for pre-5.0 variable names.
Remove two dhcp compatibility variables added after the 5.1-RELEASE.
Remove the now-unused support for these shims.
Approved by: re (kensmith)
providers with limited physical storage and add physical storage as
needed.
Submitted by: Ivan Voras
Sponsored by: Google Summer of Code 2006
Approved by: re (kensmith)
otherwise the /dev/mdX.uzip won't be created immediately, which is
needed because we issue a mount right afterwards.
Approved by: re@ (bmah@)
MFC after: 2 days
so that when I applied the patch to my check-in tree the top half of my patch failed to
apply. Off course I saw what I *expected* to see (the bottom half succeeded) and
didn't notice that it had failed to apply cleanly.
Approved by: re (bmah)
in most cases, except one. The 'restart' case was not working as expected. Specifically,
it would stop both lockd and statd, but it would restart only statd (which appears first
in the script). This is because rc.subr(8) contains code to guard against infinite
recursion in the 'restart' casae.
To fix this use the traditional approach of controlling only one server from one script by
breaking out rc.d/nfslocking into its contituent parts: rc.d/lockd and rc.d/statd. Keep
rc.d/nfslocking around but don't include it in the boot rcorder(8)ing.
PR: conf/107316
Approved by: re (bmah)
MFC after: 2 weeks
commented out example who have either not responded, or specifically
asked not to participate because they do not view AXFR as "a production
service."
2. Add f.root-servers.net to the example after confirmation from
Paul Vixie.
3. Add a warning to the commented out "root zone slave" example to the
effect that it requires more attention than a hints file, and provides
more benefit to larger sites than individual hosts.
4. Correct a typo copied from RFC 2544 which was corrected in a later
errata, and confirmed in RFC 3330. Update the comment to reflect that
RFC 3330 got it right and to avoid confusion down the road. 3330 also
contains a reference back to 2544 for anyone interested in pursuing the
history. [1]
PR: conf/115573 [1]
Submitted by: Oliver Fromme <olli@secnetix.de> [1]
Approved by: re (kensmith)
that the listen-on stuff floats up to the first "page" of text. This
makes it very obvious what's going on so that someone trying to enable
a server for use on a network can easily see how to do that.
2. Change the default behavior back to using a hint zone for the root.
3. Leave the root slave zone config as a commented out example.
4. Remove the B and F root servers from the example at the request of
their operators.
Requested by: he-who-must-not-be-named [1]
Requested by: many [2]
Approved by: re (rwatson)
wpa_supplicant and other programs started by 'netif' don't get erased
by a subsequent 'cleanvar'.
Approved by: re (bmah)
Reviewed by: dougb
MFC after: 1 week
included man pages on how to use it. This code is still somewhat experimental
but has been successfully tested on a number of targets. Many thanks to
Danny for contributing this.
Approved by: re
NET_NEEDS_GIANT, which will shortly be removed. This is done in a
away that it may be easily reattached to the build before 7.1 if
appropriate locking is added. Specifics:
- Don't install netatm include files
- Disconnect netatm command line management tools
- Don't build libatm
- Don't include ATM parts in rescue or sysinstall
- Don't install sample configuration files and documents
- Don't build kernel support as a module or in NOTES
- Don't build netgraph wrapper nodes for netatm
This removes the last remaining consumer of NET_NEEDS_GIANT.
Reviewed by: harti
Discussed with: bz, bms
Approved by: re (kensmith)
sys/i4b/include/ so they will be available to all architectures
once I4B compiles on those.
I4B header files are now installed in include/i4b/ and no longer
in include/machine/.
For now we still install the headers for i386 only.
Approved by: re (kensmith)
Improvements:
* /etc/rc.suspend,rc.resume are always run, no matter the source of the
suspend request (user or kernel, apm or acpi)
* suspend now requires positive user acknowledgement. If a user program
wants to cancel the suspend, they can. If one of the user programs
hangs or doesn't respond within 10 seconds, the system suspends anyway.
* /dev/apm is clonable, allowing multiple listeners for suspend events.
In the future, xorg-server can use this to be informed about suspend
even if there are other listeners (i.e. apmd).
Changes:
* Two new ACPI ioctls: REQSLPSTATE and ACKSLPSTATE. Request begins the
process of suspending by notifying all listeners. acpi is monitored by
devd(8) and /dev/apm listener(s) are also counted. Users register their
approval or disapproval via Ack. If anyone disapproves, suspend is vetoed.
* Old user programs or kernel modules that used SETSLPSTATE continue to
work. A message is printed once that this interface is deprecated.
