tape_umask=017 for all tapes. This has a significant effect only
for ft and st (they were created with the wrong umask 002 and then
chmod'ed to mode 640; now they are created with mode 660).
Chmod the st control devices (mode 3) to 600. These need to be
more secure than the st i/o devices, but were less secure.
Use the default umask of 077 for joy0. 002 gave mode 664, which
is insecure.
Use umask 037 for ch*. Cosmetic.
Removed redundant chmod's.
Sorted case lists for disks.
"hand", changed /etc/crontab to call /usr/sbin/newsyslog every hour
(the entry was there before - but we haven't had any newsyslog until
today :-) and changed /etc/inetd.conf to also contain (commentet out)
entries for rpc.rquotad and rpc.sprayd (taken from NetBSD)
directories to check in looking for port startup scripts. The specific gunge
for apache httpd, gated and pcnfsd in /etc/sysconfig and /etc/netstart is
gone now. Note that pcnfsd's troubles aren't necessarily over (and probably
why NetBSD brought it into their sources) - anyone adding pcnfsd will STILL
have to tweak /etc/sysconfig in order to set the new variable
`weak_mountd_authentication' to YES. The flags to mountd are directly affected
by pcnfsd's requirements for non-root mounts, unfortunately! :-(
Submitted by: paul & jkh
Sigh, I really hate this "feature". I'm tempted to comment the test out
(like in sendmail 8.6.xx), especially since we log the info in the
Received: header line anyway.. Doing it like this only makes it painful
for things like uucp..
rest of the memory group - std. Also correct the permissions so as not
to force a security hole. If /dev/*random have the permission 640 and
ownership bin.kmem, it forces applications that need random numbers
to be at least SGID. Picture the scene of a SGID PGP being able to
read /dev/kmem!
"make distrib-dirs" target.
Neither of Andrey's two attempts have worked for me with the [ -h ..]
test both with && and ||.
I've changed it to a full
if [ -h ...]; then \
rm ... ; \
fi ; \
construct. It's much clearer what's meant to happen, and it works! :-)
patches to merge the two IPX packages to work with each other and to
not break make-world :)
IPXrouted should be working now, (or at least compiling) :)
example without optios would create floppies that waste half of their
space in i-node areas. :) (Comment only)
Add a sample entry for a Sony 650 MB MOD.
in FreeBSD and should never have got in here.
Removed hard-coded /etc/rc.local.d hacks and implemented a more flexible
solution.
Added a local configuration area to sysconfig.
don't like it, they don't have to use it. The check makes sure that
/etc/rc.local.d exists before attempting to do anything with it. Now
packages will be able to add their startups as /etc/rc.local.d/<pkgname>.sh
in order to get local startup behavior. Maybe we can stop adding
knobs to /etc/sysconfig for ports/packages now?
Submitted by: wollman & jkh
The named.root file is out of date.. (well it was.. this fixes it..)
15,16c15,16
< ; last update: Aug 25, 1995
< ; related version of root zone: 1995082500
---
> ; last update: Sep 1, 1995
> ; related version of root zone: 1995090100
18,19c18,22
< . 3600000 IN NS NS.INTERNIC.NET.
< NS.INTERNIC.NET. 3600000 A 198.41.0.4
---
> ;
> ; formerly NS.INTERNIC.NET
> ;
> . 3600000 IN NS A.ROOT-SERVERS.NET.
> A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
>
specified in the top level Makefiles.
Previously I missed dozens of Makefiles that skip the install after
using `cmp -s' to decide that the install isn't necessary.
Move `Individual slices' case earlier so that it can be used to handle
sliced floppies.
Remove superfluous `chmod 600's.
Fix formatting of device list.
Don't group setting of umasks with setting of units.
Remove superfluous trailing semicolons.
Add nis_ypsetflags sysconfig entry and appropriate code in rc to call
ypset if needed. Should probably automatically add `-ypsetme' to ypbind
flags if this is set.
the wrong branch :-(]
Eliminate incorrect double negative logic Bruce has been gripping
about for a year now. Change = no_way to = true.
Submitted by: bde (sort of, patch by me :-))
Finally transform the "Don't login as root..." message to make it
clear that `su' is meant to be a command. Will save us a lot of
questions about the user named `su'. Make the message magically
disappear if the user did an ``su - root'', since it might be a bit
silly to ask him to perform an `su'...
dot.cshrc:
Remove the no-op `-g' options from the ls aliases, and replace them by
`-o'. This way, if root does an `ls -l', he will see the immutable
flag and (hopefully) not be too surprised about the "Permission
denied".
Submitted by: bde
rc.i386 failed messily when I used a serial console.
Editors note:
Use file redirection so that all the kbdcontrol and vidcontrol
commands act upon /dev/ttyv0 instead of stdin. Though this feature
is not documented it is the intended behavior of {vid,kbd}control
and shall be documented in the future as such.
built release after fixing all the wrong directory permissions in that release.
