Commit Graph

5165 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
ceab1828a0 Use spaces instead of tab for indent here. 2010-04-15 16:43:43 +00:00
Hajimu UMEMOTO
b2a99c9e28 Fix grammar in comment.
Submitted by:	"b. f." <bf1783__at__googlemail.com>
MFC after:	3 days
2010-04-11 15:31:09 +00:00
Rui Paulo
c6c608b33d Add rc.d/ubthidhci. This small script calls usbconfig(1) to change a USB
Bluetooth controller from HID mode to HCI mode.

MFC after:	1 week
2010-04-09 17:32:38 +00:00
Doug Barton
8aa4c57946 Improve the handling of IPv6 configuration in rc.d. The ipv6_enable
and ipv6_ifconfig_<interface> options have already been deprecated,
these changes do not alter that.

With these changes any value set for ipv6_enable will emit a
warning. In order to avoid a POLA violation for the deprecation
of the option ipv6_enable=NO will still disable configuration
for all interfaces other than lo0. ipv6_enable=YES will not have
any effect, but will emit an additional warning. Support and
warnings for this option will be removed in FreeBSD 10.x.

Consistent with the current code, in order for IPv6 to be configured
on an interface (other than lo0) an ifconfig_<interface>_ipv6
option will have to be added to /etc/rc.conf[.local].

1. Clean up and minor optimizations for the following functions:
ifconfig_up (the ipv6 elements)
ipv6if
ipv6_autoconfif
get_if_var
_ifconfig_getargs
The cleanups generally were to move the "easy" tests earlier in the
functions, and consolidate duplicate code.

2. Stop overloading ipv6_prefer with the ability to disable IPv6
configuration.

3. Remove noafif() which was only ever called from ipv6_autoconfif.
Instead, simplify and integrate the tests into that function, and
convert the test to use is_wired_interface() instead of listing
wireless interfaces explicitly.

4. Integrate backwards compatibility for ipv6_ifconfig_<interface>
into _ifconfig_getargs. This dramatically simplifies the code in
all of the callers, and avoids a lot of other code duplication.

5. In rc.d/netoptions, add code for an ipv6_privacy option to use
RFC 4193 style pseudo-random addresses (this is what windows does
by default, FYI).

6. Add support for the [NO]RTADV options in ifconfig_getargs() and
ipv6_autoconfif(). In the latter, include support for the explicit
addition of [-]accept_rtadv in ifconfig_<interface>_ipv6 as is done
in the current code.

7. In rc.d/netif add a warning if $ipv6_enable is set, and remove
the set_rcvar_obsolete for it. Also remove the latter from
rc.d/ip6addrctl.

8. In /etc/defaults/rc.conf:

Add an example for RTADV configuration.

Set ipv6_network_interfaces to AUTO.

Switch ipv6_prefer to YES. If ipv6_enable is not set this will have
no effect.

Add a default for ipv6_privacy (NO).

9. Document all of this in rc.conf.5.
2010-04-09 01:35:09 +00:00
Hajimu UMEMOTO
296fe257cc Disambiguate `IPs' to a more specific term.
Submitted by:	Garrett Cooper <yanefbsd__at__gmail.com>
MFC after:	3 days
2010-04-08 15:19:57 +00:00
Hajimu UMEMOTO
3bcad5b785 firewall_trusted_ipv6 was gone by r202460. Remove stale comment about
it as well.
2010-04-07 18:14:30 +00:00
Doug Barton
a6f9d19c1e In wait_for_pids(), pwait(1) can return when the process exits, but
still exists as a zombie. The 'kill -0' test in this function can
therefore return true even if the process isn't actually running.
This could lead to wait_for_pids() printing an endless string of the
pid number until the zombie finally exits.

Solve this problem by moving the sleep up to after the 'kill -0' test, but
only after we've run through the function once already. In the common case
(only one pid in the list) this will always do the right thing. On the rare
occasion that there is more than one pid in the list this will sleep 1
second per zombie process which will allow that process, and any other
in the list a chance to exit.

While I'm here, local'ize the variables that this function uses.
2010-04-06 05:20:46 +00:00
Dag-Erling Smørgrav
7336187439 Add -k to the recommended fingerd(8) command line.
MFC after:	2 weeks
2010-04-01 13:13:09 +00:00
Joerg Wunsch
42492c2c04 Add .snap to daily_clean_tmps_ignore; /tmp/.snap ist not supposed to
be auto-removed (and /tmp is a filesystem of its own now by default).

