Commit Graph

5552 Commits

Author SHA1 Message Date
rpaulo
5d588b2eef Implement ifconfig_wlanX="HOSTAP".
Not only this is a bit cleaner, it allows multiple instances of hostapd to be
running on the system host, useful for simultaneous dual-band WiFi.
This is similar to ifconfig_wlanX="WPA" but it uses /etc/hostapd-wlanX.conf.
Compatibility with hostapd_enable=YES/NO was kept.

Reviewed by:	adrian
2013-06-26 04:00:52 +00:00
jhb
b29359892a If daily_status_security_inline is set, the rc value needs to be
forced to 3 so that the output of this script is always displayed.
In fact, setting this flag is identical to setting
daily_status_security_output to an empty string.  To make the logic
less confusing, change the behavior of daily_status_security_inline
such that it just forces daily_status_security_output to an empty
string and then applies the normal logic.

PR:		conf/178611
Submitted by:	Jason Unovitch <jason.unovitch@gmail.com>
MFC after:	3 days
2013-06-25 15:45:31 +00:00
kevlo
cf77f1cdfb Regenerate usb.conf after r252196.
Spotted by:	rpaulo
2013-06-25 07:17:30 +00:00
delphij
8d3f5f270f Call sshd_precmd instead of sshd_configtest when the operator
requests reload or restart, which, in addition of testing the
configuration, will also generate host keys when they are not
present (previous behavior).

Obtained from:	FreeNAS
Ok'ed by:	bdrewery, des
MFC after:	1 week
2013-06-21 17:23:19 +00:00
hrs
754a6006f2 - Add CIDR notation support like 192.168.1-2.10-16/24 to $ifconfig_IF_aliasN.
This is an extended version of ipv4_addr_IF which supports both IPv4 and
  IPv6, and multiple range specifications.  To avoid to generate too many
  addresses, the maximum number of the generated addresses is currently
  limited to 31.

- Add $ifconfig_IF_aliases, which accepts multiple IP aliases in a variable.

- ipv6_prefix_IF now supports !/64 prefix length.  In addition to the old
  64-bit format (2001:db8:1:1), a full 128-bit format like 2001:db8:1:1::/64
  is supported.

- Replace ifconfig command with $IFCONFIG_CMD variable to support
  a dry-run mode in the future.

- Remove IP aliases before removing all of IPv4 addresses when doing
  "rc.d/netif down".

- Add a DAD wait to network6_getladdr() because it is possible to fail to
  configure an EUI64 address when ipv6_prefix_IF is specified.

A summary of the supported ifconfig_* variables is as follows:

 # IPv4 configuration.
 ifconfig_em0="inet 192.168.0.1"
 # IPv6 configuration.
 ifconfig_em0_ipv6="inet6 2001:db8::1/64"
 # IPv4 address range spec.  Now deprecated.
 ipv4_addr_em0="10.2.1.1-10"
 # IPv6 alias.
 ifconfig_em0_alias0="inet6 2001:db8:5::1 prefixlen 70"
 # IPv4 alias.
 ifconfig_em0_alias1="inet 10.2.2.1/24"
 # IPv4 alias with range spec w/o AF keyword (backward compat).
 ifconfig_em0_alias2="10.3.1.1-10/32"
 # IPv6 alias with range spec.
 ifconfig_em0_alias3="inet6 2001:db8:20-2f::1/64"
 # ifconfig_IF_aliases is just like ifconfig_IF_aliasN.
 ifconfig_em0_aliases="inet 10.3.3.201-204/24 inet6 2001:db8:210-213::1/64 inet 10.1.1.1/24"
 # IPv6 alias (backward compat)
 ipv6_ifconfig_em0_alias0="inet6 2001:db8:f::1/64"
 # IPv6 alias w/o AF keyword (backward compat)
 ipv6_ifconfig_em0_alias1="2001:db8:f:1::1/64"
 # IPv6 prefix.
 ipv6_prefix_em0="2001:db8::/64"

