Commit Graph

5541 Commits

Author SHA1 Message Date
eadler
f471f92e45 Fix build by adding new directory to mtree in r233429
Submitted by:	flo
Approved by:	cperciva
MFC after:	1 week
2012-03-24 21:10:19 +00:00
eadler
67789bd4be - Make the default values for tcsh more user friendly
- Add an examples file with many of the not accepted suggestions from the discussion

PR:		conf/160689
Reviewed by:	many
Discussed on:	current
Approved by:	cperciva
2012-03-24 18:43:18 +00:00
pluknet
2ecce29547 Clean up of fs/fifofs include directory after fifo.h removal.
Glanced by:	kib
2012-03-23 10:12:35 +00:00
stas
e7e0b34988 - Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
  o kgetcred(1) allows one to manually get a ticket for a particular service.
  o kf(1) securily forwards ticket to another host through an authenticated
    and encrypted stream.
  o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
    and other user kerberos operations. klist and kswitch are just symlinks
    to kcc(1) now.
  o kswitch(1) allows you to easily switch between kerberos credentials if
    you're running KCM.
  o hxtool(1) is a certificate management tool to use with PKINIT.
  o string2key(1) maps a password into key.
  o kdigest(8) is a userland tool to access the KDC's digest interface.
  o kimpersonate(8) creates a "fake" ticket for a service.

  We also now install manpages for some lirbaries that were not installed
  before, libheimntlm and libhx509.

- The new HEIMDAL version no longer supports Kerberos 4.  All users are
  recommended to switch to Kerberos 5.

- Weak ciphers are now disabled by default.  To enable DES support (used
  by telnet(8)), use "allow_weak_crypto" option in krb5.conf.

- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
  disabled due to the function they use (krb5_get_err_text(3)) being
  deprecated.  I plan to work on this next.

- Heimdal's KDC now require sqlite to operate.  We use the bundled version
  and install it as libheimsqlite.  If some other FreeBSD components will
  require it in the future we can rename it to libbsdsqlite and use for these
  components as well.

- This is not a latest Heimdal version, the new one was released while I was
  working on the update.  I will update it to 1.5.2 soon, as it fixes some
  important bugs and security issues.
2012-03-22 08:48:42 +00:00
glebius
7544a6bbea Rotate auth.log and messages at the beginning of a year. Otherwise,
daily security checks 800.loginfail and 900.tcpwrap may produce
false positive alerts.
2012-03-19 09:30:40 +00:00
hselasky
fd6aa4b890 Regenerate usb.conf to use new -n option when doing kldload.
MFC after:	1 week
2012-03-18 09:52:54 +00:00
mm
353cc81df9 Unhide /dev/zfs in devfsrules_jail.
The /dev/zfs device is required for managing jailed ZFS datasets.

Discussed with:	pjd, jamie
MFC after:	1 week
2012-03-16 21:30:26 +00:00
ed
1204585265 Make init(8) slightly more robust when /dev/console is missing.
If the environment doesn't offer a working /dev/console, the existing
version of init(8) will simply refuse running rc(8) scripts. This means
you'll only have a system running init(8) and nothing else.

Change the code to do the following:

- Open /dev/console like we used to do, but make it more robust to use
  O_NONBLOCK to prevent blocking on a carrier.
- If this fails, use /dev/null as stdin and /var/log/init.log as stdout
  and stderr.
- If even this fails, use /dev/null as stdin, stdout and stderr.

So why us this useful? Well, if you remove the `getpid() == 1' check in
main(), you can now use init(8) inside jails to properly execute rc(8).
It still requires some polishing, as existing tools assume init(8) has
PID 1.

Also it is now possible to use use init(8) on `headless' devices that
don't even have a serial boot console.
2012-03-14 16:22:09 +00:00
ed
a6abf8bf85 Hide stty(1) errors.
If rc(8) is executed without using a TTY, this error appears at the
beginning:

	stty: stdin isn't a terminal

Because this is to be expected and of course not harmful, it is better
to simply hide the error message.

MFC after:	1 week
2012-03-14 16:10:39 +00:00
bz
82e2b8d3c6 Rather than printing the output from route add for all FIBs just print them
for the default FIB followed by a statement with a list of FIB numbers for
all the other FIBs we install the routes for.

Request by:	kib (to make it less noisy)
Tested by:	kib
MFC after:	3 days
2012-03-04 18:53:35 +00:00
theraven
b0968176b3 Reapply 227753 (xlocale cleanup), plus some fixes so that it passes build
universe with gcc.

Approved by:	dim (mentor)
2012-03-04 15:31:13 +00:00
jhibbits
76b96a73a2 Add backlight control to ATI-graphics PowerBooks and iBooks.
Approved by:	nwhitehorn (mentor)
MFC after:	1 week
2012-02-26 13:45:25 +00:00
delphij
ec9c1986ab Put the signal trap output to standard error instead of standard output.
Without this change, pressing ^T could result in rc.d script putting
junk strings like:

	Script <filename> running

in configuration files when redirecting standard output to these files.

MFC after:	2 weeks
2012-02-18 00:46:18 +00:00
dougb
be402d9b8f Increase the default shutdown timer to 90 seconds. This will allow
certain systems that take a long time to shut down, without adversely
affecting things that shut down quickly. It's also 30 seconds less than
the default hard limit of 120 seconds in kern.init_shutdown_timeout.

PR:		conf/109272
Submitted by:	Radim Kolar SF.NET <hsn@sendmail.cz>
2012-02-17 07:59:37 +00:00
bz
dcdb23291f Merge multi-FIB IPv6 support from projects/multi-fibv6/head/:
Extend the so far IPv4-only support for multiple routing tables (FIBs)
introduced in r178888 to IPv6 providing feature parity.

This includes an extended rtalloc(9) KPI for IPv6, the necessary
adjustments to the network stack, and user land support as in netstat.

Sponsored by:	Cisco Systems, Inc.
Reviewed by:	melifaro (basically)
MFC after:	10 days
2012-02-17 02:39:58 +00:00
eadler
f73705f023 Style: prefer the use of line continuations to +=
Requested by:	marcel, dougb, bde
Approved by:	cperciva
MFC after:	3 days
2012-02-17 01:21:08 +00:00
dim
22f749d90e Revert r231673 and r231682 for now, until we can run a full make
universe with them.  Sorry for the breakage.

Pointy hat to:	     me and brooks
2012-02-14 21:48:46 +00:00
theraven
b529e734cb Cleanup of xlocale:
- Address performance regressions encountered by das@ by caching per-thread
  data in TLS where available.
- Add a __NO_TLS flag to cdefs.h to indicate where not available.
- Reorganise the xlocale.h definitions into xlocale/*.h so that they can be
  included from multiple places.
- Export the POSIX2008 subset of xlocale when POSIX2008 says it should be
  exported, independently of whether xlocale.h is included.
- Fix the bug where programs using ctype functions always assumed ASCII unless
  recompiled.
- Fix some style(9) violations.

Reviewed by:	brooks (mentor)
Approved by:	dim (mentor)
2012-02-14 12:03:23 +00:00
dougb
5abebddb43 Fix various issues with the NFS and RPC related scripts:
1. Add new functionality to the force_depend method to incorporate the
   tests for whether the service is enabled and/or already running.
2. Add a new option to bypass checking only that the service is enabled
   at boot time, and always check if it is running.
3. Use this new functionality to greatly simplify the rc.d scripts that
   use force_depend.
4. Add a force_depend for statd in lockd
5. Remove the check that either nfs_server or nfs_client is _enable'd
   from statd and lockd. This was always overkill, and prevented using
   the {one|force}start options, as well as stop'ing on the command line.
6. The yp* scripts had some of their arguments in various weird orders.
   Bring them into line with the model.
7. If mountd fails to create /var/db/mountdtab, err out.

