	1 week
2002-02-21 13:14:19 +00:00
Hajimu UMEMOTO
2643a003d1 Delete a needless rule for DAD. An unspecified address is never used
as a destination address of IPv6 packets.

Submitted by:	cjc
MFC after:	1 week
2002-02-20 18:05:44 +00:00
Crist J. Clark
29c0f078e2 There is no reason to demand the administrator set 'natd_interface'
when running natd(8) out of the rc-files. It is perfectly valid for
the interface or alias address to be set in a natd(8) configuration
file, not on the command line. Also, loosen up the restrictions on
identifying an IP address argument in 'natd_interface.'

Fix the documentation, rc.conf(5), to reflect this change.

Take the bogus default for 'natd_interface' out of /etc/defaults/rc.conf.

MFC after:	3 days
2002-02-20 10:31:01 +00:00
Gregory Neil Shapiro
8448f2e2cf Turn FEATURE(relay_based_on_MX) off by default. It should not be used unless
absolutely necessary

Requested by:	peter
PR:		conf/33855
MFC after:	1 week
2002-02-17 23:38:16 +00:00
Gregory Neil Shapiro
feb15b97ab Add infrastructure for sendmail 8.12. If users are not starting a daemon
at boot (sendmail_enable=NO), a localhost-only daemon may started
(sendmail_submit_enable) as it is needed to accept mail from command line
submissions.  If this isn't desired, see etc/mail/README for more hints.

Optionally (sendmail_msp_queue_enable) start a queue runner for the
submission queue in case a daemon isn't available to accept command line
submitted mail at submission time.

Note that the syslog labels for all of these sendmail processes have been
uniquified for easier log parsing.
2002-02-17 22:19:14 +00:00
Gregory Neil Shapiro
5cd5c25e71 Add information about how the new sendmail set-group-ID mail submission
works and ways to work around common problems people might have.
Include information on reverting to a set-user-ID root sendmail binary in
case anyone really needs to do this.
2002-02-17 22:14:29 +00:00
Gregory Neil Shapiro
a8247f3a53 Don't build a submit.cf file if SENDMAIL_SET_USER_ID is set 2002-02-17 22:12:57 +00:00
Gregory Neil Shapiro
ab3e277c5c Add /var/spool/clientmqueue for 8.12's non-set-user-ID root mail submission 2002-02-17 22:11:41 +00:00
Gregory Neil Shapiro
9a63f27e11 Add new include/libmilter directory for libmilter (sendmail mail filter API)
include files
2002-02-17 22:10:56 +00:00
Gregory Neil Shapiro
910976f7b0 Add new build knob, SENDMAIL_SET_USER_ID, which installs sendmail as a
set-user-ID root binary instead of the new method (set-group-ID smmsp).
Therefore, we shouldn't install /etc/mail/submit.cf if it is set.
2002-02-17 22:09:15 +00:00
Gregory Neil Shapiro
742253f5fd Update for sendmail 8.12 which has a new OSTYPE(freebsd5)
Fix access_db usage for 8.12
2002-02-17 22:08:18 +00:00
Warner Losh
b3290f8139 Add Proxim RangeLAN-DS.
Submitted by: Matt Peterson <matt@peterson.org>
PR:	35057

Also update my note for the 3crwe737A after talking to Alan Clegg at BSDcon.
2002-02-17 20:05:39 +00:00
Crist J. Clark
412c2bb7c1 Remove check for sendmail.conf before even trying to start sendmail.
Checking for the existence of sendmail.cf is rather silly when someone
is using the mailwrapper(8) to run a mail daemon that is not actually
sendmail(8). It is also probably better to let sendmail(8) actually
try to start and error out if the administrator has
'sendmail_enable="YES"' but no sendmail.conf. At present, it would
fail silently.

Reviewed by:	gshapiro
MFC after:	2 days
2002-02-17 02:01:15 +00:00
Brian Somers
55ade43025 Set rc=1 rather than 0 so that setting daily_show_success=YES masks
the output of all goes well.

PR:		34825
Submitted by:	Valentin Nechayev <netch@netch.kiev.ua>
MFC after:	3 weeks
2002-02-13 19:10:07 +00:00
Maxim Konovalov
d60b85c4d7 Fix a typo in swat example.
Spotted by:	Sergey Osokin <osa@freebsd.org.ru>
Reviewed by:	ru
Approved by:	ru
MFC after:	1 week
2002-02-13 08:21:45 +00:00
Mark Peek
90e0035cca Install complete.tcsh and csh-mode.el into ${SHAREDIR}/examples/tcsh.
PR:		misc/34800 (from Steven Grady)
Submitted by:	phantom (patch)
MFC after:	3 days
2002-02-12 04:50:12 +00:00
Dima Dorfman
35fe8af95c crdup(9) is not a protocol.
PR:		34624
Submitted by:	John Nielsen <nielsenj@cs.byu.edu>,
		Hiten Pandya <hiten@uk.FreeBSD.org>
2002-02-10 08:19:58 +00:00
John Baldwin
bffd6ef83d Fix MAKEDEV for RocketPort (rp(4)) cuaR* and ttyR* to work with the
updated driver.  The newer driver in current outputs a version string
that contains a space, so we need to eat two words in between RocketPortX
and the number of ports on the board.
2002-02-09 21:16:54 +00:00
Dag-Erling Smørgrav
1f3030b053 Add missing "nullok" option to pam_unix. 2002-02-08 23:27:22 +00:00
Crist J. Clark
36a48df48e peter points out that we probably should not mess with the sysctl(8)
values at all if they are not purposefully set. What if the
administrator messed with them in /etc/sysctl.conf? We don't want to
overwrite them.