Tested by:	Kimmo Paasiala
2013-06-20 02:29:49 +00:00
dteske
59d4cd3965 Allow $ntpdate_config to be NULL. Due to a lack of surrounding quotes, when
ntpdate_config was set to NULL the conditional would (counter to prevailing
logic) succeed -- leading to awk attempting to redirect from a NULL pathname
standard-in. While we're here, make the script consistant with itself by
removing the {curlies} around ntpdate_config (they are unnecessary).
2013-06-18 02:37:15 +00:00
eadler
bf7c0f2705 Remove CVS from the base system.
Discussed with:	many
Reviewed by:	peter, zi
Approved by:	core
2013-06-15 20:29:07 +00:00
crees
5219f99e6a Clean up swapfile memory disk on shutdown
Make the md unit number configurable so that it can be predicted

PR:		bin/168544
Submitted by:	wblock (based on)
Approved by:	kevlo
2013-06-12 16:44:17 +00:00
rpaulo
9d1db4bf39 Regen. 2013-06-10 05:45:53 +00:00
hrs
2ec3ccab05 Add :ifname modifier to specify interface-specific routes into
{,ipv6_}static_routes and rc.d/routing.  For example:

 static_routes="foo bar:em0"
 route_foo="-net 10.0.0.0/24 -gateway 192.168.2.1"
 route_bar="-net 192.168.1.0/24 -gateway 192.168.0.2"

At boot time, all of the static routes are installed as before.
The differences are:

- "/etc/rc.d/netif start/stop <if>" now configures static routes
  with :<if> if any.
- "/etc/rc.d/routing start/stop <af> <if>" works as well.  <af> cannot be
  omitted when <if> is specified, but a keyword "any" or "all" can be used
  for <af> and <if>.
2013-06-09 18:11:36 +00:00
emaste
390d8402e0 Add a new knob WITH_DEBUG_FILES to control the building of standalone
debug files for userland programs and libraries.  The "-g" debug flag
is automatically applied when WITH_DEBUG_FILES is set.

The debug files are now named ${prog}.debug and ${shlib}.debug for
consistency with other systems and documentation.  In addition they are
installed under /usr/lib/debug, to simplify the process of installing
them if needed after a crash.  Users of bsd.{prog,lib}.mk outside of the
base system place the standalone debug files in a .debug subdirectory.
GDB automatically searches both of these directories for standalone
debug files.

Thanks to everyone who contributed changes, review, and testing during
development.
2013-06-07 21:40:02 +00:00
jamie
7941fefd80 Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't
apply to most jails but do apply to vnet jails.  This includes adding
a new sysctl "security.jail.vnet" to identify vnet jails.

PR:		conf/149050
Submitted by:	mdodd
MFC after:	3 days
2013-05-19 04:10:34 +00:00
asomers
641feb7a9e etc/rc.d/syslogd
Add netif as a requirement of syslogd to get lo0 up.  Currently, this
	doesn't affect the rc order, because mountcritremote already depends on
	netif.

Reviewed by:	eadler
Approved by:	kenm (mentor)
MFC after:	2 weeks
2013-05-13 20:28:24 +00:00
eadler
a29b04fcf3 Revert r250565 which causes issues for older CPUs
PR:		conf/178504
Requested by:	many
2013-05-12 21:24:18 +00:00
eadler
168bd583e8 Make newsyslog compress logs with xz instead of bzip2 to save space.
PR:		conf/178504
Submitted by:	ak
Reviewed by:	smh
2013-05-12 15:23:59 +00:00
eadler
e48cd1a04f Unconditionally install 210.backup-aliases as many MTAs other than
sendmail support the use of /etc/aliases.

PR:		conf/176098
Submitted by:	ak
MFC after:	2 weeks
2013-05-11 23:55:43 +00:00
eadler
921cd169ef Bring /etc/protocols up to date.
PR:	conf/175397
Submitted by:	ak
2013-05-10 13:57:44 +00:00
hrs
4bf79fd947 - Fix exit status when ip6addrctl_verbose=yes [*]
- Use the absolute pathname for ip6addrctl.
- Use "install" instead of "add" to reduce the number of invocations.