Ideas, suggestions, and/or review from delphij and jilles.
Pointy hats are completely my responsibility however.
2012-02-14 10:51:24 +00:00
hselasky
ec1b2e79af Re-generate /etc/devd/usb.conf
MFC after:	1 day
2012-02-13 07:47:16 +00:00
avg
f5c5ba6806 start watchdogd before most of other daemons/servers
The main benefit is that watchdogd would shutdown after most of other
daemons/servers and thus, for example, would remedy a system hang caused
by unlucky X server shutdown.

Reviewed by:	dougb (earlier version)
MFC after:	2 weeks
2012-02-12 14:58:50 +00:00
ed
eff2fef6c0 Avoid using BEFORE in the utx rc script.
Requested by:	dougb
2012-02-12 07:45:48 +00:00
ed
959ca16023 Move utmpx handling out of init(8).
This has the following advantages:

- During boot, the BOOT_TIME record is now written right after the file
  systems become writable, but before users are allowed to log in. This
  means that they can't cause `hidden logins' by logging in right before
  init(8) kicks in.

- The pututxline(3) function may potentially block on file locking,
  though this is very rare to occur. By placing it in an rc script, the
  user can still kill it with ^C if needed.

- Most importantly: jails don't use init(8). This means that a force
  reboot of a system running jails will leave stale entries in the
  accounting database of the jails individually.
2012-02-11 20:47:16 +00:00
dougb
cf710cf087 In the days before r208307 addswap was running early in the second stage
of rcorder. Somehow in the intervening period addswap got moved to the
very end, which is almost certainly not what we want.

This change moves it to right after kld so that for users who need it,
they'll get it ASAP.
2012-02-11 06:21:16 +00:00
eadler
afb7bb20cb Make etc/Makefile more conflict resistant
PR:		conf/163789
Submitted by:	gcooper (iXsystems)
Approved by:	cperciva
MFC after:	3 days
2012-02-09 20:44:20 +00:00
jkim
234d88c288 Revert r211288 and move the logic to the acpi_timer itself. 2012-02-08 20:31:42 +00:00
dougb
dd6bba093e As it stands right now, the default devfs rulesets are only loaded as a
side effect of something else using them. If they haven't been loaded
already but you want to use them, say for configuring a jail, you're out
of luck.

So add a knob to always load the default rulesets. While I'm here document
the other devfs_ knobs in rc.conf.5.
2012-02-08 08:52:40 +00:00
gjb
3120fac2c9 Add an option to 404.status-zfs (enabled by default) to list all
zfs pools on the system.

While here, document daily_status_zfs_enable in periodic.conf(5).

Discussed on:	-fs [1]
Reviewed by:	netchild [1]
Approved by:	jhb
MFC after:	1 week

[1] - http://lists.freebsd.org/pipermail/freebsd-fs/2011-June/011869.html
2012-02-08 00:08:21 +00:00
hrs
53ca0b362a Fix $ipv6_network_interfaces handling in rc.d/routing. It could fail when
it was set to "auto", for example.

MFC after:	3 days
2012-02-04 18:14:49 +00:00
hrs
4fff32c8f8 Perform IPv6 DAD only in ifn_start. 2012-01-29 08:33:34 +00:00
jhibbits
6779d40f21 Remove the notify match from a couple devd apple events, the events don't
include notify tags.

Approved by:	nwhitehorn (mentor)
MFC after:	3 days
2012-01-28 02:52:22 +00:00
hrs
dcf91b59f5 Fix several glitches in IPv6-related knobs:
- ipv6_enable + ipv6_gateway_enable should unset ACCEPT_RTADV by default for
  backward compatibility.

- Configurations in ipv6_prefix_IF should be recognized even if there is no
  ifconfig_IF_ipv6.

- DAD wait should be performed at once, not on a per-interface basis, if
  possible.  This fixes an issue that a system with a lot of IPv6-capable
  interfaces takes too long for booting.

MFC after:	1 week
2012-01-22 10:57:32 +00:00
brooks
f448634262 When creating the jails /dev/log symlink, do it by full path to avoid
creating stray "log" symlinks if the mount fails.  That apparently
happens in some ezjail configs.

PR:		conf/143084
Submitted by:	Dirk Engling <erdgeist at erdgeist.org>
Reviewed by:	simon
MFC after:	2 weeks
2012-01-20 22:55:19 +00:00
rea
ca3be75964 /etc/netstart: remove invocation of dhclient
dhclient is no longer a real service, it is a helper script
for /etc/rc.d/netif and devd.  Its direct invocation isn't
needed to bring the network up.

Approved by: jhb
2012-01-20 17:25:15 +00:00
rea
64180fcce0 dhclient: don't use syslog for logging non-DHCP interface errors
We should show the error to user, but it doesn't deserve syslog.

Approved by: jhb
2012-01-20 17:19:50 +00:00
dougb
0db22183d9 If we're booting there is no need to waste time determining if the service
is running or not.

PR:		conf/150752
Submitted by:	YIN Xiaofeng <75394094@qq.com>
2012-01-20 10:31:27 +00:00
dougb
9d0dd43b7c Now that its callers have been udpated, remove set_rcvar().
The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.
2012-01-14 08:59:02 +00:00
dougb
3645513107 Prepare for the removal of set_rcvar() by changing the rcvar=
assignments to the literal values it would have returned.

The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.

During the discussion on freebsd-rc@ a preference was expressed for
using ${name}_enable instead of the literal values. However the
code portability concept doesn't really apply since there are so
many other places where the literal name has to be searched for
and replaced. Also, using the literal value is also a tiny bit
faster than dereferencing the variables, and every little bit helps.
2012-01-14 02:18:41 +00:00
rea
c797a8475b rc.d: document 'quiet' prefix and fix dhclient/devd interaction
Document the current semantics of the 'quiet' command prefix
in the rc.subr(8).

Fix dhclient rc.d script: it should not call err() for
non-DHCP-enabled interface when it is called from devd, because the
latter just blindly calls 'service dhclient quietstart' on each "link
up" event.

Since the 'quietstart' will silence the message "Cannot 'start' <foo>.
Set <foo>_enable to YES in /etc/rc.conf or use 'onestart' instead of
'start'." and running dhclient on the non-DHCP-enabled interface is
the same thing as running the service <foo> without <foo>_enable set,
such modification is in sync with the current semantics of the 'quiet'
prefix.

Approved by: glebius
Reviewed by: freebsd-rc list
MFC after:	2 weeks
2012-01-12 06:48:11 +00:00
glebius
7b863fa87e Bunch of fixes to pfsync(4) module load/unload:
o Make the pfsync.ko actually usable. Before this change loading it
  didn't register protosw, so was a nop. However, a module /boot/kernel
  did confused users.
o Rewrite the way we are joining multicast group:
  - Move multicast initialization/destruction to separate functions.
  - Don't allocate memory if we aren't going to join a multicast group.
  - Use modern API for joining/leaving multicast group.
  - Now the utterly wrong pfsync_ifdetach() isn't needed.
o Move module initialization from SYSINIT(9) to moduledata_t method.
o Refuse to unload module, unless asked forcibly.
o Improve a bit some FreeBSD porting code:
  - Use separate malloc type.
  - Simplify swi sheduling.

