d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
76,529 Commits 6 Branches 133 Tags 2.6 GiB
4d2f0addb4
Commit Graph

3309 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
677fccffa4 Previous commit was just a tad too hasty, the sshd peudo-user's home 
directory should be /var/empty.
 2002-06-23 20:46:44 +00:00
Dag-Erling Smørgrav
9b4e71b270 Add /var/empty for the OpenSSH privsep code. 2002-06-23 20:44:19 +00:00
Dag-Erling Smørgrav
04b681a999 Add an sshd user and group for the OpenSSH privilege separation code. 2002-06-23 20:41:06 +00:00
Brian S. Dean
415c05a038 Create sendmail required directories if sendmail is enabled. 2002-06-22 19:44:25 +00:00
Doug Barton
032c8774fa Hone the rpcbind dependency checking. 
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
 2002-06-21 19:50:01 +00:00
David E. O'Brien
85283ff45d This commit was generated by cvs2svn to compensate for changes in r98576, 
which included commits to RCS files with non-trunk default branches.
 2002-06-21 19:07:21 +00:00
David E. O'Brien
be026881b1 Sync with NetBSD's mainline. 2002-06-21 19:07:21 +00:00
Ruslan Ermilov
072f6798f8 Make NO_OPENSSL actually imply NO_OPENSSH, as documented in make.conf(5). 2002-06-21 08:54:03 +00:00
Doug Barton
5271c18857 Anonymize the "portmap" program to get better compatibility with 
rpcbind in -current.

Submitted by:	Alexander Kabaev <ak03@gte.com>
 2002-06-20 08:49:44 +00:00
Dag-Erling Smørgrav
bc39792308 We don't use this any more. 
Sponsored by:	DARPA, NAI Labs
 2002-06-19 20:01:25 +00:00
Dag-Erling Smørgrav
bb151ea158 Enable OPIE for sshd and telnetd. I thought I'd done this a long time 
ago...

Sponsored by:	DARPA, NAI Labs
 2002-06-19 20:00:43 +00:00
Doug Barton
b992dc7565 Another good suggestion from Bruce, only create links if the 
file doesn't exist already.
 2002-06-19 05:35:16 +00:00
Gordon Tetlow
54f43a77ca Fix a typo in the named startup options 
Submitted by:	sheldonh@
 2002-06-18 19:42:37 +00:00
Doug Barton
b94048f0ec Do vidcontrol -m on after starting moused for a usb mouse. 
PR:		conf/39125
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
Not objected to by: -current and -hackers
 2002-06-18 07:50:16 +00:00
Doug Barton
a1aa5c8053 Should have paid more attention to the PR. Update (improve?) the examples 
by doing them in /dev/, and provide more than just the one example.

Submitted by:	bde (for the ideas, blame for mistakes is mine)
 2002-06-18 07:33:56 +00:00
Doug Barton
02010b74b4 Only create symlink if /dev/ttyv0 exists. 
PR:		misc/39381
Submitted by:	Dirk-Willem van Gulik <dirkx@covalent.net>
 2002-06-18 07:14:43 +00:00
Doug Barton
e5f35c947b Try handling lack of syscons (for diskless boot, or other) by 
testing for the presence of /dev/ttyv0.

PR:		misc/39351
Submitted by:	Dirk-Willem van Gulik <dirkx@covalent.net>
 2002-06-16 20:59:16 +00:00
Gordon Tetlow
576ed0de29 Make sendmail really not start when sendmail_enable="NONE" 
Submitted by:	Dennis Kristensen <snicki@snicki.dk>
Reviewed by:	Mike Makonnen <makonnen@pacbell.net>
 2002-06-15 18:39:05 +00:00
Gordon Tetlow
825bb04125 Add the final bits that allow the use of rc.d. Note that you can toggle 
between rc.d and the classic boot scripts based on the rcng variable in
your rc.conf. Defaults to classic boot scripts.

Submitted by:	Mike Makonnen
 2002-06-13 22:30:02 +00:00
Gordon Tetlow
2952767837 Add a couple of variables for rc.d 
Submitted by:	Mike Makonnen
 2002-06-13 22:27:31 +00:00
Gordon Tetlow
dde7cef3d2 Hook rcorder and rc.d into the build. 
Submitted by:	Mike Makonnen
 2002-06-13 22:26:15 +00:00
Gordon Tetlow
64deb069a9 Bring this up to date with the latest NetBSD bits. Also add some bits of 
our own.

Submitted by:	Mike Makonnen
Reviewed by:	silence on -current and -hackers
 2002-06-13 22:19:42 +00:00
Gordon Tetlow
27bc1b287e Merge in all the changes that Mike Makonnen has been maintaining for a 
while. This is only the script pieces, the glue for the build comes next.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
Reviewed by:	silence on -current and -hackers
Prodded by:	rwatson
 2002-06-13 22:14:37 +00:00
David E. O'Brien
8777223029 Change our default XF86Config location from /etc/ to /etc/X11/, 
following the lead of The XFree86 Project's default.

