Commit Graph

270 Commits

Author SHA1 Message Date
rwatson
3bd427d0e5 Reduce chattiness of entropy file mechanism with extreme prejudice.
Reviewed by:	USENIX Cabal (peter, jhb, wpaul, et al)
2001-06-28 06:43:47 +00:00
dd
fe47a79f92 Introduce syslogd_program and inetd_program variables in case somebody
wants to replace one of those programs.

PR:		13609
Submitted by:	Goran Lowkrantz <goran.lowkrantz@infologigruppen.se>
2001-06-28 03:32:10 +00:00
sheldonh
9fc9e018ab Back out rev 1.268.
Requested by:	wollman, rwatson
2001-06-10 12:09:11 +00:00
sheldonh
cd6e2ac4a7 Fix /etc/rc so that all remote filesystems, not just NFS, are mounted
after the network is configured.

Future remote filesystem types should be added to remote_fstypes, which
is a whitespace-delimited list of type:description pairs.

The specific problem this fixes right now is that smbfs mounts described
in /etc/ftsab were failing.
2001-06-09 09:47:05 +00:00
phk
89044d5223 Add diskcheckd to /etc/rc with a knob in rc.conf.
Make the default setting YES for now to get some experience with it.

Note: If people starts seeing disk errors because of this then it
should not be backed.
2001-06-03 20:15:13 +00:00
yar
0727598a0e Don't confuse the admin with spurious error messages
about non-existent mount directories (which would come
into existence after the real mount has occured) when just
testing for if there are any NFS filesystems in /etc/fstab.

PR:		bin/26597
Submitted by:	Dmitry Morozovsky <marck@rinet.ru>
MFC after:	3 days
2001-05-27 22:50:22 +00:00
dd
82ab5b2b68 Introduce a background_fsck rc.conf option which allows the user to
enable or disable background fsck'ing all in one shot.  Default is
currently 'YES'.

Reviewed by:	jkh
2001-05-22 00:05:48 +00:00
peter
4d2412868a Back out rev 1.260. The 'streams' module is a registered dependency of
the 'svr4' module already.  This was a 4.x-only problem and should not
have been MFS'ed.
2001-05-13 20:43:30 +00:00
mckusick
b41320a9e7 Update the fsck command in /etc/rc to use the new background
fsck checking. Applying these changes (typically via mergemaster)
will cause your system to start running background checks on all
your soft update enabled filesystems (provided that you have
a kernel with the required functionality, e.g., one built since
the end of April). Please report any and all problems to
mckusick@mckusick.com (not mckusick@freebsd.org which I read
infrequently). See the comment above the fsck command in /etc/rc
for instructions on how to disable background checking should it
cause you too much trouble.

Several FAQs:

1) Can I reboot before the background checks are done?

Ans) Yes, when the system restarts the checks will pick up
     where they left off.

2) Can a crash during checking corrupt my filesystem?

Ans) No, recovered resources are returned to the system using soft
     updates which ensure that the freeing is done in a safe order.

3) How will I know if any background checks are being done?

Ans) Filesystems that are to be checked in background will be listed
     as `DEFER FOR BACKGROUND CHECKING' at the usual fsck check time
     during system startup.

4) What happens to the output of the background checks?

Ans) It is sent to syslog `daemon' facility log level `notice'.

5) When will this feature be available in the 4.X kernel?

Ans) Never. It is much too radical and extensive a change to be
     MFC'ed. Besides, it needs many months of experience and
     tuning before it is ready for widespread use.

6) What happens if a background fsck fails (i.e., fsck finds
   errors that would normally require a manual fsck)?

Ans) The filesystem will be marked as needing a manual fsck.
     At the next system reboot, the check will be done in
     foreground and the usual actions taken (usually a failure
     to go multi-user until fsck has been run by hand on the
     affected filesystem).
2001-05-11 07:40:39 +00:00
brian
7313c8ec6f Delete everything that's not a directory in /var/run and /var/spool/lock
at boot time.

MFC after: 3 weeks
2001-05-10 09:25:10 +00:00
phk
d044f40e46 In the /etc/rc startup script a soft link is created from /var/run/log to
/dev/log like this: if [ ! -h /dev/log ];
The man page for test(1) says that the -h switch is depracated and that
users should NOT rely on it being available. It suggest the -L switch instead.
They both do the same thing: check for the existence of the symbolic link.

