Commit Graph

5148 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
c02d68217d Make obrien happy #2 2008-08-25 16:31:53 +00:00
Dag-Erling Smørgrav
e64eb994bf Make obrien happy 2008-08-25 16:28:54 +00:00
Ed Schouten
0a3bd811c6 Restore 256 pty(4) entries.
As discussed with Robert Watson on the src-committers list, it is safer
to keep at least some pty(4) entries in /etc/ttys, for applications that
roll their own PTY allocation routine and only search for BSD-style
PTY's.

This means we've now just toggled the amount of entries for pts(4) and
pty(4).

Requested by:	rwatson
2008-08-24 08:41:29 +00:00
Ed Schouten
fa38c73642 Remove old BSD-style entries from /etc/ttys and increase pts(4) to 512.
Because we now use pts(4)-style PTY's exclusively, there is no use for
these entries in /etc/ttys. Right now the pts(4) entries only go from 0
to 255. Because we're going to touch these files anyway, increase the
number to 511.

Discussed with:	philip (ex-mentor)
2008-08-23 14:36:39 +00:00
Rui Paulo
20c78c6e69 Cope with the file rename by changing rc variables. 2008-08-21 00:04:19 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
David E. O'Brien
55a738ec2b Rename the RCng 'kernel' script to 'kernel_symlink'. 2008-08-20 03:02:06 +00:00
David E. O'Brien
5241279fa1 Rename the RCng 'kernel' script to 'kernel_symlink'.
Requested by: many
2008-08-19 14:23:31 +00:00
John Baldwin
66f8d384cf Allow the network addresses and interface names for the "client" and
"workstation" firewall types to be set from rc.conf so that rc.firewall
no longer needs local patching to be usable for those types.  For now
I've set the variables in /etc/defaults/rc.conf to the previous defaults
in /etc/rc.firewall.

PR:		bin/65258
Submitted by:	Valentin Nechayev  netch of netch.kiev.ua
Silence from:	net
MFC after:	2 weeks
2008-08-15 19:20:59 +00:00
John Baldwin
176baffe3f For the "client" and "simple" network types, collapse the separate "net"
and "mask" variables into a single "net" variable that contains a full
network address (including either a netmask or prefix length at the user's
choice).  Update the example settings to match.

MFC after:	2 weeks
2008-08-15 19:14:25 +00:00
John Baldwin
228835b658 Use 'me' rather than explicit IP addresses for the "simple" and "client"
firewall configurations.

PR:		bin/65258
Silence on:	net@
MFC after:	1 week
2008-08-15 18:58:15 +00:00
John Baldwin
7b0b86a726 For the firewall_* variables that are specific to the "workstation"
firewall type, note that property in their description.

MFC after:	1 week
2008-08-15 18:48:29 +00:00
Antoine Brodin
86e82d6ef7 Improve periodic/security/550.ipfwlimit a bit:
- don't run it if net.inet.ip.fw.verbose = 0 as it is pointless
- handle rules without logging limit correctly [1]
(those rules show up without logamount in "ipfw -a list")

PR:		conf/126060 [1]
MFC after:	1 month
2008-08-10 18:11:24 +00:00
David E. O'Brien
01faf7789b Only symlink booted kernel directory to /boot/kernel if user has explicitly
requested it.  This is too dangerous to just do behind the admin's back.
2008-08-09 01:19:00 +00:00
Colin Percival
9c4ca95bf7 Add /usr/share/man/whatis, /var/db/locate.database, and /var/log to the
list of paths which `freebsd-update IDS` should ignore by default.
2008-08-08 10:36:16 +00:00
Daniel Gerzo
1f696cd2bc - back out my last commit as it seems to be wrong.
Spotted by: das
2008-08-03 19:01:07 +00:00
Colin Percival
a7fbbdf0a4 Make freebsd-update IDS not complain about /usr/share/man/cat* by
default.
2008-08-02 00:11:43 +00:00
Doug Barton
c1f84335c4 When using SRV records the protocols and services files need to be in the
chroot /etc directory.

PR:		conf/121101
Submitted by:	Stefan `Sec` Zehl <sec@42.org>
2008-08-01 06:11:33 +00:00
Doug Barton
d25761ca5b Add the -c option for named_flags (still commented out) that is
relevant for ports users, and change the comment to match.

While I'm here fix the capitalization of the named_program comment.
2008-08-01 05:15:54 +00:00
John Baldwin
4746c560a4 Oops, restore the recent changes to make startup messages quieter. 2008-07-31 22:13:14 +00:00
John Baldwin
4ceda705b7 Parse sysctl settings from /etc/sysctl.conf.local after /etc/sysctl.conf
if it exists.  This mirrors similar behavior for /boot/loader.conf and
/etc/rc.conf.

Obtained from:	Yahoo!
MFC after:	1 week
2008-07-31 21:57:35 +00:00
Antoine Brodin
c9853f4659 Remove an empty directory that is already in ObsoleteFiles.inc from
mtree/BSD.usr.dist
2008-07-28 17:42:37 +00:00
Andrew Thompson
c7971a92ea Change the module example to kldload since this is the resume side. 2008-07-21 22:55:40 +00:00
Marcel Moolenaar
8941d4ae1d Remove sioX as an alias for uartX. It is believed to be
more confusing than helpful.

Suggested by: jhb
2008-07-21 22:38:00 +00:00
Marcel Moolenaar
ba5e45704b With uart(4) default, change sio# to uart# so that
out-of-the-box FreeBSD is consistent.
2008-07-19 20:12:33 +00:00
Marcel Moolenaar
9005d65e46 With uart(4) default, change /dev/cuad# to /dev/cuau# and
sio# to uart# so that out-of-the-box FreeBSD is consistent.
2008-07-19 20:12:02 +00:00
Marcel Moolenaar
7fc2c2bc83 With uart(4) default, change /dev/cuad# to /dev/cuau# and
sio# to uart# so that out-of-the-box FreeBSD is consistent.
2008-07-19 20:11:33 +00:00
Marcel Moolenaar
abc45eb8f5 With uart(4) default, change /dev/cuad# to /dev/cuau# so that
out-of-the-box FreeBSD is consistent.
2008-07-19 20:00:18 +00:00
Marcel Moolenaar
9e859260ff With uart(4) default, change /dev/cuad# to /dev/cuau# so that
out-of-the-box FreeBSD is consistent.  Add uart[0-7] as a
fingerfriendly shortcut alongside sio[0-7] and com[1-8].
2008-07-19 19:08:22 +00:00
Daniel Gerzo
f8c76347e1 - dns queries might go also over TCP, so allow it.
Approved by:	rink
MFC after:	1 week
2008-07-17 20:00:18 +00:00
Doug Barton
04f0f225dd Add the shutdown KEYWORD to those scripts that start persistent services
to allow them to do a "clean" shutdown.

I purposely avoided making changes to network-related stuff since the
system shutting down is pretty conclusive, and there may be complicated
dependencies on the network that I would rather not try to unravel.

I also skipped kerberos-related stuff for the reasons above, and
because I have no way to test it.
2008-07-16 19:50:29 +00:00
Doug Barton
2b9851690c As previously discussed, add the svn:executable property to all scripts 2008-07-16 19:22:48 +00:00
Ed Schouten
f4d811f0b2 Make uart(4) the default serial port driver on i386 and amd64.
The uart(4) driver has the advantage of supporting a wider variety of
hardware on a greater amount of platforms. This driver has already been
the standard on platforms such as ia64, powerpc and sparc64.

I've decided not to change anything on pc98. I'd rather let people from
the pc98 team look at this.

Approved by:	philip (mentor), marcel
2008-07-13 07:20:14 +00:00
Doug Barton
919dbc2969 Strongly discourage the use of the query-source option, and explain why.
Give a better example if a user absolutely must use this option, and
suggest they pick something from the ephemeral port range rather than
port 53. This means that the example will not work if it is merely
uncommented, but this will hopefully encourage users to read the comment.
2008-07-12 10:00:36 +00:00
Mike Makonnen
5692c36098 The pfctl(8) program is already pretty verbose, so don't print extra
information in quiet mode.
2008-07-11 08:11:49 +00:00
Mike Makonnen
9300b74ce4 Remove the $DUMPDIR variable. It's redundant and the rest of the
script uses $dumpdir directly.
2008-07-06 08:31:29 +00:00
Mike Makonnen
f562910214 Make checking for the availability of core dumps work in the case
that $dumpdev is not set to "AUTO".

Reported by: Paul B. Mahol <onemda@gmail.com>
2008-07-06 07:51:29 +00:00
Mike Makonnen
7a711eb359 No need to display the result of enabling the ipfw sysctl if it's
successfull. Issue a warning if it fails, however.
2008-07-05 15:27:39 +00:00
Mike Makonnen
8144c9ac9b There's no need to announce that we're mounting local filesystems when
running in quiet mode since if we fail to mount any of them the boot
process gets interrupted.
2008-07-05 15:19:58 +00:00
Mike Makonnen
c5a80a7a3b Quiet down rc.d/nfsclient by not printing anything in 'quiet' mode. Instead
issue a warning of it fails to set the sysctls.
2008-07-05 15:13:21 +00:00
Mike Makonnen
10df26f936 Rev. 1.8 broke matching on lines where the failure mode is at the head
of the message, such as:
  Jun 30 10:49:21 rogue sshd[17553]: Invalid user iceman from 127.0.0.1

PR: conf/124569
Submitted by:	Taku <taku@tekipaki.jp>
2008-06-30 08:01:47 +00:00
Mike Makonnen
cca7688f37 Backout r179941. The nfsclient knob always confuses me. I should have
double-checked my setup before commiting.

Noticed by: Florian Smeets
Pointy hat to: mtm
2008-06-27 15:45:17 +00:00
Rui Paulo
aea6188719 Add the missing support for Asus Eee PC in acpi_asus(4).
This includes hotkeys support and sysctl variables to control camera
and card reader. These new sysctls don't have CTFLAG_ANYBODY set.

While there add entries to devd.conf related to the Eee volume keys.

Reviewed by:	phillip
MFC after:	1 week
Also tested by:	lme (previous version)
2008-06-27 12:04:36 +00:00
Mike Makonnen
522b9831bd Quiet rc.d/syscons unless it has something to say. 2008-06-24 21:01:56 +00:00
Mike Makonnen
45a5dc937d Add a -q flag to swapon(8) to suppress informational messages. Use it in
rc.d.
Note: errors are not affected by this flag.
2008-06-23 22:17:08 +00:00
Mike Makonnen
d9fcd86c3a The sysctl(8) program exits on some errors and only emits warnings on
others. In the case where it displayed warnings it would still return
succesfully. Modify it so that it returns the number of sysctls that
it was not able to set.

