d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
41,840 Commits 4 Branches 49 Tags 2 GiB
61c0c72ac5
Commit Graph

59 Commits

Author SHA1 Message Date
kato
6ed01edd23 FreeBSD kernel doesn't allow any process to decrease securelevel. So, 
init(8) cannot decrease securelevel.  The manual page explains this
and single_user() doesn't try to downgrade kernel to insecure mode.

Reviewed by:	bde (manual page)
 1999-09-06 08:41:32 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
ru
14b85267a6 Backup existing init(8) as /sbin/init.bak. 
PR:		12976
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
 1999-08-05 09:13:57 +00:00
ru
78cfb5805b Fix a non-critical memory leak. 
PR:		12769
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
 1999-07-23 08:28:46 +00:00
mph
8a83bdfe59 "Cannot" is one word. "Can not" has a different meaning if taken 
literally.
 1999-07-05 18:12:13 +00:00
ru
5824f4faaa Turn System V command line syntax ``on'' by default. 
Requested by:		peter
Reviewed by:		des, billf
 1999-07-01 13:33:56 +00:00
ru
412b642b28 Bring in System V run-level patches (turned off by default). 
While I'm here, fix some typos in the manpage.

Requested by:	des
 1999-06-18 09:08:09 +00:00
ru
f97d9ce3bb Init(8) will halt the system if sent USR1 signal, 
or halt and turn the power off if sent SIGUSR2.

PR:		5451
Submitted by:	Leif Neland <leifn@image.dk>
Reworked by:	ru
Reviewed by:	-hackers
 1999-06-16 20:01:19 +00:00
ghelmer
fe04bf9dba Mention securelevel 3 as affecting ipfw and dummynet. Generalize comment 
about fdisk and securelevel 2.
PR:		docs/7785
 1998-12-16 16:50:12 +00:00
phk
7ebd4f74fb Memory management error in init. 
PR:		7320
Reviewed by:	phk
Submitted by:	Anders Thulin <Anders.X.Thulin@telia.se>
 1998-07-22 05:45:11 +00:00
charnier
fff847fc47 Correct .Nm use. Add rcsid. Use min for minutes instead of mn. 1998-07-06 06:56:08 +00:00
jkoshy
20df804cb4 Fixes per PR 2850: 
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.

and one spelling fix.

PR: 2850
 1998-06-19 08:34:52 +00:00
jraynard
149cf90af1 Don't assume sigset_t and int are equivalent. 1998-03-02 23:19:29 +00:00
bde
d53ef8ee6e Removed definition of _NEW_VFSCONF. The new vfsconf interface is now 
the default.
 1998-01-20 10:40:18 +00:00
peter
0e8d0ba0f2 This has always bugged me. At single user, the implied example it gives 
is not valid - it says that "sh" is the default, but you can't
actually type "sh" at this prompt - it has to be /bin/sh or some other
full pathname.
 1997-10-10 12:14:48 +00:00
davidn
faf85e7cf0 ".if exists(${CURDIR}/../../secure)" rather than testing relative to the 
object directory.
 1997-08-18 03:32:09 +00:00
davidn
228bbc181c Test that rc.shutdown exists before attempting to run it - silently 
return success if it doesn't to prevent any unwanted error msgs.
 1997-08-18 01:40:12 +00:00
ache
9f4c4482b5 runshutdown(): get rid of getdtablesize loop, it gains nothing now 
but can waste time if many descriptors are available
 1997-08-06 16:34:51 +00:00
ache
a867dc6278 rc.shutdown fixes: 
1) revoke -> HUP
2) controlling terminal already present
3) add missing setprocresources call
 1997-08-06 16:07:52 +00:00
davidn
c0b9ea4c76 Add /etc/rc.shutdown capability to init. 
Add sample /etc/rc.shutdown (which is just a shell for now).
Submitted by:	Ollivier Robert <roberto@keltia.freenix.fr>
 1997-08-02 00:22:52 +00:00
ache
043d604a07 Move logwtmp(shutdown) call before any real action in death(). 1997-07-08 11:51:11 +00:00
ache
baa3a4dbcc 1. Replace malloc+bzero by calloc 
2. Revoke internal active session list only now, not whole /etc/ttys
 1997-07-05 19:36:55 +00:00
ache
0165b2e9da Add -D_NEW_VFSCONF to eliminate compilation warning 1997-07-05 19:34:51 +00:00
ache
d4280e0ef8 death: revoke all lines listed in /etc/ttys instead of sending HUP 
to all processes
 1997-07-04 22:09:07 +00:00
ache
b44556e359 Include <libutil.h> instead of private declarations 1997-07-03 11:37:43 +00:00
ache
49221f7583 Remove unneded cast in login_getclassbyname which cause warning 1997-07-02 13:53:31 +00:00
pst
489b7a4fe8 Attempt to open the device for reading before actually adding the device 
to the session list.  If the device comes back as unconfigured, just
ignore that line in /etc/ttys.  If someone HUP's init, we'll try again.

