Commit Graph

6374 Commits

Author SHA1 Message Date
cy
7dcccea4d3 Remove the gratuitous check for $FreeBSD$ and rename the function
to ntpd_init_leapfile, to ensure a copy exists in /var/db if a copy
isn't already there.

Reported by:	ache@
MFC after:	1 day
2016-08-25 13:24:11 +00:00
cy
ec2af80fd3 Make validation of the leap-seconds file unconditional.
MFC after:	1 day
2016-08-25 03:09:23 +00:00
cy
f444ebd0a5 Add logic to replace the working ntp leap-seconds file in /var/db
if it contains a $FreeBSD$ header. The header will cause the file
to fail checksum of the hash causing ntpd to ignore the file.

MFC after:	1 day
2016-08-25 02:58:41 +00:00
cy
0de89d1036 Change the algorithm by which /var/db/leap-seconds is updated.
1. Use the leap-seconds version number (update time) to determine
   whether to update the file or not.

2. If the version numbers of the files is the same, use the later
   expiry date to determine which file to use.

Suggested by:	ian@
MFC after:	1 day
2016-08-25 02:45:52 +00:00
cy
7bdf37f979 Revert r298887 (spelling fix) and remove $FreeBSD$ because text changes
to leap-seconds invaldidates validation hash at the end of the file.

Remove svn:keywords and replace with fbsd:nokeywords=yes to
support this change.

MFC after:	1 day
2016-08-25 02:40:14 +00:00
allanjude
0494ab3e01 Increase the default rotation threshold of log files from 100kb to 1000kb
Submitted by:	Sean Kelly <smkelly@freebsd.org>
Differential Revision:	https://reviews.freebsd.org/D6792
2016-08-24 23:02:20 +00:00
jhb
42f9157a48 Remove stale drivers (amd(4) and asr(4)) from the SCSI controller regex. 2016-08-19 22:05:22 +00:00
jhb
3947907d86 Remove the wds(4) driver for the WD700 ISA SCSI HBA.
While this driver does do DMA, it bounce buffers all transactions through
a single 64k buffer.  It also does not have a manpage.

Relnotes:	yes
2016-08-19 21:51:42 +00:00
markj
31eeb8a691 Regenerate DTrace tests. 2016-08-16 02:34:25 +00:00
asomers
2805aa3105 Decrease the anti-congestion sleep in 480.leapfile-ntpd to 1 hour
24 hours is too long. Periodic scripts are executed serially, so when
combined with the sleep in 410.pkg-audit periodic could actually take more
than 24 hours and block the next invocation.

Reviewed by:	cy
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D7481
2016-08-15 14:58:25 +00:00
delphij
356d0acd42 Now that the portsnap buildbox is generating the raw bits for INDEX-12,
add it to the set of INDEX files built by portsnap.

Switch to INDEX-12 for head/.
2016-08-14 05:18:38 +00:00
dteske
a70cb3d84a Allow enforce_statfs (see jail(8)) to be set per jail
Reviewed by:	jelischer
MFC after:	3 days
2016-08-10 23:24:21 +00:00
des
9a3ec6a114 Disable DSA again.
MFC after:	3 days
2016-08-03 16:34:20 +00:00
bdrewery
6eacd5b7c7 Move chown tests to proper path
Sponsored by:	EMC / Isilon Storage Division
2016-07-23 05:49:18 +00:00
cy
be7a80e92d Update leap-seconds to leap-seconds.3676752000.
As per https://datacenter.iers.org/web/guest/eop/-/somos/5Rgv/latest/16:

                                  UTC TIME STEP
                            on the 1st of January 2017

 A positive leap second will be introduced at the end of December 2016.
 The sequence of dates of the UTC second markers will be:

                          2016 December 31, 23h 59m 59s
                          2016 December 31, 23h 59m 60s
                          2017 January   1,  0h  0m  0s

 The difference between UTC and the International Atomic Time TAI is:

  from 2015 July 1, 0h UTC, to 2017 January 1 0h UTC   : UTC-TAI = - 36s
  from 2017 January 1, 0h UTC, until further notice    : UTC-TAI = - 37s

Obtained from:	ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.3676752000
See also:	https://www.iers.org/SharedDocs/News/EN/BulletinC.html
	https://datacenter.iers.org/web/guest/eop/-/somos/5Rgv/latest/16
MFC after:	1 week
Relnotes:	yes
2016-07-21 19:27:04 +00:00
jamie
cca3b9acd0 Start jails non-parallel if jail_parallel_start is NO. This was true
for an explicitly specified jail list; now it's also true for all jails.