Make use of this in rc.d to display only *unsuccessfull* attempts to
set sysctls.
2008-06-23 22:06:28 +00:00
Mike Makonnen
2794059010 Run savecore(8) only if there is a core dump to save. If there is
no core dump hide the message to that effect behind $rc_quiet.
2008-06-23 20:54:32 +00:00
Mike Makonnen
b064049801 Implement a "quiet" mode for rc.d/netif, which only outputs
the interface name of interfaces that were configured.

This change has the added benefit that ifn_start() and
ifn_stop() in network.subr no longer write to standard output.
Whether to output and what to output is now handled entirely
in rc.d/netif.
2008-06-23 20:50:11 +00:00
Mike Makonnen
e2a76fa732 Set the sysctl(8) value in the same shell, not a subshell. This was
causing calls to netoptions_init() to not properly set a global variable,
which ended up being in the parent shell.
2008-06-23 12:06:35 +00:00
Mike Makonnen
d7c5bf81cb Move the diagnostic output when the rc.subr(8) glue automatically starts a
service behind $rc_quiet. Instead, output a warning if the pre-command
routine or the command itself failed. Arguably, it's more useful to know when
a command failed to start than it is to have an endless list of
"Starting ...." lines[1].

[1] - This change actually helped me to discover a bug in rc.d/{lockd,statd}
      (fixed in r179941) that used to fail silently before.
2008-06-23 05:09:09 +00:00
Mike Makonnen
94789e5ca4 Move a lot of diagnostic output behind $rc_quiet in scripts that
implement their own start command.
2008-06-23 04:46:54 +00:00
Mike Makonnen
252c018f5f Align the script more with rc.d/cleanvar (which doesn't output any
diagnostics). Instead, move output behind $rc_quiet.
2008-06-23 04:42:58 +00:00
Mike Makonnen
4af728134c Remove the -v flag from the command line to dumpon(8), and instead print
diagnostic ouput only if the command fails.
2008-06-23 04:39:36 +00:00
Mike Makonnen
40c3350ab9 Remove pointless informational message. 2008-06-23 04:18:22 +00:00
Mike Makonnen
3e9cc7692f Argh! s/nfs_client_enable/nfsclient_enable/g 2008-06-23 04:05:39 +00:00
Mike Makonnen
8b5adf2fab Do not print anything unless one of the net/routing options is set. 2008-06-23 04:00:45 +00:00
Mike Makonnen
b16a98ec6f s/daemon processes/local packages/ for consisitency. 2008-06-23 03:49:30 +00:00
Mike Makonnen
f27ca6ea2f Output information only if /etc/rc.local exists. 2008-06-22 16:23:39 +00:00
Mike Makonnen
3c81343da6 Do not print anything unless at least one of the abi emulators is
enabled.
2008-06-22 16:19:50 +00:00
Mike Makonnen
3dce702718 Simplify this script with the added bonus that the bit about i386
initialization doesn't get printed unless ibcs2_enable is set.
2008-06-22 15:57:50 +00:00
Mike Makonnen
69ad4d6960 Don't say we're going to mount filesystems of a certain type unless
there actually are filesystems of that type to mount.
2008-06-22 15:40:19 +00:00
Mike Makonnen
3773d8c3cf Don't say we're going to [start|stop] local packages unless there actually
are local (pre rc.d) scripts to run.
2008-06-22 15:34:40 +00:00
Mike Makonnen
7d28174b91 Make quota knob conform to other rc(8) knobs. Keep older knob for
compatibility.

Requested by: Volker <volker@vwsoft.com>
2008-06-19 07:06:11 +00:00
Mike Makonnen
8717ddefb6 Move the check for enabled knobs further down in run_rc_command() so
that bogus commands cause usage information to be printed instead of
diagnostics about enabling the knob.
2008-06-19 06:11:34 +00:00
Kip Macy
04d2afedf1 remove incorrect comment that I missed in my last change 2008-06-15 13:26:25 +00:00
Kip Macy
3edb14e94b Stop moused on a detach event. Remove incorrect comment.
This fixes frequent problems with usb mice and kvm switches caused by moused hanging around.

Suggested by: Matthew Dodd

MFC after:	2 weeks
2008-06-15 13:25:23 +00:00
Giorgos Keramidas
02ca51529e Tweak rc.firewall to allow incoming limited broadcast traffic,
when configured to run in 'client' mode.

PR:		conf/15010
Submitted by:	Bill Trost, trost at cloud.rain.com
Reviewed by:	bz
MFC after:	2 weeks
2008-06-06 07:17:04 +00:00
Brooks Davis
06118b48d0 Fix the wait for default route change I made a few weeks ago by creating
a new defaultroute script that just does the wait.  The previous attempt
created a circular dependency through network_ipv6.

Pointy hat to:	brooks
2008-06-05 17:26:47 +00:00
Maksim Yevmenkin
00e41a48c2 Bluetooth SIG is being difficult and keep moving specification
documents away from being public accessible. Replace link to
the Bluetooth specification document with the document name.

Pointed out by:	SoftLover < slserg at uic dot tula dot ru >
MFC after:	3 days
2008-05-27 17:46:32 +00:00
Bjoern A. Zeeb
2e598474fa Remove ISDN4BSD (I4B) from HEAD as it is not MPSAFE and
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.

This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation

Discussed with: rwatson, re
2008-05-26 10:40:09 +00:00
Doug Barton
5071594969 Add a missing space between a variable and the ] for a test 2008-05-26 10:10:11 +00:00
Robert Watson
e4372ceba0 Remove netatm from HEAD as it is not MPSAFE and relies on the now removed
NET_NEEDS_GIANT.  netatm has been disconnected from the build for ten
months in HEAD/RELENG_7.  Specifics:

- netatm include files
- netatm command line management tools
- libatm
- ATM parts in rescue and sysinstall
- sample configuration files and documents
- kernel support as a module or in NOTES
- netgraph wrapper nodes for netatm
- ctags data for netatm.
- netatm-specific device drivers.

MFC after:	3 weeks
Reviewed by:	bz
Discussed with:	bms, bz, harti
2008-05-25 22:11:40 +00:00
Brooks Davis
ec200b32cd Move the wait for a default route to rc.d/routing. Once we test for
non-dhcp interfaces to negotiate/associate this will make more sense.

This also correctly gets run after both devd and netif are run so it has
a chance of working.
2008-05-18 02:57:54 +00:00
Colin Percival
bdd9aff946 Add support for specifying which INDEX files to build via portsnap.conf.
Requested by:	brooks
Reminded by:	brooks, about halfway through his BSDCan talk
2008-05-17 16:26:27 +00:00
Bruce M Simpson
7e54279b42 Add support for /conf/T/M/remount_optional.
The rc.initdiskless functionality is used by NanoBSD to allow configuration
files to live on a separate configuration slice, which acts as NVRAM, whilst
the system image is mounted read-only.

Normally, if the remount command fails during boot, this is regarded as
a fatal error. If /conf/T/M/remount_optional is present, this error is
non-fatal. If the file is not present, the default behaviour is unchanged.

This is very useful for people building live CD images using FreeBSD,
where the NVRAM lives somewhere completely differently from the system image,
and may be present on removable media which is not present during the
initial boot.
2008-05-15 11:00:23 +00:00
Brooks Davis
ace19032cf Change the default value of synchronous_dhclient to NO.
To preserve the existing behavior of etc/rc.d/netif, add code to wait
up to if_up_delay seconds (30 seconds by default) for a default route to
be configured if there are any dhcp interfaces.  This should be extended
to test that the interface is actually up.

X-MFC after:
2008-05-15 01:06:10 +00:00
Brooks Davis
d0c63cd27f Fix last commit and call childif_destroy() correctly. 2008-05-15 00:08:02 +00:00
Brooks Davis
106049d9ab Don't print the interface status if we only create child or destroy
interfaces.

Correctly return status from childif_create().
2008-05-14 23:53:39 +00:00
Florent Thoumie
404b160361 Don't require a configuration file. Ntpd will be perfectly happy if there's
none or if the file doesn't exist (there's no ntp.conf in the base install).

PR:		conf/119592
Submitted by:	Renaud Waldura <renaud+freebsd@waldura.org>
MFC after:	1 week
2008-05-12 11:49:16 +00:00
Doug Rabson
33f1219925 Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
2008-05-07 13:53:12 +00:00
John Baldwin
c16e21016f Install the mpilib headers from mpt(4) into /usr/include/dev/mpt/mpilib.
This allows <sys/mpt_ioctl.h> to be used from userland.

Prodded by:	scottl
2008-05-07 04:11:21 +00:00
Mike Makonnen
68abe9bdf2 Specify the full path to the md5(1) binary so the script will
still work even if it's not in the shell's path.

PR: conf/122215
MFC after: 1 week
2008-05-06 10:40:20 +00:00
Maxim Konovalov
97752dfdc7 o Convert whitespaces to tabs. 2008-05-05 15:52:54 +00:00
Maxim Konovalov
2b30cf49b5 o Terminate "case" with "esac" not "fi".
Reported by:	Randy Bush
2008-05-05 15:50:20 +00:00
Mike Makonnen
432d4f0bce Fix improper use of checkyesno routine.
Noticed by: oliver
MFC after: 1 week
2008-05-05 07:43:48 +00:00
Warner Losh
967b36e864 Mips ttys file. Copied from i386 version with removal of the vga
entries.
2008-05-05 05:35:47 +00:00
Brooks Davis
5ed11a24b1 Replace a couple mentions of the soon to be removed vaps_<ifn>
variable form with wlans_<ifn>.
2008-05-03 07:06:48 +00:00
Brooks Davis
a54149a9ed Emit a warning when the network_interfaces variable is not set to AUTO.
MFC after:	3 days
2008-04-30 16:29:15 +00:00
Brooks Davis
89b5b33da2 Replace the prototype vaps_<ifn> and vap_create_<ifn> variables with
more wlans_<ifn> and create_args_<ifn>

Add documentation for these variants and generally update the wireless
device example.

There is are very short lived shim from vaps_<ifn> which produces
a warning and vap_create_<ifn> which does not.  Misuse the MFC
notification service to remind me to remove them.

MFC after:	3 weeks
2008-04-25 23:50:49 +00:00
Brooks Davis
ac426faa44 Revert rev 1.332 and keep ddb scripts off by default for now. Minidumps
are more flexable and much text-dump like output can be produced from
them so there's a good argument they are a better default.
2008-04-23 22:40:59 +00:00
Ruslan Ermilov
6e595c6fe0 Make it possible to disable sources of entropy harvesting.
Noticed by:	Igor Sysoev
MFC after:	3 days
2008-04-22 15:18:47 +00:00
Brooks Davis
5e347d66d7 Change the default of ddb_enable to YES so we default to generating textdumps
on panic.  This means you get a potentially useful dump even if your system
is running X when you panic.

