Commit Graph

3637 Commits

Author SHA1 Message Date
Sam Leffler
4b70617d04 install "fast ipsec" include files 2002-10-18 04:21:29 +00:00
Robert Watson
64ac587b8a Exempt the "wheel group requirement" by default when su'ing to root if
the wheel group has no explicit members listed in /etc/group.  This adds
the "exempt_if_empty" flag to pam_wheel in the default configuration;
in some environments, it may be appropriate to remove this flag, however,
this default is the same as pre-pam_wheel.

Reviewed by:	markm
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-18 02:39:21 +00:00
Maxim Sobolev
119b9f09e9 Fix silly typo: loacal --> local. 2002-10-17 23:46:32 +00:00
Giorgos Keramidas
cc5ce63097 Replace old, not-working URL for an online index of DNS blacklist
servers with a reference to the Google directory.

Reviewed by:	gshapiro
MFC after:	1 week
2002-10-16 22:52:56 +00:00
Robert Watson
190a0059cf Remove root from the 'guest' group: missed in a previous pass.
Spotted by:	jhb
2002-10-14 20:55:49 +00:00
Robert Watson
975819b705 Remove root from the kmem, sys, tty, and staff groups in the default
configuration.  Root privileges override DAC on local file systems and
therefore root does not generally need to be a member of a group to
access files owned by that group.  In the NFS case, require explicit
authorization for root to have these privileges.

Leave root in operator for dump/restore broadcast reasons; leave root
in wheel until discrepencies in the "no users in wheel means any user
can su" policy are resolved (possibly indefinitely).
2002-10-13 17:00:37 +00:00
Robert Watson
7b2c73b73d For consistency with other entries in group, don't put the daemon or
xten users in their groups explicitly--we pick that up from the gid
field in master.passwd.
2002-10-13 16:26:26 +00:00
Jens Schweikhardt
0de35d0351 s/dependancy/dependency/ 2002-10-12 13:49:21 +00:00
Jens Schweikhardt
143085107b Fix style bugs:
* Space -> tabs conversion.
* Removed blanks before semicolon in "if ... ; then".
* Proper indentation of misindented lines.
* Put a full stop after some comments.
* Removed whitespace at end of line.

Approved by:	silence from gordon
2002-10-12 10:31:31 +00:00
Dima Dorfman
2dbe6947fa Aesthetics: Output a prefix before sourcing rc.local as the old rc
script did.  Stuff in rc.local frequently has lines like
"echo -n ' service_name'" which look ugly without a prefix and a
trailing period.  Likewise for rc.shutdown.local for consistency.
2002-10-12 07:23:43 +00:00
Dima Dorfman
605cf4c8a3 Aesthetics: Most (all?) other messages output at boot time have
trailing periods, so why shouldn't this one?
2002-10-12 07:21:18 +00:00
Joerg Wunsch
6e84ba78c1 When considering temporary files for deletion, don't examine the mtime
and atime only, but also the ctime.  Otherwise, files extracted from
tar or zip archives will immediately be declared stale since they've
got their mtime reset to the original mtime.

Reviewed by:	brian
MFC after:	1 week
2002-10-06 18:48:20 +00:00
Scott Long
e8890ccc51 Remove matcd from MAKEDEV.
X-MFC after:	ASAP
2002-10-05 18:28:48 +00:00
Sam Leffler
b18fda4edd add support for /dev/crypto 2002-10-04 20:44:46 +00:00
Sam Leffler
3feb456215 install sys/opencrypto include files in /usr/include/crypto 2002-10-04 20:44:28 +00:00
Jens Schweikhardt
d539c53b01 Fix all whitespace style bugs where spaces have been used
where tabs should have been. Cut & paste disease?

Spotted by:	vi(1) tabstop=4
MFC after:	2 weeks
2002-10-03 20:39:29 +00:00
Dima Dorfman
2ca85e3d5e In a diskless setup, rc.d/initdiskless may overwrite parts of /etc on
a per-machine or per-cluster (with different ways of expressing what's
part of a cluster) basis.  In order for this to be effective, rc.conf
has to be reread after initdiskless is finished.  Implement this by
adding a hook to etc/rc which rereads rc.conf by request.  This can
also be implemented by renaming initdiskless to initdiskless.sh and
sourcing rc.conf there manually, but it was decided that, that would
be uglier than a hook in etc/rc.

Developed in concert with:	gordon
2002-10-02 00:59:14 +00:00
Ruslan Ermilov
7206028152 test -h is deprecated; use -L instead.
PR:             bin/40846
2002-10-01 13:29:45 +00:00
Matthew N. Dodd
e2540a6d46 - Recognize 'idt' interfaces.
- The start command is 'atm_start' not 'start_cmd'.
2002-09-30 08:01:43 +00:00
Matthew N. Dodd
955f5ec383 Recognize 'idt' interfaces. 2002-09-30 08:01:16 +00:00
Warner Losh
e98304b93f SAMSUNG SWL-2000P PCI Card
Submitted by: Robert Dezorzo
2002-09-30 01:19:52 +00:00
Warner Losh
124524158d Psion Dacom Gold Card Ethernet
Submitted by: Rick Hoppe
2002-09-30 01:07:28 +00:00
Warner Losh
8144adea99 Generic Prism2.5 card
Submitted by: Matt Peterson
2002-09-30 00:59:05 +00:00
Warner Losh
af7d66fcb6 Belkin F5D5020 pccard.
Submitted by: Philip Pereira
2002-09-30 00:51:49 +00:00
Warner Losh
3902407590 Entry for I-O Data PCET/100-CL
Submitted by: MATSUO Masahiko-san
2002-09-30 00:40:23 +00:00
Warner Losh
3792e753d3 oops, last second botch: fix extra 'i' 2002-09-29 23:16:08 +00:00
Warner Losh
6e252ced31 o Belkin wireless card
PR: 38919
Submitted by: Tommy Johnson

o IBM IDE CDROM

PR: 39537
Submitted by: Kevin Van Maren

o T-Sunus 130 card

PR: 41802
Submitted by: Oliver Schneider
2002-09-29 23:13:08 +00:00
Warner Losh
0acab084ce o FreeSPirit ISDN/56K modem card
o No-name OEM Prism card
o ActionTec Prism card
o ZoomAir 11Mbps High Rate wireless networking

PR: 41929, 41928
Submitted by: Bruce M Simpson

o Dynalink L100C16

PR: 41938
Submitted by: Marco van de Voort
2002-09-29 22:51:31 +00:00
Warner Losh
a2398beeed Newer Netgear MA401RA entry.
Submitted by: Michael Ranner
2002-09-28 17:36:52 +00:00
Gordon Tetlow
38441fbf04 Fix moused so you can use the stop command
Reported by:	wa1ter@myrealbox.com
2002-09-27 16:54:21 +00:00
Warner Losh
760769737a Two fixes:
1) Add new card entry for nortel eMobility wi card (from email
	   that I've lost the sender on :-(
	2) put ata devices at config 0x1 rather than auto.  This should be
	   better for nearly all cases.

MFC after: 3 days
2002-09-27 06:14:29 +00:00
Juli Mallett
54f61a9394 Document at least one meaningful RELENG_5 feature, the ability to hide from
a user processes which run with an inequivalent class of UID credentials.