This change is probably wrong from VIMAGE viewpoint, however pfsync
wasn't VIMAGE-correct before this change, too.

Glanced at by:	bz
2012-01-09 08:50:22 +00:00
dougb
12b863c4be There is no longer a need to abstract ${rcvar_manpage} as we are not
attempting to maintain compatibility with NetBSD for some years now.
2012-01-08 20:25:29 +00:00
uqs
a6f0acec24 Spelling fixes for etc/ 2012-01-07 16:10:32 +00:00
pjd
ddd7889cae Add 'nojail' keyword as auditd(8) can't really do anything useful when
inside a jail.

Discussed with:	rwatson
MFC after:	1 week
2012-01-06 14:00:31 +00:00
pjd
5343960cbb - Put one file into one line. This makes keeping local changes and merging
with FreeBSD easier for vendors.
- For optional files use variables starting with underscore.

Both changes make rc.d/Makefile look similar to sys/modules/Makefile.

Reviewed by:	dim
2011-12-15 21:06:37 +00:00
glebius
3eabbecb6d Add compatibility support for specifing IPv4 aliases in
rc.conf without the "inet" keyword.

Obtained from:	hrs
2011-12-13 14:36:04 +00:00
jhibbits
b67e1da2b9 Fix style(9) issues from r228270.
Approved by:	nwhitehorn (mentor)
2011-12-05 14:13:21 +00:00
jhibbits
97bfac165b Add a devd notification for closing/opening the lid on PowerBooks and iBooks.
Approved by:	nwhitehorn (mentor)
2011-12-05 00:12:10 +00:00
obrien
727638be50 Ensure kldxref is run first. Currently both 'kldxref' and 'kld' depend
on "FILESYSTEMS" and 'kld' is being run 8 scripts ahead of 'kldxref'.

Reported by:	dhw
2011-12-01 22:50:10 +00:00
theraven
ad5598305f Import libc++ / libcxxrt into base. Not build by default yet (use
MK_LIBCPLUSPLUS=yes to enable).  This is a work-in-progress.  It works for
me, but is not guaranteed to work for anyone else and may eat your dog.

To build C++ using libc++, add -stdlib=libc++ to your CXX and LD flags.

Bug reports welcome, bug fixes even more welcome...

Approved by:	dim (mentor)
2011-11-25 20:59:04 +00:00
glebius
3aadfef004 Better use pkill(1) in last commit.
Submitted by:	pjd
2011-11-21 12:23:22 +00:00
glebius
973126c7ae On some laptops it is important to re-open /dev/psm after resume. moused(8)
was capable to do this upon SIGHUP for more than a decade. Automate this
via rc.resume in default installation.
2011-11-15 12:59:07 +00:00
dougb
9d00c3ae56 The default setting, daily_accounting_compress="NO", was causing
only 1 old file to be saved, so fix this. Problem raised in the PR,
but actually required a different solution.

While I'm here, fix a very old off-by-one error causing 1 more file
than specified in daily_accounting_save to be saved because acct.0
was not taken into account (pun intended). Change that, and use a more
thorough method of finding old files to delete. Partly just because this
is the right thing to do, but also to silently fix the extra log that
would have been left behind forever with the previous method.

PR:		conf/160848
Submitted by:	Andrey Zonov <andrey@zonov.org>
2011-11-13 03:01:58 +00:00
jilles
f1ed8a086f rc.d: Eliminate some unnecessary non-POSIX constructs:
* set - ...
 * empty braces
 * ^ in character class
2011-11-08 23:02:32 +00:00
dim
95e06f7199 Whenever you boot with nfsv4_server_enable=NO (the default) in rc.conf,
the /etc/rc.d/nfsd script sets vfs.nfsd.server_max_nfsvers to 3.

Then, when you set nfsv4_server_enable=YES in rc.conf, and restart nfsd
via the rc.d script, without rebooting, the sysctl does *not* get reset
to max version 4, so NFSv4 still doesn't work.

Fix this by explicitly setting vfs.nfsd.server_max_nfsvers to 4 when
NFSv4 is requested.

I also added resetting of the nfs_privport sysctls, since this has the
same issue: nfs_reserved_port_only=YES in rc.conf sets the nfs_privport
sysctl to 1, but in the other case, the sysctl doesn't get reset to 0.

Reviewed by:	rmacklem
Silence from:	rc@
MFC after:	3 days
2011-11-05 16:47:47 +00:00
rea
16fb97459d Fix handling of rc_force in /etc/rc.d/dhclient
Variable 'rc_force' is accessible only at the time of rc_run_command,
so it can't be examined from the script's main code.

Spotted by:	hrs
Reviewed by:	hrs, des
Approved by:	des
MFC after:	2 weeks
2011-10-28 06:03:38 +00:00
delphij
cdc2d13873 Increase default scrub threshold from 30 days to 5 weeks. Using
whole weeks makes it easier to predicate when the scrub would
happen.

MFC after:	1 week
2011-10-27 21:25:41 +00:00
gavin
6d7d535ac6 Remove example for linking /dev/vga to /dev/ttyv0, this hasn't been
required since X version 4.3.0.

PR:		conf/161847
Submitted by:	eadler
MFC after:	2 weeks
2011-10-27 20:39:20 +00:00
gavin
7af043faee Update the example rules in devfs.conf to reflect the changes since ATA_CAM.
While here, add another example rule, as many applications these days
expect to find /dev/dvd instead.

MFC after:	3 days
2011-10-27 20:35:21 +00:00
hrs
fb5f47d254 - Add support for a "!" character in regex matching in devd(8). It inverts
the logic (true/false) of the matching.

- Add "!usbus[0-9]+" to IFNET ATTACH notification handler in the default
  devd.conf to prevent rc.d/netif from running when usbus[0-9]+ is attached.

Reviewed by:	imp
2011-10-26 02:11:28 +00:00
mm
416a87bd3a Correctly reassign copyright of etc/rc.d/static_ndp back to delphij@
as the project itself is no legal entity

Reported by:	Joe Dahl <joel@vnode.se>
MFC after:	3 days
2011-10-23 10:17:42 +00:00
mm
1edde0f4fd Add etc/rc.d/static_ndp, analogous to etc/rc.d/static_arp.
Make sure that static ARP and NDP bindings are set before NETWORKING.

As static_ndp is based on static_arp, pass copyright to the project with
permission of the original author (delphij@).

Reviewed by:	delphij@FreeBSD.org
MFC after:	3 days
2011-10-23 09:08:42 +00:00
hrs
4d11bc0a4a Add support for removing addresses added by ipv6_prefix_hostid_addr_up()
upon rc.d/netif stop.
2011-10-23 07:37:36 +00:00
hrs
864e0e20bb Fix an issue that 127/8 is not configured when $ifconfig_DEFAULT is not empty.
Spotted by:	ume
2011-10-23 05:56:59 +00:00
hselasky
f701026767 Add new USB IDs to RUN driver. Update usb.conf.
PR:		usb/161798
MFC after:	3 days
2011-10-19 10:09:01 +00:00
se
a1d20730a3 Add missing default values for daily/800.scrub-zfs for documentation
purposes. No functional change, since all parameters are set to their
default values.
MFC after:	1 week
2011-10-17 14:37:24 +00:00
se
c5a8163000 Fix error message in case the backup storage directory does not exist and
cannot be created ($daily_backup_pkgdb_dbdir -> $daily_backup_pkgdb_dir).
MFC after:	1 week
2011-10-17 14:33:41 +00:00
des
505a4146dc The rc_force test was inverted in the previous commit, so that dhclient ran
for interfaces which were not configured for DHCP *unless* rc_force was set;
the correct logic is to run dhclient for those interfaces *only if* rc_force
is set.

