Commit Graph

4705 Commits

Author SHA1 Message Date
dougb
f436b9e0d3 Drop the default zones that are now covered by the new zones that
were added in the last revision.
2007-06-18 06:29:45 +00:00
dougb
37159c8d59 Bring our default named configuration more in line with current
best practices:

1. The old way of generating the localhost zones was not optimal both
because they did not exist by default, and because they were not really
aligned with BCP. There is no need to have the dynamic data that the
make-localhost script generated, and good reasons to do this more
"by the book."

2. In named.conf
	a. Clean up white space
	b. Add/clarify a few comments
	c. Slave zones from the root servers instead of using a hints
	file. This has several advantages, as described in the comments.
	d. Significantly revamp the default zones, including the
	forward localhost zone, and the reverse zones for IPv4 and IPv6
	loopback addresses. There are extensive comments describing what
	is included and why. Interested readers should take the time to
	review the RFCs mentioned in the comments. There is also relevant
	information about the motivations for hosting these zones in the
	"work in progress" Internet-Draft,
	http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
	or its successor.
	It's also worth noting that a significant number of these
	empty zones are already included by default in the named binary
	without any user configuration.
	e. Because we're including a lot of examples of both local
	forward zones and slave zones in the default configuration,
	eliminate some of those examples.

3. Add new localhost-{forward|reverse} zone files, and an "empty" zone
to support the changes in 2.d. above. The empty zone file isn't really
empty in order to avoid a warning from BIND about a zone file that
doesn't contain any A or AAAA records.
2007-06-18 05:58:23 +00:00
dougb
c2485b20cb Add a namedb/master directory for the zone files I'm about to add,
and switch to the more "normal" way of installing files for the
namedb directory so that we can pick up the new subdir.
2007-06-18 05:44:38 +00:00
yar
333d04678d Add PAM support to cron(8). Now cron(8) will skip commands scheduled
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.

In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.

The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs.  E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM.  When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made.  Then it'll be
enough to set the expire field in future for the commands to run
again.  And so on.

Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.

X-Security: should benefit as users have access to cron(8) by default
2007-06-17 17:25:53 +00:00
yar
73c6fd823f Add PAM support to atrun(8). 2007-06-15 12:02:16 +00:00
yar
720e13085b Locked out and expired accounts shouldn't be accessible via remote
mailbox protocols.  Add pam_unix to the `account' function class, too,
for imap and pop3 to actually implement this policy.
2007-06-15 11:33:13 +00:00
yar
867bb09937 Split the FILES list across multiple lines as in rc.d/Makefile
so that the change history stays easily readable as the number
of PAM-aware services grows.
2007-06-15 11:22:10 +00:00
gshapiro
8487a6b582 Add a new rc.conf variable, sendmail_rebuild_aliases, which tells
/etc/rc.d/sendmail whether or not to run newaliases if the database
is missing or the aliases text file is newer than aliases.db.

In my opinion, the aliases file should never be automatically rebuilt.
The current text form could represent a work in progress.  Therefore,
in FreeBSD 7.0, this new option will default to "NO".  When this rc.d
change is MFC'ed, it will need to remain "YES" to maintain backward
compatibility.

PR:		conf/86252
Approved by:	re (kensmith)
MFC after:	3 days
2007-06-12 17:33:23 +00:00
ceri
1715307402 Create group ftp by default. This is gid 14 as this is the historical
id used by sysinstall when enabling anonymous FTP.

Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.

PR:		93284
Approved by:	ru (mentor)
Reviewed by:	simon
2007-06-11 18:36:39 +00:00
yar
dac62e7ff2 Now pam_nologin(8) will provide an account management function
instead of an authentication function.  There are a design reason
and a practical reason for that.  First, the module belongs in
account management because it checks availability of the account
and does no authentication.  Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.

Document this change in the manpage.

Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.

Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)

PR:		bin/112574
Approved by:	des, re
2007-06-10 18:57:20 +00:00
yar
68cc2f890e Be robust to a bogus script specification or contents
when figuring out what the real interpreter is for an
interpreted command.  That is, check whether we can read
the script file in the first place and, if so, make sure
we got a valid shebang line from it.
2007-06-04 11:39:35 +00:00
dougb
0f2163d639 Finish making resolv ordering deterministic by REQUIRE'ing it here. 2007-06-02 05:25:19 +00:00
dougb
9f19c3ecee Add REQUIRE netif to make ordering more deterministic, and to make sure
we have a fighting chance of having useful stuff from DHCP.

Tighten up the code a little, and fix whitespace issues.
2007-06-02 05:24:39 +00:00
ru
2962d850a3 s/tabs/spaces/ 2007-06-01 18:53:36 +00:00
dougb
39d0d8b3e6 Remove more vestiges of /usr/X11R6, but leave mtree for portmgr. 2007-05-29 06:37:58 +00:00
dougb
866e32e8a5 Remove X11R6 from the default PATH to join the new world order.
While I'm here, make the default PATH match that in the csh profile,
and login.conf.
2007-05-29 06:33:10 +00:00
dougb
cfa8629c48 Now that a separate /usr/X11R6 directory is no longer in fashion,
stop looking there for things like rc.d and periodic. This avoids
duplicating effort when /usr/X11R6 is a symlink to /usr/local,
which it is by default now.