Sponsored by:	Rachel Hestilow <rachel@jerkcity.com>
2002-09-25 22:17:18 +00:00
Brian Somers
df93d794dc Add a pkg_version variable so that it's possible to run portsversion instead
of pkg_version in periodic/weekly/400.status-pkg.
2002-09-25 03:01:42 +00:00
Andrey A. Chernov
15897030c6 Make it work with POSIX sort (POS arg).
All old sorts understand -k too.
2002-09-24 18:53:46 +00:00
Poul-Henning Kamp
320d99c058 Use mdmfs(8) rather than rolling our own RAM-disks.
Sponsored by:	DARPA & NAI Labs.
2002-09-22 09:48:02 +00:00
Mark Murray
a5dd613ce6 Rename the ftp log filename for compatability with OpenBSD and NetBSD.
Requested by:	ru
2002-09-21 12:07:35 +00:00
Mark Murray
d595e25a82 Install empty ftp.log file to start off ftp logging. 2002-09-20 22:12:27 +00:00
Mark Murray
bbd0e6a78d Log ftpd stuff in the same way that we log lpd stuff. Too many ftpd's
are attacked for us to throw away this sort of evidence.
2002-09-20 22:10:01 +00:00
Hajimu UMEMOTO
a75d520e1f up gif during setup. 2002-09-20 18:31:55 +00:00
Gordon Tetlow
2c7db4fbc2 Quiet warnings on shutdown. 2002-09-19 20:14:50 +00:00
Don Lewis
08bb4399fa Unbreak installworld.
Apparently /usr/include/dev grew a couple of subdirectories, but nobody
informed mtree.
2002-09-19 08:35:12 +00:00
Kris Kennaway
64e11ced68 Add some extra directories created by recent versions of XFree86-4
Reviewed by:    anholt (XFree86-4 maintainer)
MFC after:      1 day
2002-09-19 02:05:41 +00:00
Ralf S. Engelschall
25ade111dc Fix implementation of rc variables $amd_flags and $amd_map_program in
rcNG. The $amd_flags variable was already taken over into $rc_flags
by run_rc_command() when amd_precmd() is executed, so changing
$amd_flags there no longer effects the actual execution of amd.
Hence in amd_precmd() the $rc_flags have to be adjusted instead.
2002-09-18 08:49:50 +00:00
Sam Leffler
c57aba5686 MFC: Elan support;
o Recognize AMD Elan SC520 hostbridge.
o Add initialization code for the AMD Elan sc520 which maps the MMCR
  into KVM and sets the i8254 frequency to the correct value.
o MAKEDEV entry for elan-mmcr device

Reviewed by:	phk, jhb
Approved by:	re(jhb)
2002-09-17 22:39:57 +00:00
Peter Wemm
66422f5b7a Initiate deorbit burn for the i386-only a.out related support. Moves are
under way to move the remnants of the a.out toolchain to ports.  As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL.  It has already lasted WAY beyond
that.

Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.

Tested on: i386 (extensively), alpha
2002-09-17 01:49:00 +00:00
Gordon Tetlow
42f10b3fe0 Fix sendmail to use checkyesno since rc.conf is no longer re'sourced from the
debug statement.
2002-09-12 17:31:09 +00:00
David E. O'Brien
8e00cef74d Use bzip2 instead of gzip for those logs we compress.
Basic idea agreed to by:	rwatson
2002-09-12 17:28:07 +00:00
Gordon Tetlow
0d8441a9fe Remove the sourceing of rc.conf from the debug subroutine. This caused
problems when you try to override variables locally.
2002-09-12 17:27:36 +00:00
John Baldwin
2cb1c3a5c5 Cosmetic cleanup to a message. 2002-09-11 19:49:43 +00:00
Gordon Tetlow
8e05457085 Quiet warnings about non-existent scripts. My own fault for not testing my
own patches as well as I should.
2002-09-11 01:00:57 +00:00
Gordon Tetlow
e022d3b1aa Fix syscons so it actually does start.
Reported by:	keramida, ume
Submitted by:	keramida
2002-09-09 22:40:34 +00:00
Mitsuru IWASAKI
5ea0b02d5a Add an entry for corega WL PCCL-11.
PR:		conf/42481
Submitted by:	NINOMIYA Hideyuki <nin@jp.FreeBSD.org>
Approved by:	imp
MFC after:	1 week
2002-09-06 17:45:36 +00:00
Gordon Tetlow
77e55efba0 Convert from ${CMD_OSTYPE} to ${OSTYPE}. This saves a shell invocation on
OS-dependent case switches.
2002-09-06 16:18:05 +00:00
Gordon Tetlow
550f8fc46b Add a support for a ${OSTYPE} which is set once in /etc/rc.subr. Also convert
all instances of `${CMD_OSTYPE}` to just using ${OSTYPE}. This saves us a
shell invocation on anything that is OS-dependent. I seriously doubt that we
will be spontaneously changing OS types during bootup.
2002-09-06 16:15:29 +00:00
Peter Wemm
f915be3bad rev 1.6 claimed to add 'bootparams', but in fact added 'bootparamd' which
does not exist.
2002-09-06 01:23:31 +00:00
Bill Fenner
4716fa4ee9 Only try to initialize syscons if /dev/ttyv0 exists and it's not a pcvt. 2002-09-05 23:51:28 +00:00
Bill Fenner
57dedf04ca Only try to run /usr/sbin/ispcvt if it exists and is executable. 2002-09-05 23:50:34 +00:00
Gordon Tetlow
adac8f8551 Add an archdep script and hook it up to the build.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-09-05 20:29:18 +00:00
Gordon Tetlow
7ea5622b15 Hook bootparams up to the world 2002-09-05 20:15:08 +00:00
Gordon Tetlow
b0e6d55b9e Introduce bootparamd into the boot scripts. Add a bootparamd_enable and
_flags to rc.conf

Submitted by:	John Hay <jhay@zibbi.icomtek.csir.co.za>
2002-09-05 20:14:46 +00:00
Gregory Neil Shapiro
d87e0e8e23 Deprecate the use of sendmail_enable="NONE" as it adversely affects the
new rcNG effort.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-09-03 22:15:57 +00:00
Gordon Tetlow
f048183067 nfsd doesn't die on SIGTERM but on SIGUSR1, correct script to kill nfsd with
the right signal.
2002-09-03 16:02:57 +00:00
Gordon Tetlow
b168ce8b63 We don't use single_mountd_enable anymore. It's just mountd_enable. I must
have missed this in my earlier sweep.
2002-09-02 21:20:58 +00:00
Gordon Tetlow
da5e455e1a Only install the scripts that actually used on FreeBSD. 2002-09-02 20:49:26 +00:00
Gordon Tetlow
4376ad7708 Commit a revised sendmail script that works the same way as rc.sendmail.
This should also quell warnings when sendmail_enable="NONE"
2002-09-02 20:37:03 +00:00
Gordon Tetlow
67a399fda8 Turn rc_ng on by default now, it's time has come. While we are at it, I'd
like to thank Mike Makonnen for all his work on rcNG. Without him, none
of this would have been possible.
2002-09-02 16:35:01 +00:00
Hellmuth Michaelis
949f39b532 establish default values for /etc/rc.d/pcvt script 2002-08-30 13:01:42 +00:00
Hellmuth Michaelis
6b6c162a88 integrate pcvt configuration into the new /etc/rc.d startup system
PR:           i386/7100
Reviewed by:  Gordon Tetlow <gordon@FreeBSD.org>
2002-08-30 12:43:23 +00:00
Crist J. Clark
10f23b4ad0 Only create a temporary file if we are actually going to do something
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.

PR:		bin/40960
Submitted by:	frf <frf@xocolatl.com>
MFC after:	3 days
2002-08-25 04:09:17 +00:00
Gordon Tetlow
4642178fcc Print out a carriage return to make the screen output make more sense
Submitted by:	mike@
2002-08-20 00:14:11 +00:00
Gordon Tetlow
eabdfedb1e I missed the single_mountd_enable in rc.network.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-15 03:29:19 +00:00
Gordon Tetlow
5b572aec21 Remove an accidental double chkdepend that snuck in during the last commit.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-15 03:24:47 +00:00
Gordon Tetlow
8987faac82 Don't export variables from /etc/rc when doing rc_ng because the scripts
are sourced in a subshell.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-14 05:58:44 +00:00
Gordon Tetlow
88f7d3e22b Clean up the scripts to use the new variables:
xntpd_* -> ntpd_*
portmap_* -> rpcbind_*

Also change single_mountd_enable -> mountd_enable
Changing the mountd flags brings us closer to NetBSD.

All of the old variable names are shimmed so you can continue to use the
old variable name.