MFC after:	3 days
2010-03-23 06:19:44 +00:00
Ed Schouten
799c1824b1 Slightly improve my previous commit.
Just comment out the atrun line instead of completely removing it. It is
not a bad idea to leave it as a reference in case someone decides to
install atrun by hand afterwards.
2010-03-19 15:53:02 +00:00
Ed Schouten
5743a283c2 Don't add the atrun-line to the crontab when MK_AT is set.
This prevents spurious calls to sendmail every 5 minutes.

MFC after:	1 week
2010-03-19 11:59:02 +00:00
Jaakko Heinonen
7d4bbea850 Use an unique directory name instead of hardcoded /tmp/.diskless.
A malicious user could create a file named /tmp/.diskless and cause
the script to misbehave.

PR:		conf/141258
Reported by:	Jon Passki
MFC after:	1 week
2010-03-13 12:02:44 +00:00
Ed Schouten
43902e3587 Improve the contents of termcap.small.
- Remove dosansi, pc and pc3. I suspect nobody ever needs these.
- Add vt100, screen and xterm-color.

This file is now probably more than sufficient in most cases, even for
common use outside single user mode, where people just use the console
driver, a graphical terminal emulator and a terminal multiplexer.
2010-03-07 08:54:06 +00:00
Ed Schouten
52a7be6c43 Install termcap.small.
Right now we have a termcap.small in the tree, but we don't install it.
If we do install this file by default, it is more likely for
applications to work in single user mode.

I am not entirely happy with the contents of this file. In my opinion we
should remove the `dosansi', `pc' and `pc3' entries and replace them
with `vt100' in case someone uses a serial console.

The file does already have entries for `cons25' and `xterm', which is
used most often.

Requested by:	brucec
2010-03-07 08:30:21 +00:00
Doug Barton
5d3cc6a4f7 Implement the idea of parallel-only-at-start-time in a cleaner, more
rc.d'ish way.

Not objected to by:	netchild
2010-03-07 04:26:21 +00:00
Alexander Leidinger
333fb1c996 Redirect stdin from /dev/null when starting a jail:
At least in RELENG_7 this fixes some start problems for some programs
  from the ports. It is also more correct, as a jail shall not expect
  input (interactivity) from the jail-host.

Revert the current behavior of starting jails in the background and
make it optional only for the start of jails (jail_parallell_start=YES
in rc.conf):
 - The stop can not be done in the background, the system needs to wait
   until everything is stopped correctly before it can reboot or power
   down.
 - The start should not be done in parallel by default, this not only
   breaks POLA for people comming from RELENG_x, it may also break a
   dependency chain with other scripts in the jail-host, which need to
   do some stuff after the jails are up and running (e.g. hardlinking
   a mysql socket from one jail into another one).

Discussed on:	freebsd-jails@
2010-03-05 14:34:33 +00:00
Hajimu UMEMOTO
f0cba49cf4 Add the shutdown KEYWORD.
Pointed out by:	dougb
MFC after:	3 days
2010-02-27 19:02:21 +00:00
Antoine Brodin
0a8ea2771a usr/share/examples/bc no longer exists. 2010-02-27 17:31:00 +00:00
Pawel Jakub Dawidek
c3a9f615e6 Add missing KEYWORD line.
Pointed out by:	dougb
2010-02-19 09:18:26 +00:00
Xin LI
1b228b942e Create a directory for hast's examples. 2010-02-19 02:34:25 +00:00
Pawel Jakub Dawidek
bc6237f5b0 Remove some lines left over by accident. 2010-02-18 23:20:15 +00:00
Pawel Jakub Dawidek
32115b105a Please welcome HAST - Highly Avalable Storage.
HAST allows to transparently store data on two physically separated machines
connected over the TCP/IP network. HAST works in Primary-Secondary
(Master-Backup, Master-Slave) configuration, which means that only one of the
cluster nodes can be active at any given time. Only Primary node is able to
handle I/O requests to HAST-managed devices. Currently HAST is limited to two
cluster nodes in total.

HAST operates on block level - it provides disk-like devices in /dev/hast/
directory for use by file systems and/or applications. Working on block level
makes it transparent for file systems and applications. There in no difference
between using HAST-provided device and raw disk, partition, etc. All of them
are just regular GEOM providers in FreeBSD.