Broken by:	des@
Noticed by:	everybody and his dog
Submitted by:	rea@
PR:		bin/161733
2011-10-17 13:05:57 +00:00
nwhitehorn
2cd40fe2b6 Add support for special keys (volume/brightness/eject) on Apple laptops with
ADB keyboards.

Submitted by:	Justin Hibbits <jrh29 at alumni dot cwru dot edu>
MFC after:	9.0-RELEASE
2011-10-16 21:01:42 +00:00
des
ad844b42a2 Make dhclient use a pid file. Modify the rc script accordingly; while
there, clean it up and add some error checks.

Glanced at by:	brooks@
MFC after:	3 weeks
2011-10-13 17:20:45 +00:00
cperciva
c1d58be192 Now that the portsnap buildbox is generating the raw bits for INDEX-9,
add it to the set of INDEX files built by portsnap.
2011-10-12 03:29:12 +00:00
stas
33f661cecd - Import Heimdal 1.5 distribution. 2011-10-05 07:23:29 +00:00
dim
e28d9921b6 Revive the LLVM and Clang license files, which were removed in my
too-thorough cleanup of unused files, in r213695.  Also make sure these
get installed under /usr/share/doc.

Submitted by:	rwatson, brooks
Pointy hat to:	dim
MFC after:	3 days
2011-09-29 18:12:40 +00:00
stas
f6e720bf7e - Flatten the vendor heimdal tree. 2011-09-29 05:23:57 +00:00
wblock
fc02252004 Fix a confusing sentence. [1]
Other wording tweaks.

Reviewed by:	imp [1]
Approved by:	gjb
2011-09-29 03:37:42 +00:00
delphij
aed7b4b7f1 Test if the interface is afif in dhcpif() and syncdhcpif(), as
done in ipv6_autoconfif.

Reviewed by:	hrs (freebsd-rc@)
MFC after:	1 week
2011-09-28 19:01:15 +00:00
kib
d0ef05f990 Install ciss(4) ioctl header (together with other .h files from sys/dev/ciss).
PR:	kern/109813
Discussued with:	Alex Samorukov <samm os2 kiev ua>
	(smartmontools maintainer)
MFC after:	1 week
2011-09-27 12:14:43 +00:00
hrs
5d406c08f5 Use REQUIRE: line to reorder rc.d/bridge instead of BEFORE: line.
Pointed out by:	dougb
Approved by:	re (bz)
2011-09-20 00:37:35 +00:00
hrs
1463ae2b35 Use resolvconf(8) to create /etc/resolv.conf, not directly overwrite it.
Approved by:	re (kib)
2011-09-19 15:56:50 +00:00
hrs
3005eb1de4 Fix the script order to run rc.d/bridge after the initial network
interface configuration and before running network daemons.

Approved by:	re (kib)
2011-09-19 15:55:53 +00:00
jh
e6011fb6bc Expose "log" in the default devfs rules. /etc/rc.d/jail creates /dev/log
as a symbolic link.

PR:		conf/160711
Submitted by:	Jase Thew
Approved by:	re (kib)
MFC after:	1 week
2011-09-15 13:32:43 +00:00
dougb
1209837866 Correct the RFC number for the description of IPv6 privacy addressing
Reviewed by:	bz
Approved by:	re (kib)
2011-09-15 09:22:49 +00:00
brueffer
b3c2a14506 Minor spelling, wording and punctuation fixes in comments.
PR:		155984
Submitted by:	gcooper
Approved by:	re (kib)
MFC after:	1 week
2011-09-14 20:13:10 +00:00
hrs
6a7d91769a - Add an warning when ifconfig_IF_ipv6 has no inet6 keyword in front
of an IPv6 address. (r225489)

- Use eval for ${ifconfig_args} to fix an issue fixed in r223506. (r225489)

Approved by:	re (bz)
2011-09-13 00:09:47 +00:00
hrs
08320280c6 Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE
(r225485).  When setting an interface name to it, the following
configurations will be enabled:

 1. "no_radr" is set to all IPv6 interfaces automatically.

 2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif.  This is
    done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
    means you can manually supersede this configuration if necessary).

 3. The node will add RA-sending routers to the default router list
    even if net.inet6.ip6.forwarding=1.

This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network).  To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.

Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table.  To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.

Approved by:	re (bz)
2011-09-13 00:06:11 +00:00
delphij
0eb84391c8 Sync pf.os with OpenBSD:
- Update OpenBSD fingerprints through OpenBSD 4.9
 - Fix typos.

Obtained from:	OpenBSD
MFC after:	2 weeks
Approved by:	re (kib)
2011-09-08 23:46:07 +00:00
nwhitehorn
5d358aac62 Fix path to the handbook and provide a hint about how to install it if it
was not added at installation time.

Approved by:	re (blackend)
2011-08-26 14:05:48 +00:00
delphij
9b0113067a Honor WITHOUT_IPX when installing etc/rc.d/ipxrouted.
MFC after:	1 week
Approved by:	re (kib)
2011-08-23 19:29:11 +00:00
dougb
f0662c2435 Revert r224760, and enhance the sed patterns from r224659 to comment out
the _compat entries in the WITHOUT_NIS case rather then delete them.

Approved by:	re (kib)
2011-08-10 20:52:02 +00:00
dougb
9d5fe42c4e Rather than edit the nsswitch.conf file based on ${MK_NIS} == "no"
comment out the NIS _compat options by default, but leave them in
the file for the convenience of users who want to enable it.

Update the comment in the file accordingly.

Reviewed by:	ed
Approved by:	re (hrs)
2011-08-06 09:16:53 +00:00
ed
88e6d99211 Remove NIS entries from /etc/nsswitch.conf for WITHOUT_NIS.
We already modify various configuration files in /etc based on build
configuration. This is not done for nsswitch.conf right now when setting
WITHOUT_NIS. This breaks various utilities, including crond, that depend
on working databases.

Approved by:	re (kib)
MFC after:	1 month
2011-08-05 17:33:12 +00:00
dougb
b0952adc3d Revert the apparently-unecessary module_path twiddling from r223917
Approved by:	re (kib)
2011-07-22 21:08:19 +00:00
jilles
6530d94c4a rc.d/routing: Fix ugly output with additional routing options.
Print a separate "Additional routing options" line for each address family
which has additional options, so that it does not get mixed up with the
output from adding routes.

This also reverts r224048 which added newlines to two arbitrary routing
options.
2011-07-17 14:52:55 +00:00
dougb
c3314d5c52 Commemorate the release of RFC 6303 by updating the comments regarding
our default empty zones.  No functional changes.
2011-07-17 06:20:47 +00:00
dougb
2d79e74842 Pick up the 2011-06-08 update to this file, the addition of an IPv6
address for D.
2011-07-17 06:05:44 +00:00
kevlo
bc6ffd0569 Remove "-n" from echo
Reviewed by:	dougb
2011-07-15 01:59:08 +00:00
adrian
709d0ff0d0 More Japan regulatory domain fixes:
* Add HT40 entries for the two new Japan bands
* Fix a channel separation bug in one of the new bands I introduced
  in a previous commit.
2011-07-14 05:49:35 +00:00
adrian
f495485b63 Japan regulatory domain update #1 - sync with CRDA entries.
Specifics:

* add 4920MHz-4980MHz for 11a and 11n/HT20
* add 5040MHz-5080MHz for 11a and 11n/HT20
* add 5500MHz-5700MHz for 11a and 11n/HT20 (DFS needed)
* add 5500MHz-5680MHz for 11n/HT40 (DFS needed)

TODO:

* add correct HT40 bands for 4920-4980 and 5040-5080

For the curious:

There's been many revisions to the Japan regulatory rules.
Apparently, the requirements require old cards certified on a previous
version of the rules to obey the older rules, not the newer rules.

