Commit Graph

5500 Commits

Author SHA1 Message Date
David E. O'Brien
2e0c6b7ac0 Install filemon.h into /usr/include for userland consumption. 2012-06-20 00:09:47 +00:00
Dag-Erling Smørgrav
3acb6d160f Passive mode is the default, and has been for a while.
MFC after:	1 week
2012-06-19 14:47:07 +00:00
Dag-Erling Smørgrav
b4f560356a Switch the default password hash from md5 to sha512.
MFC after:	1 week
2012-06-19 14:46:18 +00:00
Dag-Erling Smørgrav
7c5a921699 Finally nuke auth.conf, nine years after it was deprecated. The only
thing it was still used for was to set the "global default" password
hash.  Since the stock auth.conf contained nothing but comments, the
global default was actually the first algorithm in crypt(3)'s list,
which happens to be DES; I take the fact that nobody noticed as proof
that it was not used outside of crypt(3).

The only other use in our tree was in the Kerberos support code in
in tinyware's passwd(1).  I removed that code in an earlier commit;
it would not have compiled anyway, as it only supported Kerberos IV.

The auth_getval() function is now a stub that always returns NULL,
which has the same effect as a functional auth_getval() with an
empty auth.conf.

MFC after:	3 weeks
2012-06-12 17:02:53 +00:00
Eitan Adler
d81a84a9bc Don't attempt to delete .sujournal in /tmp
PR:		conf/163828
Submitted by:	Tatsuki Makino <tatsuki_makino@hotmail.com>
Approved by:	cperciva
MFC after:	1 week
2012-05-30 03:51:46 +00:00
Martin Wilke
57eef2a0b2 - FreeBSD ships a KDE PAM module in base, but it's missing support for passwordless login (kde-np),
and it doesn't really belong in base system.

PR:		misc/167261
Submitted by:	avilla@
Approved by:	rwatson (mentor)
MFC after:	3 days
2012-05-30 03:10:22 +00:00
Hans Petter Selasky
9d569918e6 Regenerate usb.conf
MFC after:	3 days
2012-05-21 15:01:35 +00:00
George V. Neville-Neil
4d37a12307 Add support for our own DTrace scripts and those from the DTraceToolkit
to the build system.  FreeBSD written scripts are stored in
src/share and the toolkit scripts are brought from the cddl directory
into a working tree via install.

MFC after:	2 weeks
2012-05-18 16:40:15 +00:00
Grzegorz Bernacki
7f725bcd5c Import work done under project/nand (@235533) into head.
The NAND Flash environment consists of several distinct components:
  - NAND framework (drivers harness for NAND controllers and NAND chips)
  - NAND simulator (NANDsim)
  - NAND file system (NAND FS)
  - Companion tools and utilities
  - Documentation (manual pages)

This work is still experimental. Please use with caution.

Obtained from: Semihalf
Supported by:  FreeBSD Foundation, Juniper Networks
2012-05-17 10:11:18 +00:00
Eitan Adler
833cabc9a1 Submitted by: gavin, pjd
Approved by:	cperciva
MFC after:	3 days
2012-05-09 17:29:07 +00:00
John Baldwin
25d56d8dcc Display dropped transmit packets in the daily network interface output.
PR:		conf/165956
Submitted by:	Jeremy Chadwick
MFC after:	1 week
2012-05-07 15:41:31 +00:00
Stanislav Sedov
51506f39f4 - Change kfd rc script to be more conformant with rcNG conventions:
o change rcname to kfd;
  o move mandatory options to command_args;
  o add missing "shutdown" keyword;
  o fix require line.  Kfd doesn't really need to be started before
    daemons.

Suggested by:	dougb
2012-05-06 20:46:04 +00:00
John Baldwin
b8cb2346fc - Don't log messages saying that accounting is being disabled and enabled
if the accounting log file is atomically replaced with a new file
  (such as during log rotation).
- Simplify accounting log rotation a bit.  There is no need to re-run
  accton(8) after renaming the new log file to it's real name.

PR:		kern/167321
Tested by:	Jeremy Chadwick
2012-05-02 14:25:39 +00:00
Dimitry Andric
dff0c46c97 Upgrade our copy of llvm/clang to trunk r154661, in preparation of the
upcoming 3.1 release (expected in a few weeks).  Preliminary release
notes can be found at: <http://llvm.org/docs/ReleaseNotes.html>

MFC after:	2 weeks
2012-04-16 21:23:25 +00:00
Eitan Adler
bf98096218 - remove the length shortening on the path
- make the default prompt a bit more like scp
- make the user show as root even when using 'su' instead of 'su -'
- the key bindings didn't hurt anything but likely hide a bug
- merge history instead of overwriting it

Submitted by:	gavin, joel
Approved by:	cperciva
2012-04-11 14:13:22 +00:00
Stanislav Sedov
7e2d4dcd24 - Add rc.d script for kfd, kerberos forwarded tickets daemon. 2012-04-10 09:27:41 +00:00
Ivan Voras
1c78ab7317 Add MySQL port 3306
Obtained from:	http://www.iana.org/assignments/port-numbers
MFC after:	1 week
2012-03-26 11:48:47 +00:00
Eitan Adler
7ba657625c Fix build by adding new directory to mtree in r233429
Submitted by:	flo
Approved by:	cperciva
MFC after:	1 week
2012-03-24 21:10:19 +00:00
Eitan Adler
1233083107 - Make the default values for tcsh more user friendly
- Add an examples file with many of the not accepted suggestions from the discussion

PR:		conf/160689
Reviewed by:	many
Discussed on:	current
Approved by:	cperciva
2012-03-24 18:43:18 +00:00
Sergey Kandaurov
1554a84e91 Clean up of fs/fifofs include directory after fifo.h removal.
Glanced by:	kib
2012-03-23 10:12:35 +00:00
Stanislav Sedov
ae77177087 - Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
  o kgetcred(1) allows one to manually get a ticket for a particular service.
  o kf(1) securily forwards ticket to another host through an authenticated
    and encrypted stream.
  o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
    and other user kerberos operations. klist and kswitch are just symlinks
    to kcc(1) now.
  o kswitch(1) allows you to easily switch between kerberos credentials if
    you're running KCM.
  o hxtool(1) is a certificate management tool to use with PKINIT.
  o string2key(1) maps a password into key.
  o kdigest(8) is a userland tool to access the KDC's digest interface.
  o kimpersonate(8) creates a "fake" ticket for a service.

