273188 |
16-Oct-2014 |
hrs |
MFS r272855, 266846:
- Do not override sin6_scope_id in LLA when it is already set to non-zero. This fixes destination list in output of netstat -r. - Plug a memory leak. - Add RTM_VERSION check. - Fix a bug which can make sysctl() fail when -F is specified. - Increase WID_IF_DEFAULT() from 6 to 8 (the default for AF_INET6) because we have interfaces with longer names than 6 chars like epairN{a,b}. - Style fixes.
MFS r272847:
- Add rwlock to struct dadq. A panic could occur when a large number of addresses performed DAD at the same time.
MFS r272850:
- Replace Sun RPC license in TI-RPC library with a 3-clause BSD license, with the explicit permission of Sun Microsystems in 2009.
- Replace Sun Industry Standards Source License for Sun RPC code with a 3-clause BSD license as specified by Oracle America, Inc. in 2010. This license change was approved by Wim Coekaerts, Senior Vice President, Linux and Virtualization at Oracle Corporation.
- Replace Sun RPC license with a 3-clause BSD license. This license change was approved in 2010 by Wim Coekaerts, Senior Vice President, Linux and Virtualization at Oracle Corporation.
- Replace Sun RPC license for TI-RPC library with a 3-clause BSD license, with the explicit permission of Sun Microsystems in 2009. The code in question in this file was copied from lib/libc/rpc/pmap_getport.c.
MFS r272852,r272853:
- Add relative specification in expiration time. - Add proto3 option for RTF_PROTO3. - Use %lu for members of struct rt_metrics. - Use long explicitly for the time difference.
MFS r272854:
- Return 0 if:
1. "-u N" specified, no -f, and mdN found, 2. no -u, "-f /pathname" specified, and mdN associated with /pathname found, 3. "-u N" specified, "-f /pathname" specified, and both of them found, 4. "-l" specified and no -f, 5. "-l" specified, "-f /pathname" specified, and /pathname found.
otherwise return -1.
MFS r272856:
- Move configuration of IPv6 NDP flags to a point before handling ifconfig_IF. This fixes a race that a non-IPv4 interface can get an EUI64 LLA even if it has IFDISABLED nd6 flag at boot time.
MFS r272857:
- Cancel DAD for an ifa when the ifp has ND6_IFF_IFDISABLED as early as possible and do not clear IN6_IFF_TENTATIVE. If IFDISABLED was accidentally set after a DAD started, TENTATIVE could be cleared because no NA was received due to IFDISABLED, and as a result it could prevent DAD when manually clearing IFDISABLED after that.
MFS r272858:
- Fix an issue in range specification handling when a "-foo" is specified in ifconfig_IF_aliasN.
MFS r272859:
- Fix EtherIP. TOS field must be initialized when the inner protocol is PF_LINK, and multicast/broadcast flag should always be dropped because the outer protocol uses unicast even when the inner address is not for unicast. It had been broken since r236951 when gif_output() started to use IFQ_HANDOFF().
MFS r272860:
- Recover sin6_scope_id of gateway addresses in riprecv() by using the if_index where a RIP packet was received. This fixes a bug which prevented gateway addresses in fe80::/64 from being added.
MFS r272861:
- Fix rc.d/gssd script to define the default values in a standard way. - Use a parameter argument in jls(8) instead of doing grep.
MFS r272862, r272870:
- Restructure rc.d scripts for kerberos5 daemons.
MFS r272863:
- Return false status only when adding a route is failed. It could erroneously return false due to an afexists() check loop in routing_start().
MFS r272864:
- Use ipv6_prefer when at least one ifconfig_IF_ipv6 is configured.
MFS r272865:
- Fix a bug which prevented mount.fstab parameter from being converted when jail_JID_devfs_enable=NO.
MFS r272866:
- Fix header output when -P is specified and (ncpus - 1) != maxid.
MFS r272867:
- Fix a bug which could break extended attributes in a dump output. This occurred when a file was >892kB long and had a large data (>1kB) in the extended attributes.
MFS r272868, r272869:
- Make net.inet.ip.sourceroute, net.inet.ip.accept_sourceroute, and net.inet.ip.process_options vnet-aware.
MFS r272871:
- Revert changes in r269180. It could cause -c N option to enter an infinite loop if no reply packet is received.
MFS r272874:
- Resurrect set_rcvar() as a function to define a rc.conf variable. It defines a variable and its default value in load_rc_config() just after rc.conf is loaded. "rcvar" command shows the current and the default values.
MFS r272960:
- Do not add late flag when file= is specified because it has a bad side-effect. The specified file should exist before the fstab line.
Approved by: re (gjb) |
272461 |
03-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of the 10.1-RELEASE process.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
272112 |
25-Sep-2014 |
se |
MFC r271958:
Permit use of "no" as specification of a Norwegian keymap file. Only "keymap=NO" (the default in defaults/rc.conf) or "keymap=" (an empty value) will prevent loading of a keymap file.
Approved by: re (gjb)
|
271214 |
07-Sep-2014 |
gjb |
MFC r271078: Fix typo: s/_maske/_mask/
Approved by: re (rodrigc) Sponsored by: The FreeBSD Foundation
|
271095 |
04-Sep-2014 |
se |
MFC r270647: Add references to vt(4) and the configuration files in /usr/sha MFC r270653: Update man-pages to correctly refer to changed pathes and namin MFC r270657: More man pages that need to know about vt in addition to syscon MFC r270659: (by pluknet@) Missed comma. MFC r270660: Back-out the references to vt(4) from this man-page. It appears MFC r270933: Add references to vt(4) to further man-pages. MFC r270934: Final patches to the tools used to convert syscons keymaps for MFC r270935: Add vt(4) support to the console initialisation script, specifi
Second batch of MFCs to add support for Unicode keymaps for use with vt(4).
It contains the following changes:
- Add references to vt(4) to relevant man-pages. - Update comment in defaults/rc.conf to mention vt - Update rc.d/syscons to warn about syscons keymaps used under vt. An attempt is made to identify the vt keymap to load instead. - Minor changes to the conversion tool based on mail comments on keymaps.
Relnotes: yes
|
270892 |
31-Aug-2014 |
trasz |
MFC r270096:
Bring in the new automounter, similar to what's provided in most other UNIX systems, eg. MacOS X and Solaris. It uses Sun-compatible map format, has proper kernel support, and LDAP integration.
There are still a few outstanding problems; they will be fixed shortly.
Reviewed by: allanjude@, emaste@, kib@, wblock@ (earlier versions) Phabric: D523 Relnotes: yes Sponsored by: The FreeBSD Foundation
|
264438 |
14-Apr-2014 |
dteske |
MFC r264243:
Loosen the processing of *_IF_aliasN vars to be less strict. Previously, the first alias had to be _alias0 and processing stopped at the first non- defined variable (preventing gaps). Allowing gaps gives the administrator the ability to group aliases in an adhoc manner and also lifts the requirement to renumber aliases simply to comment-out an existing one. Aliases are processed in numerical ascending order.
NB: Also Patches mdconfig{,2} rc(8) boot scripts to loosen the numbering scheme for mdconfig_mdN settings to be less strict in the same manner.
Discussed on: -rc
|
263963 |
31-Mar-2014 |
mjg |
MFC r263758: Update userspace users of hw.bus.devctl_disable.
This switches the code to use hw.bus.devctl_queue instead.
|
262566 |
27-Feb-2014 |
des |
MFH (r261320): upgrade openssh to 6.5p1 MFH (r261340): enable sandboxing by default
|
262557 |
27-Feb-2014 |
des |
MFH (r256875): start rtsold if necessary MFH (r256878): add a reload command
|
262384 |
23-Feb-2014 |
bdrewery |
MFC r261931,r261932:
Allow overriding rctl.conf(5) file location for /etc/rc.d/rctl
Approved by: bapt (mentor, implicit)
|
261153 |
25-Jan-2014 |
demon |
Merge r260987:
Do not exit with non-zero return code if sysctl.conf or sysctl.conf.local files are absent.
Approved by: delphij
|
259141 |
09-Dec-2013 |
peter |
MFC r259094 - Fix undocumented side effect of r256256 that changes/breaks existing jails. This burned us in the freebsd cluster yesterday.
|
259073 |
07-Dec-2013 |
peter |
Hoist all the mergeinfo up to the root in preparation for enforcing merges to the root only. All MFC's were rerecorded to the root.
Going forward, if an MFC includes mergeinfo, it will need to be made to the root and committed from the root. Merges with --ignore-ancestry or diff | patch can go anywhere.
The mergeinfo in HEAD is in a bad state from years of neglect and manual tampering and this was branched into 10.x. This confuses the coalescing code and prevents it from doing its job.
Approved by: re (gjb, implicit)
|
258121 |
14-Nov-2013 |
glebius |
Merge r257694 from head:
Remove remnants of BIND from /etc, since there is no BIND in base now.
Sorry, that would break users running head and BIND from ports, since ports rely on these scripts. The ports will be fixed soon.
Approved by: re (kib)
|
256982 |
23-Oct-2013 |
jmg |
MFC r256773: Enable the automatic creation of a certificate (if one does not exists) and enable the usage by sendmail if sendmail is enabled.
Reviewed by: gshapiro Approved by: re (gjb)
|
256874 |
22-Oct-2013 |
hrs |
MFC 256716,256835:
- Fix jail_parallel_start="YES". - Fix ip[46].addr when interface parameter is not defined. - Fix a bug which prevented jails from starting when $jail_conf was used and no jail name was specified. - Display error messages when start/stop fails.
Approved by: re (glebius)
|
256668 |
17-Oct-2013 |
hrs |
MFC 256440, 256498:
- Normalize jailname. "example.com" is converted to "example_com". - Fix a bug that some $jail_{jname}_foo variables did not work. - Fix a bug which prevented $jail_devfs_ruleset from working[1]. - Move $jail_parameters to the last of the configuraiton lines[1]. - Fix "ifname|addr" syntax support in jail_{jname}_ip. - Create /var/run/jail_{jname}.id because ezjail-admin depends on it.
Reported by: jase [1] Approved by: re (gjb)
|
256387 |
12-Oct-2013 |
hrs |
MFC 256385:
- Add mount.fdescfs parameter to jail(8). This is similar to mount.devfs but mounts fdescfs. The mount happens just after mount.devfs.
- rc.d/jail now displays whole error message from jail(8) when a jail fails to start.
Approved by: re (gjb)
|
256381 |
12-Oct-2013 |
markm |
Merge from project branch via main. Uninteresting commits are trimmed.
Refactor of /dev/random device. Main points include:
* Userland seeding is no longer used. This auto-seeds at boot time on PC/Desktop setups; this may need some tweeking and intelligence from those folks setting up embedded boxes, but the work is believed to be minimal.
* An entropy cache is written to /entropy (even during installation) and the kernel uses this at next boot.
* An entropy file written to /boot/entropy can be loaded by loader(8)
* Hardware sources such as rdrand are fed into Yarrow, and are no longer available raw.
------------------------------------------------------------------------ r256240 | des | 2013-10-09 21:14:16 +0100 (Wed, 09 Oct 2013) | 4 lines
Add a RANDOM_RWFILE option and hide the entropy cache code behind it. Rename YARROW_RNG and FORTUNA_RNG to RANDOM_YARROW and RANDOM_FORTUNA. Add the RANDOM_* options to LINT.
------------------------------------------------------------------------ r256239 | des | 2013-10-09 21:12:59 +0100 (Wed, 09 Oct 2013) | 2 lines
Define RANDOM_PURE_RNDTEST for rndtest(4).
------------------------------------------------------------------------ r256204 | des | 2013-10-09 18:51:38 +0100 (Wed, 09 Oct 2013) | 2 lines
staticize struct random_hardware_source
------------------------------------------------------------------------ r256203 | markm | 2013-10-09 18:50:36 +0100 (Wed, 09 Oct 2013) | 2 lines
Wrap some policy-rich code in 'if NOTYET' until we can thresh out what it really needs to do.
------------------------------------------------------------------------ r256184 | des | 2013-10-09 10:13:12 +0100 (Wed, 09 Oct 2013) | 2 lines
Re-add /dev/urandom for compatibility purposes.
------------------------------------------------------------------------ r256182 | des | 2013-10-09 10:11:14 +0100 (Wed, 09 Oct 2013) | 3 lines
Add missing include guards and move the existing ones out of the implementation namespace.
------------------------------------------------------------------------ r256168 | markm | 2013-10-08 23:14:07 +0100 (Tue, 08 Oct 2013) | 10 lines
Fix some just-noticed problems:
o Allow this to work with "nodevice random" by fixing where the MALLOC pool is defined.
o Fix the explicit reseed code. This was correct as submitted, but in the project branch doesn't need to set the "seeded" bit as this is done correctly in the "unblock" function.
o Remove some debug ifdeffing.
o Adjust comments.
------------------------------------------------------------------------ r256159 | markm | 2013-10-08 19:48:11 +0100 (Tue, 08 Oct 2013) | 6 lines
Time to eat crow for me.
I replaced the sx_* locks that Arthur used with regular mutexes; this turned out the be the wrong thing to do as the locks need to be sleepable. Revert this folly.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com> (In original diff)
------------------------------------------------------------------------ r256138 | des | 2013-10-08 12:05:26 +0100 (Tue, 08 Oct 2013) | 10 lines
Add YARROW_RNG and FORTUNA_RNG to sys/conf/options.
Add a SYSINIT that forces a reseed during proc0 setup, which happens fairly late in the boot process.
Add a RANDOM_DEBUG option which enables some debugging printf()s.
Add a new RANDOM_ATTACH entropy source which harvests entropy from the get_cyclecount() delta across each call to a device attach method.
------------------------------------------------------------------------ r256135 | markm | 2013-10-08 07:54:52 +0100 (Tue, 08 Oct 2013) | 8 lines
Debugging. My attempt at EVENTHANDLER(multiuser) was a failure; use EVENTHANDLER(mountroot) instead.
This means we can't count on /var being present, so something will need to be done about harvesting /var/db/entropy/... .
Some policy now needs to be sorted out, and a pre-sync cache needs to be written, but apart from that we are now ready to go.
Over to review.
------------------------------------------------------------------------ r256094 | markm | 2013-10-06 23:45:02 +0100 (Sun, 06 Oct 2013) | 8 lines
Snapshot.
Looking pretty good; this mostly works now. New code includes:
* Read cached entropy at startup, both from files and from loader(8) preloaded entropy. Failures are soft, but announced. Untested.
* Use EVENTHANDLER to do above just before we go multiuser. Untested.
------------------------------------------------------------------------ r256088 | markm | 2013-10-06 14:01:42 +0100 (Sun, 06 Oct 2013) | 2 lines
Fix up the man page for random(4). This mainly removes no-longer-relevant details about HW RNGs, reseeding explicitly and user-supplied entropy.
------------------------------------------------------------------------ r256087 | markm | 2013-10-06 13:43:42 +0100 (Sun, 06 Oct 2013) | 6 lines
As userland writing to /dev/random is no more, remove the "better than nothing" bootstrap mode.
Add SWI harvesting to the mix.
My box seeds Yarrow by itself in a few seconds! YMMV; more to follow.
------------------------------------------------------------------------ r256086 | markm | 2013-10-06 13:40:32 +0100 (Sun, 06 Oct 2013) | 11 lines
Debug run. This now works, except that the "live" sources haven't been tested. With all sources turned on, this unlocks itself in a couple of seconds! That is no my box, and there is no guarantee that this will be the case everywhere.
* Cut debug prints.
* Use the same locks/mutexes all the way through.
* Be a tad more conservative about entropy estimates.
------------------------------------------------------------------------ r256084 | markm | 2013-10-06 13:35:29 +0100 (Sun, 06 Oct 2013) | 5 lines
Don't use the "real" assembler mnemonics; older compilers may not understand them (like when building CURRENT on 9.x).
# Submitted by: Konstantin Belousov <kostikbel@gmail.com>
------------------------------------------------------------------------ r256081 | markm | 2013-10-06 10:55:28 +0100 (Sun, 06 Oct 2013) | 12 lines
SNAPSHOT.
Simplify the malloc pools; We only need one for this device.
Simplify the harvest queue.
Marginally improve the entropy pool hashing, making it a bit faster in the process.
Connect up the hardware "live" source harvesting. This is simplistic for now, and will need to be made rate-adaptive.
All of the above passes a compile test but needs to be debugged.
------------------------------------------------------------------------ r256042 | markm | 2013-10-04 07:55:06 +0100 (Fri, 04 Oct 2013) | 25 lines
Snapshot. This passes the build test, but has not yet been finished or debugged.
Contains:
* Refactor the hardware RNG CPU instruction sources to feed into the software mixer. This is unfinished. The actual harvesting needs to be sorted out. Modified by me (see below).
* Remove 'frac' parameter from random_harvest(). This was never used and adds extra code for no good reason.
* Remove device write entropy harvesting. This provided a weak attack vector, was not very good at bootstrapping the device. To follow will be a replacement explicit reseed knob.
* Separate out all the RANDOM_PURE sources into separate harvest entities. This adds some secuity in the case where more than one is present.
* Review all the code and fix anything obviously messy or inconsistent. Address som review concerns while I'm here, like rename the pseudo-rng to 'dummy'.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com> (the first item)
------------------------------------------------------------------------ r255319 | markm | 2013-09-06 18:51:52 +0100 (Fri, 06 Sep 2013) | 4 lines
Yarrow wants entropy estimations to be conservative; the usual idea is that if you are certain you have N bits of entropy, you declare N/2.
------------------------------------------------------------------------ r255075 | markm | 2013-08-30 18:47:53 +0100 (Fri, 30 Aug 2013) | 4 lines
Remove short-lived idea; thread to harvest (eg) RDRAND enropy into the usual harvest queues. It was a nifty idea, but too heavyweight.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com>
------------------------------------------------------------------------ r255071 | markm | 2013-08-30 12:42:57 +0100 (Fri, 30 Aug 2013) | 4 lines
Separate out the Software RNG entropy harvesting queue and thread into its own files.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com>
------------------------------------------------------------------------ r254934 | markm | 2013-08-26 20:07:03 +0100 (Mon, 26 Aug 2013) | 2 lines
Remove the short-lived namei experiment.
------------------------------------------------------------------------ r254928 | markm | 2013-08-26 19:35:21 +0100 (Mon, 26 Aug 2013) | 2 lines
Snapshot; Do some running repairs on entropy harvesting. More needs to follow.
------------------------------------------------------------------------ r254927 | markm | 2013-08-26 19:29:51 +0100 (Mon, 26 Aug 2013) | 15 lines
Snapshot of current work;
1) Clean up namespace; only use "Yarrow" where it is Yarrow-specific or close enough to the Yarrow algorithm. For the rest use a neutral name.
2) Tidy up headers; put private stuff in private places. More could be done here.
3) Streamline the hashing/encryption; no need for a 256-bit counter; 128 bits will last for long enough.
There are bits of debug code lying around; these will be removed at a later stage.
------------------------------------------------------------------------ r254784 | markm | 2013-08-24 14:54:56 +0100 (Sat, 24 Aug 2013) | 39 lines
1) example (partially humorous random_adaptor, that I call "EXAMPLE") * It's not meant to be used in a real system, it's there to show how the basics of how to create interfaces for random_adaptors. Perhaps it should belong in a manual page
2) Move probe.c's functionality in to random_adaptors.c * rename random_ident_hardware() to random_adaptor_choose()
3) Introduce a new way to choose (or select) random_adaptors via tunable "rngs_want" It's a list of comma separated names of adaptors, ordered by preferences. I.e.: rngs_want="yarrow,rdrand"
Such setting would cause yarrow to be preferred to rdrand. If neither of them are available (or registered), then system will default to something reasonable (currently yarrow). If yarrow is not present, then we fall back to the adaptor that's first on the list of registered adaptors.
4) Introduce a way where RNGs can play a role of entropy source. This is mostly useful for HW rngs.
The way I envision this is that every HW RNG will use this functionality by default. Functionality to disable this is also present. I have an example of how to use this in random_adaptor_example.c (see modload event, and init function)
5) fix kern.random.adaptors from kern.random.adaptors: yarrowpanicblock to kern.random.adaptors: yarrow,panic,block
6) add kern.random.active_adaptor to indicate currently selected adaptor: root@freebsd04:~ # sysctl kern.random.active_adaptor kern.random.active_adaptor: yarrow
# Submitted by: Arthur Mesh <arthurmesh@gmail.com>
Submitted by: Dag-Erling Smørgrav <des@FreeBSD.org>, Arthur Mesh <arthurmesh@gmail.com> Reviewed by: des@FreeBSD.org Approved by: re (delphij) Approved by: secteam (des,delphij)
|
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
256256 |
10-Oct-2013 |
hrs |
- Update rc.d/jail to use a jail(8) configuration file instead of command line options. The "jail_<jname>_*" rc.conf(5) variables for per-jail configuration are automatically converted to /var/run/jail.<jname>.conf before the jail(8) utility is invoked. This is transparently backward compatible.
- Fix a minor bug in jail(8) which prevented it from returning false when jail -r failed.
Approved by: re (glebius)
|
256255 |
10-Oct-2013 |
hrs |
Add support for "vnet jname" argument in ifconfig_IF. The vnet keyword is ignored except for "rc.d/netif vnet{up,down} ifn" because a jail is usually created after interface initialization on boot time.
"rc.d/netif vnetup ifn" moves ifn into the specified jail. It is designed to be used in other scripts like rc.d/jail, not automatically invoked during the interface initialization.
Approved by: re (kib)
|
256126 |
07-Oct-2013 |
delphij |
Reduce priority of host key exists message in sshd startup script to info.
Approved by: re (gjb)
|
256039 |
04-Oct-2013 |
hrs |
Add epair(4) support in $cloned_interfaces. One should be specified as "epair0" in $cloned_interfaces and "epair0[ab]" in the others in rc.conf like the following:
cloned_interfaces="epair0" ifconfig_epair0a="inet 192.168.1.1/24" ifconfig_epair0b="inet 192.168.2.1/24"
/etc/rc.d/netif now accepts both "netif start epair0" and "netif start epair0a".
Approved by: re (kib)
|
256022 |
03-Oct-2013 |
gjb |
Do not install bluetooth rc(8) scripts if MK_BLUETOOTH = no.
Approved by: re (glebius) MFC after: 3 days Sponsored by: The FreeBSD Foundation
|
255843 |
24-Sep-2013 |
des |
Forgotten in r255825: NETWORKING requires local_unbound.
Approved by: re (blanket)
|
255825 |
23-Sep-2013 |
des |
Move local_unbound up in the rc order.
Approved by: re (blanket)
|
255809 |
23-Sep-2013 |
des |
Add a setup script for unbound(8) called local-unbound-setup. It generates a configuration suitable for running unbound as a caching forwarding resolver, and configures resolvconf(8) to update unbound's list of forwarders in addition to /etc/resolv.conf. The initial list is taken from the existing resolv.conf, which is rewritten to point to localhost. Alternatively, a list of forwarders can be provided on the command line.
To assist this script, add an rc.subr command called "enabled" which does nothing except return 0 if the service is enabled and 1 if it is not, without going through the usual checks. We should consider doing the same for "status", which is currently pointless.
Add an rc script for unbound, called local_unbound. If there is no configuration file, the rc script runs local-unbound-setup to generate one.
Note that these scripts place the unbound configuration files in /var/unbound rather than /etc/unbound. This is necessary so that unbound can reload its configuration while chrooted. We should probably provide symlinks in /etc.
Approved by: re (blanket)
|
255766 |
21-Sep-2013 |
des |
Ditch the random seeding code, which never really worked as intended. Add config variables to enable / disable individual host key algorithms. Clean up the host key generation code.
Approved by: re (gjb) MFC after: 3 weeks
|
255654 |
17-Sep-2013 |
hrs |
- Fix pidfile handling in sendmail_msp_queue. The pidfile was ignored and multiple instances were invoked by start/stop cycles.
- Remove redundant start_cmd rewrite.
Approved by: re (gjb) Tested by: jmg
|
255570 |
14-Sep-2013 |
trasz |
Bring in the new iSCSI target and initiator.
Reviewed by: ken (parts) Approved by: re (delphij) Sponsored by: FreeBSD Foundation
|
255450 |
10-Sep-2013 |
cy |
ipfilter 5.1.2 no longer supports sysctl. Use ipf -V to determine if available (the kernel module is loaded or compiled into the kernel).
Approved by: glebius (mentor) Approved by: re (blanket)
|
255163 |
03-Sep-2013 |
delphij |
Create the default router last. This allows using an static interface route for default routes, which seems to be common among many dedicated hosting providers.
Reviewed by: hrs MFC after: 2 weeks
|
254992 |
28-Aug-2013 |
gavin |
After writing a kernel core dump into /var/crash, call sync(8).
If we panic again shortly after boot (say, within 30 seconds), any core dump we wrote out may be lost on reboot. In this situation, we really want to keep that core file, as it may be the only way to have the issue resolved. Call sync(8) after writing out the core file and running crashinfo(8), in the hope that these will not be lost if we panic again. sync(8) is only called in the case where there is a core dump to be written out, so won't be called during normal boots.
Discovered by: Trying to debug an IPSEC panic MFC after: 1 week
|
254511 |
19-Aug-2013 |
peter |
Pass pidfile to bsnmpd if it's been changed (parts cut/pasted from rc.d/rarpd and rc.d/wpa_supplicant)
|
254510 |
19-Aug-2013 |
peter |
Revert r254508.
|
254508 |
19-Aug-2013 |
peter |
Add the optional ability to run as a different user.
Obtained from: Antique freebsd.org cluster archive images
|
253924 |
04-Aug-2013 |
hrs |
- Reimplement $gif_interfaces as a variant of $cloned_interfaces. Newly-configured systems should use $cloned_interfaces.
- Call clone_{up,down}() and ifnet_rename() in rc.d/netif {start,stop}. ifnet_rename() now accepts an interface name list as its argument.
- Add rc.d/netif clear. The "clear" subcommand is basically equivalent to "stop" but it does not call clone_down().
- Add "ifname:sticky" keyword into $cloned_interfaces. If :sticky is specified, the interface will not be destroyed in rc.d/netif stop.
- Add cloned_interfaces_sticky={YES,NO}. This variable globally sets :sticky keyword above for all interfaces. The default value is NO. When cloned_interfaces_sticky=YES, :nosticky keyword can be used to override it on per interface basis.
|
253357 |
15-Jul-2013 |
des |
When stopping pfsync, remove the pfsync interface's syncpeer setting.
MFC after: 3 days
|
253076 |
09-Jul-2013 |
avg |
rc.d/zfs: pass -v option to zfs mount
this should make boot process more informative (and entertaining) on systems with lots of zfs filesystems.
MFC after: 7 days
|
252310 |
27-Jun-2013 |
hrs |
- Add vnode-backed swap space specification support. This is enabled when device names "md" or "md[0-9]*" and a "file" option are specified in /etc/fstab like this:
md none swap sw,file=/swap.bin 0 0
- Add GBDE/GELI encrypted swap space specification support, which rc.d/encswap supported. The /etc/fstab lines are like the following:
/dev/ada1p1.bde none swap sw 0 0 /dev/ada1p2.eli none swap sw 0 0
.eli devices accepts aalgo, ealgo, keylen, and sectorsize as options.
swapctl(8) can understand an encrypted device in the command line like this:
# swapctl -a /dev/ada2p1.bde
- "-L" flag is added to support "late" option to defer swapon until rc.d/mountlate runs.
- rc.d script change:
rc.d/encswap -> removed rc.d/addswap -> just display a warning message if $swapfile is defined rc.d/swap1 -> renamed to rc.d/swap rc.d/swaplate -> newly added to support "late" option
These changes alleviate a race condition between device creation/removal and swapon/swapoff.
MFC after: 1 week Reviewed by: wblock (manual page)
|
252230 |
26-Jun-2013 |
rpaulo |
Implement ifconfig_wlanX="HOSTAP".