The regdomain.xml outlines the -current- restrictions.

The card driver (eg the ath_hal regulatory domain code) may include
previous revisions of the Japan rules.

The ath_hal regdomain code populates the initial channel list based on
what the EEPROM indicates is possible. The regdomain.xml database imposes
further restrictions on this.

So regdomain.xml only needs to have the -current- rules. If the card
was certified on an earlier set of JP rules, it may only support a subset
of those channels - these are calculated at device attach and this
restricted list is kicked to net80211. regdomain.xml operates on -this-
list of channels.

And thus, the correct regulatory behaviour for Japan is handled with only
one regdomain.xml Japan database entry.

(phew.)

Obtained from:	Linux wireless-regdb
2011-07-14 05:19:28 +00:00
dougb
1a6a27e0a4 Make sure we load kernel modules from the same path as the running kernel 2011-07-10 23:47:03 +00:00
rmacklem
99ee90db6b Delete the /etc/rc.d/nfsserver script, since it is no
longer used by /etc/rc.d/nfsd and it is no longer necessary
to load the old nfs server by default, when nfs_server_enable="YES".

Tested by:	sgk at troutmask.apl.washington.edu
Reviewed by:	rc (Andrzej Tobola)
2011-07-08 00:49:50 +00:00
rmacklem
8a9d1b7f5d Fix the /etc/rc.d/nfsd script so that it no longer uses
the /etc/rc.d/nfsserver script to load the old nfs server
module.

Tested by:	sgk at troutmask.apl.washington.edu
Reviewed by:	rc (hrs)
2011-07-07 20:59:42 +00:00
pluknet
0b9b3ff55f Run load_rc_config before stop_cmd definition, so that ${quotaoff_flags}
is correctly expanded inside stop_cmd instead of getting nothing.

PR:		conf/157687
Reported by:	Dmitry Banschikov <d.banschikov peterhost ru>
MFC after:	1 week
2011-06-28 14:26:34 +00:00
hselasky
b6ff66c80a Regenerate usb.conf after r223566. 2011-06-27 20:32:19 +00:00
adrian
19f06d0344 .. this wasn't supposed to be committed! sorry. 2011-06-26 14:29:49 +00:00
gavin
1d169284e3 The SMCWUSBG is a zyd(4) device, not an uath(4) device. Remove from the
latter.

It appears that the addition to uath(4) came in through PR kern/135009,
which had tested another device, the SMCWUSBTG2, successfully with uath(4)
and included the SMCWUSBG as it "has the same chipset".  I can find no
other evidence that these two do actually share the same chipset.  Moreover,
Linux treats the SMCWUSBG as a zyd(4) device also.

This reverts r223537.

Discussed with:	hselasky, kevlo
MFC after:	1 week
2011-06-26 11:37:24 +00:00
adrian
1c5a60f771 I think 23dBm is the correct value to use here. CRDA uses 20dBm + 3dB max antenna
gain; I believe net80211 doesn't take antenna gain into account and leaves it
up to the driver to enforce. (ath_hal(4) certainly tries to do this.)
2011-06-26 10:34:01 +00:00
adrian
9766ec89c2 Add a couple more frequency ranges to the FCC3 (FCC + DFS) regulatory domain.
The frequency range 5490MHz -> 5710MHz was opened up sometime in 2009, but
regdomain.xml wasn't updated.

FCC reference: (Section 15.407): http://louise.hallikainen.org/FCC/FccRules/2009/15/407/

The hole between 5600-5650MHz is due to a request from Airports using
a weather radar system which also utilises this range.
The GIT commit explaining this hole in more detail can be found here:

http://git.kernel.org/?p=linux/kernel/git/linville/wireless-regdb.git;a=commit;h=fcbf9225d56e82d9a4e506187d42285e76d81523
2011-06-26 10:32:09 +00:00
adrian
e9575bd6c4 Replace tab with 8 spaces, bringing it in line with the rest of the file. 2011-06-26 09:32:46 +00:00
hselasky
eec6fa4888 - Move bus_auto.conf back into /etc/devd/
- Rename bus_auto.conf into usb.conf

Requested by:	imp @
MFC after:	14 days
2011-06-25 17:01:46 +00:00
hselasky
19e89d19b5 - Move auto-load devd config file into etc/defaults folder.
- Regenerate file after bugfix in the generator.

Suggested by:	Jeremy Messenger
MFC after:	14 days
2011-06-25 15:42:33 +00:00
hselasky
97be6feacb - Export more USB device ID's.
- Update bus_auto.conf accordingly.

MFC after:	3 days
2011-06-24 22:01:56 +00:00
hselasky
e68086fe49 - Add auto-load devd config file for USB kernel modules.
MFC after:	14 days
2011-06-24 21:32:03 +00:00
pluknet
71e30a51e8 Add support for string values with white spaces for ifconfig(8)
parameters accepting them (such as description, group).

Changes discussed on freebsd-rc.

PR:		conf/156675
Reported by:	"Alexander V. Chernikov" <melifaro att ipfw ru>
Suggested by:	hrs
Analyzed with:	Alexander V. Chernikov via IRC
MFC after:	2 weeks
2011-06-24 14:56:38 +00:00
adrian
3ccba4a3af Fix another broken HT40 channel band reference. 2011-06-24 14:31:30 +00:00
adrian
d8f01da7c6 More incorrect HT/40 setups in FCC.
Noticed-by:	bschmidt@
2011-06-24 12:50:18 +00:00
adrian
3ad0a92f4d Fix an incorrect frequency band for HT/40 in the FCC SKU.
Noticed by: bschmidt@
2011-06-24 12:31:36 +00:00
adrian
2fc0709750 Import one of the two missing US FCC DFS bands to FCC3.
The FCC opened up this band sometime in 2009 (and ath was updated);
but regdomain.xml wasn't updated.
2011-06-24 12:30:43 +00:00
dougb
927e352870 I knew there was something funny about this line 2011-06-22 06:27:32 +00:00
dougb
93e25d2104 Blah, forgot to svn add the actual script from r223310 2011-06-19 22:59:54 +00:00
dougb
1175683ecd Add the netwait rc.d script. It waits for the specified period for the
network to become active.

PR:		conf/151063
Submitted by:	Jeremy Chadwick <freebsd@jdc.parodius.com>
2011-06-19 22:48:40 +00:00
jilles
7747419ea7 rc.subr: Make sure all functions are under if [ -z "${_rc_subr_loaded}" ]. 2011-06-19 15:23:32 +00:00
jilles
9440cb3b03 rc.subr: Eliminate a fork from check_kern_features, like r223227.
MFC after:	2 weeks
2011-06-19 11:42:48 +00:00
dougb
7622e8e87a Add rc.d/kld to load kernel modules after local disks are up.
This method is many times faster than doing it in /boot/loader.conf.
2011-06-18 19:41:05 +00:00
jilles
784b156550 rc.subr: Eliminate about 100 forks from the boot sequence.
With the current sh, placing eval in a command substitution always results
in a fork(), even if it is the only command and only executes a single
simple command. Therefore, avoid it where it can be avoided easily.

