the user selected and then recursively installing their dependencies, finally
installing the ones the user selected after the recursion unwinds. Since
users often select "high-level" packages that are on a higher numbered
disc for the multi-volume release CDROMS this resulted in excessive disc
swapping while installing things like kde, gnome, etc.
Cut down on disc swapping by iterating through the disc volumes one at a
time if we notice the package set is on multiple volumes. If a package
is on a higher volume don't install it yet, but still "process it" so we
get its dependencies installed. Because of the way the package sets for
releases get assembled we're guaranteed dependencies will be on the same
volume or lower.
Reviewed by: jhb
MFC after: 1 week
caused a segfault. It turns out that in pre-7.0 systems if you do
getenv("amd_enable=YES") it will return the setting of the environment
variable "amd_enable" but now it returns NULL. I think I found the
places where sysinstall was potentially relying on that old behavior.
Fix is to make a copy of the string to be used for the getenv(3) call,
look for a '=' character in it, and replace it with '\0' if one is
found. Stuck to sysinstall's typical coding standards despite urges
to do otherwise.
PR: 117642
MFC after: 2 days
localhost.domain so that naive users of gethost* think 1:: and 127.0.0.1
are "localhost" which is what the user expects. This also matches the
sample hosts file in src/etc/hosts.
this now compiles on i386 with WARNS?= 3. Most of the fixes included
adding missing 'static' keywords to internal functions, using fully-defined
terminators in statically defined arrays of structs, and various
signed vs unsigned mismatches. Also G/C'd unused configSecurity()
function.
by syscons.
- If we are running as init, popup the country menu before the main menu.
If a non-default country is chosen, then a second menu is brought up
to let the user choose a keymap. By default the default keymap for
the country that was selected is highlighted. If the user chooses the
default country, then the default keymap is just assumed and the user
is not presented with the keymap menu. Currently the default country
is set to "United States" except for PC98 which assumes "Japan".
PR: bin/93853
Submitted by: Seth Kingsley sethk at magnesium dot net
MFC after: 3 days
concensus seems to be that is best left for doing post-install.
Discussed on: freebsd-current@
Tested with: make release
Approved by: re@
MFC after: 3 days
install of Postfix fails since Postfix 1 is picked from INDEX instead
of Postfix 2.
The problem is that the package_add function matches multiple Postfix
packages and then installs a "random" version (the last one found in
INDEX). This does not occur with a CD-ROM install since there is only
one Postfix package on the CD-ROM.
The correct solution to this would be to check the origin field from
INDEX instead of the package name, but due to the way sysinstall is
made that is not trivial, so instead work around the problem by
hard-coding the Postfix major and minor revision (for the current
stable version) to install directly into the package_add call.
PR: misc/65426
Reported by: Harold Kachelmyer <bugs@princessharold.net>
Approved by: trhodes
that actually need it. This makes it easier for a platform porter to
find the files that may need tweaking to support whatever MD specific
partitioning is needed. It also helps to prevent that the libdisk API
gets exposed and/or used where it's not needed.
- Don't look for partitions inside a FreeBSD chunk on ia64 when mounting
the filesystems just before the chroot and install.
- Write entries out to /etc/fstab for filesystems that aren't inside a
FreeBSD chunk, but are a top-level chunk under the disk.
(Lite Edition) respectively. These "lite" packages are streamlined to
provide users with the core essentials for each desktop and to fit on the
release disc 1.
Approved by: re (scottl)
permitting the administrator to select a securelevel top operate
at. Include a helpfile summarizing some of the information from
init(8). This allows for explicit configuration of securelevels,
which was previously implicit in Security Profile selection.
Currently, there are no checkboxes for the active securelevel,
because sysinstall's facilities for deriving "current settings"
from rc.conf may use only one variable, not two, and I opted for
the simplest approach at this point.
Approved by: re (scottl)
selection is used to drive two configuration parameters:
(1) Default enable/disable for sshd
(2) Default enable/disable for securelevels
Replace this with an explicit choice to enable/disable sshd. A
follow-up commit will add a configuration option to the Security
post-install configuration menu to set the securelevel in rc.conf
explicitly. This should reduce the level of foot-shooting associated
with accidental enabling of securelevels, make the nature and
implications of the securelevel configuration options more explicit,
as well as make the choice to enable/disable sshd more explicit.
Approved by: re (scottl)
(1) Don't modify the configuration of the NFS server as a result of
selecting a profile. We already explicitly prompt for the NFS
server configuration during install, and the user may not get
much advance notice that we're turning it off again. Instead,
use profiles (for better or for worse) only for security tuning.
(2) Don't modify the sendmail setting as part of the security profile:
use the default from /etc/defaults/rc.conf rather than explicitly
specifying. Note that the default in /etc/defaults/rc.conf is
more conservative than the explicit rc.conf entry added by
sysinstall during install, as it does not permit SMTP delivery.
(3) Update "congratulations on your profile" text to reflect these
changes.
Note that security profiles now affect only the securelevel and sshd
settings. My leaning would be to make sshd an explicit configuration
option, move securelevels to the security menu, and drop security
profiles entirely. However, that requires more plumbing of sendmail
than I'm currently willing to invest.
We may want to add a "permit SMTP delivery" question to the install
process.
- Add 'enable_exim="YES"' to rc.conf(5)
- Use the default exim configuration file from the port
- When using sendmail, disable some more scripts that use sendmail specific
parameters
- Have sysinstall tweak mailer.conf(5) substitution
- Use 'N' flag for newsyslog(8)
Submitted by: Oliver Eikemeier <eikemeier@fillmore-labs.com>
Reviewed by: sheldonh, simon
Tested by: myself (trhodes) and submitter
This option adds Postfix and Exim to the list, however, qmail is not added
due to license restrictions.
Collaborated with: Simon L. Nielsen <simon@nitro.dk>
Reviewed by: jhb, re@, -audit.
the two GNOME 1-based alternatives.
While here, note that a majority of the items in this menu are not
sentences, and remove trailing dots to make the remainder consistent.
Reviewed by: marcus
Approved by: re (bmah)
With this change there's no a priori difference between EFI and
FAT partitions. With this change and the corresponding change to
libdisk, we can create EFI partitions, just like regular FAT
partitions.
all facilities that previously relied on /proc have been rewritten
to use ptrace(). procfs has presented a substantial security
hazard for years, with several user->root compromises in the last
few years. Procfs will continue to be available but will require
administrator intervention to use.
Reviewed by: scottl, jedgar, mike, tmm