  We also now install manpages for some lirbaries that were not installed
  before, libheimntlm and libhx509.

- The new HEIMDAL version no longer supports Kerberos 4.  All users are
  recommended to switch to Kerberos 5.

- Weak ciphers are now disabled by default.  To enable DES support (used
  by telnet(8)), use "allow_weak_crypto" option in krb5.conf.

- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
  disabled due to the function they use (krb5_get_err_text(3)) being
  deprecated.  I plan to work on this next.

- Heimdal's KDC now require sqlite to operate.  We use the bundled version
  and install it as libheimsqlite.  If some other FreeBSD components will
  require it in the future we can rename it to libbsdsqlite and use for these
  components as well.

- This is not a latest Heimdal version, the new one was released while I was
  working on the update.  I will update it to 1.5.2 soon, as it fixes some
  important bugs and security issues.
2012-03-22 08:48:42 +00:00
Gleb Smirnoff
004cb95bae Rotate auth.log and messages at the beginning of a year. Otherwise,
daily security checks 800.loginfail and 900.tcpwrap may produce
false positive alerts.
2012-03-19 09:30:40 +00:00
Hans Petter Selasky
d2c5981310 Regenerate usb.conf to use new -n option when doing kldload.
MFC after:	1 week
2012-03-18 09:52:54 +00:00
Martin Matuska
9f6e964d17 Unhide /dev/zfs in devfsrules_jail.
The /dev/zfs device is required for managing jailed ZFS datasets.

Discussed with:	pjd, jamie
MFC after:	1 week
2012-03-16 21:30:26 +00:00
Ed Schouten
4c2c7b2c94 Make init(8) slightly more robust when /dev/console is missing.
If the environment doesn't offer a working /dev/console, the existing
version of init(8) will simply refuse running rc(8) scripts. This means
you'll only have a system running init(8) and nothing else.

Change the code to do the following:

- Open /dev/console like we used to do, but make it more robust to use
  O_NONBLOCK to prevent blocking on a carrier.
- If this fails, use /dev/null as stdin and /var/log/init.log as stdout
  and stderr.
- If even this fails, use /dev/null as stdin, stdout and stderr.

So why us this useful? Well, if you remove the `getpid() == 1' check in
main(), you can now use init(8) inside jails to properly execute rc(8).
It still requires some polishing, as existing tools assume init(8) has
PID 1.

Also it is now possible to use use init(8) on `headless' devices that
don't even have a serial boot console.
2012-03-14 16:22:09 +00:00
Ed Schouten
93bd0cdedd Hide stty(1) errors.
If rc(8) is executed without using a TTY, this error appears at the
beginning:

	stty: stdin isn't a terminal

Because this is to be expected and of course not harmful, it is better
to simply hide the error message.

MFC after:	1 week
2012-03-14 16:10:39 +00:00
Bjoern A. Zeeb
9f0b9a0853 Rather than printing the output from route add for all FIBs just print them
for the default FIB followed by a statement with a list of FIB numbers for
all the other FIBs we install the routes for.

Request by:	kib (to make it less noisy)
Tested by:	kib
MFC after:	3 days
2012-03-04 18:53:35 +00:00
David Chisnall
a8ed63bb3d Reapply 227753 (xlocale cleanup), plus some fixes so that it passes build
universe with gcc.

Approved by:	dim (mentor)
2012-03-04 15:31:13 +00:00
Justin Hibbits
3cc28bd9bf Add backlight control to ATI-graphics PowerBooks and iBooks.
Approved by:	nwhitehorn (mentor)
MFC after:	1 week
2012-02-26 13:45:25 +00:00
Xin LI
90de8d2a65 Put the signal trap output to standard error instead of standard output.
Without this change, pressing ^T could result in rc.d script putting
junk strings like:

	Script <filename> running

in configuration files when redirecting standard output to these files.

MFC after:	2 weeks
2012-02-18 00:46:18 +00:00
Doug Barton
81ed1a1e1b Increase the default shutdown timer to 90 seconds. This will allow
certain systems that take a long time to shut down, without adversely
affecting things that shut down quickly. It's also 30 seconds less than
the default hard limit of 120 seconds in kern.init_shutdown_timeout.

PR:		conf/109272
Submitted by:	Radim Kolar SF.NET <hsn@sendmail.cz>
2012-02-17 07:59:37 +00:00
Bjoern A. Zeeb
e17d7df80d Merge multi-FIB IPv6 support from projects/multi-fibv6/head/:
Extend the so far IPv4-only support for multiple routing tables (FIBs)
introduced in r178888 to IPv6 providing feature parity.

This includes an extended rtalloc(9) KPI for IPv6, the necessary
adjustments to the network stack, and user land support as in netstat.

Sponsored by:	Cisco Systems, Inc.
Reviewed by:	melifaro (basically)
MFC after:	10 days
2012-02-17 02:39:58 +00:00
Eitan Adler
f85a4a2977 Style: prefer the use of line continuations to +=
Requested by:	marcel, dougb, bde
Approved by:	cperciva
MFC after:	3 days
2012-02-17 01:21:08 +00:00
Bjoern A. Zeeb
9dba179d5e IFC @231845
Sponsored by:	Cisco Systems, Inc.
2012-02-17 00:27:48 +00:00
Dimitry Andric
b74cf6dcf1 Revert r231673 and r231682 for now, until we can run a full make
universe with them.  Sorry for the breakage.