Side effect: values starting with a hyphen and all whitespace are preserved.
The values are defaults and names for rc.conf variables and messages to be
given about obsolete ones.

MFC after:	2 weeks
2011-06-18 11:05:30 +00:00
ed
e75cd7ae0e Add WITHOUT_UTMPX switch to the build system.
This knob removes the tools that are exclusively used to view and
maintain the databases maintained by utmpx, namely last, users, who,
wtmpcvt, ac, lastlogin and utxrm.

The tool w is not in this list, because it has some other functionality
which is unrelated to utmpx; it is hardlinked to the uptime tool.
2011-06-17 21:30:21 +00:00
ed
61d0bc9ccd Don't omit ac(8) as part of WITHOUT_ACCT.
The WITHOUT_ACCT switch is supposed to omit tools related to process
accounting, namely accton and sa. ac(8) is just a simple tool that
prints statistics based on data in the utx.log database. It has nothing
to do with the former.
2011-06-17 20:47:44 +00:00
jpaetzel
a2524e3ed6 Eliminate extraneous pipelines and tr calls.
Approved by:	kib (mentor)
MFC after:	3 days
2011-06-15 19:33:02 +00:00
gshapiro
a799f274a8 Minor change to force commit this file so new freebsd*.cf files are
built to use the new sendmail-8.14.5/cf tree.

MFC after:	4 days
2011-06-14 04:34:20 +00:00
gshapiro
4afb708ea7 Update DNSBL information (MAPS has been acquired, used a generic example) 2011-06-14 04:33:43 +00:00
jpaetzel
d33a1d3a06 Convert the allowed characters '-', '.', and ':' in a ZFS pool name to _
to avoid causing errors in the shell script.

Submitted by:	William Grzybowski <william88@gmail.com>
Approved by:	kib (mentor)
MFC after:	7 days
Sponsored by:	iXsystems
2011-06-13 19:45:01 +00:00
hrs
74e377314c - Remove $ipv6_gateway_enable check.
- Use list_net_interfaces() instead of "ifconfig -l".
2011-06-11 21:41:44 +00:00
hrs
3a786b5d67 Add a helper function to check kern.features.* sysctls.
Discussed with:	dougb
2011-06-11 21:40:37 +00:00
rmacklem
0468d6a40f Make three one line changes to the rc scripts so that
they work with the new NFS client being the default,
since the new NFS client's module name is nfscl and
not nfsclient.
2011-06-11 21:14:22 +00:00
hrs
de9cf29a6b Do not mark lo0 as IFDISABLED even if there is no $ifconfig_lo0_ipv6 line. 2011-06-06 11:36:10 +00:00
hrs
9c9abb4736 Remove "ifconfig IF inet6 -accept_rtadv" when ipv6_gateway_enable=YES because
this is no longer needed.
2011-06-06 03:37:33 +00:00
bz
3de43df666 No logner set an IPv4 loopback address by default in defaults/rc.conf.
If not specified, network.subr will add it automatically if we have
INET support (1).

In network.subr only call the address family up/down functions
if the respective AF is available.

Switch to new kern.features variables for inet and inet6 as the
inet sysctl tree is also available for IPv6-only kernels leading
to unexpected results.

Suggested by:	hrs (1)
Reviewed by:	hrs
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	20 days
2011-05-31 00:25:52 +00:00
hrs
9d91b0426f Remove redundant keywords.
Submitted by:	wxs
2011-05-17 07:40:13 +00:00
jilles
ea495298d6 network.subr: Use printf(1) builtin for hexprint function.
Now that printf(1) is a shell builtin, there is no need to emulate it
anymore. The external printf(1) is /usr/bin/printf and therefore may not be
available in early boot.

It may be faster to use printf directly but the function is useful for
compatibility.
2011-05-14 12:22:58 +00:00
rmacklem
901a3daa23 Change the new NFS server so that it uses vfs.nfsd naming
for its sysctls instead of vfs.newnfs. This separates the
names from the ones used by the client.
2011-05-08 01:01:27 +00:00
dougb
11dd08fd53 1. If PKG_DBDIR cannot be determined from make, set the default
2. Add the -H flag to tar in case /var/db/pkg itself is a symlink
3. Direct stderr to /dev/null to suppress the leading slash warning [1]

PR:		ports/156810 [1]
Submitted by:	Jeremy Chadwick <freebsd@jdc.parodius.com> [1]
2011-05-05 02:35:11 +00:00
netchild
fe5d0c873a The security run requests unmaskable output, even if the only output is to
tell that there is a separate email or that the output is logged to a file.

This commit changes the return code for the non-inline case to tell that
this message is not important enough and can be masked if necessary. The
messages from the security checks themself are not affected by this and
show up as before in the periodic security email/file.

The inline case still requests to not mask the output, as with the current
way of handling this there is no easy way to handle this.

PR:			138692
Analysis/patch atch by:	Chris Cowart <ccowart@timesinks.net>
X-MFC after:		on request
2011-05-04 12:48:02 +00:00
netchild
579e9f977b Use proper return codes (valuable output, invalid config, problems).
MFC after:	1 week
2011-05-04 12:37:10 +00:00
des
ee2afa8165 Upgrade to OpenSSH 5.8p2. 2011-05-04 07:34:44 +00:00
ru
71b905ad58 Updated `flags' field description. 2011-05-03 12:22:46 +00:00
dim
96038e6533 Upgrade our copy of llvm/clang to r130700, from upstream's trunk. 2011-05-02 21:04:37 +00:00
dougb
271fabc97a Rather than trusting that nothing is going to sneak in before the
early_late_divider in the second run (and thus be skipped altogether),
keep a list of the scripts run early, and use that list to skip things
in the second run.

This has the primary benefit of not skipping a local script that gets
ordered too early in the second run. It also gives an opportunity to
clean up/simplify the code a bit.

Use a space-separated list rather than the more traditional colon for
maximum insurance against creativity in local naming conventions.

Reviewed by:	brooks
2011-04-29 21:10:41 +00:00
rmacklem
c44593a0a4 Fix module names and dependencies so the NFS clients will
load correctly as modules after r221124.
2011-04-27 20:42:30 +00:00
rmacklem
617fb5f517 Update the /etc/rc.d scripts for mountd and nfsd so they
can use the "-o" option to force the old NFS server to run.
Running the old NFS server is enabled by setting
oldnfs_server_enable="YES". The scripts will only enable
providing service for NFSv4 if nfsv4_server_enable="YES"
is set.

Reviewed by:	dougb (rc)
2011-04-26 00:22:17 +00:00
dougb
10237e9c72 Create a function for the code from r192246 so that it can be used both
times mount is called.

Limit the automatic behavior to when AUTO is specified (as it is in
etc/defaults/rc.conf) and for everything else take advantage of all
of the goodness in checkyesno.
2011-04-25 06:03:22 +00:00
dougb
9f240be2b0 Add svn:executable property 2011-04-25 05:57:01 +00:00
dougb
867006828a As previously advertised, remove the error message for enable_quotas
prior to 9.0-RELEASE.

