Commit Graph

5519 Commits

Author SHA1 Message Date
Alexander Motin
401f21aece Remove periodic script for ataraid(4) and add instead script for graid(8). 2013-04-04 15:03:12 +00:00
Ed Maste
4f2dc3d723 Format per etc/mtree/README
- Spaces instead of tabs
- Sort some i18n entries
2013-04-01 17:15:04 +00:00
Andriy Gapon
3ee030e1e9 rc.subr: disabling globbing while processing devfs rules
The rules themselves typically have shell-like patterns and it is
incorrect when they get replaced with matching filesystem entries.

Shell magic by:	jilles
MFC after:	2 weeks
2013-03-28 08:13:52 +00:00
Jilles Tjoelker
7f16286cd1 rc.d/sysctl: Fix error messages about unknown OIDs.
There are three situations where the sysctl script is called:
1. "start", very early
2. "lastload", near the end of rc
3. "reload", at admin request while the system is booted

Ignore unknown OIDs in situation 1 because kernel modules may not be loaded
yet and complain about them in situations 2 and 3.

PR:		conf/174595
Submitted by:	Olivier Smedts
2013-03-22 20:12:25 +00:00
Colin Percival
953bb3854c Fix typo in previous commit: Exit if */dev/dumpdev* does not exist, not if
*/bin/realpath* does not exist...

Submitted by:	markj
Pointy hat to:	cperciva
2013-03-19 05:08:25 +00:00
Colin Percival
510a7a8624 If dumpdev is AUTO but no dump device has been set -- i.e., there is no swap
space configured for rc.d/dumpon to designate for dumping -- then exit
silently rather than with a
> realpath: /dev/dumpdev: No such file or directory
error message.

An argument could be made that we should print a (more informative) warning
message; but given that under the same conditions the rc.d/dumpon script will
already print a
> No suitable dump device was found
warning, it seems that printing an additional
> Dump device does not exist.  Savecore not run.
warning would be superfluous.
2013-03-19 04:42:04 +00:00
Neel Natu
4e34ce3e13 Add bhyve to examples.
Requested by: alfred, julian
Obtained from:	NetApp
2013-03-18 23:46:14 +00:00
Antoine Brodin
95a108e887 Finish portalfs removal. 2013-03-10 17:33:41 +00:00
Colin Percival
7f33ac6697 Now that stable/7 is EOL, stop building INDEX-7.
MFC after:	1 week
2013-03-07 20:48:36 +00:00
Jens Schweikhardt
5e1a43a84f Comment cosmetics: capitalize SCSI
Fix some hard tabs in the wrong place.

MFC after:	2 weeks
2013-03-02 18:08:03 +00:00
Dag-Erling Smørgrav
55de4cd6fe If rtadvd_interfaces is set to "none", start rtadvd without listing
any interfaces on the command line.

MFC after:	1 week
2013-02-25 17:07:42 +00:00
Andrey A. Chernov
69b23515b5 Back out prev. change preventing /sys/sys symlink. It appears my install
was not very recent and not acts like 'ln -h'
2013-02-22 19:57:18 +00:00
Andrey A. Chernov
312c5e1aeb In 'make hierarchy' don't install /sys/sys pointing to usr/src/sys
but just /sys pointing there
2013-02-17 13:06:59 +00:00
Jung-uk Kim
835ef82e3b Revert r227528 and r227787. This hack is no longer necessary since r233580. 2013-02-15 22:58:44 +00:00
John Baldwin
0895e9c70c Install <dev/agp/agpreg.h> and <dev/pci/pcireg.h> as userland headers
in /usr/include.

MFC after:	2 weeks
2013-02-05 18:55:09 +00:00
Dag-Erling Smørgrav
2a31bde3cd Load the pfsync module if necessary.
Reviewed by:	glebius@
MFC after:	1 week
2013-02-05 12:18:39 +00:00
Hajimu UMEMOTO
e695500d3c Use the default policy table of RFC 6724.
MFC after:	1 weeks
2013-02-02 18:08:09 +00:00
Brooks Davis
8caedc2a57 When adding the directory ownership to the METALOG do it by name rather
than number as is done in install so as to differ binding of names to
ids.

Remove the -W flag from the mtree command so that the correct user and
group is recorded rather than the default.
2013-01-30 17:39:43 +00:00
Brooks Davis
64dc091fdd Log the addition of login.conf.db, passwd, pwd.db, and spwd.db via cat -l.
Make cat a bootstrap tool to facilitate this.
2013-01-29 22:17:58 +00:00
Neel Natu
0de8cf6314 Increase the "memorylocked" limit for the "daemon" class.
amd(8) requires more than the 64MB that is currently available to it so bump
it up to 128MB.

Reviewed by:	kib
Discussed with:	avg, kib, zont
2013-01-27 21:55:01 +00:00
Brooks Davis
4a63ae1150 Introduce a new option -DNO_ROOT that allows install and distribution
targets to be run without root privilege.

