set:
* jail_mount_enable
* jail_devfs_ruleset
* jail_devfs_enable
* jail_fdescfs_enable
* jail_procfs_enable
* jail_fstab
* jail_flags
- Add a jail_interface / jail_<jid>_interface option. An ip alias will be
created (jail_<jid>_ip) on jail_interface or jail_<jid>_interface if set.
This is not a mandatory option.
- Document all missing jail_* options in rc.conf(5).
Approved by: cperciva (mentor)
MFC after: 2 weeks
daemon in the base system and all the IKE daemons in the Ports
Collection has their own rc.d script.
OK'ed by: dougb
Discussed on: freebsd-rc
MFC after: 1 month
Approved by: cperciva (mentor)
Do install sys/security/audit include files. It would be nice just
to install audit_ioctl.h, but we seem only to support installing
directories, so we get them all. The two not intended for extra-
kernel use have !_KERNEL #error's, which should help.
Obtained from: TrustedBSD Project
you booted from, unless /boot/kernel already exists and is not a symlink.
This should only affect people like me who juggle multiple kernels and
have KODIR = /boot/${KERN_IDENT} in /etc/make.conf to keep them apart.
into one function syscons_configure_keyboard(). Call new function from
both syscons_start() and sysconst_setkeyboard(). The reason for this
is because syscons_start() will (re)configure both keyboard and screen
settings. Apparently, some graphics cards have problems with running
vidcontrol(1) while X11 is running.
Remove "/etc/rc.d/syscons restart" from /etc/devd.conf. It is no longer
required. Using "/etc/rc.d/syscons setkeyboard" is enough. This also
should fix annoying "syscons not running?" message.
Tested by: Ulrich Spoerlein < q at galgenberg dot net >
MFC after: 3 days
a control variable was misspelled as `SCRIPTS_NAME_isdntel.sh'
(should've been `SCRIPTSNAME_isdntel.sh') when the Makefile was
converted to using <bsd.prog.mk>. Consequently, `isdntel.sh' has
been installed as `isdntel' since then. Nevertheless, nobody has
been unhappy with the change. So it's time to make it official.
Approved by: hm
Pointy hat to: ru
MFC after: 3 days
keyboard device name (i.e. /dev/kbd0). This method will do nothing is
kbdmux(4) is the current active keyboard, otherwise it will switch
active keyboard as requested.
Modify ukbd(4) entries in the /etc/devd.conf to use /etc/rc.d/syscons
and new 'setkeyboard' method.
No comments from: freebsd-current@
MFC after: 1 day
directory when we have 10+ ports that make use of it, and now we have
only 3. This change would come back if the tt/ usage grown up to the
level.
Knowledge provided by: krion, kris
the ongoing re-alignment of ordering that is necessary as a result of
including local scripts in the base rcorder. [1]
Accomplish this by removing the BEFORE's, and using REQUIRE instead.
This makes the dependencies more obvious, and less susceptible to turning
circular and/or nonsensical when seemingly innocent changes are made
in one place and not another.
Requested by: delphij [1]
and not under machdep as the behaviour is controlled by the process.
When PSR.ac is set the process expects to receive a SIGBUS. Otherwise
the processor or the kernel will emulate the misaligned memory access.
MFC after: 3 days
1. Remove a now-spurious NetBSD CVS Id, as we are no longer synching work
2. Remove a now-spurious BEFORE, since ntpdate now REQUIRE's named
3. Replace the call to set rcvar with what that function would output,
and generally reduce indirection ($name -> named) since it's highly
unlikely the name of the named process or service will change any time soon.
4. Resort the order the variables at the top of the file to a more
traditional format, and remove a spurious required_dirs from the top, as it
works better after load_rc_config.
5. We do not want the default reload method with named, so define a simple
but appropriate substitute using rndc. If I were writing this script for
the first time I would not include this at all, since it's preferable to
control a running daemon with rndc to start with, but given that this is
already here, let's do it right. I hope that future generations will
however resist the tempation to add reconfig to extra_commands.
6. By the same token, we want to use rndc to shut down named, but given
that by defining a stop function we lose the "find the process by its
pid file in an emergency" goodness of rc.subr, try to do something useful
in the event that rndc is not available, and keep the user informed.
7. Replace some "test -f" with "test -r" to handle the unlikely event
that the relevant file exists, but is unreadable.
8. Twiddle whitespace in a few areas, remove a spurious blank line,
a bogus double space, and try to do better indenting.
9. Improve generation of the rndc.key file significantly
a. If for some reason a user has an rndc.conf file, assume that they
did that on purpose, and hence know what they are doing, so leave them alone.
b. Introduce a named_uid configuration variable so that the user which owns
the rndc.key file and the user named runs as always match, and is more
easily configurable. This should dramatically reduce problems with rndc.
c. Also test that the rndc.key file size is greater than zero, rather than
simply that the file exists. I have seen at least one user report this exact
problem, and although neither of us is sure where the empty file came from,
the fix is simple, so include it.
d. Rather than try to create an rndc.key file in both /etc/namedb and the
chroot'ed /etc/namedb, assume that they are be the same (which they should
be), and only create the file in the chroot'ed version of the directory.
This partially addresses the problem described in conf/73929, but I have
not yet finished thinking about the PREFIX issue that PR also raises.
As a result of introducing the named_uid knob, the default named_flags
are now empty.
Update defaults/rc.conf and rc.conf(5) to reflect these changes.
64.15.205.248 address, change host to "foobar". This won't be
resolvable in most cases, so administrator will need to change it.