If 'log_in_vain' is zero, do not force the issue. If it is non-zero,
set it.
2002-02-08 13:25:33 +00:00
Mark Murray
adb79039fd Enable TCP_WRAPPERs for the NIS server. The protection afforded is
not massive, but usable.
2002-02-06 20:39:36 +00:00
Hajimu UMEMOTO
9785aaf1b3 Install PROTO.localhost-v6.rev. Umm, it seems namedb/Makefile
is not used.
2002-02-06 04:57:25 +00:00
Hajimu UMEMOTO
232b0e36b5 Install PROTO.localhost-v6.rev.
Reported by:	Scott Allendorf <scott-allendorf@uiowa.edu>
Forgot by:	me (ume)
2002-02-06 04:46:07 +00:00
Sheldon Hearn
4155ccefee Add the MTA users 'mailnull' and 'smmp'.
PR:		conf/34535
Submitted by:	Ceri <setantae@submonkey.net>
MFC after:	1 week
2002-02-04 15:12:06 +00:00
Yoshihiro Takahashi
f25125064b Use MACHINE_ARCH instead of MACHINE to check i386 arch.
MFC after:	3 days
2002-02-04 12:50:52 +00:00
Dag-Erling Smørgrav
34cab37003 Add pam_self(8) so users can login(1) as themselves without authentication,
pam_login_access(8) and pam_securetty(8) to enforce various checks
previously done by login(1) but now handled by PAM, and pam_lastlog(8) to
record login sessions in utmp / wtmp / lastlog.

Sponsored by:	DARPA, NAI Labs
2002-01-30 19:13:23 +00:00
Dag-Erling Smørgrav
86f01a8b27 Use pam_self(8) to allow users to su(1) to themselves without authentication.
Sponsored by:	DARPA, NAI Labs
2002-01-30 19:04:39 +00:00
Bruce Evans
f52150f696 Added this makefile. This is not attached to the build yet. I often
install parts of /etc manually and it helps to have a makefile for
each subdir even if the main makefile doesn't invoke it.
2002-01-30 09:27:03 +00:00
MIHIRA Sanpei Yoshiro
8aa32802b9 By commit of usr.sbin/pccard/pccardd/cardd.c at Nov 29 (Dec
10 in -STABLE), pccardd's string comparison between
pccard.conf's entry and PC card's CIS tupple became strict
matching.

As influences of this commit, some PC cards don't work since
some /etc/default/pccard.conf's card identifiers entries are
incorrectly described.

  - Lexar Media compact flash
  - IO DATA CBIDE2 in 16 bit mode
  - TOSHIBA Portable 24X Speed CD-ROM Drive PA2673UJ
  - Hewlett Packard M820e (CD-writer)

Update these card configs.

PR:		33815
Obtained from:	[bsd-nomads:16128]
2002-01-29 21:17:05 +00:00
Ruslan Ermilov
ec5e499155 Tidy up gecos field for `bin'. 2002-01-29 14:00:03 +00:00
Sheldon Hearn
1887ffe3ca Uncomment kserver-adm, which is IANA-sanctioned and has no apparent
conflicts.

PR:		conf/34316
Submitted by:	Sean Chittenden <sean@chittenden.org>
MFC after:	2 weeks
2002-01-29 12:28:51 +00:00
Warner Losh
9fecc8d840 Add Linksys Instant Wireless WPC11 v2.5
Submitted by: eliedtke@apogeetelecom.com
2002-01-29 05:15:56 +00:00
Crist J. Clark
7fc6e2f775 Put a complete set of pppd(8) sample configuration files in
/usr/share/examples/pppd.

Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.

Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.
2002-01-29 01:10:47 +00:00
Crist J. Clark
76f10508d4 Put a complete set of pppd(8) sample configuration files in
/usr/share/examples/pppd.

Update pppd(8) documentation to reflect this, usr.sbin/pppd/pppd.8.

Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.

Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.

The files from etc/ppp, ppp.shells.sample and ppp.deny, were moved
with a repo copy. Note it in the logs with a forced commit to these
two.

Submitted by:	Maxim Konovalov <maxim@macomnet.ru> provided the new samples.
2002-01-29 00:23:35 +00:00
Sheldon Hearn
3e38757beb Register amd's dependency on NFS.
This change was submitted to the freebsd-audit mailing list for review
but received no feedback.  Hindsight-enabled reviews are welcome.

