Commit Graph

51 Commits

Author SHA1 Message Date
ghelmer
fe04bf9dba Mention securelevel 3 as affecting ipfw and dummynet. Generalize comment
about fdisk and securelevel 2.
PR:		docs/7785
1998-12-16 16:50:12 +00:00
phk
7ebd4f74fb Memory management error in init.
PR:		7320
Reviewed by:	phk
Submitted by:	Anders Thulin <Anders.X.Thulin@telia.se>
1998-07-22 05:45:11 +00:00
charnier
fff847fc47 Correct .Nm use. Add rcsid. Use min for minutes instead of mn. 1998-07-06 06:56:08 +00:00
jkoshy
20df804cb4 Fixes per PR 2850:
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.

and one spelling fix.

PR: 2850
1998-06-19 08:34:52 +00:00
jraynard
149cf90af1 Don't assume sigset_t and int are equivalent. 1998-03-02 23:19:29 +00:00
bde
d53ef8ee6e Removed definition of _NEW_VFSCONF. The new vfsconf interface is now
the default.
1998-01-20 10:40:18 +00:00
peter
0e8d0ba0f2 This has always bugged me. At single user, the implied example it gives
is not valid - it says that "sh" is the default, but you can't
actually type "sh" at this prompt - it has to be /bin/sh or some other
full pathname.
1997-10-10 12:14:48 +00:00
davidn
faf85e7cf0 ".if exists(${CURDIR}/../../secure)" rather than testing relative to the
object directory.
1997-08-18 03:32:09 +00:00
davidn
228bbc181c Test that rc.shutdown exists before attempting to run it - silently
return success if it doesn't to prevent any unwanted error msgs.
1997-08-18 01:40:12 +00:00
ache
9f4c4482b5 runshutdown(): get rid of getdtablesize loop, it gains nothing now
but can waste time if many descriptors are available
1997-08-06 16:34:51 +00:00
ache
a867dc6278 rc.shutdown fixes:
1) revoke -> HUP
2) controlling terminal already present
3) add missing setprocresources call
1997-08-06 16:07:52 +00:00
davidn
c0b9ea4c76 Add /etc/rc.shutdown capability to init.
Add sample /etc/rc.shutdown (which is just a shell for now).
Submitted by:	Ollivier Robert <roberto@keltia.freenix.fr>
1997-08-02 00:22:52 +00:00
ache
043d604a07 Move logwtmp(shutdown) call before any real action in death(). 1997-07-08 11:51:11 +00:00
ache
baa3a4dbcc 1. Replace malloc+bzero by calloc
2. Revoke internal active session list only now, not whole /etc/ttys
1997-07-05 19:36:55 +00:00
ache
0165b2e9da Add -D_NEW_VFSCONF to eliminate compilation warning 1997-07-05 19:34:51 +00:00
ache
d4280e0ef8 death: revoke all lines listed in /etc/ttys instead of sending HUP
to all processes
1997-07-04 22:09:07 +00:00
ache
b44556e359 Include <libutil.h> instead of private declarations 1997-07-03 11:37:43 +00:00
ache
49221f7583 Remove unneded cast in login_getclassbyname which cause warning 1997-07-02 13:53:31 +00:00
pst
489b7a4fe8 Attempt to open the device for reading before actually adding the device
to the session list.  If the device comes back as unconfigured, just
ignore that line in /etc/ttys.  If someone HUP's init, we'll try again.

This change stops getty's from hanging on vty and sio ports that don't
exist, either due to LKM drivers not being loaded, or probes failing.
Reviewed by:	bde
1997-06-28 08:18:29 +00:00
charnier
98daca0d1c Use err(3). 1997-06-13 06:24:42 +00:00
mpp
4b08ee0ed3 Be more specific as to which flags may not be turned off when the
system is running in secure mode.

Obtained from: NetBSD PR# 3299
1997-04-01 20:41:04 +00:00
phk
85568f7654 Fix mount call for devfs.
Submitted by:	bde
1997-03-30 09:22:41 +00:00
peter
4968036f61 Revert $FreeBSD$ to $Id$ 1997-02-22 14:40:44 +00:00
dg
d71873490f Protect from stack overrun via /etc/ttys, which could possibly allow a
root user to change the securelevel. Pointed out by Thomas H. Ptacek
<tqbf@enteract.com>.
1997-02-19 08:04:58 +00:00
markm
7c4a46a3a0 Part two of a "fix-and-move". There were some macros declared in ../sbin's
Makefile that were a) broken and b) bogusly placed. This brings the
repeared macros in.