This change should not be MFC'ed.
2011-04-23 17:37:14 +00:00
dougb
e90e1b5c2c Improve the error handling for the new get_pidfile_from_conf() 2011-04-23 05:24:17 +00:00
dougb
d05cc95927 Introduce to rc.subr get_pidfile_from_conf(). It does just what it sounds
like, determines the path to a pid file as it is specified in a conf file.

Use the new feature for rc.d/named and rc.d/devd, the 2 services in the
base that list their pid files in their conf files.

Remove the now-obsolete named_pidfile, and warn users if they have it set.
2011-04-23 04:26:31 +00:00
dougb
91c215d2a6 The change in r206686 to allow the stop argument to work for a service
that is running even though not _enable'd had an annoying side effect.
If the service was already started at boot time by another means when
the related script came around again in rcorder it would start again,
regardless of _enable, because there was a valid pid. [1]

So, split the test into 2 parts, one for (!rcvar && !stop), and one
for (stop && !valid_pid). This preserves the behavior from r206686
while preventing the undesired side effect.

PR:		conf/156427 [1]
Submitted by:	Eugene Grosbein <eugen@grosbein.pp.ru> [1]
2011-04-17 22:31:36 +00:00
dim
d9e6052d4e Remove libobjc and other Objective-C related components, as these are
extremely outdated, and not used by anything in the base system.

Silence from:	current@
2011-04-17 21:03:23 +00:00
obrien
cddd210098 * Add the readline(3) API to libedit. The libedit versions of
{readline,history}.h are in /usr/include/edit so as to not conflict with
  the GNU libreadline versions.  To use the libedit readline(3) one should
  add "-I/usr/include/edit" to their Makefile
  (spelled "-I${DESTDIR}/${INCLUDEDIR}/edit" within the FreeBSD source tree).

* Enable its use in the BSD licensed utilities that support readline(3).

* To make it easier to sync libedit development with NetBSD, histedit.h
  is moved into libedit's directory as history shows shown we keep merging
  it into that location.

Obtained from:	NetBSD
Sponsored by:	Juniper Networks
2011-04-05 18:41:01 +00:00
trasz
59279484e8 Add example devd.conf entry. 2011-03-30 18:35:02 +00:00
trasz
d881081128 Add startup script, to load rules from /etc/rctl.conf.
Sponsored by:	The FreeBSD Foundation
Reviewed by:	kib (ealier version)
2011-03-30 18:32:45 +00:00
ed
56f0a07954 Remove the reference to pseudo-terminals from the description.
Pseudo-terminals are no longer listed in this file, since the utmpx
implementation doesn't depend on ttyslot().
2011-03-30 08:22:29 +00:00
emaste
47909b5bff Replace ${SYSCTL_W} with ${SYSCTL} in rc.d scripts, as they are identical.
This is a further clean up after r202988.

SYSCTL_W is still initialized in rc.subr as some ports may still use it.
2011-03-30 01:19:00 +00:00
dougb
5690821f7a Hook the 220.backup-pkgdb script I added to the build unconditionally
Hook up 610.ipf6denied based on MK_IPFILTER as 510.ipfdenied is now

Poked by:	Andrzej Tobola <ato@iem.pw.edu.pl>
2011-03-27 03:06:58 +00:00
dougb
2f5c17bf80 Add svn:executable property on remaining period scripts without it 2011-03-27 03:03:29 +00:00
dougb
4eab0bcd9d Add a daily period script to back up /var/db/pkg
The final product contains work from the originator, and
Florent Thoumie <florent.thoumie@gmail.com>. The final
product contains considerable re-working by me, so all
responsibility for bugs rests under my pointy hat.

PR:		ports/145957
Submitted by:	Eitan Adler <EitanAdlerList@gmail.com>
2011-03-26 03:01:48 +00:00
dougb
42c73e8a62 Add the svn:executable property to the scripts that are missing it 2011-03-26 01:24:55 +00:00
mav
8dab5b0501 MFgraid/head:
Add new RAID GEOM class, that is going to replace ataraid(4) in supporting
various BIOS-based software RAIDs. Unlike ataraid(4) this implementation
does not depend on legacy ata(4) subsystem and can be used with any disk
drivers, including new CAM-based ones (ahci(4), siis(4), mvs(4), ata(4)
with `options ATA_CAM`). To make code more readable and extensible, this
implementation follows modular design, including core part and two sets
of modules, implementing support for different metadata formats and RAID
levels.

Support for such popular metadata formats is now implemented:
Intel, JMicron, NVIDIA, Promise (also used by AMD/ATI) and SiliconImage.

Such RAID levels are now supported:
RAID0, RAID1, RAID1E, RAID10, SINGLE, CONCAT.

For any all of these RAID levels and metadata formats this class supports
full cycle of volume operations: reading, writing, creation, deletion,
disk removal and insertion, rebuilding, dirty shutdown detection
and resynchronization, bad sector recovery, faulty disks tracking,
hot-spare disks. For Intel and Promise formats there is support multiple
volumes per disk set.

Look graid(8) manual page for additional details.

Co-authored by:	imp
Sponsored by:	Cisco Systems, Inc. and iXsystems, Inc.
2011-03-24 21:31:32 +00:00
jeff
5115240a6c - Merge in OFED 1.5.3 from projects/ofed/head 2011-03-21 09:58:24 +00:00
ume
5c37492f6b Add resolvconf(8) which manages resolv.conf. 2011-03-18 12:18:52 +00:00
des
4ba6015e46 Forgot to commit this change along with r219563: pam_group(8) now issues
a warning if neither luser nor ruser is specified.  The correct option
for su(1) is ruser.

MFC after:	1 month
2011-03-15 10:13:35 +00:00
nwhitehorn
45a4292831 Thanks to sysinstall for its 15 years of service. And now to sleep,
perchance to dream...
2011-03-14 13:47:17 +00:00
dougb
66c4acf134 Revert r219578 2011-03-13 16:27:36 +00:00
dougb
3265382de0 Remove the svn:executable property on Makefile
Add it on hastd
2011-03-13 08:22:46 +00:00
dougb
1a54928233 Use the allexport option in load_rc_config() in order to avoid having
to repeatedly read the conf files. Depending on what is enabled the
files are being read anywhere from 15, 30, or more times currently.
By loading the values in the environment this is reduced to 1, with
perhaps a couple more, again depending on what is enabled.

The speed-up for boot and shutdown is negligible when rc.conf is
on local disk, noticable when accessing files over NFS, and dramatic
when pulling rc.conf values from a database.

This change also includes a minor optimization to the conditional
for $_rc_conf_loaded.
2011-03-12 21:13:08 +00:00
pjd
ea88e61483 Commit two more files missed in r219089.
MFC after:	1 month
2011-02-27 19:44:10 +00:00
pjd
ffc2c5868b Recognize 'reload' command, as hastd can be reloaded with the SIGHUP signal.
MFC after:	1 week
2011-02-27 11:40:20 +00:00
gabor
c91ab1769b Add the BSD-licensed Citrus iconv to the base system with default off
setting. It can be built by setting the WITH_ICONV knob. While this
knob is unset, the library part, the binaries, the header file and
the metadata files will not be built or installed so it makes no impact
on the system if left turned off.