Reported by:	Tatsuki Makino [*]
PR:		conf/175006 [*]
MFC after:	1 week
2013-05-04 15:42:55 +00:00
crees
6473a2540f Introduce and use new flag -L to mount for mounting only late filesystems.
Previously, rc.d/mountlate mounted *all* filesystems, causing problems with
background NFS mounts being mounted twice.

PR:		conf/137629
Submitted by:	eadler (original concept)
Reviewed by:	mjg
Approved by:	hrs
2013-05-04 14:00:16 +00:00
brooks
ac509d44ad Make an attempt to detect missing MTREE files in distrib-dirs. Not
perfect, but this is just a developer seatbelt.

PR:		conf/176897
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com>
MFC after:	1 week
2013-04-30 19:26:44 +00:00
gshapiro
e106d00d68 Minor changes to force commit these files so new freebsd*.cf files are
built to use the new sendmail-8.14.6/cf tree.

MFC after:	4 days
2013-04-21 17:11:45 +00:00
bdrewery
b5bdbccc2d Also call configtest before reload to ensure working config.
Approved by:	jhb
MFC after:	1 week
X-MFC-With:	r249489
2013-04-16 17:30:13 +00:00
bdrewery
f1d57c3c1d Run configtest before restarting so that the system is not
left without a running sshd.

Approved by:	des
MFC after:	1 week
2013-04-14 21:11:19 +00:00
dim
4ca88b0ec1 Upgrade our copy of llvm/clang to trunk r178860, in preparation of the
upcoming 3.3 release (branching and freezing expected in a few weeks).

Preliminary release notes can be found at the usual location:
<http://llvm.org/docs/ReleaseNotes.html>

An MFC is planned once the actual 3.3 release is finished.
2013-04-12 17:57:40 +00:00
hselasky
2c54a031fd Regenerate usb.conf
MFC after:	1 week
2013-04-06 17:25:17 +00:00
mav
5d62c483f5 Remove periodic script for ataraid(4) and add instead script for graid(8). 2013-04-04 15:03:12 +00:00
emaste
f09dcb3ac2 Format per etc/mtree/README
- Spaces instead of tabs
- Sort some i18n entries
2013-04-01 17:15:04 +00:00
avg
08dd09547b rc.subr: disabling globbing while processing devfs rules
The rules themselves typically have shell-like patterns and it is
incorrect when they get replaced with matching filesystem entries.

Shell magic by:	jilles
MFC after:	2 weeks
2013-03-28 08:13:52 +00:00
jilles
b69a01f7fa rc.d/sysctl: Fix error messages about unknown OIDs.
There are three situations where the sysctl script is called:
1. "start", very early
2. "lastload", near the end of rc
3. "reload", at admin request while the system is booted

Ignore unknown OIDs in situation 1 because kernel modules may not be loaded
yet and complain about them in situations 2 and 3.

PR:		conf/174595
Submitted by:	Olivier Smedts
2013-03-22 20:12:25 +00:00
cperciva
f07d0be8f8 Fix typo in previous commit: Exit if */dev/dumpdev* does not exist, not if
*/bin/realpath* does not exist...

Submitted by:	markj
Pointy hat to:	cperciva
2013-03-19 05:08:25 +00:00
cperciva
262a11c529 If dumpdev is AUTO but no dump device has been set -- i.e., there is no swap
space configured for rc.d/dumpon to designate for dumping -- then exit
silently rather than with a
> realpath: /dev/dumpdev: No such file or directory
error message.

An argument could be made that we should print a (more informative) warning
message; but given that under the same conditions the rc.d/dumpon script will
already print a
> No suitable dump device was found
warning, it seems that printing an additional
> Dump device does not exist.  Savecore not run.
warning would be superfluous.
2013-03-19 04:42:04 +00:00
neel
b893c0b25f Add bhyve to examples.
Requested by: alfred, julian
Obtained from:	NetApp
2013-03-18 23:46:14 +00:00
antoine
0449dd83b1 Finish portalfs removal. 2013-03-10 17:33:41 +00:00
cperciva
0212924a12 Now that stable/7 is EOL, stop building INDEX-7.
MFC after:	1 week
2013-03-07 20:48:36 +00:00
schweikh
1b7bd76800 Comment cosmetics: capitalize SCSI
Fix some hard tabs in the wrong place.