Pointy hat to:	     me and brooks
2012-02-14 21:48:46 +00:00
David Chisnall
82dd5016bd Cleanup of xlocale:
- Address performance regressions encountered by das@ by caching per-thread
  data in TLS where available.
- Add a __NO_TLS flag to cdefs.h to indicate where not available.
- Reorganise the xlocale.h definitions into xlocale/*.h so that they can be
  included from multiple places.
- Export the POSIX2008 subset of xlocale when POSIX2008 says it should be
  exported, independently of whether xlocale.h is included.
- Fix the bug where programs using ctype functions always assumed ASCII unless
  recompiled.
- Fix some style(9) violations.

Reviewed by:	brooks (mentor)
Approved by:	dim (mentor)
2012-02-14 12:03:23 +00:00
Doug Barton
20ceedfb69 Fix various issues with the NFS and RPC related scripts:
1. Add new functionality to the force_depend method to incorporate the
   tests for whether the service is enabled and/or already running.
2. Add a new option to bypass checking only that the service is enabled
   at boot time, and always check if it is running.
3. Use this new functionality to greatly simplify the rc.d scripts that
   use force_depend.
4. Add a force_depend for statd in lockd
5. Remove the check that either nfs_server or nfs_client is _enable'd
   from statd and lockd. This was always overkill, and prevented using
   the {one|force}start options, as well as stop'ing on the command line.
6. The yp* scripts had some of their arguments in various weird orders.
   Bring them into line with the model.
7. If mountd fails to create /var/db/mountdtab, err out.

Ideas, suggestions, and/or review from delphij and jilles.
Pointy hats are completely my responsibility however.
2012-02-14 10:51:24 +00:00
Hans Petter Selasky
d45fe33ddc Re-generate /etc/devd/usb.conf
MFC after:	1 day
2012-02-13 07:47:16 +00:00
Andriy Gapon
5a197b4612 start watchdogd before most of other daemons/servers
The main benefit is that watchdogd would shutdown after most of other
daemons/servers and thus, for example, would remedy a system hang caused
by unlucky X server shutdown.

Reviewed by:	dougb (earlier version)
MFC after:	2 weeks
2012-02-12 14:58:50 +00:00
Ed Schouten
18568efd19 Avoid using BEFORE in the utx rc script.
Requested by:	dougb
2012-02-12 07:45:48 +00:00
Ed Schouten
c21ae3a403 Move utmpx handling out of init(8).
This has the following advantages:

- During boot, the BOOT_TIME record is now written right after the file
  systems become writable, but before users are allowed to log in. This
  means that they can't cause `hidden logins' by logging in right before
  init(8) kicks in.

- The pututxline(3) function may potentially block on file locking,
  though this is very rare to occur. By placing it in an rc script, the
  user can still kill it with ^C if needed.

- Most importantly: jails don't use init(8). This means that a force
  reboot of a system running jails will leave stale entries in the
  accounting database of the jails individually.
2012-02-11 20:47:16 +00:00
Doug Barton
f7451733fb In the days before r208307 addswap was running early in the second stage
of rcorder. Somehow in the intervening period addswap got moved to the
very end, which is almost certainly not what we want.

This change moves it to right after kld so that for users who need it,
they'll get it ASAP.
2012-02-11 06:21:16 +00:00
Eitan Adler
b169a33235 Make etc/Makefile more conflict resistant
PR:		conf/163789
Submitted by:	gcooper (iXsystems)
Approved by:	cperciva
MFC after:	3 days
2012-02-09 20:44:20 +00:00
Jung-uk Kim
cc43a851d2 Revert r211288 and move the logic to the acpi_timer itself. 2012-02-08 20:31:42 +00:00
Doug Barton
95208e20d0 As it stands right now, the default devfs rulesets are only loaded as a
side effect of something else using them. If they haven't been loaded
already but you want to use them, say for configuring a jail, you're out
of luck.

So add a knob to always load the default rulesets. While I'm here document
the other devfs_ knobs in rc.conf.5.
2012-02-08 08:52:40 +00:00
Glen Barber
2f1602a7d1 Add an option to 404.status-zfs (enabled by default) to list all
zfs pools on the system.

While here, document daily_status_zfs_enable in periodic.conf(5).

Discussed on:	-fs [1]
Reviewed by:	netchild [1]
Approved by:	jhb
MFC after:	1 week

[1] - http://lists.freebsd.org/pipermail/freebsd-fs/2011-June/011869.html
2012-02-08 00:08:21 +00:00
Hiroki Sato
86b84592a8 Fix $ipv6_network_interfaces handling in rc.d/routing. It could fail when
it was set to "auto", for example.

MFC after:	3 days
2012-02-04 18:14:49 +00:00
Bjoern A. Zeeb
b202f3dc89 Install the IPv6 reject routes we do for the default FIB to all FIBs.
Sponsored by:	Cisco Systems, Inc.
2012-02-03 15:31:47 +00:00
Hiroki Sato
d830cea6b7 Perform IPv6 DAD only in ifn_start. 2012-01-29 08:33:34 +00:00
Justin Hibbits
c0c8fcb92d Remove the notify match from a couple devd apple events, the events don't
include notify tags.

Approved by:	nwhitehorn (mentor)
MFC after:	3 days
2012-01-28 02:52:22 +00:00
Hiroki Sato
f6e5ba31d2 Fix several glitches in IPv6-related knobs:
- ipv6_enable + ipv6_gateway_enable should unset ACCEPT_RTADV by default for
  backward compatibility.

- Configurations in ipv6_prefix_IF should be recognized even if there is no
  ifconfig_IF_ipv6.

- DAD wait should be performed at once, not on a per-interface basis, if
  possible.  This fixes an issue that a system with a lot of IPv6-capable
  interfaces takes too long for booting.