Information about ownership, group, flags, and suid bits are stored in
the file specified by METALOG which defaults to ${DESTDIR}/METALOG.
This file can be used in conjunction with bsdtar or makefs to generate
archives or file system images with correct permissions.

The packageworld target has been altered to use this metadata allowing
non-root releases (subject to further changes in release/Makefile.)

Sponsored by:	DARPA, AFRL
Reviewed by:	ian, ray
2013-01-22 21:10:03 +00:00
Brooks Davis
12dd8cb14c Replace all known uses of ln in the build process with appropriate
install -l invocations via new INSTALL_LINK and INSTALL_SYMLINK
variables.

Sponsored by:	DARPA, AFRL
Reviewed by:	ian, ray, rpaulo
2013-01-21 22:40:39 +00:00
Brooks Davis
dbc6339b41 In r245571, "rm -rf <foo>; ln -s <bar> <foo>" needed to be replaced with
"ln -sfh <bar> <foo>" or the links would fail when a valid link to a
directly was in place at <foo>.

Reported by:	peter
Tested by:	peter
Pointy hat to:	brooks
2013-01-17 23:05:03 +00:00
Brooks Davis
62bc689aa6 In preparation for logging metadata about each filesystem object
refactor the link section of distrib-dirs to alwasy install to a full
path (the link contents remain relative as they should).

Eliminate the use of the "rm -r[f] <foo>; ln -s <bar> <foo>" pattern in
favor of "ln -sf <bar> <foo>".  None of these links could be directories
on a system installed in the last decade.

Sponsored by:	DARPA, AFRL
Reviewed by:	mtree
2013-01-17 20:21:30 +00:00
Brooks Davis
75534bda19 Rework the mtree portion of etc/Makefile's distrib-dirs target to run
mtree in a shell loop so there is only one mtree commandline.  Move the
implementation of LOCAL_MTREE into etc/Makefile.

Sponsored by:	DARPA, AFRL
Reviewed by:	mtree :)
2013-01-17 18:32:30 +00:00
Bjoern A. Zeeb
4f22608e54 Add a conditional sleep 1 in case we add any IPv6 addresses to interfaces.
Do this per jail started, not per address.  This will allow DAD to complete
and services to properly start.   Before we have seen problems with services
trying to start before the IPv6 address was available to use and thus
erroring and failing to start.

MFC after:	3 days
2013-01-17 01:27:39 +00:00
Brooks Davis
f402e53940 According to the notes in ObsoleteFiles.inc we last installed section
1aout manpages in 2002.  Stop making the directories and links to them.
2013-01-16 23:16:41 +00:00
Brooks Davis
41a8e2231d Add an option DB_FROM_SRC to use src/etc's user/group databases when
installing.  This allows things like running installworld for 10-CURRENT
on a 9.0-RELEASE system without adding extra users and groups to the
passwd and group files.

To prevent potentially risky uid/gid mismatches on systems with
non-standard local values, require that DESTDIR be set if DB_FROM_SRC is
set.

Sponsored by:	DARPA, AFRL
Reviewed by:	peter
2013-01-15 00:12:34 +00:00
Brooks Davis
0fc1aae5e2 Revert r245316. Systems with non-standard uids/gids are more prevalent
that I'd feared.  Discussion is ongoing about the scope of a safer
solution.
2013-01-11 23:44:35 +00:00
Brooks Davis
7ee2bf94f7 Use the -N option to install and nmtree to eliminate the need for the
checks for missing users and groups.

Sponsored by:	DARPA, AFRL
2013-01-11 23:08:19 +00:00
Steven Hartland
7ef204a2a9 Allow perl scripts to be used in rc.d scripts
PR:		conf/117027
Reviewed by:	pjd (mentor)
Approved by:	hrs
MFC after:	2 weeks
2013-01-10 11:08:22 +00:00
Peter Wemm
060e82fc34 Not using the full domain was a really bad idea. 2013-01-06 19:25:42 +00:00
Erwin Lansing
8604d7559a Update with new IPv4 address for D root.
Approved by:	delphij (mentor)
2013-01-04 09:15:59 +00:00
Gregory Neil Shapiro
83afcb6417 Minor changes to force commit these files so new freebsd*.cf files are
built to use the new sendmail-8.14.6/cf tree.

While here, update DNSBL link once again.

MFC after:	4 days
2012-12-29 20:42:28 +00:00
Gregory Neil Shapiro
f20a1a6e26 Add missing closing quote on commented out example
PR:		bin/174108
Obtained from:	Julian H. Stacey
MFC after:	1 day
2012-12-29 19:57:52 +00:00
Hajimu UMEMOTO
1e2c3a2917 Fix location of /var/audit/dist and /var/audit/remote.
Note that those who did installworld after r243752 should
remove wrongly created /var/dist and /var/remote.

Reviewed by:	pjd
2012-12-28 10:42:01 +00:00
Mark Johnston
0191c2dfa8 Don't reload syslogd after rotating sendmail.st, as this file isn't
managed by syslogd.