For more information please consult hastd(8), hastctl(8) and hast.conf(5)
manual pages, as well as http://wiki.FreeBSD.org/HAST.

Sponsored by:	FreeBSD Foundation
Sponsored by:	OMCnet Internet Service GmbH
Sponsored by:	TransIP BV
2010-02-18 23:16:19 +00:00
Jung-uk Kim
5f19cffe55 Remove COMPILATIONDATE from the default section. This string is no longer
being substituted since r162063.

PR:		bin/143976
MFC after:	1 month
2010-02-16 01:07:06 +00:00
Maksim Yevmenkin
fafa9c3c9a Introduce new rc.conf variable firewall_coscripts. It can be used to
specify list of executables and/or rc scripts that should be executed
after firewall starts/stops.

Submitted by:	Yuri Kurenkov <y dot kurenkov at init dot ru>
Reviewed by:	rhodes, rc@
MFC after:	1 week
2010-02-08 18:51:24 +00:00
Bruce M Simpson
243cecf517 Add sane-port (Scanner Access Now Easy) as port 6566.
Obtained from:  http://www.iana.org/assignments/port-numbers
MFC after:      3 days
2010-02-06 21:22:01 +00:00
Hajimu UMEMOTO
e60d067996 Add rc.d script for the rtsold(8) daemon.
The rtsol(8) handles just one RA then exit.  So, the OtherConfig flag
may not be handled well by rtsol(8) in the environment where there are
multiple RA servers on the segment.  In such case, rtsold(8) will be
your friend.

Reviewed by:	hrs
MFC after:	2 weeks
2010-02-03 16:18:42 +00:00
Hajimu UMEMOTO
af765eeb61 ManageSieve has been added as port 4190:
http://www.iana.org/assignments/port-numbers

Obtained from:	http://www.iana.org/assignments/port-numbers
MFC after:	3 day
2010-02-01 13:30:06 +00:00
Hajimu UMEMOTO
98255d746a Allow use of -6 option to "server" and "peer" in ntp.conf.
MFC after:	1 week
2010-01-30 16:34:52 +00:00
Ed Schouten
bcc7f0f408 Remove pseudo-terminals from ttys(5).
When we had utmp(5), we had to list all the psuedo-terminals in ttys(5)
to make ttyslot(3) function properly. Now that pututxline(3) deals with
slot allocation internally (not based on TTY names), we don't need to
list all the TTYs on the system in ttys(5) to make user accounting work
properly.

This patch removes all the entries from the /etc/ttys files, but also
the pts(4) entries that were appended implicitly, which was added in
r154838.
2010-01-27 11:54:42 +00:00
Edwin Groothuis
c9eee80ca3 The Erlang Port Mapper Daemon (from ports/lang/erlang) has been
assigned official port number 4369 by IANA.

PR:		conf/113265
Submitted by:	Jimmy Olgeni <olgeni@freebsd.org>
Obtained from:	http://www.iana.org/assignments/port-numbers
MFC after:	2 days
2010-01-27 11:23:21 +00:00
Edwin Groothuis
179f21e0dc Git has been added as port 9418:
http://www.iana.org/assignments/port-numbers

PR:		conf/143259
Submitted by:	Denny Lin <dennylin93@cnmc32.hs.ntnu.edu.tw>
Obtained from:	http://www.iana.org/assignments/port-numbers
MFC after:	2 day
2010-01-27 11:08:39 +00:00
Ed Maste
91192d55b0 Convert to 2-clause license, from NetBSD rc.subr r1.70.
Submitted by:	Alex Kozlov
Obtained from:	NetBSD
2010-01-26 13:23:31 +00:00
Gregory Neil Shapiro
4d9c61bd55 Minor changes to force commit these files so new freebsd*.cf files are
built to use the new sendmail-8.14.4/cf tree.

MFC after:	4 days
2010-01-26 04:44:12 +00:00
Ed Maste
2b084c6a0e Remove vestigial NetBSD compatibility shim. 2010-01-25 20:59:04 +00:00
Konstantin Belousov
c4c1575a01 Do not check for existence of symlink source for the link action. This
does not work for link in subdirectory, and sometimes it is useful to
create symlink in advance for dynamically created device node.

