to a hostname. This will help those who keep a cluster of machines all with
the same hostname but different domain names.
PR: bin/9091
Submitted By: Heikki Suonsivu <hsu@clinet.fi>
No Response From: -current mailing list
man(1) will utilize manpath(1) if MANPATH is unset in the environment,
and with our existing manpath.config it is enough to find the X11
pages among others.
PR: 8587
Submitted by: Marc Slemko <marcs@znep.com>
mechanisms ('bind' user and group) in place so the feature can be easily
turned on. There were too many complaints. The security(1) man
page will be created/updated to include the appropriate info.
Delete rc.local from CVS tree, its remaining functionality has been
moved to /etc/rc. /etc/rc still supports an rc.local but it is now
a 100% user-controlled file.
Commit changes to rc and rc.local, removing the remaining minimal
functionality of rc.local into rc and commenting it out of rc.local
prior to the deletion of rc.local from the CVS tree.
(3?) people will make an effort to help those who would have benefitted from
this change. And just telling them that they should read and understand
the significance of each message posted to -current is not really good
enough IMHO.
${DESTDIR}/etc and an install target to install the missing ones. This
allows new files like pam.conf to be installed by the first installworld
after the file is added, but avoid clobbering files that might be
customized. This should save some support questions.
to the comments in named.conf to describe to the user how to create it.
(named.conf does not use /etc/namedb/s by default anyway so us not
pre-created it in the mtree does not hurt us terribly).
Replace non-existent directory for operator with /
Supply by default operator with non-existent but can be created directory
and /bin/csh is kinda security risk
Adjust rc.conf to run named in sandbox, adjust mtree to add /etc/namedb/s
subdirectory (user bind, group bind) to hold secondaries, adjust
comments in named.conf to reflect new secondary scheme. (Note that
core read-only zone files are left owned by root, increasing security even
more).
adjustd inetd.conf to run comsat and ntalk from tty sandbox, and
the (commented out) ident from the kmem sandbox.
Note that it is necessary to give each group access it's own uid to
prevent programs running under a single uid from being able to gdb
or otherwise mess with other programs (with different group perms) running
under the same uid.
methods used by login. Changes to "/usr/bin/login" to use it will
be committed later today. The format of the file is described in
pam(8).
This sample file makes login behave in the traditional way. To
wit, it enables authentication via S/Key and passwd/NIS lookups.
KerberosIV authentication is present in the sample file but commented
out.
As a safety net and a transition aid, login will fall back on
built-in passwd/NIS authentication if this configuration file is
missing or if some other fatal PAM error occurs.
This file will eventually replace "/etc/auth.conf", but not until
I've finished converting the other utilities, such as passwd and su.
header files go. I am not too happy about the name. But if we are
to have any hope of being able to use 3rd party PAM modules, we'll
have to live with it.
Disable building tickadj(8) by removing util from SUBDIR in the xntpd
Makefile. Note that the sources are still there and tickadj can still
be built and installed by doing:
# cd /usr/src/usr.sbin/xntpd/util
# make all install
There are enough references to tickadj in e.g. the xntpd documentation
(not to mention the sysctl variables it uses etc.) that I don't feel
up to implementing the final solution right now.
Kinda-approved-by: phk
rwho iff /var/rwho is empty. Call `uptime' instead. This doesn't
belong under `network' right away, but at least reports the same
informaton about the local system. rwhod is not turned on by default
(for good reason), and i've already seen too many of the above
messages...
original contents of the file preserved as examples for administrators
that need to enable them.
Also add a comment to the examples pointing out that the authentication
functionality is largely unused and requires rebuilding libutil.
Reviewed by: jkh
file formats. I have added a new rc.conf variable ${ldconfig_paths_aout}
which is like ${ldconfig_paths}, but only for a.out shared libraries.
On a "standard" ELF system, the ELF ldconfig path is taken from
${ldconfig_paths}, while the a.out ldconfig path is taken from
${ldconfig_paths_aout}.
On a not-yet-converted a.out system, only the a.out ldconfig path
is set, and it is taken from ${ldconfig_paths_aout}. If that
variable is unset, /etc/rc defaults it to the value of ${ldconfig_paths},
on the assumption that the system's "/etc/rc.conf" file hasn't been
updated.
committed a fix for in 2 days and 3 different people have forgotten
to update this file. GRRR! What's it going to take, electrodes to
the sensitive bits, people?? :-)
===================================
HARP | Host ATM Research Platform
===================================
HARP 3
What is this stuff?