This work is based on the iconv implementation in NetBSD but a great
number of improvements and feature additions have been included:

- Some utilities have been added. There is a conversion table generator,
  which can compare conversion tables to reference data generated by
  GNU libiconv. This helps ensuring conversion compatibility.
- UTF-16 surrogate support and some endianness issues have been fixed.
- The rather chaotic Makefiles to build metadata have been refactored
  and cleaned up, now it is easy to read and it is also easier to add
  support for new encodings.
- A bunch of new encodings and encoding aliases have been added.
- Support for 1->2, 1->3 and 1->4 mappings, which is needed for
  transliterating with flying accents as GNU does, like "u.
- Lots of warnings have been fixed, the major part of the code is
  now WARNS=6 clean.
- New section 1 and section 5 manual pages have been added.
- Some GNU-specific calls have been implemented:
  iconvlist(), iconvctl(), iconv_canonicalize(), iconv_open_into()
- Support for GNU's //IGNORE suffix has been added.
- The "-" argument for stdin is now recognized in iconv(1) as per POSIX.
- The Big5 conversion module has been fixed.
- The iconv.h header files is supposed to be compatible with the
  GNU version, i.e. sources should build with base iconv.h and
  GNU libiconv. It also includes a macro magic to deal with the
  char ** and const char ** incompatibility.
- GNU compatibility: "" or "char" means the current local
  encoding in use
- Various cleanups and style(9) fixes.

Approved by:	delphij (mentor)
Obtained from:	The NetBSD Project
Sponsored by:	Google Summer of Code 2009
2011-02-25 00:04:39 +00:00
brooks
5aabdb149c Enable the check for negative permissions (the group on a file can't do
something "everyone" can) by default.

X-MFC after:	never
2011-02-24 23:51:59 +00:00
dougb
3cf4cb4f56 The new accounting file needs to be 644 so that unprivileged users
can use lastcomm(1)
2011-02-24 06:28:48 +00:00
dougb
7cea22540c Update how accounting log files are rotated.
The old version had a race between the time that the old file was
cp'ed to acct.0 and the time that 'sa -s' was run that prevented
the commands that occurred in the meantime from being backed up.

It's also arguable that the old version was inefficient in using
cp which can be a problem on a space-constrained system.

This version avoids both problems, albeit it's considerably more
complicated. The advantage of putting the log rotation in the rc.d
script is that it can handle the _enable and _file questions without
having to do gymnastics to discover either value in the periodic script.

As a side effect of reviewing the rc.d script I cleaned it up a bit.
2011-02-22 21:13:40 +00:00
uqs
433f0177d0 Flesh out WITHOUT_GROFF support to DTRT.
A full featured groff is required during buildworld, so build it always
and don't rely on it being present on the host system.

vgrind(1) is tightly coupled to a roff processor and will not be
built/installed when groff is disabled. Also much of the roff'ed
documentation under share/doc will not be built/installed when
WITHOUT_GROFF is defined.

Reviewed by:	ru (partial)
2011-02-22 08:13:49 +00:00
lstewart
fe0aa13fc9 Actually install the example Khelp module committed in r218545.
Sponsored by:	FreeBSD Foundation
MFC after:	4 weeks
X-MFC with:	r218545
2011-02-21 13:22:29 +00:00
dim
a0b20b5d1f Upgrade our copy of llvm/clang to r126079, from upstream's trunk.
This contains many improvements, primarily better C++ support, an
integrated assembler for x86 and support for -pg.
2011-02-20 19:33:47 +00:00
dougb
d2d0dfcef9 Add a note about AXFR of important zones being available from ICANN 2011-02-20 00:59:39 +00:00
nwhitehorn
b35b3cdb71 Import bsdinstall. This is meant to be (eventually in conjunction with
pc-sysinstall) a replacement for sysinstall in the 9.0 release and beyond.
Currently supported platforms are sparc64, pc98, i386, amd64, powerpc, and
powerpc64. Integration into the build system will occur in the coming
weeks.

Merging with pc-sysinstall will use this code as a frontend, while
temporarily retaining the interactive partition editor here. This work
will be done in parallel with improvements on this code and release
integration.

Thanks to all who have provided testing and comments!
2011-02-18 14:54:34 +00:00
kib
7cc094bd03 Install iodev.h.
Reviewed by:	attilio
MFC after:	1 week
2011-02-17 15:10:13 +00:00
dougb
ea2186a5eb Remove in-addr.arpa from the list of zones it is possible to slave locally 2011-02-16 21:23:09 +00:00
uqs
a0871da595 Fix termcap entry typo.
MFC after:	2 weeks
2011-02-09 10:06:31 +00:00
dougb
98de57b57d Catch up with reality and references from the latest RFCs
(especially 5735) for our default empty zones.
2011-02-05 21:43:37 +00:00
dougb
7bf6fae084 Let rpcbind clean up after itself 2011-01-31 21:03:08 +00:00
maxim
e53fb1d8bb o Add user 'hast'. 2011-01-31 07:47:28 +00:00
pjd
b285997797 Change hast user home directory to /var/empty.
MFC after:	1 week
2011-01-28 22:29:38 +00:00
pjd
ac947f4d40 Add 'hast' user and 'hast' group that will be used by hastd (and maybe hastctl)
to drop privileges.

MFC after:	1 week
2011-01-28 22:28:12 +00:00
jpaetzel
72db8e5686 Fix logic error introduced in previous commit.
Along the way make some efficiency improvements.

Submitted by:	jilles
Approved by:	kib (mentor)
MFC after:	3 days
2011-01-25 13:41:48 +00:00
jpaetzel
8a8469590d This script parses output of userland tools. In the case of a faulted
zpool the output causes the script to bail out with syntax errors.
Since a scrub of a faulted zpool is pointless, just skip over any pools
marked as such.

PR:	conf/150228
Submitted by:	jpaetzel
Approved by:	kib (mentor)
MFC after:	3 days
MFC note:	only for RELENG_8
2011-01-23 17:13:29 +00:00
uqs
0859b786e8 Fix a small typo nit 2011-01-19 20:16:47 +00:00
nwhitehorn
77231fa288 Remove /usr/share/examples/[lib]dialog, missed in the new dialog import.
Submitted by:	dim
2011-01-13 18:52:13 +00:00
jh
13fb4c7594 Replace nfs4 with newnfs in netfs_types. nfs4 was removed in r192578 and
mount(8) has supported newnfs since r192930.

PR:		conf/153655
Submitted by:	Anonymous <swell.k@gmail.com>
MFC after:	3 weeks
2011-01-09 09:21:11 +00:00
jh
89c67ba43c Warn if rules could not be read from a ruleset file. Now at least
something gets logged if the file has syntax errors.

PR:		conf/91342
Silence on:	freebsd-rc
2011-01-07 10:59:22 +00:00
imp
65e0897b21 Don't require /usr/lib/aout to be on the system. Test for its
existance since we don't generally need it.

MFC after:	1 week
2011-01-06 21:09:22 +00:00
jpaetzel
2d6d98c729 Fix typo in default config file.
Approved by:	Warner Losh <imp@FreeBSD.org>
MFC after:	3 days
2011-01-04 23:00:54 +00:00
cperciva
28ac9ef742 Remove INDEX-6 from the default portsnap configuration file; the 6.x index
bits haven't been built since December 1st, although the mirrors are still
distributing the bits as they were at the EoL.

Reminded by:	Alex Kozlov
2010-12-30 01:13:42 +00:00
dougb
eefe5120b6 Add pidfile [1]
While I'm here, don't run the sysctl frob unconditionally, and
s/sysctl/$SYSCTL/

PR:		conf/153460 [1]
Submitted by:	Grigory Rechistov <ggg_mail@inbox.ru>
2010-12-27 22:52:47 +00:00