Finally make /etc/rc.d/mountd no longer dependent on nfs as there are
(apparently) other consumers of mountd.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-14 05:44:32 +00:00
Gordon Tetlow
2ee93c5780 Clean up some variables that should have been done before:
xntpd_* -> ntpd_*
portmap_* -> rpcbind_*

Also change single_mountd_enable to mountd_enable.

We also include shims for all the old variable names.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-14 05:37:15 +00:00
Jens Schweikhardt
f017edb1bf o Test and change to the correct directory, /var/spool/.hoststat
o Bring if/then style in sync with /etc/rc scripts

PR:		conf/41570
Submitted by:	Konstantin M Volevatch <cox@rosnet.ru>
MFC after:	1 week
2002-08-12 11:09:01 +00:00
Jens Schweikhardt
84bd1082cb Fix typos (s/seperat/separat/ et al); add FreeBSD ID.
Suggested by:	bde
MFC after:	3 days
2002-08-12 10:04:32 +00:00
Ian Dowse
d64915d6e3 Remove some unnecessary sanity checks that break "sh MAKEDEV cd"
and others, because test(1) does not do shortcut evaluation.

Fix the same off-by-one error for acd*t* that revision 1.326 fixed
for other *cd devices.

Suggested by:	bde
Reviewed by:	bde
2002-08-10 22:03:58 +00:00
Ian Dowse
539354bed3 Permit the creation of just cd0 if desired. Previously it always
created cd1 as well due to an off-by-one error left over from
revision 1.249.

PR:		conf/20436
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
MFC after:	1 week
2002-08-10 00:20:32 +00:00
Tony Finch
a7c397167e Remove trailing whitespace. 2002-08-09 20:58:54 +00:00
Gordon Tetlow
897102c745 Make the othermta script DTRT when an mta startup script is not specified.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-09 17:45:04 +00:00
Gordon Tetlow
5e6fcb8ccc Correct comment. We use rpcbind now, not portmap
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-09 17:34:13 +00:00
Gordon Tetlow
e4bc448975 Correct comment
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-09 17:33:07 +00:00
Ruslan Ermilov
4e17db5b58 We no longer have a COPY. 2002-08-07 16:01:06 +00:00
Jake Burkholder
2e55bb64c3 Add example entries for ttya and ttyb (sab). 2002-08-04 19:16:13 +00:00
Gregory Neil Shapiro
b31d4126e3 If all file systems are marked nosuid, the line:
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`

sets ${MP} to an empty string so the next line:

	set ${MP}

actually just dumps all of the shells variables to stdout (and therefore
the security report).  Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.

Reviewed by:	brian
MFC after:	3 days
2002-08-03 22:33:34 +00:00
Robert Watson
844a8917d6 Introduce support for Mandatory Access Control and extensible
kernel access control.

Create directories for per-policy include files.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 22:37:08 +00:00
Hajimu UMEMOTO
ec2409ba60 FreeBSD has setkey in different location from NetBSD.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-07-31 16:39:19 +00:00
Marc Fonvieille
5fddf8bfc1 Correct URL to the Handbook
MFC after:	1 week
2002-07-31 10:05:37 +00:00
Ruslan Ermilov
d2893b161b Drop support for COPY, -c has been the default mode of install(1)
for a long time now.

Approved by:	bde
2002-07-29 09:40:17 +00:00
Dima Dorfman
527597b2d9 Stock -current has more than 300 files in /etc, so 255 inodes for the
/etc filesystem isn't enough; consequently, add "-i 4096" to the newfs
command for /etc.  This results in 1022 inodes, which should be enough
for the forseeable future (although I don't know why we would ever
have more than 1000 files in a default /etc).

Silence by:	-current
2002-07-28 03:41:53 +00:00
Dima Dorfman
cfab43190a Add a period to the end of the "starting" message to be consistent
with the rest of the output during a boot.
2002-07-28 03:38:10 +00:00
Warner Losh
1c367fb5b2 Add a generic NANOSPEED wi card.
Submitted by: matt peterson

While I'm here, kill the flags 0x10000 on all the prism based cards.
Both stable and current figure this out on their own and we've had at
least one releases where this is the case.
2002-07-26 06:12:14 +00:00
Hajimu UMEMOTO
dcaecffe69 Change the default setting of an IPv4-mapped IPv6 address to off.
Requested by:	many people
2002-07-25 15:44:01 +00:00
Hajimu UMEMOTO
9067589d53 be able to configure to run an IPv6 routing daemon even on
an end node (sync with rc.network6 1.30).

Approved by:	gordon
2002-07-21 19:12:21 +00:00
Ruslan Ermilov
30b92dec43 sys.mk no longer includes bsd.own.mk. 2002-07-20 10:56:00 +00:00
Ruslan Ermilov
bff0acee63 Install scripts via FILES (purposedly not via SCRIPTS that would
strip the suffixes).
2002-07-18 12:33:01 +00:00
Ruslan Ermilov
0b87f79976 s/${INSTALL} -c/${INSTALL} ${COPY}/ 2002-07-18 12:07:49 +00:00
Warner Losh
285e939e1e The Compaq WL200 is a CL-PD6729 based pci card with a prism 2 pcmcia
card behind it (without the pcmcia form factor).  This entry gets to
the point of attaching, but there's something wrong with the '29
support, so it doesn't quite work yet.
2002-07-18 06:01:35 +00:00
Dima Dorfman
dacf6a1e22 Remove spurious "echo '.'". 2002-07-18 05:00:23 +00:00
Brian S. Dean
9f0af70eb1 Apply same fix as Rev 1.19 of /etc/rc.diskless2: create sendmail
required directories if sendmail_enable is not set to "none".

Suggested by:   gordon
2002-07-18 05:00:22 +00:00
Doug Barton
d45ed36711 Anonymize the "portmap" program to get better compatibility with
rpcbind in -current.

Submitted by:   Alexander Kabaev <ak03@gte.com>
2002-07-18 05:00:21 +00:00
Doug Barton
de66529e70 Make nisdomainname=NO DTRT
Submitted by:   des, via Mike Makonnen <makonnen@pacbell.net>
2002-07-18 05:00:20 +00:00
Doug Barton
4264c30c0d Cleanup some pollution from the NetBSD sync, and add gif setup.
Submitted by:   Mike Makonnen <makonnen@pacbell.net>
2002-07-18 05:00:19 +00:00
Gordon Tetlow
8abdee58c7 Fix a typo that caused dhclient not to work.
Submitted by:   Dennis Kristensen <snicki@snicki.dk>
Reviewed by:    Mike Makonnen <makonnen@pacbell.net>
2002-07-18 05:00:18 +00:00
Gordon Tetlow
242bd45fb4 Merge in all the changes that Mike Makonnen has been maintaining for a
while. This is only the script pieces, the glue for the build comes next.

Submitted by:   Mike Makonnen <makonnen@pacbell.net>
Reviewed by:    silence on -current and -hackers
Prodded by:     rwatson
2002-07-18 05:00:17 +00:00
Hajimu UMEMOTO
8abac11f6e be able to configure to run an IPv6 routing daemon even on
an end node.

Requested by:	Masachika ISHIZUKA <ishizuka@ish.org>
MFC after:	1 week
2002-07-18 05:00:16 +00:00
Ruslan Ermilov
661fc9ee4d Removed no longer used share/examples/diskless/* dirs (forgotten
by luigi@) and never used share/examples/kld/dyn_sysctl/module.
2002-07-11 07:15:36 +00:00
Josef Karthauser
e044f137e0 Rename 'usio' to 'ucom'.
Spotted by:	akiyama
2002-07-10 16:07:33 +00:00
Gordon Tetlow
e321e75ec9 Remove debugging nit
Submitted by:	bmah
2002-07-08 21:04:16 +00:00
Peter Wemm
c00f7bc28b GRRR! rc.* cannot do an "exit 0" or it aborts the entire /etc/rc process.
We do a '. /etc/rc.syscons' - not run it in a seperate shell.
2002-07-08 04:03:21 +00:00
Gordon Tetlow
c1c086d9fe nfsd and mountd now live in /usr/sbin not /sbin. Correct the command args.
This also reduces the diff to NetBSD (very marginally).

