it at boot time closer to the way we want it to be in the final version.
* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
and files before the disks are mounted. This gives /dev/random
a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
possibility of accidentally overwriting something other
than a regular file.
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.
For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.
Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
as the previous line already tells us we are in rc.${MACHINE_ARCH}. This
also allows more syscons configuration messages during startup to fit on
one line.
Reviewed by: dougb
one-way hash functions for authentication purposes. There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before. If this is
not called, it tries to heuristically figure out the hash format, and
if all else fails, it uses the optional auth.conf entry to chose the
overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
having the source it in some countries, so preserve the "secure/*"
division. You can still build a des-free libcrypt library if you want
to badly enough. This should not be a problem in the US or exporting
from the US as freebsd.org had notified BXA some time ago. That makes
this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5. This
is to try and minimize POLA across buildworld where folk may suddenly
be activating des-crypt()-hash support. Since the des hash may not
always be present, it seemed sensible to make the stronger md5 algorithm
the default.
All things being equal, no functionality is lost.
Reviewed-by: jkh
(flame-proof suit on)
o Add the removable_interfaces variable for list of removable network
interfaces (PC-card ethernet, wireless network and USB ethernet etc).
o ifconfig_<ifn>_alias0, static_routes_<ifn>, removable_route_flush,
/etc/start_if.<ifn> and /etc/stop_if.<ifn> are support.
o removable_route_flush variable is set to "NO" if you want to use the
machine as gateway using two or more removable network cards. If
static routing is needed use static_routes_<ifn> instead of
static_routes or defaultrouter.
o The optional static_routes_<ifn> variable is likely static_routes.
o /etc/start_if.<ifn> and /etc/stop_if.<ifn> are shell script to be
specified that are called when a card is inserted or removed.
multifunction cards and I recieved reports that the card does not
workd by `config auto'. (MFPAO)
o Remove static assign of the IRQ number.
o Remove two duplicated entries.
o Join some entries using regex and fixed matching order problem.
These changes for boot.flp.
Suggested by: sanpei
distinction between the OS copyright message and the message displayed
gratuitously to each user at login. Because, well, they may be
different, among other things, and boy can a copyright message each
login consume some screen space. If people really want to do this,
they can copy /COPYRIGHT to /etc/COPYRIGHT.
Submitted by: Anders Andersson <anders@codefactory.se>
require the addition of flag 0x80000 to their config line in
pccard.conf(5). This flag is not optional. These Linksys cards will
not be recognized without it.
Reviewed by: imp, iwasaki
Apply a more consistent style to the echo statements in /etc/ scripts.
* Put quotes around each line
* Single quotes for lines with no variable interpolation
* Double quotes if there is
* Capitalize each word that begins a line
* Make echo -n 'Doing foo:' ... echo '.' more of a standard
Also:
* Use rm -f on /var/run/dev.db so if it's not there (devfs) it doesn't error
* Shorten the ldconfig messages so that the default fits on one line
* Test whether /var/msgs/bounds is a link before overwriting it
* Generally futz around with whitespace
* Put quotes around each line
* Single quotes for lines with no variable interpolation
* Double quotes if there is
* Capitalize each word that begins a line
* Make echo -n 'Doing foo:' ... echo '.' more of a standard
No functionality changes