Commit Graph

1178 Commits

Author SHA1 Message Date
rwatson
61d1eccf96 Tweak "system security profiles:
(1) Don't modify the configuration of the NFS server as a result of
    selecting a profile.  We already explicitly prompt for the NFS
    server configuration during install, and the user may not get
    much advance notice that we're turning it off again.  Instead,
    use profiles (for better or for worse) only for security tuning.

(2) Don't modify the sendmail setting as part of the security profile:
    use the default from /etc/defaults/rc.conf rather than explicitly
    specifying.  Note that the default in /etc/defaults/rc.conf is
    more conservative than the explicit rc.conf entry added by
    sysinstall during install, as it does not permit SMTP delivery.

(3) Update "congratulations on your profile" text to reflect these
    changes.

Note that security profiles now affect only the securelevel and sshd
settings.  My leaning would be to make sshd an explicit configuration
option, move securelevels to the security menu, and drop security
profiles entirely.  However, that requires more plumbing of sendmail
than I'm currently willing to invest.

We may want to add a "permit SMTP delivery" question to the install
process.
2003-09-28 05:21:23 +00:00
kensmith
299971c200 - Another update to list of FTP sites
Approved by:	murray
2003-09-28 03:34:49 +00:00
trhodes
70968fcedb Fix a cut n paste typo I introduced in rev 1.211.
PR:				57012
Submitted by:			Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp> (original version)
Friendly prod provided by:	murray
MFC:				after re approval
2003-09-27 13:58:16 +00:00
kensmith
b47200d05c Update list of FTP sites.
Approved by:	jhb
2003-09-24 18:29:11 +00:00
eivind
8fde9fc2de Name moderate security settings "Moderate", not "Medium" 2003-09-18 17:36:20 +00:00
phk
0a8e039c8c Referring to FreeBSD versions later than 2.0R as "fairly recent" is pretty
archaic at this point in time.  Pretend nobody runs FreeBSD 1.x anymore
in order to not confuse people needlessly.

Laplink support probably doesn't even work at this point in time anyway...
2003-09-18 15:13:57 +00:00
marcel
e702e4aa8e Fix 3 'cast to pointer from integer of different size' warnings.
While here, fix the long line bugs in the same statements.
2003-09-17 03:45:30 +00:00
trhodes
fb8d198dd3 Remove the unrequired -bi from the newaliases line. Note in the commit log
that the last change should have read: exim_enable="YES" in the changes listing.

Discussed with:	ceri
2003-09-11 16:27:16 +00:00
trhodes
166a76868a With the exim port upgrade, modify sysinstall(8):
- Add 'enable_exim="YES"' to rc.conf(5)
- Use the default exim configuration file from the port
- When using sendmail, disable some more scripts that use sendmail specific
  parameters
- Have sysinstall tweak mailer.conf(5) substitution
- Use 'N' flag for newsyslog(8)

Submitted by:	Oliver Eikemeier <eikemeier@fillmore-labs.com>
Reviewed by:	sheldonh, simon
Tested by:	myself (trhodes) and submitter
2003-09-10 20:55:09 +00:00
wpaul
fc3a8934ee Add a device driver for the Broadcom BCM4401 ethernet controller,
written by Stuart Walsh and Duncan Barclay (with some kibbitzing by
me). I'm checking it in on Stuart's behalf.

The BCM4401 is built into several x86 laptop and desktop systems. For the
moment, I have only enabled it in the x86 kernel config because although
it's a PCI device, I haven't heard of any standalone NICs that use it. If
somebody knows of one, we can easily add it to the other arches.

This driver uses register/structure data gleaned from the Linux
driver released by Broadcom, but does not contain any of the code
from the Linux driver itself. It uses busdma.
2003-09-09 18:17:23 +00:00
wpaul
ce0ede96f1 Take the support for the 8139C+/8169/8169S/8110S chips out of the
rl(4) driver and put it in a new re(4) driver. The re(4) driver shares
the if_rlreg.h file with rl(4) but is a separate module. (Ultimately
I may change this. For now, it's convenient.)

rl(4) has been modified so that it will never attach to an 8139C+
chip, leaving it to re(4) instead. Only re(4) has the PCI IDs to
match the 8169/8169S/8110S gigE chips. if_re.c contains the same
basic code that was originally bolted onto if_rl.c, with the
following updates:

- Added support for jumbo frames. Currently, there seems to be
  a limit of approximately 6200 bytes for jumbo frames on transmit.
  (This was determined via experimentation.) The 8169S/8110S chips
  apparently are limited to 7.5K frames on transmit. This may require
  some more work, though the framework to handle jumbo frames on RX
  is in place: the re_rxeof() routine will gather up frames than span
  multiple 2K clusters into a single mbuf list.