PR:		conf/169973
Approved by:	rstone (co-mentor)
MFC after:	1 week
2012-12-20 23:18:36 +00:00
Baptiste Daroussin
203d428e21 make installation of the 220.backup-pkgdb periodic script depend on PKGTOOLS
knob
2012-12-20 11:39:20 +00:00
Andrey Zonov
b944c830ba - Set memorylocked limit to 64Kb for default login class.
This prevents unprivileged users to lock too much memory.
- Set memorylocked limit to 64Mb for daemon login class.
  Some daemons such as amd(8) and watchdogd(8) calls mlockall(2) on
  startup, they are run from init(8) which uses daemon login class.
- Set memorylocked limit to unlimited for root login class.

Suggested by:	avg
Approved by:	kib (mentor)
MFC after:	1 week
2012-12-18 07:27:50 +00:00
Pawel Jakub Dawidek
11631ad0d6 Use new savecore(8) option and limit number of kernel dumps that will
be kept around to the 10 most recent ones.

Add UPDATING entry with info how to return to the previous behaviour (no
limits).

Obtained from:	WHEEL Systems
2012-12-16 23:29:56 +00:00
Hans Petter Selasky
0d8a95f1b8 Regenerate usb.conf
MFC after:	1 week
2012-12-15 10:56:16 +00:00
Pawel Jakub Dawidek
349d039bdb - When checking if a dump exists on the given device there is no need to
provide dump directory. Eliminate this redundant argument. This changes
  the usage, but the only risk here is that a warning will be printed
  about directory given as device.

- Update usage of -C option.

- When clearing dump header from the given device there is also no need to
  provide dump directory, although additional arguments for -c were not
  documented.

- Document that -v can be used with -c and that list of devices can be given.

Obtained from:	WHEEL Systems
2012-12-14 15:12:08 +00:00
Xin LI
da178c777f Teach sysctl(8) about parsing a file (while I'm there also give it
capability of parsing both = and : formats).

Submitted by:	hrs (initial version, bugs are mine)
MFC after:	3 months
2012-12-13 23:32:47 +00:00
Pawel Jakub Dawidek
33da94038e Fix the location of auditdistd configuration file.
Reported by:	Johan Hendriks <joh.hendriks@gmail.com>
2012-12-13 09:41:32 +00:00
Xin LI
c68dd1cf0f Sync pf.os with OpenBSD:
add a handful of linux signatures from p0fv2 and some other
signatures from observation.

MFC after:	2 weeks
2012-12-10 20:52:52 +00:00
Adrian Chadd
2f760a0455 Add a new 900MHz GSM regulatory SKU for the Xagyl Communications XC900M.
The XC900M acts as a Ubiquiti XR9 (and I _think_ SR9) by default;
it uses the same 900MHz<->2.4GHz downconverter mapping.

However it has an alternative frequency mapping which squeezes in a couple
more half/quarter rate channels.  Since the default HAL doesn't support
fractional tuning (sub-1MHz) in 2.4GHz mode on the AR5413/AR5414, they
implement it using a jumper.

Datasheet: http://www.xagyl.com/download/XC900M_Datasheet.pdf

Thankyou to Xagyl Communications for the XC900M NICs and Edgar Martinez
for organising the donation.

Tested:

* XC900M <-> XC900M
* Ubiquiti XR9 <-> XC900M

TODO:

* Test against SR9 and GZ901 if possible (the IEEE channel<->frequency
  mapping may not match up, thanks to the slightly different channels
  involved)
2012-12-07 06:34:46 +00:00
Eitan Adler
01d9852a4d Remove hack to emulate effective uid and just use the EUID's name in the
first place.  I was unaware of this option when originally committing
this change.

Submitted by:	gcooper
Approved by:	cperciva
MFC after:	3 days
2012-12-05 13:56:39 +00:00
Robert Watson
16648b4fff Merge a number of changes required to hook up OpenBSM 1.2-alpha2's
auditdistd (distributed audit daemon) to the build:

- Manual cross references
- Makefile for auditdistd
- rc.d script, rc.conf entrie
- New group and user for auditdistd; associated aliases, etc.

The audit trail distribution daemon provides reliable,
cryptographically protected (and sandboxed) delivery of audit tails
from live clients to audit server hosts in order to both allow
centralised analysis, and improve resilience in the event of client
compromises: clients are not permitted to change trail contents
after submission.

Submitted by:	pjd
Sponsored by:	The FreeBSD Foundation (auditdistd)
2012-12-01 15:11:46 +00:00
Hans Petter Selasky
6f786dc92b Regenerate usb.conf
MFC after:	1 week
2012-11-28 18:37:20 +00:00
Gleb Smirnoff
3fc38dbfb8 Fix typo in weekly line which made it to rotated after reaching > 1 Kb.
PR:		conf/173857
Submitted by:	Matt Smith <matt xtaz.co.uk>
2012-11-26 19:42:38 +00:00