This is pkgbase related as it switches to CONFS to properly tag this as a
config file.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16848
This is related to pkgbase as it uses CONFS to properly tag these as config
files.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16785
This helps with pkgbase by switching to CONFS so they are properly tagged as
config files.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16833
Thsi helps with pkgbase by switching to CONFS so that ftpusers will be
properly tagged as a config file.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16787
This helps with pkgbase as it switches these to use CONFS which properly tags
them as config files.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16783
This helps with pkgbase as it switches these to using CONFS so they are
properly tagged as config files.
Approved by: will (mentor), imp
Differential Revision: https://reviews.freebsd.org/D16781
This fixes the build and I will redo these changes as part of a future review
that organizes them differently. The way I tried to do it here could be done
better. Sorry for the noise.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16737
This moves the symlink creation to after where the files are installed.
This also inverts the shell change so that it only happens if MK_TCSH is on.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16725
This helps with pkgbase by using CONFS and tagging these as config files.
Approved by: allanjude (mentor), des
Differential Revision: https://reviews.freebsd.org/D16678
This simplifies pkgbase by migrating these to CONFS so they are properly
tagged as config files.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16708
This program is currently failing, and has been for >6 months on HEAD.
Ideally, this should be run 24x7 in CI, to discover hard-to-find bugs that
only manifest with concurrent i/o.
Requested by: lwhsu, mmacy
This is pkgbase related as it uses CONFS to tag the file as a config file
Approved by: AllanJude (mentor)
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16693
This is related to pkgbase and changes these to use CONFS so that these are
tagged as config files.
Approved by: AllanJude (mentor)
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16694
This helps with pkgbase by using CONFS to tag these as config files.
Approved by: allanjude (mentor), ian, cy
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16661
This makes pkgbase easier by tagging these as CONFS so they are properly
tagged as config files.
Approved by: will (mentor)
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16553
This helps with pkgbase as it tags this as a config file so it is handled as
such
Approved by: allanjude (mentor)
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16673
This helps with pkgbase as this config file will now be tagged as a config
file
Approved by: allanjude (mentor)
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16674
This helps with pkgbase to tag this config file as a config file.
Approved by: allanjude (mentor), will (mentor)
Differential Revision: https://reviews.freebsd.org/D16559
This helps pkgbase as this config file will now be tagged as a config file.
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D16675
This helps with pkgbase as these config files will be properly tagged as
config files.
Approved by: allanjude (mentor), oshogbo
Differential Revision: https://reviews.freebsd.org/D16679
The main dhclient process is Capsicumized but also chroots to
restrict filesystem access. With r322369, pidfile(3) maintains a
directory descriptor for the pidfile, which can cause the chroot
to fail in certain cases. To minimize the problem, only chroot
if we fail to enter capability mode, and store dhclient pidfiles
in a subdirectory of /var/run, thus restricting access via
pidfile(3)'s directory descriptor.
PR: 223327
Reviewed by: cem, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D16584
This is prep for pkging base and helps tag and install config files with the
correct packages.
Approved by: bapt (mentor)
Differential Revision: https://reviews.freebsd.org/D16493
This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16466
Ntpd needs only a subset of full root privileges to do its job. Specifically
it needs the ability to manipulate system time, and to re-bind to a
privileged UDP port after interface changes. The mac_ntpd(4) policy module
(see r336525) can grant these privs.
These changes detect the availability of mac_ntpd(4). If enabled, and if the
ntpd configuration is fairly vanilla, it automatically runs ntpd as the
non-root user 'ntpd' (uid 123). "Vanilla" means the config doesn't include
command line or ntp.conf options changing the location of files or using any
files/dirs likely to be inaccessible to user ntpd. Ntpd can still run as
non-root when using such options, but the admin must ensure all required
files and dirs are accessible, and then set ntpd_user=ntpd in rc.conf.
Note that these changes also address PR 199127 by using the command_args
technique suggested in the patch. They also tangentially address PR 113552,
which is primarily about inconsistent filenames in documentation, but some
of the inconsistancy was caused by old code in rc.d/ntpd which is leftover
from the intial import from netbsd. There was code to do chroot setup which
required the use of the netbsd clockctl(4) device; that code never had any
effect on freebsd, because we lack that device and don't build ntpd with the
options that would allow using it.
PR: 113552 199127
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D16050
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.
This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.
Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.
Differential Revision: https://reviews.freebsd.org/D16281
Add src.conf knob to disable the installation of /var/db/services.db
Default to leaving services.db in place, but allow the removal of the
file and its creation with a src.conf knob.
This file ends up being 2MB in size. For small systems this is a waste
of space but its a tradeoff.
Reviewed by: bdrewery
Differential Revision: https://reviews.freebsd.org/D9655
By using INSTALL_LINK instead of calling ln during install the files
end up in the METALOG file as well if we use -DNO_ROOT and will be
included in a disk image when using makefs with METALOG as the input.
The other file that was not included in METALOG was /var/db/services.db
which is now also included for -DNO_ROOT.
Approved By: brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D15665