- Fixed bug in re_txeof(): if we reap some of the TX buffers,
  but there are still some pending, re-arm the timer before exiting
  re_txeof() so that another timeout interrupt will be generated, just
  in case re_start() doesn't do it for us.

- Handle the 'link state changed' interrupt

- Fix a detach bug. If re(4) is loaded as a module, and you do
  tcpdump -i re0, then you do 'kldunload if_re,' the system will
  panic after a few seconds. This happens because ether_ifdetach()
  ends up calling the BPF detach code, which notices the interface
  is in promiscuous mode and tries to switch promisc mode off while
  detaching the BPF listner. This ultimately results in a call
  to re_ioctl() (due to SIOCSIFFLAGS), which in turn calls re_init()
  to handle the IFF_PROMISC flag change. Unfortunately, calling re_init()
  here turns the chip back on and restarts the 1-second timeout loop
  that drives re_tick(). By the time the timeout fires, if_re.ko
  has been unloaded, which results in a call to invalid code and
  blows up the system.

  To fix this, I cleared the IFF_UP flag before calling ether_ifdetach(),
  which stops the ioctl routine from trying to reset the chip.

- Modified comments in re_rxeof() relating to the difference in
  RX descriptor status bit layout between the 8139C+ and the gigE
  chips. The layout is different because the frame length field
  was expanded from 12 bits to 13, and they got rid of one of the
  status bits to make room.

- Add diagnostic code (re_diag()) to test for the case where a user
  has installed a broken 32-bit 8169 PCI NIC in a 64-bit slot. Some
  NICs have the REQ64# and ACK64# lines connected even though the
  board is 32-bit only (in this case, they should be pulled high).
  This fools the chip into doing 64-bit DMA transfers even though
  there is no 64-bit data path. To detect this, re_diag() puts the
  chip into digital loopback mode and sets the receiver to promiscuous
  mode, then initiates a single 64-byte packet transmission. The
  frame is echoed back to the host, and if the frame contents are
  intact, we know DMA is working correctly, otherwise we complain
  loudly on the console and abort the device attach. (At the moment,
  I don't know of any way to work around the problem other than
  physically modifying the board, so until/unless I can think of a
  software workaround, this will have do to.)

- Created re(4) man page

- Modified rlphy.c to allow re(4) to attach as well as rl(4).

Note that this code works for the sample 8169/Marvell 88E1000 NIC
that I have, but probably won't work for the 8169S/8110S chips.
RealTek has sent me some sample NICs, but they haven't arrived yet.
I will probably need to add an rlgphy driver to handle the on-board
PHY in the 8169S/8110S (it needs special DSP initialization).
2003-09-08 02:11:25 +00:00
imp
c15af46961 The PCMCIA Standard dictates that those funny cards you insert into
laptops are "PC Cards" and uses said term consistantly.  Allow my
foolish hobgoblins to get the better of me and become consistant.
2003-08-20 06:27:21 +00:00
imp
d7ba3dd9a7 Add a new variable 'skipPCCARD'. This variable will cause sysinstall
to ignore all PC Card devices.

Submitted by: Anders Nordby
PR: bin/37650

MFC After: 2 weeks
2003-08-20 06:24:12 +00:00
obrien
f266bbb141 Remove the vestiges of the old pre-"X_AS_PKG" way we used to handled the
installing XFree86 (version 3.3.6 and before).

Reviewed by:	jhb
2003-08-19 23:23:27 +00:00
obrien
cd52f17217 Expand the fdisk size display toggling to include GB. 2003-08-19 17:51:49 +00:00
das
72617c8745 Instead of unconditionally refusing to install if no swap partitions
are specified, prompt the user with a yes/no box.
2003-08-10 01:04:05 +00:00
ume
697f428114 Always put an entry for ::1. It may avoid useless DNS lookup
for localhost.

MFC after:	3 days
2003-08-03 05:55:21 +00:00
trhodes
4a60e6fdcf Give users the ability to select an alternative MTA during the installation.
This option adds Postfix and Exim to the list, however, qmail is not added
due to license restrictions.

Collaborated with:	Simon L. Nielsen <simon@nitro.dk>
Reviewed by:		jhb, re@, -audit.
2003-07-12 15:33:09 +00:00
peter
3ff867a251 GRRR. Do not force Dangerously Dedicated mode on amd64 when you select
'use entire disk'.  Neither for ia64 while I'm here - it needs a MBR if
its going to use fdisk+disklabel.  The ia64 case is mostly academic though
because you'd be creating two partitions (dos + freebsd) rather than
a single freebsd-only partition.
2003-06-04 19:28:39 +00:00
scottl
f2f79e8c3f Teach sysinstall to recognize if acpi was turned off from the bootloader,
and then ask the user if this should be made permanent.