Reviewed by:	jake (mentor)
2002-07-07 22:19:08 +00:00
Dag-Erling Smørgrav
cda86084ab Silence pam_lastlog for now. 2002-07-07 10:00:43 +00:00
Doug Barton
01ccaceffd Another update from Mike Makonnen.
Missed by: Me
2002-07-07 08:00:31 +00:00
Doug Barton
77aa299a77 Latest improvements from Mike Makonnen. Better kerberos and apm handling. 2002-07-07 04:16:53 +00:00
Ruslan Ermilov
d2baa8b3b7 There is apparently no reason for the existence of the `etc' target. 2002-07-05 13:47:29 +00:00
Ruslan Ermilov
3982724908 Whitespace and indentation (style) fixes. 2002-07-05 13:39:38 +00:00
Ruslan Ermilov
831568b970 Added DEFAULTS, to denote the contents of etc/defaults/.
Once upon a time (in rev. 1.81), COPYRIGHT and FREEBSD
were multi-value.

Moved installation of /var/log/cron to where it belongs
(this finishes the change in rev. 1.205).

Removed (with extreme prejudice) a bunch of parentheses
that unnecessarily obfuscated this makefile.

Run pwd_mkdb(8) right after master.passwd is installed.

Install nsmb.conf to /usr/share/examples/etc/.
2002-07-05 13:17:24 +00:00
Maxim Konovalov
492fa19f70 Trim EOL spaces.
Reviewed by:	gshapiro
2002-06-30 12:08:36 +00:00
Maxim Konovalov
4872428528 Add an alias for sshd. 2002-06-30 12:04:41 +00:00
Maxim Konovalov
fc193c4365 Include 'sshd' to the lists of forbidden users.
Reviewed by:	cvs-committers
2002-06-28 15:46:29 +00:00
Brian Somers
103efc95e8 Mention that we're checking kernel log messages, even if there's
no output.

PR:		39618
MFC after:	1 week
2002-06-28 10:32:18 +00:00
Sheldon Hearn
d86c700817 Revert previous delta, setting the system immutable flag on /var/empty
instead of the user immutable flag, now that mergemaster handles
schg directories in its /var/tmp/temproot.
2002-06-26 17:05:48 +00:00
Sheldon Hearn
ec8b657bfd Tone down the previous delta: don't set the system immutable flag on
/var/empty, because it makes it difficult for mergemaster(8) to remove
/var/tmp/temproot/var.
2002-06-26 08:58:28 +00:00
Matthew Dillon
ca18873e88 add default vmemoryuse (unlimited), and samples 2002-06-26 04:04:37 +00:00
Kenneth D. Merry
98cb733c67 At long last, commit the zero copy sockets code.
MAKEDEV:	Add MAKEDEV glue for the ti(4) device nodes.

ti.4:		Update the ti(4) man page to include information on the
		TI_JUMBO_HDRSPLIT and TI_PRIVATE_JUMBOS kernel options,
		and also include information about the new character
		device interface and the associated ioctls.

man9/Makefile:	Add jumbo.9 and zero_copy.9 man pages and associated
		links.

jumbo.9:	New man page describing the jumbo buffer allocator
		interface and operation.

zero_copy.9:	New man page describing the general characteristics of
		the zero copy send and receive code, and what an
		application author should do to take advantage of the
		zero copy functionality.

NOTES:		Add entries for ZERO_COPY_SOCKETS, TI_PRIVATE_JUMBOS,
		TI_JUMBO_HDRSPLIT, MSIZE, and MCLSHIFT.

conf/files:	Add uipc_jumbo.c and uipc_cow.c.

conf/options:	Add the 5 options mentioned above.

kern_subr.c:	Receive side zero copy implementation.  This takes
		"disposable" pages attached to an mbuf, gives them to
		a user process, and then recycles the user's page.
		This is only active when ZERO_COPY_SOCKETS is turned on
		and the kern.ipc.zero_copy.receive sysctl variable is
		set to 1.

uipc_cow.c:	Send side zero copy functions.  Takes a page written
		by the user and maps it copy on write and assigns it
		kernel virtual address space.  Removes copy on write
		mapping once the buffer has been freed by the network
		stack.

uipc_jumbo.c:	Jumbo disposable page allocator code.  This allocates
		(optionally) disposable pages for network drivers that
		want to give the user the option of doing zero copy
		receive.

uipc_socket.c:	Add kern.ipc.zero_copy.{send,receive} sysctls that are
		enabled if ZERO_COPY_SOCKETS is turned on.

		Add zero copy send support to sosend() -- pages get
		mapped into the kernel instead of getting copied if
		they meet size and alignment restrictions.

uipc_syscalls.c:Un-staticize some of the sf* functions so that they
		can be used elsewhere.  (uipc_cow.c)

if_media.c:	In the SIOCGIFMEDIA ioctl in ifmedia_ioctl(), avoid
		calling malloc() with M_WAITOK.  Return an error if
		the M_NOWAIT malloc fails.

		The ti(4) driver and the wi(4) driver, at least, call
		this with a mutex held.  This causes witness warnings
		for 'ifconfig -a' with a wi(4) or ti(4) board in the
		system.  (I've only verified for ti(4)).

ip_output.c:	Fragment large datagrams so that each segment contains
		a multiple of PAGE_SIZE amount of data plus headers.
		This allows the receiver to potentially do page
		flipping on receives.

if_ti.c:	Add zero copy receive support to the ti(4) driver.  If
		TI_PRIVATE_JUMBOS is not defined, it now uses the
		jumbo(9) buffer allocator for jumbo receive buffers.

		Add a new character device interface for the ti(4)
		driver for the new debugging interface.  This allows
		(a patched version of) gdb to talk to the Tigon board
		and debug the firmware.  There are also a few additional
		debugging ioctls available through this interface.

		Add header splitting support to the ti(4) driver.

		Tweak some of the default interrupt coalescing
		parameters to more useful defaults.

		Add hooks for supporting transmit flow control, but
		leave it turned off with a comment describing why it
		is turned off.

if_tireg.h:	Change the firmware rev to 12.4.11, since we're really
		at 12.4.11 plus fixes from 12.4.13.

		Add defines needed for debugging.

		Remove the ti_stats structure, it is now defined in
		sys/tiio.h.

ti_fw.h:	12.4.11 firmware.

ti_fw2.h:	12.4.11 firmware, plus selected fixes from 12.4.13,
		and my header splitting patches.  Revision 12.4.13
		doesn't handle 10/100 negotiation properly.  (This
		firmware is the same as what was in the tree previously,
		with the addition of header splitting support.)

sys/jumbo.h:	Jumbo buffer allocator interface.

sys/mbuf.h:	Add a new external mbuf type, EXT_DISPOSABLE, to
		indicate that the payload buffer can be thrown away /
		flipped to a userland process.

socketvar.h:	Add prototype for socow_setup.

tiio.h:		ioctl interface to the character portion of the ti(4)
		driver, plus associated structure/type definitions.

uio.h:		Change prototype for uiomoveco() so that we'll know
		whether the source page is disposable.

ufs_readwrite.c:Update for new prototype of uiomoveco().

vm_fault.c:	In vm_fault(), check to see whether we need to do a page
		based copy on write fault.

vm_object.c:	Add a new function, vm_object_allocate_wait().  This
		does the same thing that vm_object allocate does, except
		that it gives the caller the opportunity to specify whether
		it should wait on the uma_zalloc() of the object structre.

		This allows vm objects to be allocated while holding a
		mutex.  (Without generating WITNESS warnings.)

		vm_object_allocate() is implemented as a call to
		vm_object_allocate_wait() with the malloc flag set to
		M_WAITOK.

vm_object.h:	Add prototype for vm_object_allocate_wait().

vm_page.c:	Add page-based copy on write setup, clear and fault
		routines.

vm_page.h:	Add page based COW function prototypes and variable in
		the vm_page structure.