Not only this is a bit cleaner, it allows multiple instances of hostapd to be running on the system host, useful for simultaneous dual-band WiFi. This is similar to ifconfig_wlanX="WPA" but it uses /etc/hostapd-wlanX.conf. Compatibility with hostapd_enable=YES/NO was kept.
Reviewed by: adrian
|
252062 |
21-Jun-2013 |
delphij |
Call sshd_precmd instead of sshd_configtest when the operator requests reload or restart, which, in addition of testing the configuration, will also generate host keys when they are not present (previous behavior).
Obtained from: FreeNAS Ok'ed by: bdrewery, des MFC after: 1 week
|
251885 |
18-Jun-2013 |
dteske |
Allow $ntpdate_config to be NULL. Due to a lack of surrounding quotes, when ntpdate_config was set to NULL the conditional would (counter to prevailing logic) succeed -- leading to awk attempting to redirect from a NULL pathname standard-in. While we're here, make the script consistant with itself by removing the {curlies} around ntpdate_config (they are unnecessary).
|
251660 |
12-Jun-2013 |
crees |
Clean up swapfile memory disk on shutdown
Make the md unit number configurable so that it can be predicted
PR: bin/168544 Submitted by: wblock (based on) Approved by: kevlo
|
251584 |
09-Jun-2013 |
hrs |
Add :ifname modifier to specify interface-specific routes into {,ipv6_}static_routes and rc.d/routing. For example:
static_routes="foo bar:em0" route_foo="-net 10.0.0.0/24 -gateway 192.168.2.1" route_bar="-net 192.168.1.0/24 -gateway 192.168.0.2"
At boot time, all of the static routes are installed as before. The differences are:
- "/etc/rc.d/netif start/stop <if>" now configures static routes with :<if> if any. - "/etc/rc.d/routing start/stop <af> <if>" works as well. <af> cannot be omitted when <if> is specified, but a keyword "any" or "all" can be used for <af> and <if>.
|
250804 |
19-May-2013 |
jamie |
Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't apply to most jails but do apply to vnet jails. This includes adding a new sysctl "security.jail.vnet" to identify vnet jails.
PR: conf/149050 Submitted by: mdodd MFC after: 3 days
|
250617 |
13-May-2013 |
asomers |
etc/rc.d/syslogd Add netif as a requirement of syslogd to get lo0 up. Currently, this doesn't affect the rc order, because mountcritremote already depends on netif.
Reviewed by: eadler Approved by: kenm (mentor) MFC after: 2 weeks
|
250240 |
04-May-2013 |
hrs |
- Fix exit status when ip6addrctl_verbose=yes [*] - Use the absolute pathname for ip6addrctl. - Use "install" instead of "add" to reduce the number of invocations.
Reported by: Tatsuki Makino [*] PR: conf/175006 [*] MFC after: 1 week
|
250235 |
04-May-2013 |
crees |
Introduce and use new flag -L to mount for mounting only late filesystems.
Previously, rc.d/mountlate mounted *all* filesystems, causing problems with background NFS mounts being mounted twice.
PR: conf/137629 Submitted by: eadler (original concept) Reviewed by: mjg Approved by: hrs
|
249555 |
16-Apr-2013 |
bdrewery |
Also call configtest before reload to ensure working config.
Approved by: jhb MFC after: 1 week X-MFC-With: r249489
|
249489 |
14-Apr-2013 |
bdrewery |
Run configtest before restarting so that the system is not left without a running sshd.
Approved by: des MFC after: 1 week
|
248620 |
22-Mar-2013 |
jilles |
rc.d/sysctl: Fix error messages about unknown OIDs.
There are three situations where the sysctl script is called: 1. "start", very early 2. "lastload", near the end of rc 3. "reload", at admin request while the system is booted
Ignore unknown OIDs in situation 1 because kernel modules may not be loaded yet and complain about them in situations 2 and 3.
PR: conf/174595 Submitted by: Olivier Smedts
|
248488 |
19-Mar-2013 |
cperciva |
Fix typo in previous commit: Exit if */dev/dumpdev* does not exist, not if */bin/realpath* does not exist...
Submitted by: markj Pointy hat to: cperciva
|
248487 |
19-Mar-2013 |
cperciva |
If dumpdev is AUTO but no dump device has been set -- i.e., there is no swap space configured for rc.d/dumpon to designate for dumping -- then exit silently rather than with a > realpath: /dev/dumpdev: No such file or directory error message.
An argument could be made that we should print a (more informative) warning message; but given that under the same conditions the rc.d/dumpon script will already print a > No suitable dump device was found warning, it seems that printing an additional > Dump device does not exist. Savecore not run. warning would be superfluous.
|
247271 |
25-Feb-2013 |
des |
If rtadvd_interfaces is set to "none", start rtadvd without listing any interfaces on the command line.
MFC after: 1 week
|
246358 |
05-Feb-2013 |
des |
Load the pfsync module if necessary.
Reviewed by: glebius@ MFC after: 1 week
|
246255 |
02-Feb-2013 |
ume |
Use the default policy table of RFC 6724.
MFC after: 1 weeks
|
245525 |
17-Jan-2013 |
bz |
Add a conditional sleep 1 in case we add any IPv6 addresses to interfaces. Do this per jail started, not per address. This will allow DAD to complete and services to properly start. Before we have seen problems with services trying to start before the IPv6 address was available to use and thus erroring and failing to start.
MFC after: 3 days
|
244218 |
14-Dec-2012 |
pjd |
- When checking if a dump exists on the given device there is no need to provide dump directory. Eliminate this redundant argument. This changes the usage, but the only risk here is that a warning will be printed about directory given as device.
- Update usage of -C option.
- When clearing dump header from the given device there is also no need to provide dump directory, although additional arguments for -c were not documented.
- Document that -v can be used with -c and that list of devices can be given.
Obtained from: WHEEL Systems
|
244198 |
13-Dec-2012 |
delphij |
Teach sysctl(8) about parsing a file (while I'm there also give it capability of parsing both = and : formats).
Submitted by: hrs (initial version, bugs are mine) MFC after: 3 months
|
244181 |
13-Dec-2012 |
pjd |
Fix the location of auditdistd configuration file.
Reported by: Johan Hendriks <joh.hendriks@gmail.com>
|
243752 |
01-Dec-2012 |
rwatson |
Merge a number of changes required to hook up OpenBSM 1.2-alpha2's auditdistd (distributed audit daemon) to the build:
- Manual cross references - Makefile for auditdistd - rc.d script, rc.conf entrie - New group and user for auditdistd; associated aliases, etc.
The audit trail distribution daemon provides reliable, cryptographically protected (and sandboxed) delivery of audit tails from live clients to audit server hosts in order to both allow centralised analysis, and improve resilience in the event of client compromises: clients are not permitted to change trail contents after submission.
Submitted by: pjd Sponsored by: The FreeBSD Foundation (auditdistd)
|
243212 |
18-Nov-2012 |
hrs |
Fix condition to check if the maximum number of FIBs is greater than 0 or not.
Spotted by: zont
|
243188 |
17-Nov-2012 |
hrs |
Use -fib N modifier to add/delete a route to/from multiple FIBs.
|
243080 |
15-Nov-2012 |
eadler |
Only pass ip[46].addr when _addrl contains a value
Submitted by: crees Reviewed by: Mike Jakubik <mike.jakubik@intertainservices.com> Approved by: cperciva MFC after: 2 weeks
|
242301 |
29-Oct-2012 |
hrs |
Load ipdivert.ko when natd_enable=YES.
PR: conf/167566
|
242181 |
27-Oct-2012 |
hrs |
Fix an issue when ipv6_enable=YES && ipv6_gateway_enable=YES which could prevent rtadvd(8) from working as intended.
Spotted by: brian Discussed with: brian
|
242074 |
25-Oct-2012 |
brian |
Enable "accept_rtadvd" on interfaces running rtadvd.
Without this, rtadvd runs but never advertises a default (IPv6) route.
MFC after: 1 week
|
240343 |
11-Sep-2012 |
avg |
rc.d/power_profile: use recently added Cmax for cx_lowest
Trying to determine current lowest C-state after an AC event is racy with C-states actually being changed by ACPI platform and kernel driver.
MFC after: 3 weeks
|
240336 |
11-Sep-2012 |
obrien |
Simply things so that "#REQUIRE: FILESYSTEMS" means the file systems are fully "ready to go".
'FILESYSTEMS' states: "This is a dummy dependency, for services which require file systems to be mounted before starting." However, we have 'var' which is was run after 'FILESYSTEMS' and can mount /var if it already isn't mounted. Furthermore, several scripts cannot use /var until 'cleanvar' has done its thing. Thus "FILESYSTEMS" hasn't really meant all critical file systems are fully usable.
|
240334 |
11-Sep-2012 |
obrien |
Add postrandom.
|
240109 |
04-Sep-2012 |
des |
Add a configtest command.
Submitted by: gjb@ MFC after: 1 week
|
240108 |
04-Sep-2012 |
obrien |
* Rather than run the same 'ps' command twice, add 'kenv' which often gives machine unique values from the firmware. * The kernel is more likely to be unique than /bin/ls (but no need to stuff many megabytes into /dev/random, so hash it). * Change ordering to give larger variance across reboots to reduce predictability.
|
239599 |
22-Aug-2012 |
obrien |
Correct style.
|
239598 |
22-Aug-2012 |
obrien |
* Reinstate r128059's consumption of our best entropy first. r128060 for "hardware-supplied entropy" reversed this without reason, seems a typo. * Isolate "better than nothing" implementation to a function.
Submitted by: obrien & Arthur Mesh <arthurmesh@gmail.com> Sponsored by: Juniper Networks
|
239596 |
22-Aug-2012 |
obrien |
The entire comment block is now spell checked this time -- I promise.
|
239595 |
22-Aug-2012 |
delphij |
Allow - be used in the name of a provider. Without this change it's not possible to specify a gptid in geli_devices.
|
239593 |
22-Aug-2012 |
obrien |
Fix comment misspelling.
Submitted by: kargl
|
239570 |
22-Aug-2012 |
obrien |
Depend on the new 'postrandom' instead of random. We need to limit the amount of time between consuming the entropy seeds and removing it in case of a kernel panic.
|
239569 |
22-Aug-2012 |
obrien |
Remove old entropy seeding after consumption initializing /dev/random PRNG. Not doing so opens us up to replay attacks.
Submitted by: Arthur Mesh <arthurmesh@gmail.com> Sponsored by: Juniper Networks
|
239568 |
22-Aug-2012 |
obrien |
Add dependencies based on security(7).
|
239382 |
19-Aug-2012 |
kuriyama |
- Allow to pass extra parameters for each jails. - To achieve above, convert jail(8) invocation to use new style command line "-c" flag.
Reviewed at: freebsd-jail@
|
238629 |
19-Jul-2012 |
dteske |
Revert SVN r238628 (mistake).
|
238628 |
19-Jul-2012 |
dteske |
Fix syntax errors (s/:=/:-/).
Reviewed by: emaste (mentor) Approved by: emaste (mentor) MFC after: 3 days
|
238622 |
19-Jul-2012 |
emax |
Allow to specify no source-address-selection policy
MFC after: 1 week
|
238605 |
18-Jul-2012 |
des |
Move -n ${_jail} before ${_flags} so that any -n options in ${_flags} will override ours instead of the other way around.
|
238427 |
13-Jul-2012 |
brooks |
MFP4 214344: Tighten the regular expression that checks for an md /tmp such that no /tmp mount and an md / isn't improperly matched.
Sponsored by: DARPA/AFRL
|
238416 |
13-Jul-2012 |
kevlo |
Whitespace nit
|
238282 |
09-Jul-2012 |
hrs |
- Add IFT_L2VLAN (vlan(4)) support. - Add -P option to support PID file. When -a is specified /var/run/rarpd.pid is used, and when an interface is specified /var/run/rarpd.<ifname>.pid is used by default.
|
238277 |
09-Jul-2012 |
hrs |
Make ipfw0 logging pseudo-interface clonable. It can be created automatically by $firewall_logif rc.conf(5) variable at boot time or manually by ifconfig(8) after a boot.
Discussed on: freebsd-ipfw@
|
238102 |
04-Jul-2012 |
des |
Name jails automatically.
MFC after: 1 week
|
238009 |
02-Jul-2012 |
sbruno |
Revert r238004 as more review has come in and there is now a discussion on how to best proceed.
|
238004 |
02-Jul-2012 |
sbruno |
Cosmetic display change of Cx states via cx_supported sysctl entries.
Adjust power_profile script to handle the new world order as well.
Some vendors are opting out of a C2 state and only defining C1 & C3. This leads the acpi_cpu display to indicate that the machine supports C1 & C2 which is caused by the (mis)use of the index of the cx_state array as the ACPI_STATE_CX value.
e.g. the code was pretending that cx_state[i] would always convert to i by subtracting 1.
cx_state[2] == ACPI_STATE_C3 cx_state[1] == ACPI_STATE_C2 cx_state[0] == ACPI_STATE_C1
however, on certain machines this would lead to cx_state[1] == ACPI_STATE_C3 cx_state[0] == ACPI_STATE_C1
This didn't break anything but led to a display of: * dev.cpu.0.cx_supported: C1/1 C2/96
Instead of * dev.cpu.0.cx_supported: C1/1 C3/96
MFC after: 2 weeks
|
235107 |
06-May-2012 |
stas |
- Change kfd rc script to be more conformant with rcNG conventions: o change rcname to kfd; o move mandatory options to command_args; o add missing "shutdown" keyword; o fix require line. Kfd doesn't really need to be started before daemons.
Suggested by: dougb
|
234927 |
02-May-2012 |
jhb |
- Don't log messages saying that accounting is being disabled and enabled if the accounting log file is atomically replaced with a new file (such as during log rotation). - Simplify accounting log rotation a bit. There is no need to re-run accton(8) after renaming the new log file to it's real name.
PR: kern/167321 Tested by: Jeremy Chadwick
|
234093 |
10-Apr-2012 |
stas |
- Add rc.d script for kfd, kerberos forwarded tickets daemon.
|
232515 |
04-Mar-2012 |
bz |
Rather than printing the output from route add for all FIBs just print them for the default FIB followed by a statement with a list of FIB numbers for all the other FIBs we install the routes for.
Request by: kib (to make it less noisy) Tested by: kib MFC after: 3 days
|
231852 |
17-Feb-2012 |
bz |
Merge multi-FIB IPv6 support from projects/multi-fibv6/head/:
Extend the so far IPv4-only support for multiple routing tables (FIBs) introduced in r178888 to IPv6 providing feature parity.
This includes an extended rtalloc(9) KPI for IPv6, the necessary adjustments to the network stack, and user land support as in netstat.
Sponsored by: Cisco Systems, Inc. Reviewed by: melifaro (basically) MFC after: 10 days
|
231667 |
14-Feb-2012 |
dougb |
Fix various issues with the NFS and RPC related scripts:
1. Add new functionality to the force_depend method to incorporate the tests for whether the service is enabled and/or already running. 2. Add a new option to bypass checking only that the service is enabled at boot time, and always check if it is running. 3. Use this new functionality to greatly simplify the rc.d scripts that use force_depend. 4. Add a force_depend for statd in lockd 5. Remove the check that either nfs_server or nfs_client is _enable'd from statd and lockd. This was always overkill, and prevented using the {one|force}start options, as well as stop'ing on the command line. 6. The yp* scripts had some of their arguments in various weird orders. Bring them into line with the model. 7. If mountd fails to create /var/db/mountdtab, err out.
Ideas, suggestions, and/or review from delphij and jilles. Pointy hats are completely my responsibility however.
|
231563 |
12-Feb-2012 |
avg |
start watchdogd before most of other daemons/servers
The main benefit is that watchdogd would shutdown after most of other daemons/servers and thus, for example, would remedy a system hang caused by unlucky X server shutdown.
Reviewed by: dougb (earlier version) MFC after: 2 weeks
|
231549 |
12-Feb-2012 |
ed |
Avoid using BEFORE in the utx rc script.
Requested by: dougb
|
231534 |
11-Feb-2012 |
ed |
Move utmpx handling out of init(8).
This has the following advantages:
- During boot, the BOOT_TIME record is now written right after the file systems become writable, but before users are allowed to log in. This means that they can't cause `hidden logins' by logging in right before init(8) kicks in.
- The pututxline(3) function may potentially block on file locking, though this is very rare to occur. By placing it in an rc script, the user can still kill it with ^C if needed.
- Most importantly: jails don't use init(8). This means that a force reboot of a system running jails will leave stale entries in the accounting database of the jails individually.
|
231507 |
11-Feb-2012 |
dougb |
In the days before r208307 addswap was running early in the second stage of rcorder. Somehow in the intervening period addswap got moved to the very end, which is almost certainly not what we want.
This change moves it to right after kld so that for users who need it, they'll get it ASAP.
|
231194 |
08-Feb-2012 |
dougb |
As it stands right now, the default devfs rulesets are only loaded as a side effect of something else using them. If they haven't been loaded already but you want to use them, say for configuring a jail, you're out of luck.
So add a knob to always load the default rulesets. While I'm here document the other devfs_ knobs in rc.conf.5.
|
230991 |
04-Feb-2012 |
hrs |
Fix $ipv6_network_interfaces handling in rc.d/routing. It could fail when it was set to "auto", for example.
MFC after: 3 days
|
230726 |
29-Jan-2012 |
hrs |
Perform IPv6 DAD only in ifn_start.
|
230453 |
22-Jan-2012 |
hrs |
Fix several glitches in IPv6-related knobs:
- ipv6_enable + ipv6_gateway_enable should unset ACCEPT_RTADV by default for backward compatibility.
- Configurations in ipv6_prefix_IF should be recognized even if there is no ifconfig_IF_ipv6.
- DAD wait should be performed at once, not on a per-interface basis, if possible. This fixes an issue that a system with a lot of IPv6-capable interfaces takes too long for booting.
MFC after: 1 week
|
230403 |
20-Jan-2012 |
brooks |
When creating the jails /dev/log symlink, do it by full path to avoid creating stray "log" symlinks if the mount fails. That apparently happens in some ezjail configs.
PR: conf/143084 Submitted by: Dirk Engling <erdgeist at erdgeist.org> Reviewed by: simon MFC after: 2 weeks
|
230388 |
20-Jan-2012 |
rea |
dhclient: don't use syslog for logging non-DHCP interface errors
We should show the error to user, but it doesn't deserve syslog.
Approved by: jhb
|
230099 |
14-Jan-2012 |
dougb |
Prepare for the removal of set_rcvar() by changing the rcvar= assignments to the literal values it would have returned.
The concept of set_rcvar() was nice in theory, but the forks it creates are a drag on the startup process, which is especially noticeable on slower systems, such as embedded ones.
During the discussion on freebsd-rc@ a preference was expressed for using ${name}_enable instead of the literal values. However the code portability concept doesn't really apply since there are so many other places where the literal name has to be searched for and replaced. Also, using the literal value is also a tiny bit faster than dereferencing the variables, and every little bit helps.
|
230007 |
12-Jan-2012 |
rea |
rc.d: document 'quiet' prefix and fix dhclient/devd interaction
Document the current semantics of the 'quiet' command prefix in the rc.subr(8).
Fix dhclient rc.d script: it should not call err() for non-DHCP-enabled interface when it is called from devd, because the latter just blindly calls 'service dhclient quietstart' on each "link up" event.
Since the 'quietstart' will silence the message "Cannot 'start' <foo>. Set <foo>_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'." and running dhclient on the non-DHCP-enabled interface is the same thing as running the service <foo> without <foo>_enable set, such modification is in sync with the current semantics of the 'quiet' prefix.
Approved by: glebius Reviewed by: freebsd-rc list MFC after: 2 weeks
|
229850 |
09-Jan-2012 |
glebius |
Bunch of fixes to pfsync(4) module load/unload:
o Make the pfsync.ko actually usable. Before this change loading it didn't register protosw, so was a nop. However, a module /boot/kernel did confused users. o Rewrite the way we are joining multicast group: - Move multicast initialization/destruction to separate functions. - Don't allocate memory if we aren't going to join a multicast group. - Use modern API for joining/leaving multicast group. - Now the utterly wrong pfsync_ifdetach() isn't needed. o Move module initialization from SYSINIT(9) to moduledata_t method. o Refuse to unload module, unless asked forcibly. o Improve a bit some FreeBSD porting code: - Use separate malloc type. - Simplify swi sheduling.
This change is probably wrong from VIMAGE viewpoint, however pfsync wasn't VIMAGE-correct before this change, too.
Glanced at by: bz
|
229822 |
08-Jan-2012 |
dougb |
There is no longer a need to abstract ${rcvar_manpage} as we are not attempting to maintain compatibility with NetBSD for some years now.
|
229783 |
07-Jan-2012 |
uqs |
Spelling fixes for etc/
|
229701 |
06-Jan-2012 |
pjd |
Add 'nojail' keyword as auditd(8) can't really do anything useful when inside a jail.
Discussed with: rwatson MFC after: 1 week
|
228541 |
15-Dec-2011 |
pjd |
- Put one file into one line. This makes keeping local changes and merging with FreeBSD easier for vendors. - For optional files use variables starting with underscore.
Both changes make rc.d/Makefile look similar to sys/modules/Makefile.
Reviewed by: dim
|
228191 |
01-Dec-2011 |
obrien |
Ensure kldxref is run first. Currently both 'kldxref' and 'kld' depend on "FILESYSTEMS" and 'kld' is being run 8 scripts ahead of 'kldxref'.
Reported by: dhw
|
227366 |
08-Nov-2011 |
jilles |
rc.d: Eliminate some unnecessary non-POSIX constructs:
* set - ... * empty braces * ^ in character class
|
227112 |
05-Nov-2011 |
dim |
Whenever you boot with nfsv4_server_enable=NO (the default) in rc.conf, the /etc/rc.d/nfsd script sets vfs.nfsd.server_max_nfsvers to 3.
Then, when you set nfsv4_server_enable=YES in rc.conf, and restart nfsd via the rc.d script, without rebooting, the sysctl does *not* get reset to max version 4, so NFSv4 still doesn't work.
Fix this by explicitly setting vfs.nfsd.server_max_nfsvers to 4 when NFSv4 is requested.
I also added resetting of the nfs_privport sysctls, since this has the same issue: nfs_reserved_port_only=YES in rc.conf sets the nfs_privport sysctl to 1, but in the other case, the sysctl doesn't get reset to 0.
Reviewed by: rmacklem Silence from: rc@ MFC after: 3 days
|
226879 |
28-Oct-2011 |
rea |
Fix handling of rc_force in /etc/rc.d/dhclient
Variable 'rc_force' is accessible only at the time of rc_run_command, so it can't be examined from the script's main code.
Spotted by: hrs Reviewed by: hrs, des Approved by: des MFC after: 2 weeks
|
226657 |
23-Oct-2011 |
mm |
Correctly reassign copyright of etc/rc.d/static_ndp back to delphij@ as the project itself is no legal entity
Reported by: Joe Dahl <joel@vnode.se> MFC after: 3 days
|
226654 |
23-Oct-2011 |
mm |
Add etc/rc.d/static_ndp, analogous to etc/rc.d/static_arp. Make sure that static ARP and NDP bindings are set before NETWORKING.
As static_ndp is based on static_arp, pass copyright to the project with permission of the original author (delphij@).
Reviewed by: delphij@FreeBSD.org MFC after: 3 days
|
226464 |
17-Oct-2011 |
des |
The rc_force test was inverted in the previous commit, so that dhclient ran for interfaces which were not configured for DHCP *unless* rc_force was set; the correct logic is to run dhclient for those interfaces *only if* rc_force is set.
Broken by: des@ Noticed by: everybody and his dog Submitted by: rea@ PR: bin/161733
|
226345 |
13-Oct-2011 |
des |
Make dhclient use a pid file. Modify the rc script accordingly; while there, clean it up and add some error checks.
Glanced at by: brooks@ MFC after: 3 weeks
|
225684 |
20-Sep-2011 |
hrs |
Use REQUIRE: line to reorder rc.d/bridge instead of BEFORE: line.
Pointed out by: dougb Approved by: re (bz)
|
225670 |
19-Sep-2011 |
hrs |
Use resolvconf(8) to create /etc/resolv.conf, not directly overwrite it.
Approved by: re (kib)
|
225669 |
19-Sep-2011 |
hrs |
Fix the script order to run rc.d/bridge after the initial network interface configuration and before running network daemons.
Approved by: re (kib)
|
225521 |
13-Sep-2011 |
hrs |
Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE (r225485). When setting an interface name to it, the following configurations will be enabled:
1. "no_radr" is set to all IPv6 interfaces automatically.
2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif. This is done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this means you can manually supersede this configuration if necessary).
3. The node will add RA-sending routers to the default router list even if net.inet6.ip6.forwarding=1.
This mode is added to conform to RFC 6204 (a router which connects the end-user network to a service provider network). To enable packet forwarding, you still need to set ipv6_gateway_enable=YES.
Note that accepting router entries into the default router list when packet forwarding capability and a routing daemon are enabled can result in messing up the routing table. To minimize such unexpected behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.
Approved by: re (bz)
|
225120 |
23-Aug-2011 |
delphij |
Honor WITHOUT_IPX when installing etc/rc.d/ipxrouted.
MFC after: 1 week Approved by: re (kib)
|
224273 |
22-Jul-2011 |
dougb |
Revert the apparently-unecessary module_path twiddling from r223917
Approved by: re (kib)
|
224132 |
17-Jul-2011 |
jilles |
rc.d/routing: Fix ugly output with additional routing options.
Print a separate "Additional routing options" line for each address family which has additional options, so that it does not get mixed up with the output from adding routes.
This also reverts r224048 which added newlines to two arbitrary routing options.
|
224048 |
15-Jul-2011 |
kevlo |
Remove "-n" from echo
Reviewed by: dougb
|
223917 |
10-Jul-2011 |
dougb |
Make sure we load kernel modules from the same path as the running kernel
|
223852 |
08-Jul-2011 |
rmacklem |
Delete the /etc/rc.d/nfsserver script, since it is no longer used by /etc/rc.d/nfsd and it is no longer necessary to load the old nfs server by default, when nfs_server_enable="YES".
Tested by: sgk at troutmask.apl.washington.edu Reviewed by: rc (Andrzej Tobola)
|
223847 |
07-Jul-2011 |
rmacklem |
Fix the /etc/rc.d/nfsd script so that it no longer uses the /etc/rc.d/nfsserver script to load the old nfs server module.
Tested by: sgk at troutmask.apl.washington.edu Reviewed by: rc (hrs)
|
223644 |
28-Jun-2011 |
pluknet |
Run load_rc_config before stop_cmd definition, so that ${quotaoff_flags} is correctly expanded inside stop_cmd instead of getting nothing.
PR: conf/157687 Reported by: Dmitry Banschikov <d.banschikov peterhost ru> MFC after: 1 week
|
223408 |
22-Jun-2011 |
dougb |
I knew there was something funny about this line
|
223311 |
19-Jun-2011 |
dougb |
Blah, forgot to svn add the actual script from r223310
|
223310 |
19-Jun-2011 |
dougb |
Add the netwait rc.d script. It waits for the specified period for the network to become active.
PR: conf/151063 Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com>
|
223264 |
18-Jun-2011 |
dougb |
Add rc.d/kld to load kernel modules after local disks are up. This method is many times faster than doing it in /boot/loader.conf.
|
222997 |
11-Jun-2011 |
hrs |
- Remove $ipv6_gateway_enable check. - Use list_net_interfaces() instead of "ifconfig -l".
|
222993 |
11-Jun-2011 |
rmacklem |
Make three one line changes to the rc scripts so that they work with the new NFS client being the default, since the new NFS client's module name is nfscl and not nfsclient.
|
222007 |
17-May-2011 |
hrs |
Remove redundant keywords.