MFC after:	1 week
2012-01-22 10:57:32 +00:00
Brooks Davis
2dd3bcd48d When creating the jails /dev/log symlink, do it by full path to avoid
creating stray "log" symlinks if the mount fails.  That apparently
happens in some ezjail configs.

PR:		conf/143084
Submitted by:	Dirk Engling <erdgeist at erdgeist.org>
Reviewed by:	simon
MFC after:	2 weeks
2012-01-20 22:55:19 +00:00
Eygene Ryabinkin
edad1b5ba4 /etc/netstart: remove invocation of dhclient
dhclient is no longer a real service, it is a helper script
for /etc/rc.d/netif and devd.  Its direct invocation isn't
needed to bring the network up.

Approved by: jhb
2012-01-20 17:25:15 +00:00
Eygene Ryabinkin
1eea470950 dhclient: don't use syslog for logging non-DHCP interface errors
We should show the error to user, but it doesn't deserve syslog.

Approved by: jhb
2012-01-20 17:19:50 +00:00
Doug Barton
72fc1aafe2 If we're booting there is no need to waste time determining if the service
is running or not.

PR:		conf/150752
Submitted by:	YIN Xiaofeng <75394094@qq.com>
2012-01-20 10:31:27 +00:00
Doug Barton
61d4638e52 Now that its callers have been udpated, remove set_rcvar().
The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.
2012-01-14 08:59:02 +00:00
Doug Barton
801c438304 Prepare for the removal of set_rcvar() by changing the rcvar=
assignments to the literal values it would have returned.

The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.

During the discussion on freebsd-rc@ a preference was expressed for
using ${name}_enable instead of the literal values. However the
code portability concept doesn't really apply since there are so
many other places where the literal name has to be searched for
and replaced. Also, using the literal value is also a tiny bit
faster than dereferencing the variables, and every little bit helps.
2012-01-14 02:18:41 +00:00
Eygene Ryabinkin
0113cca483 rc.d: document 'quiet' prefix and fix dhclient/devd interaction
Document the current semantics of the 'quiet' command prefix
in the rc.subr(8).

Fix dhclient rc.d script: it should not call err() for
non-DHCP-enabled interface when it is called from devd, because the
latter just blindly calls 'service dhclient quietstart' on each "link
up" event.

Since the 'quietstart' will silence the message "Cannot 'start' <foo>.
Set <foo>_enable to YES in /etc/rc.conf or use 'onestart' instead of
'start'." and running dhclient on the non-DHCP-enabled interface is
the same thing as running the service <foo> without <foo>_enable set,
such modification is in sync with the current semantics of the 'quiet'
prefix.

Approved by: glebius
Reviewed by: freebsd-rc list
MFC after:	2 weeks
2012-01-12 06:48:11 +00:00
Gleb Smirnoff
5c39f7bdeb Bunch of fixes to pfsync(4) module load/unload:
o Make the pfsync.ko actually usable. Before this change loading it
  didn't register protosw, so was a nop. However, a module /boot/kernel
  did confused users.
o Rewrite the way we are joining multicast group:
  - Move multicast initialization/destruction to separate functions.
  - Don't allocate memory if we aren't going to join a multicast group.
  - Use modern API for joining/leaving multicast group.
  - Now the utterly wrong pfsync_ifdetach() isn't needed.
o Move module initialization from SYSINIT(9) to moduledata_t method.
o Refuse to unload module, unless asked forcibly.
o Improve a bit some FreeBSD porting code:
  - Use separate malloc type.
  - Simplify swi sheduling.

This change is probably wrong from VIMAGE viewpoint, however pfsync
wasn't VIMAGE-correct before this change, too.

Glanced at by:	bz
2012-01-09 08:50:22 +00:00
Doug Barton
a194b02d88 There is no longer a need to abstract ${rcvar_manpage} as we are not
attempting to maintain compatibility with NetBSD for some years now.
2012-01-08 20:25:29 +00:00
Ulrich Spörlein
081dc98788 Spelling fixes for etc/ 2012-01-07 16:10:32 +00:00
Pawel Jakub Dawidek
e3bf08680d Add 'nojail' keyword as auditd(8) can't really do anything useful when
inside a jail.

Discussed with:	rwatson
MFC after:	1 week
2012-01-06 14:00:31 +00:00
Pawel Jakub Dawidek
04d8001793 - Put one file into one line. This makes keeping local changes and merging
with FreeBSD easier for vendors.
- For optional files use variables starting with underscore.

Both changes make rc.d/Makefile look similar to sys/modules/Makefile.

Reviewed by:	dim
2011-12-15 21:06:37 +00:00
Gleb Smirnoff
84516ac070 Add compatibility support for specifing IPv4 aliases in
rc.conf without the "inet" keyword.

Obtained from:	hrs
2011-12-13 14:36:04 +00:00
Justin Hibbits
23ab37cb82 Fix style(9) issues from r228270.
Approved by:	nwhitehorn (mentor)
2011-12-05 14:13:21 +00:00
Justin Hibbits
6431ede397 Add a devd notification for closing/opening the lid on PowerBooks and iBooks.
Approved by:	nwhitehorn (mentor)
2011-12-05 00:12:10 +00:00
David E. O'Brien
59509bae0a Ensure kldxref is run first. Currently both 'kldxref' and 'kld' depend
on "FILESYSTEMS" and 'kld' is being run 8 scripts ahead of 'kldxref'.

Reported by:	dhw
2011-12-01 22:50:10 +00:00
David Chisnall
7a98470824 Import libc++ / libcxxrt into base. Not build by default yet (use
MK_LIBCPLUSPLUS=yes to enable).  This is a work-in-progress.  It works for
me, but is not guaranteed to work for anyone else and may eat your dog.

To build C++ using libc++, add -stdlib=libc++ to your CXX and LD flags.

Bug reports welcome, bug fixes even more welcome...