* acpiconf gains the -k flag to ack the suspend request. This flag is
undocumented on purpose since it's only used by /etc/rc.suspend. It is
not intended to be a permanent change and will be removed once a better
power API is implemented.
* S5 (power off) is no longer supported via acpiconf -s 5 or apm -z/-Z.
This restores previous behavior of halt/shutdown -p being the interface.
* Miscellaneous improvements to error reporting
Approved by: re
best practices:
1. The old way of generating the localhost zones was not optimal both
because they did not exist by default, and because they were not really
aligned with BCP. There is no need to have the dynamic data that the
make-localhost script generated, and good reasons to do this more
"by the book."
2. In named.conf
a. Clean up white space
b. Add/clarify a few comments
c. Slave zones from the root servers instead of using a hints
file. This has several advantages, as described in the comments.
d. Significantly revamp the default zones, including the
forward localhost zone, and the reverse zones for IPv4 and IPv6
loopback addresses. There are extensive comments describing what
is included and why. Interested readers should take the time to
review the RFCs mentioned in the comments. There is also relevant
information about the motivations for hosting these zones in the
"work in progress" Internet-Draft,
http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
or its successor.
It's also worth noting that a significant number of these
empty zones are already included by default in the named binary
without any user configuration.
e. Because we're including a lot of examples of both local
forward zones and slave zones in the default configuration,
eliminate some of those examples.
3. Add new localhost-{forward|reverse} zone files, and an "empty" zone
to support the changes in 2.d. above. The empty zone file isn't really
empty in order to avoid a warning from BIND about a zone file that
doesn't contain any A or AAAA records.
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.
In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.
The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs. E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM. When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made. Then it'll be
enough to set the expire field in future for the commands to run
again. And so on.
Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.
X-Security: should benefit as users have access to cron(8) by default
/etc/rc.d/sendmail whether or not to run newaliases if the database
is missing or the aliases text file is newer than aliases.db.
In my opinion, the aliases file should never be automatically rebuilt.
The current text form could represent a work in progress. Therefore,
in FreeBSD 7.0, this new option will default to "NO". When this rc.d
change is MFC'ed, it will need to remain "YES" to maintain backward
compatibility.
PR: conf/86252
Approved by: re (kensmith)
MFC after: 3 days
id used by sysinstall when enabling anonymous FTP.
Change the default group used by sysinstall for setting up anonymous FTP
from operator to ftp; there is no reason to use operator and there are
potential security issues when doing so.
PR: 93284
Approved by: ru (mentor)
Reviewed by: simon
instead of an authentication function. There are a design reason
and a practical reason for that. First, the module belongs in
account management because it checks availability of the account
and does no authentication. Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.
Document this change in the manpage.
Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.
Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)
PR: bin/112574
Approved by: des, re
when figuring out what the real interpreter is for an
interpreted command. That is, check whether we can read
the script file in the first place and, if so, make sure
we got a valid shebang line from it.
stop looking there for things like rc.d and periodic. This avoids
duplicating effort when /usr/X11R6 is a symlink to /usr/local,
which it is by default now.
It is not anticipated at this time that we will MFC this change, since
we'd like to avoid breaking legacy systems. However, there is a fix for
/etc/rc.subr in the works to avoid running any rc.d scripts twice which
we should be able to MFC.
/etc/rc.d/hostid now that we switched the origin of the UUID (variable
smbios.system.uuid as provided by the i386 BIOS code) to already provide
a standard conforming lower-case UUID text representation.
usage to an equivalent csh(1) usage as tr(1) stays in /usr/bin and
/etc/rc.d/hostid has just the root filesystem (and this way mainly the
tools in /bin) available.
I've chosen csh(1) here as the string manipulation tools available in
/bin is extremely limited and the (only) alternative ed(1) usage would
have been a lot more complicated or even might require a temporary file.
and ISO/IEC-9834-8:2005 is with LOWER-CASE hexadecimal characters only,
so translate the (usually upper-case and this way not conforming)
representation of the BIOS UUID when reading it. Also be more strict
about the valid characters in the textual representation by checking for
just the hexadecimal characters.
list.
This is only for the well known known ports (port 1-1023) for tcp and
udp only.
Changes:
- Removed "problems" comments around port 57, 77 and 87
- Removed audionews (port 114)
- Added imap3 (port 220)
- Removed yak-chat (port 258)
- Removed concert (port 786)
- Added a lot of new allocations
Submitted by: edwin
scripts in rc.d to stop rc(8) from booting into multi-user mode when
a critical or severe error condition is encountered.
o Modify scripts in etc/rc.d that already implemented this functionality
independently.
o Document it.