PR:		209112
MFC after:	3 days
2016-07-14 20:17:08 +00:00
jamie
e226b08652 Wait for jails to complete startup if jail_parallel_start is YES,
instead of assuming they'll take less than one second.

PR:		203172
Submitted by:	dmitry2004@yandex.ru
2016-07-14 19:51:54 +00:00
cy
6e0e2c2a67 Restore lost comment from r301295.
PR:		211027
Reported by:	Trond.Endrestol@ximalas.info
Pointy hat to:	cy@ (me)
MFC after:	3 days
2016-07-14 01:16:07 +00:00
markj
a04ed73d0b Remove more references to mroute6d, which was removed in r298512. 2016-07-14 00:41:37 +00:00
bapt
9889527f5a Posixify the locales name for variants
For all locales with variants:
- if no ambiguity on the locale (only one variant) just use the regular name
- if ambiguity, pick one as default and append @<variant> to the others
  respecting POSIX

As a result:
- All the 3 components locales added recently are renamed to the usual 2
  components version for all but sr_RS.UTF-8
- Set sr_RS.UTF-8 to the cyrillic variant
- Add sr_RS.UTF-8@latin
- Remove the symlinks aliases they were created to represent the 2 components
  version as aliasas and are now useless
- Update the OptionalObsoleteFiles.inc and ObsoleteFiles.inc to reflect those
  changes

Discussed with:	ache@
Approved by:	re@ (gjb)
2016-07-03 18:21:11 +00:00
bapt
67b405af43 Remove reference to mroute6d in /etc/netstart.
mroute6d has been removed in r298512.

PR:		209405
Submitted by:	Trond.Endrestol@ximalas.info
Approved by:	re (gjb)
2016-06-25 12:54:27 +00:00
lidl
5d697e7c81 Add support for a /etc/defaults/vendor.conf override file
Reviewed by:	stas, imp
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D6895
2016-06-23 19:37:00 +00:00
imp
b93dab6663 Commit the bits of nda that were missed. This should fix the build.
Approved by: re@
2016-06-10 06:04:53 +00:00
markj
5c6d3bcb51 Implement an NSS backend for netgroups and add getnetgrent_r(3).
This support appears to have been documented in nsswitch.conf(5) for some
time. The implementation adds two NSS netgroup providers to libc. The
default, compat, provides the behaviour documented in netgroup(5), so this
change does not make any user-visible behaviour changes. A files provider
is also implemented.

innetgr(3) is implemented as an optional NSS method so that providers such
as NIS which are able to implement efficient reverse lookup can do so.
A fallback implementation is used otherwise. getnetgrent_r(3) is added for
convenience and to provide compatibility with glibc and Solaris.

With a small patch to net/nss_ldap, it's possible to specify an ldap
netgroup provider, allowing one to query nisNetgroupTriple entries.

Sponsored by:	EMC / Isilon Storage Division
2016-06-09 01:28:44 +00:00
ngie
f67f37634c Fix typo with description for $ipv6_cpe_wanif (upstram -> upstream)
MFC after: 3 days
PR: 210146
Reported by: Sean M. Collins <sean@coreitpro.com>
Sponsored by: EMC / Isilon Storage Division
2016-06-08 18:38:48 +00:00
lidl
cb2fd85b37 Separate BLACKLIST vs BLACKLIST_SUPPORT properly
Sponsored by:	The FreeBSD Foundation
2016-06-07 16:31:03 +00:00
lidl
a61869785b Turn off blacklistd daemon in defaults
Reported by:	Matteo Riondato ( matteo @ FreeBSD.org )
Reviewed by:	rpaulo
Approved by:	rpaulo
Relnotes:	YES
Sponsored by:	The FreeBSD Foundation
2016-06-06 17:01:35 +00:00
araujo
7552ed7502 Connect ypldap(8) script on Makefile, forgotten on my previous commit r301480. 2016-06-06 04:13:49 +00:00
araujo
43084d2f1d Add rc.d script for ypldap(8). 2016-06-06 03:55:00 +00:00
araujo
0f769a7b93 Install/Connect ypldap.conf(5) on examples. 2016-06-06 02:43:41 +00:00
cy
ee7dbd3e0c Enable daily_ntpd_leapfile_enable by default. Otherwise an expired
leapfile will be ignored and ntpd will behave as if it has no
leapfile.

