Commit Graph

3273 Commits

Author SHA1 Message Date
Crist J. Clark
6abb238df8 Run dumpon(8) early so crashes during startup can be caught. In
addition, take out the checks on the $dumpdev. dumpon(8) behaves well
if given a non-existent filename. It gives a nice error message which
is better rather than the current silent failure.

Reviewed by:	des
2002-03-12 20:59:35 +00:00
Crist J. Clark
7a82d7421f The reload of ipf(8) rules should depend on $ipfilter_enable, not
$ipfilter_active. $ipfilter_enable is set to "NO" if modules fail to
load, and $ipfilter_active can be "YES" when we are not using ipf(8).

MFC after:	3 days
2002-03-12 20:25:25 +00:00
David E. O'Brien
3cbb824a64 Background the startup of `Amd', it often blocks on startup. 2002-03-12 01:04:35 +00:00
David E. O'Brien
ec6a10cd53 Why shouldn't amd always write its PID to a file?
Since I cannot answer that question, make it.
2002-03-12 01:01:53 +00:00
Robert Watson
cd9281b380 Update login failure checking to check auth.log instead of messages,
and teach it to look for more general classes of failures, including
SSH login failures.  This is similar but not identical to a patch
submitted by aeonflux@synapse.subneural.net.
2002-03-11 19:39:08 +00:00
Robert Watson
30d6457c9e Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by:	asmodai, aeonflux, green, ....
2002-03-11 19:34:57 +00:00
Robert Watson
0ec9497e58 Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
2002-03-11 19:26:29 +00:00
Crist J. Clark
1e1d598496 Don't protect savecore(8) from being run with a bad dumpdir
argument. Don't fail silently, but let savecore(8) make noise. It
won't behave badly, it doesn't need protection.

At the same time, allow the administrator to have dumpdev enabled
while dumpdir (savecore(8)) is disabled and document how to do it.

PR:		conf/35725
2002-03-11 08:47:02 +00:00
Crist J. Clark
a710c16edf Remove a mention of the worm(4) device that was missed when it was
removed from MAKEDEV in 1.171.

PR:		misc/35729
MFC after:	1 day
2002-03-10 22:34:56 +00:00
Robert Watson
179e0241ea /var/log/security gets almost no (if not no) activity on many FreeBSD
systems due to sshd not using the security log class.  Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.

Submitted by:	aeonflux@synapse.subneural.net
MFC after:	4 weeks
2002-03-10 15:20:36 +00:00
Dima Dorfman
2f1791f580 In the words of the submitter:
Kerberized CVS (kserver) listens on the same port as normal CVS
        (pserver).  In /etc/inetd.conf cvs kserver is disabled by default,
        but set to listen to the service port 'cvs' which doesn't exist.  It
        should listen to 'cvspserver'.

PR:		34317
Submitted by:	Sean Chittenden <sean@chittenden.org>
2002-03-09 04:55:35 +00:00
Nick Hibma
2d827ed272 Add an entry for coldsync, to facilitate synchronising a Handspring Visor
with FreeBSD.
2002-03-08 14:46:13 +00:00
David E. O'Brien
fc994f232c fix backwards spelling 2002-03-07 07:17:15 +00:00
Crist J. Clark
90bbf5454c Environmental variable was not being passed to a subshell as intended.
PR:		bin/35558
Submitted by:	Nicolas Rachinsky <list@rachinsky.de>
2002-03-05 19:13:05 +00:00
Warner Losh
78a30c40c2 Buffalo LPC3-CLT
Submitted by: TANAKA Tomohiko <tomo@oso.to>
PR: 34954
2002-03-05 05:51:30 +00:00
Warner Losh
8ad7b5c2c1 Fix Simple Tech STI-ATA
Submitted by: dwhite@paypal.com
PR: 34243
2002-03-05 05:48:32 +00:00
Warner Losh
cc076b2a5c US Robotics Wireless Card 2410
Submitted by: Jerry A! <jerry@thehutt.org>
PR: 33858
2002-03-05 05:44:28 +00:00
Dima Dorfman
1998c28f48 Redirect stdout of `ipf -y' to /dev/null. This removes a stray
"filter sync'd" in the middle of the boot output if IPFilter is
enabled, but does not hide any potential errors, which go to stderr.
2002-03-04 10:30:24 +00:00
Robert Watson
2d141f428e Fix typo. '|' looks a lot like 'l' in my xterm font. 2002-03-01 15:42:27 +00:00
Robert Watson
c34ccd0dea When having an expanded name for a class, use '|' instead if ':' to
seperate the short name and the long name.  This was present for most
but not all entries.  Because the parsing doesn't reject unrecognized
entries, this didn't cause failures, but it wasn't strictly correct.

Submitted by:	Martin Faxer <gmh003532@brfmasthugget.se>
MFC after:	2 weeks
2002-03-01 15:30:24 +00:00
Ruslan Ermilov
32564f75c8 Fixed a few typos. 2002-02-27 14:43:55 +00:00
Crist J. Clark
45c2f0c12b After getting IANA to fix a typo in their port assignments, add
some new IANA-blessed services and close some PRs. Ports for
Jabber and PostgreSQL.