MFC after:	1 week
2010-01-23 11:42:31 +00:00
Xin LI
7ffc8ae56e Move USD documents from /usr/share/doc/papers to to /usr/share/doc/usd.
Reviewed by:	gabor
2010-01-22 23:19:48 +00:00
Weongyo Jeong
cc5abe58ce adds a hardware specific configuration file for uath(4).
Pointed by:	sam
Reviewed by:	imp, thompsa
2010-01-19 01:33:56 +00:00
Doug Barton
e45bba92cb Update the example named.conf file to answer locally for the newly
released IPv4 documentation ranges (http://tools.ietf.org/html/rfc5737)
and catch up to the IPv6 documentation range and domain names that 5737
also references.
2010-01-18 18:37:47 +00:00
Hajimu UMEMOTO
6c1e384c63 Remove the rules using 'me6'. Now, 'me' matches both any IPv6 address
and any IPv4 address configured on an interface in the system.

Reviewed by:	David Horn <dhorn2000__at__gmail.com>, luigi, qingli
MFC after:	2 weeks
2010-01-17 08:41:07 +00:00
Edward Tomasz Napierala
b3f9d8c804 Add gmountver, disk mount verification GEOM class.
Note that due to e.g. write throttling ('wdrain'), it can stall all the disk
I/O instead of just the device it's configured for.  Using it for removable
media is therefore not a good idea.

Reviewed by:	pjd (earlier version)
2010-01-16 09:52:49 +00:00
Ed Schouten
1e40039260 Let rc and periodic infrastructure and newsyslog use the utmpx files. 2010-01-13 19:07:48 +00:00
Xin LI
f91970991a Set svn:executable to *.
MFC after:	1 month
2010-01-11 23:32:36 +00:00
Ed Schouten
ef0a73cc77 Properly make the end key work again for TERM=xterm.
I've been so busy hacking on utmpx the last couple of days, out of
reflex, I committed it to the wrong source tree. Note to myself: don't
hack on FreeBSD while watching TV at the same time.

PR:		conf/142578
Submitted by:	Yuri Pankov <yuri pankov gmail com>
Reminded by:	stefanf
2010-01-10 21:41:37 +00:00
Hajimu UMEMOTO
7615a7f1f6 The client type rule allows DHCP, implicitly. Since DHCPv6 uses
link-local address unlike with DHCP, we need one more rule to allow
the DHCPv6.

Reported by:	David Horn <dhorn2000__at__gmail.com>
2010-01-09 19:16:27 +00:00
Hajimu UMEMOTO
789ad2d46a Since the IPv4 rule allows ICMP_TIMXCEED, allow
ICMP6_TIME_EXCEEDED as well for workstation type
firewall.  It makes traceroute6 work.
2010-01-07 17:46:25 +00:00
John Baldwin
fe0a838459 Expose the upper 256 ptys in the default devfs rules. I should have updated
this when expanding the old pty(4) driver to use 512 ptys by default.  This
is more important for 7.x.

MFC after:	1 week
2010-01-04 18:21:27 +00:00
Gavin Atkinson
4c40efa74a Forced commit, to provide correct commit message for r201440:
Don't complain when we encounter the "cache" source, it's valid.  Also fix
the error message to include a line feed and not include a stray comma.

PR:		bin/121671
Submitted by:	Artis Caune  artis.caune gmail.com
Approved by:	ed (mentor)
MFC after:	2 weeks

While here, change "> /dev/stderr" for more usual ">&2"

Submitted by:	jilles
2010-01-03 21:27:10 +00:00
Gavin Atkinson
3e736db050 The default hash table size is 257 not 255. Reword the rest of the line
slightly while here.

PR:		bin/121671
Submitted by:	Artis Caune  artis.caune gmail.com
Approved by:	ed (mentor)
2010-01-03 19:14:22 +00:00
Doug Barton
1323e3dbec s/named_confidr/named_confdir/ in the rndc.key check. The line in
the command to create it was right, but the check was wrong, so it
was getting created every time. Mea culpa.

Submitted by:	oliver
2010-01-01 22:10:07 +00:00
Doug Barton
fc3c7b9569 With the introduction of named_conf the -c example in named_flags
is no longer necessary or desirable. Update the comment to indicate
that _flags should be used for options other than -u and -c.
2010-01-01 19:09:40 +00:00
Doug Barton
2128551758 The script hard-coded the assumption that the "configuration directory"
would be "/etc/namedb" in a number of places. Since the user may make
a different choice, introduce a new internal variable, named_confdir
that is generated relative to the location of $named_conf.