[1] - This subroutine was implemented in FreeBSD in rc.d/fsck. I moved it
to rc.subr(8). Our version differs slightly in that it takes an
optional argument to stop the boot even if "autoboot" is not set.
Obtained from: NetBSD
MFC after: 2 weeks
"forced". If some pre-condition is not met, it should fail as it normally
does and rc.subr(8) will make the appropriate decision. Incidentally, the
previous behaviour had a bug where the "force" flag was respected only
when checking rc.conf(5) knobs. The flag was ignored when verifying the
rpcbind(8) dependency.
MFC after: 2 weeks
dependency was introduced because this script had rc.d/localpkg (which is
*after* rc.d/NETWORKING) in its REQUIRE line.
From an examination of its contents it seems that only the availability of
a local filesystem is necessary for this script to function properly.
'zfs mount -a' from the main system - this is by design, as mountpoint
may be set to dangerous value. This all means, that such file system
has to be mounted from within a jail. To make it easier, reorganize
rc.d/zfs script so it can be used from within a jail.
NFS-share anything. This way we can safely start mountd with
/etc/zfs/exports and mountd won't complain.
Pointed out by: ceri
- Move 'zfs volinit' before 'zfs mount -a' and 'zfs volfini' after
'zfs unmount -a'.
The registration names for 5222(tcp,udp) and 5269(tcp,udp) was changed to
xmpp-client and xmpp-server correspondingly.
This inconsistency causes problems to applications developed on other
systems, as they tries to use port numbers from /etc/services as fallback.
PR: conf/100606
Submitted by: Ralph Meijer <freebsd-gnats2@ralphm.ik.nu>
Approved by: maxim
MFC after: 1 week
software-generated UUID. Store the result in /etc/hostid and use it in
the future. Perform simple UUID format check, as there is a lot of
hardware with broken UUIDs. The check should be improved to also eliminate
fake UUIDs like 00000000-0000-0000-0000-000000000000.
Requested by: many
which can be used to turn off multicast pfsync support, and enable
the transmission of directed PFSYNC (IP protocol: 240) packets to
a specific "sync peer" host.
PR: conf/111225
Submitted by: Bas van Beek <bas@tobin.nl>
Approved by: mtm, mlaier
MFC after: 2 weeks
UUID and stores it in /etc/hostid ($hostid_file) as well as sets kern.hostuuid
and kern.hostid sysctls on every boot.
Hostid can be reset using '/etc/rc.d/hostid reset' command.
Hostid generation and setting can be turned off by setting variable
hostid_enable to "NO" in /etc/rc.conf.
Reviewed by: mlaier, rink, brooks, rwatson
and takes over mountcritlocal's role as the early / late divider. This
makes it far easier to add rc scripts which need to run early, such as a
startup script for zfs, which is right around the corner.
This change should be a no-op; I have verified that the only change in
rcorder's output is the insertion of FILESYSTEMS immediately after
mountcritlocal.
MFC after: 3 weeks
If the firewall script is sourced directly from the script, then any
exit statements in it will also terminate the rc.d script prematurely.
PR: conf/78762
MFC-After: 2 weeks
All xxx_<ifname> flags are set to empty strings automatically earlier so
eval echo \${${prefix}${_if}${suffix}-${_default}}
not substitute the default but return just the empty string.
Fix it using
eval echo \${${prefix}${_if}${suffix}:-${_default}}
(i.e. treat empty strings as unset)
The bug manifistates itself with the following warning from checkyesno():
/etc/rc.d/dhclient: WARNING: $background_dhclient is not set properly -
see rc.conf(5)
The code looks for all the loaded screensaver modules, tries to
kldunload them, and only loads the new one if kldstat's output shows
that there aren't any left. However, the regexp looking for modules
to unload was still searching according to the the old naming scheme,
splash_<name>.ko, instead of <name>_saver.ko.
MFC after: 3 days
the background fsck indefinitely. This allows the administrator to run
it at a convenient time. To support running it from cron, the
forcestart argument now causes the fsck to start with no delay and all
output to be suppressed.
insert a slash between ${_chroot} and the pathname if and only if
${_chroot} is set to a non-empty string. Now the pathname is very
likely to be absolute, but we shouldn't take that for granted.
for /tmp and /var. This makes the memory discs swap-backed instead
of malloc-backed. A swap-backed memory disc should not be worse
than a malloc-backed one in any scenario because it will start
touching swap only when needed. OTOH, a malloc-backed disc can
starve limited kernel resources and evenually crash the system.
Reflect the change in the rc.conf(5) manpage. Also stop telling
lies there about softupdates: it does not waste disc space, it
just can delay its freeing.