PR:		conf/35219, conf/35220
Submitted by:	Sean Chittenden <sean@chittenden.org>
MFC after:	1 day
2002-02-26 02:36:49 +00:00
Gregory Neil Shapiro
d7bbec76f2 Make sure we don't remove /etc/mail/sendmail.cf on make clean since this
will break a running system during a buildworld.

Noticed by:	Alexandr Listopad <laa@laa.zp.ua>
MFC after:	1 week
2002-02-24 02:38:23 +00:00
Mitsuru IWASAKI
eac1840126 Use the regular expression form to solve the ambiguous card parameters
which have tailing spaces.
Some card entries had problem because of incorrect number of spaces.

Approved by:	imp
MFC after:	1 week
2002-02-23 16:38:45 +00:00
Crist J. Clark
b36cde4c79 Long overdue whitespace cleanup. To give yourself an idea of how
ugly it was,

  $ awk '/[[:space:]]$/ { sub(/$/,"\$"); print; }' /etc/services

On the previous revision. And that's only the trailing whitespace.
2002-02-23 11:59:42 +00:00
David E. O'Brien
04e7d65aeb The usage of 'newaliases' needs to be after we know for sure that /usr
is mounted.

Submitted by:	rizzo
2002-02-23 01:49:20 +00:00
David E. O'Brien
5158a0f59f The existing bazaar and site-specific policy in rc.diskless1 is Just Wrong;
and looks like no other Unix diskless configuration I've ever seen.
Thus allow a more traditional /etc.

Note, the use of an MFS /var should also be settable.
Otherwise installing ports(packages) is just a total PITA.
2002-02-22 19:05:22 +00:00
Crist J. Clark
5439c489f8 Bring rc.firewall{,6} more in line with the word and spirit of
rc.conf(5) and the files' inline documentation.

  - Add the "closed"-type, documented in both places, but which did not
    exist in the code.

  - When provided a ruleset, the system should not make any assumptions
    about the sites's policy and should add no rules of its own.

  - Make the "UNKNOWN" (documented in-line) actual work as advertised,
    load no rules.

Prodded by:	Igor M Podlesny <poige@morning.ru>
MFC after:	1 week
2002-02-21 13:14:19 +00:00
Hajimu UMEMOTO
2643a003d1 Delete a needless rule for DAD. An unspecified address is never used
as a destination address of IPv6 packets.

Submitted by:	cjc
MFC after:	1 week
2002-02-20 18:05:44 +00:00
Crist J. Clark
29c0f078e2 There is no reason to demand the administrator set 'natd_interface'
when running natd(8) out of the rc-files. It is perfectly valid for
the interface or alias address to be set in a natd(8) configuration
file, not on the command line. Also, loosen up the restrictions on
identifying an IP address argument in 'natd_interface.'

Fix the documentation, rc.conf(5), to reflect this change.

Take the bogus default for 'natd_interface' out of /etc/defaults/rc.conf.

MFC after:	3 days
2002-02-20 10:31:01 +00:00
Gregory Neil Shapiro
8448f2e2cf Turn FEATURE(relay_based_on_MX) off by default. It should not be used unless
absolutely necessary

Requested by:	peter
PR:		conf/33855
MFC after:	1 week
2002-02-17 23:38:16 +00:00
Gregory Neil Shapiro
feb15b97ab Add infrastructure for sendmail 8.12. If users are not starting a daemon
at boot (sendmail_enable=NO), a localhost-only daemon may started
(sendmail_submit_enable) as it is needed to accept mail from command line
submissions.  If this isn't desired, see etc/mail/README for more hints.

Optionally (sendmail_msp_queue_enable) start a queue runner for the
submission queue in case a daemon isn't available to accept command line
submitted mail at submission time.

Note that the syslog labels for all of these sendmail processes have been
uniquified for easier log parsing.
2002-02-17 22:19:14 +00:00
Gregory Neil Shapiro
5cd5c25e71 Add information about how the new sendmail set-group-ID mail submission
works and ways to work around common problems people might have.
Include information on reverting to a set-user-ID root sendmail binary in
case anyone really needs to do this.
2002-02-17 22:14:29 +00:00
Gregory Neil Shapiro
a8247f3a53 Don't build a submit.cf file if SENDMAIL_SET_USER_ID is set 2002-02-17 22:12:57 +00:00
Gregory Neil Shapiro
ab3e277c5c Add /var/spool/clientmqueue for 8.12's non-set-user-ID root mail submission 2002-02-17 22:11:41 +00:00
Gregory Neil Shapiro
9a63f27e11 Add new include/libmilter directory for libmilter (sendmail mail filter API)
include files
2002-02-17 22:10:56 +00:00
Gregory Neil Shapiro
910976f7b0 Add new build knob, SENDMAIL_SET_USER_ID, which installs sendmail as a
set-user-ID root binary instead of the new method (set-group-ID smmsp).
Therefore, we shouldn't install /etc/mail/submit.cf if it is set.
2002-02-17 22:09:15 +00:00
Gregory Neil Shapiro
742253f5fd Update for sendmail 8.12 which has a new OSTYPE(freebsd5)
Fix access_db usage for 8.12
2002-02-17 22:08:18 +00:00
Warner Losh
b3290f8139 Add Proxim RangeLAN-DS.
Submitted by: Matt Peterson <matt@peterson.org>
PR:	35057

Also update my note for the 3crwe737A after talking to Alan Clegg at BSDcon.
2002-02-17 20:05:39 +00:00
Crist J. Clark
412c2bb7c1 Remove check for sendmail.conf before even trying to start sendmail.
Checking for the existence of sendmail.cf is rather silly when someone
is using the mailwrapper(8) to run a mail daemon that is not actually
sendmail(8). It is also probably better to let sendmail(8) actually
try to start and error out if the administrator has
'sendmail_enable="YES"' but no sendmail.conf. At present, it would
fail silently.