PR:		conf/31358
Submitted:	Thomas Quinot <thomas@cuivre.fr.eu.org>
2002-01-28 11:05:01 +00:00
Warner Losh
a5959e20bf Add ADLINK340C wireless card mentioned in nomads.
# This card has the same PCMCIA and OEM id as ELSA XI300 wireless card, which
# appears to be listed elsewhere in this file.

Submitted by: Abe Toshiaki-san <ans@sun-tec.co.jp>
MFC After: 5 days
2002-01-28 04:46:20 +00:00
Crist J. Clark
f44609fe71 Make the rc.conf(5) 'log_in_vain' knob an integer.
Try this out in -CURRENT, MFC, and then consider dropping the
'log_in_vain' knob all together. It really is something for
sysctl.conf(5).

PR:		bin/32953
Reviewed by:	-bugs discussion
MFC after:	1 week
2002-01-26 09:05:13 +00:00
Dag-Erling Smørgrav
c84317d7ad Add local/share/java/classes, local/share/sgml, local/share/xml
Approved by:	ru, silence on -ports
MFC after:	1 week
2002-01-23 13:02:16 +00:00
Hajimu UMEMOTO
fc50a44458 Do not taint ::/124 for localhost reverse table. 2002-01-22 17:22:41 +00:00
Ruslan Ermilov
322628519e Reincarnate SETUID code in man(1), not compiled in by default.
The code will be fixed for all known security vulnerabilities,
and a make.conf(5) knob (ENABLE_SUID_MAN) will be provided for
those who still want it installed setuid for whatever reasons.
2002-01-22 15:15:38 +00:00
Dag-Erling Smørgrav
ae739ec469 Enable OPIE by default, using the no_fake_prompts option to hide it from
users who don't wish to use it.  If the admin is worried about leaking
information about which users exist and which have OPIE enabled, the
no_fake_prompts option can simply be removed.

Also insert the appropriate pam_opieaccess lines after pam_opie to break
the chain in case the user is logging in from an untrusted host, or has a
.opiealways file.  The entire opieaccess / opiealways concept is slightly
unpammish, but admins familiar with OPIE will expect it to work.

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:51:24 +00:00
Dag-Erling Smørgrav
819a142080 Really back out ache's commits. These files are now precisely as they were
twentyfour hours ago, except for RCS ids.
2002-01-19 18:29:50 +00:00
Andrey A. Chernov
0b836dfaf1 Back out recent changes 2002-01-19 18:03:11 +00:00
Andrey A. Chernov
3bfbfd1770 Turn on pam_opie by default. It should not affect non-OPIE users. 2002-01-19 10:31:32 +00:00
Andrey A. Chernov
a0fc79c334 Turn on pam_opie by default. It not affect non-OPIE users 2002-01-19 09:06:45 +00:00
Andrey A. Chernov
e04359cdac Previous commit was incomplete, use
"[default=ignore success=done cred_err=die]"
options instead of "required"
2002-01-19 08:39:35 +00:00
Warner Losh
b5bbbc47b7 Add flags 0x10000 to IO Data WN-B11/PCM's entry. Evidentally, they
changed firmware and the new cards don't work without this.

Submitted by: ume
MFC after: 3 days
2002-01-19 08:11:39 +00:00
Andrey A. Chernov
2bda025221 Remove explaining comment and pam_unix commented out, now pam_unix can be
chained with pam_opie
2002-01-19 07:32:47 +00:00
Andrey A. Chernov
a3643aa542 Change comment since fallback provided now not by ftpd but by pam_opie 2002-01-19 03:35:39 +00:00
Warner Losh
69e4f572e4 Add:
Accton airDirect WN3301
	Melco WLI-CF-S11G
	GeoWave GW-NS11S

Submitted by: Shigeru Ishida-san on bsd-nomads (16142,16143,16144)
2002-01-18 03:49:03 +00:00
Joerg Wunsch
3d7abf4c86 Re-add a call to "camcontrol rescan" after insertion of an aic pccard.
We now do it as a "camcontrol rescan all" which is something ken
promised to implement; for the time being it's not worse than the old
"camcontrol rescan $device" which ended up in something like
"camcontrol rescan aic1".  Currently, camcontrol misinterprets the
third non-numeric arg as number 0, and rescans bus 0, which is about
the best we could get at this time.

Approved by:	imp
MFC after:	1 week
2002-01-17 20:38:04 +00:00
Robert Watson
012ccf288b o Improve the line-wrapping of additional comments, some of which appeared
to be wrapped around 60, others around 40 columns.
2002-01-17 00:10:28 +00:00
Robert Watson
4420bc6773 o Remove a somewhat less comprehensible comment about modifying /etc/rc.
o Improve line-wrapping of another comment for consistency.
2002-01-17 00:08:44 +00:00
Bruce Evans
e9f83ca347 Added this makefile. This is not attached to the build yet. I often
install parts of /etc manually and it helps to have a makefile for
each subdir even if the main makefile doesn't invoke it.
2002-01-16 12:18:22 +00:00