-------------------
The Advanced Networking Group (ANG) at the Minnesota Supercomputer Center,
Inc. (MSCI), as part of its work on the MAGIC Gigabit Testbed, developed
the Host ATM Research Platform (HARP) software, which allows IP hosts to
communicate over ATM networks using standard protocols. It is intended to
be a high-quality platform for IP/ATM research.
HARP provides a way for IP hosts to connect to ATM networks. It supports
standard methods of communication using IP over ATM. A host's standard IP
software sends and receives datagrams via a HARP ATM interface. HARP provides
functionality similar to (and typically replaces) vendor-provided ATM device
driver software.
HARP includes full source code, making it possible for researchers to
experiment with different approaches to running IP over ATM. HARP is
self-contained; it requires no other licenses or commercial software packages.
HARP implements support for the IETF Classical IP model for using IP over ATM
networks, including:
o IETF ATMARP address resolution client
o IETF ATMARP address resolution server
o IETF SCSP/ATMARP server
o UNI 3.1 and 3.0 signalling protocols
o Fore Systems's SPANS signalling protocol
What's supported
----------------
The following are supported by HARP 3:
o ATM Host Interfaces
- FORE Systems, Inc. SBA-200 and SBA-200E ATM SBus Adapters
- FORE Systems, Inc. PCA-200E ATM PCI Adapters
- Efficient Networks, Inc. ENI-155p ATM PCI Adapters
o ATM Signalling Protocols
- The ATM Forum UNI 3.1 signalling protocol
- The ATM Forum UNI 3.0 signalling protocol
- The ATM Forum ILMI address registration
- FORE Systems's proprietary SPANS signalling protocol
- Permanent Virtual Channels (PVCs)
o IETF "Classical IP and ARP over ATM" model
- RFC 1483, "Multiprotocol Encapsulation over ATM Adaptation Layer 5"
- RFC 1577, "Classical IP and ARP over ATM"
- RFC 1626, "Default IP MTU for use over ATM AAL5"
- RFC 1755, "ATM Signaling Support for IP over ATM"
- RFC 2225, "Classical IP and ARP over ATM"
- RFC 2334, "Server Cache Synchronization Protocol (SCSP)"
- Internet Draft draft-ietf-ion-scsp-atmarp-00.txt,
"A Distributed ATMARP Service Using SCSP"
o ATM Sockets interface
- The file atm-sockets.txt contains further information
What's not supported
--------------------
The following major features of the above list are not currently supported:
o UNI point-to-multipoint support
o Driver support for Traffic Control/Quality of Service
o SPANS multicast and MPP support
o SPANS signalling using Efficient adapters
This software was developed under the sponsorship of the Defense Advanced
Research Projects Agency (DARPA).
Reviewed (lightly) by: phk
Submitted by: Network Computing Services, Inc.
addresses by default.
Add a knob "icmp_bmcastecho" to "rc.network" to allow this
behaviour to be controlled from "rc.conf".
Document the controlling sysctl variable "net.inet.icmp.bmcastecho"
in sysctl(3).
Reviewed by: dg, jkh
Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
a port so there is nothing to be done on that side now.
Approved by: jkh
===
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
cc: Andreas Klemm <andreas@klemm.gtn.com>, current@freebsd.org
Subject: Re: Make this a relese coordinator decision (was Re: ports-current/packages-current discontinued)
From: David Greenman <dg@root.com>
Date: Sun, 03 Aug 1997 20:23:31 -0700
>decision is, I'll respect it.
Another chance to architect people's principles...I can hardly wait. Seems
quite appropriate for a Sunday - I just need to get one of those collection
plates (and money envelopes) so I can profit, too. :-)
Tcl stays in /usr/src for now, but it needs to be kept up to date; same
for perl. If Jordan doesn't have "setup" (written in tcl) ready for 3.0,
then tcl will be yanked prior to the 3.0 release (and made into a port).
As for the ports tree only supporting the last FreeBSD release, this seems
sensible to me. The "ports" have always been a moving target between releases
and the problem is only going to get worse when we expand to supporting other
processor architectures. In any case, Satoshi is and always has been in charge
of the ports tree and whatever he wants to do with it (within reason :-)) is
his decision.
Does this cover the issue completely? I admit to deleting messages in this
thread with unusual fervor (people have FAR too much time on their hands!).
There's a fair bit of reasoning behind the above, but since everyone is sick
of arguing about this, I'll spare you the analysis.