While here, remove an extraneous blank line.

Suggested by:	ache
MFC after:	1 week
2016-06-04 01:01:46 +00:00
lidl
6f31a383cc Add basic blacklist build support
Reviewed by:	rpaulo
Approved by:	rpaulo
Relnotes:	YES
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5913
2016-06-02 19:06:04 +00:00
asomers
944327caa7 Fix exit status of "service routing start <af> <iface>"
etc/rc.d/routing
	Ignore the exit status of options_{inet,inet6,atm}. It's
	meaningless.

Reviewed by:	hrs
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D6687
2016-06-02 15:31:24 +00:00
gjb
fe5676baea Revert r301137 and r301163, and implement a correct fix
for the CONFS issue with dma.conf and ppp.conf.

Thank you very much to Bryan Drewery for looking into the
problem and providing this fix.

Pointyhat:	gjb
Sponsored by:	The FreeBSD Foundation
2016-06-01 20:44:28 +00:00
gjb
693109989c Implement a hack to re-enable installation of the dma.conf.
The 'CONFS' entries in share/mk/bsd.confs.mk explicitly check
for the 'installconfig', but does not behave properly with the
'distribute' target.

This seems to be related to the previously-reported issues
with files within /etc in the past.

Reported by:	Ben Woods
Sponsored by:	The FreeBSD Foundation
2016-06-01 20:06:55 +00:00
gjb
17c4d27bf8 Revert r289096:
Files listed in 'CONFS' are not properly included in new
installations (missing from base.txz), for reasons I still
do not fully understand.

This reverts the change excluding /etc/ppp/ppp.conf from
a new installation.  /etc/dma/dma.conf is also affected,
but requires a different solution, still being investigated.

Reported by:	Ben Woods
Sponsored by:	The FreeBSD Foundation
2016-06-01 16:45:08 +00:00
cy
a47611b5e6 Don't rely on $ntpd_enable to periodically fetch the latest
leapfile.

Suggested by:	cperciva
MFC after:	1 week
2016-06-01 04:37:43 +00:00
vangyzen
14093b648e Fix indentation in dhclient rc.d script 2016-05-31 18:40:47 +00:00
trasz
7f0b38609f Cosmetics: add missing space after the ':' in etc/rc.d/random.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-05-31 08:31:34 +00:00
ngie
4540590873 Fix circular dependency created after r287197 between ldconfig and mountcritremote
ldconfig is already required by mountcritremote indirectly, as noted by rcorder:

> rcorder: Circular dependency on provision `mountcritremote' in file `ldconfig'.

Having mountcritremote REQUIRE ldconfig breaks dependency ordering.

Making the ldconfig hints be conditionally regenerated from mountcritremote when
remote filesystems are mounted is done after this change, similar to cleanvar
being conditionally called after the change.

Differential Revision: https://reviews.freebsd.org/D6621
PR: 202726
Reviewed by: jilles
Sponsored by: EMC / Isilon Storage Division
2016-05-30 19:59:51 +00:00
ngie
1f776afa1c Make netif REQUIRE hostid
As noted in the PR, if etc/rc.d/zvol is removed, netif will be run before
hostid, and the MAC address generated for any bridge devices will be
non-deterministic. Make the MAC address generated be deterministic for
bridge devices by explicitly REQUIRE'ing hostid.

This fixes up the rest of the PR, inadvertently committed in r299844

MFC after: 1 week
PR: 195188
Sponsored by: EMC / Isilon Storage Division
2016-05-29 02:59:03 +00:00
ngie
f09d81c417 Fix "make installworld" with MK_CDDL == no after r300906 by
adding a missing entry for ${TESTSBASE}/cddl/sbin

X-MFC with: r300906
Pointyhat to: asomers
Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored by: EMC / Isilon Storage Division
2016-05-29 01:38:12 +00:00
asomers
442baa5184 zfsd(8), the ZFS fault management daemon
Add zfsd, which deals with hard drive faults in ZFS pools. It manages
hotspares and replements in drive slots that publish physical paths.

cddl/usr.sbin/zfsd
	Add zfsd(8) and its unit tests

cddl/usr.sbin/Makefile
	Add zfsd to the build

lib/libdevdctl
	A C++ library that helps devd clients process events

lib/Makefile
share/mk/bsd.libnames.mk
share/mk/src.libnames.mk
	Add libdevdctl to the build. It's a private library, unusable by
	out-of-tree software.