X-MFC after:	never
2008-04-21 18:17:48 +00:00
Sam Leffler
5bd720a7c2 rc support for vaps 2008-04-20 20:37:21 +00:00
Sam Leffler
67591c284e 802.11 regulatory definitions used by ifconfig
Support by:	Hobnob
2008-04-20 20:37:02 +00:00
Brooks Davis
688e303c19 Add very limited support for the isc-dhclient. It will almostly certaintly
only work if there's just one interface doing dhcp.  This version implements
the same logic as the version in the PR, but uses pgrep to be less verbose.

PR:		conf/95905
MFC after:	1 week
2008-04-15 23:03:35 +00:00
Brooks Davis
30b6f51afe Declare _ppp_profile_cleaned, _punct, and _punct_c local in
ppp_start_profile().

Reported by:	yar
MFC after:	1 week
2008-04-10 01:32:49 +00:00
Maksim Yevmenkin
5bfd54b1ea Set defaults for the rfcomm_pppd_server rc script
MFC after:	1 week
2008-04-08 23:50:03 +00:00
Maksim Yevmenkin
97078e0796 Add rfcomm_pppd_server rc script to allow start rfcomm_pppd(8) in server
mode at boot time. Multiple profiles can be started at the same time.
The whole idea is very similar to the ppp rc script.

Document Bluetooth knobs in rc.conf(5)

MFC after:	1 week
2008-04-08 23:34:12 +00:00
Sam Leffler
2a54bb549f o add rc.conf knobs to set the wpa_supplicant program, logging flags,
and config file
o change default logging options from -q to -s (log to syslog); this
  is currently broken for boot-time startup as syslogd is started too
  late but that'll be dealt with separately

MFC after:	2 weeks
2008-04-08 23:12:15 +00:00
Sam Leffler
49658ca926 add support wired interfaces
MFC after:	2 weeks
2008-04-08 23:00:04 +00:00
Sam Leffler
823687d052 spell pidfile correctly so multiple wpa_supplicant processes can be run
MFC after:	1 week
2008-04-08 18:54:42 +00:00
Brooks Davis
ef09860eca Fix a stupid typo.
Reviewed by:	bz
2008-04-06 20:39:33 +00:00
Doug Barton
53eb99795c Back out revision 1.6, the addition of "BEFORE: mountcritremote".
mountcritremote REQUIREs FILESYSTEMS, and that script REQUIREs zfs,
so this change is a noop. By removing it we make life a little easier
both for rcorder(8) and for debugging down the road.

Approved by:	2 weeks of silence from pjd
2008-04-02 19:29:16 +00:00
Brooks Davis
14b0729b93 Add support for hardwiring ppp sessions to particular devices with new
per-profile variables of the form ppp_<profile>_unit.  No ppp_unit
variable is supported since tying the same unit to more than one profile
won't work.

PR:		conf/122127
MFC after:	1 week
2008-03-28 07:57:52 +00:00
Brooks Davis
b31eb9bec0 Support gif_interface values that don't follow the pattern gif###.
Remove ancient compatablity support for gif_interface="NO".
2008-03-28 06:50:06 +00:00
Brooks Davis
d4df47caab Remove the C flag from slip.log. The current slip userbase does not
justify the presence of a (usually empty) /var/log/slip.log on every
FreeBSD box.
2008-03-27 03:30:14 +00:00
Brooks Davis
6ea3dc3746 Allow the characters .-+/ to appear in ppp profile names by folding them
to _ when evaluating ppp_<profile>_nat and ppp_<profile>_mode.  Document
the per-profile variables.

PR:		conf/121452, conf/122127 (partial)
MFC after:	1 week
2008-03-26 21:54:48 +00:00
Remko Lodder
1fa09c8b65 Add a missing ;.
PR:		misc/122069
Submitted by:	taku@tekipaki.jp
MFC after:	3 days
Approved by:	imp (mentor, implicit trivial change).
2008-03-25 15:16:19 +00:00
Colin Percival
a3a76c6897 Add /boot/device.hints to the list of files which will have local
modifications merged.  I had initially expected that people would
put any local changes into /boot/loader.conf, but it turns out that
editing /boot/device.hints is something many people do.

Suggested by:	Jaakko Heinonen
MFC after:	1 week
2008-03-25 12:13:12 +00:00
Pawel Jakub Dawidek
2c5f8ef256 Be sure to run rc.d/zfs before mountcritremote. This way we can for example
configure devfs rules in /etc/devfs.conf for ZVOLs.

Submitted by:	Yarema <yds@CoolRat.org>
2008-03-19 14:44:55 +00:00
Xin LI
127d91856d Do nextboot -D twice during boot. The first time in rc.d/root which ensures that
we can remove the file as early as possible, but shut up nextboot at this moment
if the operation is failed, because /boot is not necessarily a part of /; the
newly added second run is placed in rc.d/mountlate after all filesystems were
mounted.

Discussed at:		-rc@
Suggestions from:	brooks, mtm
MFC after:		1 month
2008-03-11 17:21:14 +00:00
Xin LI
510a00dc93 root 2008-03-11 17:20:34 +00:00
Mike Makonnen
f2e7477d21 The check for errors from the mount command did not work as intended
because another command (echo) is executed between the mount command
and the check.

Reported by: Sergey Baturov <sergey@toor.org.ru>
MFC after: 2 weeks
2008-03-06 14:39:33 +00:00
Mike Makonnen
0ffc99e80d The rarpd(8) daemon must be instructed to start on all interfaces or a
specific one. Instruct it to listen on all interfaces so that enabling
it in rc.conf(5) works "out of the box."

PR:	conf/121406
Submited by: trasz
MFC after: 1 week
2008-03-06 14:01:10 +00:00
Brooks Davis
ae2edb2af1 Use the new command file feature of ddb(8) to support setting ddb(4)
scripts at boot.  This is currently disabled by default. /etc/ddb.conf
contains some potentially reasonable default scripts.

PR:		conf/119995
Submitted by:	Scot Hetzel <swhetzel at gmail dot com> (Earlier version)
X-MFC after:	textdumps
2008-03-05 18:32:58 +00:00
Gregory Neil Shapiro
1bb3032058 Fix quoting for the dnsbl example -- m4 misparses quoted strings with
commas due to our deconstruction of the line in cf/feature/dnsbl.m4.

PR:		120038
Submitted by:	mattijs vreeling
MFC after:	1 week
2008-02-17 05:38:29 +00:00
Gregory Neil Shapiro
2c8f5e0c3e Use better examples (and comment them out for safety).
PR:             118837
Submitted by:   Matthew Seaman
MFC after:      1 week
2008-02-17 05:22:08 +00:00
Doug Barton
4a4e965247 From the 4 February 2008 update:
IPv6 addresses for 6 of the root name servers!
2008-02-07 06:28:02 +00:00
Dag-Erling Smørgrav
43085e37e4 Eliminate xargs in favor of find -exec {} + 2008-02-03 00:33:05 +00:00
Dag-Erling Smørgrav
a4afe9200c Rewrite to consume significantly less memory, by using find -s instead of
find | sort.  As a bonus, this simplifies the logic considerably.  Also
remove the bogus "overruning the args to ls" comment and the corresponding
"-n 20" argument to xargs; the whole point with xargs is precisely that it
knows how large the argument list can safely get.

Note that the first run of the updated script may hypotheticall produce
false positives due to differences between find's and sort's sorting
algorithm.  I haven't seen this during testing, but others might.

MFC after:	2 weeks
2008-02-02 12:27:37 +00:00
Brooks Davis
983daa047f When the state of the interface changes rapidly enough (usually due to
rapid wireless association changes in my experience), there is a race
where dhclient is in the process of exiting due to the link going down
when the link coming up causes devd to try and start a new one.  This
results is the link being up, but no dhclient running.

Work around this race by checking a second time after a one second delay
before refusing to start a dhclient instance due to one already being
running.

MFC after:	1 week
2008-02-01 23:43:58 +00:00
Mike Makonnen
82e9dc59ce Add a dummynet_enable knob to go with firewall_enable. If this knob
is enabled dummynet(4) is added to the list of required modules.

Discussed on:	#freebsd-bugbusters (rwatson, trhodes)
PR:		conf/79196
MFC after:	1 week
2008-01-27 15:15:12 +00:00
Mike Makonnen
73981c381a Clarify that devfs_system_ruleset should contain a name, not a number.
Prompted by PR conf/85363

MFC after: 3 days
2008-01-27 13:45:20 +00:00
Mike Makonnen
ae4d6ea88f Generally, anything that runs rc.d scripts internally should
start using the quiet prefix (i.e. quietstart, quietstop, etc...).
2008-01-26 14:02:19 +00:00
Mike Makonnen
8511b3cb47 Generally, anything that runs rc.d scripts internally should
start using the quiet prefix (i.e. quietstart, quietstop, etc...).
2008-01-26 13:50:38 +00:00
Mike Makonnen
016cb0ba87 Use 'quietstart' so as not to get spammed with informational diagnostics. 2008-01-26 13:37:48 +00:00
Mike Makonnen
a850398f3b Re-implement: do not silently fail when a command is not carried
out because the rc.conf(5) variable was not enabled. Display a
message that the command wasn't run and offer suggestions on
what the user can do.

Implement a quiet prefix, which will disable some diagnostics. The
fast prefix also implies quiet. During boot we use either fast or
quiet. For shutdown we already use 'faststop'. So, this informational
message should only appear during interactive use.

An additional benefit of having a quiet prefix is that we can start
putting some of our diagnostic messages behind this knob and start
"de-cluttering" the console during boot and shutdown.
2008-01-26 11:22:12 +00:00
Mike Makonnen
581487018d Backout previous commit. It's going to clutter the console
during boot and shutdown. I think I'll hide it behind autoboot or
maybe take brooks@ suggestion and implement a different command
prefix for booting/shutdown purposes, but in any case it needs more
thought and attention.

Noticed by: ceri
Pointyhat to: mtm
2008-01-25 16:44:34 +00:00
Mike Makonnen
0908cccf90 If the rc.conf(5) variable for a script is not enabled do not fail
silently. Display a message that the command wasn't run and make
possible suggestions for what to do.

PR:	   conf/118770
MFC after: 1 week
2008-01-25 15:06:26 +00:00
Mike Makonnen
c3ff913134 Rev. 1.6 made it impossible to use rc.d/kerberos with the krb5 port.
Re-implement the change so that the script once again works with
the krb5 port.