Approved by:	dim (mentor)
2011-11-25 20:59:04 +00:00
Gleb Smirnoff
74ffd254b4 Better use pkill(1) in last commit.
Submitted by:	pjd
2011-11-21 12:23:22 +00:00
Gleb Smirnoff
4ccbfb3f84 On some laptops it is important to re-open /dev/psm after resume. moused(8)
was capable to do this upon SIGHUP for more than a decade. Automate this
via rc.resume in default installation.
2011-11-15 12:59:07 +00:00
Doug Barton
398955cd68 The default setting, daily_accounting_compress="NO", was causing
only 1 old file to be saved, so fix this. Problem raised in the PR,
but actually required a different solution.

While I'm here, fix a very old off-by-one error causing 1 more file
than specified in daily_accounting_save to be saved because acct.0
was not taken into account (pun intended). Change that, and use a more
thorough method of finding old files to delete. Partly just because this
is the right thing to do, but also to silently fix the extra log that
would have been left behind forever with the previous method.

PR:		conf/160848
Submitted by:	Andrey Zonov <andrey@zonov.org>
2011-11-13 03:01:58 +00:00
Jilles Tjoelker
e60150fafa rc.d: Eliminate some unnecessary non-POSIX constructs:
* set - ...
 * empty braces
 * ^ in character class
2011-11-08 23:02:32 +00:00
Dimitry Andric
66aa9b8dc9 Whenever you boot with nfsv4_server_enable=NO (the default) in rc.conf,
the /etc/rc.d/nfsd script sets vfs.nfsd.server_max_nfsvers to 3.

Then, when you set nfsv4_server_enable=YES in rc.conf, and restart nfsd
via the rc.d script, without rebooting, the sysctl does *not* get reset
to max version 4, so NFSv4 still doesn't work.

Fix this by explicitly setting vfs.nfsd.server_max_nfsvers to 4 when
NFSv4 is requested.

I also added resetting of the nfs_privport sysctls, since this has the
same issue: nfs_reserved_port_only=YES in rc.conf sets the nfs_privport
sysctl to 1, but in the other case, the sysctl doesn't get reset to 0.

Reviewed by:	rmacklem
Silence from:	rc@
MFC after:	3 days
2011-11-05 16:47:47 +00:00
Eygene Ryabinkin
0c4b17e1e7 Fix handling of rc_force in /etc/rc.d/dhclient
Variable 'rc_force' is accessible only at the time of rc_run_command,
so it can't be examined from the script's main code.

Spotted by:	hrs
Reviewed by:	hrs, des
Approved by:	des
MFC after:	2 weeks
2011-10-28 06:03:38 +00:00
Xin LI
8017fd8eb9 Increase default scrub threshold from 30 days to 5 weeks. Using
whole weeks makes it easier to predicate when the scrub would
happen.

MFC after:	1 week
2011-10-27 21:25:41 +00:00
Gavin Atkinson
349f3d11fb Remove example for linking /dev/vga to /dev/ttyv0, this hasn't been
required since X version 4.3.0.

PR:		conf/161847
Submitted by:	eadler
MFC after:	2 weeks
2011-10-27 20:39:20 +00:00
Gavin Atkinson
58fdb93577 Update the example rules in devfs.conf to reflect the changes since ATA_CAM.
While here, add another example rule, as many applications these days
expect to find /dev/dvd instead.

MFC after:	3 days
2011-10-27 20:35:21 +00:00
Hiroki Sato
0321b694c7 - Add support for a "!" character in regex matching in devd(8). It inverts
the logic (true/false) of the matching.

- Add "!usbus[0-9]+" to IFNET ATTACH notification handler in the default
  devd.conf to prevent rc.d/netif from running when usbus[0-9]+ is attached.

Reviewed by:	imp
2011-10-26 02:11:28 +00:00
Martin Matuska
4d428b10ae Correctly reassign copyright of etc/rc.d/static_ndp back to delphij@
as the project itself is no legal entity

Reported by:	Joe Dahl <joel@vnode.se>
MFC after:	3 days
2011-10-23 10:17:42 +00:00
Martin Matuska
dbedf61ce3 Add etc/rc.d/static_ndp, analogous to etc/rc.d/static_arp.
Make sure that static ARP and NDP bindings are set before NETWORKING.

As static_ndp is based on static_arp, pass copyright to the project with
permission of the original author (delphij@).

Reviewed by:	delphij@FreeBSD.org
MFC after:	3 days
2011-10-23 09:08:42 +00:00
Hiroki Sato
dec80d129b Add support for removing addresses added by ipv6_prefix_hostid_addr_up()
upon rc.d/netif stop.
2011-10-23 07:37:36 +00:00
Hiroki Sato
089ff57221 Fix an issue that 127/8 is not configured when $ifconfig_DEFAULT is not empty.
Spotted by:	ume
2011-10-23 05:56:59 +00:00
Hans Petter Selasky
c8eeb97178 Add new USB IDs to RUN driver. Update usb.conf.
PR:		usb/161798
MFC after:	3 days
2011-10-19 10:09:01 +00:00
Stefan Eßer
8d68b75b54 Add missing default values for daily/800.scrub-zfs for documentation
purposes. No functional change, since all parameters are set to their
default values.
MFC after:	1 week
2011-10-17 14:37:24 +00:00
Stefan Eßer
3efd8ccdb5 Fix error message in case the backup storage directory does not exist and
cannot be created ($daily_backup_pkgdb_dbdir -> $daily_backup_pkgdb_dir).
MFC after:	1 week
2011-10-17 14:33:41 +00:00
Dag-Erling Smørgrav
32ca8e078d The rc_force test was inverted in the previous commit, so that dhclient ran
for interfaces which were not configured for DHCP *unless* rc_force was set;
the correct logic is to run dhclient for those interfaces *only if* rc_force
is set.

Broken by:	des@
Noticed by:	everybody and his dog
Submitted by:	rea@
PR:		bin/161733
2011-10-17 13:05:57 +00:00
Nathan Whitehorn
b6faf3cfdb Add support for special keys (volume/brightness/eject) on Apple laptops with
ADB keyboards.

