1252 Commits

Author SHA1 Message Date
Simon J. Gerraty
d466a5b069 Merge head 2013-09-11 18:16:18 +00:00
Niclas Zeising
26c4cc026d Regenerate after unhooking gcc/g++ from the default build for some arches. 2013-09-06 20:51:15 +00:00
Simon J. Gerraty
d1d0158641 Merge from head 2013-09-05 20:18:59 +00:00
Jeremie Le Hen
f1ed02fabd Since r254974, periodic scripts' period can be configured
independently.  There is no reason to leave their options
with the daily ones, so move them to their own section.
2013-09-03 07:51:06 +00:00
Antoine Brodin
b9aa88b0c1 Fix after r255014 2013-08-29 15:58:20 +00:00
Joel Dahl
99e27a7806 mdoc fix 2013-08-28 05:12:29 +00:00
Niclas Zeising
969fe8f052 Really regen after r254962.
This removes the WITH_BSDCONFIG description alltogether, since this option
is removed.
At the same time, fix the WITHOUT_LIBCPLUSPLUS option that had gotten
inverted.
2013-08-27 23:30:02 +00:00
Jeremie Le Hen
69b55c23cb Make the period of each periodic security script configurable.
There are now six additional variables
  weekly_status_security_enable
  weekly_status_security_inline
  weekly_status_security_output
  monthly_status_security_enable
  monthly_status_security_inline
  monthly_status_security_output
alongside their existing daily counterparts.  They all have the same
default values.

All other "daily_status_security_${scriptname}_${whatever}"
variables have been renamed to "security_status_${name}_${whatever}".
A compatibility shim has been introduced for the old variable names,
which we will be able to remove in 11.0-RELEASE.

"security_status_${name}_enable" is still a boolean but a new
"security_status_${name}_period" allows to define the period of
each script.  The value is one of "daily" (the default for backward
compatibility), "weekly", "monthly" and "NO".

Note that when the security periodic scripts are run directly from
crontab(5) (as opposed to being called by daily or weekly periodic
scripts), they will run unless the test is explicitely disabled with a
"NO", either for in the "_enable" or the "_period" variable.

When the security output is not inlined, the mail subject has been
changed from "$host $arg run output" to "$host $arg $period run output".
For instance:
  myfbsd security run output ->  myfbsd security daily run output
I don't think this is considered as a stable API, but feel free to
correct me if I'm wrong.

Finally, I will rearrange periodic.conf(5) and default/periodic.conf
to put the security options in their own section.  I left them in
place for this commit to make reviewing easier.

Reviewed by:	hackers@
2013-08-27 21:20:28 +00:00
Devin Teske
a5aa00fbae Formally remove WITH_BSDCONFIG build option and re-generate src.conf.5
NOTE: Should have been inline with revisions 252862 and 254958.
2013-08-27 16:30:50 +00:00
Antoine Brodin
8aad3f600b Regenerate src.conf.5 2013-08-26 17:18:21 +00:00
Hiroki Sato
7dce7544fc - Reimplement $gif_interfaces as a variant of $cloned_interfaces.
Newly-configured systems should use $cloned_interfaces.

- Call clone_{up,down}() and ifnet_rename() in rc.d/netif {start,stop}.
  ifnet_rename() now accepts an interface name list as its argument.

- Add rc.d/netif clear.  The "clear" subcommand is basically equivalent to
  "stop" but it does not call clone_down().

- Add "ifname:sticky" keyword into $cloned_interfaces.  If :sticky is
  specified, the interface will not be destroyed in rc.d/netif stop.

- Add cloned_interfaces_sticky={YES,NO}.  This variable globally sets
  :sticky keyword above for all interfaces.  The default value is NO.
  When cloned_interfaces_sticky=YES, :nosticky keyword can be used to
  override it on per interface basis.
2013-08-04 06:36:17 +00:00
Andrew Turner
e1f38054f5 Regen. 2013-07-16 19:20:50 +00:00
Hiroki Sato
a78deafaaa Document options for .eli devices.
Submitted by:	ADAM David Alan Martin
2013-07-15 03:50:14 +00:00
Baptiste Daroussin
13f6fdf210 Regenerate src.conf(5) after changing WITHOUT_PKGTOOLS to WITH_PKGTOOLS 2013-07-12 23:12:37 +00:00
Glen Barber
d87953e418 Document that a literal jail name of 0 (zero) is not allowed.
PR:		174436
Submitted by:	Robert Schulze
Reviewed by:	mjg
MFC after:	3 days
2013-07-12 22:02:11 +00:00
Hiroki Sato
6b577129ab Remove $swapfile and $geli_swap_flags. 2013-07-09 07:57:10 +00:00
Niclas Zeising
82fbf0f6ea Revert previous revision, local change that accidentally snuck in. 2013-07-03 12:58:53 +00:00
Niclas Zeising
5b694ac5db Regenerate after r252561
PR:		docs/180025
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com>
2013-07-03 12:53:06 +00:00
Joel Dahl
a9ca77e055 mdoc: remove EOL whitespace. 2013-06-29 16:05:44 +00:00
Hiroki Sato
268a55bc98 - Add vnode-backed swap space specification support. This is enabled when
device names "md" or "md[0-9]*" and a "file" option are specified in
  /etc/fstab like this:

  md    none    swap    sw,file=/swap.bin       0       0

- Add GBDE/GELI encrypted swap space specification support, which
  rc.d/encswap supported.  The /etc/fstab lines are like the following:

  /dev/ada1p1.bde       none    swap    sw      0       0
  /dev/ada1p2.eli       none    swap    sw      0       0

  .eli devices accepts aalgo, ealgo, keylen, and sectorsize as options.

  swapctl(8) can understand an encrypted device in the command line
  like this:

  # swapctl -a /dev/ada2p1.bde

- "-L" flag is added to support "late" option to defer swapon until
  rc.d/mountlate runs.

- rc.d script change:

    rc.d/encswap -> removed
    rc.d/addswap -> just display a warning message if $swapfile is defined
    rc.d/swap1 -> renamed to rc.d/swap
    rc.d/swaplate -> newly added to support "late" option

These changes alleviate a race condition between device creation/removal
and swapon/swapoff.

MFC after:	1 week
Reviewed by:	wblock (manual page)
2013-06-27 18:28:45 +00:00
Rui Paulo
47ccafd283 Document ifconfig_wlanX="HOSTAP" 2013-06-26 04:33:32 +00:00
Hiroki Sato
740b713999 - Add CIDR notation support like 192.168.1-2.10-16/24 to $ifconfig_IF_aliasN.
This is an extended version of ipv4_addr_IF which supports both IPv4 and
  IPv6, and multiple range specifications.  To avoid to generate too many
  addresses, the maximum number of the generated addresses is currently
  limited to 31.

- Add $ifconfig_IF_aliases, which accepts multiple IP aliases in a variable.

- ipv6_prefix_IF now supports !/64 prefix length.  In addition to the old
  64-bit format (2001:db8:1:1), a full 128-bit format like 2001:db8:1:1::/64
  is supported.

- Replace ifconfig command with $IFCONFIG_CMD variable to support
  a dry-run mode in the future.

- Remove IP aliases before removing all of IPv4 addresses when doing
  "rc.d/netif down".

- Add a DAD wait to network6_getladdr() because it is possible to fail to
  configure an EUI64 address when ipv6_prefix_IF is specified.

A summary of the supported ifconfig_* variables is as follows:

 # IPv4 configuration.
 ifconfig_em0="inet 192.168.0.1"
 # IPv6 configuration.
 ifconfig_em0_ipv6="inet6 2001:db8::1/64"
 # IPv4 address range spec.  Now deprecated.
 ipv4_addr_em0="10.2.1.1-10"
 # IPv6 alias.
 ifconfig_em0_alias0="inet6 2001:db8:5::1 prefixlen 70"
 # IPv4 alias.
 ifconfig_em0_alias1="inet 10.2.2.1/24"
 # IPv4 alias with range spec w/o AF keyword (backward compat).
 ifconfig_em0_alias2="10.3.1.1-10/32"
 # IPv6 alias with range spec.
 ifconfig_em0_alias3="inet6 2001:db8:20-2f::1/64"
 # ifconfig_IF_aliases is just like ifconfig_IF_aliasN.
 ifconfig_em0_aliases="inet 10.3.3.201-204/24 inet6 2001:db8:210-213::1/64 inet 10.1.1.1/24"
 # IPv6 alias (backward compat)
 ipv6_ifconfig_em0_alias0="inet6 2001:db8:f::1/64"
 # IPv6 alias w/o AF keyword (backward compat)
 ipv6_ifconfig_em0_alias1="2001:db8:f:1::1/64"
 # IPv6 prefix.
 ipv6_prefix_em0="2001:db8::/64"

Tested by:	Kimmo Paasiala
2013-06-20 02:29:49 +00:00
Niclas Zeising
4ddfbec06c Fix the libc++ option.
This somehow got reverted when this was updated after the CVS removal.
2013-06-16 20:51:44 +00:00
Eitan Adler
8ed396853b Regenerate after CVS removal (and it seems other missed changes) 2013-06-15 21:29:47 +00:00
Hiroki Sato
ed45ea12ca Add :ifname modifier to specify interface-specific routes into
{,ipv6_}static_routes and rc.d/routing.  For example:

 static_routes="foo bar:em0"
 route_foo="-net 10.0.0.0/24 -gateway 192.168.2.1"
 route_bar="-net 192.168.1.0/24 -gateway 192.168.0.2"

