freebsd-nq/etc
Bryan Drewery f12db248e7 Support checking signature for pkg bootstrap.
If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS,
and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along
with pkg.txz. The signature contains the signature provided by the
signing server, and the public key. The .sig is the exact output
from the signing server in the following format:

  SIGNATURE
  <openssl signed>
  CERT
  <rsa public key>
  END

The signature is verified with the following logic:

 - If the .sig file is missing, it fails.
 - If the .sig doesn't validate, it fails.
 - If the public key in the .sig is not in the known trusted fingerprints,
   it fails.
 - If the public key is in the revoked key list, it fails.

Approved by:	bapt
MFC after:	2 days
Discussed by:	bapt with des, jonathan, gavin
2013-10-26 03:43:02 +00:00
..
bluetooth
defaults Add support for "first boot" rc.d scripts. [1] 2013-10-19 21:37:06 +00:00
devd Regenerate after recent addition of FTDI and bluetooth device IDs. 2013-09-01 14:28:12 +00:00
etc.amd64 Remove unneeded mappings from libmap32.conf. Move it up one level and 2013-09-09 06:02:30 +00:00
etc.arm Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
etc.i386 Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
etc.ia64 Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
etc.mips Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
etc.pc98 Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
etc.powerpc Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
etc.sparc64 Remove the reference to pseudo-terminals from the description. 2011-03-30 08:22:29 +00:00
gss
mail Merge a number of changes required to hook up OpenBSM 1.2-alpha2's 2012-12-01 15:11:46 +00:00
mtree Set up the /usr/tests hierarchy. 2013-10-25 05:25:19 +00:00
namedb Add empty zones for Shared Address Space (RFC 6598) 2013-08-09 07:57:04 +00:00
pam.d - FreeBSD ships a KDE PAM module in base, but it's missing support for passwordless login (kde-np), 2012-05-30 03:10:22 +00:00
periodic Odds and ends left over from BIND and unnoticed because they didn't 2013-10-01 07:19:23 +00:00
pkg Support checking signature for pkg bootstrap. 2013-10-26 03:43:02 +00:00
ppp Remove COMPILATIONDATE from the default section. This string is no longer 2010-02-16 01:07:06 +00:00
rc.d Add a reload command. 2013-10-22 07:44:26 +00:00
root Remove hack to emulate effective uid and just use the EUID's name in the 2012-12-05 13:56:39 +00:00
sendmail Enable the automatic creation of a certificate (if one does not exists) 2013-10-19 18:51:06 +00:00
amd.map
apmd.conf
crontab
csh.cshrc
csh.login Change the commented msgs examples in profile/csh.login from -f to -q. 2010-05-15 17:49:56 +00:00
csh.logout
ddb.conf
devd.conf Comment cosmetics: capitalize SCSI 2013-03-02 18:08:03 +00:00
devfs.conf Remove example for linking /dev/vga to /dev/ttyv0, this hasn't been 2011-10-27 20:39:20 +00:00
dhclient.conf
disktab 10 years too late add support for "2.88MB 3.5in Extra High Density" 2012-11-02 00:17:30 +00:00
fbtab
freebsd-update.conf Add support for backing up the old kernel when installing a new kernel 2009-08-19 20:47:31 +00:00
ftpusers Remove most of the ATF tools and the _atf user. 2013-10-12 06:06:53 +00:00
gettytab Explicitly specify 'np' so that getty(8) does not simulate even parity on 2012-10-18 22:20:02 +00:00
group Remove most of the ATF tools and the _atf user. 2013-10-12 06:06:53 +00:00
hosts
hosts.allow
hosts.equiv
hosts.lpd
inetd.conf Remove CVS from the base system. 2013-06-15 20:29:07 +00:00
libalias.conf
libmap32.conf Remove unneeded mappings from libmap32.conf. Move it up one level and 2013-09-09 06:02:30 +00:00
libmap.conf Include /usr/local/etc/libmap.d/ by default. 2013-08-01 05:50:42 +00:00
login.access
login.conf Add a resource limit for the total number of kqueues available to the 2013-10-21 16:46:12 +00:00
mac.conf Spelling fixes for etc/ 2012-01-07 16:10:32 +00:00
Makefile Add support for reading configuration files from /etc/pkg. 2013-10-26 03:31:05 +00:00
man.alias
master.passwd Remove most of the ATF tools and the _atf user. 2013-10-12 06:06:53 +00:00
minfree
motd pkg_add is no more the default tool, make motd recommand using pkg install instead of pkg_add 2012-10-20 14:54:49 +00:00
netconfig
netstart Start rtsold if necessary. 2013-10-22 06:53:01 +00:00
network.subr Add support for "vnet jname" argument in ifconfig_IF. The vnet keyword 2013-10-10 07:41:11 +00:00
networks
newsyslog.conf Add syslog(3) support to devd(8). 2013-07-01 21:20:17 +00:00
nls.alias
nscd.conf
nsmb.conf
nsswitch.conf Revert r224760, and enhance the sed patterns from r224659 to comment out 2011-08-10 20:52:02 +00:00
ntp.conf As of r232844 we no longer need the maxpoll 9 workaround. 2012-08-20 18:45:16 +00:00
opieaccess
pccard_ether Not only load pccard_ether settings, also load network settings. This 2012-11-08 20:34:12 +00:00
pf.os Sync pf.os with OpenBSD: 2012-12-10 20:52:52 +00:00
phones
portsnap.conf Now that the portsnap buildbox is generating the raw bits for INDEX-10, 2013-09-26 10:33:15 +00:00
printcap
profile Change the commented msgs examples in profile/csh.login from -f to -q. 2010-05-15 17:49:56 +00:00
protocols Bring /etc/protocols up to date. 2013-05-10 13:57:44 +00:00
rc Add support for "first boot" rc.d scripts. [1] 2013-10-19 21:37:06 +00:00
rc.bsdextended
rc.firewall Whitespace nit 2012-07-13 06:46:09 +00:00
rc.initdiskless Revert r243228. This commit appears to cause more trouble than 2012-11-21 18:12:28 +00:00
rc.resume wpa_supplicant should be able to reassociate when resuming, so remove a 2013-07-04 07:32:40 +00:00
rc.sendmail
rc.shutdown Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't 2013-05-19 04:10:34 +00:00
rc.subr - Update rc.d/jail to use a jail(8) configuration file instead of 2013-10-10 09:32:27 +00:00
rc.suspend Revert r211288 and move the logic to the acpi_timer itself. 2012-02-08 20:31:42 +00:00
regdomain.xml Add a new 900MHz GSM regulatory SKU for the Xagyl Communications XC900M. 2012-12-07 06:34:46 +00:00
remote
rpc
services Add MySQL port 3306 2012-03-26 11:48:47 +00:00
shells
snmpd.config Add (disabled) sample configuration lines needed to enable snmp_target(3) module 2010-12-20 17:28:15 +00:00
sysctl.conf
syslog.conf Add syslog(3) support to devd(8). 2013-07-01 21:20:17 +00:00
termcap.small Fix termcap entry typo. 2011-02-09 10:06:31 +00:00