etc/defaults/rc.conf
	By default, set zfsd_enable to NO

etc/mtree/BSD.include.dist
	Add a directory for libdevdctl's include files

etc/mtree/BSD.tests.dist
	Add a directory for zfsd's unit tests

etc/mtree/BSD.var.dist
	Add /var/db/zfsd/cases, where zfsd stores case files while it's shut
	down.

etc/rc.d/Makefile
etc/rc.d/zfsd
	Add zfsd's rc script

sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c
	Fix the resource.fs.zfs.statechange message. It had a number of
	problems:

	It was only being emitted on a transition to the HEALTHY state.
	That made it impossible for zfsd to take actions based on drives
	getting sicker.

	It compared the new state to vdev_prevstate, which is the state that
	the vdev had the last time it was opened.  That doesn't make sense,
	because a vdev can change state multiple times without being
	reopened.

	vdev_set_state contains logic that will change the device's new
	state based on various conditions.  However, the statechange event
	was being posted _before_ that logic took effect.  Now it's being
	posted after.

Submitted by:	gibbs, asomers, mav, allanjude
Reviewed by:	mav, delphij
Relnotes:	yes
Sponsored by:	Spectra Logic Corp, iX Systems
Differential Revision:	https://reviews.freebsd.org/D6564
2016-05-28 17:43:40 +00:00
asomers
6ee2220242 Always create loopback routes on every fib
Always create loopback routes on every fib, for both IPv4 and IPv6

etc/rc.d/routing
	Create loopback IPv4 and IPv6 routes on every fib at boot. Revert
	278302; now that all FIBs have IPv6 loopback routes, the
	"route add -reject" commands won't fail.

tests/etc/rc.d/routing_test.sh
	Greatly simplify static_ipv6_loopback_route_for_each_fib. It was
	written under the assumption that loopback routes would be added to
	a given fib by the kernel as soon as an interface is configured on
	that fib. However, the logic can be much simpler now that we simply
	add loopback routes to all fibs at boot. This also removes the need
	to run the test as root, removes the restriction that
	net.add_addr_allfibs=0, and removes the need to configure fibs in
	kyua.conf.

	Also, add a test case for IPv4 loopback routes

Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D6582
2016-05-27 22:40:40 +00:00
cy
e825b90448 Use the expiry date to determine whether to replace the DB copy of
leapfile instead of using the leapfile serial number (create
timestamp).

PR:		209577
MFC after:	3 days
2016-05-25 01:35:02 +00:00
asomers
4e1ba42e3d Better document security_show_{success,info,badconfig} in /etc/periodic.conf
periodic(8) already handles the security_show_{success,info,badconfig}
variables correctly. However, those variables aren't explicitly set in
/etc/defaults/periodic.conf or anywhere else, which suggests to the user
that they shouldn't be used.

etc/defaults/periodic.conf
	Explicitly set defaults for security_show_{success,info,badconfig}

usr.sbin/periodic/periodic.sh
	Update usage string

usr.sbin/periodic/periodic.8
	Minor man page updates

One thing I'm _not_ doing is recommending setting security_output to
/var/log/security.log or adding that file to /etc/newsyslog.conf, because
periodic(8) would create it with default permissions, usually 644, and
that's probably a bad idea.

Reviewed by:	brd
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D6477
2016-05-21 02:14:11 +00:00
gnn
63c3e2f6af Remove DTrace tooklkit from the mtree and add the files to remove
to the ObsoleteFiles list.

Sponsored by:	DARPA, AFRL
2016-05-20 01:38:31 +00:00
cy
b856ea078e Update leap-seconds to leap-seconds.3661459200.
NO leap second will be introduced at the end of June 2016.

This commit reapplies the r298887 minor spelling fix.

Obtained from:	ftp://tycho.usno.navy.mil/pub/ntp/.
See also:	http://www.iers.org/SharedDocs/News/EN/BulletinC.html
MFC after:	2 weeks
2016-05-19 03:56:07 +00:00
ngie
063f41234a Make hostid_save depend on hostid
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-05-15 06:00:13 +00:00
ngie
98b1f51e3c Fix broken dependency with routed when MK_ROUTED != no
Remove routed as a requirement in NETWORKING, and put it in routed as a BEFORE
requirement instead

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-05-15 05:45:54 +00:00