thing, but we're ready to move on.
2. Remove the -g default argument in named_flags. It doesn't actually do
what most users think it does, and what most users want it to do is already
accomplished with a proper default group for the bind user, which we have.
Also, the -g knob does something entirely different in BIND 9, which leads
to a lot of needless confusion/aggravation.
3. In the rc.d script, don't bogusly override $command, or $rc_flags. Both
are adequately handled in rc.conf[.local].
4. DO properly override $rc_flags if user has named_chrootdir set.
This may need to be revisited, but should be ok for now.
5. Protect all chrootdir-related bits under that variable, instead of
named_rcng.
There is more work to be done here, especially in the area of BIND 9
compatibility, but this is a start at least.
Prompted in part by (legitmate) grousing from: kuriyama, Randy Bush
identical) on GENERIC.hints, hence the following change:
Moved the creation of /boot/device.hints where it belongs. This
should aid in merging GENERIC.hints changes to /boot/device.hints,
using mergemaster(8) or a similar approach.
In particular, this allows a "virgin" system installed from
source (installworld, installkernel, cd etc && make distribution)
to boot correctly and modestly simplifies the creation
of single-partition network/cdrom/CF bootable images.
Trigger not only on diskless booting sysctls being set, but also
on the existence of the file "/etc/diskless". But do not try to
extract IP# related keywords in that case.
Add a general "remount" facility to allow non-NFS remounting.
This adds the former ports registered groups: proxy and authpf as well as
the proxy user. Make sure to run mergemaster -p in oder to complete make
installworld without errors.
This also provides the passive OS fingerprints from OpenBSD (pf.os) and an
example pf.conf.
For those who want to go without pf; it provides a NO_PF knob to make.conf.
__FreeBSD_version will be bumped soon to reflect this and to be able to
change ports accordingly.
Approved by: bms(mentor)
included a start_precmd check for gated. The precommand was not
executed in the FreeBSD branch. When I did a mass removal of
NetBSD specific logic a while back this file apparently got only
a partial treatement. This bug did not have any functional consequences,
however, since the precommand was not declared to the rc.subr routines.
Noticed by: pjd
they exit. Sometimes they simply can't (core-dump, for example).
So, when searching for a running program send standard error
output from ps(1) to never-never land.
# This should quite those
# ps: kvm_getprocs: No such user
# errors. Since ports use a duplicate rc.subr(8) you might
# still see this error from ports startup scripts.
Certain MTA configurations mean that the notifications from
virecover keep bouncing; so here's a patch to allow administrators
to turn them off.
PR: conf/54910
Submitted by: bms (with a minor cleanup)
cannot or does not want to be executed in a jail the
KEYWORDS line should contain the nojail keyword.
o Update Copyright
# I suggest people who use jails more extensively than I do
# make commits to the appropriate files.
Implement ``one'' prefix to allow a "one shot" operation as if
${rcvar}=yes yet all the other prerequisite tests are still performed.
The existing ``force'' prefix is a sledgehammer that ignores all the
prerequisite checks and always returns a zero exit status; this is a
more gentle approach to the problem of "manipulate this disabled
service without editing rc.conf(5)".
Obtained From: NetBSD
# We have a work-around in our version of rc.subr that
# makes force* return a non-zero exit status if the
# command/service could not be acted upon. The work-around
# is no longer necessary and should be removed.
run_rc_command(): when checking if ${command} exists before executing it,
be sure to check under ${name_chroot} (if set).
Fix from Ed Ravin in [bin/18523]
Obtained From: NetBSD
Change how internal boolean variables are used to:
if ! ${_somevar:-false}; then
_somevar=true
fi
(Consisent, slightly quicker, and slightly cleaner)
Obtained from: NetBSD
I committed it. Apologies to Juergen Unger <j.unger@addict.de>.
o When stopping jails output the hostname of the jails that
were stopped.
o Refactor
o Remove extraneous empty line
o Correct spelling error
that the keys are currently generated by computing the MD5 checksum of 512
bytes read from /dev/random, and are passed to gbde on the command line.
Sponsored by: Teleplan AS