Reviewed by:	gshapiro
MFC after:	2 days
2002-02-17 02:01:15 +00:00
Brian Somers
55ade43025 Set rc=1 rather than 0 so that setting daily_show_success=YES masks
the output of all goes well.

PR:		34825
Submitted by:	Valentin Nechayev <netch@netch.kiev.ua>
MFC after:	3 weeks
2002-02-13 19:10:07 +00:00
Maxim Konovalov
d60b85c4d7 Fix a typo in swat example.
Spotted by:	Sergey Osokin <osa@freebsd.org.ru>
Reviewed by:	ru
Approved by:	ru
MFC after:	1 week
2002-02-13 08:21:45 +00:00
Mark Peek
90e0035cca Install complete.tcsh and csh-mode.el into ${SHAREDIR}/examples/tcsh.
PR:		misc/34800 (from Steven Grady)
Submitted by:	phantom (patch)
MFC after:	3 days
2002-02-12 04:50:12 +00:00
Dima Dorfman
35fe8af95c crdup(9) is not a protocol.
PR:		34624
Submitted by:	John Nielsen <nielsenj@cs.byu.edu>,
		Hiten Pandya <hiten@uk.FreeBSD.org>
2002-02-10 08:19:58 +00:00
John Baldwin
bffd6ef83d Fix MAKEDEV for RocketPort (rp(4)) cuaR* and ttyR* to work with the
updated driver.  The newer driver in current outputs a version string
that contains a space, so we need to eat two words in between RocketPortX
and the number of ports on the board.
2002-02-09 21:16:54 +00:00
Dag-Erling Smørgrav
1f3030b053 Add missing "nullok" option to pam_unix. 2002-02-08 23:27:22 +00:00
Crist J. Clark
36a48df48e peter points out that we probably should not mess with the sysctl(8)
values at all if they are not purposefully set. What if the
administrator messed with them in /etc/sysctl.conf? We don't want to
overwrite them.

If 'log_in_vain' is zero, do not force the issue. If it is non-zero,
set it.
2002-02-08 13:25:33 +00:00
Mark Murray
adb79039fd Enable TCP_WRAPPERs for the NIS server. The protection afforded is
not massive, but usable.
2002-02-06 20:39:36 +00:00
Hajimu UMEMOTO
9785aaf1b3 Install PROTO.localhost-v6.rev. Umm, it seems namedb/Makefile
is not used.
2002-02-06 04:57:25 +00:00
Hajimu UMEMOTO
232b0e36b5 Install PROTO.localhost-v6.rev.
Reported by:	Scott Allendorf <scott-allendorf@uiowa.edu>
Forgot by:	me (ume)
2002-02-06 04:46:07 +00:00
Sheldon Hearn
4155ccefee Add the MTA users 'mailnull' and 'smmp'.
PR:		conf/34535
Submitted by:	Ceri <setantae@submonkey.net>
MFC after:	1 week
2002-02-04 15:12:06 +00:00
Yoshihiro Takahashi
f25125064b Use MACHINE_ARCH instead of MACHINE to check i386 arch.
MFC after:	3 days
2002-02-04 12:50:52 +00:00
Dag-Erling Smørgrav
34cab37003 Add pam_self(8) so users can login(1) as themselves without authentication,
pam_login_access(8) and pam_securetty(8) to enforce various checks
previously done by login(1) but now handled by PAM, and pam_lastlog(8) to
record login sessions in utmp / wtmp / lastlog.

Sponsored by:	DARPA, NAI Labs
2002-01-30 19:13:23 +00:00
Dag-Erling Smørgrav
86f01a8b27 Use pam_self(8) to allow users to su(1) to themselves without authentication.
Sponsored by:	DARPA, NAI Labs
2002-01-30 19:04:39 +00:00
Bruce Evans
f52150f696 Added this makefile. This is not attached to the build yet. I often
install parts of /etc manually and it helps to have a makefile for
each subdir even if the main makefile doesn't invoke it.
2002-01-30 09:27:03 +00:00
MIHIRA Sanpei Yoshiro
8aa32802b9 By commit of usr.sbin/pccard/pccardd/cardd.c at Nov 29 (Dec
10 in -STABLE), pccardd's string comparison between
pccard.conf's entry and PC card's CIS tupple became strict
matching.

As influences of this commit, some PC cards don't work since
some /etc/default/pccard.conf's card identifiers entries are
incorrectly described.

  - Lexar Media compact flash
  - IO DATA CBIDE2 in 16 bit mode
  - TOSHIBA Portable 24X Speed CD-ROM Drive PA2673UJ
  - Hewlett Packard M820e (CD-writer)

Update these card configs.