Submitted by: kensmith (slightly modified)
MFC after: 3 days
2008-01-25 05:23:01 +00:00
Ruslan Ermilov
e57918352b Shorter equivalent of the command. 2008-01-24 07:04:12 +00:00
Rong-En Fan
8602063e3c Improve kernel NAT support in rc.firewall
- Allow IP in firewall_nat_interface, just like natd_interface
- Allow additional configuration parameters passed to ipfw via
  firewall_nat_flags
- Document firewall_nat_* in defaults/rc.conf

Tested by:	Albert B. Wang <abwang at gmail.com>
MFC after:	1 month
2008-01-21 04:41:18 +00:00
Simon L. B. Nielsen
ce4c63c52a Add warning about this script dealing with untrusted data.
MFC after:	1 week
2008-01-13 14:27:53 +00:00
Maxim Konovalov
2123fbe6cd o From the Problem Report: the TCP_DROP_SYNFIN kernel option is now
included in the kernel by default.  Remove reference to this option
from defaults/rc.conf and rc.conf(5).

PR:		conf/119098
Submitted by:	Beat Gaetzi
MFC after:	1 week
2008-01-12 20:52:30 +00:00
Maxim Konovalov
991eaf3af4 o Correct an info about "Firewalls and Internet Security" book: name,
authors list, ISBN, URLs.

PR:		conf/119590
MFC after:	1 week
2008-01-12 19:02:09 +00:00
Doug Barton
d207e3a35c Remove from the default empty zone list zones that, unlike the others,
could theoretically be allocated one day.
2008-01-11 22:41:21 +00:00
Diomidis Spinellis
f029c53a5c A new configuration variable, daily_status_mail_rejects_shorten, allows
the rejected mail reports to tally the rejects per blacklist without
providing details about individual sender hosts.  The default configuration
keeps the reports in their original form.

MFC after:	1 week
2008-01-08 07:22:43 +00:00
Doug Barton
0079ea2086 Update pkg_version_index to INDEX-8 2007-12-20 20:37:22 +00:00
John Baldwin
af14f69c40 Only pass paths to directories or config files that exist for ldconfig for
32-bit binaries.

MFC after:	3 days
2007-12-13 00:51:01 +00:00
Doug Barton
d6128b96d7 Add an empty stop_cmd to the remaining scripts that don't start
daemons and don't already have one.
2007-12-08 23:00:28 +00:00
Doug Barton
716df058ef Remove a meaningless KEYWORD 2007-12-08 22:40:31 +00:00
Doug Barton
b9070edf0f Remove the bootconf.sh script. It was never used on FreeBSD, and was
removed from the Makefile in version 1.5 (2002/09/02) but never GC'ed.
2007-12-08 22:33:11 +00:00
Doug Barton
9aaedf216b Remove spurious # marks to be more consistent with existing style. 2007-12-08 22:27:18 +00:00
Doug Barton
da1c1367ff Remove empty REQUIRE line 2007-12-08 22:26:30 +00:00
Doug Barton
e3c46a3332 Remove $NetBSD$ CVS tags. We no longer attempt to synch our rc.d files
with theirs, so this information doesn't need to be in the live file.
Having it in our CVS history is enough.
2007-12-08 07:20:23 +00:00
Colin Percival
095daa921a Add /root/, /.cshrc, and /.profile to the default UpdateIfUnmodified
directive.  Users get irritated if FreeBSD Update steps on these while
upgrading to a new release.

MFC after:	3 days
2007-11-28 22:45:09 +00:00
John Baldwin
cb2482de6b Don't delete files in the X11 socket directories under /tmp (.X11-unix,
.ICE-unix, .font-unix, .XIM-unix) when purging files from /tmp via the
daily 100.clean-tmps job.  If you are logged into an X session longer
than the timeout period (default of 3 days), then this job can delete
the X11 sockets out from under the session without this fix.

MFC after:	3 days
2007-11-28 17:31:11 +00:00
John Baldwin
9f0c02d425 Update the shlib version for libgssapi_krb5. This file needs to be updated
anytime that library version is bumped.

XXX: I wonder if this breaks any 6.x binaries using Kerberos5 via GSSAPI.
2007-11-27 21:47:56 +00:00
Ruslan Ermilov
5f3a6945d4 Also check setuid executables on ZFS. 2007-11-23 13:00:31 +00:00
John Baldwin
790c2471b9 Bump up the number of ttys supported by pty(4) to 512 by making use of
[pt]ty[lmnoLMNO][0-9a-v].

MFC after:	3 days
Reviewed by:	rwatson
2007-11-19 20:49:42 +00:00
Robert Watson
dc08061ccd Add ttys lines for pts/0-pts/255.
MFC after:	3 days
2007-11-15 16:22:59 +00:00
Henrik Brix Andersen
4ec59b0317 Add reload functionality.
PR:		conf/116659
Approved by:	sam, erwin (mentor)
2007-11-14 21:19:15 +00:00
Colin Percival
db6b0a619f Add support for "freebsd-update -r newrelease upgrade" -- binary
upgrading to new releases.  Important parts of this code include
 * automatically determining which optional components (e.g., src,
info, proflibs) are installed.
 * merging changes in files which are modified locally and have
changed between the currently running and new release.
 * prompting the user to rebuild all 3rd party software before
deleting old shared libraries.

Yes, this is compatible with "freebsd-update rollback" -- you can
test a new -BETA and roll back to the old release if you don't
like it.

Subject to re@ approval, this will be MFCed before 7.0-BETA3 and
6.3-RC1.

MFC after:	2 days
2007-11-12 04:47:57 +00:00
Max Laier
42a227f8ba Update pf examples from OpenBSD to catch up with new stateful defaults and
other syntax changes.  Move pf.conf from /etc to examples, too.
2007-11-11 01:16:51 +00:00
Sam Leffler
dd85d6d345 spaces are preferred to tabs
Noted by:	simon
2007-11-10 22:47:46 +00:00
Sam Leffler
e57bb31acd add wpa_supplicant + hostapd directories to examples
MFC after:	1 week
2007-11-10 20:23:07 +00:00
Benjamin Close
037347714a Link wpi(4) into the build.
This includes:
    o mtree (for legal/intel_wpi)
    o manpage for i386/amd64 archs
    o module for i386/amd64 archs
    o NOTES for i386/amd64 archs

Approved by: mlaier (comentor)
2007-11-08 22:09:37 +00:00
Warner Losh
7cd2389835 Another vestige of OLDCARD that needs to be retired.
Prodded by: jhb@
2007-11-08 17:41:35 +00:00
Andrew Thompson
5090437236 Change wpa_supplicant to down the interface at the start of the init routine.
wpa_supplicant expects that it has exclusive access to the net80211 state so
when its starts poking in the WEP/WPA settings and the card is already
scanning it can cause net80211 to try and associate incorrectly with a
protected AP.

This is an inconvenience for firmware based cards such as iwi where it can be
sent an auth instruction with incomplete security info and cause a firmware
error.

Remove the 'ifconfig up' from network.subr since wpa_supplicant will
immediately down the interface again.

Reported by:	Guy Helmer (and others)
Reviewed by:	sam, brooks, avatar
MFC after:	3 days
2007-11-05 06:13:07 +00:00
Doug Barton
8003dd03de Update to the 1 November 2007 version of this file. The change
is to the address of l.root-servers.net, which is moving to a
new /24 in order to enable anycast routing down the road.
2007-11-02 22:37:15 +00:00
Yaroslav Tykhiy
e0cb3d9c5c Add support for `make -nn' dry runs to this makefile. Basically,
it's just a matter of adding a `${_+_}' prefix before each submake
invokation.  This allows a dry run to proceed down to, but not
including, leaf commands.  (See <sys.mk> for how ${_+_} is set
depending on the number of -n flags.)
2007-10-29 07:37:08 +00:00
Mike Makonnen
99e95e553c Nuke rc.d/nfslocking which has been superceeded by rc.d/{lockd,statd} 2007-10-25 18:10:05 +00:00
Mike Makonnen
815ac6842e Remove unnecessary whitespace 2007-10-25 16:59:06 +00:00
Doug Barton
3c9471138e 1. Determine the location of the rndc* binaries relative to $command
so that when using named from the ports (or elsewhere) the proper rndc*
commands will be run.

2. Rework the stop routine using ideas from brooks and delphij.
Specifically I am duplicating a lot of code from rc.subr's stop routine
so that this one will behave more like the one in rc.subr, but use rndc
to kill the daemon (or regular kill if that fails). This also avoids
the problems related to using killall if rndc fails, which is bad if
you're running more than one named on the same box.

3. Take a concept from gshapiro and allow the rndc.key file to be
owned by root OR the named_uid user.

Although I used different solutions, this commit handles issues raised in:
PR:	conf/73929
PR:	conf/103976
PR:	conf/109409
2007-10-22 09:38:44 +00:00
Mike Makonnen
1131159255 The amd_map_program knob can potentially contain a command whose output
is then used as an argument to the amd program. This outpu may contain
newlines, but the script did not take care to strip those newlines before
apending it to rc_flags. Revision 1.72 of rc.subr(8) introduced changes that
exposed this problem (specifically putting the final eval'ed command in
quotes).[1]

Also, for correctness' sake, shell directives appended to the command-line
by the script should go into command_args, and not appended directly
to rc_flags.

Reported by:	John E Hein <jhein@timing.com> [1]
Tested by:	John E Hein <jhein@timing.com>
MFC after:	1 week
2007-10-19 22:55:42 +00:00
Mike Makonnen
3b55b5fc42 Partial backout of rev. 1.6, but instead of putting kerberos5_server_flags
back in command_args, put it where rc.subr(8) expects it: kerberos5_flags.
2007-10-19 08:59:59 +00:00
Maksim Yevmenkin
69204f46de Teach /etc/rc.d/ppp how to start/stop individual instances
of ppp. This is an extension of previous commit.

Submitted by:	Yuri Kurenkov < y dot kurenkov at init dot ru >
Reviewed by:	mtm
MFC after:	3 days
2007-10-18 17:10:40 +00:00
Michael Bushkov
e83df45f27 Removing obsolete etc/cached.conf.
Approved by:	brooks (mentor)
2007-10-18 09:09:22 +00:00
Michael Bushkov
0f3c4f0fac Forced commit to note cached.conf -> nscd.conf repocopy. etc/Makefile
changed accordingly.