Then use diff -c -b to verify them against the old versions, nothing but
new directories added :-). And a lot of alphabetizing done!
Add comment that you should not have to edit netstart, and if you
do we would like to know about it.
The lo0 interface is now handled just like any other interface,
This makes it possible to do things to it from sysconfig.
Redo the comments in sysconfig about network_interfaces and ifconfig_${X}
to reflect the moving of lo0 to this scheme. We now have an uncommented
variable for sysintall to find and play with. (Your welcome Jordan)
Redo the way static routes are handled. Basically use the same
scheme for routes that I did for network interfaces. This allows
any number of static routes to be added from sysconfig.
Make sure we do the default route first so we stand a chance of
getting to our DNS server (if we have one) to resolve our own
IP address from $hostname.
have non-critical nfs volumes in /etc/fstab they should have option bg
on them. The behavior of the system is more tuneable this way, and
allows a slow mounting /usr over nfs to work.
Submitted by: bde
when the single user shell was terminated. These changes disallow mounting
or R/W upgrading filesystems that are dirty unless "-f" (force) option
is used with mount. /etc/rc has been modified to abort the startup if
one or more non-nfs partitions fail to mount.
Reviewed by: Poul-Henning Kamp, Rod Grimes
FreeBSD), add mach-4 target to MAKEDEV; it creates various compatability
devices for Mach4.
Submitted by: (Submitter name unknown) <root@ns2.redline.ru>
Have netstart directly source sysconfig so that it stands on its own.
Do not source netstart in rc, run it with sh.
Rework the dangerous /etc/hostname.* so that it uses a variable with
a list of interfaces and a variable for each interface in that list.
The files /etc/hostname.* become obsolete with this change, the
information is now stored in /etc/sysconfig.
Source any /etc/start_if.${ifn} files so they can export things to
netstart (plans for future enhancements in this area.)
Obsolete /etc/defaultrouter, this is now down with $defaultrouter from
sysconfig.
restore but really didn't do it.
Restore message from old rc about configuring syscons whith
echo added before it to go to new line after "echo -n xtend" f.e.
and similar stuff.
changes to it based upon other outstanding bug reports and commits made
after his work.
Comments:
(a) sysconfig is still used to do all configuration. I was not going to
change that out from under you.... a user never need edit netstart
or rc* unless they're being very weird.
(b) rc.maint has been folded back into rc. It is just unworkable as
a separate chunk because of ordering bogosities
(c) netstart does what it says... it starts up enough of the network to
get up, it doesn't start every bloody daemon that might talk to a
socket... netstart ifconfig's the devices and sets up routing if
configured to do so.
(d) nfs disks are mounted immediately after netstart completes
(e) syslog is started as early as possible (right after nfs) so that error
messages can get logged to remote syslog servers properly
(f) named is started (there is an argument that says that named should be
started before syslogd because if you are the dns server for your domain,
you'd like named to resolve remote hosts in syslog.conf, but this is
a minority case and the trivial workarround is to put the syslog host
in /etc/hosts or use an /etc/resolv.conf -- why? because you want syslog
to catch named errors, which is a MUCH more important and likely occurance)
(g) NOW all of the rest of the network daemons such as the time stuff, RPC,
NIS, NFS, Kerberos and inetd are started
(h) the rest of the generic stuff is done (cron/printer/sendmail)
(i) shared libraries are set
(j) /etc/rc.i386 is run (this does FreeBSD/386 specific stuff like ibcs2,
xtend, and all of the syscons stuff
(this is actually started as /etc/rc.`uname -m`
(k) the syscons stuff has gotten a serious cleaning to make it consistent
with rc conventions
(l) rc.local has had the comments about syscons removed (they are not relevant
to this file now) and the full name of the kernel has been restored to
/etc/motd
Submitted by: pts
date: 1995/03/26 18:18:59; author: wpaul; state: Exp; lines: +23 -17
Make syslogd work again: in needs to be started in netstart right
before the rest of the system daemons are brought up and *after* the
network interfaces have been configured.
Also fix one other potential problem: the NIS services need to be started
relavively early since some of the other daemons might need them. The
automounter is a good example: if you use amd with NIS-based maps, you'd
better have NIS running before you start it. :) I think mountd might
need it too, now that netgroups can be read via NIS as well.
date: 1995/03/23 01:25:18; author: jkh; state: Exp;
Another pass through our rc files in an attempt to eliminate historical
crufy and generally make all of this easier to understand and modify.
before the rest of the system daemons are brought up and *after* the
network interfaces have been configured.