PR:		33815
Obtained from:	[bsd-nomads:16128]
2002-01-29 21:17:05 +00:00
Ruslan Ermilov
ec5e499155 Tidy up gecos field for `bin'. 2002-01-29 14:00:03 +00:00
Sheldon Hearn
1887ffe3ca Uncomment kserver-adm, which is IANA-sanctioned and has no apparent
conflicts.

PR:		conf/34316
Submitted by:	Sean Chittenden <sean@chittenden.org>
MFC after:	2 weeks
2002-01-29 12:28:51 +00:00
Warner Losh
9fecc8d840 Add Linksys Instant Wireless WPC11 v2.5
Submitted by: eliedtke@apogeetelecom.com
2002-01-29 05:15:56 +00:00
Crist J. Clark
7fc6e2f775 Put a complete set of pppd(8) sample configuration files in
/usr/share/examples/pppd.

Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.

Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.
2002-01-29 01:10:47 +00:00
Crist J. Clark
76f10508d4 Put a complete set of pppd(8) sample configuration files in
/usr/share/examples/pppd.

Update pppd(8) documentation to reflect this, usr.sbin/pppd/pppd.8.

Remove the out-of-place pppd(8) configuration files in etc/ppp,
ppp.shells.sample and ppp.deny.

Make the appropriate changes to the build process, etc/Makefile and
etc/mtree/BSD.usr.mtree, so it all works.

The files from etc/ppp, ppp.shells.sample and ppp.deny, were moved
with a repo copy. Note it in the logs with a forced commit to these
two.

Submitted by:	Maxim Konovalov <maxim@macomnet.ru> provided the new samples.
2002-01-29 00:23:35 +00:00
Sheldon Hearn
3e38757beb Register amd's dependency on NFS.
This change was submitted to the freebsd-audit mailing list for review
but received no feedback.  Hindsight-enabled reviews are welcome.

PR:		conf/31358
Submitted:	Thomas Quinot <thomas@cuivre.fr.eu.org>
2002-01-28 11:05:01 +00:00
Warner Losh
a5959e20bf Add ADLINK340C wireless card mentioned in nomads.
# This card has the same PCMCIA and OEM id as ELSA XI300 wireless card, which
# appears to be listed elsewhere in this file.

Submitted by: Abe Toshiaki-san <ans@sun-tec.co.jp>
MFC After: 5 days
2002-01-28 04:46:20 +00:00
Crist J. Clark
f44609fe71 Make the rc.conf(5) 'log_in_vain' knob an integer.
Try this out in -CURRENT, MFC, and then consider dropping the
'log_in_vain' knob all together. It really is something for
sysctl.conf(5).

PR:		bin/32953
Reviewed by:	-bugs discussion
MFC after:	1 week
2002-01-26 09:05:13 +00:00
Dag-Erling Smørgrav
c84317d7ad Add local/share/java/classes, local/share/sgml, local/share/xml
Approved by:	ru, silence on -ports
MFC after:	1 week
2002-01-23 13:02:16 +00:00
Hajimu UMEMOTO
fc50a44458 Do not taint ::/124 for localhost reverse table. 2002-01-22 17:22:41 +00:00
Ruslan Ermilov
322628519e Reincarnate SETUID code in man(1), not compiled in by default.
The code will be fixed for all known security vulnerabilities,
and a make.conf(5) knob (ENABLE_SUID_MAN) will be provided for
those who still want it installed setuid for whatever reasons.
2002-01-22 15:15:38 +00:00
Dag-Erling Smørgrav
ae739ec469 Enable OPIE by default, using the no_fake_prompts option to hide it from
users who don't wish to use it.  If the admin is worried about leaking
information about which users exist and which have OPIE enabled, the
no_fake_prompts option can simply be removed.

Also insert the appropriate pam_opieaccess lines after pam_opie to break
the chain in case the user is logging in from an untrusted host, or has a
.opiealways file.  The entire opieaccess / opiealways concept is slightly
unpammish, but admins familiar with OPIE will expect it to work.

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:51:24 +00:00
Dag-Erling Smørgrav
819a142080 Really back out ache's commits. These files are now precisely as they were
twentyfour hours ago, except for RCS ids.
2002-01-19 18:29:50 +00:00
Andrey A. Chernov
0b836dfaf1 Back out recent changes 2002-01-19 18:03:11 +00:00
Andrey A. Chernov
3bfbfd1770 Turn on pam_opie by default. It should not affect non-OPIE users. 2002-01-19 10:31:32 +00:00
Andrey A. Chernov
a0fc79c334 Turn on pam_opie by default. It not affect non-OPIE users 2002-01-19 09:06:45 +00:00
Andrey A. Chernov
e04359cdac Previous commit was incomplete, use
"[default=ignore success=done cred_err=die]"
options instead of "required"
2002-01-19 08:39:35 +00:00
Warner Losh
b5bbbc47b7 Add flags 0x10000 to IO Data WN-B11/PCM's entry. Evidentally, they
changed firmware and the new cards don't work without this.