Approved by:	brooks (mentor)
2007-10-18 08:26:20 +00:00
Alexander Leidinger
9f05d312b3 Backout sensors framework.
Requested by:	phk
Discussed on:	cvs-all
2007-10-15 20:00:24 +00:00
Alexander Leidinger
99f6b270e3 Import OpenBSD's sysctl hardware sensors framework.
This commit includes the following core components:

 * sample configuration file for sensorsd
 * rc(8) script and glue code for sensorsd(8)
 * sysctl(3) doc fixes for CTL_HW tree
 * sysctl(3) documentation for hardware sensors
 * sysctl(8) documentation for hardware sensors
 * support for the sensor structure for sysctl(8)
 * rc.conf(5) documentation for starting sensorsd(8)
 * sensor_attach(9) et al documentation
 * /sys/kern/kern_sensors.c
   o sensor_attach(9) API for drivers to register ksensors
   o sensor_task_register(9) API for the update task
   o sysctl(3) glue code
   o hw.sensors shadow tree for sysctl(8) internal magic
 * <sys/sensors.h>
 * HW_SENSORS definition for <sys/sysctl.h>
 * sensors display for systat(1), including documentation
 * sensorsd(8) and all applicable documentation

The userland part of the framework is entirely source-code
compatible with OpenBSD 4.1, 4.2 and  -current as of today.

All sensor readings can be viewed with `sysctl hw.sensors`,
monitored in semi-realtime with `systat -sensors` and also
logged with `sensorsd`.

Submitted by:	Constantine A. Murenin <cnst@FreeBSD.org>
Sponsored by:	Google Summer of Code 2007 (GSoC2007/cnst-sensors)
Mentored by:	syrinx
Tested by:	many
OKed by:	kensmith
Obtained from:	OpenBSD (parts)
2007-10-14 10:45:31 +00:00
Maksim Yevmenkin
b1e50be2c6 Teach /etc/rc.d/ppp to start multiple instances of ppp.
ppp_profile variable can now contain multiple profiles.
Overrides for ppp mode and nat can go into ppp_$profile_mode
and ppp_$profile_nat variables respectively. If those are
not specified, defaults from ppp_mode and ppp_nat are used.

Submitted by:	Yuri Kurenkov < y dot kurenkov at init dot ru >
Reviewed by:	mtm
MFC after:	1 week
2007-10-12 16:35:36 +00:00
Christian S.J. Peron
4c5ada1230 Add pts/pty to the un-hidden devices for logins. This un-breaks
logins to jailed environments when the system is using PTS style
ptys (kern.pts.enable=1).

Discussed with:	rwatson
MFc after:	1 week
2007-10-12 14:55:41 +00:00
Doug Barton
b5ed5226dd Deprecate use of the early.sh script as advertised when the support for
local rc.d scripts in the overall boot order was added.

Proper rc.d scripts are run by rc.subr in a subshell, whereas scripts that
end in .sh are sourced into rc's shell. The latter has potential to create
serious boot problems, and there is no reason that the same functionality
cannot be added by the user in the form of a proper rc.d script (as
opposed to being added by the user in the form of /etc/rc.early).

This script will be removed prior to the 8.0 branch.

Approved by:	re (kensmith)
2007-10-09 07:30:14 +00:00
Doug Barton
416c130ca1 Remove pre-rc.d compatibility shims that were added before the 5.0 branch
for pre-5.0 variable names.

Remove two dhcp compatibility variables added after the 5.1-RELEASE.

Remove the now-unused support for these shims.

Approved by:	re (kensmith)
2007-10-09 07:20:44 +00:00
Ruslan Ermilov
3c03a2300b Sort as per README.
Approved by:	re (kensmith)
2007-10-03 05:51:20 +00:00
Ruslan Ermilov
51a8a564d5 Removed "tail +5" from the command used to sanity check changes to
mtree files -- the 5-line header is no longer printed when mtree(8)
is run with -n (as of mtree/create.c,v 1.34).

Approved by:	re (kensmith)
2007-10-03 05:44:27 +00:00
Michael Bushkov
1035d0cb65 Removing obsolete cached files after cached->nscd renaming.
Approved by:	re (kensmith), brooks (mentor)
2007-10-02 07:51:43 +00:00
Michael Bushkov
c97fe77db3 Finishing renaming of cached into nscd. etc/rc.d and usr.sbin/Makefile
updated. Note added to UPDATING.

Approved by:	re (kensmith, bmah), brooks (mentor)
2007-09-28 10:38:08 +00:00
Pawel Jakub Dawidek
f854db0bf5 Bring in the GEOM Virtualisation class, which allows to create huge GEOM
providers with limited physical storage and add physical storage as
needed.

Submitted by:	Ivan Voras
Sponsored by:	Google Summer of Code 2006
Approved by:	re (kensmith)
2007-09-23 07:34:23 +00:00
Brooks Davis
65db91329e Use the udp protocol in favor of the nonexistant upd protocol in the
sge_execd entry.

Reported by:	emaste
Pointy hat to:	brooks
Approved by:	re (kensmith)
2007-09-21 01:26:00 +00:00
Michael Reifenberger
fadab45370 Add IANA assigned iscsi-target port as its the default port
according RFC 3720.

Approved by:	re (bmah)
2007-09-08 08:56:01 +00:00
Max Laier
ff72ebb1ba Add the startup script for ftp-proxy(8) to the Makefile as well.
Approved by:	re (bmah - implicit)
Reminded by:	mtm
2007-09-07 15:44:09 +00:00
Max Laier
cb3ab5e31a Add a startup script for ftp-proxy(8) now that it is no longer started as
part of inetd(8).

Approved by:	re (bmah)
Reviewed by:	freebsd-rc (a while back)
Reminded by:	kevlo
2007-09-06 21:00:48 +00:00
Brooks Davis
91c0813e7d Add service entries for Sun Grid Engine's qmaster and execution service
as per IANA assignments to simplify the installation of the sysutils/sge
port.

Approved by:	re (bmah)
2007-09-06 19:04:47 +00:00
Mike Makonnen
5060bcfacd Start lockd after statd.
Approved by:	re (bmah)
Noticed by:	Ted Faber <faber@ISI.EDU>
2007-09-03 02:02:31 +00:00
Matteo Riondato
63f45c4bdf sleep 2 seconds after having loaded g_uzip.ko. We need this because
otherwise the /dev/mdX.uzip won't be created immediately, which is
needed because we issue a mount right afterwards.

Approved by:	re@ (bmah@)
MFC after:	2 days
2007-08-25 00:19:17 +00:00
Mike Makonnen
33eba7d495 My forced commit to note the repo-copy (naturally) changed the $FreeBSD$ keyword line,
so that when I applied the patch to my check-in tree the top half of my patch failed to
apply.  Off course I saw what I *expected* to see (the bottom half succeeded) and
didn't notice that it had failed to apply cleanly.

Approved by: re (bmah)
2007-08-18 04:08:53 +00:00
Mike Makonnen
6ee326fe2f The rc.d/nfslocking file controls two servers: rpc.statd and rpc.lockd. It worked well
in most cases, except one. The 'restart' case was not working as expected. Specifically,
it would stop both lockd and statd, but it would restart only statd (which appears first
in the script). This is because rc.subr(8) contains code to guard against infinite
recursion in the 'restart' casae.

To fix this use the traditional approach of controlling only one server from one script by
breaking out rc.d/nfslocking into its contituent parts: rc.d/lockd and rc.d/statd. Keep
rc.d/nfslocking around but don't include it in the boot rcorder(8)ing.

PR:	     conf/107316
Approved by: re (bmah)
MFC after:   2 weeks
2007-08-17 07:58:26 +00:00
Doug Barton
f183dbca4f 1. Remove root name servers from the list of possible masters in the
commented out example who have either not responded, or specifically
asked not to participate because they do not view AXFR as "a production
service."

2. Add f.root-servers.net to the example after confirmation from
Paul Vixie.

3. Add a warning to the commented out "root zone slave" example to the
effect that it requires more attention than a hints file, and provides
more benefit to larger sites than individual hosts.

4. Correct a typo copied from RFC 2544 which was corrected in a later
errata, and confirmed in RFC 3330. Update the comment to reflect that
RFC 3330 got it right and to avoid confusion down the road. 3330 also
contains a reference back to 2544 for anyone interested in pursuing the
history. [1]

PR:             conf/115573 [1]
Submitted by:   Oliver Fromme <olli@secnetix.de> [1]

Approved by:	re (kensmith)
2007-08-17 04:37:02 +00:00
Olivier Houchard
77912eb26b Use ttyu instead of ttyd for arm, since we will probably never use sio(4).
Approved by:	re (blanket)
2007-08-12 17:13:06 +00:00
Michael Bushkov
db1bdf2b02 - Renaming repocopied cached to nscd
Approved by:	re (kensmith), brooks (mentor)
2007-08-09 13:06:12 +00:00
Doug Barton
1c24b5458d 1. Move the disable-empty-zone stuff down below the first 25 lines so
that the listen-on stuff floats up to the first "page" of text. This
makes it very obvious what's going on so that someone trying to enable
a server for use on a network can easily see how to do that.

2. Change the default behavior back to using a hint zone for the root.

3. Leave the root slave zone config as a commented out example.

4. Remove the B and F root servers from the example at the request of
their operators.

Requested by:	he-who-must-not-be-named [1]
Requested by:	many [2]

Approved by:	re (rwatson)
2007-08-02 09:18:53 +00:00
John Baldwin
f2c789a923 Require 'cleanvar' so that files and sockets created in /var/run by
wpa_supplicant and other programs started by 'netif' don't get erased
by a subsequent 'cleanvar'.

Approved by:	re (bmah)
Reviewed by:	dougb
MFC after:	1 week
2007-07-25 18:08:01 +00:00
Scott Long
039886f83f Fix a whitespace mistake from the last commit.
Submitted by: far too many to list
Approved by: re
2007-07-25 13:37:33 +00:00
Scott Long
c5933b2086 Introduce Danny Braniss' iSCSI initiator, version 2.0.99. Please read the
included man pages on how to use it.  This code is still somewhat experimental
but has been successfully tested on a number of targets.  Many thanks to
Danny for contributing this.

Approved by: re
2007-07-24 15:35:02 +00:00
Robert Watson
2b851aeb63 Disconnect netatm from the build as it is not MPSAFE and relies on
NET_NEEDS_GIANT, which will shortly be removed.  This is done in a
away that it may be easily reattached to the build before 7.1 if
appropriate locking is added.  Specifics:

- Don't install netatm include files
- Disconnect netatm command line management tools
- Don't build libatm
- Don't include ATM parts in rescue or sysinstall
- Don't install sample configuration files and documents
- Don't build kernel support as a module or in NOTES
- Don't build netgraph wrapper nodes for netatm

This removes the last remaining consumer of NET_NEEDS_GIANT.