Approved by:	re
2003-05-31 11:28:28 +00:00
peter
edd5fa2492 Add __amd64__ ifdefs to enable the bootblock handling code, slices, etc.
Approved by:	re (murray)
Obtained from:	obrien
2003-05-24 21:12:14 +00:00
ru
3a541607e8 The "krb5" distribution was merged with "crypto", record the death.
Reviewed by:	jhb
Approved by:	re (jhb)
2003-05-22 18:41:16 +00:00
jhb
0c04949ed7 Reword the infamouse mouse dialog to ask if you have a PS/2, serial, or
bus mouse instead of if you have a non-USB mouse.

Requested by:	many
Prodded by:	dougb
Approved by:	re (scottl)
2003-05-13 19:16:00 +00:00
scottl
d8ecf9f7b2 Teach sysinstall about the ServeRAID disk device. 2003-05-11 07:18:26 +00:00
murray
bfd76550a6 Add the dragon screen saver.
PR:		bin/51571
MFC After:	1 week
2003-05-05 09:00:13 +00:00
rwatson
43a755fbe6 Don't use UFS2 by default during the install process on PC98, as the
PC98 boot blocks don't support UFS2.  We keep newfs(8) defaulting to
UFS2.

Warn users that FreeBSD can only boot from a root file system smaller
than 1.5TB; hopefully this will get fixed by the patches currently
floating around on -CURRENT.

Reviewed by:	nyan
2003-04-21 20:57:20 +00:00
wpaul
e41f6225fa Add device driver support for the ASIX Electronics AX88172 USB 2.0
ethernet controller. The driver has been tested with the LinkSys
USB200M adapter. I know for a fact that there are other devices out
there with this chip but don't have all the USB vendor/device IDs.

Note: I'm not sure if this will force the driver to end up in the
install kernel image or not. Special magic needs to be done to exclude
it to keep the boot floppies from bloating again, someone please
advise.
2003-04-20 19:05:33 +00:00
rwatson
81d6b31102 Throw the switch--change to UFS2 as our default file system format for
FreeBSD 5.1-RELEASE and later:

- newfs(8) will now create UFS2 file systems unless UFS1 is specifically
  requested (-O1).  To do this, I just twiddled the Oflag default.

- sysinstall(8) will now select UFS2 as the default layout for new
  file systems unless specifically requested (use '1' and '2' to change
  the file system layout in the disk labeler).  To do this, I inverted
  the ufs2 flag into a ufs1 flag, since ufs2 is now the default and
  ufs1 is the edge case.  There's a slight semantic change in the
  key behavior: '2' no longer toggles, it changes the selection to UFS2.

This is very similar to a patch David O'Brien sent me at one point, and
that I couldn't find.

Approved by:	re (telecon)
Reviewed by:	mckusick, phk, bmah
2003-04-20 14:08:05 +00:00
obrien
a920d12f89 style.Makefile(5) 2003-04-04 17:49:21 +00:00
roam
fbd1f237a8 Remove ftp2.it.FreeBSD.org from the list of mirrors.
Submitted by:	Alex Dupre <sysadmin@alexdupre.com>
Approved by:	silence on -arch
2003-03-14 15:47:14 +00:00
robert
cbfe8dc3bd Remove a function prototype for `crc' and an associated comment which
were useless for at least seven years and eight months.
2003-03-09 02:28:04 +00:00
markm
5c5510f79e KerberosIV deorbit sequence: Un-teach sysinstall about KerberosIV. I'm
not 100% sure that I've done this in the right way. If folks want to
revisit this, please be my guest.
2003-03-08 12:07:13 +00:00
sobomax
c7abac8042 Use correct interface name (it's different on -current).
Submitted by:	Brooks Davis <brooks@one-eyed-alien.net>
MFC after:	20 days
2003-03-05 18:50:18 +00:00
sobomax
4ea2b96c72 Remove local hack that somehow slipped into the previous commit.
MFC after:	20 days
2003-03-05 18:48:47 +00:00
sobomax
e7458d0bf2 Add missed description for the `ds' (disc(4)) pseudo-interface.
Sponsored by:	Porta Software Ltd
MFC after:	20 days
2003-03-05 18:07:59 +00:00
sobomax
da06cd1031 Add a new variable `noInet6', which if set disables IPv6 configuration
dialog for network interfaces.

MFC after:	20 days
2003-02-27 21:04:34 +00:00
jwd
1269b76675 - Increase the maximum device name length.
- Actually check that the entered device name does not exceed the
  maximum device name length.