Many thanks to Drew Gallatin, who wrote the zero copy send and receive
code, and to all the other folks who have tested and reviewed this code
over the years.
2002-06-26 03:37:47 +00:00
John Polstra
c0c9b4e674 Fix the amd invocation to honor the amd_flags setting.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-06-24 19:50:56 +00:00
Sheldon Hearn
9ec0ab17fd The previous delta introduced /var/empty, for use by openssh-portable,
which needs an empty directory into which to chroot(2).

Hint to the operator that this directory really _should_ be empty
by creating it with mode 0555 and the system immutable flag (schg)
set.

Reviewed by:	des
2002-06-24 18:31:47 +00:00
Dag-Erling Smørgrav
677fccffa4 Previous commit was just a tad too hasty, the sshd peudo-user's home
directory should be /var/empty.
2002-06-23 20:46:44 +00:00
Dag-Erling Smørgrav
9b4e71b270 Add /var/empty for the OpenSSH privsep code. 2002-06-23 20:44:19 +00:00
Dag-Erling Smørgrav
04b681a999 Add an sshd user and group for the OpenSSH privilege separation code. 2002-06-23 20:41:06 +00:00
Brian S. Dean
415c05a038 Create sendmail required directories if sendmail is enabled. 2002-06-22 19:44:25 +00:00
Doug Barton
032c8774fa Hone the rpcbind dependency checking.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-06-21 19:50:01 +00:00
David E. O'Brien
85283ff45d This commit was generated by cvs2svn to compensate for changes in r98576,
which included commits to RCS files with non-trunk default branches.
2002-06-21 19:07:21 +00:00
David E. O'Brien
be026881b1 Sync with NetBSD's mainline. 2002-06-21 19:07:21 +00:00
Ruslan Ermilov
072f6798f8 Make NO_OPENSSL actually imply NO_OPENSSH, as documented in make.conf(5). 2002-06-21 08:54:03 +00:00
Doug Barton
5271c18857 Anonymize the "portmap" program to get better compatibility with
rpcbind in -current.

Submitted by:	Alexander Kabaev <ak03@gte.com>
2002-06-20 08:49:44 +00:00
Dag-Erling Smørgrav
bc39792308 We don't use this any more.
Sponsored by:	DARPA, NAI Labs
2002-06-19 20:01:25 +00:00
Dag-Erling Smørgrav
bb151ea158 Enable OPIE for sshd and telnetd. I thought I'd done this a long time
ago...

Sponsored by:	DARPA, NAI Labs
2002-06-19 20:00:43 +00:00
Doug Barton
b992dc7565 Another good suggestion from Bruce, only create links if the
file doesn't exist already.
2002-06-19 05:35:16 +00:00
Gordon Tetlow
54f43a77ca Fix a typo in the named startup options
Submitted by:	sheldonh@
2002-06-18 19:42:37 +00:00
Doug Barton
b94048f0ec Do vidcontrol -m on after starting moused for a usb mouse.
PR:		conf/39125
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
Not objected to by: -current and -hackers
2002-06-18 07:50:16 +00:00
Doug Barton
a1aa5c8053 Should have paid more attention to the PR. Update (improve?) the examples
by doing them in /dev/, and provide more than just the one example.

Submitted by:	bde (for the ideas, blame for mistakes is mine)
2002-06-18 07:33:56 +00:00
Doug Barton
02010b74b4 Only create symlink if /dev/ttyv0 exists.
PR:		misc/39381
Submitted by:	Dirk-Willem van Gulik <dirkx@covalent.net>
2002-06-18 07:14:43 +00:00
Doug Barton
e5f35c947b Try handling lack of syscons (for diskless boot, or other) by
testing for the presence of /dev/ttyv0.

PR:		misc/39351
Submitted by:	Dirk-Willem van Gulik <dirkx@covalent.net>
2002-06-16 20:59:16 +00:00
Gordon Tetlow
576ed0de29 Make sendmail really not start when sendmail_enable="NONE"
Submitted by:	Dennis Kristensen <snicki@snicki.dk>
Reviewed by:	Mike Makonnen <makonnen@pacbell.net>
2002-06-15 18:39:05 +00:00
Gordon Tetlow
825bb04125 Add the final bits that allow the use of rc.d. Note that you can toggle
between rc.d and the classic boot scripts based on the rcng variable in
your rc.conf. Defaults to classic boot scripts.

Submitted by:	Mike Makonnen
2002-06-13 22:30:02 +00:00
Gordon Tetlow
2952767837 Add a couple of variables for rc.d
Submitted by:	Mike Makonnen
2002-06-13 22:27:31 +00:00
Gordon Tetlow
dde7cef3d2 Hook rcorder and rc.d into the build.
Submitted by:	Mike Makonnen
2002-06-13 22:26:15 +00:00
Gordon Tetlow
64deb069a9 Bring this up to date with the latest NetBSD bits. Also add some bits of
our own.

Submitted by:	Mike Makonnen
Reviewed by:	silence on -current and -hackers
2002-06-13 22:19:42 +00:00
Gordon Tetlow
27bc1b287e Merge in all the changes that Mike Makonnen has been maintaining for a
while. This is only the script pieces, the glue for the build comes next.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
Reviewed by:	silence on -current and -hackers
Prodded by:	rwatson
2002-06-13 22:14:37 +00:00
David E. O'Brien
8777223029 Change our default XF86Config location from /etc/ to /etc/X11/,
following the lead of The XFree86 Project's default.

Approved by:	Murray
2002-06-10 04:47:26 +00:00
David E. O'Brien
ac3f21b185 We want to play osterage and stick our heads in the sand and ignore things.
Requested by:	jhb
2002-06-04 22:26:11 +00:00
David E. O'Brien
499cc75ee2 ntpdate(1) is depreciated. 2002-06-04 21:25:41 +00:00
Takeshi Shibagaki
e5f0e62f96 Add new entry PLANEX GW-NS11H(PRISM3.0).
Submitted by [bsd-nomads:16322] Yasufumi Susuki <yasu@triaez.kaisei.org>
2002-05-29 21:16:51 +00:00
Peter Wemm
148c11ac62 Update g++ include subdirs 2002-05-29 00:46:33 +00:00
Warner Losh
51cf186eab Correct US Robotics Wireless Card 2410 entry 2002-05-24 15:28:38 +00:00
Gregory Neil Shapiro
34925ba6f7 Add a new make.conf knob, SENDMAIL_MAP_PERMS, which specifies the
permissions to use for alias and map database files built by
/etc/mail/Makefile.  The default is 0640 to assist users in avoiding
a file locking local denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:46:39 +00:00
Gregory Neil Shapiro
519c4f1816 Change the default permissions for the sendmail statistics file to 0640
instead of 0644 to help protect users against a file locking local
denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:44:53 +00:00
Gregory Neil Shapiro
b9888709dd Add a warning regarding localhost-only listening daemons inside jails.
Apparently binding only to 127.0.0.1 inside of a jail actually binds
to the jail IP address as well (in effect, bind to all available
interfaces in the jail).

Submitted by:	Helge Oldach <test-smtp@oldach.net>
MFC after:	1 day
		pending RE approval
2002-05-22 16:37:32 +00:00
Ruslan Ermilov
37d1dbf01d Build sccs(1) docs. 2002-05-22 11:55:47 +00:00
Ruslan Ermilov
0c2fe74da8 Added share/doc/[pu]sd entries.
Reviewed by:	grog
2002-05-22 10:38:25 +00:00
Gregory Neil Shapiro
b943c00ef4 There are still many broken nameservers out there in the wild. Even
though I would personally prefer to see the broken nameservers fixed
instead of standards compliant applications work around them, I can't
force FreeBSD users to help fight that battle.

Submitted by:	Damon Anton Permezel <dap@damon.com>
MFC after:	2 days
		pending RE approval
2002-05-21 02:02:23 +00:00
Gordon Tetlow
e21fb30dce Explictly set kerberos_stash to NO instead of blank. While we are at it,
fix a comment that suggested setting ipv6_ipv4mapping to blank. This
will aid in merging with rcng which requires all veriables to be
explicitly set.

