Commit Graph

92 Commits

Author SHA1 Message Date
Warner Losh
c6063d0da8 Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.
2014-05-06 04:22:01 +00:00
Baptiste Daroussin
6a54f620e5 Rename WITHOUT_DMA into WITHOUT_DMAGENT to avoid confusion
Requested by:	ian
2014-02-22 13:05:23 +00:00
Baptiste Daroussin
a9e8641da9 Import Dragonfly Mail Agent into base system
It is a small and lightweight Mail Transport Agent.
It accepts mails from locally installed Mail User Agents (MUA) and delivers the
mails either locally or to a remote destination. Remote delivery includes
several features like TLS/SSL support, SMTP authentication and NULLCLIENT.

Make dma conditional to new WITHOUT_DMA option and make it respect WITHOUT_MAIL

Reviewed by:	peter
Discussed with:	emaste, bz, peter
2014-02-21 07:26:49 +00:00
Pawel Jakub Dawidek
42a8595256 Please welcome casperd daemon. It (and its services) will be responsible for
giving access to functionality that is not available in capability mode
sandbox. The functionality can be precisely restricted.

Start with the following services:
- system.dns - provides API compatible to:
	- gethostbyname(3),
	- gethostbyname2(3),
	- gethostbyaddr(3),
	- getaddrinfo(3),
	- getnameinfo(3),
- system.grp - provides getgrent(3)-compatible API,
- system.pwd - provides getpwent(3)-compatible API,
- system.random - allows to obtain entropy from /dev/random,
- system.sysctl - provides sysctlbyname(3-compatible API.

Sponsored by:	The FreeBSD Foundation
2013-12-02 08:21:28 +00:00
Julio Merino
fba3cde907 Build and install the atf tests.
Reviewed by:	freebsd-testing
Approved by:	rpaulo (mentor)
2013-11-08 14:33:41 +00:00
Julio Merino
e01d128a42 Subsume the functionality of MK_ATF into MK_TESTS.
There is no reason to keep the two knobs separate: if tests are
enabled, the ATF libraries are required; and if tests are disabled,
the ATF libraries are not necessary.  Keeping the two just serves
to complicate the build.

Reviewed by:	freebsd-testing
Approved by:	rpaulo (mentor)
2013-11-08 14:24:47 +00:00
Dag-Erling Smørgrav
5f3850777e By popular demand, move freebsd-version(1) from /libexec to /bin.
Approved by:	re (gjb)
2013-10-09 20:47:20 +00:00
Dag-Erling Smørgrav
e5abbf165e Introduce the /libexec/freebsd-version script, which is intended to be
used by auditing tools to determine the userland patch level when it
differs from what `uname -r` reports.  This can happen when the system
is kept up-to-date using freebsd-update and the last SA did not touch
the kernel, or when a new kernel has been installed but the system has
not yet rebooted.

Approved by:	re (glebius)
2013-10-07 10:26:38 +00:00
Marcel Moolenaar
c175365cec Add ATF to the build. This is may be a bit rought around the egdes,
but committing it helps to get everyone on the same page and makes
sure we make progress.

Tinderbox breakages that are the result of this commit are entirely
the committer's fault -- in other words: buildworld testing on amd64
only.

Credits follow:

Submitted by:	Garrett Cooper <yanegomi@gmail.com>
Sponsored by:	Isilon Systems
Based on work by:	keramida@
Thanks to:	gnn@, mdf@, mlaier@, sjg@
Special thanks to:	keramida@
2012-10-22 01:18:41 +00:00
Ed Schouten
2208eadf43 Add a new library: libulog.
One of the things I really want to do, is to get rid of the limitations
of our current utmp(5) mechanism:

- It only allows 8 byte TTY device names.
- The hostname only allows 16 bytes of storage.

I'm not a big fan of <utmpx.h>, but I think we should at least try to
add parts of it. Unfortunately we cannot implement <utmpx.h>, because we
miss various fields, such as ut_id, ut_pid, etc. The API provided by
libulog shares some similarities with <utmpx.h>, so it shouldn't be too
hard to port these applications eventually. In most simple cases, it
should just be a matter of removing the ulog_ prefix everywhere.

As a bonus, it also implements a function called ulog_login_pseudo(),
which allows unprivileged applications to write log entries, provided
they have a valid file descriptor to a pseudo-terminal master device.

libulog will allow a smoother transition to a new file format by adding
a library interface to deal with utmp/wtmp/lastlog files. I initially
thought about adding the functionality to libutil, but because I'm not
planning on keeping this library around forever, we'd better keep it
separated.

Next items on the todo list:

1. Port applications in the base system (and ports) to libulog, instead
   of letting them use <utmp.h>.
2. Remove <utmp.h>, implement <utmpx.h> and reimplement this library on
   top.
3. Port as many applications as possible back to <utmpx.h>.
2009-12-03 15:48:24 +00:00
Remko Lodder
c8b385c86f Do the first step in removing lukemftpd from the base system. Disconnect
it from the build.