Suggested by: many
PR: kern/87255
MFC after: 1 week
Include /var/db/entropy-file in the reseeding if present. It is used for
last-ditch efforts to save entropy and thus should also be used to seed
the RNG when starting. Print a warning instead of an error if writing the
file fails -- err() exits, preventing the umask from being restored.
Also, since there's not much that can be done about it, notifying the user
is all that's needed.
MFC after: 2 weeks
uuencoded format along with their respective LICENSE files.
- Add new share/doc/legal directory to BSD.usr.dist mtree file. This is the
place we install LICENSE files for restricted firmwares.
- Teach firmware(9) and kmod.mk about licensed firmwares. Restricted firmwares
won't load properly unless legal.<name>.license_ack is set to 1, either
via kenv(1) or /boot/loader.conf.
Reviewed by: mlaier, sam
Permitted by: Intel (via Andrew Wilson)
MFC after: 1 month
arrangement that has no intrinsic internal knowledge of whether devices
it is given are truly multipath devices. As such, this is a simplistic
approach, but still a useful one.
The basic approach is to (at present- this will change soon) use camcontrol
to find likely identical devices and and label the trailing sector of the
first one. This label contains both a full UUID and a name. The name is
what is presented in /dev/multipath, but the UUID is used as a true
distinguishor at g_taste time, thus making sure we don't have chaos
on a shared SAN where everyone names their data multipath as "Fred".
The first of N identical devices (and N *may* be 1!) becomes the active
path until a BIO request is failed with EIO or ENXIO. When this occurs,
the active disk is ripped away and the next in a list is picked to
(retry and) continue with.
During g_taste events new disks that meet the match criteria for existing
multipath geoms get added to the tail end of the list.
Thus, this active/passive setup actually does work for devices which
go away and come back, as do (now) mpt(4) and isp(4) SAN based disks.
There is still a lot to do to improve this- like about 5 of the 12
recommendations I've received about it, but it's been functional enough
for a while that it deserves a broader test base.
Reviewed by: pjd
Sponsored by: IronPort Systems
MFC: 2 months
bad or illegal. This prevents matching on systems that
have a name that matches the query.
PR: conf/107560
Submitted by: Christian Laursen <cfsl at pil dot dk>
MFC after: 3 days
Approved by: imp (mentor)
Note: This also deprecates "NO" as a way to specify an empty list of
interfaces for gif_interfaces.
PR: conf/104884
Submitted by: nork
Harassed by: brd
Discussed with: brooks, dougb
o Remove ttyyX, created by the obsolete zs(4)
o Replace ttydX by ttyuX, which is created by uart(4)
o Enable ttyu0 as a console to better support the xserve.
MFC after: 1 week
modern dual-core systems as well.
- Parse the _CST packages for each cpu and track all the states individually,
on a per-cpu basis.
- Revert to generic FADT/P_BLK based Cx control if the _CST package
is not present on all cpus. In that case, the new driver will
still support per-cpu Cx state handling. The driver will determine the
highest Cx level that can be supported by all the cpus and configure the
available Cx state based on that.
- Fixed the case where multiple cpus in the system share the same
registers for Cx state handling. To do that, added a new flag
parameter to the acpi_PkgGas and acpi_bus_alloc_gas functions that
enable the caller to add the RF_SHAREABLE flag. This flag could also be
useful to other callers (acpi_throttle?) in the tree but this change is
not yet made.
- For Core Duo cpus, both cores seems to be taken out of C3 state when
any one of the cores need to transition out. This broke the short sleep
detection logic. It is disabled now if there is more than one cpu in
the system for now as it fixed it in my case. This quirk may need to
be re-enabled later differently.
- Added support to control cx_lowest on a per-cpu basis. There is still
a generic cx_lowest to enable changing cx_lowest for all cpus with a single
sysctl and for ease of use. Sample output for the new sysctl:
dev.cpu.0.cx_supported: C1/1 C2/1 C3/57
dev.cpu.0.cx_lowest: C3
dev.cpu.0.cx_usage: 0.00% 43.16% 56.83%
dev.cpu.1.cx_supported: C1/1 C2/1 C3/57
dev.cpu.1.cx_lowest: C3
dev.cpu.1.cx_usage: 0.00% 45.65% 54.34%
hw.acpi.cpu.cx_lowest: C3
This work was done by Stephane E. Potvin with some simple reworking by
myself. Thank you.
Submitted by: Stephane E. Potvin <sepotvin / videotron.ca>
MFC after: 2 weeks
in a previous commit to avoid namespace collisions, unfortunately I missed two
of them. This leads to the ip alias being incorrectly removed in some cases
when using the stop command.