Submitted by: ume
MFC after: 3 days
2002-01-19 08:11:39 +00:00
Andrey A. Chernov
2bda025221 Remove explaining comment and pam_unix commented out, now pam_unix can be
chained with pam_opie
2002-01-19 07:32:47 +00:00
Andrey A. Chernov
a3643aa542 Change comment since fallback provided now not by ftpd but by pam_opie 2002-01-19 03:35:39 +00:00
Warner Losh
69e4f572e4 Add:
Accton airDirect WN3301
	Melco WLI-CF-S11G
	GeoWave GW-NS11S

Submitted by: Shigeru Ishida-san on bsd-nomads (16142,16143,16144)
2002-01-18 03:49:03 +00:00
Joerg Wunsch
3d7abf4c86 Re-add a call to "camcontrol rescan" after insertion of an aic pccard.
We now do it as a "camcontrol rescan all" which is something ken
promised to implement; for the time being it's not worse than the old
"camcontrol rescan $device" which ended up in something like
"camcontrol rescan aic1".  Currently, camcontrol misinterprets the
third non-numeric arg as number 0, and rescans bus 0, which is about
the best we could get at this time.

Approved by:	imp
MFC after:	1 week
2002-01-17 20:38:04 +00:00
Robert Watson
012ccf288b o Improve the line-wrapping of additional comments, some of which appeared
to be wrapped around 60, others around 40 columns.
2002-01-17 00:10:28 +00:00
Robert Watson
4420bc6773 o Remove a somewhat less comprehensible comment about modifying /etc/rc.
o Improve line-wrapping of another comment for consistency.
2002-01-17 00:08:44 +00:00
Bruce Evans
e9f83ca347 Added this makefile. This is not attached to the build yet. I often
install parts of /etc manually and it helps to have a makefile for
each subdir even if the main makefile doesn't invoke it.
2002-01-16 12:18:22 +00:00
Ruslan Ermilov
30843b9337 Do not install man(1) setuid ``man''.
The catpaging and setuidness features of man(1) combined make
it vulnerable to a number of security attacks.  Specifically,
it was possible to overwrite system catpages with arbitrarily
contents by either setting up a symlink to a directory holding
system catpages, or by writing custom -mdoc or -man groff(1)
macro packages and setting up GROFF_TMAC_PATH in environment
to point to them.  (See PR below for details).

This means man(1) can no longer create system catpages on a
regular user's behalf.  (It is still able to if the user has
write permissions to the directory holding catpages, e.g.,
user's own manpages, or if the running user is ``root''.)

To create and install catpages during ``make world'', please
set MANBUILDCAT=YES in /etc/make.conf.  To rebuild catpages
on a weekly basis, please set weekly_catman_enable="YES" in
/etc/periodic.conf.

PR:		bin/32791
2002-01-15 14:11:05 +00:00
Dag-Erling Smørgrav
a5f5cfdaf2 Everybody (for suitable values of "everybody") seems to think pam.conf should
be removed outright.

Sponsored by:	DARPA, NAI Labs
2002-01-14 17:15:53 +00:00
Dag-Erling Smørgrav
56ad504867 Re-add pam.conf so it will get installed so people who don't know about
pam.d will find out about it by reading pam.conf.

Sponsored by:	DARPA, NAI Labs
2002-01-14 16:30:22 +00:00
Dag-Erling Smørgrav
ddee80ac95 Point people towards /etc/pam.d/README. 2002-01-14 15:08:02 +00:00
Dag-Erling Smørgrav
4e8b159f5e Unmunge the version preservation code and obfuscate it so CVS won't munge
it all over again.
2002-01-12 23:08:59 +00:00
Dag-Erling Smørgrav
f89a116468 Back out previous commit, which erroneously removed essential comments. I
definitely need coffee.

Apologies to:	ache
2002-01-12 14:22:22 +00:00
Dag-Erling Smørgrav
ca90ed6b1c Update copyright 2002-01-12 14:17:19 +00:00
Dag-Erling Smørgrav
0703287104 Switch over to /etc/pam.d/.
Sponsored by:	DARPA / NAI Labs
2002-01-12 14:03:12 +00:00
Dag-Erling Smørgrav
84437855b4 Sync with pam.conf revision 1.25. 2002-01-12 13:50:33 +00:00
Dag-Erling Smørgrav
1c6246992a Preserve FreeBSD version strings in target files. 2002-01-12 13:50:08 +00:00
Warner Losh
8128d1f555 Correct Corega KK Wireless entry 2002-01-12 07:01:51 +00:00
Alexey Zelkin
7f751a854f Sort entries and clarify comments 2002-01-11 15:51:56 +00:00
Warner Losh
ec68b202e5 o Add T-POWER flash
Submitted by: Michael Johansson <micke@nevermind.net>

o Sony PCWA-C100 WaveLAN card
Submitted by: "Jeremiah Gowdy" <jgowdy@home.com>

o Corega KK Wireless LAN PCCA-11 (version b?)
Submitted by: Masahide *MAC* Noda <mac@clave.gr.jp>
2002-01-10 18:53:00 +00:00
Joerg Wunsch
cd85c8e853 Add a commented-out alternative for the ether line of a DIGITIAL
DEPCM-BA card, as found on my rev. C01 card.