Submitted by: wxs
|
221615 |
08-May-2011 |
rmacklem |
Change the new NFS server so that it uses vfs.nfsd naming for its sysctls instead of vfs.newnfs. This separates the names from the ones used by the client.
|
221420 |
04-May-2011 |
des |
Upgrade to OpenSSH 5.8p2.
|
221139 |
27-Apr-2011 |
rmacklem |
Fix module names and dependencies so the NFS clients will load correctly as modules after r221124.
|
221046 |
26-Apr-2011 |
rmacklem |
Update the /etc/rc.d scripts for mountd and nfsd so they can use the "-o" option to force the old NFS server to run. Running the old NFS server is enabled by setting oldnfs_server_enable="YES". The scripts will only enable providing service for NFSv4 if nfsv4_server_enable="YES" is set.
Reviewed by: dougb (rc)
|
221007 |
25-Apr-2011 |
dougb |
Create a function for the code from r192246 so that it can be used both times mount is called.
Limit the automatic behavior to when AUTO is specified (as it is in etc/defaults/rc.conf) and for everything else take advantage of all of the goodness in checkyesno.
|
221006 |
25-Apr-2011 |
dougb |
Add svn:executable property
|
220962 |
23-Apr-2011 |
dougb |
Introduce to rc.subr get_pidfile_from_conf(). It does just what it sounds like, determines the path to a pid file as it is specified in a conf file.
Use the new feature for rc.d/named and rc.d/devd, the 2 services in the base that list their pid files in their conf files.
Remove the now-obsolete named_pidfile, and warn users if they have it set.
|
220167 |
30-Mar-2011 |
trasz |
Add startup script, to load rules from /etc/rctl.conf.
Sponsored by: The FreeBSD Foundation Reviewed by: kib (ealier version)
|
220153 |
30-Mar-2011 |
emaste |
Replace ${SYSCTL_W} with ${SYSCTL} in rc.d scripts, as they are identical. This is a further clean up after r202988.
SYSCTL_W is still initialized in rc.subr as some ports may still use it.
|
219820 |
21-Mar-2011 |
jeff |
- Merge in OFED 1.5.3 from projects/ofed/head
|
219587 |
13-Mar-2011 |
dougb |
Remove the svn:executable property on Makefile
Add it on hastd
|
219090 |
27-Feb-2011 |
pjd |
Commit two more files missed in r219089.
MFC after: 1 month
|
219082 |
27-Feb-2011 |
pjd |
Recognize 'reload' command, as hastd can be reloaded with the SIGHUP signal.
MFC after: 1 week
|
218986 |
24-Feb-2011 |
dougb |
The new accounting file needs to be 644 so that unprivileged users can use lastcomm(1)
|
218961 |
22-Feb-2011 |
dougb |
Update how accounting log files are rotated.
The old version had a race between the time that the old file was cp'ed to acct.0 and the time that 'sa -s' was run that prevented the commands that occurred in the meantime from being backed up.
It's also arguable that the old version was inefficient in using cp which can be a problem on a space-constrained system.
This version avoids both problems, albeit it's considerably more complicated. The advantage of putting the log rotation in the rc.d script is that it can handle the _enable and _file questions without having to do gymnastics to discover either value in the periodic script.
As a side effect of reviewing the rc.d script I cleaned it up a bit.
|
218142 |
31-Jan-2011 |
dougb |
Let rpcbind clean up after itself
|
217073 |
06-Jan-2011 |
imp |
Don't require /usr/lib/aout to be on the system. Test for its existance since we don't generally need it.
MFC after: 1 week
|
216744 |
27-Dec-2010 |
dougb |
Add pidfile [1]
While I'm here, don't run the sysctl frob unconditionally, and s/sysctl/$SYSCTL/
PR: conf/153460 [1] Submitted by: Grigory Rechistov <ggg_mail@inbox.ru>
|
216499 |
17-Dec-2010 |
kevlo |
Add pf in quiet mode
|
215824 |
25-Nov-2010 |
dougb |
Add a sync to the shutdown step. In the common case this will be harmless at worst. On a heavily loaded server it will give the fs a chance to do its business without the axe hanging over its head.
Submitted by: ivoras
|
215799 |
24-Nov-2010 |
pjd |
Add gptboot_enable rc variable, which allows to turn gptboot reporting off in case user wants to implement his own actions and doesn't want the attributes to vanish.
Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com MFC after: 3 days
|
213270 |
29-Sep-2010 |
emaste |
/etc/rc.d/defaultroute currently bails immediately if all interfaces set to use DHCP have no carrier. This can cause grief as it may take some time for link to be established, and defaultroute may terminate before this happens.
Introduce a defaultroute_carrier_delay variable and then wait that long in defaultroute before bailing if no interfaces have carrier. With the default settings defaultroute will wait for five seconds for this, and the original 30 second wait for a default route to appear is unchanged. Note that there is in discussion an alternative approach to the broader problem of waiting for DHCP-configured routes. However, this change addresses a real problem in the current defaultroute script.
Discussed on: freebsd-rc@
|
213202 |
27-Sep-2010 |
imp |
Prefer echo over printf
|
213137 |
24-Sep-2010 |
pjd |
Add gptboot script that is responsible for: - looking for partition with 'bootonce' attribute alone (without 'bootme' attribute), removing it and logging that we successfully booted from this partition. - looking for partitions with 'bootfailed' attribute, removing it and logging that we failed to boot from this partition.
Reviewed by: arch (Message-ID: <20100917234542.GE1902@garage.freebsd.pl>) Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com MFC after: 2 weeks
|
212579 |
13-Sep-2010 |
hrs |
Split $ipv6_prefer into $ip6addrctl_policy and $ipv6_activate_all_interfaces.
The $ip6addrctl_policy is a variable to choose a pre-defined address selection policy set by ip6addrctl(8). The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3, the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484, respectively. When "AUTO" is specified, it attempts to read /etc/ip6addrctl.conf first. If it is found, it reads and installs it as a policy table. If not, either of the two pre-defined policy tables is chosen automatically according to $ipv6_activate_all_interfaces.
When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding $ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.
The default values are ip6addrctl_policy=AUTO and ipv6_activate_all_interfaces=NO.
Discussed with: ume and bz
|
212576 |
13-Sep-2010 |
hrs |
Add $ipv6_privacy to support net.inet6.ip6.use_tempaddr. Note that this will be replaced with a per-IF version later.
Based on: changes in r206408 by dougb
|
212574 |
13-Sep-2010 |
hrs |
Revert changes in r206408.
Discussed with: dougb, core.5, and core.6
|
212222 |
05-Sep-2010 |
daichi |
Avoid to try to remove suj journal file (.sujournal) and conventional snapshot directory (.snap) from cleartmp rc.d script.
|
210734 |
01-Aug-2010 |
jilles |
Allow starting /etc/rc.d/ipmon if ipnat is enabled but ipfilter is not (in /etc/rc.conf).
This fixes an apparent confusion between test(1) and sh(1) syntax for AND/OR.
PR: conf/149036 Submitted by: pluknet MFC after: 1 week
|
208307 |
19-May-2010 |
dougb |
This change does the following for the scripts that run up through FILESYSTEMS (the default early_late_divider): 1. Move sysctl to run first 2. Move as many BEFOREs to REQUIREs as possible. 3. Minor effect, move hostid_save from right before mdconfig to right after.
A lot of the early scripts make use of sysctl one way or another so running this first makes a lot of sense given that system-critical values are often placed in sysctl.conf.
My original purpose for working on this was that while doing some debugging on other stuff I noticed that the order of execution was different in the first pass through the early scripts and the second. In practice that doesn't matter because the scripts are not executed the second time. However this _can_ result in problems if the difference in the rcorder moves a script from the late section to the early section in the second pass (which would mean the script would not get executed). So, I wanted to make the order of execution of the scripts in the early section more deterministic.
In the course of debugging the ordering problems I noticed that moving the BEFOREs to REQUIREs prevented the changes in order from the first pass to the second pass without having to make any substantial changes. (Of course it's no secret that I think BEFORE should be avoided as much as possible, but this is a good example of why.)
Reviewed by: silence on freebsd-rc@ MFC after: 8.1-RELEASE
|
208060 |
14-May-2010 |
dougb |
Remove trailing white space. No functional changes.
|
207346 |
28-Apr-2010 |
dougb |
In the case where named_chroot_autoupdate is NOT set, but named_chrootdir IS set, named-checkconf fails because it cannot find the conf file. Fix this by making checkconf a variable that includes "-t $named_chrootdir" as needed. Notice of the bug and suggested direction for the fix from [1].
Using required_files for named.conf is overkill ever since I added the named-checkconf call, so rather than update the logic to handle the case described above, remove it. This also handles the case where named_chroot_autoupdate IS set but the symlink doesn't exist yet.
PR: conf/145904 Submitted by: J R Matthews
|
207225 |
26-Apr-2010 |
ume |
Better handling of ipv6_default_interface using net.inet6.ip6.use_defaultzone=1. Now, it works IPv6 link-local unicast addresses as well as IPv6 link-local multicast addresses.
MFC after: 1 week
|
206706 |
16-Apr-2010 |
rpaulo |
Add ubthidhci.
MFC after: 2 days
|
206427 |
09-Apr-2010 |
rpaulo |
Add rc.d/ubthidhci. This small script calls usbconfig(1) to change a USB Bluetooth controller from HID mode to HCI mode.
MFC after: 1 week
|
206408 |
09-Apr-2010 |
dougb |
Improve the handling of IPv6 configuration in rc.d. The ipv6_enable and ipv6_ifconfig_<interface> options have already been deprecated, these changes do not alter that.
With these changes any value set for ipv6_enable will emit a warning. In order to avoid a POLA violation for the deprecation of the option ipv6_enable=NO will still disable configuration for all interfaces other than lo0. ipv6_enable=YES will not have any effect, but will emit an additional warning. Support and warnings for this option will be removed in FreeBSD 10.x.
Consistent with the current code, in order for IPv6 to be configured on an interface (other than lo0) an ifconfig_<interface>_ipv6 option will have to be added to /etc/rc.conf[.local].
1. Clean up and minor optimizations for the following functions: ifconfig_up (the ipv6 elements) ipv6if ipv6_autoconfif get_if_var _ifconfig_getargs The cleanups generally were to move the "easy" tests earlier in the functions, and consolidate duplicate code.
2. Stop overloading ipv6_prefer with the ability to disable IPv6 configuration.
3. Remove noafif() which was only ever called from ipv6_autoconfif. Instead, simplify and integrate the tests into that function, and convert the test to use is_wired_interface() instead of listing wireless interfaces explicitly.
4. Integrate backwards compatibility for ipv6_ifconfig_<interface> into _ifconfig_getargs. This dramatically simplifies the code in all of the callers, and avoids a lot of other code duplication.
5. In rc.d/netoptions, add code for an ipv6_privacy option to use RFC 4193 style pseudo-random addresses (this is what windows does by default, FYI).
6. Add support for the [NO]RTADV options in ifconfig_getargs() and ipv6_autoconfif(). In the latter, include support for the explicit addition of [-]accept_rtadv in ifconfig_<interface>_ipv6 as is done in the current code.
7. In rc.d/netif add a warning if $ipv6_enable is set, and remove the set_rcvar_obsolete for it. Also remove the latter from rc.d/ip6addrctl.
8. In /etc/defaults/rc.conf:
Add an example for RTADV configuration.
Set ipv6_network_interfaces to AUTO.
Switch ipv6_prefer to YES. If ipv6_enable is not set this will have no effect.
Add a default for ipv6_privacy (NO).
9. Document all of this in rc.conf.5.
|
205121 |
13-Mar-2010 |
jh |
Use an unique directory name instead of hardcoded /tmp/.diskless. A malicious user could create a file named /tmp/.diskless and cause the script to misbehave.
PR: conf/141258 Reported by: Jon Passki MFC after: 1 week
|
204818 |
07-Mar-2010 |
dougb |
Implement the idea of parallel-only-at-start-time in a cleaner, more rc.d'ish way.
Not objected to by: netchild
|
204759 |
05-Mar-2010 |
netchild |
Redirect stdin from /dev/null when starting a jail: At least in RELENG_7 this fixes some start problems for some programs from the ports. It is also more correct, as a jail shall not expect input (interactivity) from the jail-host.
Revert the current behavior of starting jails in the background and make it optional only for the start of jails (jail_parallell_start=YES in rc.conf): - The stop can not be done in the background, the system needs to wait until everything is stopped correctly before it can reboot or power down. - The start should not be done in parallel by default, this not only breaks POLA for people comming from RELENG_x, it may also break a dependency chain with other scripts in the jail-host, which need to do some stuff after the jails are up and running (e.g. hardlinking a mysql socket from one jail into another one).
Discussed on: freebsd-jails@
|
204427 |
27-Feb-2010 |
ume |
Add the shutdown KEYWORD.
Pointed out by: dougb MFC after: 3 days
|
204083 |
19-Feb-2010 |
pjd |
Add missing KEYWORD line.
Pointed out by: dougb
|
204077 |
18-Feb-2010 |
pjd |
Remove some lines left over by accident.
|
204076 |
18-Feb-2010 |
pjd |
Please welcome HAST - Highly Avalable Storage.
HAST allows to transparently store data on two physically separated machines connected over the TCP/IP network. HAST works in Primary-Secondary (Master-Backup, Master-Slave) configuration, which means that only one of the cluster nodes can be active at any given time. Only Primary node is able to handle I/O requests to HAST-managed devices. Currently HAST is limited to two cluster nodes in total.
HAST operates on block level - it provides disk-like devices in /dev/hast/ directory for use by file systems and/or applications. Working on block level makes it transparent for file systems and applications. There in no difference between using HAST-provided device and raw disk, partition, etc. All of them are just regular GEOM providers in FreeBSD.
For more information please consult hastd(8), hastctl(8) and hast.conf(5) manual pages, as well as http://wiki.FreeBSD.org/HAST.
Sponsored by: FreeBSD Foundation Sponsored by: OMCnet Internet Service GmbH Sponsored by: TransIP BV
|
203676 |
08-Feb-2010 |
emax |
Introduce new rc.conf variable firewall_coscripts. It can be used to specify list of executables and/or rc scripts that should be executed after firewall starts/stops.
Submitted by: Yuri Kurenkov <y dot kurenkov at init dot ru> Reviewed by: rhodes, rc@ MFC after: 1 week
|
203433 |
03-Feb-2010 |
ume |
Add rc.d script for the rtsold(8) daemon.
The rtsol(8) handles just one RA then exit. So, the OtherConfig flag may not be handled well by rtsol(8) in the environment where there are multiple RA servers on the segment. In such case, rtsold(8) will be your friend.
Reviewed by: hrs MFC after: 2 weeks
|
203200 |
30-Jan-2010 |
ume |
Allow use of -6 option to "server" and "peer" in ntp.conf.
MFC after: 1 week
|
202880 |
23-Jan-2010 |
kib |
Do not check for existence of symlink source for the link action. This does not work for link in subdirectory, and sometimes it is useful to create symlink in advance for dynamically created device node.
MFC after: 1 week
|
202218 |
13-Jan-2010 |
ed |
Let rc and periodic infrastructure and newsyslog use the utmpx files.
|
202130 |
11-Jan-2010 |
delphij |
Set svn:executable to *.
MFC after: 1 month
|
201445 |
03-Jan-2010 |
gavin |
Forced commit, to provide correct commit message for r201440:
Don't complain when we encounter the "cache" source, it's valid. Also fix the error message to include a line feed and not include a stray comma.
PR: bin/121671 Submitted by: Artis Caune artis.caune gmail.com Approved by: ed (mentor) MFC after: 2 weeks
While here, change "> /dev/stderr" for more usual ">&2"
Submitted by: jilles
|
201440 |
03-Jan-2010 |
gavin |
The default hash table size is 257 not 255. Reword the rest of the line slightly while here.
PR: bin/121671 Submitted by: Artis Caune artis.caune gmail.com Approved by: ed (mentor)
|
201370 |
01-Jan-2010 |
dougb |
s/named_confidr/named_confdir/ in the rndc.key check. The line in the command to create it was right, but the check was wrong, so it was getting created every time. Mea culpa.
Submitted by: oliver
|
201367 |
01-Jan-2010 |
dougb |
The script hard-coded the assumption that the "configuration directory" would be "/etc/namedb" in a number of places. Since the user may make a different choice, introduce a new internal variable, named_confdir that is generated relative to the location of $named_conf.
While this will work for some things (especially a highly customized build from ISC source) there are still a number of places where /etc/namedb is assumed that it is not easily virtualized (E.g., mtree). If you deviate from the defaults you'd better know what you're doing. :)
|
200448 |
12-Dec-2009 |
dougb |
Since the change to rc.subr in r198162 it's not necessary to specify command in the rc.d script if we have a corresponding ${name}_program entry, which we do for named.
Rename named_precmd to named_prestart to make it more clear and match convention.
Move the command_args definition related to -u up into _prestart(). It (and the associated $named_uid value) are only used there, and unlike required_* and pidfile don't need to be used until this stage.
Fix a silly bug that would only have affected people who were using the new named_wait or named_auto_forward features, AND had set up an rndc.conf file instead of using the automatically generated rndc.key.
For named_conf: Add "-c $named_conf" to command_args if it's not set to the default. If it is set to the default and we're using the base BIND it's not necessary. If we're using BIND from the ports the user is likely to have included it in _flags (due to long necessity for doing so) so don't duplicate that if it's set.
Add $named_conf to required_files
|
200028 |
02-Dec-2009 |
ume |
Unify rc.firewall and rc.firewall6, and obsolete rc.firewall6 and rc.d/ip6fw.
Reviewed by: dougb, jhb MFC after: 1 month
|
198785 |
02-Nov-2009 |
remko |
Execute the start/stop process of a jail in the background. This will prevent that the script hangs during startup, which could cause annoying effects after rebooting for example.
PR: kern/139422 Submitted by: Andrey Groshev <greenx at yartv dot ru> Approved by: imp (mentor, implicit) MFC after: 3 days Facilitated by: Snow B.V.
|
198383 |
23-Oct-2009 |
hrs |
Use double-quotation marks to fix the unexpanded variable issue.
Spotted by: swell.k
|
198190 |
17-Oct-2009 |
dougb |
Remove a circular dependency on routing
Submitted by: Mykola Dzham <freebsd@levsha.org.ua> Approved by: hrs
|
197947 |
10-Oct-2009 |
dougb |
In regards to the "Starting foo:" type messages at boot time, create and employ a more generic solution, and use it in the individual rc.d scripts that also have an $rc_quiet test:
1. Add check_startmsgs() to rc.subr. 2. In the rc.d scripts that use rc_quiet (and rc.subr) substitute variations of [ -z "$rc_quiet" ] with check_startmsgs 3. In savecore add a trailing '.' to the end of the message to make it more consistent with other scripts. 4. In newsyslog remove a : before the terminal '.' since we do not expect there to be anything printed out in between to make it more consistent. 5. In the following scripts change "quotes" to 'quotes' where no variables exist in the message: savecore pf newsyslog 6. In the following scripts substitute if/then/fi for the simpler (and more consistent) check_startmsgs &&: faith stf 7. In the following scripts separate the "Starting foo:" from the terminal '.' to make them more consistent: moused hostname pf 8. In nfsclient move the message to its own line to avoid a style bug 9. In pf rc_quiet does not apply to the _stop method, so remove the test there. 10. In motd add 'quotes' around the terminal '.' for consistency
|
197719 |
02-Oct-2009 |
hrs |
- Enable an afexists() check only when no AF argument is specified. - Simplify helper functions.
Discussed with: ume
|
197702 |
02-Oct-2009 |
hrs |
The net.inet.tcp.log_in_vain accepts 0, 1 or 2, not Y/N.
|
197701 |
02-Oct-2009 |
hrs |
Revert the previous afexists() change. Knobs configured explicitly by the user should not be ignored if possible even if the kernel does not support the prerequisite feature.
Discussed with: ume
|
197699 |
02-Oct-2009 |
hrs |
- Split routing_*() and option_*() to *_AF() and add afexists() check for each address family. Replace AF_static() with static_AF() for consistency.
- Display a message only if the user sets a non-default value, and set a sysctl explicitly even if it is the default value.
|
197698 |
02-Oct-2009 |
hrs |
- Fix logic inversion bug of net.inet.tcp.rfc1323[*].
- Split netoptions_start() to netoptions_AF() and add afexists() check for each address family.
- Display a message only if the user sets a non-default value, and set a sysctl explicitly even if it is the default value.
Spotted by: Pegasus Mc Cleaft[*]
|
197697 |
02-Oct-2009 |
hrs |
- Add AF_IPX and AF_NATM to afexists().
- Add afexists() check to address family specific rc.d scripts. A script for an AF will be silently ignored if the kernel has no support for the AF.
|
197646 |
30-Sep-2009 |
ume |
Don't do an IPv6 operation when the kernel doesn't have an IPv6 support.
Reported by: Alexander Best <alexbestms__at__math.uni-muenster.de> Confirmed by: Paul B. Mahol <onemda__at__gmail.com>, Alexander Best <alexbestms__at__math.uni-muenster.de>
|
197528 |
26-Sep-2009 |
hrs |
Use ipv6if() when $rtadvd_interfaces="AUTO".
|
197527 |
26-Sep-2009 |
hrs |
Move rc.d/{stf,faith} to just before rc.d/routing.
Pointed out by: tegge
|
197526 |
26-Sep-2009 |
hrs |
Fix several logic bugs in the previous IPv6 variable change and re-add $ipv6_enable support for backward compatibility. From UPDATING:
1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF for IPv4. For aliases, $ifconfig_IF_aliasN should be used. Note that both variables need the "inet6" keyword at the head.
Do not set $ipv6_network_interfaces manually if you do not understand what you are doing. It is not needed in most cases.
$ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but they are obsolete.
2. $ipv6_enable is obsolete. Use $ipv6_prefer and/or "inet6 accept_rtadv" keyword in ifconfig(8) instead.
If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and all configured interfaces have "inet6 accept_rtadv" in the $ifconfig_IF_ipv6. These are for backward compatibility.
3. A new variable $ipv6_prefer has been added. If NO, IPv6 functionality of interfaces with no corresponding $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag, and the default address selection policy of ip6addrctl(8) is the IPv4-preferred one (see rc.d/ip6addrctl for more details). Note that if you want to configure IPv6 functionality on the disabled interfaces after boot, first you need to clear the flag by using ifconfig(8) like:
ifconfig em0 inet6 -ifdisabled
If YES, the default address selection policy is set as IPv6-preferred.
The default value of $ipv6_prefer is NO.
4. If your system need to receive Router Advertisement messages, define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8) scripts automatically invoke rtsol(8) when the interface becomes UP. The Router Advertisement messages are used for SLAAC (State-Less Address AutoConfiguration).
|
197196 |
14-Sep-2009 |
emaste |
Protect cross-script invocation by checking that the target script exists. This allows pruning of rc.d scripts without getting too many ugly boottime error messages.
Inspired by phk's r128714 change to netif.
|
197175 |
13-Sep-2009 |
bz |
Correct a copy and paste error using the variable name from the legacy IP handling rather than the IPv6 version.
Reported by: Pegasus Mc Cleaft (ken mthelicon.com) Tested by: Pegasus Mc Cleaft (ken mthelicon.com) MFC after: 2 days X-MFX with: r197139
|
197146 |
12-Sep-2009 |
hrs |
Use is_wired_interface() instead of hard-coded interface device names.
Pointed out by: sam
|
197144 |
12-Sep-2009 |
hrs |
Add an extension of set_rcvar(), a new function set_rcvar_obsolete(), and $desc.
The set_rcvar_obsolete() is for displaying an obsolete variable and the new one. More specifically, a warning is displayed when a variable is removed or changed in the source tree and the user still defines the old one.
$router* and $ipv6_router* are replaced with $routed_* and $route6d_* for consistency. The old variables still work but can be removed in the future.
MFC after: 3 days
|
197143 |
12-Sep-2009 |
hrs |
Use RCng coding convention.
MFC after: 3 days
|
197140 |
12-Sep-2009 |
hrs |
- Add "AUTO" keyword support in $rtadvd_interfaces. - Wrap a long line.
MFC after: 3 days
|
197139 |
12-Sep-2009 |
hrs |
Integrate rc.d/network_ipv6 into rc.d/netif:
- Add rc.d/stf and rc.d/faith for stf(4) and faith(4). - Remove rc.d/auto_linklocal and rc.d/network_ipv6. - Move rc.d/sysctl to just before FILESYSTEMS because rc.d/netif depends on some sysctl variables.
Reviewed by: brooks MFC after: 3 days
|
196552 |
25-Aug-2009 |
delphij |
Localize 'e'.
Submitted by: dougb
|
196550 |
25-Aug-2009 |
delphij |
Add a new rc.d script, static_arp, which enables the administrator to statically bind IPv4 <-> MAC address at boot time.
In order to use this, the administrator needs to configure the following rc.conf(5) variable:
- static_arp_pairs: A list of names for static bind pairs, and, - a series of static_arp_(name): the arguments that is being passed to ``arp -S'' operation.
Example: static_arp_pairs="gw" static_arp_gw="192.168.1.1 00:01:02:03:04:05"
See the rc.conf(5) manual page for more details.
Reviewed by: -rc@ MFC after: 2 weeks
|
196439 |
23-Aug-2009 |
dougb |
Fix the typo mentioned in the PR, and one additional. Fix caps while I'm here.
PR: conf/138087 Submitted by: Chris Petrik <c.petrik.sosa@gmail.com>
|
196436 |
23-Aug-2009 |
dougb |
Move is_wired_interface() from rc.d/wpa_supplicant into network.subr, simplify it a bit, and make use of that method to determine if an interface is a candidate for IPv6 rtsol rather than listing all of the possible wireless interfaces that should _not_ get rtsol'ed.
This change is only relevant for 8.0+ unless the "wlan mandatory" code gets ported back to RELENG_7.
|
195938 |
29-Jul-2009 |
pjd |
Currently there is a problem with fscking UFS file systems created on top of ZVOLs. The problem is that rc.d/fsck runs before rc.d/zfs. The latter makes ZVOLs to appear in /dev/. In such case rc.d/fsck cannot find devfs entry and aborts. We cannot simply move rc.d/zfs before rc.d/fsck, because we first want kern.hostid to be configured (by rc.d/hostid). If we won't wait (hostid will be 0) we can reuse disks which are in use by different systems (eg. in SAN/NAS environment). We also cannot move rc.d/hostid before rc.d/fsck, because rc.d/hostid on first system start stores generated kern.hostuuid in /etc/hostid file, so it needs root file system to be mounted read-write.
The fix is to split rc.d/hostid so that rc.d/hostid (which will now run before rc.d/fsck) only generates hostid and sets up sysctls, but doesn't touch root file system and rc.d/hostid_save (which is run after rc.d/root) and only creates /etc/hostid file.
With that in place, we can move ZVOL initialization to dedicated rc.d/zvol script which runs before rc.d/fsck.
PR: conf/120194 Reported by: James Snow <snow@teardrop.org> Reviewed by: brooks Approved by: re (kib) MFC after: 2 weeks
|
195026 |
26-Jun-2009 |
dougb |
Reverse the effect of r193198 for pf and ipfw which will once again allow them to start after netif. There were too many problems reported with this change in the short period of time that it lived in HEAD, and we are too late in the release cycle to properly shake it out.
IMO the issue of having the firewalls up before the network is still a valid concern, particularly for pf whose default state is wide open. However properly solving this issue is going to take some investment on the part of the people who actually use those tools.
This is not a strict reversion of all the changes for r193198 since it also included some simplification of the BEFORE/REQUIRE logic which is still valid for ipfilter and ip6fw.
|
193944 |
10-Jun-2009 |
avg |
rc.d/fsck: allow additional options for fsck_y_enable via fsck_y_flags
Primary intention is to allow to pass -C option to avoid (re-)checking clean filesystems when preening fails and fsck -y kicks in.
Submitted by: marck Reviewed by: current@ Approved by: jhb (mentor) MFC after: 1 week
|
193939 |
10-Jun-2009 |
ed |
Small cleanups to the jail script:
- Remove redundant debugging of consolelog. - Use `while :', instead of `while [ true ]'. This is done in other places as well.