PR:		26596
Submitted by:	mikem <mike_makonnen@yahoo.com>
2001-04-15 13:44:05 +00:00
jkh
ab2e6f0ee6 MFS: deal with svr4 module's dependency on streams module 2001-04-14 12:26:03 +00:00
ru
367b1f6b19 vnconfig(8) -> mdconfig(8).
Reviewed by:	phk
2001-04-10 16:15:01 +00:00
brian
d0ffa9df24 Remove sockets found in /var/run or /var/spool/lock at boot time
(as well as files).
2001-03-28 10:13:26 +00:00
peter
3973aeb5eb At great personal risk, touch the sendmail startup again. This adds easy
seperate knobs for inbound (accepting SMTP connections) and outbound (just
occasionally dequeueing) sendmail daemon startup.
2001-03-13 05:53:16 +00:00
dougb
4b267fa5fd Add flags option for savecore.
Submitted by:	David A. Panariti <davep@who.net>
2001-03-12 05:18:03 +00:00
markm
8a7a286726 The /dev/random harvesting sysctls have had a name change.
Reflect this.
2001-03-10 13:45:28 +00:00
dougb
020bef59da Avoid complicated tests of whether devices are present or not, and
enable all harvesting options by default since having them on for
devices not present doesn't hurt anything. Leave them on by default
since for the most part they are not producing noticable slowdown,
and are about to get a lot more efficient.

Re-order part of the cheesy entropy process in preparation for
its complete removal.
2001-03-10 05:33:38 +00:00
dougb
a488c869ed Add code to turn on the entropy harvesting sysctl's as early as possible
during the boot process. We're turning it on by default, based on the
actual presence of a configured ethernet card, and/or ppp/tun devices.
Of course, it's easy to disable in rc.conf.
2001-03-01 13:19:49 +00:00
dougb
d59879728c Introduce the option of running fsck -y if the initial preen fails.
Defaults to off.

Obtained from:	Yahoo!
2001-02-05 04:54:42 +00:00
brian
a49c486156 Run purgedir (a local function) on /var/run instead of rm /var/run/*
PR:		24612
Submitted by:	David Drum <david@mu.org>
2001-01-30 10:07:03 +00:00
dougb
e3a3551537 Add the options of which cron program to run, and specifying flags
to it.

PR:		conf/24358
Submitted by:	Gerhard Sittig <Gerhard.Sittig@gmx.net>
2001-01-21 20:57:38 +00:00
des
6317f7a2c4 Add a sysvipc_enable variable that causes the SysV IPC modules to be loaded.
Reviewed by:	dougb
2001-01-16 20:05:05 +00:00
dougb
3bbfa62b63 Move the process of storing entropy from /dev/random and reseeding with
it at boot time closer to the way we want it to be in the final version.

* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
  to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
  and files before the disks are mounted. This gives /dev/random
  a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
  immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
  possibility of accidentally overwriting something other
  than a regular file.
2001-01-14 07:18:31 +00:00
dougb
ed0bc299d0 Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
2001-01-11 13:01:20 +00:00
bsd
746454bb84 Add portmap as a dependency for NIS client and server.
Requested by:	gallatin
2001-01-11 02:11:14 +00:00
jhb
1bb19011b4 Move the syscons configuration to a machine independent rc.syscons. The
syscons sh code was identical on both platforms except for whitespace
differences.
2001-01-09 22:28:17 +00:00
dougb
7a7ca4166c In addition to:
Apply a more consistent style to the echo statements in /etc/ scripts.
* Put quotes around each line
* Single quotes for lines with no variable interpolation
* Double quotes if there is
* Capitalize each word that begins a line
* Make echo -n 'Doing foo:' ... echo '.' more of a standard

Also:
* Use rm -f on /var/run/dev.db so if it's not there (devfs) it doesn't error
* Shorten the ldconfig messages so that the default fits on one line
* Test whether /var/msgs/bounds is a link before overwriting it
* Generally futz around with whitespace
2000-12-17 08:24:49 +00:00
bsd
4489a81e03 Flesh out a simple framework for dependency checking rc.conf enabled
services.  Simple YES/NO style *_enable services are supported.

Reviewed by:	obrien
2000-12-13 19:17:54 +00:00
bsd
a2dc6debf4 If portmap is started as a dependancy, echo a notice during boot.
Approved by:	obrien
2000-12-13 00:43:10 +00:00
obrien
634a4b8080 Set portmap_enable if Amd or running as an NFS server is enabled.
This bites too many systems upgrading from our change in defaults.
2000-12-11 22:47:50 +00:00
dougb
77effa8060 Do a better job of preserving the value rc is called with
in the face of possible corruption by rc.diskless*.