MFC after:	1 week
2002-01-08 22:32:00 +00:00
Andrey A. Chernov
0fd0b9d205 Add forgotten alias for ru_SU.ISO8859-5 2002-01-08 19:07:03 +00:00
Alexey Zelkin
3b9da4da83 Add ru_SU locale aliases for nls area also 2002-01-08 17:23:03 +00:00
Alexey Zelkin
e223285d41 Actually make aliases for ru_SU locales. 2002-01-08 15:30:56 +00:00
Andrey A. Chernov
ac6739777e Add ro_RO
PR:		33343
Submitted by:	Adrian Penisoara <ady@warpnet.ro>
2002-01-08 15:06:42 +00:00
Andrey A. Chernov
71cf7468b2 ISO 8859-1 -> ISO 8859-5 for ru_* 2002-01-08 15:01:48 +00:00
Alexey Zelkin
688a6139bd Correctly handle cases of deprecated locales which are supposed
to have backward compatibility symbolic links.

This code should check existence of deprecated locales and
fix them using following scheme:

. if new locale directory exisists and is a symlink -- remove it
. if old locale directory exists and not a symlink -- rename it to
  its new name

This should allow to mtree(1) and existing locale aliases make(1)
rules to setup locale dirs correctly (avoid self-referenced symlinks)

BTW, this commit brings in backward compatibility support for ru_SU
locales (aliased to appropriate ru_RU ones).
2002-01-08 13:42:52 +00:00
John Baldwin
64798412f9 Populate etc.sparc64:
- The disktab was taken from etc.alpha.
 - rc.sparc64 doesn't do anything right now.
 - The ttys file has all the vty's commented out since we don't know how
   those will work yet.  Also, an entry is added for the Openfirmware
   console device.

Submitted by:	jake (partially)
2002-01-07 23:53:34 +00:00
Sheldon Hearn
0604ab3465 Comment out an example that was missed on first import.
Reported by:	Jeroen Ruigrok <asmodai@wxs.nl>
2002-01-07 08:41:55 +00:00
Sheldon Hearn
b50e990dde Install nsmb.conf with mode 0600, since it may be modified to include
passwords for remote shares.

Reported by:	Andre Albsmeier <andre@albsmeier.net>
2002-01-04 13:02:51 +00:00
Andrey A. Chernov
283004853b Improve pam_unix/opie related ftpd comment even more 2002-01-02 09:51:33 +00:00
Andrey A. Chernov
2ac0b4865e Clarify comment about pam_unix fallback for ftpd 2002-01-01 13:38:01 +00:00
Andrey A. Chernov
e0d2c39d84 Turn on pam_opie.so for ftpd by default
It not affect non-OPIE users
2002-01-01 13:27:11 +00:00
Doug Ambrisko
0d6fcb5c0e Fix bugs in the structure for rx_frame by making gap length one byte and
a packed array so sizeof work.  This broke RFMON mode and passing
up 802.11 packets.

The Linux emulation code was derived from the open source Linux driver to
maintain compatibility.

LEAP support is added, hints from Richard Johnson.  I've verified this
locally with PC350v42510.img firmware.  More bug fixing from Marco to
fix long passwords.

Change DELAYs in flash part of driver to FLASH_DELAY which uses tsleep
so it doesn't look like your system died during a flash update.

Install header files in /usr/include/dev/an

Cleanup some ifmedia bugs add "Home" key mode to ifmedia and ancontrol.
This way you can manage 2 keys a little easier.  Map the home mode into
key 5.  Enhance ifconfig to dump the various configured SSIDs.  I use
a bunch of different ones and roam between them.  Use the syntax similar
to the WEP keys to deal with setting difference SSIDs.

Bump up up the Card capabilities RID since they added 2 bytes to it
in the latest firmware.  Thankfully we changed it from a terminal
failure so the card still worked but the driver whined.

Some cleanup patches from Marco Molteni.

Submitted by:	Richard Johnson <raj@cisco.com>
		Marco Molteni <molter@tin.it>
		and myself
Various checks: David Wolfskill <david@catwhisker.org>
Reviewed by:	Brooks Davis <brooks@freebsd.org>
		Warner Losh <imp@freebsd.org>
Approved by:	Brooks Davis <brooks@freebsd.org>
		Warner Losh <imp@freebsd.org>
Obtained from:	Linux emulation API's from Aironet driver.
2001-12-31 22:01:44 +00:00
Gregory Neil Shapiro
e3437797cc Grammar fix for comment 2001-12-30 04:40:18 +00:00
Sheldon Hearn
4a8eeedbb1 Don't require operators to override the list of network filesystem
types (networkfs_types) with a version that includes the original
list.

This increases the scope for user error and also means that systems with
networkfs_types set in /etc/rc.conf will not benefit from changes to the
list in /etc/defaults/rc.conf on upgrade.

Instead, store the default list in /etc/rc itself and allow the operator
to append to that list by specifying her own list in networkfs_types.

