Commit Graph

4145 Commits

Author SHA1 Message Date
peadar
4852d38188 When stopping a chrooted named, unmount the devfs filesystem from
the chroot area. This stops "umount -a" failing when dropping to
single user.

Reviewed by:	dougb@
2004-12-20 10:48:48 +00:00
brueffer
909b888a12 In the ethernet-nic-regex:
- add udav(4)

In the scsi-controller-regex:

- correct an entry
- move another one to the right place
- add a bunch of missing drivers

Glanced at by:	trhodes (scsi-controller-regex part)
MFC after:	3 days
2004-12-19 00:50:07 +00:00
phk
15b61d2dfc If /etc/named is a symlink, try to make sure it points the right place. 2004-12-18 15:19:36 +00:00
pjd
00a4f5d350 Remove autofs entry from here. 2004-12-15 13:58:28 +00:00
brian
b90cfd5af4 Use rc.subr
PR:		72505
Submitted by:	Amir Shalem <amir@active.ath.cx>
2004-12-15 12:39:28 +00:00
rse
b4c7840f00 Improve the RC framework for the clean booting/shutdown of Jails:
1. Feature: for flexibility reasons and as a prerequisite to clean
   shutdowns, allow the configuration of a stop/shutdown command
   via rc.conf variable "jail_<name>_exec_stop" in addition to the
   start/boot command (rc.conf variable "jail_<name>_exec_start"). For
   backward compatibility reasons, rc.conf variable "jail_<name>_exec"
   is still supported, too.

2. Debug: Add the used boot/shutdown commands to the debug output of
   the /etc/rc.d/jail script, too.

3. Security: Run the Jail start/boot command in a cleaned environment
   to not leak information from the host to the Jail during startup.

4. Feature: Run the Jail stop/shutdown command "jail_<name>_exec_stop" on
   "/etc/rc.d/jail stop <name>" to allow a graceful shutdown of the Jail
   before its processes are just killed.

5. Bugfix: When killing the remaining Jail processes give the processes
   time to actually perform their termination sequence. Without this the
   subsequent umount(8) operations usually fail because the resources
   are still in use. Additionally, if after trying to TERM-inate the
   processes there are still processes hanging around, finally just KILL
   them.

6. Bugfix: In rc.shutdown, if running inside a Jail, skip the /etc/rc.d/*
   scripts which are flagged with the KEYWORD "nojail" to allow the
   correct operation of rc.shutdown under jail_<name>_exec_stop="/bin/sh
   /etc/rc.shutdown". This is analogous to what /etc/rc does inside a Jail.

Now the following typical host-configuration for two Jails works as
expected and correctly boots and shutdowns the Jails:

-----------------------------------------------------------
#  /etc/rc.conf:
jail_enable="YES"
jail_list="foo bar"
jail_foo_rootdir="/j/foo"
jail_foo_hostname="foo.example.com"
jail_foo_ip="192.168.0.1"
jail_foo_devfs_enable="YES"
jail_foo_mount_enable="YES"
jail_foo_exec_start="/bin/sh /etc/rc"
jail_foo_exec_stop="/bin/sh /etc/rc.shutdown"
jail_bar_rootdir="/j/bar"
jail_bar_hostname="bar.example.com"
jail_bar_ip="192.168.0.2"
jail_bar_devfs_enable="YES"
jail_bar_mount_enable="YES"
jail_bar_exec_start="/path/to/kjailer -v"
jail_bar_exec_stop="/bin/sh -c 'killall kjailer && sleep 60'"
-----------------------------------------------------------
#  /etc/fstab.foo
/v/foo /j/foo/v/foo nullfs rw 0 0
-----------------------------------------------------------
#  /etc/fstab.bar
/v/bar /j/bar/v/bar nullfs rw 0 0
-----------------------------------------------------------

Reviewed by:	freebsd-hackers
MFC after:	2 weeks
2004-12-14 14:36:35 +00:00
obrien
d6633b851a Use utils from /rescue vs. /stand. Also use pax rather than cpio & gzip. 2004-12-12 08:04:26 +00:00
rsm
493b79bbda Add Ethernet part of Intel EtherExpress PRO/100 LAN/Modem card. This is a
rebadged Xircom REM56 RealPort card.  Short MFC timeout to beat the 4.11
code freeze.

PR:		53027
Submitted by:	John Merryweather Cooper <coop9211 at uidaho dot edu>
Approved by:	imp (mentor)
MFC after:	2 days
2004-12-09 22:27:11 +00:00
pjd
cdb5b5cf1c 'all' argument for list_net_interfaces() is now unused, remove it. 2004-12-05 21:45:36 +00:00
rse
68bef2dca5 Use "ifconfig -l" instead of "list_network_interfaces all" in
ifnet_rename() to support situations where rc.conf's $network_interfaces
variable is set to an explicit list of network interfaces (instead of
the default "auto").