It is not anticipated at this time that we will MFC this change, since
we'd like to avoid breaking legacy systems. However, there is a fix for
/etc/rc.subr in the works to avoid running any rc.d scripts twice which
we should be able to MFC.
2007-05-29 06:22:14 +00:00
rse
a805ec32c7 Fix indentation. 2007-05-24 06:01:06 +00:00
rse
9b4af18220 Remove two superfluous trailing semicolons. 2007-05-24 05:58:20 +00:00
rse
a1081c269a Remove two unnecessary and useless sub-shell constructs. 2007-05-24 05:54:37 +00:00
thompsa
dc97594a94 Do not attempt to load the kernel module when checking if an interface exists.
This would cause pseudo network modules to be reloaded again when trying to
unload the first time if any cloned interfaces exist.

MFC after:	2 weeks
2007-05-23 00:18:44 +00:00
rse
5d5ff0e937 backout filter of Nil UUID as the boot loader code already filters out Nil UUIDs (see src/sys/boot/i386/libi386/smbios.c:smbios_setuuid for details) 2007-05-22 13:53:59 +00:00
rse
3817f11e34 Remove the ugly csh(1) based UUID lower-case translation hack from
/etc/rc.d/hostid now that we switched the origin of the UUID (variable
smbios.system.uuid as provided by the i386 BIOS code) to already provide
a standard conforming lower-case UUID text representation.
2007-05-22 10:22:24 +00:00
rse
9af56a3ee6 Cleanup style by consistently using braces around variable expansion and
apply an addition from Andrew Thompson <thompsa> for filtering out the
special "Nil" UUID (all zeros) which would be a useless host UUID.
2007-05-21 11:57:01 +00:00
rse
0860e323d5 Adjust UUID lower-case translation from straight-forward tr(1)
usage to an equivalent csh(1) usage as tr(1) stays in /usr/bin and
/etc/rc.d/hostid has just the root filesystem (and this way mainly the
tools in /bin) available.

I've chosen csh(1) here as the string manipulation tools available in
/bin is extremely limited and the (only) alternative ed(1) usage would
have been a lot more complicated or even might require a temporary file.
2007-05-21 11:44:13 +00:00
rse
24abaf28df The standardized textual representation of UUIDs according to RFC 4122
and ISO/IEC-9834-8:2005 is with LOWER-CASE hexadecimal characters only,
so translate the (usually upper-case and this way not conforming)
representation of the BIOS UUID when reading it. Also be more strict
about the valid characters in the textual representation by checking for
just the hexadecimal characters.
2007-05-21 08:22:43 +00:00
grog
4cdc2f5138 Update /etc/protocols with IANA list updated 2007-02-12
Gotcha:  Number 48 (mhrp) is replaced with dsr.

Submitted by:	edwin
PR:		config/112732
MFC after:	2 weeks
2007-05-20 03:55:22 +00:00
grog
e058a77156 White space fixes only: replace spaces with tabs. 2007-05-20 03:41:26 +00:00
grog
55b7964ba7 Bring the well known ports of /etc/services into sync with the IANA
list.

This is only for the well known known ports (port 1-1023) for tcp and
udp only.

Changes:
- Removed "problems" comments around port 57, 77 and 87
- Removed audionews (port 114)
- Added imap3 (port 220)
- Removed yak-chat (port 258)
- Removed concert (port 786)
- Added a lot of new allocations

Submitted by: edwin
2007-05-20 03:31:52 +00:00
kan
2f3bc9cce5 Add templates for new GCC 4.2 C++ include files hierarchy. 2007-05-19 03:31:39 +00:00
mtm
6d5baaa091 o Implement the stop_boot subroutine [1]. This subroutine can be used by
scripts in rc.d to stop rc(8) from booting into multi-user mode when
  a critical or severe error condition is encountered.

o Modify scripts in etc/rc.d that already implemented this functionality
  independently.

o Document it.

[1] - This subroutine was implemented in FreeBSD in rc.d/fsck. I moved it
      to rc.subr(8). Our version differs slightly in that it takes an
      optional argument to stop the boot even if "autoboot" is not set.

Obtained from: NetBSD
MFC after: 2 weeks
2007-05-18 12:04:41 +00:00
mtm
471f392f70 o Use the --detach option to kdc(8) instead of using the shell
background operator '&'.