Submitted by: Jille Timmermans <jille quis cx> (not jilles) Reviewed by: jilles
|
193354 |
02-Jun-2009 |
rmacklem |
Add support for the experimental nfs subsystem to the scripts in /etc/rc.d. They use the following new rc variables: nfsv4_server_enable - set to "YES" to run the experimental server nfsuserd_enable - set to "YES" to run nfsuserd for NFSv4 client and server nfsuserd_flags - command line flags for nfsuserd nfscbd_enable - set to "YES" to run the experimental nfs client's NFSv4 callback daemon nfscbd_flags - command line flags for nfscbd
Reviewed by: dougb Approved by: kib (mentor)
|
193198 |
01-Jun-2009 |
dougb |
Make the pf and ipfw firewalls start before netif, just like ipfilter already does. This eliminates a logical inconsistency, and a small window where the system is open after the network comes up.
|
193197 |
01-Jun-2009 |
dougb |
Substitute ypset for ypbind in REQUIRE lines. If you use ypset it has to happen right after ypbind, and before anything that uses NIS. The only change in rcorder accomplished by this patch is make that happen.
PR: conf/117555 Submitted by: John Marshall <john@rwsrv05.mby.riverwillow.net.au>
|
193119 |
30-May-2009 |
dougb |
Small cleanup, add (spurious) quotation marks around the value for name= to make these scripts consistent with the rest.
|
193112 |
30-May-2009 |
dougb |
As previously advertised, remove this script prior to the 8.0 branch.
|
192579 |
22-May-2009 |
rwatson |
Further idmapd garbage collection -- remove rc.d Makefile reference and default settings.
Submitted by: Pawel Worach <pawel.worach at gmail.com>
|
192578 |
22-May-2009 |
rwatson |
Remove the unmaintained University of Michigan NFSv4 client from 8.x prior to 8.0-RELEASE. Rick Macklem's new and more feature-rich NFSv234 client and server are replacing it.
Discussed with: rmacklem
|
192246 |
17-May-2009 |
danger |
- do not create and mount new file systems on top of the old ones on every invocation of this script once we already have one (in case tmpmfs="YES").
Reviewed by: dougb
|
192215 |
16-May-2009 |
dougb |
1. New feature; option to have the script loop until a specified hostname (localhost by default) can be successfully looked up. Off by default. 2. New feature: option to create a forwarder configuration file based on the contents of /etc/resolv.conf. This allows you to utilize a local resolver for better performance, less network traffic, custom zones, etc. while still relying on the benefits of your local network resolver. Off by default. 3. Add named-checkconf into the startup routine. This will prevent named from trying to start in a situation where it would not be possible to do so.
|
192210 |
16-May-2009 |
dougb |
Trim trailing whitespace from the end of a line
|
191620 |
28-Apr-2009 |
ru |
Added (pre|post)(start|stop) jail hooks. These can be used to run arbitrary commands (outside the jail) associated with said events, e.g. to bring up/down CARP interfaces representing services run in jails.
Reviewed by: simon
|
190575 |
30-Mar-2009 |
emax |
- Add ipfw_nat to the list of required modules if "firewall_nat_enable" is set and "natd_enable" is NOT set;
- Accept and pass firewall type to the external firewall script.
Submitted by: Yuri Kurenkov < y -dot- kurenkov -at- init -dot- ru > MFC after: 3 days No response from: freebsd-rc
|
189694 |
11-Mar-2009 |
guido |
Backout previous commit due to PEBKAC
|
189624 |
10-Mar-2009 |
guido |
When swap resides on a mirror and it is not stopped, the mirror is degraded upon the next reboot and will have to be rebuild. Thus call swapoff when rebooting (read: when stopping swap1)
|
188710 |
17-Feb-2009 |
mtm |
Rename the rc.conf(5) knob if_up_delay to defaultroute_delay to better reflect its purpose.
|
188478 |
11-Feb-2009 |
mtm |
Reword informational message by rc.d/defaultroute.
PR: conf/131458
|
188293 |
07-Feb-2009 |
bz |
Named normally cannot be started chrooted inside a jail. Thus treat the jail case specifically. In case we find a proper pre-seeded devfs in the chroot path (mounted from the base system) permit starting chrooted else give proper warn/error messages.
PR: conf/103489 Reviewed by: dougb MFC after: 5 days
|
188009 |
02-Feb-2009 |
mtm |
The 30 second wait for network interfaces to show up effectively makes the time to boot an unplugged system 30 sec. longer for no good reason. Therefore, add a check to make sure that any DHCP interfaces are plugged in before waiting.
|
187909 |
30-Jan-2009 |
imp |
Spawn one fewer shells on startup. We don't use dhcp_interfaces at all in this function, and grep shows no other instances of it (besides, this is a function, and in a sub-shell, so all changes are local).
|
187879 |
29-Jan-2009 |
keramida |
Backout change 187782. It inhibits ntpd from starting at all when ntpd_sync_on_start is set.
Noticed by: rafan
|
187782 |
27-Jan-2009 |
keramida |
When synchronizing the clock at system startup time, use both the -g and -q options. They do a slightly different thing and both are necessary when the time difference is large.
Noticed by: danger, in the forums Approved by: roberto MFC after: 1 week
|
187708 |
26-Jan-2009 |
bz |
Update jail startup script for multi-IPv4/v6/no-IP jails.
Note: this is only really necessary because of the ifconfig logic to add/remove the jail IPs upon start/stop. Consensus among simon and I is that the logic should really be factored out from the startup script and put into a proper management solution.
- We now support starting of no-IP jails. - Remove the global jail_<jname>_netmask option as it is only helpful to set netmasks/prefixes for the right address family and per address. - Implement jail_<jname>_ip options to support both address familes with regard to ifconfig logic. - Implement _multi<n> support suffix to the jail_<jname>_ip option to configure additional addresses to avoid overlong, unreadbale jail_<jname>_ip lines with lots of addresses.
Submitted by: initial work from Ruben van Staveren Discussed on: freebsd-jail in Nov 2008. Reviewed by: simon, ru (partial, older version) MFC after: 1 week
|
186237 |
17-Dec-2008 |
brooks |
Correct a bug where /etc/rc.d/defaultroute fails to finish by printing a newline when it fails to obtain an address via DHCP. This made the next rc script begin its output on the same line.
PR: conf Submitted by: Bruce Cran <bruce at cran dot org dot uk> MFC after: 3 days
|
184588 |
03-Nov-2008 |
dfr |
Implement support for RPCSEC_GSS authentication to both the NFS client and server. This replaces the RPC implementation of the NFS client and server with the newer RPC implementation originally developed (actually ported from the userland sunrpc code) to support the NFS Lock Manager. I have tested this code extensively and I believe it is stable and that performance is at least equal to the legacy RPC implementation.
The NFS code currently contains support for both the new RPC implementation and the older legacy implementation inherited from the original NFS codebase. The default is to use the new implementation - add the NFS_LEGACYRPC option to fall back to the old code. When I merge this support back to RELENG_7, I will probably change this so that users have to 'opt in' to get the new code.
To use RPCSEC_GSS on either client or server, you must build a kernel which includes the KGSSAPI option and the crypto device. On the userland side, you must build at least a new libc, mountd, mount_nfs and gssd. You must install new versions of /etc/rc.d/gssd and /etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.
As long as gssd is running, you should be able to mount an NFS filesystem from a server that requires RPCSEC_GSS authentication. The mount itself can happen without any kerberos credentials but all access to the filesystem will be denied unless the accessing user has a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There is currently no support for situations where the ticket file is in a different place, such as when the user logged in via SSH and has delegated credentials from that login. This restriction is also present in Solaris and Linux. In theory, we could improve this in future, possibly using Brooks Davis' implementation of variant symlinks.
Supporting RPCSEC_GSS on a server is nearly as simple. You must create service creds for the server in the form 'nfs/<fqdn>@<REALM>' and install them in /etc/krb5.keytab. The standard heimdal utility ktutil makes this fairly easy. After the service creds have been created, you can add a '-sec=krb5' option to /etc/exports and restart both mountd and nfsd.
The only other difference an administrator should notice is that nfsd doesn't fork to create service threads any more. In normal operation, there will be two nfsd processes, one in userland waiting for TCP connections and one in the kernel handling requests. The latter process will create as many kthreads as required - these should be visible via 'top -H'. The code has some support for varying the number of service threads according to load but initially at least, nfsd uses a fixed number of threads according to the value supplied to its '-n' option.
Sponsored by: Isilon Systems MFC after: 1 month
|
184485 |
30-Oct-2008 |
pjd |
ifconfig(8) can take only one interface at a time.
|
183714 |
09-Oct-2008 |
peter |
Clean out some empty mergeinfo records, presumably by people doing local cp/mv operations. The full repo-relative URL should be specified for the source in these cases.
|
183325 |
24-Sep-2008 |
ru |
Allow a jail's IP alias to be created with an arbitrary netmask.
MFC after: 3 days
|
183100 |
16-Sep-2008 |
thompsa |
Allow a jail to be started with a specific route fib.
Reviewed by: secteam (simon) Reviewed by: brooks, bz
|
182460 |
29-Aug-2008 |
jhb |
Add the ability to run /usr/sbin/crashinfo on a new core dump automatically during boot. Right now this is disabled by default, but it can be enabled by setting 'crashinfo_enable=YES' in rc.conf.
MFC after: 2 weeks
|
182163 |
25-Aug-2008 |
des |
Make obrien happy
|
181941 |
21-Aug-2008 |
rpaulo |
Cope with the file rename by changing rc variables.
|
181891 |
20-Aug-2008 |
obrien |
Rename the RCng 'kernel' script to 'kernel_symlink'.
|
181872 |
19-Aug-2008 |
obrien |
Rename the RCng 'kernel' script to 'kernel_symlink'.
Requested by: many
|
181445 |
09-Aug-2008 |
obrien |
Only symlink booted kernel directory to /boot/kernel if user has explicitly requested it. This is too dangerous to just do behind the admin's back.
|
181114 |
01-Aug-2008 |
dougb |
When using SRV records the protocols and services files need to be in the chroot /etc directory.
PR: conf/121101 Submitted by: Stefan `Sec` Zehl <sec@42.org>
|
181071 |
31-Jul-2008 |
jhb |
Oops, restore the recent changes to make startup messages quieter.
|
181070 |
31-Jul-2008 |
jhb |
Parse sysctl settings from /etc/sysctl.conf.local after /etc/sysctl.conf if it exists. This mirrors similar behavior for /boot/loader.conf and /etc/rc.conf.
Obtained from: Yahoo! MFC after: 1 week
|
180619 |
19-Jul-2008 |
marcel |
With uart(4) default, change /dev/cuad# to /dev/cuau# and sio# to uart# so that out-of-the-box FreeBSD is consistent.
|
180618 |
19-Jul-2008 |
marcel |
With uart(4) default, change /dev/cuad# to /dev/cuau# and sio# to uart# so that out-of-the-box FreeBSD is consistent.
|
180564 |
16-Jul-2008 |
dougb |
Add the shutdown KEYWORD to those scripts that start persistent services to allow them to do a "clean" shutdown.
I purposely avoided making changes to network-related stuff since the system shutting down is pretty conclusive, and there may be complicated dependencies on the network that I would rather not try to unravel.
I also skipped kerberos-related stuff for the reasons above, and because I have no way to test it.
|
180563 |
16-Jul-2008 |
dougb |
As previously discussed, add the svn:executable property to all scripts
|
180440 |
11-Jul-2008 |
mtm |
The pfctl(8) program is already pretty verbose, so don't print extra information in quiet mode.
|
180318 |
06-Jul-2008 |
mtm |
Remove the $DUMPDIR variable. It's redundant and the rest of the script uses $dumpdir directly.
|
180317 |
06-Jul-2008 |
mtm |
Make checking for the availability of core dumps work in the case that $dumpdev is not set to "AUTO".
Reported by: Paul B. Mahol <onemda@gmail.com>
|
180296 |
05-Jul-2008 |
mtm |
No need to display the result of enabling the ipfw sysctl if it's successfull. Issue a warning if it fails, however.
|
180295 |
05-Jul-2008 |
mtm |
There's no need to announce that we're mounting local filesystems when running in quiet mode since if we fail to mount any of them the boot process gets interrupted.
|
180294 |
05-Jul-2008 |
mtm |
Quiet down rc.d/nfsclient by not printing anything in 'quiet' mode. Instead issue a warning of it fails to set the sysctls.
|
180070 |
27-Jun-2008 |
mtm |
Backout r179941. The nfsclient knob always confuses me. I should have double-checked my setup before commiting.
Noticed by: Florian Smeets Pointy hat to: mtm
|
179981 |
24-Jun-2008 |
mtm |
Quiet rc.d/syscons unless it has something to say.
|
179966 |
23-Jun-2008 |
mtm |
Add a -q flag to swapon(8) to suppress informational messages. Use it in rc.d. Note: errors are not affected by this flag.
|
179965 |
23-Jun-2008 |
mtm |
The sysctl(8) program exits on some errors and only emits warnings on others. In the case where it displayed warnings it would still return succesfully. Modify it so that it returns the number of sysctls that it was not able to set.
Make use of this in rc.d to display only *unsuccessfull* attempts to set sysctls.
|
179962 |
23-Jun-2008 |
mtm |
Run savecore(8) only if there is a core dump to save. If there is no core dump hide the message to that effect behind $rc_quiet.
|
179961 |
23-Jun-2008 |
mtm |
Implement a "quiet" mode for rc.d/netif, which only outputs the interface name of interfaces that were configured.
This change has the added benefit that ifn_start() and ifn_stop() in network.subr no longer write to standard output. Whether to output and what to output is now handled entirely in rc.d/netif.
|
179951 |
23-Jun-2008 |
mtm |
Set the sysctl(8) value in the same shell, not a subshell. This was causing calls to netoptions_init() to not properly set a global variable, which ended up being in the parent shell.
|
179945 |
23-Jun-2008 |
mtm |
Move a lot of diagnostic output behind $rc_quiet in scripts that implement their own start command.
|
179944 |
23-Jun-2008 |
mtm |
Align the script more with rc.d/cleanvar (which doesn't output any diagnostics). Instead, move output behind $rc_quiet.
|
179943 |
23-Jun-2008 |
mtm |
Remove the -v flag from the command line to dumpon(8), and instead print diagnostic ouput only if the command fails.
|
179941 |
23-Jun-2008 |
mtm |
Argh! s/nfs_client_enable/nfsclient_enable/g
|
179940 |
23-Jun-2008 |
mtm |
Do not print anything unless one of the net/routing options is set.
|
179939 |
23-Jun-2008 |
mtm |
s/daemon processes/local packages/ for consisitency.
|
179931 |
22-Jun-2008 |
mtm |
Output information only if /etc/rc.local exists.
|
179930 |
22-Jun-2008 |
mtm |
Do not print anything unless at least one of the abi emulators is enabled.
|
179929 |
22-Jun-2008 |
mtm |
Simplify this script with the added bonus that the bit about i386 initialization doesn't get printed unless ibcs2_enable is set.
|
179928 |
22-Jun-2008 |
mtm |
Don't say we're going to mount filesystems of a certain type unless there actually are filesystems of that type to mount.
|
179927 |
22-Jun-2008 |
mtm |
Don't say we're going to [start|stop] local packages unless there actually are local (pre rc.d) scripts to run.
|
179872 |
19-Jun-2008 |
mtm |
Make quota knob conform to other rc(8) knobs. Keep older knob for compatibility.
Requested by: Volker <volker@vwsoft.com>
|
179566 |
05-Jun-2008 |
brooks |
Fix the wait for default route change I made a few weeks ago by creating a new defaultroute script that just does the wait. The previous attempt created a circular dependency through network_ipv6.
Pointy hat to: brooks
|
179315 |
26-May-2008 |
bz |
Remove ISDN4BSD (I4B) from HEAD as it is not MPSAFE and parts relied on the now removed NET_NEEDS_GIANT. Most of I4B has been disconnected from the build since July 2007 in HEAD/RELENG_7.
This is what was removed: - configuration in /etc/isdn - examples - man pages - kernel configuration - sys/i4b (drivers, layers, include files) - user space tools - i4b support from ppp - further documentation
Discussed with: rwatson, re
|
179079 |
18-May-2008 |
brooks |
Move the wait for a default route to rc.d/routing. Once we test for non-dhcp interfaces to negotiate/associate this will make more sense.
This also correctly gets run after both devd and netif are run so it has a chance of working.
|
179003 |
15-May-2008 |
brooks |
Change the default value of synchronous_dhclient to NO.
To preserve the existing behavior of etc/rc.d/netif, add code to wait up to if_up_delay seconds (30 seconds by default) for a default route to be configured if there are any dhcp interfaces. This should be extended to test that the interface is actually up.
X-MFC after:
|
178967 |
12-May-2008 |
flz |
Don't require a configuration file. Ntpd will be perfectly happy if there's none or if the file doesn't exist (there's no ntp.conf in the base install).
PR: conf/119592 Submitted by: Renaud Waldura <renaud+freebsd@waldura.org> MFC after: 1 week
|
178809 |
06-May-2008 |
mtm |
Specify the full path to the md5(1) binary so the script will still work even if it's not in the shell's path.
PR: conf/122215 MFC after: 1 week
|
178423 |
22-Apr-2008 |
ru |
Make it possible to disable sources of entropy harvesting.
Noticed by: Igor Sysoev MFC after: 3 days
|
178356 |
20-Apr-2008 |
sam |
rc support for vaps
|
178233 |
15-Apr-2008 |
brooks |
Add very limited support for the isc-dhclient. It will almostly certaintly only work if there's just one interface doing dhcp. This version implements the same logic as the version in the PR, but uses pgrep to be less verbose.
PR: conf/95905 MFC after: 1 week
|
178056 |
10-Apr-2008 |
brooks |
Declare _ppp_profile_cleaned, _punct, and _punct_c local in ppp_start_profile().
Reported by: yar MFC after: 1 week
|
178023 |
08-Apr-2008 |
emax |
Add rfcomm_pppd_server rc script to allow start rfcomm_pppd(8) in server mode at boot time. Multiple profiles can be started at the same time. The whole idea is very similar to the ppp rc script.
Document Bluetooth knobs in rc.conf(5)
MFC after: 1 week
|
178022 |
08-Apr-2008 |
sam |
o add rc.conf knobs to set the wpa_supplicant program, logging flags, and config file o change default logging options from -q to -s (log to syslog); this is currently broken for boot-time startup as syslogd is started too late but that'll be dealt with separately
MFC after: 2 weeks
|
178021 |
08-Apr-2008 |
sam |
add support wired interfaces
MFC after: 2 weeks
|
178018 |
08-Apr-2008 |
sam |
spell pidfile correctly so multiple wpa_supplicant processes can be run
MFC after: 1 week
|
177959 |
06-Apr-2008 |
brooks |
Fix a stupid typo.
Reviewed by: bz
|
177866 |
02-Apr-2008 |
dougb |
Back out revision 1.6, the addition of "BEFORE: mountcritremote".
mountcritremote REQUIREs FILESYSTEMS, and that script REQUIREs zfs, so this change is a noop. By removing it we make life a little easier both for rcorder(8) and for debugging down the road.
Approved by: 2 weeks of silence from pjd
|
177683 |
28-Mar-2008 |
brooks |
Add support for hardwiring ppp sessions to particular devices with new per-profile variables of the form ppp_<profile>_unit. No ppp_unit variable is supported since tying the same unit to more than one profile won't work.
PR: conf/122127 MFC after: 1 week
|
177649 |
26-Mar-2008 |
brooks |
Allow the characters .-+/ to appear in ppp profile names by folding them to _ when evaluating ppp_<profile>_nat and ppp_<profile>_mode. Document the per-profile variables.
PR: conf/121452, conf/122127 (partial) MFC after: 1 week
|
177390 |
19-Mar-2008 |
pjd |
Be sure to run rc.d/zfs before mountcritremote. This way we can for example configure devfs rules in /etc/devfs.conf for ZVOLs.
Submitted by: Yarema <yds@CoolRat.org>
|
177062 |
11-Mar-2008 |
delphij |
Do nextboot -D twice during boot. The first time in rc.d/root which ensures that we can remove the file as early as possible, but shut up nextboot at this moment if the operation is failed, because /boot is not necessarily a part of /; the newly added second run is placed in rc.d/mountlate after all filesystems were mounted.
Discussed at: -rc@ Suggestions from: brooks, mtm MFC after: 1 month
|
177061 |
11-Mar-2008 |
delphij |
root
|
176873 |
06-Mar-2008 |
mtm |
The check for errors from the mount command did not work as intended because another command (echo) is executed between the mount command and the check.
Reported by: Sergey Baturov <sergey@toor.org.ru> MFC after: 2 weeks
|
176835 |
05-Mar-2008 |
brooks |
Use the new command file feature of ddb(8) to support setting ddb(4) scripts at boot. This is currently disabled by default. /etc/ddb.conf contains some potentially reasonable default scripts.
PR: conf/119995 Submitted by: Scot Hetzel <swhetzel at gmail dot com> (Earlier version) X-MFC after: textdumps
|
175879 |
01-Feb-2008 |
brooks |
When the state of the interface changes rapidly enough (usually due to rapid wireless association changes in my experience), there is a race where dhclient is in the process of exiting due to the link going down when the link coming up causes devd to try and start a new one. This results is the link being up, but no dhclient running.
Work around this race by checking a second time after a one second delay before refusing to start a dhclient instance due to one already being running.
MFC after: 1 week
|
175722 |
27-Jan-2008 |
mtm |
Add a dummynet_enable knob to go with firewall_enable. If this knob is enabled dummynet(4) is added to the list of required modules.
Discussed on: #freebsd-bugbusters (rwatson, trhodes) PR: conf/79196 MFC after: 1 week
|
175686 |
26-Jan-2008 |
mtm |
Generally, anything that runs rc.d scripts internally should start using the quiet prefix (i.e. quietstart, quietstop, etc...).
|
175676 |
26-Jan-2008 |
mtm |
Re-implement: do not silently fail when a command is not carried out because the rc.conf(5) variable was not enabled. Display a message that the command wasn't run and offer suggestions on what the user can do.
Implement a quiet prefix, which will disable some diagnostics. The fast prefix also implies quiet. During boot we use either fast or quiet. For shutdown we already use 'faststop'. So, this informational message should only appear during interactive use.
An additional benefit of having a quiet prefix is that we can start putting some of our diagnostic messages behind this knob and start "de-cluttering" the console during boot and shutdown.
|
175656 |
25-Jan-2008 |
mtm |
Rev. 1.6 made it impossible to use rc.d/kerberos with the krb5 port. Re-implement the change so that the script once again works with the krb5 port.
Submitted by: kensmith (slightly modified) MFC after: 3 days
|
175618 |
24-Jan-2008 |
ru |
Shorter equivalent of the command.
|
175293 |
13-Jan-2008 |
simon |
Add warning about this script dealing with untrusted data.
MFC after: 1 week
|
174567 |
13-Dec-2007 |
jhb |
Only pass paths to directories or config files that exist for ldconfig for 32-bit binaries.
MFC after: 3 days
|
174464 |
08-Dec-2007 |
dougb |
Add an empty stop_cmd to the remaining scripts that don't start daemons and don't already have one.
|
174461 |
08-Dec-2007 |
dougb |
Remove a meaningless KEYWORD
|
174459 |
08-Dec-2007 |
dougb |
Remove the bootconf.sh script. It was never used on FreeBSD, and was removed from the Makefile in version 1.5 (2002/09/02) but never GC'ed.
|
174458 |
08-Dec-2007 |
dougb |
Remove spurious # marks to be more consistent with existing style.
|
174457 |
08-Dec-2007 |
dougb |
Remove empty REQUIRE line
|
174438 |
08-Dec-2007 |
dougb |
Remove $NetBSD$ CVS tags. We no longer attempt to synch our rc.d files with theirs, so this information doesn't need to be in the live file. Having it in our CVS history is enough.
|
173616 |
14-Nov-2007 |
brix |
Add reload functionality.
PR: conf/116659 Approved by: sam, erwin (mentor)
|
172983 |
25-Oct-2007 |
mtm |
Nuke rc.d/nfslocking which has been superceeded by rc.d/{lockd,statd}
|
172977 |
25-Oct-2007 |
mtm |
Remove unnecessary whitespace
|
172877 |
22-Oct-2007 |
dougb |
1. Determine the location of the rndc* binaries relative to $command so that when using named from the ports (or elsewhere) the proper rndc* commands will be run.
2. Rework the stop routine using ideas from brooks and delphij. Specifically I am duplicating a lot of code from rc.subr's stop routine so that this one will behave more like the one in rc.subr, but use rndc to kill the daemon (or regular kill if that fails). This also avoids the problems related to using killall if rndc fails, which is bad if you're running more than one named on the same box.
3. Take a concept from gshapiro and allow the rndc.key file to be owned by root OR the named_uid user.
Although I used different solutions, this commit handles issues raised in: PR: conf/73929 PR: conf/103976 PR: conf/109409
|
172822 |
19-Oct-2007 |
mtm |
The amd_map_program knob can potentially contain a command whose output is then used as an argument to the amd program. This outpu may contain newlines, but the script did not take care to strip those newlines before apending it to rc_flags. Revision 1.72 of rc.subr(8) introduced changes that exposed this problem (specifically putting the final eval'ed command in quotes).[1]
Also, for correctness' sake, shell directives appended to the command-line by the script should go into command_args, and not appended directly to rc_flags.
Reported by: John E Hein <jhein@timing.com> [1] Tested by: John E Hein <jhein@timing.com> MFC after: 1 week
|
172796 |
19-Oct-2007 |
mtm |
Partial backout of rev. 1.6, but instead of putting kerberos5_server_flags back in command_args, put it where rc.subr(8) expects it: kerberos5_flags.
|
172761 |
18-Oct-2007 |
emax |
Teach /etc/rc.d/ppp how to start/stop individual instances of ppp. This is an extension of previous commit.
Submitted by: Yuri Kurenkov < y dot kurenkov at init dot ru > Reviewed by: mtm MFC after: 3 days
|
172674 |
15-Oct-2007 |
netchild |
Backout sensors framework.
Requested by: phk Discussed on: cvs-all
|
172631 |
14-Oct-2007 |
netchild |
Import OpenBSD's sysctl hardware sensors framework.
This commit includes the following core components:
* sample configuration file for sensorsd * rc(8) script and glue code for sensorsd(8) * sysctl(3) doc fixes for CTL_HW tree * sysctl(3) documentation for hardware sensors * sysctl(8) documentation for hardware sensors * support for the sensor structure for sysctl(8) * rc.conf(5) documentation for starting sensorsd(8) * sensor_attach(9) et al documentation * /sys/kern/kern_sensors.c o sensor_attach(9) API for drivers to register ksensors o sensor_task_register(9) API for the update task o sysctl(3) glue code o hw.sensors shadow tree for sysctl(8) internal magic * <sys/sensors.h> * HW_SENSORS definition for <sys/sysctl.h> * sensors display for systat(1), including documentation * sensorsd(8) and all applicable documentation
The userland part of the framework is entirely source-code compatible with OpenBSD 4.1, 4.2 and -current as of today.
All sensor readings can be viewed with `sysctl hw.sensors`, monitored in semi-realtime with `systat -sensors` and also logged with `sensorsd`.
Submitted by: Constantine A. Murenin <cnst@FreeBSD.org> Sponsored by: Google Summer of Code 2007 (GSoC2007/cnst-sensors) Mentored by: syrinx Tested by: many OKed by: kensmith Obtained from: OpenBSD (parts)
|
172586 |
12-Oct-2007 |
emax |
Teach /etc/rc.d/ppp to start multiple instances of ppp.
ppp_profile variable can now contain multiple profiles. Overrides for ppp mode and nat can go into ppp_$profile_mode and ppp_$profile_nat variables respectively. If those are not specified, defaults from ppp_mode and ppp_nat are used.
