Commit Graph

1638 Commits

Author SHA1 Message Date
yokota
dbd5e0f903 Added kbd*. 1999-01-06 16:18:05 +00:00
peter
cd5d3a5df5 We load kld's in preference to LKM's, these do not need the root fs to be
read/write to load.
1999-01-06 14:01:52 +00:00
obrien
a44cf1006b make comments more consistant 1999-01-06 02:44:29 +00:00
billf
6abb583118 Missing word. (in comments, non-destructive bug) 1999-01-04 21:21:10 +00:00
jkh
c9db69e854 Allow rwhod to take flags.
PR:		7705
Submitted by:	Johan Karlsson <k@numeri.campus.luth.se>
1999-01-03 22:19:23 +00:00
n_hibma
ea1bd971b4 Corrected the major number for usb and added ums as major 111 1999-01-03 16:48:03 +00:00
billf
7368cdd0db UUCP Cleanup should be done by the UUCP user.
PR:		bin/7749
Submitted by:	Ruslan Ermilov <ru@ucb.crimea.ua>
1999-01-01 21:07:39 +00:00
billf
a81a07d54f Make periodic(8) and the security mailings reflect the full FQDN, as opposed
to a hostname. This will help those who keep a cluster of machines all with
the same hostname but different domain names.

PR:		bin/9091
Submitted By:	Heikki Suonsivu <hsu@clinet.fi>
No Response From: -current mailing list
1999-01-01 17:37:33 +00:00
peter
7766c8cbe4 Reconnect pcvt hooks..
Reviewed by:	core
1999-01-01 08:45:44 +00:00
dt
5af00d0eaa Add entry for rusiian FAQ. 1998-12-30 09:50:43 +00:00
hoek
b71b862fb2 Slightly clarify wording of "Example". 1998-12-29 22:17:31 +00:00
cwt
d142d46d65 Don't set a MANPATH by default for users who aren't in a login class.
man(1) will utilize manpath(1) if MANPATH is unset in the environment,
and with our existing manpath.config it is enough to find the X11
pages among others.

	PR: 8587
	Submitted by: Marc Slemko <marcs@znep.com>
1998-12-27 23:55:01 +00:00
jkh
4a9f465540 Update comment for saver variable now that its changed its function
(and list of available values) somewhat.
1998-12-27 23:00:18 +00:00
des
fae7f68e75 List the warp screensaver along with the others. 1998-12-27 22:04:12 +00:00
phk
9d6fbd1091 follow up to:
Pre 3.0 branch cleanup casualty #4: pcvt
1998-12-27 16:44:24 +00:00
dillon
ef6bc7ee8c Add (commented out) directive and note regarding dumpfile location
when running in a sandbox.

Submitted by:	Ben Smithurst <ben@scientia.demon.co.uk>
1998-12-23 06:06:13 +00:00
jkh
09fed40570 Add /usr/share/examples/bootforth so that world builds don't start falling
over.