PR:		misc/21904
Submitted by:	Anton Voronin, anton@urc.ac.ru
2000-11-21 04:21:54 +00:00
phk
8ce58b4dcf On DEVFS machines, the device name database is no use. 2000-10-22 19:10:13 +00:00
jkh
02af04a1fb Redirect the stderr of dd to /dev/null so the user doesn't see rather
weird dd output on bootup as /dev/random is being reseeded.  Also,
can't this happen in the background since /dev/random blocks?
2000-10-20 17:41:46 +00:00
jwd
7068275873 Use dd to better block the data being sent to /dev/random.
Note: I am not redirecting stdout so that the amount of
      data being transferred can be seen (22k and 576k currently).
2000-10-18 05:29:26 +00:00
jwd
6c9c173e79 Style fix only.
init 6 vs. /sbin/reboot problem still exists (pr 14829)

Submitted by:	Doug Barton <DougB@gorean.org>
2000-10-16 06:16:44 +00:00
jwd
5f83544426 Having played with this commit request for a few hours, I've
convinced myself that it's better then what we have, but still
not perfect.

/etc/rc  : Attempt to seed /dev/random with multiple backoffs.

/etc/rc.shutdown : Attempt to write the entropy_file.

In debugging the above changes, I've run into some
inconsistancies... rc.shutdown is run via 'init 6', but
does not appear to be run via '/sbin/reboot'. Thus, this
set of changes improves life depending on the mechanism
used to shut the system down.

Submitted by:	Doug Barton <DougB@gorean.org>
Approved by:	markm
2000-10-16 04:44:35 +00:00
markm
f81d689f63 Reseed the random device as early as possible to prevent hangs,
and provide some form of entropy in case there is no seed file
to prevent a reboot from hanging unnecessarily.
2000-10-14 12:56:08 +00:00
ache
66f25fff0b "fix" savecore by moving dev_mkdb before it to allow device name sensing 2000-10-12 21:40:04 +00:00
ru
f301e0c8ed Turn the verbose mode on for dumpon(8). 2000-10-12 10:34:59 +00:00
obrien
6700db6a71 Add copyright notices. Other systems have been barrowing our /etc files
w/o giving any credit.
2000-10-08 19:20:36 +00:00
sheldonh
71be224373 Only whack pseudo-terminals into shape if they exist. They might
not yet exist in the DEVFS case.
2000-08-21 14:37:52 +00:00
sheldonh
e0f494ecd4 After some discussion with markm, back out most of rev 1.221,
which really wasn't such a hot idea in retrospect.

If the random device isn't available, it probably isn't wanted.
If it's wanted, it should be enabled in loader.conf.
2000-08-21 14:33:20 +00:00
sheldonh
801aa39c88 The output of this script got a little broken in rev 1.225, with
the output for the linux_enable and svr4_enable stuff "floating
in the middle of nowhere".

Give them their own section, called "additional ABI support".
2000-08-18 08:11:23 +00:00
sheldonh
4332565227 Don't rely on a shell scripts to do the simple job of loading
kernel modules for ibcs2_enable and svr4_enable.

Don't rely on a shell script to do the neglibly less simple
job of loading a kernel module and running one command for
linux_enable.

These shell scripts are going away.
2000-08-18 08:07:02 +00:00
obrien
b4ef1cd578 Move the running of the Linux and SVR4 compat bits to the arch independent
location.

Sponsored by:   LinuxWorld frustration
2000-08-15 18:02:49 +00:00
jdp
42f709b552 Add an rc.conf knob "ldconfig_insecure" to disable ldconfig's
security checks.  Set the default to NO, i.e., secure.

Submitted by:	Maxime Henrion <mhenrion@cybercable.fr>
2000-08-11 03:26:30 +00:00
brian
f67f88e239 Improve purgedir():
Fix leading & trailing space handling

  Suggested by: ben

  Handle files beginning with - correctly
  Don't follow symlinks (cd /var/spool/lock; ln -s /. horror)
2000-08-09 09:23:30 +00:00
brian
a4feacb3a7 Don't use find(1) before nfs filesystems have been mounted as
it lives in /usr/bin.  Instead, locate files manually.

Note, only *files* under /var/spool/lock are now deleted rather
than everything that's not a directory.  I think this is more
correct, but if anyone disagrees please feel free to change it.

Problem pointed out by: bde
2000-08-08 13:30:27 +00:00
sheldonh
953536aee8 If the initial attempt to write ${entropy_file} to /dev/random fails
and the randomdev.ko module is not resident, try to load the module and
perform the write again.

Reviewed by:	markm
2000-07-24 13:40:41 +00:00