Submitted by: Yuri Kurenkov < y dot kurenkov at init dot ru > Reviewed by: mtm MFC after: 1 week
|
172488 |
09-Oct-2007 |
dougb |
Deprecate use of the early.sh script as advertised when the support for local rc.d scripts in the overall boot order was added.
Proper rc.d scripts are run by rc.subr in a subshell, whereas scripts that end in .sh are sourced into rc's shell. The latter has potential to create serious boot problems, and there is no reason that the same functionality cannot be added by the user in the form of a proper rc.d script (as opposed to being added by the user in the form of /etc/rc.early).
This script will be removed prior to the 8.0 branch.
Approved by: re (kensmith)
|
172413 |
02-Oct-2007 |
bushman |
Removing obsolete cached files after cached->nscd renaming.
Approved by: re (kensmith), brooks (mentor)
|
172377 |
28-Sep-2007 |
bushman |
Finishing renaming of cached into nscd. etc/rc.d and usr.sbin/Makefile updated. Note added to UPDATING.
Approved by: re (kensmith, bmah), brooks (mentor)
|
172080 |
07-Sep-2007 |
mlaier |
Add the startup script for ftp-proxy(8) to the Makefile as well.
Approved by: re (bmah - implicit) Reminded by: mtm
|
172070 |
06-Sep-2007 |
mlaier |
Add a startup script for ftp-proxy(8) now that it is no longer started as part of inetd(8).
Approved by: re (bmah) Reviewed by: freebsd-rc (a while back) Reminded by: kevlo
|
172040 |
03-Sep-2007 |
mtm |
Start lockd after statd.
Approved by: re (bmah) Noticed by: Ted Faber <faber@ISI.EDU>
|
171956 |
25-Aug-2007 |
matteo |
sleep 2 seconds after having loaded g_uzip.ko. We need this because otherwise the /dev/mdX.uzip won't be created immediately, which is needed because we issue a mount right afterwards.
Approved by: re@ (bmah@) MFC after: 2 days
|
171881 |
18-Aug-2007 |
mtm |
My forced commit to note the repo-copy (naturally) changed the $FreeBSD$ keyword line, so that when I applied the patch to my check-in tree the top half of my patch failed to apply. Off course I saw what I *expected* to see (the bottom half succeeded) and didn't notice that it had failed to apply cleanly.
Approved by: re (bmah)
|
171871 |
17-Aug-2007 |
mtm |
The rc.d/nfslocking file controls two servers: rpc.statd and rpc.lockd. It worked well in most cases, except one. The 'restart' case was not working as expected. Specifically, it would stop both lockd and statd, but it would restart only statd (which appears first in the script). This is because rc.subr(8) contains code to guard against infinite recursion in the 'restart' casae.
To fix this use the traditional approach of controlling only one server from one script by breaking out rc.d/nfslocking into its contituent parts: rc.d/lockd and rc.d/statd. Keep rc.d/nfslocking around but don't include it in the boot rcorder(8)ing.
PR: conf/107316 Approved by: re (bmah) MFC after: 2 weeks
|
171795 |
09-Aug-2007 |
bushman |
- Renaming repocopied cached to nscd
Approved by: re (kensmith), brooks (mentor)
|
171590 |
25-Jul-2007 |
jhb |
Require 'cleanvar' so that files and sockets created in /var/run by wpa_supplicant and other programs started by 'netif' don't get erased by a subsequent 'cleanvar'.
Approved by: re (bmah) Reviewed by: dougb MFC after: 1 week
|
170618 |
12-Jun-2007 |
gshapiro |
Add a new rc.conf variable, sendmail_rebuild_aliases, which tells /etc/rc.d/sendmail whether or not to run newaliases if the database is missing or the aliases text file is newer than aliases.db.
In my opinion, the aliases file should never be automatically rebuilt. The current text form could represent a work in progress. Therefore, in FreeBSD 7.0, this new option will default to "NO". When this rc.d change is MFC'ed, it will need to remain "YES" to maintain backward compatibility.
PR: conf/86252 Approved by: re (kensmith) MFC after: 3 days
|
170199 |
02-Jun-2007 |
dougb |
Finish making resolv ordering deterministic by REQUIRE'ing it here.
|
170198 |
02-Jun-2007 |
dougb |
Add REQUIRE netif to make ordering more deterministic, and to make sure we have a fighting chance of having useful stuff from DHCP.
Tighten up the code a little, and fix whitespace issues.
|
169925 |
24-May-2007 |
rse |
Fix indentation.
|
169924 |
24-May-2007 |
rse |
Remove two superfluous trailing semicolons.
|
169923 |
24-May-2007 |
rse |
Remove two unnecessary and useless sub-shell constructs.
|
169868 |
22-May-2007 |
rse |
backout filter of Nil UUID as the boot loader code already filters out Nil UUIDs (see src/sys/boot/i386/libi386/smbios.c:smbios_setuuid for details)
|
169860 |
22-May-2007 |
rse |
Remove the ugly csh(1) based UUID lower-case translation hack from /etc/rc.d/hostid now that we switched the origin of the UUID (variable smbios.system.uuid as provided by the i386 BIOS code) to already provide a standard conforming lower-case UUID text representation.
|
169826 |
21-May-2007 |
rse |
Cleanup style by consistently using braces around variable expansion and apply an addition from Andrew Thompson <thompsa> for filtering out the special "Nil" UUID (all zeros) which would be a useless host UUID.
|
169824 |
21-May-2007 |
rse |
Adjust UUID lower-case translation from straight-forward tr(1) usage to an equivalent csh(1) usage as tr(1) stays in /usr/bin and /etc/rc.d/hostid has just the root filesystem (and this way mainly the tools in /bin) available.
I've chosen csh(1) here as the string manipulation tools available in /bin is extremely limited and the (only) alternative ed(1) usage would have been a lot more complicated or even might require a temporary file.
|
169818 |
21-May-2007 |
rse |
The standardized textual representation of UUIDs according to RFC 4122 and ISO/IEC-9834-8:2005 is with LOWER-CASE hexadecimal characters only, so translate the (usually upper-case and this way not conforming) representation of the BIOS UUID when reading it. Also be more strict about the valid characters in the textual representation by checking for just the hexadecimal characters.
|
169668 |
18-May-2007 |
mtm |
o Implement the stop_boot subroutine [1]. This subroutine can be used by scripts in rc.d to stop rc(8) from booting into multi-user mode when a critical or severe error condition is encountered.
o Modify scripts in etc/rc.d that already implemented this functionality independently.
o Document it.
[1] - This subroutine was implemented in FreeBSD in rc.d/fsck. I moved it to rc.subr(8). Our version differs slightly in that it takes an optional argument to stop the boot even if "autoboot" is not set.
Obtained from: NetBSD MFC after: 2 weeks
|
169654 |
17-May-2007 |
mtm |
o Use the --detach option to kdc(8) instead of using the shell background operator '&'.
PR: conf/102722
o No need to include $kerberos5_server_flags in $command_args as rc.subr(8) will take care of this.
|
169653 |
17-May-2007 |
mtm |
The precmd routine does not need to check whether the command should be "forced". If some pre-condition is not met, it should fail as it normally does and rc.subr(8) will make the appropriate decision. Incidentally, the previous behaviour had a bug where the "force" flag was respected only when checking rc.conf(5) knobs. The flag was ignored when verifying the rpcbind(8) dependency.
MFC after: 2 weeks
|
169217 |
02-May-2007 |
mtm |
Move options that do not have anything to do with routing out of rc.d/routing and in to rc.d/netoptions. Also instead of saying "TCP options" say "IP options".
|
169215 |
02-May-2007 |
mtm |
When rc.d/NETWORKING included this script in its REQUIRE line, a circular dependency was introduced because this script had rc.d/localpkg (which is *after* rc.d/NETWORKING) in its REQUIRE line.
From an examination of its contents it seems that only the availability of a local filesystem is necessary for this script to function properly.
|
168956 |
22-Apr-2007 |
pjd |
When zfs dataset has jailed=on property, it won't be mounted with 'zfs mount -a' from the main system - this is by design, as mountpoint may be set to dangerous value. This all means, that such file system has to be mounted from within a jail. To make it easier, reorganize rc.d/zfs script so it can be used from within a jail.
|
168766 |
15-Apr-2007 |
pjd |
When org.freebsd:swap property is set to 'on' on a ZVOL, use is as a swap device.
Discussed with: des
|
168695 |
13-Apr-2007 |
des |
Remove the shutdown keyword. It just adds noise to the shutdown process.
|
168686 |
13-Apr-2007 |
pjd |
- Create an empty /etc/zfs/exports file when zfs_enable="YES" and we don't NFS-share anything. This way we can safely start mountd with /etc/zfs/exports and mountd won't complain.
Pointed out by: ceri
- Move 'zfs volinit' before 'zfs mount -a' and 'zfs volfini' after 'zfs unmount -a'.
|
168685 |
13-Apr-2007 |
pjd |
mountd(8) was changed to only abort when all given exports files cannot be open, so we not longer has to check if /etc/zfs/exports exists.
|
168681 |
13-Apr-2007 |
mtm |
o Look for a zfs(1) exports file only if it exists and is readable. If we don't do this and the file doesn't exist mountd(8) will abort. o The mountd(8) daemon creates a pidfile, so use it.
|
168607 |
11-Apr-2007 |
pjd |
If available, take UUID from smbios.system.uuid, if not fall back to software-generated UUID. Store the result in /etc/hostid and use it in the future. Perform simple UUID format check, as there is a lot of hardware with broken UUIDs. The check should be improved to also eliminate fake UUIDs like 00000000-0000-0000-0000-000000000000.
Requested by: many
|
168593 |
10-Apr-2007 |
keramida |
Add a pfsync_syncpeer option to /etc/defaults/rc.conf and rc.conf(5), which can be used to turn off multicast pfsync support, and enable the transmission of directed PFSYNC (IP protocol: 240) packets to a specific "sync peer" host.
PR: conf/111225 Submitted by: Bas van Beek <bas@tobin.nl> Approved by: mtm, mlaier MFC after: 2 weeks
|
168546 |
09-Apr-2007 |
pjd |
Add rc.d/hostid script (turned on by default) which on first boot generates UUID and stores it in /etc/hostid ($hostid_file) as well as sets kern.hostuuid and kern.hostid sysctls on every boot.
Hostid can be reset using '/etc/rc.d/hostid reset' command.
Hostid generation and setting can be turned off by setting variable hostid_enable to "NO" in /etc/rc.conf.
Reviewed by: mlaier, rink, brooks, rwatson
|
168532 |
09-Apr-2007 |
des |
Apply "additional TCP options" earlier.
Requested by: andre@ MFC after: 1 week
|
168531 |
09-Apr-2007 |
des |
FILESYSTEMS requires root, so requiring both of them is redundant.
|
168530 |
09-Apr-2007 |
des |
Add zfs to REQUIRE.
|
168410 |
06-Apr-2007 |
pjd |
- Add ZFS startup script.
Submitted by: des
- When starting mountd(8) and ZFS is enabled, add /etc/zfs/exports file. - Update rc.conf(5).
|
168360 |
04-Apr-2007 |
matteo |
Add rpc_statd_flags and rpc_lockd_flags options to allow options to be passed to rpc.statd and rpc.lockd
MFC after: 1 week
|
168283 |
02-Apr-2007 |
des |
Add a dummy script, FILESYSTEMS, which depends on root and mountcritlocal and takes over mountcritlocal's role as the early / late divider. This makes it far easier to add rc scripts which need to run early, such as a startup script for zfs, which is right around the corner.
This change should be a no-op; I have verified that the only change in rcorder's output is the insertion of FILESYSTEMS immediately after mountcritlocal.
MFC after: 3 weeks
|
168272 |
02-Apr-2007 |
mtm |
Instead of directly sourcing the firewall script, run it in a separate shell. If the firewall script is sourced directly from the script, then any exit statements in it will also terminate the rc.d script prematurely.
PR: conf/78762 MFC-After: 2 weeks
|
168119 |
31-Mar-2007 |
mtm |
Make subroutine names more conformant with other scripts in rc.d.
MFC After: 2 weeks
|
168085 |
30-Mar-2007 |
mtm |
Record rc.d/nfslocking dependency on rc.d/rpcbind.
PR: conf/105465 Submitted By: ru (with minor cosmetic change) MFC-After: 1 month
|
168079 |
30-Mar-2007 |
mtm |
Some rc.d commands (such as stop|restart etc.) won't automagically work if we don't explicitly set the name of the executable program.
PR: conf/104408
|
167889 |
25-Mar-2007 |
brooks |
Use "-ne" instead of "!=" for integer comparison.
|
167881 |
25-Mar-2007 |
mtm |
Having gone to the trouble of setting up a variable, we should use it.
|
167495 |
12-Mar-2007 |
mux |
Make "/etc/rc.d/syscons start" correctly reload screensaver settings.
The code looks for all the loaded screensaver modules, tries to kldunload them, and only loads the new one if kldstat's output shows that there aren't any left. However, the regexp looking for modules to unload was still searching according to the the old naming scheme, splash_<name>.ko, instead of <name>_saver.ko.
MFC after: 3 days
|
167437 |
11-Mar-2007 |
brooks |
Allow background_fsck_delay to be set to a negative value which delays the background fsck indefinitely. This allows the administrator to run it at a convenient time. To support running it from cron, the forcestart argument now causes the fsck to start with no delay and all output to be suppressed.
|
167185 |
03-Mar-2007 |
njl |
Get rid of chatter for failed commands if the filesystem is read-only. Include /var/db/entropy-file in the reseeding if present. It is used for last-ditch efforts to save entropy and thus should also be used to seed the RNG when starting. Print a warning instead of an error if writing the file fails -- err() exits, preventing the umask from being restored. Also, since there's not much that can be done about it, notifying the user is all that's needed.
MFC after: 2 weeks
|
167181 |
02-Mar-2007 |
brooks |
Use get_if_var() to retrieve interface specific values of dhclient_flags and background_dhclient. This allows interfaces who's names are not valid parts of shell variables and shortens the code.
MFC after: 1 week
|
166740 |
15-Feb-2007 |
yar |
pkill(1) and pgrep(1) have been moved to /bin so that they are available to rc.d scripts early in the boot sequence.
|
166739 |
15-Feb-2007 |
yar |
Don't be paranoid about hostname(1) and order the things logically.
Pointed out by: ceri
|
166738 |
15-Feb-2007 |
yar |
Don't nag about unset $hostname if DHCP is in use.
Pointed out by: ceri
|
166620 |
10-Feb-2007 |
yar |
Handle the case when the admin forgot to set $hostname, which can happen in new installations: advise to set the variable and refer to rc.conf(5).
|
166583 |
09-Feb-2007 |
flz |
Add support for EtherChannel configuration to rc startup scripts.
Note: This also deprecates "NO" as a way to specify an empty list of interfaces for gif_interfaces.
PR: conf/104884 Submitted by: nork Harassed by: brd Discussed with: brooks, dougb
|
166121 |
20-Jan-2007 |
mpp |
Add the following knobs for quotas if they are enabled:
quotaon_flags - flags for the quotaon command quotaoff_flags - flags for the quotaoff command quotacheck_flags - flags for the quotacheck command
|
165942 |
11-Jan-2007 |
simon |
Fix jail rc.d script privilege escalation via symlink attack against /var/log/console.log and mount points.
Security: FreeBSD-SA-07:01.jail
|
165875 |
07-Jan-2007 |
njl |
Re-work Cx handling to be per-cpu and asymmetrical, fixing support on modern dual-core systems as well.
- Parse the _CST packages for each cpu and track all the states individually, on a per-cpu basis.
- Revert to generic FADT/P_BLK based Cx control if the _CST package is not present on all cpus. In that case, the new driver will still support per-cpu Cx state handling. The driver will determine the highest Cx level that can be supported by all the cpus and configure the available Cx state based on that.
- Fixed the case where multiple cpus in the system share the same registers for Cx state handling. To do that, added a new flag parameter to the acpi_PkgGas and acpi_bus_alloc_gas functions that enable the caller to add the RF_SHAREABLE flag. This flag could also be useful to other callers (acpi_throttle?) in the tree but this change is not yet made.
- For Core Duo cpus, both cores seems to be taken out of C3 state when any one of the cores need to transition out. This broke the short sleep detection logic. It is disabled now if there is more than one cpu in the system for now as it fixed it in my case. This quirk may need to be re-enabled later differently.
- Added support to control cx_lowest on a per-cpu basis. There is still a generic cx_lowest to enable changing cx_lowest for all cpus with a single sysctl and for ease of use. Sample output for the new sysctl:
dev.cpu.0.cx_supported: C1/1 C2/1 C3/57 dev.cpu.0.cx_lowest: C3 dev.cpu.0.cx_usage: 0.00% 43.16% 56.83% dev.cpu.1.cx_supported: C1/1 C2/1 C3/57 dev.cpu.1.cx_lowest: C3 dev.cpu.1.cx_usage: 0.00% 45.65% 54.34% hw.acpi.cpu.cx_lowest: C3
This work was done by Stephane E. Potvin with some simple reworking by myself. Thank you.
Submitted by: Stephane E. Potvin <sepotvin / videotron.ca> MFC after: 2 weeks
|
165731 |
02-Jan-2007 |
flz |
Jail_ip and jail_interface local variables were renamed to _ip and _interface in a previous commit to avoid namespace collisions, unfortunately I missed two of them. This leads to the ip alias being incorrectly removed in some cases when using the stop command.
Reported by: Philipp Wuensche <cryx-freebsd@h3q.com>
|
165683 |
31-Dec-2006 |
yar |
Use $required_modules wherever suitable. Use load_kld() in special cases. So we get rid of quite a few lines of duplicated code.
|
165682 |
31-Dec-2006 |
yar |
Fix a typo in a warning message.
|
165664 |
30-Dec-2006 |
yar |
Eliminate global symbols starting with an underscore from rc.d scripts, except for mdconfig* and jail. Such symbols are reserved for the rc.subr internals. Most scripts can be fixed by just declaring _foo symbols as local: few scripts actually need them to be global.
Discussed with: dougb in freebsd-rc
|
165637 |
29-Dec-2006 |
hrs |
Add "nojail" keyword to prevent spurious error messages.
Spotted by: Keve Nagy PR: conf/107083
|
165389 |
20-Dec-2006 |
yar |
Syscons cannot be stopped, so provide a no-op stop method. The default stop method from rc.subr isn't suited for this case and produces a bogus warning: "syscons not running".
Suggested by: matteo
|
165378 |
20-Dec-2006 |
yar |
Improve rc.d conformance: - don't play a needless trick with prestart, just use start method; - provide no-op stop method so that we don't get bogus "abi not running" error.
|
165001 |
08-Dec-2006 |
hrs |
Add a link-local address to the lo0 even when ipv6_enable="NO".
A kernel with INET6 always has ::1 on lo0, so in the case of ipv6_enable="NO" the lo0 can have ::1 with no link-local address. This is a violation of the IPv6 specification. As a workaround for this situation, fe80::1 is added in rc.d/auto_linklocal when lo0 has no link-local address. This should not be harmful for IPv4-only users.
|
164175 |
11-Nov-2006 |
ceri |
Ensure that the load of rules into the alternate ruleset worked before loading them into the live one too.
PR: conf/97311 Submitted by: David Bushong Reviewed by: silence on rc@ Approved by: ru (mentor) MFC after: 10 days
|
163696 |
26-Oct-2006 |
avatar |
Re-sync'ing pf rules in post command as we already did for ipfilter.
With this patch, pf rules with dynamically created devices such like tun0 works without further intervention.
Reviewed by: mlaier MFC after: 3 days
|
163609 |
22-Oct-2006 |
hrs |
Suppress a spurious warning message when a kernel without INET6 is used.
Spotted by: ru Reviewed by: ume MFC after: 3 days
|
163487 |
18-Oct-2006 |
flz |
Add 'reload' to the list of available commands for the amd rc.d script.
PR: conf/104507 Submitted by: Douglas K. Rand <rand@meridian-enviro.com> MFC after: 3 days
|
163427 |
16-Oct-2006 |
yar |
Improve cleartmp in a number of aspects:
+ Use rc.subr(8) features properly. + Do the whole job of obliterating /tmp contents in find(1). + Leave lost+found and quota.{user,group} in /tmp only if root-owned. + Make the overall structure clearer by first removing the X dirs (perhaps along with the rest of /tmp) and then re-creating them. + Use "find -exec rm -rf {} +" for efficiency: each rm instance gets a chance to kill as much files in /tmp as ARG_MAX permits.
PR: bin/104044 Submitted by: Andrey Simonenko <see PR for email> Hacked by: yar MFC after: 1 month
|
163378 |
15-Oct-2006 |
ceri |
RC script for idmapd(8), defaulting to off.
|
163306 |
13-Oct-2006 |
ume |
Revert the default value of net.inet6.ip6.auto_linklocal to 1. If ipv6_enable is not set to "YES", net.inet6.ip6.auto_linklocal is turned to 0 at boot.
Discussed with: re@, gnn@ MFC after: 3 days
|
163083 |
07-Oct-2006 |
ume |
Restore the behavior that net.inet6.ip6.auto_linklocal=0 could be coexist with ipv6_enable="YES".
MFC after: 3 days
|
163063 |
06-Oct-2006 |
flz |
Introduce mixer_enable (default: YES).
PR: conf/101268 Submitted by: Eugene Grosbein <eugen@grosbein.pp.ru> Approved by: cperciva (mentor) X-MFC after: 6.2-RELEASE Sponsored by: FreeBSD Test-Bugathon
|
162972 |
02-Oct-2006 |
brooks |
Pull in /etc/rc.conf.d/network so that ifconfig_<if> variables can be set there. This is required for consistency with /etc/rc.d/netif.
PR: conf/103893 Submitted by: Nick Hibma <nick at anywi.com> MFC after: 3 days
|
162794 |
29-Sep-2006 |
bms |
Push removal of mrouted down to the rest of the tree.
|
162605 |
24-Sep-2006 |
rwatson |
Sleep for one second after calling audit -t to give the audit daemon a chance to actually terminate the audit service and exit. Otherwise, on an rc.d/auditd restart, the new audit daemon instance may try to start auditing while the previous session is still running. Likewise, this ensures a chance for auditd to terminate the audit trail at system shutdown.
Perhaps more ideally, the script would wait synchronously for auditd to exit rather than for an arbitrary but short period of time.
MFC after: 3 days Obtained from: TrustedBSD Project
|
162522 |
21-Sep-2006 |
brooks |
network_ipv6 also does some interface configuration so require it to run before starting devd so they don't trip over each other.
PR: conf/103428
|
162131 |
07-Sep-2006 |
emax |
Add bthidd(8) rc(8) script
MFC after: 1 month
|
161667 |
27-Aug-2006 |
cperciva |
When stopping powerd, set the CPU frequency back to its maximum value (i.e., what it was almost certainly at before powerd was started).
Submitted by: R.B. Riddick MFC after: 3 days
|
161532 |
22-Aug-2006 |
flz |
- Add ypserv to the REQUIRE list.
Reported by: David Thompson <dat1965@yahoo.com> Discussed on: -rc (brooks) Approved by: cperciva (mentor, implicit) MFC after: 3 days
|
161530 |
22-Aug-2006 |
flz |
Backout this commit since it breaks startup and some scripts in certain conditions. I haven't been able to find a better solution yet:
- Set a two read-only variables (${prefix} and ${etcdir}). This is especially useful when using /etc/rc.d scripts with third-party software installed from ports. - Fix rc.d/sshd to work with openssh from ports using ${etcdir} instead of hardcoded /etc. - Reflect prefix/etcdir changes in rc.subr.8.
src/etc/rc.d/sshd: rev 1.9 -> 1.10 src/etc/rc.subr: rev 1.51 -> 1.52 src/share/man/man8/rc.subr.8: rev 1.11 -> 1.12
Approved by: cperciva (mentor)
|
161529 |
22-Aug-2006 |
flz |
- Remove ramdisk rc.d scripts since they've been replaced by mdconfig{,2}. - Update ObsoleteFiles.inc.
Approved by: cperciva (mentor)
|
161415 |
17-Aug-2006 |
brian |
Add a missing quote
Spotted by: ru
|
161410 |
17-Aug-2006 |
brian |
Add a -p switch to dhclient. The switch tells dhclient to persist despite the interface link status.
Add dhclient_flags_iface and background_dhclient_iface rc.conf options. (where iface is a specific interface). These can be used to give interface specific flags to dhclient.
Reviewed by: brooks@
|
160975 |
04-Aug-2006 |
des |
Forgot to add mountlate to the Makefile.
|
160835 |
30-Jul-2006 |
mckay |
This script should probably have an enabling variable since it can produce surprising results. For now, at least make it safe to boot the default kernel when /boot/kernel is already a symlink.
|
160672 |
25-Jul-2006 |
yar |
De-uglify messages from the ipfw script.
|
160671 |
25-Jul-2006 |
yar |
Use more rc.subr(8) features. Skip useless work when ${natd_interface} is unset. Double quote user-supplied vars unless there is a reason not to.
|
160669 |
25-Jul-2006 |
pjd |
Don't load geom_md.ko if there is no need to.
|
160547 |
21-Jul-2006 |
yar |
Since Alpha support isn't in HEAD anymore, remove Alpha-specific rc.conf(5) knobs, too: osf1_enable, unaligned_print.
|
160524 |
20-Jul-2006 |
flz |
- Remove hardcoded /etc/ntp.conf configuration file from ntpdate rc.d script and replace it with a new ntpdate_config variable. - Document it in defaults/rc.conf and rc.conf.5. - Document ntpdate_hosts in defaults/rc.conf.
Requested by: Chris Timmons <cwt@networks.cwu.edu> Approved by: cperciva (mentor, implicit) MFC after: 1 week
|
160303 |
12-Jul-2006 |
des |
Teach mount(8) about a 'late' keyword, which means the file system should not be mounted unless the -l flag was specified.
Add an rc script, mountlate, which basically runs 'mount -a -l'. It runs after DAEMON but before LOGIN.
This is useful for things like loopback mounts, because mountcritremote runs before mountd / nfsd (since /usr might be a remote file system), so an attempt to mount a loopback network file system in mountcritremote will fail.
Also add a progress message to mountcritlocal, for the sake of symmetry with similar messages in mountcritremote and mountlate.
Reviewed by: freebsd-rc MFC after: 3 weeks
|
160197 |
09-Jul-2006 |
stefanf |
Fix spelling in a comment.
|
159833 |
21-Jun-2006 |
flz |
Since INSTALLS_SHLIB has been superseded by USE_LDCONFIG in bsd.port.mk, I expect to see quite a few files appearing in libdata/ldconfig directories. This change avoids the screen to be filled with the names of those ldconfig files and replace them by the actual non-default directories they contain. Most of them will be ${PREFIX}/lib so, 'sort -u' will help reducing the output.
Approved by: cperciva (implicit) MFC after: 1 week
|
159830 |
21-Jun-2006 |
yar |
Set an example of using load_kld() from rc.subr.
|
159351 |
06-Jun-2006 |
trhodes |
Sync to p4:
o Add shutdown KEYWORD; o Remove PID check; o Stop auditd with '-t' o General cleanup.
|
159348 |
06-Jun-2006 |
ume |
`flush' is appropriate than `reload'.
Requested by: ceri
|
159339 |
06-Jun-2006 |
ume |
Add `reload' which invalidates the cache for every user.
|
159243 |
05-Jun-2006 |
obrien |
Use an option form better matching the manual.
|
159138 |
01-Jun-2006 |
thompsa |
Add rc.d/bridge which is invoked when a new interface arrives and can automaticly add it to an Ethernet bridge. This is intended for applications such as qemu, vmware, openvpn, ... which open tap interfaces and need them bridged with the hosts network adapter, the user can set up a glob for interfaces to be automatically added (eg tap*).
|
159126 |
01-Jun-2006 |
thompsa |
Announce all interfaces to devd on attach/detach. This adds a new devctl notification so all interfaces including pseudo are reported. When netif creates the clones at startup devctl_disable has not been turned off yet so the interfaces will not be initialised twice, enforce this by adding an explicit order between rc.d/netif and rc.d/devd.