Forgotten by:	abial :-)
1998-12-22 12:33:32 +00:00
dillon
c8892ea5ce Take bind out of sandbox and run it as root again, but leave support
mechanisms ('bind' user and group) in place so the feature can be easily
    turned on.  There were too many complaints.  The security(1) man
    page will be created/updated to include the appropriate info.
1998-12-19 07:25:56 +00:00
asami
615c9f88c4 Add share/emacs/site-lisp. Too many things break without it.
Reviewed by:	ports list (a long time ago)
1998-12-18 08:06:34 +00:00
ghelmer
2b1259bfa2 Document securelevel 3.
PR:		docs/8674
1998-12-16 17:14:16 +00:00
peter
b21a9231aa Old nit lying around in a source tree: Slightly optimize the number of
uname/gname overrides and /sets.
1998-12-16 05:50:25 +00:00
peter
279666945c Old nit lying around: Don't override the gname when it's the same as the
previous /set.
1998-12-16 05:47:53 +00:00
peter
285c01114a Old stuff laying around: Don't override /tmp to the same uid/gid as the
previous /set defaults
1998-12-16 05:45:58 +00:00
dillon
221998f917 Added /usr/share/examples/portal to mtree 1998-12-16 05:01:44 +00:00
msmith
062fd6b567 Add another modem (Psion Dacom)
Submitted by:	"Gary Palmer" <gpalmer@FreeBSD.ORG>
1998-12-15 02:57:30 +00:00
dillon
5b20a73d8e More locale directory structure updates for DIS_8859-15 1998-12-14 08:06:57 +00:00
dillon
186dedc5a3 Fix installworld, forgot directories for locale DIS_8859-15 1998-12-14 07:44:47 +00:00
dillon
95f78d4562 Remove rc.local (now deleted from CVS tree) from Makefile. 1998-12-14 02:01:22 +00:00
dillon
74ef00d44a Grrr. removed. backed out. sorry. 1998-12-13 04:38:28 +00:00
dillon
251e21de00 This needs to be commited now to fix usbd for make world 1998-12-13 04:31:15 +00:00
dillon
e4fe7ffa18 Reviewed by: cvs-current
Delete rc.local from CVS tree, its remaining functionality has been
    moved to /etc/rc.  /etc/rc still supports an rc.local but it is now
    a 100% user-controlled file.
1998-12-12 23:05:22 +00:00
dillon
3d6f93c551 Reviewed by: cvs-current
Commit changes to rc and rc.local, removing the remaining minimal
    functionality of rc.local into rc and commenting it out of rc.local
    prior to the deletion of rc.local from the CVS tree.
1998-12-12 23:04:21 +00:00
jb
408b593e63 Back out revs 1.181 and 1.182 which upset a few people. I hope those
(3?) people will make an effort to help those who would have benefitted from
this change. And just telling them that they should read and understand
the significance of each message posted to -current is not really good
enough IMHO.
1998-12-12 22:00:49 +00:00
dfr
f64f0dac03 Add directories for KLD examples. 1998-12-11 10:45:29 +00:00
jb
9e5ec90f20 Should be sysctl -n. Yesterday wasn't one of my better days. Doh.
Reported by: Ben Smithurst & Makoto Matsushita
1998-12-11 08:25:12 +00:00
jb
9fcdcd63a5 Change to the current directory before doing the install. I !love make. 1998-12-11 00:09:39 +00:00
jb
8a08015602 Add a test for hw.machine == i386 before trying to run ldconfig for
legacy aout support.
1998-12-10 08:06:59 +00:00
jb
b5cf8d2577 Add logic to check if any of the BIN1 files do not already exist in
${DESTDIR}/etc and an install target to install the missing ones. This
allows new files like pam.conf to be installed by the first installworld
after the file is added, but avoid clobbering files that might be
customized. This should save some support questions.
1998-12-10 05:34:11 +00:00
dillon
56a5135adc Since we do not pre-create /etc/namedb/s, add additional documentation
to the comments in named.conf to describe to the user how to create it.
    (named.conf does not use /etc/namedb/s by default anyway so us not
    pre-created it in the mtree does not hurt us terribly).
1998-12-02 19:59:24 +00:00
dillon
a9a95cffaf Remove mtree creation of /etc/namedb/s until we find a good way
to handle new user id's in buildworld/installworld.
1998-12-02 19:57:20 +00:00
ache
81b412bec5 Use /sbin/nologin as shell for operator
Replace non-existent directory for operator with /
Supply by default operator with non-existent but can be created directory
and /bin/csh is kinda security risk
1998-12-02 15:17:10 +00:00
dillon
557d938d62 comsat sandbox prevents biff/comsat from being able to print partial
mailbox contents.  comsat instead simply prints that new mail is
    available.  Add appropriate comment to inetd.conf but leave comsat in
    sandbox.
1998-12-01 22:01:59 +00:00
dillon
f312600f4d Reviewed by: freebsd-current, freebsd-security
Adjust rc.conf to run named in sandbox, adjust mtree to add /etc/namedb/s
    subdirectory (user bind, group bind) to hold secondaries, adjust
    comments in named.conf to reflect new secondary scheme.  (Note that
    core read-only zone files are left owned by root, increasing security even
    more).
1998-12-01 21:36:33 +00:00
dillon
dd3c1b5f96 Added group bind(53), added sandbox users tty(4), kmem(5), and bind(53),
adjustd inetd.conf to run comsat and ntalk from tty sandbox, and
    the (commented out) ident from the kmem sandbox.

    Note that it is necessary to give each group access it's own uid to
    prevent programs running under a single uid from being able to gdb
    or otherwise mess with other programs (with different group perms) running
    under the same uid.
1998-12-01 21:19:49 +00:00
jkoshy
e8d40b7bc1 Direct std{err,out} to /dev/null when invoking sysctl(8) for setting
`nfs_access_cache_timeout'.

Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
1998-11-27 07:06:11 +00:00
msmith
19d153e3fb Don't suggest that NO is allowed here; you use "0" or "" to turn the cache
off.
Submitted by:	jdp
1998-11-25 21:16:43 +00:00
jdp
2dd2b091a9 Add a sample "/etc/pam.conf" file that configures the authentication
methods used by login.  Changes to "/usr/bin/login" to use it will
be committed later today.  The format of the file is described in
pam(8).

This sample file makes login behave in the traditional way.  To
wit, it enables authentication via S/Key and passwd/NIS lookups.
KerberosIV authentication is present in the sample file but commented
out.

As a safety net and a transition aid, login will fall back on
built-in passwd/NIS authentication if this configuration file is
missing or if some other fatal PAM error occurs.

This file will eventually replace "/etc/auth.conf", but not until
I've finished converting the other utilities, such as passwd and su.
1998-11-20 23:20:01 +00:00
obrien
9be0e705dc Bad default value of ${fs} for type:=host in /etc/amd.map.
PR:		conf/7054
Submitted by:	Amakawa Shuhei <amakawa@sf.t.u-tokyo.ac.jp>
1998-11-20 07:36:29 +00:00
jdp
aea8bdfc48 Add the directory "/usr/include/security", which is where the PAM
header files go.  I am not too happy about the name.  But if we are
to have any hope of being able to use 3rd party PAM modules, we'll
have to live with it.
1998-11-18 01:51:25 +00:00
jkh
c6a31c492d put hosts before bind. 1998-11-16 02:02:30 +00:00