Using "list_network_interfaces all" resulted in using
$network_interfaces for both interface _renaming_ and interface
_configuration_ which obviously cannot work either before (if the
new name is in $network_interfaces) or after (if the old name is in
$network_interfaces) renaming the interface.
2004-12-05 09:51:48 +00:00
rse
638d03f597 fix typo: s/intefraces/interfaces/ 2004-12-05 09:01:20 +00:00
kris
cb6038510d Add more frequently-used locale directories. This is in preparation
for cleanup of pkg-plist files with respect to handling of the share/locale
subdirectories.

MFC after: 3 days
2004-12-04 23:30:36 +00:00
marius
0b4d466c6f Catch up with the new device name of sab(4). The entries for tty[a,b]
can't be removed as ofw_console(4) and zs(4) use them so one has to
live with some complaints about non-existent devices at boot time and
remove the respective entries locally for now.
2004-12-04 14:03:45 +00:00
rees
5ac4dbe564 Add nfs4 to list of net filesystems.
Approved by:	alfred
2004-12-01 22:05:50 +00:00
iedowse
ee64a49eff Move the purely device-name based entries for mice and ethernet
adapters from usbd.conf to devd.conf. USB ethernet devices were
already handled in devd.conf so this just removes their usbd.conf
entry.

PR:	conf/73799
2004-11-28 23:16:00 +00:00
iedowse
13275047a7 Add axe(4) devices to the USB ethernet regular expression.
MFC after:	1 week
PR:		conf/73239
Submitted by:	Daan Vreeken
2004-11-28 20:44:28 +00:00
mlaier
7e3eabcfe7 Teach periodic(8) security output to display information about blocked
packet counts by pf(4).

This adds a ``daily_status_security_pfdenied_enable'' variable to
periodic.conf, which defaults to ``YES'' as the matching IPF(W) versions.

The output will look like this (line wrapped):

  pf denied packets:
  > block drop log on rl0 proto tcp all [ Evaluations: 504986 Packets: 0
    Bytes: 0 States: 0 ]
  > block drop log on rl0 all [ Evaluations: 18559 Packets: 427 Bytes: 140578
    States: 0 ]

Submitted by:	clive (thanks a lot!)
MFC after:	2 weeks
2004-11-24 18:41:53 +00:00
mux
ba795b0226 Fix a typo in an error message.
Spotted by:	ceri
2004-11-24 10:44:39 +00:00
mux
c6e2c549c2 Implement per-jail fstab(5) files. Here's a rc.conf sample using
this feature for a jail named foo :

jail_foo_mount_enable="YES"
jail_foo_fstab="/etc/fstab.foo"

The second line is actually useless, since the code defaults to
using "/etc/fstab.$jailname" as the fstab file if none is specified.

MFC after:	3 days
Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
2004-11-23 20:09:58 +00:00
obrien
4eb13d1561 Catch up with PHK's sio(4) cuaa->cuad rework [sys/dev/sio/sio.c rev. 1.456]. 2004-11-19 17:12:56 +00:00
obrien
07115bc66a Catch up with PHK's sio(4) cuaa->cuad rework [sys/dev/sio/sio.c rev. 1.456]. 2004-11-19 03:51:12 +00:00
wes
be4c9c6401 Convince mergemaster to maintain/merge ramdisk scripts too.
Submitted by:	Ben Kelly <ben.kelly@ieee.org>
PR:		bin/64079
2004-11-16 04:20:09 +00:00
wes
9bfb681470 Shutup debugging output. 2004-11-16 04:14:28 +00:00
obrien
cdada79f39 Unify the ci/co variables now that the the tty drivers now use the same
character for both.
2004-11-14 19:51:34 +00:00
obrien
2a65a20ac7 Catch up with PHK's sio(4) rework [sys/dev/sio/sio.c rev. 1.456]. 2004-11-14 19:42:13 +00:00
keramida
c6f350df37 Revert the noexec,nosuid,nodev options for md /tmp file systems, since
the change in the default behavior may break existing, working setups.

Requested by:	brooks
2004-11-09 21:33:19 +00:00
keramida
a9be348266 Add two new rc.conf options: tmpmfs_flags and varmfs_flags.
These can be used to pass extra options to the mdmfs(8) utility,
to customize the finer details of the md file system creation
(i.e. to turn on/off softupdates, to specify a default owner for md
filesystem, etc).

Use these two new flags to mount tmpmfs and varmfs without
softupdates, since it doesn't make much sense to use SU on
malloc-backed file systems.

Reviewed by:	mtm
Inspired by:	J. D. Bronson, jbronson at wixb dot com
2004-11-09 10:03:17 +00:00
ru
f4dd946343 Removed the remnants of gx(4). 2004-11-08 20:24:52 +00:00
imp
0f5bd56a6f Someone (sanpei-san?) sent me this entry some time ago. Add COREGA
FEtherII PCC-TXD to the FEther PCC-TXD entry (since they appear to be
handled the same).
2004-11-08 16:59:01 +00:00
pjd
efbbe345c4 Stop method for swap1 script was introduced, because gmirror needed it.
Now gmirror use shutdown hooks to mark mirrors as clean on shutdown,
so this is not needed anymore.
2004-11-05 12:38:27 +00:00
mtm
1feafc679b - Make the header conform to standard rc.d style.
- The 'before ipfw' directive seems bogus, and should instead
  be 'before rcconf'.
2004-11-05 07:35:31 +00:00
ru
d9699a4522 Sync up with vinum(8) and rc.d/vinum removal.
OK'ed by:	phk
2004-11-04 13:33:29 +00:00
phk
85c3929d07 remove vinum startup script. 2004-11-04 12:59:16 +00:00
gshapiro
8ed6cabf10 Create a separate directory for dynamic zones which is owned by the bind
user (for creation of the zone journal file).  This is separate from the
master/ directory for security.  Give an example dynamic zone in the
sample named.conf.