This change allows actions to taken in userland when an interface is cloned and the pseudo interface will be automatically configured if a ifconfig_<int>="" line exists in rc.conf.
Reviewed by: brooks No objections on: net
|
159072 |
30-May-2006 |
matteo |
Add jail_<jname>_exec_afterstart<N> rc.conf variable, where <N> is 1,2 and so on. It specifies the command to be run as Nth after jail startup.
sh(1)-fu by: Dario Freni PR: conf/97697 MFC after: 2 weeks Reviewed by: ru@ (man page)
|
159071 |
30-May-2006 |
matteo |
style(9)
|
158876 |
24-May-2006 |
glebius |
Quote the parameter to sysctl(1), allowing to use whitespaces in sysctl values.
PR: conf/96509 Submitted by: Gregory Bond <gnb itga.com.au>
|
158723 |
18-May-2006 |
flz |
Remove the require_kld function I just committed and replace with a nicer solution.
Reported by: pjd Approved by: cperciva
|
158722 |
18-May-2006 |
flz |
Add two new scripts (mdconfig/mdconfig2) to replace old ramdisk{,-own} scripts. These scripts handle vnode backed md(4) devices.
Old ramdisk{,-own} scripts will stay a bit in CVS to allow some time for migration since variable names have changed (ramdisk_* -> mdconfig_*).
Two new variables have been introduced to be able to populate the md(4) device once it has been mounted (mdconfig_*_files and mdconfig_*_cmd).
Use should be as easy as:
mdconfig_md0="-t malloc -s 10m" mdconfig_md1="-t vnode -f /var/foo.img"
See rc.conf(5) for more information and description of the additional variables.
Approved by: cperciva
|
158692 |
17-May-2006 |
matteo |
Correctly set moused_$2_enable when moused_nondefault_enable is set to NO
PR: conf/92654 MFC after: 3
|
158687 |
17-May-2006 |
phk |
Send the pcvt(4) driver off to retirement.
|
158497 |
12-May-2006 |
mlaier |
Move etc/rc.firewall6 to ipfw2+v6, update related rc.d and periodic scripts. Since ipfw2 now does dual-stack, statistics for IPv6 come from the ipfw scripts as well.
|
158431 |
11-May-2006 |
flz |
- Change the "jail_" prefix for internal script variables. This fixes an issue where some global jail_* variables were overriden in the script. [1] - Change "jid" to "jname" in rc.conf(5), since it's more a jail name than a jail id. [1] - Update examples and comments in defaults/rc.conf to advertise new variables and the fact that some of the jail-specific variables may be made jail-global. [2]
Reported by: pjd [1], clsung [2] Approved by: cperciva X-MFC after: i got sufficient testing from people using rc.d/jail
|
158429 |
11-May-2006 |
matteo |
if we fail to start a jail and jail_foobar_*fs_enable or jail_foobar_mount_enable were set, umount those filesystem before exiting. If we set up an alias for jail's IP, remove that alias before exiting.
MFC after: 2 weeks
|
158379 |
09-May-2006 |
matteo |
if a jail fails to start, don't add its jid to /var/run and print a message with the error.
PR: conf/97024 MFC after: 1 week
|
158363 |
08-May-2006 |
flz |
- Fix quoting.
Reported by: Dirk Engling <erdgeist@erdgeist.org> Pointyhat to: self
|
158352 |
07-May-2006 |
flz |
- Check for some mandatory variables.
Approved by: cperciva (mentor) MFC after: 1 week
|
158266 |
03-May-2006 |
ume |
Install /etc/nsswitch.conf statically rather than generating it at boot. Autogeneration of nsswitch.conf doesn't makes sense in 7.0 since it's not permitted to upgrade from a pre-nss release without passing through an intermediate release.
Suggested by: brooks
|
158211 |
01-May-2006 |
des |
Update host.conf every time nsswitch.conf changes, instead of just creating it if it does not exist.
Submitted by: Rostislav Krasny <rosti.bsd@gmail.com> MFC after: 2 weeks
|
158141 |
29-Apr-2006 |
ume |
Oops, services should be compat by default for backward compatibility.
|
158139 |
29-Apr-2006 |
ume |
Add newly supported databases such as services, protocols and rpc into generated nsswitch.conf.
|
158115 |
28-Apr-2006 |
ume |
- Extend the nsswitch to support Services, Protocols and Rpc databases. - Make nsswitch support caching.
Submitted by: Michael Bushkov <bushman__at__rsu.ru> Sponsored by: Google Summer of Code 2005
|
157902 |
20-Apr-2006 |
delphij |
After some discussion we believe that having SERVERS to REQUIRE: ldconfig would provide necessary protection for named as well, so remove the dependency here.
Approved by: flz
|
157859 |
19-Apr-2006 |
delphij |
Make ldconfig as SERVER dependency. This makes it possible for some early starting services from the ports collection to have their shared objects available before start.
Reviewed by: freebsd-rc (dougb, brooks) MFC After: 3 days
|
157840 |
18-Apr-2006 |
flz |
- Add new ntpd_config variable so that people can override it in rc.conf. - Add default value in /etc/defaults/rc.conf. - Add documentation bits to rc.conf(5).
Approved by: cperciva (mentor) MFC after: 1 week
|
157834 |
18-Apr-2006 |
flz |
Add ldconfig to the list of requirements for named, needed to use bind from ports. The effect is that ldconfig is now started right after mountcritremote. Everything else is left unchanged.
PR: conf/68916 Submitted by: JD Bronson <jd@aurora.org> Approved by: cperciva (mentor) MFC after: 1 week
|
157682 |
12-Apr-2006 |
ume |
Remove an inappropriate comment which is put into generated host.conf. Someone may want to edit it later.
Requested by: Rostislav Krasny <rosti.bsd__at__gmail.com>
|
157655 |
11-Apr-2006 |
flz |
- Fix rc.d/sshd test on kern.random.sys.seeded.
PR: conf/94377 Submitted by: dwhite Approved by: cperciva (mentor) MFC after: 1 week
|
157654 |
11-Apr-2006 |
flz |
- Fix amd startup when amd is installed from ports. - Add the according amd_program default value in defaults.
PR: conf/82738 Submitted by: TAOKA Fumiyoshi <fmysh@iijmio-mail.jp> Approved by: cperciva (mentor) MFC after: 3 days
|
157653 |
11-Apr-2006 |
flz |
- Set a two read-only variables (${prefix} and ${etcdir}). This is especially useful when using /etc/rc.d scripts with third-party software installed from ports. - Fix rc.d/sshd to work with openssh from ports using ${etcdir} instead of hardcoded /etc.
Reviewed by: brooks Approved by: cperciva (mentor) MFC after: 1 week
|
157590 |
08-Apr-2006 |
flz |
- Add following global jail options, used if no jail-specific options are set: * jail_mount_enable * jail_devfs_ruleset * jail_devfs_enable * jail_fdescfs_enable * jail_procfs_enable * jail_fstab * jail_flags - Add a jail_interface / jail_<jid>_interface option. An ip alias will be created (jail_<jid>_ip) on jail_interface or jail_<jid>_interface if set. This is not a mandatory option. - Document all missing jail_* options in rc.conf(5).
Approved by: cperciva (mentor) MFC after: 2 weeks
|
157221 |
28-Mar-2006 |
simon |
Remove redundant ike rc.d script, since we do not have an IPsec IKE daemon in the base system and all the IKE daemons in the Ports Collection has their own rc.d script.
OK'ed by: dougb Discussed on: freebsd-rc MFC after: 1 month Approved by: cperciva (mentor)
|
157040 |
23-Mar-2006 |
ru |
Add an example of how to set up a 3-wire serial terminal. Usually, getty(8) does the trick, but if you just need a serial console without getty(8), here's how.
|
156917 |
20-Mar-2006 |
flz |
- Replace awk parts with shell.
Approved by: brooks MFC after: 2 weeks
|
156813 |
17-Mar-2006 |
ru |
Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
The src.conf(5) manpage is to follow in a few days.
Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
|
156808 |
17-Mar-2006 |
des |
This script symlinks /boot/kernel to the directory that contains the kernel you booted from, unless /boot/kernel already exists and is not a symlink. This should only affect people like me who juggle multiple kernels and have KODIR = /boot/${KERN_IDENT} in /etc/make.conf to keep them apart.
|
156782 |
16-Mar-2006 |
emax |
Reorganize /etc/rc.d/syscons and move all keyboard related settings into one function syscons_configure_keyboard(). Call new function from both syscons_start() and sysconst_setkeyboard(). The reason for this is because syscons_start() will (re)configure both keyboard and screen settings. Apparently, some graphics cards have problems with running vidcontrol(1) while X11 is running.
Remove "/etc/rc.d/syscons restart" from /etc/devd.conf. It is no longer required. Using "/etc/rc.d/syscons setkeyboard" is enough. This also should fix annoying "syscons not running?" message.
Tested by: Ulrich Spoerlein < q at galgenberg dot net > MFC after: 3 days
|
156441 |
08-Mar-2006 |
fjoe |
Fix overriding jail_list from command line.
MFC after: 3 days
|
156331 |
06-Mar-2006 |
emax |
Add new 'setkeyboard' method to the /etc/rc.d/syscons. It accepts the keyboard device name (i.e. /dev/kbd0). This method will do nothing is kbdmux(4) is the current active keyboard, otherwise it will switch active keyboard as requested.
Modify ukbd(4) entries in the /etc/devd.conf to use /etc/rc.d/syscons and new 'setkeyboard' method.
No comments from: freebsd-current@ MFC after: 1 day
|
156030 |
26-Feb-2006 |
wkoszek |
Use 'ipfw list' instead of 'ipfw l', since it's deprecated (and warning is printed on system startup).
Approved by: cognet (mentor) MFC after: 3 days
|
155838 |
19-Feb-2006 |
dougb |
Make sure abi (and therefore archdep) start before SERVERS as part of the ongoing re-alignment of ordering that is necessary as a result of including local scripts in the base rcorder. [1]
Accomplish this by removing the BEFORE's, and using REQUIRE instead. This makes the dependencies more obvious, and less susceptible to turning circular and/or nonsensical when seemingly innocent changes are made in one place and not another.
Requested by: delphij [1]
|
155775 |
17-Feb-2006 |
ru |
Check if /sbin/nextboot exists before running it.
PR: 93466 Submitted by: Mats Palmgren
|
155620 |
13-Feb-2006 |
marcel |
On ia64, the unaligned_print sysctl is a debugging knob under debug and not under machdep as the behaviour is controlled by the process. When PSR.ac is set the process expects to receive a SIGBUS. Otherwise the processor or the kernel will emulate the misaligned memory access.
MFC after: 3 days
|
155610 |
13-Feb-2006 |
imp |
Since OLDCARD is gone from the kernel, catchup here and remove support from here as well.
|
155595 |
13-Feb-2006 |
dougb |
Overhaul the named boot script:
1. Remove a now-spurious NetBSD CVS Id, as we are no longer synching work 2. Remove a now-spurious BEFORE, since ntpdate now REQUIRE's named 3. Replace the call to set rcvar with what that function would output, and generally reduce indirection ($name -> named) since it's highly unlikely the name of the named process or service will change any time soon. 4. Resort the order the variables at the top of the file to a more traditional format, and remove a spurious required_dirs from the top, as it works better after load_rc_config. 5. We do not want the default reload method with named, so define a simple but appropriate substitute using rndc. If I were writing this script for the first time I would not include this at all, since it's preferable to control a running daemon with rndc to start with, but given that this is already here, let's do it right. I hope that future generations will however resist the tempation to add reconfig to extra_commands. 6. By the same token, we want to use rndc to shut down named, but given that by defining a stop function we lose the "find the process by its pid file in an emergency" goodness of rc.subr, try to do something useful in the event that rndc is not available, and keep the user informed. 7. Replace some "test -f" with "test -r" to handle the unlikely event that the relevant file exists, but is unreadable. 8. Twiddle whitespace in a few areas, remove a spurious blank line, a bogus double space, and try to do better indenting. 9. Improve generation of the rndc.key file significantly a. If for some reason a user has an rndc.conf file, assume that they did that on purpose, and hence know what they are doing, so leave them alone. b. Introduce a named_uid configuration variable so that the user which owns the rndc.key file and the user named runs as always match, and is more easily configurable. This should dramatically reduce problems with rndc. c. Also test that the rndc.key file size is greater than zero, rather than simply that the file exists. I have seen at least one user report this exact problem, and although neither of us is sure where the empty file came from, the fix is simple, so include it. d. Rather than try to create an rndc.key file in both /etc/namedb and the chroot'ed /etc/namedb, assume that they are be the same (which they should be), and only create the file in the chroot'ed version of the directory. This partially addresses the problem described in conf/73929, but I have not yet finished thinking about the PREFIX issue that PR also raises.
As a result of introducing the named_uid knob, the default named_flags are now empty.
Update defaults/rc.conf and rc.conf(5) to reflect these changes.
|
155566 |
12-Feb-2006 |
matteo |
Make localpkg print local scripts names when the boot is verbose
PR: conf/68525 Approved by: philip (mentor) MFC after: 3 days
|
155356 |
05-Feb-2006 |
mlaier |
pflog is a separate module now.
Submitted by: Antoine Brodin PR: kern/88271 MFC after: 1 week
|
155236 |
03-Feb-2006 |
flz |
- Add a startup script for hostapd. - Document associated variable in rc.conf(5).
Approved by: dougb MFC after: 1 week
|
155209 |
02-Feb-2006 |
rwatson |
Add auditd rc.d script.
Submitted by: trhodes Obtained from: TrustedBSD Project
|
154787 |
24-Jan-2006 |
netchild |
As a quick fix disable the update of the linux ld.so.cache file, since currently it grabs some FreeBSD native libs too.
A final solution is under discussion with brooks.
|
154772 |
24-Jan-2006 |
pjd |
The 'reload' command did the same as 'restart' command. Allow user to decide if SAD and SPD entries should be flushed on 'reload'. With this change flush/spdflush is not done automatically (it could still be done from ipsec.conf).
|
154771 |
24-Jan-2006 |
pjd |
Remove stale comment.
This change should be made in rev1.9.
MFC after: 1 week
|
154770 |
24-Jan-2006 |
pjd |
Use $ipsec_file instead of hardcoded /etc/ipsec.conf.
This change should be made in rev1.2.
MFC after: 1 week
|
154645 |
21-Jan-2006 |
yar |
Add an rc.d script for stand-alone ftpd.
Document the script's controls on the rc.conf(5) manpage and touch its Dd.
PR: conf/90893 MFC after: 5 days
|
154637 |
21-Jan-2006 |
matteo |
Allow the use of wildcarded device names in devfs.conf
PR: conf/90760 Submitted by: Darren Pilgrim <darren.pilgrim@gmail.com> Approved by: philip (mentor)
|
154499 |
18-Jan-2006 |
wes |
Tell nextboot to clean up after itself.
|
154488 |
17-Jan-2006 |
philip |
Remove the module loading magic again; it's not needed after all.
Pointy hat to: matteo Submitted by: matteo Reviewed by: pjd MFC after: 3 days
|
154430 |
16-Jan-2006 |
philip |
Load the g_md kernel module if needed.
Pointed out by: Gianmarco Giovannelli Submitted by: matteo MFC after: 3 days
|
154425 |
16-Jan-2006 |
dougb |
REQUIRE named. On all systems I've examined running HEAD and RELENG_6 this will be a noop, however as we introduce local startup scripts to the base rcorder, we'll see more cases where the previous status quo will need to be made explicit to avoid having it disrupted when random local scripts are added to the mix.
|
154412 |
15-Jan-2006 |
ceri |
Marius Nuennerich pointed out that nextboot(8) configured boot options were now sticky. This script was deleting /boot/nextkernel on boot, but there is no code in the tree that creates that file since revision 1.15 of src/sbin/reboot/reboot.c. nextboot(8) creates /boot/nextboot.conf, so remove that instead.
Approved by: jhb (proxy mentor) MFC after: 1 week
|
154236 |
11-Jan-2006 |
brooks |
Be a little more read-only file system friendly when running the Linux ldconfig. Build the cache in a temporary directory and only install it if it's actually different that the installed one.
Also, use "cat tmp > real" to install the temporary file in the real location to allow the real location to be a symlink to a writable directory such as /var/run (where the file actually belongs).
MFC After: 5 days
|
154114 |
08-Jan-2006 |
dougb |
Add a mechanism to include files added by ports which contain the names of directories to include in the base ldconfig script. This will eliminate the need for each port to install its own boot script which does nothing but ldocnfig a given directory.
This code was developed by flz (ports committer), discussed on freebsd-rc@, and modified slightly by me.
Submitted by: flz Reviewed by: brooks
|
153871 |
30-Dec-2005 |
rse |
1. Add missing semicolon between "warn" and "return" to make sure the line continuation backslash doesn't cause "warn" to print "return". 2. Group "warn" and "return" together as the "return 1" should be performed only if the "kldload nfsclient" also failed (and not already if the "vfs.nfs" sysctl(8) check failed).
MFC after: 3 days
|
153870 |
30-Dec-2005 |
rse |
Remove superfluous line continuation backslash.
MFC after: 3 days
|
153765 |
27-Dec-2005 |
dougb |
Fix another braino, don't remove the X related socket directories right after creating them.
Twiddle whitespace while I'm here.
|
153764 |
27-Dec-2005 |
dougb |
Make sure that the prestart routine is run with *start, instead of just 'start'.
Reminded by: keramida
|
153608 |
21-Dec-2005 |
dougb |
syslogd should REQUIRE newsyslog, rather than newsyslog using BEFORE: syslogd. This does not produce any change in the ordering at the moment, but is cleaner style for the long term.
|
153607 |
21-Dec-2005 |
dougb |
Several users have commented (via filing PRs) that having ntp* depend on devfs is useful so that a hardware time device can start with its necessary device nodes already in place. While this ordering happens as a side effect currently in HEAD, and the PRs were generally fixed via upgrades, etc; it's better to make it explicit.
While I'm here, ntpd should REQUIRE ntpdate, rather than ntpdate using BEFORE: ntpd.
|
153588 |
21-Dec-2005 |
dougb |
REQUIRE: syslogd and BEFORE: NETWORKING are now antithetical, and including both in this file had nasty side effects on the ordering of syslogd, as well as producing an error when running rcorder. Remove the more bogus of the two options, which restores proper ordering and removes the error.
There is an open question as to whether scripts with the nostart KEYWORD should even have REQUIRE/BEFORE lines, and indeed, whether they should be in /etc/rc.d at all, but that's for another time.
|
153584 |
20-Dec-2005 |
dougb |
Include a somewhat hackish way to make sure that we *always* test the new clear_tmp_X variable when start'ing.
|
153564 |
20-Dec-2005 |
dougb |
Brooks pointed out a potential problem with disabling the X cleaning by default, so add a new knob that is on by default, and check that knob in start_precmd so that it can run even if cleaning /tmp is not enabled. This has the advantage of not violating POLA, while still allowing the user to disable this behavior if they wish (for example on a server that will never run X).
|
153537 |
19-Dec-2005 |
dougb |
Clear up problems with /etc/rc.d/{abi|cleanvar|cleartmp} brought to light by the PR. Specifically, convert these three scripts into good rc.d citizens, making sure that their functionality is preserved, but the rc.d framework rules are not broken.
Add support for cleanvar as a regular rc.d script in the default rc.conf, and document this in the man page.
Add a descriptive comment to rc.conf that regarding the three emulation/compatibility services provided by abi so users will not be confused by these services not having their own startup scripts.
PR: conf/84574 Submitted by: Alexander Botero-Lowry
|
153430 |
15-Dec-2005 |
iedowse |
Remove usbd(8) and all references to it. It is no longer necessary since devd(8) now provides the same functionality.
Submitted by: Anish Mistry
|
153299 |
10-Dec-2005 |
dougb |
Drop rcconf.sh now that it has been removed
|
153298 |
10-Dec-2005 |
dougb |
Remove rcconf.sh from /etc/rc.d, and instead load the configuration as part of rc. Doing this, and the sourcing of rc.subr after we have determined if we are booting diskless (and correspondingly run rc.initdiskless if necessary) are safe, and actually allow fewer files to be needed on the diskless box. This also allows variables from the configuration to be available to rc itself, such as ...
Add a variable to rc.conf, early_late_divider, which designates the script which separates the early and late stages of the boot process. Default this to mountcritlocal, and add text to etc/defaults/rc.conf, rc.conf(5) and diskless(8) which describes how and why one might want to change this.
Reviewed by: brooks
|
153295 |
10-Dec-2005 |
dougb |
Use of REQUIRE is better than BEFORE for most scripts, and very few scripts should have no REQUIRE at all.
|
153035 |
03-Dec-2005 |
brooks |
Don't bogusly depend on dhclient. It's now run either by /etc/rc.d/netif or from devd rather than by the startup scripts.
|
153029 |
02-Dec-2005 |
ru |
"-o rw" is invalid and undocumented mount option that is only present for fstab(5) compatibility, and is otherwise ignored by mount(8) (not passed to mount_* programs, and not passed to nmount(2)).
"-u -o rw" worked with an old mount(8) with mount_ufs.c because "-o rw" was stripped and simple "-u" caused an update of UFS from read-only to read-write, due to inability of mount(2) to track changes in options (MNT_RDONLY is either set or not).
"-u" no longer causes the transition from RO to RW, now that mount(8) was converted to use nmount(2), so an explicit change to RW is required. Keep up with this change, and use "-uw" to mount root read-write.
|
153028 |
02-Dec-2005 |
dougb |
Brooks pointed out a case where tmp needs to be run after mountcritremote, so force it the other way instead.
|
153027 |
02-Dec-2005 |
dougb |
Introduce startup scripts from the local_startup directories to the base rcorder. This is accomplished by running rcorder twice, first to get all the disks mounted (through mountcritremote), then again to include the local_startup directories.
This dramatically changes the behavior of rc.d/localpkg, as all "local" scripts that have the new rc.d semantics are now run in the base rcorder, so only scripts that have not been converted yet will run in rc.d/localpkg.
Make a similar change in rc.shutdown, and add some functions in rc.subr to support these changes.
Bump __FreeBSD_version to reflect this change.
|
153026 |
02-Dec-2005 |
dougb |
Force this script to run before mountcritremote to avoid non-deterministic behavior when introducing local_startup scripts to rcorder.
|
152690 |
22-Nov-2005 |
emax |
Remove not needed redirection of kldstat -q output to /dev/null.
Noticed by: pjd MFC after: 3 days
|
152688 |
22-Nov-2005 |
emax |
Revise hcsecd(8) and sdpd(8) rc.d scripts one more time
- Use _prestart rc.d method to automatically kldload ng_btsocket(4) if needed;
- Rename "sdpd_user" to "sdpd_username" and "sdpd_group" to "sdpd_groupname" to avoid collision with "magic" variables;
Inspired by: yar MFC after: 3 days
|
152462 |
15-Nov-2005 |
emax |
Revise hcsecd(8) and sdpd(8) rc.d scripts.
- Have both scripts automatically kldload ng_btsocket(4). I did not want to do it, but its easier for users and it seems other scripts do similar things;
- Assign few variables after load_rc_config, so the /etc/rc.conf overrides actually work;
MFC after: 1 week
|
152441 |
14-Nov-2005 |
brooks |
Add a new configuration variable, ipv4_addrs_<ifn>, which adds one or more IPv4 address from a ranged list in CIRD notation:
ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"
In the process move alias processing into new ipv4_up/down functions to more toward a less IPv4 centric world.
Submitted by: Philipp Wuensche <cryx dash freebsd at h3q dot com>
|
152286 |
10-Nov-2005 |
emax |
Start integrating Bluetooth into rc.d system.
Introduce /etc/rc.d/bluetooth script to start/stop Bluetooth devices. It will be called from devd(8) in response to device arrival/departure events. It is also possible to call it by hand to start/stop particular device without unplugging it.
Introduce generic way to set configuration parameters for Bluetooth devices. By default /etc/rc.d/bluetooth script has hardwired defaults compatible with old rc.bluetooth from /usr/share/netgraph/bluetooth/examples. These can be overridden using /etc/defaults/bluetooth.device.conf file (system wide defaults). Finally, there could be another device specific override file located in /etc/bluetooth/$device.conf (where $device is ubt0, btccc0 etc.)
The list of configuration parameters and their meaning described in the /etc/defaults/bluetooth.device.conf file. Even though Bluetooth device configuration files are not shell scripts, they must follow basic sh(1) syntax.
The bluetooth.device.conf(5) and handbook update will follow shortly.
Inspired by: Panagiotis Astithas ( past at ebs dot gr ) Reviewed by: brooks, yar MFC after: 1 week
|
152271 |
10-Nov-2005 |
rse |
Backout r1.11...
> > There is no need to explicitly add "status" to $extra_commands in > > the /etc/rc.d/pf script as it is implicitly added by /etc/rc.subr's > > run_rc_command() because of the existing $pf_program. > > > > Submitted by: Christoph Schug <chris@schug.net>
...because as yar@ points out: "[...] you were relying on evil side-effects of the variable being named *_program. hose side-effect have been eliminated since rc.subr rev. 1.42. [...] The point is that the default "status" method is for rc.d scripts that handle startup and shutdown of conventional daemons, and not for custom tasks like the pf case."
The change is still valid in RELENG_6 (and still doesn't have to be backed out) as long as rc.subr:r1.42 is not MFC'ed to RELENG_6, too.
|
152016 |
03-Nov-2005 |
rse |
There is no need to explicitly add "status" to $extra_commands in the /etc/rc.d/pf script as it is implicitly added by /etc/rc.subr's run_rc_command() because of the existing $pf_program.
Submitted by: Christoph Schug <chris@schug.net> MFC after: 1 week
|
151844 |
29-Oct-2005 |
yar |
Transforming "ppp-user" into just "ppp", step 5: Finally, delete the old, unfittingly named file "ppp-user".
|
151842 |
29-Oct-2005 |
yar |
Transforming "ppp-user" into just "ppp", step 3: Install "ppp" (just repocopied) instead of "ppp-user".
|
151809 |
28-Oct-2005 |
yar |
Use ${name} in pathnames where appropriate. The sendmail script already was on this way, but it didn't reach the end of it yet.
|
151807 |
28-Oct-2005 |
yar |
Use:
command="/path/to/${name}"
since it's applicable here. It's the current style of rc.d.
Pointed out by: pjd
|
151806 |
28-Oct-2005 |
yar |
Transforming "ppp-user" into just "ppp", step 1: The rcorder(8) condition PROVIDE'd by the script and REQUIRE'd by the others becomes "ppp".
The ultimate goal of the transformation is to reduce confusion resulting from the fact that $name has been "ppp" already.
Discussed with: pjd, -rc
|
151586 |
23-Oct-2005 |
yar |
Don't be lazy, set the "command" variable even if /etc/defaults/rc.conf will provide foo_program, too. By specifying "command" we explicitly say that we're going to rely on rc.subr(8) default methods, and rc.subr(8) will take advantage of this soon.
The majority of our rc.d scripts already set "command" if appropriate, so fix just the non-compliant handful.
|
151489 |
19-Oct-2005 |
jkim |
wpa_supplicant(8) requires -D option for ndis(4) now.
|
151272 |
12-Oct-2005 |
pjd |
First start rc.d/ipsec and then rc.d/mountcritremote, so we can mount NFS file system over IPsec.
Suggested by: Tomasz Pi³at <tomasz.pilat@axelspringer.pl>
|
151270 |
12-Oct-2005 |
pjd |
setkey(8) was repo-copied from usr.sbin/ to sbin/. This will allow for NFS mount of /usr over IPsec.
Discussed on: arch@
|
151245 |
12-Oct-2005 |
emax |
Connect rc.d scripts for the hcsecd(8) and sdpd(8) daemons to the build.