Approved by:	Murray
 2002-06-10 04:47:26 +00:00
David E. O'Brien
ac3f21b185 We want to play osterage and stick our heads in the sand and ignore things. 
Requested by:	jhb
 2002-06-04 22:26:11 +00:00
David E. O'Brien
499cc75ee2 ntpdate(1) is depreciated. 2002-06-04 21:25:41 +00:00
Takeshi Shibagaki
e5f0e62f96 Add new entry PLANEX GW-NS11H(PRISM3.0). 
Submitted by [bsd-nomads:16322] Yasufumi Susuki <yasu@triaez.kaisei.org>
 2002-05-29 21:16:51 +00:00
Peter Wemm
148c11ac62 Update g++ include subdirs 2002-05-29 00:46:33 +00:00
Warner Losh
51cf186eab Correct US Robotics Wireless Card 2410 entry 2002-05-24 15:28:38 +00:00
Gregory Neil Shapiro
34925ba6f7 Add a new make.conf knob, SENDMAIL_MAP_PERMS, which specifies the 
permissions to use for alias and map database files built by
/etc/mail/Makefile.  The default is 0640 to assist users in avoiding
a file locking local denial of service.

MFC after:	1 day
		pending RE approval
 2002-05-24 01:46:39 +00:00
Gregory Neil Shapiro
519c4f1816 Change the default permissions for the sendmail statistics file to 0640 
instead of 0644 to help protect users against a file locking local
denial of service.

MFC after:	1 day
		pending RE approval
 2002-05-24 01:44:53 +00:00
Gregory Neil Shapiro
b9888709dd Add a warning regarding localhost-only listening daemons inside jails. 
Apparently binding only to 127.0.0.1 inside of a jail actually binds
to the jail IP address as well (in effect, bind to all available
interfaces in the jail).

Submitted by:	Helge Oldach <test-smtp@oldach.net>
MFC after:	1 day
		pending RE approval
 2002-05-22 16:37:32 +00:00
Ruslan Ermilov
37d1dbf01d Build sccs(1) docs. 2002-05-22 11:55:47 +00:00
Ruslan Ermilov
0c2fe74da8 Added share/doc/[pu]sd entries. 
Reviewed by:	grog
 2002-05-22 10:38:25 +00:00
Gregory Neil Shapiro
b943c00ef4 There are still many broken nameservers out there in the wild. Even 
though I would personally prefer to see the broken nameservers fixed
instead of standards compliant applications work around them, I can't
force FreeBSD users to help fight that battle.

Submitted by:	Damon Anton Permezel <dap@damon.com>
MFC after:	2 days
		pending RE approval
 2002-05-21 02:02:23 +00:00
Gordon Tetlow
e21fb30dce Explictly set kerberos_stash to NO instead of blank. While we are at it, 
fix a comment that suggested setting ipv6_ipv4mapping to blank. This
will aid in merging with rcng which requires all veriables to be
explicitly set.

Submitted by:	Mike Makonnen
MFC after:	1 week
 2002-05-20 05:26:44 +00:00
Mark Murray
ccde38c38d Remove Perl and TCL/TK bits, neither of which are in the base system 
(anymore).
 2002-05-18 14:27:17 +00:00
Ruslan Ermilov
7662944182 Sigh, this README is not a shell script. 2002-05-18 12:37:19 +00:00
Ruslan Ermilov
0db47a7c6c Remind developers to update hier(7) if they make changes to these files. 2002-05-18 12:35:10 +00:00
David E. O'Brien
2582d4d13f We haven't needed libg++ since 1999-04-04 (pre 4.0). 2002-05-18 05:38:31 +00:00
Gordon Tetlow
6395b411cb Fix the order of shutdown scripts so it not only reverses the order of the 
files in each ${local_startup} directory, it also reverses the order of the
directories.

Suggested by:	jhb
Reviewed by:	jake
Approved by:	dougb
MFC after:	1 week
 2002-05-18 00:26:10 +00:00
Brian Somers
9e280368ad Temporarily change our umask to 066 so that the potential creation 
of wtmp.0 is done as mode 600.

This ensures that tight permissions set in /etc/newsyslog.conf for
wtmp logging aren't ``betrayed''.

Suggested by:	lumpy <lumpy@the.whole.net>
MFC after:	3 days
 2002-05-17 14:05:08 +00:00
Brian Somers
740b91b560 Change `dmesg -a'' to `dmesg''. 
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.

However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.

MFC after:	3 days
 2002-05-17 13:38:36 +00:00
Brian Somers
db1d04d6d9 Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp} 
Problem reported by:	lumpy <lumpy@the.whole.net>
MFC after:		3 days
 2002-05-17 11:34:12 +00:00
Brian Somers
afa3985979 Return 3 unless $daily_status_security_enable != YES. 
Returning $? masks security output when ``periodic security'' is successful !

MFC after:	3 days
 2002-05-17 11:31:45 +00:00
Mark Murray
f365887c6c No need to build perl dirs anymore. 2002-05-16 09:29:40 +00:00
Ruslan Ermilov
f82979375c MF4: sync with RELENG_4 version as much as possible. 2002-05-16 08:06:07 +00:00
Tom Rhodes
db4f576472 Consistancy, file system > filesystem 2002-05-16 02:10:03 +00:00
David E. O'Brien
567924ccb9 Time to enter modern age and default to NFS version 3. 2002-05-15 22:24:29 +00:00
Jacques Vidrine
dfc4c48df7 It is dangerous to use globbing like so in startup scripts: 
rm -f /tmp/.X11-unix/*

If /tmp/.X11-unix didn't already exist, a user could symlink it to a directory
with files that he wants to wipe out, and wait for next reboot.

Reported by:	lumpy <lumpy@the.whole.net>
 2002-05-08 14:47:44 +00:00