Submitted by:	Mike Makonnen
MFC after:	1 week
2002-05-20 05:26:44 +00:00
Mark Murray
ccde38c38d Remove Perl and TCL/TK bits, neither of which are in the base system
(anymore).
2002-05-18 14:27:17 +00:00
Ruslan Ermilov
7662944182 Sigh, this README is not a shell script. 2002-05-18 12:37:19 +00:00
Ruslan Ermilov
0db47a7c6c Remind developers to update hier(7) if they make changes to these files. 2002-05-18 12:35:10 +00:00
David E. O'Brien
2582d4d13f We haven't needed libg++ since 1999-04-04 (pre 4.0). 2002-05-18 05:38:31 +00:00
Gordon Tetlow
6395b411cb Fix the order of shutdown scripts so it not only reverses the order of the
files in each ${local_startup} directory, it also reverses the order of the
directories.

Suggested by:	jhb
Reviewed by:	jake
Approved by:	dougb
MFC after:	1 week
2002-05-18 00:26:10 +00:00
Brian Somers
9e280368ad Temporarily change our umask to 066 so that the potential creation
of wtmp.0 is done as mode 600.

This ensures that tight permissions set in /etc/newsyslog.conf for
wtmp logging aren't ``betrayed''.

Suggested by:	lumpy <lumpy@the.whole.net>
MFC after:	3 days
2002-05-17 14:05:08 +00:00
Brian Somers
740b91b560 Change `dmesg -a'' to `dmesg''.
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.

However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.

MFC after:	3 days
2002-05-17 13:38:36 +00:00
Brian Somers
db1d04d6d9 Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}
Problem reported by:	lumpy <lumpy@the.whole.net>
MFC after:		3 days
2002-05-17 11:34:12 +00:00
Brian Somers
afa3985979 Return 3 unless $daily_status_security_enable != YES.
Returning $? masks security output when ``periodic security'' is successful !

MFC after:	3 days
2002-05-17 11:31:45 +00:00
Mark Murray
f365887c6c No need to build perl dirs anymore. 2002-05-16 09:29:40 +00:00
Ruslan Ermilov
f82979375c MF4: sync with RELENG_4 version as much as possible. 2002-05-16 08:06:07 +00:00
Tom Rhodes
db4f576472 Consistancy, file system > filesystem 2002-05-16 02:10:03 +00:00
David E. O'Brien
567924ccb9 Time to enter modern age and default to NFS version 3. 2002-05-15 22:24:29 +00:00
Jacques Vidrine
dfc4c48df7 It is dangerous to use globbing like so in startup scripts:
rm -f /tmp/.X11-unix/*

If /tmp/.X11-unix didn't already exist, a user could symlink it to a directory
with files that he wants to wipe out, and wait for next reboot.

Reported by:	lumpy <lumpy@the.whole.net>
2002-05-08 14:47:44 +00:00
Gregory Neil Shapiro
8b637659da Fix typo.
Submitted by:	Marius Strom <marius@marius.org>
MFC after:	1 day
		and RE approval
2002-05-08 05:17:46 +00:00
Dag-Erling Smørgrav
a87cdc1598 Use pam_lastlog(8)'s new no_fail option.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:33:02 +00:00
Michael C . Wu
b9d862a225 This is two new entries for Taiwanese 16bit PCMCIA cards.
The Blue Concentric CF 802.11b card is a compactflash form-factored card
that does 802.11b, including 128bit encryption.
The Zonet modem pccard is a simple FAX/Modem card.

Both are sold in Guang-Hua Market in Taipei, and functions perfectly
with -current and -stable.
2002-05-07 16:50:15 +00:00
Brian Somers
9472aac628 Fix the output when daily_status_mailq_shorten is set to YES
PR:			23766
Mostly submitted by:	lambert@ssabsd.csw.net
MFC after:		3 days
2002-05-07 13:11:05 +00:00
Maxim Konovalov
44ded06713 Include 'www' in the list of forbidden ftp users.
Reviewed by:	sheldonh
MFC after:	3 days
2002-05-07 11:07:39 +00:00
Crist J. Clark
f5a8f1482c Remove leading whitespace from the setuid file lists.
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."

PR:		conf/37618
Reviewed by:	brian
MFC after:	3 days
2002-05-05 00:59:37 +00:00
Dag-Erling Smørgrav
05ade9be70 Add a PAM policy for rexecd(8).
Sponsored by:	DARPA, NAI Labs
2002-05-02 05:05:28 +00:00
Dag-Erling Smørgrav
48988cd4bd xdm plays horrid tricks with PAM, and dumps core if it's allowed to call
pam_lastlog, so add a dummy session chain to avoid using the one from
pam.d/other.  I assume gdm does something similar, so give it a dummy
session chain as well.

Sponsored by:	DARPA, NAI Labs.
2002-05-02 05:00:40 +00:00
Brian Somers
ee9336d9b7 Handle .bz2 files created by newsyslog
PR:			37529
Partially submitted by:	Peter Hollaubek <fifteen@inext.hu>
MFC after:		1 week
2002-04-30 17:07:32 +00:00
David Malone
d00a7c247a Don't use ISO_8859 when I should use ISO8859. 2002-04-29 20:57:36 +00:00
Dag-Erling Smørgrav
4b448ce5d5 Add no_warn to pam_lastlog. This should prevent xdm from dumping core
when linked with Linux-PAM.
2002-04-29 15:22:00 +00:00
David Malone
df374705d2 Add a French calendar.
PR:		32265
Submitted by:	Thierry Thomas <thierry@pompo.net>
MFC after:	1 week
2002-04-28 23:22:13 +00:00
Doug Barton
421ec878ab Remove reference to the TCP_RESTRICT_RST option, which was removed
over a year ago.

Small ws twiddle while I'm here.
2002-04-27 06:24:58 +00:00
Wes Peters
8373917257 Rename the file used to specify the nextboot to make it clear that this
is a loader configuration file and can be used for more than just a
kernel name.

Submitted by:	Gordon Tetlow <gordont@gnf.org>
2002-04-26 22:32:15 +00:00
Ruslan Ermilov
6bde859f40 Milestone #1 in cross-arch make releases.
Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.

Eliminate the need in the second installworld.  For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.

Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1.  Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).

Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).

In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.

Moved the creation of the "crypto" dist from release.5 to
release.2.

In release.3 and doMFSKERN, build kernels in the "world"
environment.  KERNELS now means "additional" kernels, GENERIC is
always built.

Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.

Inline createBOOTMFS target.

Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules.  GC doMODULES as such.

Assorted fixes:

Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".

Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.

gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.

release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists.  Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories.  This will be fixed
soon.

Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage.  Most of the userland makefiles did not test it for "YES"
anyway.

XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists?  (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)

Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.

Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
2002-04-26 17:55:27 +00:00
Wes Peters
1de372dcd4 Add a -k option to reboot to specify the kernel to boot next time
around.  If the kernel boots successfully, the record of this kernel
is erased, it is intended to be a one-shot option for testing
kernels.

This could be improved by having the loader remove the record of
the next kernel to boot, it is currently removed in /etc/rc immediately
after disks are mounted r/w.

I'd like to MFC this before the 4.6 freeze unless there is violent
objection.

Reviewed by:	Several on IRC
MFC after:	4 days
2002-04-26 07:31:04 +00:00
David E. O'Brien
01df2ec328 Change the name of the 'bin' distribution to 'base'.
This is done since it contains much more than /bin, and also gets in the
way when making a combined install+fixit CD.

OK'ed by:	jkh
2002-04-23 22:16:41 +00:00
Gregory Neil Shapiro
4a49265d15 sys.mk no longer includes bsd.own.mk so I need to include it here for
the definition of SHAREMODE.