Also fix one other potential problem: the NIS services need to be started
relavively early since some of the other daemons might need them. The
automounter is a good example: if you use amd with NIS-based maps, you'd
better have NIS running before you start it. :) I think mountd might
need it too, now that netgroups can be read via NIS as well.
Delete bogus localhost.rev.
Add prototype localhost.rev and a script to create it automatically.
(NB to installl people: you should ask ``do you have a full-time connection
o the Internet?'', run this script, and enable named if the answer is
yes.)
1. Move all system configuration variables into /etc/sysconfig
2. Adapt other files to use it.
3. Add a host of new variables for micro-managing your system in various
ways. For 2.1, /etc/sysconfig will be machine-edited so that the user
doesn't even have to care at all about the various funny names we picked.
4. Enable dset. We won't get it debugged if we never use it, and no one
has said anything negative about it yet, so here goes!
5. Try to use one consistent style throughout.
- Do ntp right
- Move recenrly-added and long-standing junk from rc.local into rc, so
. that rc.local truly is LOCAL.
- Fix named invocation to use the correct boot file location.
Fixed the MAKEDEV pattern for SCSI processor type driver so it doesn't
screw up ptys. Does anyone want to suggest a better name than "pt0" for
SCSI processor devices before 2.1?
Support sliced devices better. E.g.:
`sh MAKEDEV sd0' creates [r]sd0 and [r]sd0s[1-4] as well as [r]sd0[a-h]
(the extra devices created by default won't hurt apart from wasting inodes).
`sh MAKEDEV sd0s1[a-h]' creates [r]sd0s1[a-h] (any partition creates all).
`sh MAKEDEV sd0s5' creates [r]sd0s5.
Support unit numbers 0-31 (was 0-6).
For wd:
Remove support for creating DOSpartitions wd*[i-m]. These will get removed
if you run MAKEDEV on `all' or on wd*.
o Supporting SYNC SIO device (But need a device driver)
- add "set speed sync"
o Fixing bug for Predictor-1 function.
o Add new parameter that re-sent interval for set timeout commands.
o Improving RTT (Round Trip Time) and reducing processor time.
- Previous Timer service was using polling, and now using
SIGALRM ;-)
- A 0.94beta2 will not work correctly....
-- Follows are additinal feature not including 0.94beta2
o Support Proxy ARP
- add "enable/disable proxy" commands
o Marging common routine in CHAP/PAP.
o Enhancing LCP/IPCP log information.
o Support local Authfication connection on port 300x and tty.
- You can set up pair of your "hostname -s" and
password in ppp.secret. if either ppp.secret file nor
your hostname line don't exist, It will notify a message
and working as same as previous version.(Backword compatibility)
- If you did set up them, It's allow connection but nothing to do
except help and passwd command.
- add "passwd yourpasswd" commands
o Support afilter - keep Alive filter that a packet can send/receiving
according to ifilter/ofilter but doesn't count it as preventing idle
timer expires.
- Same syntax of other filters.
o Fixing bugs reported by current user for previous one. Thanks !!
Reviewed by: Atsushi Murai (amurai@spec.co.jp)
444 -> root.wheel
root -> root.wheel
uucp -> uucp.wheel (perhaps this should be .dialer, but .wheel is safer)
missing -> root.wheel
chown to root is usually bogus because mknod had to be run by root to
create the inode. Setting the group explictly is currently necessary
because MAKEDEV does nothing to ensure that its working directory has
a suitable group.
Driver authors! Please fix any bogons in MAKEDEV that involve your
drivers. The sound devices are still world writable...
for now (there are too many minors to create by default). The special
sliced disk case ssd*|svn*|swd*) can almost replace the standard disk
case sd*|vn*|wd*) now (it just creates a few more devices), but there
will have to be special cases to allow creating slices 6-31 and partitions
on slices 2-31.
Fix bogus default cases.
Add the `lc' option to default. Having getty understand the issues of
CAPS-only terminals is a nop these days, but `lc' avoids hassles for
people with CAPS-only user names.
Suggested by: Don Yuniskis
weekly:
Modify the call to makewhatis, now that our makewhatis can take the
entire ${MANPATH} as a single argument.
The group was wrong if MAKEDEV was run in a directory with group other
than wheel. This may have messed up the group in recent SNAPs
(sysinstall/obj should have group bin).
Reset the umask to 77 after running MAKEDEV.local. Some cases depend on
the 77 default. MAKEDEV.local and all cases should probably set the
umask explictly and not depend on a default. Most cases already set it.
1) ypserv is started with nis_serverflags, not yppasswddflags (that's what
I get for cutting & pasting without paying attention).
2) ypbind can also be started with arguments, so turn nis_client to
nis_clientflags.
safe way to do this, and envites very unpleasant results. Removed fsck'ing
of all the disks on the system as it provides output that is almost always
meaningless and only envites bug reports.
Reviewed by: Jordan Hubbard