Also do not send our trap messages to 64.15.205.248, use localhost
as default traphost.
RSC (Remote System Control) connected via uart2 as console working out
of the box. On machines that use uart2 to connect a keyboard and thus
the ttyu2 node doesn't exist this will trigger a warning from getty(8)
but cause no real harm.
MFC after: 1 week
Allow user to decide if SAD and SPD entries should be flushed on 'reload'.
With this change flush/spdflush is not done automatically (it could still
be done from ipsec.conf).
supported and that users of REFUSE directives should update their
entire ports tree before asking for help on the mailing lists.
Requested by: kris
MFC after: 3 days
RELENG_6 this will be a noop, however as we introduce local
startup scripts to the base rcorder, we'll see more cases
where the previous status quo will need to be made explicit
to avoid having it disrupted when random local scripts are
added to the mix.
were now sticky. This script was deleting /boot/nextkernel on boot, but
there is no code in the tree that creates that file since revision 1.15
of src/sbin/reboot/reboot.c.
nextboot(8) creates /boot/nextboot.conf, so remove that instead.
Approved by: jhb (proxy mentor)
MFC after: 1 week
ldconfig. Build the cache in a temporary directory and only install it
if it's actually different that the installed one.
Also, use "cat tmp > real" to install the temporary file in the real
location to allow the real location to be a symlink to a writable
directory such as /var/run (where the file actually belongs).
MFC After: 5 days
the names of directories to include in the base ldconfig script.
This will eliminate the need for each port to install its own
boot script which does nothing but ldocnfig a given directory.
This code was developed by flz (ports committer), discussed on
freebsd-rc@, and modified slightly by me.
Submitted by: flz
Reviewed by: brooks
the line continuation backslash doesn't cause "warn" to print "return".
2. Group "warn" and "return" together as the "return 1" should be
performed only if the "kldload nfsclient" also failed (and not
already if the "vfs.nfs" sysctl(8) check failed).
MFC after: 3 days
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.
Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
on devfs is useful so that a hardware time device can start with its
necessary device nodes already in place. While this ordering happens
as a side effect currently in HEAD, and the PRs were generally fixed
via upgrades, etc; it's better to make it explicit.
While I'm here, ntpd should REQUIRE ntpdate, rather than ntpdate
using BEFORE: ntpd.
and including both in this file had nasty side effects on the
ordering of syslogd, as well as producing an error when running
rcorder. Remove the more bogus of the two options, which restores
proper ordering and removes the error.
There is an open question as to whether scripts with the nostart
KEYWORD should even have REQUIRE/BEFORE lines, and indeed, whether
they should be in /etc/rc.d at all, but that's for another time.
by default, so add a new knob that is on by default, and check that
knob in start_precmd so that it can run even if cleaning /tmp is
not enabled. This has the advantage of not violating POLA, while
still allowing the user to disable this behavior if they wish (for
example on a server that will never run X).
to light by the PR. Specifically, convert these three scripts
into good rc.d citizens, making sure that their functionality
is preserved, but the rc.d framework rules are not broken.
Add support for cleanvar as a regular rc.d script in the
default rc.conf, and document this in the man page.
Add a descriptive comment to rc.conf that regarding the
three emulation/compatibility services provided by abi
so users will not be confused by these services not having
their own startup scripts.
PR: conf/84574
Submitted by: Alexander Botero-Lowry
as part of rc. Doing this, and the sourcing of rc.subr after we have
determined if we are booting diskless (and correspondingly run
rc.initdiskless if necessary) are safe, and actually allow fewer files
to be needed on the diskless box. This also allows variables from
the configuration to be available to rc itself, such as ...
Add a variable to rc.conf, early_late_divider, which designates the
script which separates the early and late stages of the boot process.
Default this to mountcritlocal, and add text to etc/defaults/rc.conf,
rc.conf(5) and diskless(8) which describes how and why one might want
to change this.
Reviewed by: brooks
every now and then. It is up to the caller to choose a proper
action upon an error condition. Therefore, use return, not exit,
except for some special cases.
Consistently return 1 to indicate an error.
Submitted by: sem (initially)
Reviewed by: freebsd-rc (silence)
MFC after: 2 weeks
source it into the shell. If not, handle it in a subshell the same
way that "real" rc.d-style scripts are handled. This will dramatically
ease the "process local scripts in the base rcorder" transition.
Add *.bak to the list of files in */rc.d that we ignore.
is only present for fstab(5) compatibility, and is
otherwise ignored by mount(8) (not passed to mount_*
programs, and not passed to nmount(2)).
"-u -o rw" worked with an old mount(8) with mount_ufs.c
because "-o rw" was stripped and simple "-u" caused an
update of UFS from read-only to read-write, due to
inability of mount(2) to track changes in options
(MNT_RDONLY is either set or not).
"-u" no longer causes the transition from RO to RW,
now that mount(8) was converted to use nmount(2), so
an explicit change to RW is required. Keep up with
this change, and use "-uw" to mount root read-write.
the base rcorder. This is accomplished by running rcorder twice,
first to get all the disks mounted (through mountcritremote),
then again to include the local_startup directories.
This dramatically changes the behavior of rc.d/localpkg, as
all "local" scripts that have the new rc.d semantics are now
run in the base rcorder, so only scripts that have not been
converted yet will run in rc.d/localpkg.
Make a similar change in rc.shutdown, and add some functions in
rc.subr to support these changes.
Bump __FreeBSD_version to reflect this change.