MFC after: 1 month
|
151240 |
11-Oct-2005 |
emax |
Add rc.d scripts for the hcsecd(8) and sdpd(8) daemons. Put defaults into /etc/defaults/rc.conf. Both daemons can run even if no Bluetooth devices are attached to the system. Both daemons depend on Bluetooth socket layer and thus disabled by default. Bluetooth sockets layer must be either loaded as a module or compiled into kernel before the daemons can run.
MFC after: 1 month
|
150839 |
02-Oct-2005 |
yar |
Use available rc.subr features. Reduce code duplication. Follow the current style of rc.d scripting.
|
150836 |
02-Oct-2005 |
yar |
Record dependency on the newly introduced pfsync.
Start before routing for better system protection. (pf used to start late during system boot, after many a network daemon have started already, which sucked from security POV.)
Remark: For maximum security, pf should start before netif, but it would create a dependency loop because pfsync has to start after netif, yet before pf.
Discussed with: mlaier on -pf MFC after: 5 days
|
150835 |
02-Oct-2005 |
yar |
Add an rc.d script to start pfsync at the right moment of the system boot, and hook it up in the system.
The separate script is needed because in the presence of various interface lists in rc.conf ($network_interfaces, $cloned_interfaces, $sppp_interfaces, $gif_interfaces, more to come) it is hard to start them orderly, so that pfsync is brought up after its syncdev, which is required for the proper startup of pfsync.
Discussed with: mlaier on -pf MFC after: 5 days
|
150831 |
02-Oct-2005 |
yar |
Use rc.subr(8) appropriately: - utilize default methods instead of rolling local ones; - avoid to specify BEFORE conditions we don't really need (pflog will be REQUIRE'd by pf); - omit extra decoration from warning messages, warn() will decorate them sufficiently.
|
150800 |
02-Oct-2005 |
maxim |
o Remove unfinished code and make it possible to override bsdextended_script from rc.conf(5):
Not objected by: trhodes
|
150753 |
30-Sep-2005 |
nyan |
Use hw.machine_arch instead of hw.machine.
|
150691 |
28-Sep-2005 |
yar |
Make it a good-mannered rcNG script respectful to the command line.
|
150603 |
27-Sep-2005 |
brooks |
Don't print anything if we can't do any localpkg shutdown (start already does this).
Submitted by: Andre Albsmeier <Andre dot Albsmeier at siemens dot com> PR: conf/86606
|
150516 |
24-Sep-2005 |
pjd |
Simplify the code by making use of 'kldstat -q -m <mod>'.
No objections from: mlaier
|
150498 |
23-Sep-2005 |
pjd |
Simplify the code a bit by using newly added (to kldstat(8) '-q') option.
|
150490 |
23-Sep-2005 |
wollman |
If we're not installing OpenSSH in the base, don't install its startup file either. This clears the way for third-party SSH ports to install an RCng startup script.
|
150372 |
20-Sep-2005 |
rwatson |
Add a new rc.conf entry, kerberos5_server_flags, which allows the administrator to specify additional start-up flags to the Kerberos 5 Authentication Server.
MFC after: 3 days
|
150294 |
18-Sep-2005 |
rodrigc |
In mountd_precmd(), use rc_args, not mountd_args to override the value of mountd_args. This fixes the problem where mountd_args was not properly being set if weak_mountd_authentifcation="YES" was set in rc.conf.
PR: conf/86260 Submitted by: Thierry Herbelot <thierry at herbelot dot com> MFC after: 3 days
|
150103 |
13-Sep-2005 |
rwatson |
Use kenv -q to extract dumpdev rather than kenv, in order to avoid spamming the console in the event that a loader tunable 'dumpdev' isn't defined, which is not a relevant failure to report.
MFC after: 1 week
|
149789 |
04-Sep-2005 |
keramida |
Remove duplicate "at" from comment.
|
149730 |
02-Sep-2005 |
brooks |
Actually block Ctrl-C (SIGINT=2).
Reported by: sam Pointy hat to: brooks
|
149725 |
02-Sep-2005 |
brooks |
Block SIGQUIT (Ctrl-C) while running in startup mode. This should allow dhclient's to be killed without stopping all boot progress.
Minor cleanup of the interface list generation code.
|
149606 |
30-Aug-2005 |
gshapiro |
Be sure to execute sendmail_precmd() to check sendmail.cf conflicts and rebuild the aliases file if necessary.
PR: conf/72910 Submitted by: matteo@ MFC after: 3 days
|
149060 |
14-Aug-2005 |
pjd |
Fix (/usr could not be mounted yet, so there is no grep(1) available) and simplify checking for g_eli module.
MFC after: 3 days
|
149053 |
14-Aug-2005 |
pjd |
Connect geli and geli2 ro the build.
MFC after: 3 days
|
149050 |
14-Aug-2005 |
pjd |
Add scripts for GELI device configuration on boot.
rc.d/geli - configures encryption (ask for passphrases, etc.); rc.d/geli2 - is called after file systems are mounted and mark devices for detach on last close.
Sponsored by: Wheel Sp. z o.o. http://www.wheel.pl MFC after: 3 days
|
149049 |
14-Aug-2005 |
pjd |
Move 'local_tr' function to rc.subr and change its name to 'ltr'.
MFC after: 3 days
|
148849 |
08-Aug-2005 |
pjd |
Back-out previous commit - we need to skip logging socket when we start a jail and external syslogd is listening in jail's chroot.
Pointed out by: csjp
While here, skip also "logpriv" socket.
|
148839 |
07-Aug-2005 |
pjd |
Skip jails which are already running and inform why. We're checking for /var/run/jail_<name>.id file and if it exists, we don't start the jail. It should be also safe in case of reboot(8), because rc.d/cleanvar script is going to remove /var/run/jail_* files.
It helps to avoid potential mess when the same jail is started twice, because of an administrator mistake (been there, done that).
MFC after: 1 week
|
148837 |
07-Aug-2005 |
pjd |
We don't need to skip /var/run/log socket, as syslogd is always started after rc.d/cleanvar. And if we wanted to skip /var/run/log we still needed to skip /var/run/logpriv, which wasn't implemented.
|
148836 |
07-Aug-2005 |
pjd |
Allow to give more than one jail's name, eg.:
# /etc/rc.d/jail start www mail
MFC after: 3 days
|
148765 |
05-Aug-2005 |
pjd |
Teach rc.d/encswap script how to use geli(8) for swap encryption.
MFC after: 3 days
|
148760 |
05-Aug-2005 |
pjd |
gbde_swap has been repo-copied to encswap.
Repo-copy made by: markm
|
148415 |
26-Jul-2005 |
brooks |
Silence the de-bouncing of dhclient start up. The previous output caused significant mental anguish for some portions of the user population. :)
|
148274 |
22-Jul-2005 |
obrien |
This depends on syslogd due to logger(1).
|
148273 |
22-Jul-2005 |
obrien |
Embellish the dependency lists - this script depends having awk(1), and it needs syslogd due to using logger(1). Have it run as early as possible to save battery power for laptop users.
|
147808 |
07-Jul-2005 |
jkim |
`net.inet.ipf.fr_running' can be a negative value, which was introduced by recent ipfilter import.
Approved by: re (scottl), anholt (mentor)
|
147704 |
30-Jun-2005 |
brooks |
Remove REQUIRE and BEFORE lines since this script is not run by rcorder at startup. Instead it is called by other scripts.
Approved by: re (network interface startup blanket)
|
147682 |
30-Jun-2005 |
brooks |
Add support for starting wpa_supplicant by adding the WPA keyword to an interface's ifconfig_<ifn> entry in /etc/rc.conf.
Approved by: re (network interface startup blanket)
|
147681 |
30-Jun-2005 |
brooks |
When interfaces are given on the command line, don't attempt to filter them. Just try to run the given command on them. We need to be able to run stop functions on interfaces that have been deleted to stop wpa_supplicant.
Approved by: re (interface startup blanket)
|
147610 |
26-Jun-2005 |
pjd |
Introduce new per-jail variable jail_<name>_flags, which allows to specify jail(8) flags (before the change we had hardcoded "-l -U root").
Submitted by: Frank Behrens <frank@pinky.sax.de> PR: conf/80244 Approved by: re (scottl) MFC after: 1 week
|
147511 |
21-Jun-2005 |
dd |
Unbreak the ipfilter_loaded function. There doesn't seem to be a way for kldstat to ever print "IP Filter" (the module is called "ipfilter" and modules don't have anything like a description), so this function would always return false. That would cause prestart to attempt to load the module even if it's already loaded, which would fail and prevent the rules from being loaded.
Approved by: re (dwhite)
|
147107 |
07-Jun-2005 |
des |
Honor the "dumpdev" kenv variable if it is set and the "dumpdev" rc variable is set to "AUTO".
MFC after: 2 weeks
|
147088 |
07-Jun-2005 |
brooks |
Support code for the OpenBSD dhclient. This significantly changes the way interfaces are configured. Some key points:
- At startup, all interfaces are configured through /etc/rc.d/netif. - ifconfig_<if> variables my now mix real ifconfig commands the with DHCP and WPA directives. For example, this allows media configuration prior to running dhclient. - /etc/rc.d/dhclient is not run at startup except by netif to start dhclient on specific interfaces. - /etc/pccard_ether calls "/etc/rc.d/netif start <if>" to do most of it's work. - /etc/pccard_ether no longer takes additional arguments to pass to ifconfig. Instead, ifconfig_<if> variables are now honored in favor of pccard_ifconfig when available. - /etc/pccard_ether will only run on interfaces specified in removable_interfaces, even if pccard_ifconfig is set.
|
147041 |
06-Jun-2005 |
obrien |
Remove RCng files that were brought in from NetBSD, but we ended up not using them (or did and no longer do).
|
146537 |
23-May-2005 |
pjd |
We need to use 'applyset' command for devfs, 'apply hide' is not enough, because new devfs entries can show up later and one can access such entires from inside named chroot. In rc.d scripts we can use devfs_domount() function with devfsrules_hide_all policy and unhide 'null' and 'random' manually.
|
145694 |
30-Apr-2005 |
csjp |
Do not unconditionally mount devfs to ${jail_devdir}/dev. First check to see if a prior devfs has been mounted. If no devfs is mounted on ${jail_devdir}/dev then proceed. This will prevent the stack up of multiple devfs mounts on the same mount point.
Discussed with: pjd MFC after: 1 week
|
145693 |
29-Apr-2005 |
brooks |
To allow /etc to be as minimal as possible in a diskless setup, we need to run initdiskless before we run rcorder on /etc/rc.d. To allow this, move /etc/rc.d/initdiskless to /etc/rc.initdiskless and run it directly from /etc/rc.
Remove /etc/rc.d/preseedrandom as it is no longer necessicary (we start with entropy unblocked) and was only used by initdiskless when it was needed.
Discussed on: freebsd-rc Repocopy by: peter
|
145469 |
24-Apr-2005 |
dougb |
Add -h to the ln command to make the -f flag actually do something. Without this flag, if the symlink existed already a new symlink would be created in the source directory. While harmless if the two symlinks were the same, it nonetheless caused pointless confusion.
The pathological case is that when there is an existing /etc/namedb symlink, but named_chrootdir in rc.conf pointed to a different directory, it was the symlink in /var/named that was getting updated, not the one in /etc. This led to some difficult to diagnose problems for users.
|
145184 |
17-Apr-2005 |
glebius |
Add startup script and default configuration file for bsnmpd.
Reviewed by: harti
|
145043 |
14-Apr-2005 |
csjp |
Do not remove logging sockets. This fixes an issue where logging sockets placed into prisons from the host environment get clobbered by the prison's instance of cleanvar. (assuming /etc/rc is run in the prison).
Discussed with: pjd, green, cperciva MFC after: 1 week
|
144891 |
11-Apr-2005 |
dougb |
The alternative suggested for /entropy as a shutdown save file was /var/db/entropy, which also happens to be the directory where the individual entropy files created by /usr/libexec/save-entropy are stored. Change the suggestion to be /var/db/entropy-file instead.
In an error condition where the shutdown file is not created, the error message accessed a variable that doesn't exist.
PR: conf/75722 Submitted by: Nicolas Rachinsky <list@rachinsky.de>
|
144683 |
05-Apr-2005 |
obrien |
'dumpon' can run before 'initrandom' so make it. This gives a better chance of debugging /dev/random related panics.
|
144638 |
04-Apr-2005 |
seanc |
When reloading rules via rc.d/pf, flush everything but existing state entries that way when rules are read in, it doesn't break established connections.
Approved by: mlaier Reviewed by: rc MFC after: 3 weeks
|
144515 |
02-Apr-2005 |
trhodes |
Add a ugidfw_load() function and fix up some of the scripting in this file. This will allow better integration with the ports system.
Submitted by: clement
|
143770 |
17-Mar-2005 |
njl |
Remove the 'usbd' keyword (it isn't necessary for mixer). Also, use BEFORE instead of REQUIRE.
Probably ok by: jhb MFC after: 3 days
|
143688 |
16-Mar-2005 |
ru |
Start natd(8) before loading firewall rules, to give the ipdivert.ko module a chance to load.
|
143489 |
13-Mar-2005 |
dougb |
Unhook the recently departed lomac file from the build.
Forgotten by: trhodes (the real one)
|
143474 |
12-Mar-2005 |
trhodes |
Remove mac_lomac(4) functionality. The proper way is to use loader.conf or build the policy into a kernel.
Approved by: rwatson
|
143048 |
02-Mar-2005 |
brooks |
It is sufficent to require rcconf rather than initdiskless.
|
143045 |
02-Mar-2005 |
brooks |
Remove stray else.
Reported by: Tai-hwa Liang <avatar at mmlab dot cse dot yzu dot edu dot tw> Point hat: brooks
|
142969 |
02-Mar-2005 |
brooks |
Allow chkprintcap(8) to be run before lpd is started. Disabled by default for now. Default flags create missing directories.
Remove comment about doing this in etc/rc.d/var.
Unlike in the PR, I chose to do this in the lpd script where we reliably have /usr available.
PR: conf/71488 Submitted by: RZ-FreeBSD0904 at fh-karlsruhe dot de
|
142965 |
02-Mar-2005 |
brooks |
If we don't have /usr/sbin/mtree, try to mount /usr. We're only likely to hit this case when /usr is remote and thus hasn't been mounted (since you're supposed to have /var before mounting remote file systems). Normal machines that don't have a /var for some reason will have /usr already available because it's local.
|
142962 |
02-Mar-2005 |
brooks |
- Update etc/rc.d/newsyslog to FreeBSD standards and install it. - Enable it by default, running newsyslog with -CN which creates files that have the C flag specified in /etc/newsyslog.conf. - Remove the "newsyslog -CC" call from etc/rc.d/var and the check for newsyslog. - Add the C flag to entries in /etc/newsyslog.conf that are currently installed as part of the base system.
There are two effects from this change: - Users who delete default syslog files to stop logging to them will need to set newsyslog_enable=NO in rc.conf or remove the C flag from those file in /etc/newsyslog.conf or they will come back on the next boot. - Diskless systems now create the same set of files that ordinary systems have by default instead of every file in newsyslog.conf.
|
142957 |
01-Mar-2005 |
brooks |
- Remove the dependency of /usr/bin/touch by using "cp /dev/null <target>" to create /var/log/lastlog. - Also create /var/log/wtmp if missing. - Attempt to create these files unless populate_var is NO rather then only when /var is empty or populate_var=YES.
|
142636 |
27-Feb-2005 |
njl |
command_args is redundant.
Submitted by: Pawel Worach
|
142580 |
26-Feb-2005 |
njl |
Add rc.conf options for powerd (disabled by default) and hook the script up to the build.
|
142579 |
26-Feb-2005 |
njl |
Add an rc script for powerd(8).
|
142572 |
26-Feb-2005 |
njl |
Add the ability to specify "NONE" if the user wants no change for the given power profile.
MFC after: 1 day
|
142523 |
25-Feb-2005 |
njl |
Quiet error messages if the requested sysctls are not present.
MFC after: 1 day
|
141417 |
06-Feb-2005 |
njl |
Add support for cpufreq to power_profile(8). Values for on/offline cpu frequencies are specified with performance_cpu_freq and economy_cpu_freq. Of course, special values LOW and HIGH are also supported. Also, remove old throttling support.
|
141038 |
30-Jan-2005 |
pjd |
Add a comment which explain why we need to use special function instead of tr(1)/sed(1)/awk(1).
|
140671 |
23-Jan-2005 |
pjd |
We cannot use sed(1), because rc.d/gbde has to be called before rc.d/mountcritlocal and sed(1) is placed in /usr/bin/. Other useful tools for this task are also placed in /usr/ (tr(1), awk(1)), so I implemented local_tr() function which works simlar to tr(1).
Reported by: Amir Shalem <amir@boom.org.il> MFC after: 1 week
|
140580 |
21-Jan-2005 |
pjd |
Fix handling of providers with / in them (e.g. mirror/foo).
Submitted by: Attila Nagy <bra@fsn.hu> MFC after: 1 week
|
140391 |
17-Jan-2005 |
ceri |
s/ntpdate_command/ntpdate_program/ to match rc.conf(5) and /etc/defaults/rc.conf.
PR: conf/76188 Submitted by: Arne Wörner <arne_woerner at yahoo dot com> Approved by: murray MFC After: 7 days
|
140342 |
16-Jan-2005 |
obrien |
Remove debugging that made it into the commit.
|
140339 |
16-Jan-2005 |
obrien |
"REQUIRE: cleanvar" for all RC's writing into /var/run.
|
140106 |
12-Jan-2005 |
anholt |
Create three additional X socket directories. Using X applications when another user owns these directories or the sticky bit is unset may open security holes, so simply create them at startup with the correct owner/mode.
MFC after: 1 day
|
139075 |
20-Dec-2004 |
peadar |
Use "KEYWORD: shutdown" so shutdown commands will actually be executed.
Approved by: dougb@
|
139066 |
20-Dec-2004 |
peadar |
When stopping a chrooted named, unmount the devfs filesystem from the chroot area. This stops "umount -a" failing when dropping to single user.
Reviewed by: dougb@
|
139015 |
18-Dec-2004 |
phk |
If /etc/named is a symlink, try to make sure it points the right place.
|
138889 |
15-Dec-2004 |
brian |
Use rc.subr
PR: 72505 Submitted by: Amir Shalem <amir@active.ath.cx>
|
138847 |
14-Dec-2004 |
rse |
Improve the RC framework for the clean booting/shutdown of Jails:
1. Feature: for flexibility reasons and as a prerequisite to clean shutdowns, allow the configuration of a stop/shutdown command via rc.conf variable "jail_<name>_exec_stop" in addition to the start/boot command (rc.conf variable "jail_<name>_exec_start"). For backward compatibility reasons, rc.conf variable "jail_<name>_exec" is still supported, too.
2. Debug: Add the used boot/shutdown commands to the debug output of the /etc/rc.d/jail script, too.
3. Security: Run the Jail start/boot command in a cleaned environment to not leak information from the host to the Jail during startup.
4. Feature: Run the Jail stop/shutdown command "jail_<name>_exec_stop" on "/etc/rc.d/jail stop <name>" to allow a graceful shutdown of the Jail before its processes are just killed.
5. Bugfix: When killing the remaining Jail processes give the processes time to actually perform their termination sequence. Without this the subsequent umount(8) operations usually fail because the resources are still in use. Additionally, if after trying to TERM-inate the processes there are still processes hanging around, finally just KILL them.
6. Bugfix: In rc.shutdown, if running inside a Jail, skip the /etc/rc.d/* scripts which are flagged with the KEYWORD "nojail" to allow the correct operation of rc.shutdown under jail_<name>_exec_stop="/bin/sh /etc/rc.shutdown". This is analogous to what /etc/rc does inside a Jail.
Now the following typical host-configuration for two Jails works as expected and correctly boots and shutdowns the Jails:
----------------------------------------------------------- # /etc/rc.conf: jail_enable="YES" jail_list="foo bar" jail_foo_rootdir="/j/foo" jail_foo_hostname="foo.example.com" jail_foo_ip="192.168.0.1" jail_foo_devfs_enable="YES" jail_foo_mount_enable="YES" jail_foo_exec_start="/bin/sh /etc/rc" jail_foo_exec_stop="/bin/sh /etc/rc.shutdown" jail_bar_rootdir="/j/bar" jail_bar_hostname="bar.example.com" jail_bar_ip="192.168.0.2" jail_bar_devfs_enable="YES" jail_bar_mount_enable="YES" jail_bar_exec_start="/path/to/kjailer -v" jail_bar_exec_stop="/bin/sh -c 'killall kjailer && sleep 60'" ----------------------------------------------------------- # /etc/fstab.foo /v/foo /j/foo/v/foo nullfs rw 0 0 ----------------------------------------------------------- # /etc/fstab.bar /v/bar /j/bar/v/bar nullfs rw 0 0 -----------------------------------------------------------
Reviewed by: freebsd-hackers MFC after: 2 weeks
|
138729 |
12-Dec-2004 |
obrien |
Use utils from /rescue vs. /stand. Also use pax rather than cpio & gzip.
|
138042 |
24-Nov-2004 |
mux |
Fix a typo in an error message.
Spotted by: ceri
|
138027 |
23-Nov-2004 |
mux |
Implement per-jail fstab(5) files. Here's a rc.conf sample using this feature for a jail named foo :
jail_foo_mount_enable="YES" jail_foo_fstab="/etc/fstab.foo"
The second line is actually useless, since the code defaults to using "/etc/fstab.$jailname" as the fstab file if none is specified.
MFC after: 3 days Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
|
137762 |
16-Nov-2004 |
wes |
Convince mergemaster to maintain/merge ramdisk scripts too.
Submitted by: Ben Kelly <ben.kelly@ieee.org> PR: bin/64079
|
137761 |
16-Nov-2004 |
wes |
Shutup debugging output.
|
137698 |
14-Nov-2004 |
obrien |
Unify the ci/co variables now that the the tty drivers now use the same character for both.
|
137697 |
14-Nov-2004 |
obrien |
Catch up with PHK's sio(4) rework [sys/dev/sio/sio.c rev. 1.456].
|
137451 |
09-Nov-2004 |
keramida |
Add two new rc.conf options: tmpmfs_flags and varmfs_flags.
These can be used to pass extra options to the mdmfs(8) utility, to customize the finer details of the md file system creation (i.e. to turn on/off softupdates, to specify a default owner for md filesystem, etc).
Use these two new flags to mount tmpmfs and varmfs without softupdates, since it doesn't make much sense to use SU on malloc-backed file systems.
Reviewed by: mtm Inspired by: J. D. Bronson, jbronson at wixb dot com
|
137255 |
05-Nov-2004 |
pjd |
Stop method for swap1 script was introduced, because gmirror needed it. Now gmirror use shutdown hooks to mark mirrors as clean on shutdown, so this is not needed anymore.
|
137246 |
05-Nov-2004 |
mtm |
- Make the header conform to standard rc.d style. - The 'before ipfw' directive seems bogus, and should instead be 'before rcconf'.
|
137203 |
04-Nov-2004 |
phk |
remove vinum startup script.
|
137126 |
02-Nov-2004 |
pjd |
Sort files properly.
|
137112 |
01-Nov-2004 |
mtm |
Do a better job of supporting more than one mouse device on the system.
To start/stop/check on a specific device give the device name as the second argument to the script: # /etc/rc.d/moused start ums0
To use different rc.conf(5) knobs with different mice use the device name as part of the knob. For example, if the mouse device is ums0, then: moused_ums0_enable=yes moused_ums0_flags="-z 4" moused_ums0_port="/dev/ums0"
Starting rc.d/moused without the device argument will use the standard moused_* flags. So, this commit should not disrupt or change current usage.
To preserve current behaviour with respect to usb mice, which appear automatically when inserted, there is a new knob, moused_nondefault_enable, which will treat any devices without rc.conf knobs as enabled.
To minimize knobs in /etc/rc.conf, the device file and pid file are auto-computed, so that in the typical case for a usb mouse you don't need to add anything extra in /etc/rc.conf to get it working.
Additionally, this updates /etc/usbd.conf to use the rc.d/moused script so people don't have to modify it to configure their usb mouse anymore.
MFC after: 1 month
|
137070 |
30-Oct-2004 |
pjd |
Allow to change interfaces name on boot time. Now, one should be able to put something like this into /etc/rc.conf:
ifconfig_fxp0_name="net0" ifconfig_net0="inet 10.0.0.1/16"
Reviewed by: green
|
136942 |
25-Oct-2004 |
pjd |
- Add 'check' command for checking rules syntax. - Before flushing rules in 'reload' command, check first if rules are correct. - Do not duplicate checking if $pf_rules file exists.
|
136901 |
24-Oct-2004 |
des |
- use `realpath /dev/dumpdev` instead of just /dev/dumpdev so messages will show the real device name - show different error messages for missing dump device and directory
|
136803 |
23-Oct-2004 |
mtm |
Move devfs earlier in the boot sequence. Some system daemons and other programs may need to use the symlinks and permissions that it sets up.
Discussed on: -current
|
136791 |
22-Oct-2004 |
andre |
Automatically load the ipdivert module if it was not compiled into the kernel and natd_enable is true.
|
136684 |
18-Oct-2004 |
thomas |
When dumpdev is set to 'auto', and a suitable swap device is found, create a symbolic link /dev/dumpdev designating that device so savecore can find and save a previous kernel dump.
|
136663 |
18-Oct-2004 |
thomas |
Remove unused computation of memory size.
Reviewed by: des
|
136502 |
14-Oct-2004 |
trhodes |
Remove requirement on FreeBSD keyword.
Skipped by: mtm (/me glares at mtm) :)
|
136224 |
07-Oct-2004 |
mtm |
Remove the requirement for the FreeBSD keyword as it no longer makes any sense.
Discussed with: dougb, brooks MFC after: 3 days
|
136212 |
07-Oct-2004 |
pjd |
- Be more userfriendly and allow to specify gbde device name in those forms: device device.bde /dev/device /dev/device.bde - Fix stop routine: + There don't have to be file system mounted on gbde device, so ignore errors from umount(8). + Only detach existing gbde devices.
|
136209 |
07-Oct-2004 |
pjd |
Only try to attach if parent device actually exists. I used ugly "/dev/${parent}" instead of "${parentdev}", because "/dev/" prefix for devices listed in gbde_devices variable is optional.
Reported by: Sean McNeil <sean@mcneil.com>
|
136193 |
06-Oct-2004 |
pjd |
Lock file for gbde devices is optional.
|
135958 |
30-Sep-2004 |
dougb |
Hide all the devices in the chroot dev except for random and null.
|
135912 |
29-Sep-2004 |
trhodes |
Give users the ability to load a mac_bsdextended(4) ruleset on boot (defaults to NO of course). Provide a basic ruleset file, rc.bsdextended, but allow the filename to be overridden through rc.conf.
Discussed with: rwatson (awhile ago)
|
135875 |
28-Sep-2004 |
dougb |
Create a named chroot directory structure in /var/named, and use it by default when named is enabled. Also, improve our default directory layout by creating /var/named/etc/namedb/{master|slave} directories, and use the former for the generated localhost* files.
Rather than using pax to copy device entries, mount devfs in the chroot directory.
There may be some corner cases where things need to be adjusted, but overall this structure has been well tested on a production network, and should serve the needs of the vast majority of users.
UPDATING has instructions on how to do the conversion for those with existing configurations.
|
135810 |
26-Sep-2004 |
dougb |
It's not necessary to create an rndc.key file if the user already has an rndc.conf file.
Submitted by: Sergey Mokryshev <mokr@mokr.net>
|
135777 |
24-Sep-2004 |
dougb |
Fix two glitches that appear in the non-chroot case. First, if not chrooted the pid symlink code should not fire. Also, remove the quotes around the chroot variable in the rndc-confgen invocation so that if not chrooted the command will still succeed.
Pointed out by: Sean McNeil <sean@mcneil.com>
|
135730 |
24-Sep-2004 |
keramida |
Fix a comment typo: s/neccessary/necessary/
|
135703 |
24-Sep-2004 |
dougb |
Update to reflect BIND 9 in the base:
1. Making the pid symlink now has to happen after named starts, otherwise it can generate a fatal error.
2. named-xfer is not part of the BIND 9 world.