While this will work for some things (especially a highly customized
build from ISC source) there are still a number of places where
/etc/namedb is assumed that it is not easily virtualized (E.g., mtree).
If you deviate from the defaults you'd better know what you're doing. :)
2010-01-01 19:06:00 +00:00
John Baldwin
f50c094638 Remove a trailing reference to the obsolete vaps_<IF> variable.
Reviewed by:	brooks
MFC after:	3 days
2009-12-29 21:06:49 +00:00
John Baldwin
9557a45059 Add support for configuring vlan(4) interfaces as child devices similar to
wlan(4) interfaces.  vlan(4) interfaces are listed via a new 'vlans_<IF>'
variable.  If a vlan interface is a number, then that number is treated as
the vlan tag for the interface and the interface will be named '<IF>.<tag>'.
Otherwise, the vlan tag must be provided via a vlan parameter in a
'create_args_<vlan>' variable.

While I'm here, fix a few nits in rc.conf(5) and mention create_args_<IF> in
the description of cloned_interfaces.

Reviewed by:	brooks
MFC after:	2 weeks
2009-12-29 21:03:36 +00:00
Edward Tomasz Napierala
5689f92fb0 Remove examples for pppd and SLIP-related stuff. 2009-12-29 20:20:51 +00:00
Hajimu UMEMOTO
30e7dc3c56 Add missing me6 rules. Now, the IPv6 rules become equivalent
to the IPv4 rules.

Reported by:	David Horn <dhorn2000__at__gmail.com>
2009-12-29 11:27:51 +00:00
Doug Barton
a4dd7f22af Update the comments about files ending in .sh
Prompted by:	Alex Kozlov <spam@rm-rf.kiev.ua>
2009-12-27 06:27:09 +00:00
Doug Barton
38b8fa9739 Delete some trailing whitespace 2009-12-27 06:25:03 +00:00
Jilles Tjoelker
bd3e243f9f rc.subr: Use pwait in wait_for_pids.
This waits for the requested process(es) to terminate, rather than polling
with an interval of 2 seconds.

If pwait is not available, the old method is used.

PR:		conf/132766
Reviewed by:	dougb
2009-12-21 22:16:07 +00:00
Doug Barton
0fcd844921 The named process needs to have a "working directory" that it can
write to. This is specified in "options { directory }" in named.conf.
So, create /etc/namedb/working with appropriate permissions, and
update the entry in named.conf to match.

In addition to specifying the working directory, file and path names
in named.conf can be specified relative to the directory listed.
However, since that directory is now different from /etc/namedb
(where the configuration, zone, rndc.*, and other files are located)
further update named.conf to specify all file names with fully
qualified paths. Also update the comment about file and path names
so users know this should be done for all file/path names in the file.

This change will eliminate the 'working directory is not writable'
messages at boot time without sacrificing security. It will also
allow for features in newer versions of BIND (9.7+) to work as
designed.
2009-12-15 05:14:39 +00:00
Doug Barton
9190ba057c Revert the xterm terminal behavior to NOT clear the screen after
exiting a pager, vi, etc.

Add some example xterm*-clear entries to the termcap files to make
it easier for people to enable that behavior.

Document the examples in the man page to make them easier to find.
2009-12-14 07:18:31 +00:00
Doug Barton
f25291f3a1 Since the change to rc.subr in r198162 it's not necessary to specify
command in the rc.d script if we have a corresponding ${name}_program
entry, which we do for named.

Rename named_precmd to named_prestart to make it more clear and match
convention.

Move the command_args definition related to -u up into _prestart().
It (and the associated $named_uid value) are only used there, and
unlike required_* and pidfile don't need to be used until this stage.

Fix a silly bug that would only have affected people who were using
the new named_wait or named_auto_forward features, AND had set up an
rndc.conf file instead of using the automatically generated rndc.key.

For named_conf:
	Add "-c $named_conf" to command_args if it's not set to the
	default. If it is set to the default and we're using the base
	BIND it's not necessary. If we're using BIND from the ports
	the user is likely to have included it in _flags (due to long
	necessity for doing so) so don't duplicate that if it's set.