Submitted by:	Justin Hibbits <jrh29 at alumni dot cwru dot edu>
MFC after:	9.0-RELEASE
2011-10-16 21:01:42 +00:00
Dag-Erling Smørgrav
23f39c906b Make dhclient use a pid file. Modify the rc script accordingly; while
there, clean it up and add some error checks.

Glanced at by:	brooks@
MFC after:	3 weeks
2011-10-13 17:20:45 +00:00
Colin Percival
b0efac1ceb Now that the portsnap buildbox is generating the raw bits for INDEX-9,
add it to the set of INDEX files built by portsnap.
2011-10-12 03:29:12 +00:00
Stanislav Sedov
7c450da7b4 - Import Heimdal 1.5 distribution. 2011-10-05 07:23:29 +00:00
Dimitry Andric
324d7156d7 Revive the LLVM and Clang license files, which were removed in my
too-thorough cleanup of unused files, in r213695.  Also make sure these
get installed under /usr/share/doc.

Submitted by:	rwatson, brooks
Pointy hat to:	dim
MFC after:	3 days
2011-09-29 18:12:40 +00:00
Stanislav Sedov
31f1e9c17f - Flatten the vendor heimdal tree. 2011-09-29 05:23:57 +00:00
Warren Block
762f55cd5f Fix a confusing sentence. [1]
Other wording tweaks.

Reviewed by:	imp [1]
Approved by:	gjb
2011-09-29 03:37:42 +00:00
Xin LI
89b1da1ba2 Test if the interface is afif in dhcpif() and syncdhcpif(), as
done in ipv6_autoconfif.

Reviewed by:	hrs (freebsd-rc@)
MFC after:	1 week
2011-09-28 19:01:15 +00:00
Konstantin Belousov
a01fdfcef1 Install ciss(4) ioctl header (together with other .h files from sys/dev/ciss).
PR:	kern/109813
Discussued with:	Alex Samorukov <samm os2 kiev ua>
	(smartmontools maintainer)
MFC after:	1 week
2011-09-27 12:14:43 +00:00
Hiroki Sato
04303fd864 Use REQUIRE: line to reorder rc.d/bridge instead of BEFORE: line.
Pointed out by:	dougb
Approved by:	re (bz)
2011-09-20 00:37:35 +00:00
Hiroki Sato
33b9d9a8d2 Use resolvconf(8) to create /etc/resolv.conf, not directly overwrite it.
Approved by:	re (kib)
2011-09-19 15:56:50 +00:00
Hiroki Sato
f8c5f6a6b8 Fix the script order to run rc.d/bridge after the initial network
interface configuration and before running network daemons.

Approved by:	re (kib)
2011-09-19 15:55:53 +00:00
Jaakko Heinonen
3fb4fa3574 Expose "log" in the default devfs rules. /etc/rc.d/jail creates /dev/log
as a symbolic link.

PR:		conf/160711
Submitted by:	Jase Thew
Approved by:	re (kib)
MFC after:	1 week
2011-09-15 13:32:43 +00:00
Doug Barton
073d48133f Correct the RFC number for the description of IPv6 privacy addressing
Reviewed by:	bz
Approved by:	re (kib)
2011-09-15 09:22:49 +00:00
Christian Brueffer
3ea459713b Minor spelling, wording and punctuation fixes in comments.
PR:		155984
Submitted by:	gcooper
Approved by:	re (kib)
MFC after:	1 week
2011-09-14 20:13:10 +00:00
Hiroki Sato
d4358e709f - Add an warning when ifconfig_IF_ipv6 has no inet6 keyword in front
of an IPv6 address. (r225489)

- Use eval for ${ifconfig_args} to fix an issue fixed in r223506. (r225489)

Approved by:	re (bz)
2011-09-13 00:09:47 +00:00
Hiroki Sato
049087a0f3 Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE
(r225485).  When setting an interface name to it, the following
configurations will be enabled:

 1. "no_radr" is set to all IPv6 interfaces automatically.

 2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif.  This is
    done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
    means you can manually supersede this configuration if necessary).

 3. The node will add RA-sending routers to the default router list
    even if net.inet6.ip6.forwarding=1.

This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network).  To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.

Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table.  To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.

Approved by:	re (bz)
2011-09-13 00:06:11 +00:00
Xin LI
4144951277 Sync pf.os with OpenBSD:
- Update OpenBSD fingerprints through OpenBSD 4.9
 - Fix typos.

Obtained from:	OpenBSD
MFC after:	2 weeks
Approved by:	re (kib)
2011-09-08 23:46:07 +00:00
Nathan Whitehorn
4cefd5cf3e Fix path to the handbook and provide a hint about how to install it if it
was not added at installation time.

Approved by:	re (blackend)
2011-08-26 14:05:48 +00:00
Xin LI
aefb9fe04f Honor WITHOUT_IPX when installing etc/rc.d/ipxrouted.
MFC after:	1 week
Approved by:	re (kib)
2011-08-23 19:29:11 +00:00
Doug Barton
4116c8e738 Revert r224760, and enhance the sed patterns from r224659 to comment out
the _compat entries in the WITHOUT_NIS case rather then delete them.

Approved by:	re (kib)
2011-08-10 20:52:02 +00:00
Doug Barton
c2aedca43b Rather than edit the nsswitch.conf file based on ${MK_NIS} == "no"
comment out the NIS _compat options by default, but leave them in
the file for the convenience of users who want to enable it.

Update the comment in the file accordingly.

Reviewed by:	ed
Approved by:	re (hrs)
2011-08-06 09:16:53 +00:00
Ed Schouten
b41afd430d Remove NIS entries from /etc/nsswitch.conf for WITHOUT_NIS.
We already modify various configuration files in /etc based on build
configuration. This is not done for nsswitch.conf right now when setting
WITHOUT_NIS. This breaks various utilities, including crond, that depend
on working databases.