Pointed-out-by:	BDE
1997-02-10 17:44:34 +00:00
adam
2ee6680619 typo 1997-01-22 12:38:40 +00:00
davidn
71e4601fc6 Style police. 1997-01-22 02:07:55 +00:00
davidn
557de278bc Impose login_cap resource limits on processes started by init.
/etc/rc started with "daemon" settings.
	"window=" started with "default" settings
	gettys started with "default" settings.
This should open the way to junk kernel options MAX_{OPEN,CHILD}
and the corresponding sysctl vars.
1997-01-19 16:49:13 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
wosch
71f5160702 Sort cross references. 1997-01-13 00:25:51 +00:00
phk
91bd35f309 If passed the -d flag, mount devfs on /dev 1996-10-28 11:03:19 +00:00
bde
b24c97a50f Rewrote the section about the "normal" setting of the security level to
match reality.

Say that secured devices `may not be opened for writing' instead of
`are read-only'.
1996-10-12 15:37:23 +00:00
bde
11546f4616 Fixed DPADD. 1996-09-05 17:16:10 +00:00
markm
8c96258663 Better method of choosing libdescrypt/libscrypt. 1996-05-04 08:16:20 +00:00
mpp
3c57dc7753 Correct some man page xrefs, and some other minor changes to bring some
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
1996-04-08 04:18:31 +00:00
joerg
3c466005c3 The DES-based init(8) belongs to the "des" distribution. 1996-02-13 09:12:10 +00:00
dima
b6116933b0 If root does not have a password, `init' should not ask to enter it.
otherwise it's not possible to get into single-user mode, if root
does not have password and console insecure.
1995-11-10 07:06:59 +00:00
phk
f161a927d6 Define TRUE & FALSE rather than depending on bogus #includes. 1995-10-29 09:44:09 +00:00
bde
86a1f0bb7e Fix $Id$. 1995-10-03 15:11:11 +00:00
markm
213dd85117 Make this make work the same way as passwd and xntpd. Here it will allow
secure/sbin/init to be cleaned out, and sbin/Makefile to be tidied up.
1995-10-01 15:12:47 +00:00
mpp
803ee03130 Fix init to correctly detect processes that are exiting multiple
times per second.
1995-08-08 06:49:59 +00:00
ache
224e922aeb nspace count was incremented only in child, so warning never displayed
Pointed by: Mike Pritchard <mpp@mpp.minn.net>
1995-08-08 02:29:12 +00:00
rgrimes
f3a2b348da Remove trailing whitespace. 1995-05-30 06:12:45 +00:00
ache
6cbf9ac3bb Add better argument handling
Submitted by: jmz
1995-01-10 21:19:57 +00:00
ache
9cd061f6c1 revision 1.6
date: 1994/03/06 08:55:02;  author: ache;  state: Exp;  lines: +4 -1
Stop count getty spacing problem, if we issue kill -1 1
----------------------------
revision 1.5
date: 1994/03/04 17:51:39;  author: ache;  state: Exp;  lines: +9 -2
I got a lot of
"getty repeating too quickly on port %s, sleeping"
from init.bsdi, it means that getty start and exit in five seconds.
This is common situation for poor quality Russian phone lines:
modem got CONNECT message and after retries got NO CARRIER.
So I introduce spacing count, it means that this warning and
sleep occurse only after GETTY_NSPACE times of sequental attempts.
----------------------------
revision 1.4
date: 1994/02/28 21:53:52;  author: ache;  state: Exp;  lines: +71 -10
I found (and fix) ugly bugs in init.bsdi (this bugs not present
in old init)

1) Init don't setup TERM environment variable for default terminal
type from /etc/ttys before calling getty/window.

2) When "kill -1 1" issued, init don't restart getty when
/etc/ttys parameters was changed (it only kill "off" end empty entries).

3) Small memory leak if "window" /etc/ttys parameter specified and
"kill -1 1" issued.

Obtained from: FreeBSD 1.x
1994-10-14 17:15:40 +00:00
jkh
4209b935fe What cretin named both a global and a function "reboot"? Global
changed to Reboot.
Submitted by:	jkh
1994-08-28 10:00:49 +00:00
nate
398581a79d Bring in my changes from the 1.1 init.bsdi which causes a reboot (was a
halt before)  if init is sent an interrupt signal.  This is necessary
for <CTL><ALT><DEL> to do the right thing if enabled.
1994-08-27 21:32:01 +00:00
dg
5d3f6f3b9b Nuked the 2 second DTR wait; this is handled correctly in the sio driver. 1994-08-23 04:42:45 +00:00
wollman
5d2f25e02e `init' needs crypt() for insecure consoles. 1994-08-15 02:45:37 +00:00
wollman
57ea13e98c Convert to our man installation style. Also fixed long-standing bug
in `fastboot'/`fasthalt' in which the interpreter would hang around
after `reboot' or `halt' is run, causing an irritating ``Killed'' message.
1994-08-05 02:42:42 +00:00