-DG
David Greenman
Core-team/Principal Architect, The FreeBSD Project
variable "stash_flag" is set. A few lines later, it is evaluated
as "stash_flags" with a trailing "s", and then a bit later the
singular version is unset.
PR: 7609
Reviewed by: phk
Submitted by: Walt Howard <howard@ee.utah.edu>
I prefer wide-dhcp, and since both are packages, it should get
equal billing.
PR: 7568
Reviewed by: phk
Submitted by: Drew Derbyshire <software@kew.com>
decision to limit the sound driver to one device. With Luigi's pcm
driver, the unit number for the PnP detected cards is nearly always 1,
and so you can't create the symlinks that will make your sound work.
PR: 7564
Submitted by: Doug White <dwhite@resnet.uoregon.edu>
unless /var is nfs-mounted.
This was removing ppps device lock (when ppp's started in
/etc/start_if.tun0 in -ddial or -dedicated mode) and allowing
other programs (such as mgetty) to confuse ppp by playing with
the modem while ppp's using it.
People that nfs-mount /var had better not start ppp in this
way....
I hope some other people might find them useful. They are for
zh_CN.EUC (GB) only. I'm not familiar with the BIG5 encoding,
so I could only hope someone else would fill the gap.
PR: 7310
Submitted by: Luoqi Chen <luoqi@chen.ml.org>
This needs to be revisited - we need a simple way of building/installing
these at runtime from the installed system's /etc/mail directory.
freebsd.mc,v and freefall.mc,v have been repository copied here.
This makes it possible to run make from cron, i.e.:
root's crontab:
( cd /etc/mail; make all install )
without the error:
makemap hash /etc/mail/spamsites < /etc/mail/block_domains.txt
makemap: not found
*** Error code 127
If this solution is widely accepted, I'd like to merge it into -STABLE
the rc.conf variable ``natd_interface''. rc.network will
determine whether it is an IP address or an interface name,
and invoke natd with the -a or -n flag as appropriate.
PR: 6947
Reviewed by: jkh@FreeBSD.ORG
use this.
Requested by: max, andreas
Note: This change just provides a convenient way to exercise existing
functionality. Whether `kern.securelevel' is effective in increasing
system security is another issue, and one that has been well thrashed
out in the lists.
hard coded into too many things), it's not nice to go and change /home/src
etc. This means they will be created if missing (so it shouldn't break
the releases), but won't touch them once they are changed.
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
1646 (radacct), but RFC's 2138 and 2139 define new ports
for RADIUS and RADIUS accounting, namely 1812 and 1813
respectively. FreeBSD 2.2.6 uses the old radacct port, but
the new radius port, which is a bit silly.
PR: 6712
Reviewed by: phk
Submitted by: Nick Hilliard <nick@foobar.org>
almost certainly have to change as the FreeBSD/Alpha kernel comes
along, but for the transitionary period this is the most correct.
Obtained from: NetBSD
against the "master map" to get the list of mount point/amd map
correspondences, and using that list as command-line arguments to start
amd.
When I tried to do this with the existing /etc/rc* scripts, I found that
I couldn't do this by modifying only /etc/rc.conf: that file gets
sourced very early by /etc/rc, well before any networking functionality
is present, let alone NIS. Further, I wasn't able to figure out a way
to use various levels & types of quoting to defer evaluation of the
string to a point subsequent to NIS initialization.
As a result, I resorted to hacking /etc/rc.network -- but I did it in a
way that ought to be reasonably general, and avoid breakage for anyone
else.
PR: 6387
Reviewed by: phk
Submitted by: David Wolfskill <dhw@whistle.com>
allowed external hosts to send packets to the 127.0.0.0/8 subnet on the
firewall host.
Renumber the lo0 rules to guarantee they appear first.
PR: 6406
Submitted by: Archie Cobbs <archie@whistle.com>
as the initial generic hostname if the user didn't setup any NIC, but
failure to resolve this name results in XF86Setup not being able to
run.
Reported by: Lutz Zienert <luzi@interface-business.de>
is reason enough to make the compilation & installation of sendmail an
make.conf option. I know that you hate negative options Bruce.
PR: 6284
Reviewed by: phk
Submitted by: Adrian Colley <aecolley@world.std.com>
retain additional message in check_relay ruleset,
the message is written into the maillog.
this is useful to a site's postmaster.
Reviewed by: jmb
Submitted by: Ruslan Ermilov ru@ucb.crimea.ua