	Add $named_conf to required_files
2009-12-12 21:51:50 +00:00
Antoine Brodin
cb174b37be Install firmware(9) examples.
MFC after:	1 month
2009-12-12 17:04:36 +00:00
Doug Barton
1d0185c436 Update to the December 12, 2008 version of this file. The one
substantive change is to add the IPv6 address of L. The other
changes are all CAPS LOCK related.
2009-12-11 01:06:04 +00:00
Ed Schouten
a7e5e29990 Update termcap entries for xterm.
It turns out these entries do make Terminal.app behave a little better.
According to Thomas Dickey, Terminal.app should use TERM=nsterm anyway,
but we don't support this yet. Already having an improved termcap entry
helps, so I am going to MFC this change after all.

Suggested by:	Leonidas Tsampros <ltsampros upnet gr>
MFC after:	1 month
2009-12-10 22:25:53 +00:00
Colin Percival
a235643007 Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
2009-12-03 09:18:40 +00:00
Hajimu UMEMOTO
2bba0e1a00 Unify rc.firewall and rc.firewall6, and obsolete rc.firewall6
and rc.d/ip6fw.

Reviewed by:	dougb, jhb
MFC after:	1 month
2009-12-02 15:05:26 +00:00
Ed Schouten
71a9e1e305 Use cons25w on pc98.
Discussed with:	nyan
2009-11-13 11:54:52 +00:00
Ed Schouten
4b2361f811 Convert syscons on i386 to TERM=xterm.
TEKEN_XTERM is now gone. Because we always use xterm mode now, we only
need a TEKEN_CONS25 switch to go back to cons25.
2009-11-13 11:28:54 +00:00
Ed Schouten
d29a98f47f Split up etc.i386/ttys into a PC98 version as well.
This means I can now convert syscons on i386 to xterm as well.

Discussed with:	nyan
2009-11-13 11:26:44 +00:00
Ed Schouten
e42fc36867 Switch the default terminal emulation style to xterm for most platforms.
Right now syscons(4) uses a cons25-style terminal emulator. The
disadvantages of that are:

- Little compatibility with embedded devices with serial interfaces.
- Bad bandwidth efficiency, mainly because of the lack of scrolling
  regions.
- A very hard transition path to support for modern character sets like
  UTF-8.

Our terminal emulation library, libteken, has been supporting
xterm-style terminal emulation for months, so flip the switch and make
everyone use an xterm-style console driver.

I still have to enable this on i386. Right now pc98 and i386 share the
same /etc/ttys file. I'm not going to switch pc98, because it uses its
own Kanji-capable cons25 emulator.

IMPORTANT: What to do if things go wrong (i.e. graphical artifacts):

- Run the application inside script(1), try to reduce the problem and
  send me the log file.
- In the mean time, you can run `vidcontrol -T cons25' and `export
  TERM=cons25' so you can run applications the same way you did before.
  You can also build your kernel with `options TEKEN_CONS25' to make all
  virtual terminals use the cons25 emulator by default.

Discussed on:	current@
2009-11-13 05:54:55 +00:00
Remko Lodder
eabd1bcb21 Execute the start/stop process of a jail in the background.
This will prevent that the script hangs during startup, which
could cause annoying effects after rebooting for example.

PR:		kern/139422
Submitted by:	Andrey Groshev <greenx at yartv dot ru>
Approved by:	imp (mentor, implicit)
MFC after:	3 days
Facilitated by:	Snow B.V.
2009-11-02 09:56:46 +00:00
Hiroki Sato
da5f0a6fac Use double-quotation marks to fix the unexpanded variable issue.
Spotted by:	swell.k
2009-10-23 09:30:19 +00:00
Christian Brueffer
e8097b1fba Add empty watchdogd_flags.
PR:		136620
Submitted by:	amdmi3
MFC after:	3 days
2009-10-21 09:43:22 +00:00
Ed Schouten
248389c80f Partially revert the change to the gettytab made in r198214.
By misinterpreting some data, I thought that getty wouldn't apply any
baud rate to the syscons devices, but it uses the default entry instead.
This means that the baud rate is set to 1200. This isn't too bad, except
when using canonical mode. Make it use 9600 baud by default.

MFC after:	1 week
2009-10-19 11:10:44 +00:00
Ed Schouten
e79939add1 Fix qouting in a comment, to make it look more consistent
Submitted by:	Jille Timmermans <jille quis cx>
MFC after:	1 week
2009-10-18 19:51:06 +00:00
Ed Schouten
5ed8d12443 Allow the buffer size to be configured for pseudo-like TTY devices.
Devices that don't implement param() (which means they don't support
hardware parameters such as flow control, baud rate) hardcode the baud
rate to TTYDEF_SPEED. This means the buffer size cannot be configured,
which is a little inconvenient when using canonical mode with big lines
of input, etc.