Approved by:	re (kib)
MFC after:	1 month
2011-08-05 17:33:12 +00:00
Doug Barton
ab1779e30e Revert the apparently-unecessary module_path twiddling from r223917
Approved by:	re (kib)
2011-07-22 21:08:19 +00:00
Jilles Tjoelker
068c02de6d rc.d/routing: Fix ugly output with additional routing options.
Print a separate "Additional routing options" line for each address family
which has additional options, so that it does not get mixed up with the
output from adding routes.

This also reverts r224048 which added newlines to two arbitrary routing
options.
2011-07-17 14:52:55 +00:00
Doug Barton
75f93b2483 Commemorate the release of RFC 6303 by updating the comments regarding
our default empty zones.  No functional changes.
2011-07-17 06:20:47 +00:00
Doug Barton
3fed94a85e Pick up the 2011-06-08 update to this file, the addition of an IPv6
address for D.
2011-07-17 06:05:44 +00:00
Kevin Lo
d99dc333db Remove "-n" from echo
Reviewed by:	dougb
2011-07-15 01:59:08 +00:00
Adrian Chadd
eff1a1bc13 More Japan regulatory domain fixes:
* Add HT40 entries for the two new Japan bands
* Fix a channel separation bug in one of the new bands I introduced
  in a previous commit.
2011-07-14 05:49:35 +00:00
Adrian Chadd
7a9a76167a Japan regulatory domain update #1 - sync with CRDA entries.
Specifics:

* add 4920MHz-4980MHz for 11a and 11n/HT20
* add 5040MHz-5080MHz for 11a and 11n/HT20
* add 5500MHz-5700MHz for 11a and 11n/HT20 (DFS needed)
* add 5500MHz-5680MHz for 11n/HT40 (DFS needed)

TODO:

* add correct HT40 bands for 4920-4980 and 5040-5080

For the curious:

There's been many revisions to the Japan regulatory rules.
Apparently, the requirements require old cards certified on a previous
version of the rules to obey the older rules, not the newer rules.

The regdomain.xml outlines the -current- restrictions.

The card driver (eg the ath_hal regulatory domain code) may include
previous revisions of the Japan rules.

The ath_hal regdomain code populates the initial channel list based on
what the EEPROM indicates is possible. The regdomain.xml database imposes
further restrictions on this.

So regdomain.xml only needs to have the -current- rules. If the card
was certified on an earlier set of JP rules, it may only support a subset
of those channels - these are calculated at device attach and this
restricted list is kicked to net80211. regdomain.xml operates on -this-
list of channels.

And thus, the correct regulatory behaviour for Japan is handled with only
one regdomain.xml Japan database entry.

(phew.)

Obtained from:	Linux wireless-regdb
2011-07-14 05:19:28 +00:00
Doug Barton
c2d900ef50 Make sure we load kernel modules from the same path as the running kernel 2011-07-10 23:47:03 +00:00
Rick Macklem
1e2cac7b7f Delete the /etc/rc.d/nfsserver script, since it is no
longer used by /etc/rc.d/nfsd and it is no longer necessary
to load the old nfs server by default, when nfs_server_enable="YES".

Tested by:	sgk at troutmask.apl.washington.edu
Reviewed by:	rc (Andrzej Tobola)
2011-07-08 00:49:50 +00:00
Rick Macklem
c4c07ee035 Fix the /etc/rc.d/nfsd script so that it no longer uses
the /etc/rc.d/nfsserver script to load the old nfs server
module.

Tested by:	sgk at troutmask.apl.washington.edu
Reviewed by:	rc (hrs)
2011-07-07 20:59:42 +00:00
Sergey Kandaurov
1bb5e90ffd Run load_rc_config before stop_cmd definition, so that ${quotaoff_flags}
is correctly expanded inside stop_cmd instead of getting nothing.

PR:		conf/157687
Reported by:	Dmitry Banschikov <d.banschikov peterhost ru>
MFC after:	1 week
2011-06-28 14:26:34 +00:00
Hans Petter Selasky
88bf23ef94 Regenerate usb.conf after r223566. 2011-06-27 20:32:19 +00:00
Adrian Chadd
3b34e0a097 .. this wasn't supposed to be committed! sorry. 2011-06-26 14:29:49 +00:00
Gavin Atkinson
16169457f0 The SMCWUSBG is a zyd(4) device, not an uath(4) device. Remove from the
latter.

It appears that the addition to uath(4) came in through PR kern/135009,
which had tested another device, the SMCWUSBTG2, successfully with uath(4)
and included the SMCWUSBG as it "has the same chipset".  I can find no
other evidence that these two do actually share the same chipset.  Moreover,
Linux treats the SMCWUSBG as a zyd(4) device also.

This reverts r223537.

Discussed with:	hselasky, kevlo
MFC after:	1 week
2011-06-26 11:37:24 +00:00
Adrian Chadd
3cef2d90e3 I think 23dBm is the correct value to use here. CRDA uses 20dBm + 3dB max antenna
gain; I believe net80211 doesn't take antenna gain into account and leaves it
up to the driver to enforce. (ath_hal(4) certainly tries to do this.)
2011-06-26 10:34:01 +00:00
Adrian Chadd
1b8805b8aa Add a couple more frequency ranges to the FCC3 (FCC + DFS) regulatory domain.
The frequency range 5490MHz -> 5710MHz was opened up sometime in 2009, but
regdomain.xml wasn't updated.