Reported by: Philipp Wuensche <cryx-freebsd@h3q.com>
interpreted $command. Some "portable" sofware packages use such a
line to skip the task of figuring out the absolute pathname of the
interpreter at install time, e.g.:
#!/usr/bin/env python
It is insecure, but a popular book on Python seems to have advised
it to a wide audience. Hence a number of such scripts in the ports,
mostly written in Python.
PR: bin/100287
MFC after: 1 week
scripts, except for mdconfig* and jail. Such symbols are reserved
for the rc.subr internals. Most scripts can be fixed by just
declaring _foo symbols as local: few scripts actually need them to
be global.
Discussed with: dougb in freebsd-rc
With the second (and last) part of my previous Summer of Code work, we get:
-ipfw's in kernel nat
-redirect_* and LSNAT support
General information about nat syntax and some examples are available
in the ipfw (8) man page. The redirect and LSNAT syntax are identical
to natd, so please refer to natd (8) man page.
To enable in kernel nat in rc.conf, two options were added:
o firewall_nat_enable: equivalent to natd_enable
o firewall_nat_interface: equivalent to natd_interface
Remember to set net.inet.ip.fw.one_pass to 0, if you want the packet
to continue being checked by the firewall ruleset after being
(de)aliased.
NOTA BENE: due to some problems with libalias architecture, in kernel
nat won't work with TSO enabled nic, thus you have to disable TSO via
ifconfig (ifconfig foo0 -tso).
Approved by: glebius (mentor)
Implement the checks for required_* objects as two functions, one
to be run before precmd and the other after it. They get the current
rc command as an argument so they can choose what requirement tests
to perform. As of now, only "start" needs such tests.
Implement a new requirement variable, required_modules. It can
list kernel modules that need to be loaded after start_precmd
indicated success. Each name in the list can be just "file", or
"file:module", or "file~regex". This will allow us to remove a lot
of duplicated code from rc.d scripts.
Perform the checks not only for the default start method, but for
any method. This allows for more flexibility and fixes a few rc.d
scripts (namely newsyslog, pf, sendmail) that rely on a required_*
variable while providing a non-default start method.
To be able to call the new check_required* functions naturally,
remove lots of crufty duplicated code pieces from run_rc_command
and replace each of them by a call to the helper function providing
a single corrected instance of the respective code snippet. Now
run_rc_command isn't as scary as it used to be, and it even appears
to have quite a nice logic that was obscured by the old crufty code.
In the default handler for restart, run start from a subshell to
protect global varibles, e.g., _postcmd, from modification by the
start handler. This enables using restart_postcmd. [x]
PR: conf/98734 [x]
Submitted by: Rick van der Zwet <rick@wzoeterwoude.net> [x]
Reviewed by: freebsd-rc (silence for an older version)
MFC after: 1 month
After a change of devd.conf, devd(8) handles NIC attach/detach event
by using /etc/pccard_ether with the interface name as the argument.
This model does not work properly with IPv6 configuration because the
implementation of IPv6 stateless auto-configuration in the FreeBSD
rc.d scripts depends on whether there are any explicit configurations
for interfaces or not. It works this way: if no manual configuration,
it will perform auto-configuration, but otherwise no
auto-configuration will be performed. So, this behavior can only be
determined by all of the interfaces on a system, not a single one.
For this reason, the network6_interface_setup() function called from
the pccard_ether_start() does not work with a single interface name.
And what is worse, this combination of devd.conf and
pccard_ether_start() caused a bad side-effect that when
ipv6_enable=YES, all of interfaces marked as DOWN would be UP
unconditionally (and router solicitation was sent) just after devd(8)
was invoked. This should be fixed in a more sophisticated way.
A kernel with INET6 always has ::1 on lo0, so in the case of
ipv6_enable="NO" the lo0 can have ::1 with no link-local address.
This is a violation of the IPv6 specification. As a workaround for
this situation, fe80::1 is added in rc.d/auto_linklocal when lo0 has
no link-local address. This should not be harmful for IPv4-only users.
- add better checks on non-existing directories to prevent error
messages at run time;
- introduce a function log() to help debugging diskless booting
when things don't work;
- modify the parsing of diskless_remount so you can add mount_nfs
options after the pathname. You could use 'remount' to do something
similar, but this way is more convenient because you don't have to
hardwire the server name in the command.
- document the above.
I have been running the above in a diskless lab since february on RELENG_6.
MFC after: 1 week
There's no dollar use in variable assignment in sh.
Assuming this is can be expected behavior for some
people, this change won't be MFC'ed to RELENG_6.
Discussed with: yar on -rc