| Add a short description of how a literal colon ':' can be inlined in the
| value of capability databases, since it's not really obvious how a colon
| can be escaped, and a pointer to the getcap(3) manpage for more details.
|
| Triggered by: a question by Ceri on -questions
Approved by: re (kensmith)
Add an rc.d script to start the pfsync interface after all
the conventional network interfaces have been started so that
pfsync can be attached to any of the latter.
Record the dependency of rc.d/pf on the newly added rc.d/pfsync.
Also make rc.d/pf start as early as before rc.d/routing to improve
system security.
Document rc.d/pfsync on pfsync(4) and rc.conf(5).
Approved by: re (scottl), mlaier
Don't print anything if we can't do any localpkg shutdown (start already
does this).
Submitted by: Andre Albsmeier <Andre dot Albsmeier at siemens dot com>
PR: conf/86606
Approved by: re (kensmith)
Add a new rc.conf entry, kerberos5_server_flags, which allows the
administrator to specify additional start-up flags to the Kerberos
5 Authentication Server.
Approved by: re (scottl)
Use sysctl -q when querying for kern.bootp_cookie in order to avoid
printing boot-time errors that don't reflect true error conditions.
Approved by: re (kensmith)
In mountd_precmd(), use rc_args, not mountd_args to
override the value of mountd_args. This fixes the problem
where mountd_args was not properly being set if
weak_mountd_authentifcation="YES" was set in rc.conf.
PR: conf/86260
Submitted by: Thierry Herbelot <thierry at herbelot dot com>
Approved by: re (kensmith)
Use kenv -q to extract dumpdev rather than kenv, in order to avoid
spamming the console in the event that a loader tunable 'dumpdev'
isn't defined, which is not a relevant failure to report.
Approved by: re (kensmith)
Comment out ofw_console 'screen' entry and zs tty entries.
The OpenFirmware console isn't used on real systems anymore and
I never get to multi-user mode in psim. There are problems with
zs that need to be resolved before these lines can be enabled.
This eliminates disconcerting warnings on boot.
Approved by: re (Ken Smith)
etc/network.subr: 1.165-1.167
- kill removable_interfaces
- add NOAUTO keyword
- fix quoted entries in ifconfig_<ifn> variables
- always up the interface
- if ifconfig_<ifn> is defined, but empty, don't set it to
ifconfig_DEFAULT
- always configure lo0 first if it exists
etc/pccard_ether: 1.46
- kill removable_interfaces
- add NOAUTO keyword
etc/rc.d/netif: 1.15-1.17
- block Ctrl-C in dhclient
- minor cleanup of the interface list generation code
Approved by: re (scottl)
Requested by: many (death to removable_interfaces!)
- Correctly parse output, when logging amount is limited in the
rule itself, not in verbose_limit sysctl. [1]
- Do check rules, even if verbose_limit is set 0. Rules may have
their own log limits.
PR: conf/77929
Submitted by: Andriy Gapon [1]
Reviewed by: matteo
Approved by: re (scottl)
Stop hard-coding an -M flag to mdmfs(8) in /etc/rc.subr.
Now this flag can be set, or not set, for memory-backed
file systems on individual basis, as illustrated by the
rc.conf(5) variables tmpmfs_flags and varmfs_flags. The
flag is set for those FS'en by default, in /etc/defaults/rc.conf,
in order to stay compatible with the old rc.subr behaviour.
Approved by: re (scottl)
etc/defaults/rc.conf 1.255,1.256,1.257
- Remove gbde_swap_enable variable (it has no effect).
- Add geli_swap_flags variable which holds flags used by geli(8) when
configuring GELI-encrypted swap partitions.
- Add variables used by rc.d/geli and rc.d/geli2 scripts.
Approved by: re (kensmith)
Skip jails which are already running and inform why.
We're checking for /var/run/jail_<name>.id file and if it exists, we don't
start the jail. It should be also safe in case of reboot(8), because
rc.d/cleanvar script is going to remove /var/run/jail_* files.
It helps to avoid potential mess when the same jail is started twice,
because of an administrator mistake (been there, done that).
Approved by: re (kensmith)
- Don't complain when debouncing dhclient startup.
- Fix buffer handling in reveive_packet(). This fixes infinite cpu
eating loops and probably some crashes.
- Spell if_defaultroute route correctly in dhclient-script so we
are allowed to change the default route.
- Document dhclient -b.
- Treat reassociation like association.
- Do not force server-name to be a valid domain name.
- Handle servers that send NUL-terminated host-name options.
Approved by: re (scottl)
ifconfig_DEFAULT variable. Unlike pccard_ifconfig, ifconfig_DEFAULT
applies to all interfaces that do not specify an ifconfig_<ifn>
variable rather than just those listed in removable_interfaces.
- Correct the list of interfaces when network_interfaces and
removable_interfaces are both set by including removable_interfaces
in the list of canidates.
- When listing dhcp interfaces, include those with other ifconfig
options so nat works.
Approved by: re (network interface startup blanket)
them. Just try to run the given command on them. We need to be able to
run stop functions on interfaces that have been deleted to stop
wpa_supplicant.
Approved by: re (interface startup blanket)
for kldstat to ever print "IP Filter" (the module is called "ipfilter"
and modules don't have anything like a description), so this function
would always return false. That would cause prestart to attempt to
load the module even if it's already loaded, which would fail and
prevent the rules from being loaded.
Approved by: re (dwhite)
ports. This mtree now specifies basic structure of X11BASE, similarly
to BSD.local.dist.
No objections on: freebsd-x11@
Approved by: re (dwhite), portmgr
GENERIC comment in ttyN.
- Add the name of the device driver creating the device nodes above the
respectives blocks so it's easier for user to find the right entry to
shut up warnings from getty(8). Replace 'Requires device 'uart' be
enabled.' with just 'uart(4)' as the former referred to a sparc64
GENERIC back when uart(4) wasn't enabled by default, yet.
- Turn off the getty(8) on screen as screen is created by ofw_console(4)
which is no longer enabled in the sparc64 GENERIC (and also only is a
last resort) to shut up warnings from getty(8) with the current GENERIC.
method of executing commands remotely. There are no rexec clients in
the FreeBSD tree, and the client function rexec(3) is present only in
libcompat. It has been documented as "obsolete" since 4.3BSD, and its
use has been discouraged in the man page for over 10 years.
- Implement sampling modes and logging support in hwpmc(4).
- Separate MI and MD parts of hwpmc(4) and allow sharing of
PMC implementations across different architectures.
Add support for P4 (EMT64) style PMCs to the amd64 code.
- New pmcstat(8) options: -E (exit time counts) -W (counts
every context switch), -R (print log file).
- pmc(3) API changes, improve our ability to keep ABI compatibility
in the future. Add more 'alias' names for commonly used events.
- bug fixes & documentation.