Rename networkfs_types to extra_netfs_types accordingly, as the new name
better describes the purpose of the variable.  Default the value to
'NO'.
2001-12-29 19:42:55 +00:00
Warner Losh
3b3ef3700a "10/100Base FastEthernet PC CARD" (LNA-100) from Billionton Systems Inc.
Submitted by: "Torfinn Ingolfsen" <torfinn.ingolfsen@oslo.online.no>
2001-12-29 02:15:46 +00:00
Warner Losh
73ad7cef4c Novac DVD/CD Station(Portable DVD/CD-ROM player
Submitted by: moment@pluto.dti.ne.jp
2001-12-28 03:42:41 +00:00
Warner Losh
90005a9c29 Xircom RealPort RE-10
Submitted by: Willem van Engen <wvengen@stack.nl>
2001-12-28 03:39:13 +00:00
Warner Losh
9b5032e906 Add Proxim Harmony card (from Bob)
Also fix a minor disordering of a wi card while I'm here.

Submitted by: bob bobing <this_is_my_act@yahoo.com>
2001-12-28 03:34:05 +00:00
Crist J. Clark
726acc787d Fix some leftover stray characters from expr(1)-to-$(()) sweeps.
PR:		bin/33158
Submitted by:	Adrian Filipi-Martin <adrian@ubergeeks.com>
MFC after:	1 day
2001-12-27 22:41:35 +00:00
Joerg Wunsch
9e62ce2036 Remove nonstandard floppy device nodes. Only keep the base device node,
plus the symbolic links to the fake BSD partitions.

Also remove the rfd* devices, they are neither necessary nor documented
anymore.
2001-12-27 15:03:25 +00:00
Sheldon Hearn
d7fb353a43 Re-introduce the fix that delays mounting of network filesystems until
the network is initialized.  This was first implemented in rev 1.268
of src/etc/rc, but was backed out at wollman's request.

The objection was that the right place for the fix is in mount(8).
Having looked at that problem, I find it hard to believe that
the hoops one would have to jump through can be justified by the
desire for purity alone.

Note that there are reported issues surrounding nfsclient kernel
support and mount_nfs(8), which currently make NFS an ugly exception
to the general case.

With this change, systems with non-NFS network filesystems configured
for mounting on startup in /etc/fstab are no longer guaranteed to
fail on startup.
2001-12-27 13:41:27 +00:00
Luigi Rizzo
8029d085df Remove a stale entry related to passing ARP with bridging and ipfw.
This feature has been removed since 4.1 times and it is only a source
of confusion.

Same needs to be done on -stable.

MFC after: 1 day
2001-12-27 05:40:09 +00:00
Warner Losh
76751379cc Longshire LCS-8634TB
Submitted by: "Frank W. Josellis" <josellis@dynamics.claranet.de>
2001-12-27 03:59:21 +00:00
Warner Losh
68b54634bd Some new cards:
o uncommnent joy stuff (me)
	o Add BONDWELL B236 joystick card (me)
	o Add Buffalo WLI-CF-S11G wi card (me)
	o CNF CD-m (submitted by gda)

Submitted by: Dmitry A Goncharov <gda@sani.ru>
2001-12-27 02:12:32 +00:00
Robert Watson
22e5e135e1 o Add a comment indicating that if /tmp==/var/tmp in rc.diskless2, the
md device and file system creation occurs *after* mtree is run, and
  as such an /var/tmp/* or /tmp/* entries will be under the mountpoint
  (or fail) rather than appearing in the md filesystems.  This prevents
  the creation of vi.recover, and might affect other localizations that
  rely on the mtree calls affecting these directories.
2001-12-26 17:18:39 +00:00
Robert Watson
6bbc26ef9f Remove incorrect comments about the population of /etc: no attempt is
made to copy the NFS-mounted on to /tmp/etc, instead, it is populated
entirely from /conf/default, then overriden from /conf/IP.
2001-12-26 17:00:55 +00:00
Sheldon Hearn
0e2b10ac7f Now that smbfs is fully integrated into the base system, create
/dev/nsmb* device nodes, which used to be done by the port installation.

PR:		33068
Submitted by:	Dimitry Andric <dim@xs4all.nl>
2001-12-26 15:44:06 +00:00
Alexey Zelkin
0388ec7cac Back out recent replacement of LC_MESSAGES file with directory.
Requested by:   ache
2001-12-24 11:49:49 +00:00
Alexey Zelkin
be9546c713 add LC_MESSAGES directory for uk_UA.ISO8859-5 locale 2001-12-22 06:56:12 +00:00
Alexey Zelkin
709eed76bd Slightly re-work locale messages storage scheme. Before this commit
LC_MESSAGES related data was installed to <locale>/LC_MESSAGES file.
Now it go to <locale>/LC_MESSAGES/SYS_LC_MESSAGES file. LC_MESSAGES
directory is supposed to be storage of message catalogs of userland tools.
This should allow us to avoid many potential problems with future
libintl related functionality introduction.

Thanks for useful suggestions about correct way how to replace plain
files with directories at installworld stage to: Ruslan Ermilov <ru>
2001-12-21 13:14:02 +00:00
Andrey A. Chernov
bf908a83ba Add uk_UA.ISO8859-5 locale
PR:		32450
Submitted by:	partially by Alexey Klimov <kao@wiuu.kiev.ua>
2001-12-20 20:48:31 +00:00
Sheldon Hearn
cb02e3a880 Correct the given path to nsmb.conf in the comments, now that it's
corrected in libsmb.
2001-12-20 16:23:12 +00:00
Brian Somers
ca4513237b Don't assume that /var/run and /var/spool/lock are on the same
partition.