Approved by:	dougb
Noticed by:	Eivind Olsen <eivind at aminor.no>
MFC after:	1 week
2004-11-04 05:24:29 +00:00
pjd
98473d74f1 Sort files properly. 2004-11-02 12:35:54 +00:00
mtm
94c6d19c80 Do a better job of supporting more than one mouse device
on the system.

To start/stop/check on a specific device give the device name as
the second argument to the script:
	# /etc/rc.d/moused start ums0

To use different rc.conf(5) knobs with different mice use the device
name as part of the knob. For example, if the mouse device is ums0, then:
	moused_ums0_enable=yes
	moused_ums0_flags="-z 4"
	moused_ums0_port="/dev/ums0"

Starting rc.d/moused without the device argument will use the standard
moused_* flags. So, this commit should not disrupt or change current usage.

To preserve current behaviour with respect to usb mice, which appear
automatically when inserted, there is a new knob, moused_nondefault_enable,
which will treat any devices without rc.conf knobs as enabled.

To minimize knobs in /etc/rc.conf, the device file and pid file are
auto-computed, so that in the typical case for a usb mouse you don't
need to add anything extra in /etc/rc.conf to get it working.

Additionally, this updates /etc/usbd.conf to use the rc.d/moused script so
people don't have to modify it to configure their usb mouse anymore.

MFC after: 1 month
2004-11-01 18:05:41 +00:00
pjd
9933431342 Allow to change interfaces name on boot time.
Now, one should be able to put something like this into /etc/rc.conf:

	ifconfig_fxp0_name="net0"
	ifconfig_net0="inet 10.0.0.1/16"

Reviewed by:	green
2004-10-30 13:44:06 +00:00
pjd
100e94e682 - Add 'check' command for checking rules syntax.
- Before flushing rules in 'reload' command, check first if rules are
  correct.
- Do not duplicate checking if $pf_rules file exists.
2004-10-25 08:12:28 +00:00
ru
5db2b9d5b3 For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
des
e84d8e229d - use realpath /dev/dumpdev instead of just /dev/dumpdev so messages
will show the real device name
- show different error messages for missing dump device and directory
2004-10-24 13:04:09 +00:00
mtm
46fb533e13 Move devfs earlier in the boot sequence. Some system daemons and other
programs may need to use the symlinks and permissions that it sets up.

Discussed on: -current
2004-10-23 06:50:50 +00:00
andre
de991565df Automatically load the ipdivert module if it was not compiled into the kernel
and natd_enable is true.
2004-10-22 19:36:03 +00:00
keramida
6efc621989 Introduce root_rw_mount as a new variable in defaults/rc.conf to
unbreak /etc/rc.d/root for diskless systems that get their root
filesystem from a read-only NFS mount.

PR:		conf/72927
Submitted by:	Ralf Wenk <RZ-FreeBSD1004@fh-karlsruhe.de>
Reviewed by:	brooks
2004-10-20 16:58:28 +00:00
ru
baf68d6ae6 Apply README guidelines (no tabs). 2004-10-19 17:32:56 +00:00
thomas
55c32119bf When dumpdev is set to 'auto', and a suitable swap device is found,
create a symbolic link /dev/dumpdev designating that device so
savecore can find and save a previous kernel dump.
2004-10-18 23:40:13 +00:00
wollman
2fd0ed6b52 New directory added for Argentinian timezones.
Submitted by:	ache
2004-10-18 17:03:53 +00:00
thomas
6d5f19c25b Remove unused computation of memory size.
Reviewed by:	des
2004-10-18 14:59:53 +00:00
marcel
34bc20db35 turn off getty(8) on ttyv[0-7]. We don't support syscons on ia64 and
do not have these device special files. Where this previously failed
quietly, it now emits annoying but complete messages at best and
incomprehensible prefixes on average. During all of October, this is
a string of 16 O's, as in:

	:
Starting inetd.

Sun Oct 17 15:09:09 PDT 2004
OOOOOOOOOOOOOOOO
FreeBSD/ia64 (itanium.pn.xcllnt.net) (ttyu2)

login:
2004-10-17 22:20:39 +00:00
schweikh
642fb16ac0 Fix a bogus variable assignment. You can't expect
_msg="a" \
        " b"
to concat the strings. Use
   _msg="a"
   _msg="$_msg b"
instead (intent is to not exceed 80 chars per line).

MFC after:	1 week
2004-10-17 13:39:42 +00:00
ru
776eafa230 Remove a redundant "uname=root".
Forgotten by:	dougb
2004-10-15 08:57:24 +00:00