At boot time, all of the static routes are installed as before.
The differences are:

- "/etc/rc.d/netif start/stop <if>" now configures static routes
  with :<if> if any.
- "/etc/rc.d/routing start/stop <af> <if>" works as well.  <af> cannot be
  omitted when <if> is specified, but a keyword "any" or "all" can be used
  for <af> and <if>.
2013-06-09 18:11:36 +00:00
Ed Maste
e9f843e2f6 Add WITH_DEBUG_FILES
makeman currently generates a src.conf that claims every option also
enforces WITHOUT_BIND_UTILS, so I applied this section by hand.
2013-06-07 21:51:10 +00:00
Glen Barber
3c10f4198d Remove references to CVS_UPDATE and SUP_UPDATE to catch up with r251084.
MFC after:	1 month
X-MFC-With:	r251084, r251085
2013-05-28 23:52:01 +00:00
Xin LI
8d8a4892fe Fix a copy-and-paste typo. 2013-05-22 05:21:19 +00:00
Xin LI
6de725c2d8 Regenerate with manual fixup for WITH_LDNS_UTILS inheriting WITHOUT_BIND_UTILS. 2013-05-22 05:16:07 +00:00
Brooks Davis
2afea814ac Document WITHOUT_CROSS_COMPILER and WITHOUT_FORMAT_EXTENSIONS. 2013-05-15 14:35:02 +00:00
Joel Dahl
37b983c09b mdoc sweep 2013-05-13 18:13:50 +00:00
Joel Dahl
2710751bc3 mdoc sweep. 2013-05-12 22:22:12 +00:00
Bryan Drewery
fdcb645387 Fix examples for overriding INSTALL to not suggest hardcoding
'install' since it breaks buildworld after the introduction and
use of 'install -l' in r245752. Overriding INSTALL causes
/usr/bin/install to be used instead of the proper
/usr/src/tools/install.sh which handles the new flag.

Approved by:	bapt
MFC after:	2 weeks
2013-04-26 19:56:14 +00:00
Joel Dahl
a0bd7e1cc4 Update description of process status output.
PR:		143850
Submitted by:	Slaven Rezic <slaven@rezic.de>
2013-04-22 20:14:57 +00:00
Joel Dahl
706d408512 Remove EOL whitespace. 2013-04-18 10:08:27 +00:00
Jeremie Le Hen
6272779b2f Document jail_<jname>_parameters option.
The description explains why we should not configure "path",
"host.hostname", "command", "ip4.addr" and ip6.addr" parameters with
this, but rather use the historical rc.conf(5) options.

MFC after:	3 days
2013-04-17 20:19:32 +00:00
Simon J. Gerraty
69e6d7b75e sync from head 2013-04-12 20:48:55 +00:00
Joel Dahl
af9fc0b09c Remove references to ataraid(4) and atacontrol(8). 2013-04-04 08:45:37 +00:00
Joel Dahl
4a21566cef Remove atapicam(4) reference. 2013-04-04 08:30:04 +00:00
Eitan Adler
0b94c3f711 Remove obsolete references to sysinstall.
This change is not intended for MFC.

PR:		docs/177570
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com> (partial)
Approved by:	bcr (mentor)
2013-04-02 12:40:01 +00:00
Dag-Erling Smørgrav
0041e47595 Retire the mislabeled ENABLE_SUID_SSH knob. 2013-03-22 14:10:15 +00:00
Attilio Rao
67f1f66fc7 Garbage collect XFS bits which are now already completely disconnected
from the tree since few months.

This is not targeted for MFC.
2013-03-02 15:33:54 +00:00
Joel Dahl
fea692b5f6 mdoc: sort sections. 2013-02-18 20:21:26 +00:00
Simon J. Gerraty
f5f7c05209 Updated dependencies 2013-02-16 01:23:54 +00:00
Dag-Erling Smørgrav
421ccedd26 Manually add the correct text for the LDNS and LDNS_UTILS options.
There seems to be a bug in makeman that causes it to misunderstand
the relationship between LDNS_UTILS and BIND_UTILS.
2013-02-15 15:09:24 +00:00
Dag-Erling Smørgrav
0acc2e1d2b Update src.conf(5) up to but not including my LDNS commits. 2013-02-15 14:17:27 +00:00
David E. O'Brien
d9a447559b Sync with HEAD. 2013-02-08 16:10:16 +00:00
Dag-Erling Smørgrav
5b2acfeca5 Cross-reference newgrp(1), and document the use of pw(8) to set the group
password.

PR:		docs/167741
MFC after:	3 weeks
2013-02-08 14:11:12 +00:00
Dimitry Andric
c0e7a46dd2 Regenerate src.conf(5). 2013-02-02 22:52:24 +00:00
Dimitry Andric
ebffc6daac Regenerate src.conf(5). 2013-02-02 22:36:02 +00:00