Reviewed by:	harti
Discussed with:	bz, bms
Approved by:	re (kensmith)
2007-07-14 21:49:24 +00:00
Warner Losh
b906fea63d Arm doesn't have GENERIC.hints, so don't install it if it doesn't exist.
Approved by: re (kensmith)
2007-07-13 14:28:10 +00:00
Bjoern A. Zeeb
9fa28ff687 I4B header files were repo-copied from sys/i386/include to
sys/i4b/include/ so they will be available to all architectures
once I4B compiles on those.

I4B header files are now installed in include/i4b/ and no longer
in include/machine/.

For now we still install the headers for i386 only.

Approved by:	re (kensmith)
2007-07-06 07:20:59 +00:00
Xin LI
c425727e97 Remove reference to the old ftp-proxy implementation,
which was replaced during the pf 4.1 import.

Approved by:	re (mux)
2007-07-05 09:46:53 +00:00
George V. Neville-Neil
8409aedfa6 Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
Rong-En Fan
534046e301 - Remove UMAP filesystem. It was disconnected from build three years ago,
and it is seriously broken.

Discussed on:   freebsd-arch@
Approved by:	re (mux)
2007-06-25 05:06:57 +00:00
Nate Lawson
00a304487f Update the suspend/resume user API while maintaining backwards compat.
Improvements:
* /etc/rc.suspend,rc.resume are always run, no matter the source of the
  suspend request (user or kernel, apm or acpi)
* suspend now requires positive user acknowledgement.  If a user program
  wants to cancel the suspend, they can.  If one of the user programs
  hangs or doesn't respond within 10 seconds, the system suspends anyway.
* /dev/apm is clonable, allowing multiple listeners for suspend events.
  In the future, xorg-server can use this to be informed about suspend
  even if there are other listeners (i.e. apmd).

Changes:
* Two new ACPI ioctls:  REQSLPSTATE and ACKSLPSTATE.  Request begins the
  process of suspending by notifying all listeners.  acpi is monitored by
  devd(8) and /dev/apm listener(s) are also counted.  Users register their
  approval or disapproval via Ack.  If anyone disapproves, suspend is vetoed.
* Old user programs or kernel modules that used SETSLPSTATE continue to
  work.  A message is printed once that this interface is deprecated.
* acpiconf gains the -k flag to ack the suspend request.  This flag is
  undocumented on purpose since it's only used by /etc/rc.suspend.  It is
  not intended to be a permanent change and will be removed once a better
  power API is implemented.
* S5 (power off) is no longer supported via acpiconf -s 5 or apm -z/-Z.
  This restores previous behavior of halt/shutdown -p being the interface.
* Miscellaneous improvements to error reporting

Approved by:	re
2007-06-21 22:50:37 +00:00
Doug Barton
e56dafe630 Drop the default zones that are now covered by the new zones that
were added in the last revision.
2007-06-18 06:29:45 +00:00
Doug Barton
1de57a4c76 Bring our default named configuration more in line with current
best practices:

1. The old way of generating the localhost zones was not optimal both
because they did not exist by default, and because they were not really
aligned with BCP. There is no need to have the dynamic data that the
make-localhost script generated, and good reasons to do this more
"by the book."

2. In named.conf
	a. Clean up white space
	b. Add/clarify a few comments
	c. Slave zones from the root servers instead of using a hints
	file. This has several advantages, as described in the comments.
	d. Significantly revamp the default zones, including the
	forward localhost zone, and the reverse zones for IPv4 and IPv6
	loopback addresses. There are extensive comments describing what
	is included and why. Interested readers should take the time to
	review the RFCs mentioned in the comments. There is also relevant
	information about the motivations for hosting these zones in the
	"work in progress" Internet-Draft,
	http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
	or its successor.
	It's also worth noting that a significant number of these
	empty zones are already included by default in the named binary
	without any user configuration.
	e. Because we're including a lot of examples of both local
	forward zones and slave zones in the default configuration,
	eliminate some of those examples.

3. Add new localhost-{forward|reverse} zone files, and an "empty" zone
to support the changes in 2.d. above. The empty zone file isn't really
empty in order to avoid a warning from BIND about a zone file that
doesn't contain any A or AAAA records.
2007-06-18 05:58:23 +00:00
Doug Barton
bc998fd6f4 Add a namedb/master directory for the zone files I'm about to add,
and switch to the more "normal" way of installing files for the
namedb directory so that we can pick up the new subdir.
2007-06-18 05:44:38 +00:00
Yaroslav Tykhiy
997c6eefd8 Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
Yaroslav Tykhiy
553284d74a Add PAM support to atrun(8). 2007-06-15 12:02:16 +00:00
Yaroslav Tykhiy
b1cf245735 Locked out and expired accounts shouldn't be accessible via remote
mailbox protocols.  Add pam_unix to the `account' function class, too,
for imap and pop3 to actually implement this policy.
2007-06-15 11:33:13 +00:00
Yaroslav Tykhiy
2422857757 Split the FILES list across multiple lines as in rc.d/Makefile
so that the change history stays easily readable as the number
of PAM-aware services grows.
2007-06-15 11:22:10 +00:00
Gregory Neil Shapiro
2bc2025c44 Add a new rc.conf variable, sendmail_rebuild_aliases, which tells
/etc/rc.d/sendmail whether or not to run newaliases if the database
is missing or the aliases text file is newer than aliases.db.

In my opinion, the aliases file should never be automatically rebuilt.
The current text form could represent a work in progress.  Therefore,
in FreeBSD 7.0, this new option will default to "NO".  When this rc.d
change is MFC'ed, it will need to remain "YES" to maintain backward
compatibility.

PR:		conf/86252
Approved by:	re (kensmith)
MFC after:	3 days
2007-06-12 17:33:23 +00:00
Ceri Davies
3213dc8412 Create group ftp by default. This is gid 14 as this is the historical
id used by sysinstall when enabling anonymous FTP.

Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.

PR:		93284
Approved by:	ru (mentor)
Reviewed by:	simon
2007-06-11 18:36:39 +00:00
Yaroslav Tykhiy
9cd40e64b4 Now pam_nologin(8) will provide an account management function
instead of an authentication function.  There are a design reason
and a practical reason for that.  First, the module belongs in
account management because it checks availability of the account
and does no authentication.  Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.

Document this change in the manpage.

Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.

Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)

PR:		bin/112574
Approved by:	des, re
2007-06-10 18:57:20 +00:00
Yaroslav Tykhiy
039e8df3cf Be robust to a bogus script specification or contents
when figuring out what the real interpreter is for an
interpreted command.  That is, check whether we can read
the script file in the first place and, if so, make sure
we got a valid shebang line from it.
2007-06-04 11:39:35 +00:00
Doug Barton
ab512a8e4d Finish making resolv ordering deterministic by REQUIRE'ing it here. 2007-06-02 05:25:19 +00:00
Doug Barton
36617e509a Add REQUIRE netif to make ordering more deterministic, and to make sure
we have a fighting chance of having useful stuff from DHCP.

Tighten up the code a little, and fix whitespace issues.
2007-06-02 05:24:39 +00:00
Ruslan Ermilov
6969552de1 s/tabs/spaces/ 2007-06-01 18:53:36 +00:00
Doug Barton
9c933e2939 Remove more vestiges of /usr/X11R6, but leave mtree for portmgr. 2007-05-29 06:37:58 +00:00
Doug Barton
2c61a906a5 Remove X11R6 from the default PATH to join the new world order.
While I'm here, make the default PATH match that in the csh profile,
and login.conf.
2007-05-29 06:33:10 +00:00
Doug Barton
95f0e983b6 Now that a separate /usr/X11R6 directory is no longer in fashion,
stop looking there for things like rc.d and periodic. This avoids
duplicating effort when /usr/X11R6 is a symlink to /usr/local,
which it is by default now.

It is not anticipated at this time that we will MFC this change, since
we'd like to avoid breaking legacy systems. However, there is a fix for
/etc/rc.subr in the works to avoid running any rc.d scripts twice which
we should be able to MFC.
2007-05-29 06:22:14 +00:00
Ralf S. Engelschall
f31380b233 Fix indentation. 2007-05-24 06:01:06 +00:00
Ralf S. Engelschall
cc42bdd415 Remove two superfluous trailing semicolons. 2007-05-24 05:58:20 +00:00
Ralf S. Engelschall
b9b38f5d90 Remove two unnecessary and useless sub-shell constructs. 2007-05-24 05:54:37 +00:00
Andrew Thompson
ddf1c6facd Do not attempt to load the kernel module when checking if an interface exists.
This would cause pseudo network modules to be reloaded again when trying to
unload the first time if any cloned interfaces exist.

MFC after:	2 weeks
2007-05-23 00:18:44 +00:00
Ralf S. Engelschall
0d5b72b307 backout filter of Nil UUID as the boot loader code already filters out Nil UUIDs (see src/sys/boot/i386/libi386/smbios.c:smbios_setuuid for details) 2007-05-22 13:53:59 +00:00
Ralf S. Engelschall
dff50af93b Remove the ugly csh(1) based UUID lower-case translation hack from
/etc/rc.d/hostid now that we switched the origin of the UUID (variable
smbios.system.uuid as provided by the i386 BIOS code) to already provide
a standard conforming lower-case UUID text representation.
2007-05-22 10:22:24 +00:00
Ralf S. Engelschall
e3e421bacf Cleanup style by consistently using braces around variable expansion and
apply an addition from Andrew Thompson <thompsa> for filtering out the
special "Nil" UUID (all zeros) which would be a useless host UUID.
2007-05-21 11:57:01 +00:00
Ralf S. Engelschall
3148ce8687 Adjust UUID lower-case translation from straight-forward tr(1)
usage to an equivalent csh(1) usage as tr(1) stays in /usr/bin and
/etc/rc.d/hostid has just the root filesystem (and this way mainly the
tools in /bin) available.

I've chosen csh(1) here as the string manipulation tools available in
/bin is extremely limited and the (only) alternative ed(1) usage would
have been a lot more complicated or even might require a temporary file.
2007-05-21 11:44:13 +00:00
Ralf S. Engelschall
a8698e63bb The standardized textual representation of UUIDs according to RFC 4122
and ISO/IEC-9834-8:2005 is with LOWER-CASE hexadecimal characters only,
so translate the (usually upper-case and this way not conforming)
representation of the BIOS UUID when reading it. Also be more strict
about the valid characters in the textual representation by checking for
just the hexadecimal characters.
2007-05-21 08:22:43 +00:00
Greg Lehey
1c7163a14f Update /etc/protocols with IANA list updated 2007-02-12
Gotcha:  Number 48 (mhrp) is replaced with dsr.