Submitted by:	Udo Schweigert <Udo.Schweigert@siemens.com>
2002-04-23 17:08:08 +00:00
Maxim Sobolev
c1deb99469 Correct default value of drainwait: it should be 300 seconds, not forever.
PR:		37370
Submitted by:	Daniel O'Connor <doconnor@gsoft.com.au>
MFC after:	2 weeks
2002-04-23 08:26:50 +00:00
David E. O'Brien
8a57f7e245 Do not use 'ps -e' for entropy gathering. It uses /proc/*/mem to rummage
around *user* memory to extract the environment variable strings.  This
is problematic for us.

Submitted by:	peter
2002-04-23 00:05:48 +00:00
David E. O'Brien
c1ab4f157d Utilize dhcp information in the kernel environment if we don't have
hostname and DNS information already.

Submitted by:	Danny Braniss <danny@cs.huji.ac.il>
2002-04-22 21:42:18 +00:00
Sheldon Hearn
87d8c3b497 Bring in changes from smbfs-1.4.4. 2002-04-22 16:18:36 +00:00
Dag-Erling Smørgrav
d397408818 Usage style sweep: spell "usage" with a small 'u'.
Also change one case of blatant __progname abuse (several more remain)
This commit does not touch anything in src/{contrib,crypto,gnu}/.
2002-04-22 13:44:47 +00:00
Gregory Neil Shapiro
3bf762b7f6 Non-sendmail users use the FreeBSD sendmail startup functionality to start
alternative MTAs.  Therefore, always install rc.sendmail, regardless of
NO_SENDMAIL make.conf setting.  Users can still set mta_start_script to a
different script.

This commit is after a repo-copy of src/etc/sendmail/rc.sendmail to
src/etc/rc.sendmail.

Noticed by:	Calvin NG <calvinng@brel.com>
MFC after:	3 days
2002-04-21 20:32:28 +00:00
Crist J. Clark
aad6ba1940 Consistently use full pathnames for files, especially executables.
PR:		conf/37292
Submitted by:	Helge Oldach <send-pr@oldach.net>
MFC after:	3 days
2002-04-21 08:32:35 +00:00
Gregory Neil Shapiro
5b7a235bb6 In my continuing crusade to make life better for non-sendmail users, avoid
the creation of /var/spool/clientmqueue and therefore the need for the
smmsp user and group if NO_SENDMAIL is defined.  This required breaking out
the creation of the directory into a new BSD.sendmail.dist mtree file.

MFC after:	1 week
2002-04-20 19:00:11 +00:00
Dag-Erling Smørgrav
214f3239c0 Don't list pam_unix in the session chain, since it does not provide any
session management services.

Sponsored by:	DARPA, NAI Labs
2002-04-18 17:40:27 +00:00
Ruslan Ermilov
5b3e868df5 Fixed bugs in previous revision:
Added NOOBJ if anyone even attempts to "make obj" here.
Revert to installing files with mode 644 except README.
Make this overall look like a BSD-style Makefile rather
than roll-your-own (this is not a bug).

For the record.  Previous revision also fixed the breakage
introduced by the sys.mk,v 1.60 commit: bsd.own.mk is no
longer automatically included from sys.mk.

Reported by:	jhay
2002-04-18 10:58:14 +00:00
Dag-Erling Smørgrav
8abb6072c1 Use ${FILES} and <bsd.prog.mk> rather than roll-your-own. 2002-04-18 10:07:36 +00:00
Gerald Pfeifer
e6c0365295 Mention that terminal type vt220 will work better if one needs
interoperability with other systems like Solaris or GNU/Linux.

PR:		33810
Approved by:	obrien
2002-04-17 10:42:41 +00:00
Ruslan Ermilov
c059859e2c Really sort entries. 2002-04-16 07:55:20 +00:00
Dag-Erling Smørgrav
a64210378b Add PAM policy for the "passwd" service, including a sample config line
for pam_passwdqc.

Sponsored by:	DARPA, NAI Labs
2002-04-15 03:01:32 +00:00
Dag-Erling Smørgrav
ce93a006f1 Add pam_lastlog(8) here since I removed lastlog support from sshd.
Sponsored by:	DARPA, NAI Labs
2002-04-15 02:46:24 +00:00
Doug Barton
48c3e9339b Remove ws at EOL 2002-04-14 22:35:46 +00:00
Gregory Neil Shapiro
84481e5e4b Fix up submit.cf alternation instructions in light of new SENDMAIL_SUBMIT_MC
make.conf knob.

MFC after:	1 week
2002-04-14 19:24:28 +00:00
Gregory Neil Shapiro
14d6d7657a Provide a new make.conf knob, SENDMAIL_SUBMIT_MC to allow users to pick
the .mc file used for /etc/mail/submit.cf.  By default,
/etc/mail/freebsd.submit.mc is installed and used.

Requested by:	fenner
Submitted by:	ume
MFC after:	1 week
2002-04-14 19:20:26 +00:00
Hellmuth Michaelis
7b59113e2f update german national holidays file for 2002, 2003 and 2004 2002-04-13 12:23:38 +00:00
Dag-Erling Smørgrav
e5df14bff8 Use pam_rhosts(8). 2002-04-12 23:20:30 +00:00
Gregory Neil Shapiro
e6b0d580e7 Add my Copyright on this file so I can allow others to use it 2002-04-12 20:28:06 +00:00
Dag-Erling Smørgrav
f5e2abb7fa Add etc/pam.d. 2002-04-12 16:22:58 +00:00
Dag-Erling Smørgrav
cec161f9e1 Cosmetic changes to the previous commit, bringing it closer to what I
already had in my tree but didn't want to commit.
2002-04-11 22:06:27 +00:00
Hajimu UMEMOTO
4dfe2f93fb Add an IPv6 sample line for tftpd.
MFC after:	2 weeks
2002-04-11 17:17:28 +00:00
Peter Wemm
8adaef858d Back out /etc/rc.d addition. I'd like to see something come of what has
already been imported.  It would have been nice to get it out there
in DP1, but that is too late now.
2002-04-11 08:48:52 +00:00
Peter Wemm
863e2b4c84 <peril sensitive sunglasses on>
Add /etc/rc.d to the startup dirs list.  It is a convenient place to put
custom startup scripts instead of hacking a shared rc.local.  eg: ftpd in
listener mode, or maybe even sendmail or another mailer, etc.
<peril sensitive sunglasses off>
2002-04-10 22:42:27 +00:00
Peter Wemm
6636027fe4 Since sshd expects /etc/ssh/ssh_host_rsa_key to exist, we had better
create it.  Also specify protocol v1/v2 in case people wonder why we
generate two RSA keys.
2002-04-10 22:30:54 +00:00
Gregory Neil Shapiro
14a349d554 Update mail queue related periodic scripts to account for sendmail 8.12's
clientmqueue (submit mail queue).

The new mailq display is only active if both the old
daily_status_mailq_enable is set to "YES" and the new
daily_status_include_submit_mailq is set to "YES" so people who disabled
440.status-mailq won't have any surprises.

Likewise, the new queue run is only active if both the old
daily_queuerun_enable is set to "YES" and the new daily_submit_queuerun
is set to "YES" so people who disabled 500.queuerun won't have any
surprises.

While I am here, remove the [ ! -d /var/spool/mqueue ] checks from
both scripts as the queue directory isn't always /var/spool/mqueue for
the main daemon -- it can be set to anything in the sendmail.cf file.