Make it adjustable, but do clamp it between B50 and B115200 to prevent
awkward buffer sizes. Remove the baud rate assignment from
/etc/gettytab. Trust the kernel to fill in a proper value.

Reported by:	Mikolaj Golub <to my trociny gmail com>
MFC after:	1 month
2009-10-18 19:48:53 +00:00
Doug Barton
c5a82ce01d Remove a circular dependency on routing
Submitted by:	Mykola Dzham <freebsd@levsha.org.ua>
Approved by:	hrs
2009-10-17 21:09:15 +00:00
Doug Barton
0e22665fc7 Allow $name_program to override $command in a more robust way that
will not cause the value to be null if $command is not set.
2009-10-15 23:20:23 +00:00
Doug Barton
70d4ef1ea1 In regards to the "Starting foo:" type messages at boot time, create and
employ a more generic solution, and use it in the individual rc.d scripts
that also have an $rc_quiet test:

1. Add check_startmsgs() to rc.subr.
2. In the rc.d scripts that use rc_quiet (and rc.subr) substitute
variations of [ -z "$rc_quiet" ] with check_startmsgs
3. In savecore add a trailing '.' to the end of the message to make it
more consistent with other scripts.
4. In newsyslog remove a : before the terminal '.' since we do not expect
there to be anything printed out in between to make it more consistent.
5. In the following scripts change "quotes" to 'quotes' where no variables
exist in the message: savecore pf newsyslog
6. In the following scripts substitute if/then/fi for the simpler (and
more consistent) check_startmsgs &&: faith stf
7. In the following scripts separate the "Starting foo:" from the terminal
'.' to make them more consistent: moused hostname pf
8. In nfsclient move the message to its own line to avoid a style bug
9. In pf rc_quiet does not apply to the _stop method, so remove the
test there.
10. In motd add 'quotes' around the terminal '.' for consistency
2009-10-10 22:17:03 +00:00
Hiroki Sato
2880192bf2 Fix a case when both ${name}_program and ${command} are defined.
Spotted by:	Michio "Karl" Jinbo
2009-10-05 20:11:33 +00:00
Dag-Erling Smørgrav
4fa5b48f39 tabify
MFC after:	3 weeks
2009-10-05 09:28:54 +00:00
Dag-Erling Smørgrav
3e485d4cba Change the pam_ssh examples: if you use it, you probably want want_agent.
MFC after:	3 weeks
2009-10-05 09:26:22 +00:00
Rui Paulo
4011f96514 Add OpenVPN IANA assigned port number. 2009-10-03 11:02:36 +00:00
Hiroki Sato
df2b25f6ee - Enable an afexists() check only when no AF argument is specified.
- Simplify helper functions.

Discussed with:	ume
2009-10-02 20:19:53 +00:00
Hiroki Sato
b5a70c98b2 The net.inet.tcp.log_in_vain accepts 0, 1 or 2, not Y/N. 2009-10-02 06:51:39 +00:00
Hiroki Sato
ccbc06d893 Revert the previous afexists() change. Knobs configured explicitly by
the user should not be ignored if possible even if the kernel does not
support the prerequisite feature.

Discussed with:	ume
2009-10-02 06:19:34 +00:00
Hiroki Sato
e248dc09a8 - Split routing_*() and option_*() to *_AF() and add afexists() check
for each address family.  Replace AF_static() with static_AF() for
  consistency.

- Display a message only if the user sets a non-default value, and set
  a sysctl explicitly even if it is the default value.
2009-10-02 02:28:59 +00:00
Hiroki Sato
01ce5591ad - Fix logic inversion bug of net.inet.tcp.rfc1323[*].
- Split netoptions_start() to netoptions_AF() and add afexists() check
  for each address family.

- Display a message only if the user sets a non-default value, and set
  a sysctl explicitly even if it is the default value.

