* All variables are now embraced: ${foo}
* All comparisons against some value now take the form:
[ "${foo}" ? "value" ]
where ? is a comparison operator
* All empty string tests now take the form:
[ -z "${foo}" ]
* All non-empty string tests now take the form:
[ -n "${foo}" ]
Submitted by: jkh
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
respectively logging and dropping ICMP REDIRECT packets.
Note that there is no rate limiting on the log messages, so log_redirect
should be used with caution (preferrably only for debugging purposes).
Prompted by docs/12343, in which people seemed to get a little confused.
The original text in the file said:
[...]
# By default we use COM1 as our serial console port *if* we're going to use
# a serial port as our console at all. (0x3E8 = COM2)
#
#BOOT_COMCONSOLE_PORT= 0x3F8
[...]
From what I can make out, some people have assumed that means that if
they just uncomment the BOOT_COMCONSOLE_PORT then it will use COM2:
These same people then assume that "0x3F8" on that line is a typo for
"0x3E8".
What it actually means is that if you uncomment the line then the default
stays as "Ox3F8" (COM1:), and that you have to uncomment the line, *and*
change the value of the variable in order to use COM2:.
So I've made that a little bit clearer. I've also listed the hex values
for COM1: thru COM4:, snarfed from sys/isa/isareg.h.
PR: docs/12343
Submitted by: Bill Grunfelder <wjgrun@dippy.cyberwar.com>
Originally submitted by: Wayne Self <wself@cdrom.com>
Allow a ppp startup option in rc.conf.
Adjust sysinstall so that it appends to the end of ppp.conf
and uses the generated profile to start ppp in auto mode on
boot.
Submitted by: Josef L. Karthauser <joe@uk.FreeBSD.org>
example of their usage in the sample config. Merge the two examples
for the green internal auth service.
This commit failed the first time around because Brian beat me to the
punch on inetd.8 . I like my descriptions better and I'm pretty sure
Brian won't mind.
at least for now. I relegated the getcred sysctls to only root, but if
they're deemed to be "allowable" to export to users, I'll do so and
revert this change.