If you are using the FTP daemon, please consider using the port ftp/tnftpd
which is the same FTP server, but newer and might have more/better
functionality.

This results in us providing only one ftp daemon by default.

Reviewed by:	bz
Approved by:	imp (mentor, implicit)
MFC after:	3 days
Silence from:	obrien
2009-09-03 16:34:20 +00:00
Doug Barton
7dcdb93f91 Per the man page:
The makekey utility has been deprecated and will be removed in a future
release of FreeBSD.

Actually removing it was approved back on 10/29/2007 by re (kensmith) but
I dropped the ball on actually removing it. It's doubtful that it's become
more relevant/useful in the intervening time.
2009-05-26 00:07:02 +00:00
Sam Leffler
690f477d75 add new build knobs and jigger some existing controls to improve
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd

Reviewed by:	various (posted to arch)
MFC after:	1 month
2008-09-21 22:02:26 +00:00
Ed Schouten
878f530ff8 Remove the now unneeded pt_chown utility.
Before we had a posix_openpt() that allocated PTY's with proper
permissions in place, we used this set-uid utility to change the
ownership of PTY slave devices to the real user ID of the process. This
utility was used to implement grantpt().

In my first designs of the MPSAFE TTY layer, I replaced this by adding
an ioctl() called TIOCGRANTPT, which was used to change the ownership.
I left the pt_chown utility, because older C libraries needed it to work
properly.

After some discussions back in June I changed the PTY code to set
permissions properly upon creation. Fortunately the previous grantpt()
implementation changed permissions by hand when pt_chown is not
installed, which always succeeds. This means grantpt() still works
properly, even though the set-uid utility is missing.

I've done tests with FreeBSD 5.2.1, FreeBSD 6.3 and FreeBSD 7.0 jails.
All of them still work if I remove pt_chown.

Reviewed by:	philip (ex-mentor)
2008-08-24 10:01:22 +00:00
Yaroslav Tykhiy
b2c4f888fd Add a hackish knob to skip rtld, NO_RTLD. In conjunction with
src/Makefile.inc1 rev. 1.590, it can allow installing a world
cross-built for a different arch over the live system.  The procedure
is more or less as follows:

	cp -R /rescue /rescue.old
	make installkernel TARGET_ARCH=foo
	make -DNO_RTLD installworld TARGET_ARCH=foo
	     ^^^^^^^^^
	PATH=/rescue.old
	chflags noschg /libexec/ld-elf.so.1
	cp /usr/obj/foo/usr/src/libexec/rtld/ld-elf.so.1 /libexec
	chflags schg /libexec/ld-elf.so.1
	<ditto for ld-elf32.so.1 if installing for amd64>
	reboot
2007-10-31 11:19:32 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Jacques Vidrine
a8e0b2e8ab Remove rexecd(8), a server that implements a particularly insecure
method of executing commands remotely.  There are no rexec clients in
the FreeBSD tree, and the client function rexec(3) is present only in
libcompat.  It has been documented as "obsolete" since 4.3BSD, and its
use has been discouraged in the man page for over 10 years.
2005-06-10 20:52:36 +00:00
David E. O'Brien
e2c421f7f2 Enable lukemftpd for 6.0-RELEASE. 2005-05-16 17:12:23 +00:00
Ruslan Ermilov
24fe1eafe4 Install rlogind(8). Pointy hat is available on request. 2005-03-03 15:59:32 +00:00
Tom Rhodes
c71158d453 Wrap BSD r* commands in NO_RCMDS.
Change NO_RCMDNS to NO_RCMDS and do the switch in bsd.compat.mk.

Discussed with: ru, nectar
2005-03-02 11:53:22 +00:00
Ruslan Ermilov
73f9c36206 The only user of this utility (share/man/man0) was removed 2+ years ago. 2005-02-09 19:50:45 +00:00
Ruslan Ermilov
ab7a294721 NODOCCOMPRESS -> NO_DOCCOMPRESS
NOINFO -> NO_INFO
NOINFOCOMPRESS -> NO_INFOCOMPRESS
NOLINT -> NO_LINT
NOPIC -> NO_PIC
NOPROFILE -> NO_PROFILE
2004-12-21 09:33:47 +00:00
Bjoern A. Zeeb
6c58990d47 Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set.
If turned on  no NIS support and related programs will be built.