Spotted by:	Pegasus Mc Cleaft[*]
2009-10-02 02:27:49 +00:00
Hiroki Sato
b558571de6 - Add AF_IPX and AF_NATM to afexists().
- Add afexists() check to address family specific rc.d scripts.  A
  script for an AF will be silently ignored if the kernel has no
  support for the AF.
2009-10-02 02:24:25 +00:00
Hajimu UMEMOTO
db4abd60a3 Don't do an IPv6 operation when the kernel doesn't have
an IPv6 support.

Reported by:	Alexander Best <alexbestms__at__math.uni-muenster.de>
Confirmed by:	Paul B. Mahol <onemda__at__gmail.com>,
		Alexander Best <alexbestms__at__math.uni-muenster.de>
2009-09-30 14:58:10 +00:00
Doug Barton
e52df452d1 By popular acclaim, enable "Starting foo:" messages by default 2009-09-29 16:49:10 +00:00
Colin Percival
ca82268b2a Silence warning printed by getfsspec(3) when /etc/fstab does not exist
fstab: /etc/fstab:0: No such file or directory
and from dump(8) when setfsent(3) fails due to /etc/fstab not existing:
  DUMP: Can't open /etc/fstab for dump table information: No such...

This makes daily and security periodic runs somewhat cleaner in jails
which lack /etc/fstab files.

MFC after:	1 month
2009-09-28 03:32:35 +00:00
Gabor Kovesdan
d0a021b7bf - Add share/nls/gl_ES.ISO8859-1, which I forgot in my last commit
Submitted by:	Andrzej Tobola <ato@iem.pw.edu.pl> (via private mail)
2009-09-27 21:27:11 +00:00
Hiroki Sato
97c8942c91 Use ipv6if() when $rtadvd_interfaces="AUTO". 2009-09-26 19:00:47 +00:00
Hiroki Sato
27fa984efd Move rc.d/{stf,faith} to just before rc.d/routing.
Pointed out by:	tegge
2009-09-26 19:00:20 +00:00
Hiroki Sato
2e77c5abfb Fix several logic bugs in the previous IPv6 variable change and
re-add $ipv6_enable support for backward compatibility.  From
UPDATING:

 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
    for IPv4.  For aliases, $ifconfig_IF_aliasN should be used.
    Note that both variables need the "inet6" keyword at the head.

    Do not set $ipv6_network_interfaces manually if you do not
    understand what you are doing.  It is not needed in most cases.

    $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
    they are obsolete.

 2. $ipv6_enable is obsolete.  Use $ipv6_prefer and/or
    "inet6 accept_rtadv" keyword in ifconfig(8) instead.

    If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
    all configured interfaces have "inet6 accept_rtadv" in the
    $ifconfig_IF_ipv6.  These are for backward compatibility.

 3. A new variable $ipv6_prefer has been added.  If NO, IPv6
    functionality of interfaces with no corresponding
    $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
    and the default address selection policy of ip6addrctl(8)
    is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
    Note that if you want to configure IPv6 functionality on the
    disabled interfaces after boot, first you need to clear the flag by
    using ifconfig(8) like:

         ifconfig em0 inet6 -ifdisabled

    If YES, the default address selection policy is set as
    IPv6-preferred.

    The default value of $ipv6_prefer is NO.

 4. If your system need to receive Router Advertisement messages,
    define "inet6 accept_rtadv" in $ifconfig_IF_ipv6.  The rc(8)
    scripts automatically invoke rtsol(8) when the interface becomes
    UP.  The Router Advertisement messages are used for SLAAC
    (State-Less Address AutoConfiguration).
2009-09-26 18:59:00 +00:00
Doug Barton
f414327c25 Add a knob to show 'Starting foo:' messages when faststart is used,
such as at boot time.
2009-09-17 19:05:47 +00:00
Ed Maste
66e5a431cf Protect cross-script invocation by checking that the target script exists.
This allows pruning of rc.d scripts without getting too many ugly boottime
error messages.

Inspired by phk's r128714 change to netif.
2009-09-14 16:52:38 +00:00
Bjoern A. Zeeb
fc261d1dfa Correct a copy and paste error using the variable name from the
legacy IP handling rather than the IPv6 version.

Reported by:	Pegasus Mc Cleaft (ken mthelicon.com)
Tested by:	Pegasus Mc Cleaft (ken mthelicon.com)
MFC after:	2 days
X-MFX with:	r197139
2009-09-13 20:19:02 +00:00
Hiroki Sato
66ed47241a Add missing comments and whitespace clean-ups. 2009-09-12 23:01:36 +00:00