Submitted by:	edwin
PR:		config/112732
MFC after:	2 weeks
2007-05-20 03:55:22 +00:00
Greg Lehey
2dee7077cf White space fixes only: replace spaces with tabs. 2007-05-20 03:41:26 +00:00
Greg Lehey
532e2282f5 Bring the well known ports of /etc/services into sync with the IANA
list.

This is only for the well known known ports (port 1-1023) for tcp and
udp only.

Changes:
- Removed "problems" comments around port 57, 77 and 87
- Removed audionews (port 114)
- Added imap3 (port 220)
- Removed yak-chat (port 258)
- Removed concert (port 786)
- Added a lot of new allocations

Submitted by: edwin
2007-05-20 03:31:52 +00:00
Alexander Kabaev
caea7898ac Add templates for new GCC 4.2 C++ include files hierarchy. 2007-05-19 03:31:39 +00:00
Mike Makonnen
3d03791bb4 o Implement the stop_boot subroutine [1]. This subroutine can be used by
scripts in rc.d to stop rc(8) from booting into multi-user mode when
  a critical or severe error condition is encountered.

o Modify scripts in etc/rc.d that already implemented this functionality
  independently.

o Document it.

[1] - This subroutine was implemented in FreeBSD in rc.d/fsck. I moved it
      to rc.subr(8). Our version differs slightly in that it takes an
      optional argument to stop the boot even if "autoboot" is not set.

Obtained from: NetBSD
MFC after: 2 weeks
2007-05-18 12:04:41 +00:00
Mike Makonnen
9cb24de6ed o Use the --detach option to kdc(8) instead of using the shell
background operator '&'.

  PR: conf/102722

o No need to include $kerberos5_server_flags in $command_args as
  rc.subr(8) will take care of this.
2007-05-17 11:33:08 +00:00
Mike Makonnen
c76ad7642f The precmd routine does not need to check whether the command should be
"forced". If some pre-condition is not met, it should fail as it normally
does and rc.subr(8) will make the appropriate decision. Incidentally, the
previous behaviour had a bug where the "force" flag was respected only
when checking rc.conf(5) knobs. The flag was ignored when verifying the
rpcbind(8) dependency.

MFC after: 2 weeks
2007-05-17 08:57:14 +00:00
Greg Lehey
6a96c8eef4 Add SIP-related ports.
Obtained from:  IANA list of reserved ports.
Reviewed by:	edwin@
2007-05-16 01:02:16 +00:00
Greg Lehey
a234307899 White space tidy-up. 2007-05-16 00:59:31 +00:00
Maxim Konovalov
f629328d0a o Install 480.status-ntpd.
Pointed out by:	Henrik Brix Anders
2007-05-14 17:34:59 +00:00
Maxim Konovalov
c7cc017f3b o Add a script to check ntpd(8) state. Default is off.
PR:		conf/112604
Submitted by:	Oliver Fromme
MFC after:	1 month
2007-05-13 09:33:35 +00:00
Mike Makonnen
e11cc001a9 Move options that do not have anything to do with routing out of
rc.d/routing and in to rc.d/netoptions. Also instead of saying
"TCP options" say "IP options".
2007-05-02 15:49:30 +00:00
Mike Makonnen
47ba326abe When rc.d/NETWORKING included this script in its REQUIRE line, a circular
dependency was introduced because this script had rc.d/localpkg (which is
*after* rc.d/NETWORKING) in its REQUIRE line.

From an examination of its contents it seems that only the availability of
a local filesystem is necessary for this script to function properly.
2007-05-02 15:32:05 +00:00
Pawel Jakub Dawidek
4d739c23fd When zfs dataset has jailed=on property, it won't be mounted with
'zfs mount -a' from the main system - this is by design, as mountpoint
may be set to dangerous value. This all means, that such file system
has to be mounted from within a jail. To make it easier, reorganize
rc.d/zfs script so it can be used from within a jail.
2007-04-22 20:55:08 +00:00
Tom Rhodes
13c100b0d8 Quick kill posix4 directory.
Submitted by:	rodrigc (BSD.include.dist).
2007-04-18 10:16:43 +00:00
Pawel Jakub Dawidek
2c9c9b9f7f When org.freebsd:swap property is set to 'on' on a ZVOL, use is as a swap
device.

Discussed with:	des
2007-04-15 18:07:14 +00:00
Dag-Erling Smørgrav
7c275b458a Remove the shutdown keyword. It just adds noise to the shutdown process. 2007-04-13 18:46:35 +00:00
Pawel Jakub Dawidek
e21f48c40e - Create an empty /etc/zfs/exports file when zfs_enable="YES" and we don't
NFS-share anything. This way we can safely start mountd with
  /etc/zfs/exports and mountd won't complain.

  Pointed out by:	ceri

- Move 'zfs volinit' before 'zfs mount -a' and 'zfs volfini' after
  'zfs unmount -a'.
2007-04-13 11:02:06 +00:00
Pawel Jakub Dawidek
83ad9fd2d5 mountd(8) was changed to only abort when all given exports files cannot be
open, so we not longer has to check if /etc/zfs/exports exists.
2007-04-13 10:29:25 +00:00
Mike Makonnen
e70b852038 o Look for a zfs(1) exports file only if it exists and is readable. If
we don't do this and the file doesn't exist mountd(8) will abort.
o The mountd(8) daemon creates a pidfile, so use it.
2007-04-13 06:42:25 +00:00
Stanislav Sedov
158bb4cb18 - Add IANA-assigned ports for HP status & services daemon and I/O backend
daemon. The FreeBSD port print/hplip currently provides these services.

PR:		conf/99593
Submitted by:	Anish Mistry <amistry@am-productions.biz>
Approved by:	maxim
MFC after:	1 week
2007-04-11 16:02:04 +00:00
Stanislav Sedov
b6a8b26f35 - Add IANA assigned port for amanda server control over tcp. The
current misc/amanda-server code uses it.

PR:		conf/111050
Submitted by:	Charles Sprickman<spork@bway.net>
Approved by:	maxim
MFC after:	1 week
2007-04-11 15:58:36 +00:00
Stanislav Sedov
2b1d8ce08a - Sync service names with IANA (http://www.iana.org/assignments/port-numbers).
The registration names for 5222(tcp,udp) and 5269(tcp,udp) was changed to
  xmpp-client and xmpp-server correspondingly.

  This inconsistency causes problems to applications developed on other
  systems, as they tries to use port numbers from /etc/services as fallback.

PR:		conf/100606
Submitted by:	Ralph Meijer <freebsd-gnats2@ralphm.ik.nu>
Approved by:	maxim
MFC after:	1 week
2007-04-11 13:06:05 +00:00
Pawel Jakub Dawidek
6f7c3bdd63 If available, take UUID from smbios.system.uuid, if not fall back to
software-generated UUID. Store the result in /etc/hostid and use it in
the future. Perform simple UUID format check, as there is a lot of
hardware with broken UUIDs. The check should be improved to also eliminate
fake UUIDs like 00000000-0000-0000-0000-000000000000.

Requested by:	many
2007-04-11 00:05:25 +00:00
Giorgos Keramidas
671901e973 Add a pfsync_syncpeer option to /etc/defaults/rc.conf and rc.conf(5),
which can be used to turn off multicast pfsync support, and enable
the transmission of directed PFSYNC (IP protocol: 240) packets to
a specific "sync peer" host.

PR:		conf/111225
Submitted by:	Bas van Beek <bas@tobin.nl>
Approved by:	mtm, mlaier
MFC after:	2 weeks
2007-04-10 16:42:14 +00:00
Pawel Jakub Dawidek
d5ec19ea68 Add rc.d/hostid script (turned on by default) which on first boot generates
UUID and stores it in /etc/hostid ($hostid_file) as well as sets kern.hostuuid
and kern.hostid sysctls on every boot.

Hostid can be reset using '/etc/rc.d/hostid reset' command.

Hostid generation and setting can be turned off by setting variable
hostid_enable to "NO" in /etc/rc.conf.

Reviewed by:	mlaier, rink, brooks, rwatson
2007-04-09 19:21:27 +00:00
Dag-Erling Smørgrav
680aa4e3b8 Apply "additional TCP options" earlier.
Requested by:	andre@
MFC after:	1 week
2007-04-09 10:09:40 +00:00
Dag-Erling Smørgrav
255d327cc5 FILESYSTEMS requires root, so requiring both of them is redundant. 2007-04-09 08:53:40 +00:00
Dag-Erling Smørgrav
90f6241a0e Add zfs to REQUIRE. 2007-04-09 08:44:50 +00:00
Pawel Jakub Dawidek
f92cb15e7b Move zpool.cache from /etc/zfs/ to /boot/zfs/, so we can keep it on
dedicated /boot/ file system and use ZFS for the root file system.
2007-04-08 23:59:39 +00:00
Pawel Jakub Dawidek
86e97941c4 There can be many reasons of VDEV failures, so log type as well. 2007-04-08 16:05:23 +00:00
Pawel Jakub Dawidek
3fcdc8c362 Provide sample entries to handle ZFS problem reports.
It'd be nice to send them via e-mail...
2007-04-08 15:56:49 +00:00
Pawel Jakub Dawidek
0daa3e3561 Add ZFS periodic scripts that monitors status of ZFS pools.
Submitted by:	des
2007-04-06 02:33:06 +00:00
Pawel Jakub Dawidek
70cb12f264 - Add ZFS startup script.
Submitted by:	des

- When starting mountd(8) and ZFS is enabled, add /etc/zfs/exports file.
- Update rc.conf(5).
2007-04-06 02:27:02 +00:00
Pawel Jakub Dawidek
ceef0c312c Connect ZFS to the build. 2007-04-06 02:13:30 +00:00
Robert Watson
49718b0c43 s/IPFW(4)/ipfw(4) to match the actual man page name.
Submitted by:	ru
2007-04-05 10:44:25 +00:00
Matteo Riondato
f3636019cb Add rpc_statd_flags and rpc_lockd_flags options to allow options to be
passed to rpc.statd and rpc.lockd

MFC after:	1 week
2007-04-04 13:16:18 +00:00
Andrey A. Chernov
f5e39fd4ae Fix typo FILESYSTEM -> FILESYSTEMS
This bug prevents local scripts to start up
2007-04-04 11:11:33 +00:00
Dag-Erling Smørgrav
7bd5b79de4 Add a dummy script, FILESYSTEMS, which depends on root and mountcritlocal
and takes over mountcritlocal's role as the early / late divider.  This
makes it far easier to add rc scripts which need to run early, such as a
startup script for zfs, which is right around the corner.