FCC reference: (Section 15.407): http://louise.hallikainen.org/FCC/FccRules/2009/15/407/

The hole between 5600-5650MHz is due to a request from Airports using
a weather radar system which also utilises this range.
The GIT commit explaining this hole in more detail can be found here:

http://git.kernel.org/?p=linux/kernel/git/linville/wireless-regdb.git;a=commit;h=fcbf9225d56e82d9a4e506187d42285e76d81523
2011-06-26 10:32:09 +00:00
Adrian Chadd
e43496e5e6 Replace tab with 8 spaces, bringing it in line with the rest of the file. 2011-06-26 09:32:46 +00:00
Hans Petter Selasky
72b92b5ef7 - Move bus_auto.conf back into /etc/devd/
- Rename bus_auto.conf into usb.conf

Requested by:	imp @
MFC after:	14 days
2011-06-25 17:01:46 +00:00
Hans Petter Selasky
fe38e11f25 - Move auto-load devd config file into etc/defaults folder.
- Regenerate file after bugfix in the generator.

Suggested by:	Jeremy Messenger
MFC after:	14 days
2011-06-25 15:42:33 +00:00
Hans Petter Selasky
9c916c627f - Export more USB device ID's.
- Update bus_auto.conf accordingly.

MFC after:	3 days
2011-06-24 22:01:56 +00:00
Hans Petter Selasky
2854ca4726 - Add auto-load devd config file for USB kernel modules.
MFC after:	14 days
2011-06-24 21:32:03 +00:00
Sergey Kandaurov
f253603f0c Add support for string values with white spaces for ifconfig(8)
parameters accepting them (such as description, group).

Changes discussed on freebsd-rc.

PR:		conf/156675
Reported by:	"Alexander V. Chernikov" <melifaro att ipfw ru>
Suggested by:	hrs
Analyzed with:	Alexander V. Chernikov via IRC
MFC after:	2 weeks
2011-06-24 14:56:38 +00:00
Adrian Chadd
0b73ba9c97 Fix another broken HT40 channel band reference. 2011-06-24 14:31:30 +00:00
Adrian Chadd
9b9fc082ba More incorrect HT/40 setups in FCC.
Noticed-by:	bschmidt@
2011-06-24 12:50:18 +00:00
Adrian Chadd
74024442b7 Fix an incorrect frequency band for HT/40 in the FCC SKU.
Noticed by: bschmidt@
2011-06-24 12:31:36 +00:00
Adrian Chadd
796fd09a90 Import one of the two missing US FCC DFS bands to FCC3.
The FCC opened up this band sometime in 2009 (and ath was updated);
but regdomain.xml wasn't updated.
2011-06-24 12:30:43 +00:00
Doug Barton
ef247ddad1 I knew there was something funny about this line 2011-06-22 06:27:32 +00:00
Doug Barton
0ee974f9cf Blah, forgot to svn add the actual script from r223310 2011-06-19 22:59:54 +00:00
Doug Barton
d732b516ea Add the netwait rc.d script. It waits for the specified period for the
network to become active.

PR:		conf/151063
Submitted by:	Jeremy Chadwick <freebsd@jdc.parodius.com>
2011-06-19 22:48:40 +00:00
Jilles Tjoelker
1cbcfc538b rc.subr: Make sure all functions are under if [ -z "${_rc_subr_loaded}" ]. 2011-06-19 15:23:32 +00:00
Jilles Tjoelker
5062455134 rc.subr: Eliminate a fork from check_kern_features, like r223227.
MFC after:	2 weeks
2011-06-19 11:42:48 +00:00
Doug Barton
aff92fcbb9 Add rc.d/kld to load kernel modules after local disks are up.
This method is many times faster than doing it in /boot/loader.conf.
2011-06-18 19:41:05 +00:00
Jilles Tjoelker
cfb739b854 rc.subr: Eliminate about 100 forks from the boot sequence.
With the current sh, placing eval in a command substitution always results
in a fork(), even if it is the only command and only executes a single
simple command. Therefore, avoid it where it can be avoided easily.

Side effect: values starting with a hyphen and all whitespace are preserved.
The values are defaults and names for rc.conf variables and messages to be
given about obsolete ones.

MFC after:	2 weeks
2011-06-18 11:05:30 +00:00
Ed Schouten
9f0c9022c2 Add WITHOUT_UTMPX switch to the build system.
This knob removes the tools that are exclusively used to view and
maintain the databases maintained by utmpx, namely last, users, who,
wtmpcvt, ac, lastlogin and utxrm.

The tool w is not in this list, because it has some other functionality
which is unrelated to utmpx; it is hardlinked to the uptime tool.
2011-06-17 21:30:21 +00:00
Ed Schouten
f1c344b293 Don't omit ac(8) as part of WITHOUT_ACCT.
The WITHOUT_ACCT switch is supposed to omit tools related to process
accounting, namely accton and sa. ac(8) is just a simple tool that
prints statistics based on data in the utx.log database. It has nothing
to do with the former.
2011-06-17 20:47:44 +00:00
Josh Paetzel
00a3d0dae2 Eliminate extraneous pipelines and tr calls.
Approved by:	kib (mentor)
MFC after:	3 days
2011-06-15 19:33:02 +00:00
Gregory Neil Shapiro
d84fd3a341 Minor change to force commit this file so new freebsd*.cf files are
built to use the new sendmail-8.14.5/cf tree.

MFC after:	4 days
2011-06-14 04:34:20 +00:00
Gregory Neil Shapiro
8259b3066b Update DNSBL information (MAPS has been acquired, used a generic example) 2011-06-14 04:33:43 +00:00
Josh Paetzel
eb52d12531 Convert the allowed characters '-', '.', and ':' in a ZFS pool name to _
to avoid causing errors in the shell script.

Submitted by:	William Grzybowski <william88@gmail.com>
Approved by:	kib (mentor)
MFC after:	7 days
Sponsored by:	iXsystems
2011-06-13 19:45:01 +00:00
Hiroki Sato
1e1c0371e6 - Remove $ipv6_gateway_enable check.
- Use list_net_interfaces() instead of "ifconfig -l".
2011-06-11 21:41:44 +00:00
Hiroki Sato
d3ae0231fe Add a helper function to check kern.features.* sysctls.
Discussed with:	dougb
2011-06-11 21:40:37 +00:00