This change stops getty's from hanging on vty and sio ports that don't
exist, either due to LKM drivers not being loaded, or probes failing.
Reviewed by:	bde
 1997-06-28 08:18:29 +00:00
charnier
98daca0d1c Use err(3). 1997-06-13 06:24:42 +00:00
mpp
4b08ee0ed3 Be more specific as to which flags may not be turned off when the 
system is running in secure mode.

Obtained from: NetBSD PR# 3299
 1997-04-01 20:41:04 +00:00
phk
85568f7654 Fix mount call for devfs. 
Submitted by:	bde
 1997-03-30 09:22:41 +00:00
peter
4968036f61 Revert $FreeBSD$ to $Id$ 1997-02-22 14:40:44 +00:00
dg
d71873490f Protect from stack overrun via /etc/ttys, which could possibly allow a 
root user to change the securelevel. Pointed out by Thomas H. Ptacek
<tqbf@enteract.com>.
 1997-02-19 08:04:58 +00:00
markm
7c4a46a3a0 Part two of a "fix-and-move". There were some macros declared in ../sbin's 
Makefile that were a) broken and b) bogusly placed. This brings the
repeared macros in.

Pointed-out-by:	BDE
 1997-02-10 17:44:34 +00:00
adam
2ee6680619 typo 1997-01-22 12:38:40 +00:00
davidn
71e4601fc6 Style police. 1997-01-22 02:07:55 +00:00
davidn
557de278bc Impose login_cap resource limits on processes started by init. 
/etc/rc started with "daemon" settings.
	"window=" started with "default" settings
	gettys started with "default" settings.
This should open the way to junk kernel options MAX_{OPEN,CHILD}
and the corresponding sysctl vars.
 1997-01-19 16:49:13 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$ 
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
 1997-01-14 07:20:47 +00:00
wosch
71f5160702 Sort cross references. 1997-01-13 00:25:51 +00:00
phk
91bd35f309 If passed the -d flag, mount devfs on /dev 1996-10-28 11:03:19 +00:00
bde
b24c97a50f Rewrote the section about the "normal" setting of the security level to 
match reality.

Say that secured devices `may not be opened for writing' instead of
`are read-only'.
 1996-10-12 15:37:23 +00:00
bde
11546f4616 Fixed DPADD. 1996-09-05 17:16:10 +00:00
markm
8c96258663 Better method of choosing libdescrypt/libscrypt. 1996-05-04 08:16:20 +00:00
mpp
3c57dc7753 Correct some man page xrefs, and some other minor changes to bring some 
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
 1996-04-08 04:18:31 +00:00
joerg
3c466005c3 The DES-based init(8) belongs to the "des" distribution. 1996-02-13 09:12:10 +00:00
dima
b6116933b0 If root does not have a password, `init' should not ask to enter it. 
otherwise it's not possible to get into single-user mode, if root
does not have password and console insecure.
 1995-11-10 07:06:59 +00:00
phk
f161a927d6 Define TRUE & FALSE rather than depending on bogus #includes. 1995-10-29 09:44:09 +00:00
bde
86a1f0bb7e Fix $Id$. 1995-10-03 15:11:11 +00:00
markm
213dd85117 Make this make work the same way as passwd and xntpd. Here it will allow 
secure/sbin/init to be cleaned out, and sbin/Makefile to be tidied up.
 1995-10-01 15:12:47 +00:00
mpp
803ee03130 Fix init to correctly detect processes that are exiting multiple 
times per second.
 1995-08-08 06:49:59 +00:00
ache
224e922aeb nspace count was incremented only in child, so warning never displayed 
Pointed by: Mike Pritchard <mpp@mpp.minn.net>
 1995-08-08 02:29:12 +00:00