MFC after:	2 weeks
2013-03-02 18:08:03 +00:00
des
11d336c804 If rtadvd_interfaces is set to "none", start rtadvd without listing
any interfaces on the command line.

MFC after:	1 week
2013-02-25 17:07:42 +00:00
ache
2f7ddc2dcd Back out prev. change preventing /sys/sys symlink. It appears my install
was not very recent and not acts like 'ln -h'
2013-02-22 19:57:18 +00:00
ache
711b357b3d In 'make hierarchy' don't install /sys/sys pointing to usr/src/sys
but just /sys pointing there
2013-02-17 13:06:59 +00:00
jkim
824572aa99 Revert r227528 and r227787. This hack is no longer necessary since r233580. 2013-02-15 22:58:44 +00:00
jhb
b313f550e1 Install <dev/agp/agpreg.h> and <dev/pci/pcireg.h> as userland headers
in /usr/include.

MFC after:	2 weeks
2013-02-05 18:55:09 +00:00
des
2ab43ec83e Load the pfsync module if necessary.
Reviewed by:	glebius@
MFC after:	1 week
2013-02-05 12:18:39 +00:00
ume
d10987d402 Use the default policy table of RFC 6724.
MFC after:	1 weeks
2013-02-02 18:08:09 +00:00
brooks
3e28301ce2 When adding the directory ownership to the METALOG do it by name rather
than number as is done in install so as to differ binding of names to
ids.

Remove the -W flag from the mtree command so that the correct user and
group is recorded rather than the default.
2013-01-30 17:39:43 +00:00
brooks
1a89a21cbd Log the addition of login.conf.db, passwd, pwd.db, and spwd.db via cat -l.
Make cat a bootstrap tool to facilitate this.
2013-01-29 22:17:58 +00:00
neel
15607eb86a Increase the "memorylocked" limit for the "daemon" class.
amd(8) requires more than the 64MB that is currently available to it so bump
it up to 128MB.

Reviewed by:	kib
Discussed with:	avg, kib, zont
2013-01-27 21:55:01 +00:00
brooks
75f69e58cc Introduce a new option -DNO_ROOT that allows install and distribution
targets to be run without root privilege.

Information about ownership, group, flags, and suid bits are stored in
the file specified by METALOG which defaults to ${DESTDIR}/METALOG.
This file can be used in conjunction with bsdtar or makefs to generate
archives or file system images with correct permissions.

The packageworld target has been altered to use this metadata allowing
non-root releases (subject to further changes in release/Makefile.)

Sponsored by:	DARPA, AFRL
Reviewed by:	ian, ray
2013-01-22 21:10:03 +00:00
brooks
6c2d158aba Replace all known uses of ln in the build process with appropriate
install -l invocations via new INSTALL_LINK and INSTALL_SYMLINK
variables.

Sponsored by:	DARPA, AFRL
Reviewed by:	ian, ray, rpaulo
2013-01-21 22:40:39 +00:00
brooks
2ba8b9706f In r245571, "rm -rf <foo>; ln -s <bar> <foo>" needed to be replaced with
"ln -sfh <bar> <foo>" or the links would fail when a valid link to a
directly was in place at <foo>.

Reported by:	peter
Tested by:	peter
Pointy hat to:	brooks
2013-01-17 23:05:03 +00:00
brooks
6fd273a1c0 In preparation for logging metadata about each filesystem object
refactor the link section of distrib-dirs to alwasy install to a full
path (the link contents remain relative as they should).

Eliminate the use of the "rm -r[f] <foo>; ln -s <bar> <foo>" pattern in
favor of "ln -sf <bar> <foo>".  None of these links could be directories
on a system installed in the last decade.

Sponsored by:	DARPA, AFRL
Reviewed by:	mtree
2013-01-17 20:21:30 +00:00
brooks
a390aab857 Rework the mtree portion of etc/Makefile's distrib-dirs target to run
mtree in a shell loop so there is only one mtree commandline.  Move the
implementation of LOCAL_MTREE into etc/Makefile.

Sponsored by:	DARPA, AFRL
Reviewed by:	mtree :)
2013-01-17 18:32:30 +00:00