Submitted by:	ru
2001-12-19 16:10:25 +00:00
Ruslan Ermilov
56ada921d8 Whitespace police. 2001-12-18 18:21:51 +00:00
Brian Feldman
125c50cdeb Install devfs includes. 2001-12-17 13:38:58 +00:00
John Hay
c9c98e9936 Add a missing .. to get out of smbfs/print. 2001-12-15 08:31:13 +00:00
Hajimu UMEMOTO
91b70c33dd automatic creation of faith0 and stf0 for backward compatibility.
MFC after:	2 days
2001-12-15 03:59:47 +00:00
Sheldon Hearn
7e081cffc0 Add share/examples/smbfs/print for userland smbfs import.
The addition of the smbfs examples should have included this delta.
Failure to include this delta broken world.

Reported by:	jhay
2001-12-14 22:56:12 +00:00
Crist J. Clark
d15413fe2f Fix a stray character that found its way into a filename. 2001-12-14 22:25:04 +00:00
Mike Heffner
6257f96122 ftp(1) was not the only user of FTP_PASSIVE_MODE, libfetch uses it
too, so add it back
2001-12-14 15:48:55 +00:00
Sheldon Hearn
85519b003a Add bmake glue for src/contrib/smbfs and connect userland smbfs
support to the build.

The MFC reminder below is subject to <re@FreeBSD.org> approval
prior to 4.5-RELEASE.

Reviewed by:	bp, fjoe
MFC:	1 week
2001-12-14 11:41:22 +00:00
Ruslan Ermilov
ac47c95eea Work around the bugfeature of test(1).
PR:		bin/32822
2001-12-14 08:58:21 +00:00
Mike Heffner
f6efcf6413 ftp(1) uses passive mode by default now, therefore remove
FTP_PASSIVE_MODE=YES.

Pointed out by:	billf
2001-12-14 02:08:23 +00:00
Alfred Perlstein
bcb733d069 rpc.lockd needs rpc.statd to be running for it to start up properly.
so swap the order.

Also allow rpc.lockd and rpc.statd to be turned on if nfsclient is
enabled.  They are needed to provide client side locking support.

PR: conf/27811
2001-12-13 04:21:18 +00:00
Peter Pentchev
1e106575d2 Set the script_name_sep variable to a safe value if it is not
already set (e.g. a failed/skipped mergemaster run during an upgrade).
Without this, if script_name_sep was not set in the rc.conf files,
local scripts will not be executed on startup or shutdown.

PR:		misc/32687
Submitted by:	Nicholas Paufler <echofox@discordia.ca> (the problem)
		Sheldon Hearn (the idea behind the fix)
Reviewed by:	sheldonh
MFC after:	1 week
2001-12-12 10:12:20 +00:00
Robert Watson
fcc1eaf46d - Improve line-wrapping and spacing so as to improve readability.
- Add instructions regarding replacing 'my.domain', as this has come up
  on freebsd-questions.
- Remove reference to rs.internic.net/templates, as that directory no
  longer exists.  Instead, encourage them gently to talk to their network
  provider.

MFC after:	1 week
2001-12-11 22:36:10 +00:00
Gregory Neil Shapiro
5a3ecbf1d2 Add aliases pointing to postmaster for the two new mail related accounts.
Reminded by:	sheldonh
MFC after:	3 days
2001-12-11 17:29:57 +00:00
Ruslan Ermilov
d4d2e898a1 s/sysctl -w/sysctl/ 2001-12-11 08:21:46 +00:00
Crist J. Clark
2204f3ce42 Long ago, there was just /etc/daily. Then /etc/security was split out
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.

Reviewed by:	ru
Approved by:	ru
2001-12-07 23:57:39 +00:00
Robert Watson
67b86547da o Update rc.network to reflect the recent change of default in the
kernel TCP timer code: rather than checking for tcp_keepalive being
  set to "YES", check for "NO" and turn off keepalives if the variable
  is set in that manner.

o Note: eventually, it would make sense to remove this variable from
  rc.conf management, and instead rely on sysctl.conf.  In fact, this
  is probably true of a number of rc.conf variables whose sole aim
  is to drive the setting of sysctls at boot time.
2001-12-07 17:03:14 +00:00
Dag-Erling Smørgrav
9446518a9a Install pam.d files with mode 0644, not 0755. 2001-12-06 23:28:12 +00:00
Nick Sayer
284d8fda4d Add a commented-out defaultrouter entry for 6to4 users. See RFC-3068 2001-12-06 20:44:14 +00:00
Dag-Erling Smørgrav
c26c7886d1 Introduce the variable USE_PAM_D, which, if set, will cause pam.d to be
installed instead of pam.conf.  This is for testing; the conditionals will
be removed once we are confident that pam.d works as intended.

Sponsored by:	DARPA, NAI Labs
2001-12-06 13:18:32 +00:00
Dag-Erling Smørgrav
c5a332f021 Makefile for pam.d configuration files.
Sponsored by:	DARPA, NAI Labs
2001-12-06 13:16:47 +00:00