This change should be a no-op; I have verified that the only change in
rcorder's output is the insertion of FILESYSTEMS immediately after
mountcritlocal.

MFC after:	3 weeks
2007-04-02 22:53:07 +00:00
Mike Makonnen
1b0a8a3e52 Instead of directly sourcing the firewall script, run it in a separate shell.
If the firewall script is sourced directly from the script, then any
exit statements in it will also terminate the rc.d script prematurely.

PR: conf/78762
MFC-After: 2 weeks
2007-04-02 15:38:53 +00:00
Robert Watson
162637bb13 In rc.firewall, make it clear that this is the setup for IPFW(4), and not
for the sundry other firewalls in the system.

MFC after:	3 days
Submitted by:	Richard dot Clayton at cl dot cam dot ac dot uk
2007-04-02 14:02:06 +00:00
Mike Makonnen
0a9b210037 Make subroutine names more conformant with other scripts in rc.d.
MFC After: 2 weeks
2007-03-31 09:03:38 +00:00
Mike Makonnen
624321b5a8 Record rc.d/nfslocking dependency on rc.d/rpcbind.
PR: conf/105465
Submitted By: ru (with minor cosmetic change)
MFC-After: 1 month
2007-03-30 19:08:58 +00:00
Mike Makonnen
cc164aba90 Some rc.d commands (such as stop|restart etc.) won't automagically work
if we don't explicitly set the name of the executable program.

PR: conf/104408
2007-03-30 18:36:45 +00:00
Andrey A. Chernov
78f66a0f21 Oops wrong line commented out in prev fix 2007-03-29 21:44:23 +00:00
Andrey A. Chernov
e8670c2c4e Back out network.subr :- fix and comment out dhc*_fxp0 examples instead
Submitted by:   jhb
2007-03-29 21:42:19 +00:00
Andrey A. Chernov
2395c8cbfc Fix get_if_var() with 3 args (i.e. with default)
All xxx_<ifname> flags are set to empty strings automatically earlier so
eval echo \${${prefix}${_if}${suffix}-${_default}}
not substitute the default but return just the empty string.
Fix it using
eval echo \${${prefix}${_if}${suffix}:-${_default}}
(i.e. treat empty strings as unset)

The bug manifistates itself with the following warning from checkyesno():
/etc/rc.d/dhclient: WARNING: $background_dhclient is not set properly -
see rc.conf(5)
2007-03-29 10:55:33 +00:00
Brooks Davis
3f857d8115 Use "-ne" instead of "!=" for integer comparison. 2007-03-25 23:58:46 +00:00
Mike Makonnen
bcbff0a86f Having gone to the trouble of setting up a variable, we should use it. 2007-03-25 19:45:20 +00:00
Maxime Henrion
fffe34c5a8 Make "/etc/rc.d/syscons start" correctly reload screensaver settings.
The code looks for all the loaded screensaver modules, tries to
kldunload them, and only loads the new one if kldstat's output shows
that there aren't any left.  However, the regexp looking for modules
to unload was still searching according to the the old naming scheme,
splash_<name>.ko, instead of <name>_saver.ko.

MFC after:	3 days
2007-03-12 22:35:43 +00:00
Brooks Davis
0b45d130bf Allow background_fsck_delay to be set to a negative value which delays
the background fsck indefinitely.  This allows the administrator to run
it at a convenient time.  To support running it from cron, the
forcestart argument now causes the fsck to start with no delay and all
output to be suppressed.
2007-03-11 06:53:07 +00:00
Yaroslav Tykhiy
b5af060613 Prepend ${_chroot} to a pathname in a consistent and robust way:
insert a slash between ${_chroot} and the pathname if and only if
${_chroot} is set to a non-empty string.  Now the pathname is very
likely to be absolute, but we shouldn't take that for granted.
2007-03-10 13:37:44 +00:00
Yaroslav Tykhiy
15240ba819 As suggested more than once in the lists, drop -M from flags to mfs
for /tmp and /var.  This makes the memory discs swap-backed instead
of malloc-backed.  A swap-backed memory disc should not be worse
than a malloc-backed one in any scenario because it will start
touching swap only when needed.  OTOH, a malloc-backed disc can
starve limited kernel resources and evenually crash the system.

Reflect the change in the rc.conf(5) manpage.  Also stop telling
lies there about softupdates: it does not waste disc space, it
just can delay its freeing.

Suggested by:	many
PR:		kern/87255
MFC after:	1 week
2007-03-06 13:13:53 +00:00
Nate Lawson
4fce38ec78 Get rid of chatter for failed commands if the filesystem is read-only.
Include /var/db/entropy-file in the reseeding if present.  It is used for
last-ditch efforts to save entropy and thus should also be used to seed
the RNG when starting.  Print a warning instead of an error if writing the
file fails -- err() exits, preventing the umask from being restored.
Also, since there's not much that can be done about it, notifying the user
is all that's needed.

MFC after:	2 weeks
2007-03-03 06:39:06 +00:00
Hajimu UMEMOTO
d7f16299fc Turn default address selection on by default. Now, when
ipv6_enable="NO", an IPv4 address is preferred for a
destination address.

MFC after:	1 month
2007-03-03 06:36:32 +00:00
Brooks Davis
a9e1dd9098 Use get_if_var() to retrieve interface specific values of dhclient_flags
and background_dhclient.  This allows interfaces who's names are not
valid parts of shell variables and shortens the code.

MFC after:	1 week
2007-03-02 20:48:35 +00:00
Florent Thoumie
d08ec00718 - Add missing subdirectories in BSD.usr.dist mtree file.
- Update hier(7) to reflect latest changes in mtree file.
- Add UPDATING entry following Intel firmwares inclusion.

Submitted by:	mlaier
MFC after:	1 month
2007-03-02 14:56:15 +00:00
Florent Thoumie
7bd6fde395 - Add Intel firmwares for Intel PRO/Wireless LAN 2100/2200/2915 cards in a
uuencoded format along with their respective LICENSE files.
- Add new share/doc/legal directory to BSD.usr.dist mtree file. This is the
place we install LICENSE files for restricted firmwares.
- Teach firmware(9) and kmod.mk about licensed firmwares. Restricted firmwares
won't load properly unless legal.<name>.license_ack is set to 1, either
via kenv(1) or /boot/loader.conf.

Reviewed by:	mlaier, sam
Permitted by:	Intel (via Andrew Wilson)
MFC after:	1 month
2007-03-02 11:42:56 +00:00
Matt Jacob
e770bc6bf5 First cut at GEOM based multipath. This is an active/passive{/passive...}
arrangement that has no intrinsic internal knowledge of whether devices
it is given are truly multipath devices. As such, this is a simplistic
approach, but still a useful one.

The basic approach is to (at present- this will change soon) use camcontrol
to find likely identical devices and and label the trailing sector of the
first one. This label contains both a full UUID and a name. The name is
what is presented in /dev/multipath, but the UUID is used as a true
distinguishor at g_taste time, thus making sure we don't have chaos
on a shared SAN where everyone names their data multipath as "Fred".

The first of N identical devices (and N *may* be 1!) becomes the active
path until a BIO request is failed with EIO or ENXIO. When this occurs,
the active disk is ripped away and the next in a list is picked to
(retry and) continue with.

During g_taste events new disks that meet the match criteria for existing
multipath geoms get added to the tail end of the list.

Thus, this active/passive setup actually does work for devices which
go away and come back, as do (now) mpt(4) and isp(4) SAN based disks.

There is still a lot to do to improve this- like about 5 of the 12
recommendations I've received about it,  but it's been functional enough
for a while that it deserves a broader test base.

Reviewed by: pjd
Sponsored by: IronPort Systems
MFC: 2 months
2007-02-27 04:01:58 +00:00
Remko Lodder
217d9e4862 Only match on log messages containing fail,invalid,
bad or illegal. This prevents matching on systems that
have a name that matches the query.

PR:		conf/107560
Submitted by:	Christian Laursen <cfsl at pil dot dk>
MFC after:	3 days
Approved by:	imp (mentor)
2007-02-23 21:42:54 +00:00
Remko Lodder
4ee46876eb Move to the preferred syntax for nice (-n) instead
of the depricated one.

PR:		conf/108611
Submitted by:	TAOKA Fumiyoshi <fmysh at iijmio-mail dot jp>
Approved by:	imp (mentor)
2007-02-23 18:44:20 +00:00
Warner Losh
1a5f5dc097 fix comment about what pnpinfo is set 2007-02-15 16:38:10 +00:00
Yaroslav Tykhiy
d798671ba8 pkill(1) and pgrep(1) have been moved to /bin so that they are
available to rc.d scripts early in the boot sequence.
2007-02-15 06:51:31 +00:00
Yaroslav Tykhiy
5f9af361f4 Don't be paranoid about hostname(1) and order the things logically.
Pointed out by:	ceri
2007-02-15 06:46:33 +00:00
Yaroslav Tykhiy
01b777f4cb Don't nag about unset $hostname if DHCP is in use.
Pointed out by:	ceri
2007-02-15 06:42:42 +00:00
Joerg Wunsch
0411582e87 Add some entries to log unknown devices, based on the bus they appear
on.

Some things appear to be completely missing though, like the USB vendor
and product strings.
2007-02-14 08:13:54 +00:00
Yaroslav Tykhiy
aad85353cc Handle the case when the admin forgot to set $hostname,
which can happen in new installations: advise to set the
variable and refer to rc.conf(5).
2007-02-10 13:13:32 +00:00
Florent Thoumie
2d69b43eb2 Add support for EtherChannel configuration to rc startup scripts.
Note: This also deprecates "NO" as a way to specify an empty list of
interfaces for gif_interfaces.

PR:		conf/104884
Submitted by:	nork
Harassed by:	brd
Discussed with:	brooks, dougb
2007-02-09 12:11:27 +00:00
John Polstra
bd4dbd7879 Use egrep instead of grep so that reporting of login failures (broken
by revision 1.6) works again.  This fix is already in RELENG_6, but was
never committed to HEAD.
2007-02-05 16:36:25 +00:00
Marcel Moolenaar
d62866b236 o Remove screen, created by the unnecessary ofw_console(4)
o  Remove ttyyX, created by the obsolete zs(4)
o  Replace ttydX by ttyuX, which is created by uart(4)
o  Enable ttyu0 as a console to better support the xserve.

MFC after: 1 week
2007-01-26 06:22:34 +00:00
Mike Pritchard
a0072eda86 Add the following knobs for quotas if they are enabled:
quotaon_flags - flags for the quotaon command
quotaoff_flags - flags for the quotaoff command
quotacheck_flags - flags for the quotacheck command
2007-01-20 04:24:20 +00:00