MFC after:	1 week
2002-04-10 03:58:40 +00:00
Dag-Erling Smørgrav
540d48b77c If used, pam_ssh should be marked "sufficient", not "required".
Sponsored by:	DARPA, NAI Labs
2002-04-08 09:52:47 +00:00
Jeroen Ruigrok van der Werven
cdf08a837b Correct path for saver to reflect reality.
Submitted by:	Martin Faxer <gmh003532@brfmasthugget.se>
2002-04-06 18:02:52 +00:00
Hajimu UMEMOTO
7ae24d3f0d Now, you can specify "" or "NONE" for ipv6_network_interfaces to
prevent the interfaces from being initialized by /etc/rc.network6
wrongly.  So, you can explicitly initialize the interfaces by
/etc/pccard_ether.
With previous rc.network6, if you specify pccardd_flags="-z",
net.inet6.ip6.accept_rtadv was wronly set to 0, then RA was not
accepted.
2002-04-06 15:15:43 +00:00
Poul-Henning Kamp
193eadc319 Per discussion on current: Don't spam root with syslog messages. 2002-04-06 11:22:01 +00:00
Dima Dorfman
ceb03991ef Correct grammar(?) in comments.
PR:		36808
Submitted by:	Andrew Boothman <andrew@cream.org>
2002-04-06 09:28:37 +00:00
Alexey Zelkin
c1222b7e56 Add directories for pt_BR.ISO8859-1 locale 2002-04-05 14:58:03 +00:00
Gregory Neil Shapiro
5bcd1d05cf Add the missing hoststat and purgestat commands. These are normally
symlinks to the sendmail binary but in FreeBSD's case, they are
symlinks to mailwrapper.

Submitted by:	tisco
MFC after:	4 days
2002-04-05 04:25:14 +00:00
Gregory Neil Shapiro
619b80c4e6 Quoting Peter Wemm, "At great personal risk, touch the sendmail startup
again."

As an alternative to sendmail_enable=NONE, solve the boot time problem
for non-sendmail users completely by moving all of the sendmail startup
code from /etc/rc to /etc/rc.sendmail.  The source for that script will
be kept in src/etc/sendmail/rc.sendmail so make.conf's NO_SENDMAIL will
prevent it from being installed.  A new rc.conf variable,
mta_start_script specifies the script to run to start the user's
preferred MTA.  For backward compatibility, it will default to
/etc/rc.sendmail.  The specified script is called out of /etc/rc after
checking to make sure it exists.  A new rc.sendmail.8 man page has also
been added which now houses the sendmail_* variable descriptions
formerly in rc.conf.5.

Use /etc/rc.sendmail in /etc/mail/Makefile to reduce code duplication.

Reviewed by:	-current, -stable, obrien, peter, ru
MFC after:	1 week
2002-04-05 02:30:49 +00:00
Ruslan Ermilov
fffd793af9 Back out last commit. (This file is installed under /etc/mail.)
Requested by:	gshapiro
2002-04-04 07:42:12 +00:00
Ruslan Ermilov
b8aa2e2243 Use a relative path to contrib/sendmail/cf. 2002-04-04 07:18:29 +00:00
Doug Barton
41cf829909 The good news is that my initial PR was correct... the bad news is that I
was apparently smoking something when I committed the last fix, because as
ume was kindly enough to set me straight on, amd *will* start with no
arguments at all, as long as there is an /etc/amd.conf file for it to
read. What it won't do is start with *just* -p.

In any case, now it's fixed.
2002-04-01 18:33:45 +00:00
Bruce Evans
8fdb202d85 Support more than 32 sio unit numbers. The maximum unit number is now
(65536 * 32 - 1), but MAKEDEV only supports up to (32 * 32 -1).  Device
names use the unit number in base 32 for all "digits".

This required fixing an old bug in MAKEDEV:ttyminor().  Its arg was the
global $unit instead of $1.

Reminded by:	Valentin K. Ponomarenko <valka@krog.ukrtel.net>
MFC-after:	1 week
2002-03-31 09:15:43 +00:00
Gregory Neil Shapiro
278bc2896a Update the /etc/mail/Makefile "start" target code to match the new startup
logic and added a new set of targets for controlling the MSP queue runner
(start-mspq, stop-mspq, and restart-mspq).

Reminded by: Mark Santcroos <marks@ripe.net>
MFC after:	1 week
2002-03-28 03:30:27 +00:00
Gregory Neil Shapiro
4bfef13db0 Provide a way for users to completely prevent sendmail from trying to start
at boot time.

Instead of rc.conf's sendmail_enable only accepting YES or NO, it can now
also accept NONE.  If set to NONE, none of the other sendmail related
startup items will be done.

Remove an extra queue running daemon might be started that wasn't necessary
(it didn't hurt anything but it wasn't needed).

The new logic is:

# MTA
if ${sendmail_enable} == NONE
        # Do nothing
else if ${sendmail_enable} == YES
        start sendmail with ${sendmail_flags}
else if ${sendmail_submit_enable} == YES
        start sendmail with ${sendmail_submit_flags}
else if ${sendmail_outbound_enable} == YES
        start sendmail with ${sendmail_outbound_flags}
endif
# MSP Queue Runner
if ${sendmail_enable} != NONE &&
   [ -r /etc/mail/submit.cf] && ${sendmail_msp_queue_enable} == YES
        start sendmail with ${sendmail_msp_queue_flags}
endif

Discussed with: Thomas Quinot <Thomas.Quinot@Cuivre.FR.EU.ORG>,
		Christopher Schulte <schulte+freebsd@nospam.schulte.org>
MFC after:	1 week
2002-03-28 03:29:22 +00:00
David E. O'Brien
4ebfe536d8 Add a sample line for lukemftp. 2002-03-26 19:54:12 +00:00
Gregory Neil Shapiro
5d4e6c0c05 Fix typos
Noticed by:	Larry Rosenman <ler@lerctr.org>
2002-03-26 16:46:27 +00:00
Ruslan Ermilov
9f1207d517 Install sys/security/lomac/*.h to /usr/include/security/lomac/.
Install sys/<arch>/include/pc/*.h to /usr/include/machine/pc/.

PR:		docs/29534

Install sys/netatm/*/*.h to /usr/include/netatm/*/.

Don't install compatibility symlinks for <machine/soundcard.h>
and <machine/joystick.h>.  Three years is enough to be aware of
the change, and these weren't visible in the SHARED=symlinks
case.

Back out include/Makefile,v 1.160 that was a null change anyway
due to the bug in the path, and we now don't want to install
these headers because they would otherwise be invisible in the
SHARED=symlinks case.

Don't install IPFILTER headers.  Userland utilities fetch them
directly, and they were not visible in the SHARED=symlinks case.

Resurrect SHARED=symlinks in Makefile.inc1.

PR:		bin/28002

Prodded by:	bde
MFC after:	2 weeks
2002-03-26 16:05:14 +00:00
Ruslan Ermilov
19ef9c1630 Removed some redundant stuff that causes compilation warnings. 2002-03-26 13:00:03 +00:00
Ruslan Ermilov
2735cfee64 Switch over to using pam_login_access(8) module in sshd(8).
(Fixes static compilation.  Reduces diffs to OpenSSH.)

Reviewed by:	bde
2002-03-26 12:52:28 +00:00
David E. O'Brien
1004420008 Don't start any sendmail process in the back ground.
Requested by:	gshapiro
2002-03-26 02:38:08 +00:00
David E. O'Brien
0ef30ec620 Don't background the sendmail-clientmqueue process -- can give:
sm-queue[181]: NOQUEUE: SYSERR(root): fill_fd: before readcf: fd 1 not open: Bad file descriptor
2002-03-25 20:53:48 +00:00
David E. O'Brien
68141defd1 Sendmail can be slow to startup.
So start it in the background to speed up booting.
2002-03-22 23:45:13 +00:00
Gregory Neil Shapiro
68cbd14239 Instead of dealing with the endless requests to provide more DNS based
black lists in the default config, give a pointer to a non-static list.
I was convinced this was the right thing to do after getting a PR
asking to add ORBZ the day before ORBZ went off the air.

PR:		conf/35884
MFC after:	4 days
2002-03-22 06:40:26 +00:00
Dag-Erling Smørgrav
d221a687b8 Install moduli instead of primes 2002-03-21 21:44:03 +00:00
Dag-Erling Smørgrav
e516274c3e This commit was generated by cvs2svn to compensate for changes in r92894,
which included commits to RCS files with non-trunk default branches.
2002-03-21 21:43:25 +00:00
Dag-Erling Smørgrav
8b04ebcbfe Import OpenBSD's moduli file. 2002-03-21 21:43:25 +00:00