  PR: conf/102722

o No need to include $kerberos5_server_flags in $command_args as
  rc.subr(8) will take care of this.
2007-05-17 11:33:08 +00:00
mtm
4a87da8d3e The precmd routine does not need to check whether the command should be
"forced". If some pre-condition is not met, it should fail as it normally
does and rc.subr(8) will make the appropriate decision. Incidentally, the
previous behaviour had a bug where the "force" flag was respected only
when checking rc.conf(5) knobs. The flag was ignored when verifying the
rpcbind(8) dependency.

MFC after: 2 weeks
2007-05-17 08:57:14 +00:00
grog
e69bd7b141 Add SIP-related ports.
Obtained from:  IANA list of reserved ports.
Reviewed by:	edwin@
2007-05-16 01:02:16 +00:00
grog
f9c7817b73 White space tidy-up. 2007-05-16 00:59:31 +00:00
maxim
7ce35c288a o Install 480.status-ntpd.
Pointed out by:	Henrik Brix Anders
2007-05-14 17:34:59 +00:00
maxim
dd0b823351 o Add a script to check ntpd(8) state. Default is off.
PR:		conf/112604
Submitted by:	Oliver Fromme
MFC after:	1 month
2007-05-13 09:33:35 +00:00
mtm
4d97bc072b Move options that do not have anything to do with routing out of
rc.d/routing and in to rc.d/netoptions. Also instead of saying
"TCP options" say "IP options".
2007-05-02 15:49:30 +00:00
mtm
077bc38949 When rc.d/NETWORKING included this script in its REQUIRE line, a circular
dependency was introduced because this script had rc.d/localpkg (which is
*after* rc.d/NETWORKING) in its REQUIRE line.

From an examination of its contents it seems that only the availability of
a local filesystem is necessary for this script to function properly.
2007-05-02 15:32:05 +00:00
pjd
410069d287 When zfs dataset has jailed=on property, it won't be mounted with
'zfs mount -a' from the main system - this is by design, as mountpoint
may be set to dangerous value. This all means, that such file system
has to be mounted from within a jail. To make it easier, reorganize
rc.d/zfs script so it can be used from within a jail.
2007-04-22 20:55:08 +00:00
trhodes
aa1721f6a4 Quick kill posix4 directory.
Submitted by:	rodrigc (BSD.include.dist).
2007-04-18 10:16:43 +00:00
pjd
00b37c4ca7 When org.freebsd:swap property is set to 'on' on a ZVOL, use is as a swap
device.

Discussed with:	des
2007-04-15 18:07:14 +00:00
des
f858a604e1 Remove the shutdown keyword. It just adds noise to the shutdown process. 2007-04-13 18:46:35 +00:00
pjd
d34198ecfd - Create an empty /etc/zfs/exports file when zfs_enable="YES" and we don't
NFS-share anything. This way we can safely start mountd with
  /etc/zfs/exports and mountd won't complain.

  Pointed out by:	ceri

- Move 'zfs volinit' before 'zfs mount -a' and 'zfs volfini' after
  'zfs unmount -a'.
2007-04-13 11:02:06 +00:00
pjd
0737a362a2 mountd(8) was changed to only abort when all given exports files cannot be
open, so we not longer has to check if /etc/zfs/exports exists.
2007-04-13 10:29:25 +00:00
mtm
5125a57954 o Look for a zfs(1) exports file only if it exists and is readable. If
we don't do this and the file doesn't exist mountd(8) will abort.
o The mountd(8) daemon creates a pidfile, so use it.
2007-04-13 06:42:25 +00:00
stas
79b4c7ada6 - Add IANA-assigned ports for HP status & services daemon and I/O backend
daemon. The FreeBSD port print/hplip currently provides these services.

PR:		conf/99593
Submitted by:	Anish Mistry <amistry@am-productions.biz>
Approved by:	maxim
MFC after:	1 week
2007-04-11 16:02:04 +00:00
stas
69da2c69e2 - Add IANA assigned port for amanda server control over tcp. The
current misc/amanda-server code uses it.

PR:		conf/111050
Submitted by:	Charles Sprickman<spork@bway.net>
Approved by:	maxim
MFC after:	1 week
2007-04-11 15:58:36 +00:00
stas
bea2912081 - Sync service names with IANA (http://www.iana.org/assignments/port-numbers).
The registration names for 5222(tcp,udp) and 5269(tcp,udp) was changed to
  xmpp-client and xmpp-server correspondingly.

  This inconsistency causes problems to applications developed on other
  systems, as they tries to use port numbers from /etc/services as fallback.

PR:		conf/100606
Submitted by:	Ralph Meijer <freebsd-gnats2@ralphm.ik.nu>
Approved by:	maxim
MFC after:	1 week
2007-04-11 13:06:05 +00:00
pjd
1e6e7c9b8c If available, take UUID from smbios.system.uuid, if not fall back to
software-generated UUID. Store the result in /etc/hostid and use it in
the future. Perform simple UUID format check, as there is a lot of
hardware with broken UUIDs. The check should be improved to also eliminate
fake UUIDs like 00000000-0000-0000-0000-000000000000.

Requested by:	many
2007-04-11 00:05:25 +00:00