Lost parts rediscovered by:	Danny Braniss <danny at cs.huji.ac.il>
PR:		bin/68303
No objections:	des, gshapiro, nectar
Reviewed by:	ru
Approved by:	rwatson (mentor)
MFC after:	2 weeks
2004-11-13 20:40:32 +00:00
Dag-Erling Smørgrav
cd3ee173f9 Switch from BIND 8 to BIND 9.
Submitted by:	(in part) dougb@, trhodes@
Reviewed by:	dougb@, trhodes@, re@
MFC after:	5 days
2004-09-21 19:01:48 +00:00
David E. O'Brien
d8a921c775 Commit a crude hack so we get sparc64 snapshots working again with a
stable ld.so.  We need to revisit the rtld-elf/sparc64/rtld_start.S
rev. 1.5 and rtld-elf/sparc64/rtld_machdep.h rev. 1.5, which was
suppose to allow stock Binutils 2.13 (and later) to be used.
2004-06-17 16:08:20 +00:00
David E. O'Brien
9896c5f11a Fall out from Binutils 2.15: don't bulid the ld.so on Sparc64. 2004-06-17 03:04:24 +00:00
Max Laier
8d69c48be5 Link pf to the build and install:
This adds the former ports registered groups: proxy and authpf as well as
the proxy user. Make sure to run mergemaster -p in oder to complete make
installworld without errors.

This also provides the passive OS fingerprints from OpenBSD (pf.os) and an
example pf.conf.

For those who want to go without pf; it provides a NO_PF knob to make.conf.

__FreeBSD_version will be bumped soon to reflect this and to be able to
change ports accordingly.

Approved by:	bms(mentor)
2004-03-08 22:03:29 +00:00
Ruslan Ermilov
d10a8d6cb4 - Build things in pure dictionary order (see sort(1)).
- Unify the conditional assignments section so that architectural
  exclusions come first, then options and !options, sorted by the
  option name, also in directory order, then architecture specific
  sections, sorted by the architecture name, with i386 being a
  traditional exception.

Prodded by:	bde
2004-01-16 15:23:19 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Peter Wemm
b82eca913d Do not exclude amd64 from rtld-elf builds.
Approved by:  re  (safe amd64 support commits)
2003-05-24 17:38:45 +00:00
Dag-Erling Smørgrav
7691f66abf Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
Mark Murray
1cec3c808d Allow a NOPIC "make world" to complete.
OK'ed by:	re(scottl)
2003-05-11 18:48:29 +00:00
Peter Wemm
b2d14fd9bb Exclude rtld-elf for amd64. More porting is still needed.
Approved by:  re (scottl)
2003-05-08 06:37:12 +00:00
Mark Murray
dbf104e68d Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
Ruslan Ermilov
a52672e938 Build non-crypto telnet(1) and telnetd(8) if NO_OPENSSL is defined.
Submitted by:	Marius Strobl <marius@alchemy.franken.de>
2003-05-01 19:38:15 +00:00
Ruslan Ermilov
2266b8c0d4 Don't clobber Kerberos5 telnet(1) and telnetd(8) with non-crypto versions. 2003-04-30 07:24:35 +00:00
Warner Losh
706d0ee075 Add back # accidentally deleted in 1.54 2003-04-27 06:16:52 +00:00
Warner Losh
b4e225bef1 This is no longer needed after tw is gone.
Approved by: re@ (scottl)
2003-04-27 05:43:42 +00:00
Juli Mallett
d3951ad162 Implement POSIX grantpt(3) functionality, and add a pt_chown utility (akin
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.

Submitted by:	Ryan Younce <ryany@pobox.com>
Reviewed by:	security-officer@, standards@, mike@
2003-01-02 20:44:41 +00:00
David E. O'Brien
a6f8d995f3 [DAIVD O'BRIEN's OPINION]
Head off what I think is an abuse of the TRB, and disable lukemftpd.
2002-11-12 17:31:12 +00:00
Mike Barcroft
0b15d9a1b6 Hook rpc.rstatd back up to the build now that it compiles. 2002-10-02 18:37:11 +00:00
John Baldwin
c58ff411bc Unhook rpc.rstatd from the build until it actually compiles. 2002-10-02 16:14:16 +00:00
Peter Wemm
66422f5b7a Initiate deorbit burn for the i386-only a.out related support. Moves are
under way to move the remnants of the a.out toolchain to ports.  As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL.  It has already lasted WAY beyond
that.

Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.

Tested on: i386 (extensively), alpha
2002-09-17 01:49:00 +00:00
David Malone
23b25ee7e4 Add tcpd to the build - though we don't need to for inetd, someone might
want it for some other service-running program.

Approved by:	markm
MFC after:	1 week
2002-08-13 14:03:40 +00:00
David E. O'Brien
5c4ff40599 Add lukemftpd to the mix. 2002-02-27 18:37:21 +00:00
Kris Kennaway
2e1c178949 Migrate uucpd to ports as well.
Noticed by:	ru
2001-10-01 07:53:13 +00:00
Ruslan Ermilov
0dc44b5add Do not build (and install) both secure/ and standard versions
of libtelnet, telnetd, and telnet.  This only worked because
secure/ was listed late in SUBDIR in Makefile.inc1.

Reviewed by:	markm
2001-03-26 12:49:05 +00:00
Doug Barton
27a803d631 Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
2001-01-11 13:01:20 +00:00
Dan Moschuk
e4322bc6d3 Wrap uucpd behind the NOUUCP knob.
Noticed by: Doug Barton
2000-03-24 18:21:09 +00:00