PR:		misc/18466
MFC after:	2 weeks
2003-02-27 03:57:17 +00:00
ceri
e7c18881a0 s/to try and retry/to retry/
PR:		misc/48226
Submitted by:	Gary W. Swearingen <swear@attbi.com>
MFC After:	2 days
Approved by:	murray (mentor)
2003-02-19 21:48:28 +00:00
rwatson
5ae8784f59 Relocate a call to enable inetd so that it is set regardless of
whether the user chooses to edit inetd.conf.

PR:	39311
Reported by:	Martin Faxer <gmh003532@brfmasthugget.se>
2003-02-06 01:55:40 +00:00
jhb
b9b15dc424 Fixup capitalization in some of the Startup menu entries.
Submitted by:	Hiten Pandya <hiten@unixdaemons.com>
2003-02-03 16:14:33 +00:00
trhodes
cb304da7dc Teach sysinstall about the em(4) device.
PR:		46439
Submitted by:	Dan Lukes <dan@obluda.cz>
Approved by:	re (murray)
Tested?		yes
MFC:		1 day
2003-01-27 04:51:46 +00:00
murray
f82fab22e7 Correct typo.
Submitted by:	Andreas Kohn <andreas.kohn@gmx.net> (via -STABLE)
2003-01-26 21:14:56 +00:00
dillon
03203fa113 Change the nominal swap calculation from 1/2 physical memory to 1/8
physical memory.  The default is still 2x physical memory.  The nominal
calculation is used to back-off swap auto-allocation ('A'uto command)
when the disk is not large enough to accomodate all filesystem auto-defaults.
This gives other partitions (like /usr) more priority over swap on smaller
disks.

This should help solve reported auto-sizing failures on machines with small
hard drives and huge amounts of memory.  For example, a machine with 2G of
disk and 4G of memory will fail to auto-size without this fix.

MFC after:	3 days
2003-01-25 19:32:35 +00:00
jhb
dc23a6cc29 - Rename installFixupBin to installFixupBase to finish up the 'bin' to
'base' dist rename.
- Rework struct dist to allow for different types of dists.  There are
  currently three types of dists: DT_TARBALL, the traditonal gzipped and
  split tar file; DT_PACKAGE, a package; and DT_SUBDIST, a meta-dist in
  the tree that has its own array of dists as its contents.  For example,
  the 'base' dist is a DT_TARBALL dist, the 'perl' dist is a DT_PACKAGE
  dist, and the 'src' dist is a DT_SUBDIST dist with its own dist table
  that contains 'sbase', 'ssys', etc.
- Add helper macros for defining array entries for the different types of
  dists to try and make the statically defined dist table in dist.c more
  readable.
- Split the logic to deal with a DT_TARBALL dist out of distExtract()
  and into its own distExtractTarball() function.  distExtract() now
  calls other functions to extract each dist.
- Tweak the percentage complete calculation in distExtractTarball() to
  do the multiply prior to the divide so it doesn't have to use floating
  point.
- Axe the installPackage() function along with the special handling for
  the perl and XFree86 dists in distExtractAll() since distExtract()
  handles package dists directly now.
- Add back in subdists for the X packages based on the split up packages
  that XFree86-4 uses that as closely map to the X dists we used with
  X 3.3.x.
- Lots of things like distSetX() and the X dist masks are no longer
  #ifndef X_AS_PKG since we use them in both cases now.
- Make the entire installFixupXFree() function #ifndef X_AS_PKG, we only
  call it in that case anyways, and it's not suitable for the X_AS_PKG
  case.
- Add in X dist menus for the X_AS_PKG case.

Approved by:	re
2003-01-17 19:05:32 +00:00
jhb
e4bbc64e1d Add 'vlan' as a network device.
Tested by:	dcs
2003-01-17 18:51:21 +00:00
jhb
8234b5cd64 Add a function driverFloppyCheck() that asks the user if they would like to
load drivers from the driver floppy if the "driver_floppy" variable is set
in the kernel environment and call this function after probing devices but
before displaying the main menu.

X-MFC after:	as soon as I finish committing to current
Approved by:	re@ (blanket)
2003-01-15 21:47:36 +00:00
kuriyama
26e1430b79 If you don't create a /usr filesystem, / will need 200MB. 2003-01-13 21:57:07 +00:00
scottl
d8ff7fe878 Teach sysinstall about rpcbind, rpc.lockd, and rpc.statd. As an added
bonus, rpcbind will be enabled automatically if rpc.lockd, rpc.statd, amd,
NFS Server, or NIS is enabled.
2003-01-07 07:46:50 +00:00
obrien
77b391761d save_realloc() should use reallocf() to close memory leaks.
item_add() should use safe_realloc() as it does no error checking itself.
2003-01-06 17:11:46 +00:00
schweikh
d3367c5f5d Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00