3. BIND 9 needs a /dev/random in the chroot directory if chrooted.
4. Only the pid file is symlinked now, the ndc socket is BIND 8 only.
5. Create an rndc.key file for the user if one does not exist. This (generally) allows a BIND 8 config file to be used in a BIND 9 world with little or no modification.
|
135525 |
20-Sep-2004 |
des |
If $dumpdev is set to AUTO, use the first suitable swap partition listed in /etc/fstab, or print an error message if no suitable device was found.
MFC after: 4 weeks
|
135389 |
17-Sep-2004 |
pjd |
Teach swap1 script how to remove added swap devices on system shutdown. Without this change, if one had a swap-on-mirror configuration, gmirror will rebuild mirror component(s) on boot, because they are dirty (they were open on shutdown).
|
135306 |
16-Sep-2004 |
keramida |
We don't have any providers of `beforenetlkm' in FreeBSD. Remove the dependency to it from our rc.d scripts.
Approved by: mtm
|
135305 |
16-Sep-2004 |
keramida |
Fix requirement of `network' to `NETWORK' because the former isn't provided by any rc.d script.
Approved by: mtm
|
135252 |
15-Sep-2004 |
seanc |
Bring back etc/rc.d/ntpdate as requested by scads of people. This isn't a complete backout as the ntpd_sync_on_start etc/rc.conf tunable is still present, though the default is now NO (was YES). Since we're no longer syncing time at startup by default when ntpd is enabled (as was the case 24hrs ago), remove UPDATING entry pointing out that ntpd(1) -g is slower than ntpdate(1).
Hopefully ntpd_sync_on_start="YES" can be made the default for -CURRENT after 5.3 is cut. At the very least, this should be set to YES when a user requests to have ntpd enabled via sysinstall(1).
Requested by: many
|
135195 |
14-Sep-2004 |
seanc |
Stop using ntpdate(1) in our startup procedure. Replace ntpdate(1) with calls to ntpd -g. ntpd is noticeably slower than ntpdate, but is also more accurate. This removes the nasty hackery in rc.d/ntpdate that would parse out ntp servers from /etc/ntp.conf (ntpd knows how to read its own config file). By default, ntpd *will* sync with its listed time servers. To turn this off so that ntpd does not sync, ntpd_sync_on_start="NO" can be added to /etc/rc.conf. If ntpd is not enabled (the default), then time is not synced on startup. ntpdate has been depreciated by the ntpd authors for quite some time so this change shouldn't be unexpected.
Suggested by: des Approved by: roberto (resident ntp guru)
|
135194 |
14-Sep-2004 |
seanc |
Stop using ntpdate(1) in our startup proceedure. Replace ntpdate(1) with calls to ntpd -g. ntpd is noticably slower than ntpdate, but is also more accurate. This removes the nasty hackery in rc.d/ntpdate that would parse out ntp servers from /etc/ntp.conf (ntpd knows how to read its own config file). By default, ntpd *will* sync with its listed time servers. To turn this off so that ntpd does not sync, ntpd_sync_on_start="NO" can be added to /etc/rc.conf. If ntpd is not enabled (the default), then time is not synced on startup. ntpdate's use has been depreciated by the ntpd authors for quite some time so this change shouldn't be unexpected.
Suggested by: des Approved by: roberto (resident ntp guru)
|
135163 |
13-Sep-2004 |
ru |
A power failure left the temporary /var/.diskless directory on my system, and since then my /var was always created as MFS which was very surprising. Fix this for /tmp and /var.
|
134995 |
09-Sep-2004 |
obrien |
Restore NetBSD SCM ID.
Submitted by: delphij@beastie.frontfree.net
|
134575 |
31-Aug-2004 |
mlaier |
Don't rely on properly setup linker.hints to figure out that pflog is now part of the pf module. While here fix a comment that was c'n'ped from rc.d/pf
PR: bin/71096 (partly) Submitted by: Ville-Pertti Keinonen MFC after: 2 days
|
134487 |
29-Aug-2004 |
kensmith |
Protect the command flags set in the rc.conf files in case they're more than one word, adding some quotes.
Advice from: mtm (my first attempt wasn't quite right) Reviewed by: mtm MFC after: 3 days
|
134006 |
19-Aug-2004 |
des |
Always quote variables in tests, to ensure correct evaluation even when they are empty or undefined.
MFC after: 3 days
|
133987 |
18-Aug-2004 |
thomas |
Skip entries for GBDE swap devices if they are commented out in /etc/fstab.
Reviewed by: des
|
133869 |
16-Aug-2004 |
nectar |
Create temporary files safely.
Submitted by: Jon Passki <cykyc@yahoo.com>
|
133150 |
05-Aug-2004 |
gshapiro |
Fix the startup logic for sendmail. If sendmail_enable=yes, don't start the submit and outbound daemon, else if sendmail_submit_enable=yes, don't start the outbound daemon. Only one daemon should be started.
Also, do not rebuild database maps at boot time. The code didn't pay attention to SENDMAIL_MAP_TYPE and assumed 'hash'. Also, admins may not want maps automatically rebuilt just because the back end database has changed. Finally, some maps are built with mode tools than just makemap (e.g., using cidrexpand on the access text file before sending it to makemap).
Noticed by: ache Reviewed by: ache
|
133110 |
04-Aug-2004 |
markm |
Give sshd a secure startup, but with a tweakable timeout so that the box won't hang forever at startup.
|
132892 |
30-Jul-2004 |
mtm |
Finish cleanup of rc.d/netif. It's now possible to start/stop more than one interface from the command line: # /etc/rc.d/netif start bfe0 xl0 It's also possible to restart an interface(s): # /etc/rc.d/netif restart bfe0
This required some changes to rc.subr(8) so that if the start/stop commands are overidden the rest of the command line (after the start/stop/etc... cmd) is passed through to the subroutines.
|
132716 |
28-Jul-2004 |
eik |
back out the localkg changes until things have settled.
Discussed with: mtm
|
132701 |
27-Jul-2004 |
mtm |
Even though binaries will give 0 matches, make it explicit.
|
132597 |
24-Jul-2004 |
mtm |
Ports related rc.d cleanups: o Separate out local (ports) scripts that use rc.d, and the old style startup/shutdown scripts and execute them separately. On startup the rc.d style scripts are executed first and then the old-style scripts. On shutdown, exactly the reverse happens. o The rc.d ports scripts should now behave more like base system scripts. Scripts ending in .sh will be sourced into the current shell, while the rest will be executed in a subshell. Previously, all ports scripts, regardless of the .sh suffix, were executed in a subshell. o The parent script, /etc/rc.d/localpkg, passes its command line arguments straight to the rc.d ports scripts. This means they should now honor faststop and faststart commands as well. Old style scripts, should not see any differences. They will still get either a start or stop command. o The initial phrase shown during shutdown has been changed to use "local packages" instead of "daemon processes" to be more inline with the phrase used during local package startup. The phrases are also used only for old-style ports script startup/shutdown, whereas previously they were being used for both rc.d and old-style scripts. This should make startup/shutdown output a bit less ugly.
Discussed with: portmgr Has Reservations: eik
|
132356 |
18-Jul-2004 |
simon |
For the gbde attach script: - Ask the user up to X times (3 by default) for the pass-phrase, if it is incorrect the first time. - Add support for storing the lockfiles in another other directory than /etc. - Document that it is possible to override the location of each single lockfile.
Approved by: pjd
|
130954 |
23-Jun-2004 |
mlaier |
Swap order of ruleset load and enabling pf to work around a problem on altq startup. Moreover, this is the "more logic" order.
|
130870 |
21-Jun-2004 |
des |
Correct an error carried over from the nsswitch.conf(5) manual page; add a note to UPDATING since users may have to manually remove an incorrect nsswitch.conf.
Noticed by: simon
|
130699 |
18-Jun-2004 |
green |
Allow setting the system console keyboard via the ${keyboard} rc.conf directive.
|
130251 |
08-Jun-2004 |
obrien |
Back out rev 1.3. This is one of the few RC scripts that doesn't use rc.subr, and thus doesn't source rc.conf. :-(
|
130181 |
07-Jun-2004 |
obrien |
Don't assume everyone's /etc/[default/]rc.conf 'entropy_file' is "/entropy".
|
130151 |
06-Jun-2004 |
schweikh |
Removed whitespace at BOF, EOL & EOF.
|
129994 |
02-Jun-2004 |
ume |
Add ip6addrctl_enable and ip6_addrctl_verbose option. If ip6addrctl_enable is set to YES, address selection policy is installed into kernel. If there is /etc/ip6addrctl.conf, it is used for address selection policy. Even if there is no /etc/ip6addrctl.conf, we install default policy. In this case, if ipv6_enable is set to YES, we use address selection policy described in RFC 3484 as default. Otherwise, we install priority policy for IPv4 address. The default of ip6addrctl_enable is NO for now. However, it may better to enable it by default.
|
129661 |
24-May-2004 |
des |
Install nsswitch.
|
129651 |
24-May-2004 |
des |
If nsswitch.conf does not exist, create it with the default settings. The reason for doing this is that (at least some) 4.x binaries are very unhappy if host.conf does not exist, and if we create host.conf but not nsswitch.conf, nsswitch.conf will be created at the next reboot, so it is better to create a correct nsswitch.conf right away.
|
129650 |
24-May-2004 |
des |
Move the task of updating nsswitch.conf / host.conf into a separate script called nsswitch.
|
129497 |
20-May-2004 |
mtm |
Really remove the return statement this time. Thanks to ru for noticing.
|
129492 |
20-May-2004 |
mtm |
The err routine requires two arguments: an exit value and a string. Additionaly, it will exit the script so an return statements after calling it are superflous.
|
129021 |
07-May-2004 |
njl |
Change hw.acpi.cpu.cx_lowest to accept values in the form of C1, C2, ... Update power_profile to use the new format. Update the man page to reflect this and give more info on Cx states.
|
128714 |
28-Apr-2004 |
phk |
Protect som cross-script invocations by checks to see that the target script exists. This allows pruning of rc.d scripts without getting too many ugly boottime error message
|
128713 |
28-Apr-2004 |
phk |
Initdiskless must run before ipfw, or people will not be able to use the conf/* stuff for their firewall configuration.
Running ipfw before could seem to make sense in that it would allow one to setup access to the NFS server on a "default-deny" kernel, but it is pretty obvious to the casual observer that such a configuration never makes it far enough to mount the NFS-root in the first place.
|
128706 |
28-Apr-2004 |
ru |
Replace shell's positional parameters safely.
|
128685 |
27-Apr-2004 |
phk |
When using this in non-NFSroot circumstances, `mount -t nfs` may return empty. Add a dummy element to prevent the alternate action of the shell builtin "set"
|
128663 |
26-Apr-2004 |
simon |
Removes the check for the existence of the sysctl variable debug.watchdog since it is not created by hardware watchdog(4) devices. The watchdog(4) device is always compiled in the kernel, so removing the check should not cause any problems.
Approved by: phk
|
128470 |
20-Apr-2004 |
darrenr |
apply patch so pr can be closed
PR: misc/56715 Submitted by: grant@NetBSD.org Reviewed by: darrenr
|
128366 |
17-Apr-2004 |
fjoe |
sendmail_submit_enable and sendmail_outbound_enable checks were reverted.
Found by: Morten Rodal <morten@rodal.no>
|
128340 |
17-Apr-2004 |
brooks |
Actually install preseedrandom.
Reported by: bde
|
128287 |
15-Apr-2004 |
brooks |
Remove bogus checks on the value of ${entropy_file} and hardcode out entropy source to /entropy. We have to assume there is no rc.conf at this stage of the boot process.
Reported by: njl
|
128286 |
15-Apr-2004 |
brooks |
Band-aid diskless booting by running a new preseedrandom script before initdiskless. The output of several commands and if available the contents of /entropy are feed into /dev/random to kickstart the PRNG. /etc/rc.d/initrandom is left alone to maintain the previous behavior as much as possiable.
Further work in this area is probably needed.
Discussed with: markm
|
128163 |
12-Apr-2004 |
brooks |
Catch up with diskless split "diskless" is no longer provided.
Suggested by: cperciva
|
128060 |
09-Apr-2004 |
markm |
Take into account hardware-supplied entropy. If the entropy source is hardware, the Yarrow initialisations don't need to be done.
|
127970 |
06-Apr-2004 |
wes |
Style fixes, as suggested by Jens Schweikhardt <schweikh@schweikhardt.net>
|
127948 |
06-Apr-2004 |
wes |
Split ramdisk processing in two so it can actually work. Ownerships and permissions specified per rc.conf(5) now apply both to the md device and to the mountpoint directory, after the mount has completed. This has to be done in two steps, because chown is not available until after /usr has been mounted, but the mdconfig and newfs steps have to complete before fstab processing.
|
127897 |
05-Apr-2004 |
fjoe |
Add separate script for natd. This fixes race condition with "ipfw restart" (when new natd is started before old natd died) and allows to manage natd without touching ipfw.
natd should probably be killed with SIGKILL when stopping natd.
|
127896 |
05-Apr-2004 |
fjoe |
Allow this script to be used for Postfix: - Use sendmail_foo variables after load_rc_config so that they actually work. - Utilize sendmail_procname. - Check sendmail_submit_enable instead of sendmail_enable when dealing with mail submission MTA.
|
127759 |
02-Apr-2004 |
mlaier |
Add rc.d script to start pflogd and add rcvars etc. Also document vars in rc.conf(5) and put a sample entry to newsyslog.conf
Reviewed by: -current Approved by: bms(mentor)
|
127744 |
02-Apr-2004 |
krion |
- Use "/bin/hostname" explicitly instead of "hostname".
Approved by: tobez MFC after: 1 week
|
127663 |
31-Mar-2004 |
luigi |
Extensive documentation changes to the script, but only comments and empty lines have been touched.
All of this should go in the diskless(8) manpage, now if we had some kind of 'literate programming' tool to extract the comments from the script and put them in a reasonable nroff format, it would be a lot easier to keep code and docs in sync
|
127657 |
31-Mar-2004 |
luigi |
Minor changes mostly as discussed on the lists a few days ago:
+ SUBDIR.cpio.gz prevents files from SUBDIR/ to be copied when priming the memory filesystems. This restores the old behaviour and makes the copy process a lot more efficient
+ look for templates also in the list of directories supplied by bootp/dhcp via the T134 option aka kern.bootp_cookie
+ keep track of directories temporarily mounted with "remount" or "diskless_remount" commands and unmount them once we are done with them (at the end of this script).
|
127584 |
29-Mar-2004 |
des |
Fix the case where $ntpdate_hosts was not specified and /etc/ntp.conf does not exist.
Submitted by: ru
|
127478 |
27-Mar-2004 |
dougb |
A few small cleanups:
1. Add the shutdown keyword so that the script is run at shutdown time, and the mixer* files are saved. 2. Twiddle whitespace. 3. Remove an unecessary function, and therefore collapse one variable.
|
127385 |
24-Mar-2004 |
mlaier |
Install the pf rc.d-script (missed Makefile update in original commit)
Approved by: bms(mentor)
|
127370 |
24-Mar-2004 |
pjd |
Added 'nojail' keyword for rc.d/mixer script, while mixer(8) is not usable in jail by default (no /dev/mixer).
|
127345 |
23-Mar-2004 |
brooks |
Overhaul the /etc/rc.d/diskless script by splitting it out into hostname, resolve, tmp, and var scripts. The latter three are new and were repo copied. These scripts no longer depend on being booted with and NFS root instead attempt to automaticly create mfs /tmp and /var volumes if the they are not writable. This behavior can be overridden in /etc/rc.conf.
Reviewed by: luigi, pjd
|
127342 |
23-Mar-2004 |
mlaier |
Add rc.d script for pf(4) (more to come once pflogd(8) works as well). Update defaults and write some lines for rc.conf(5) also. Mostly dup'ed from ipf
Reviewed by: -current Approved by: bms(mentor)
|
127308 |
22-Mar-2004 |
des |
Set start_cmd and stop_cmd correctly so the code that extracts the names of the ntp servers from ntp.conf is actually used. Remove pidfile since ntpdate is not a daemon.
|
127222 |
20-Mar-2004 |
green |
Add a way for rc.d/devfs to set more than just the system devfs up. Yes, this means for stuff OTHER than jails, too. Example usage: #devfs_system_ruleset="root" devfs_set_rulesets="/dev=root /etc/namedb/dev=named_devfs"
|
127171 |
18-Mar-2004 |
davidc |
Echo and pass dumpdev as the device argument to savecore.
PR: bin/51655
|
127043 |
15-Mar-2004 |
jhb |
Add a mixer script that saves the current settings of all mixers present in the system on shutdown and restores the settings on boot. The settings can also be reset to the saved values via 'mixer reload'.
Reviewed by: current@
|
127032 |
15-Mar-2004 |
wes |
Add script for creating ramdisks at boot time, in time to be processed by fstab.
|
126978 |
14-Mar-2004 |
dougb |
1. Remove the named_rcng variable. Mike's caution in this area was a good thing, but we're ready to move on.
2. Remove the -g default argument in named_flags. It doesn't actually do what most users think it does, and what most users want it to do is already accomplished with a proper default group for the bind user, which we have. Also, the -g knob does something entirely different in BIND 9, which leads to a lot of needless confusion/aggravation.
3. In the rc.d script, don't bogusly override $command, or $rc_flags. Both are adequately handled in rc.conf[.local].
4. DO properly override $rc_flags if user has named_chrootdir set. This may need to be revisited, but should be ok for now.
5. Protect all chrootdir-related bits under that variable, instead of named_rcng.
There is more work to be done here, especially in the area of BIND 9 compatibility, but this is a start at least.
Prompted in part by (legitmate) grousing from: kuriyama, Randy Bush
|
126868 |
12-Mar-2004 |
brooks |
If /conf/diskless_remount exists, use it to remount the entire /conf directory. This allows multiple roots (say for different architectures) to share the same set of /conf files.
|
126862 |
11-Mar-2004 |
kientzle |
Don't run fsck if there's no /etc/fstab.
In particular, this allows a "virgin" system installed from source (installworld, installkernel, cd etc && make distribution) to boot correctly and modestly simplifies the creation of single-partition network/cdrom/CF bootable images.
|
126787 |
09-Mar-2004 |
phk |
Make this file more generally usable:
Trigger not only on diskless booting sysctls being set, but also on the existence of the file "/etc/diskless". But do not try to extract IP# related keywords in that case.
Add a general "remount" facility to allow non-NFS remounting.
|
126744 |
08-Mar-2004 |
pjd |
Mark scripts as not usable inside a jail by adding keyword 'nojail'.
Some suggestions from: rwatson, Ruben de Groot <mail25@bzerk.org>
|
126659 |
05-Mar-2004 |
bde |
Removed definition of NOPROG. It was just a style bug (a NetBSD macro that became obsolete in NetBSD 22 months ago).
Submitted by: ru
|
126648 |
05-Mar-2004 |
pjd |
One tab too much.
|
126647 |
05-Mar-2004 |
pjd |
Teach 'hostname' script how to act inside a jail.
No objections from: mtm, arch@
|
126641 |
05-Mar-2004 |
mtm |
When this script included NetBSD specific logic, the NetBSD branch included a start_precmd check for gated. The precommand was not executed in the FreeBSD branch. When I did a mass removal of NetBSD specific logic a while back this file apparently got only a partial treatement. This bug did not have any functional consequences, however, since the precommand was not declared to the rc.subr routines.
Noticed by: pjd
|
126639 |
05-Mar-2004 |
mtm |
The syslogd script should require that /var is cleaned before it runs. Otherwise it could be in the situation where its log socket is removed after it has started.
Noticed by: jhay
|
126636 |
05-Mar-2004 |
mtm |
Remove scripts we don't use from requirement lines. These were hold-overs from the initial NetBSD import.
|
126634 |
05-Mar-2004 |
bde |
Removed include of bsd.own.mk. It was just a style bug (half-baked chumminess with the implementation).
|
126618 |
04-Mar-2004 |
bms |
Forgotten commit: Hook /etc/rc.d/ike up to the build.
|
126554 |
03-Mar-2004 |
mtm |
From the PR: Certain MTA configurations mean that the notifications from virecover keep bouncing; so here's a patch to allow administrators to turn them off.
PR: conf/54910 Submitted by: bms (with a minor cleanup)
|
126392 |
29-Feb-2004 |
green |
Further shuffle runcom ordering so that netif does not start before ipfw, but ipfw and ipfilter do start before dhclient.
|
126333 |
27-Feb-2004 |
green |
What depends on ipfilter should probably also start ipfw at the same time.
|
126181 |
23-Feb-2004 |
brueffer |
Fix typo
|
125989 |
19-Feb-2004 |
mtm |
Don't forget to enable the ipv6 firewall once the rules are loaded.
PR: misc/61501 Submitted by: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
|
125987 |
19-Feb-2004 |
mtm |
In-line documentation.
Prodded by: alfred
|
125580 |
07-Feb-2004 |
johan |
Fix typo in comment, s/reebots/reboots/
PR: 62481 Submitted by: Ulrich Spoerlein <q at uni.de>
|
125571 |
07-Feb-2004 |
imp |
ttys is gone, kill it here too
|
125552 |
07-Feb-2004 |
mtm |
Now that devfs is mandatory, there is no need to muck around with tty/pty permissions.
Noticed by: brooks OKed: phk
|
125498 |
05-Feb-2004 |
des |
Require initrandom rather than random, since random requires mountcritlocal, which requires disks, which gbde_swap provides.
Noticed by: brooks
|
125447 |
04-Feb-2004 |
des |
We don't really need a lockfile, and most likely can't create one at this point.
|
125391 |
03-Feb-2004 |
mtm |
o Unbreak the individual jail starting patch that I broke when I committed it. Apologies to Juergen Unger <j.unger@addict.de>. o When stopping jails output the hostname of the jails that were stopped. o Refactor o Remove extraneous empty line o Correct spelling error
|
125388 |
03-Feb-2004 |
des |
Add support for initializing swap devices with random one-shot keys. Note that the keys are currently generated by computing the MD5 checksum of 512 bytes read from /dev/random, and are passed to gbde on the command line.
Sponsored by: Teleplan AS
|
125385 |
03-Feb-2004 |
des |
Missed one in previous commit.
|
125384 |
03-Feb-2004 |
des |
Style fixes.
|
125376 |
03-Feb-2004 |
mtm |
Configure a jail sysctl value only if it is different than what the rc.conf(5) knob specifies. Also, correct a minor capitalization error.
|
125341 |
02-Feb-2004 |
pjd |
Teach /etc/rc.d/dumpon script how to stop.
Reviewed by: gordon Approved by: gordon, scottl (mentor)
|
125323 |
02-Feb-2004 |
mtm |
Support starting/stoping of jails individually.
This commit also removes the support for the sysutils/jailer port. This is inline with the general policy to keep ports related knobs out of the base system's configuration mechanism.
Submitted by: Juergen Unger <j.unger@addict.de>
|
125102 |
27-Jan-2004 |
njl |
Remove only X[0-9]-lock.
|
124928 |
24-Jan-2004 |
mux |
Move the test used to determine whether IPFilter is loaded or not into its own function to avoid a small duplication of code.
|
124630 |
17-Jan-2004 |
mtm |
Remove an extraneous semicolon (;;).
|
124628 |
17-Jan-2004 |
mtm |
Use the checkyesno routine instead of a case statement to check an rc.conf(5) variable. This is in line with rc.d style.
|
124627 |
17-Jan-2004 |
mtm |
Remove checks for the FreeBSD OS.
|
124626 |
17-Jan-2004 |
mtm |
Make conform to general rc.d style.
|
124625 |
17-Jan-2004 |
mtm |
o Rename the start command to conform to rc.d style. o Move the additional commands list to the end of the variable initialization to conform to rc.d style
|
124624 |
17-Jan-2004 |
mtm |
Simplify setting of securelevel.
|
124623 |
17-Jan-2004 |
mtm |
Remove variables whose sole purpose was to make easier to work with the NetBSD specific stuff.
|
124622 |
17-Jan-2004 |
mtm |
Luke Mewburn has indicated that they (NetBSD) are not interested in keeping the scripts under rc.d in sync with us. So, remove NetBSD specific stuff (which made our scripts more complicated than necessary).
The NetBSD ident string will be left intact, both for history and also incase we wish to pull in future versions.
|
124618 |
17-Jan-2004 |
mtm |
Luke Mewburn has indicated that they (NetBSD) are not interested in keeping the scripts under rc.d in sync with us. So, remove NetBSD specific stuff (which made our scripts more complicated than necessary).
The NetBSD ident string will be left intact, both for history and also incase we wish to pull in future versions.
|
124616 |
17-Jan-2004 |
mtm |
Luke Mewburn has indicated that they (NetBSD) are not interested in keeping the scripts under rc.d in sync with us. So, begin removal of NetBSD specific stuff (which made our scripts more complicated than necessary), starting with the NetBSD KEYWORD.
|
124149 |
05-Jan-2004 |
brooks |
Don't run newaliases if sendmail_enable=NONE.
Submitted by: Matt Peterson <matt at peterson dot org> Approved by: silence on freebsd-rc
|
123841 |
25-Dec-2003 |
babkin |
Added support for intelligent handling of DST transitions in cron.
reviewed by: imp
|
123626 |
18-Dec-2003 |
njl |
Add power_profile, a script that changes the ACPI CPU Cx idle state and/or the throttling state in response to line transitions. Future plans include adding support for CPU frequency changes.
Add a devd.conf entry for calling this script.
The default values for this are: performance_cx_lowest="HIGH" # Use HLT (C0) online performance_throttle_state="HIGH" # 100% (no throttling) economy_cx_lowest="LOW" # Use the lowest Cx state possible economy_throttle_state="HIGH" # 100% (no throttling)
|
123533 |
14-Dec-2003 |
seanc |
Backout ataraid rcng script. I must have missed ar0 in my scan of /dev after my first reboot because sure enough, I'm seeing it there now and ata(4) is doing the right thing(TM).
Pointed out by: des
|
123532 |
14-Dec-2003 |
seanc |
Add a script that allows software RAID sets to be created before file systems are mounted. An example set of entries for /etc/rc.conf:
ataraid_enable="YES" ataraid_devices="ar0" ataraid_ar0_set="ad2 ad3" ataraid_ar0_type="RAID1"
Because there is no "correct" way of doing ATA raid (ie, geom vs. atacontrol vs. vinum) that is bikeshed proof, this rcng script stays within the bounds of atacontrol and assumes that other RAID solutions for GEOM or vinum will end up in a different rcNG script.
Reviewed by: green
|
123390 |
10-Dec-2003 |
peter |
Change rc.d/syscons to not need /usr/sbin/ispcvt to exist. This should make it work for all non-i386 syscons platforms.
|
123344 |
09-Dec-2003 |
mtm |
o Rename devfs_link() to make_symlink() and turn it into a generic symlinking routine. o Modify rc.d/jail to create its own symlink relative to the jail's filesystem
|
123342 |
09-Dec-2003 |
mtm |
If fdescfs(5) is mounted in a jail unmount it before devfs(5).
Submitted by: "Scot W. Hetzel" <hetzelsw@westbend.net>
|
123341 |
09-Dec-2003 |
mtm |
If rc.d/mountcritlocal is unable to mount local filesystems, then immediately terminate the shell (during boot this also terminates the parent rc(8) shell). This was the pre-rcNG behaviour.
Also, remove an extraneous mount /.
PR: conf/57659 Submitted by: yar (with modifications)
|
123340 |
09-Dec-2003 |
mtm |
Redirect rc(8) output to a file in the jail's /var/log directory. Previously it was redirected to /dev/null.
Submitted by: phk
|
123086 |
01-Dec-2003 |
mtm |
When clearing /tmp, X11 lock and temporary files are special. Remove them unconditionaly.
PR: bin/59065 Approved by: re (scottl)
|
123029 |
28-Nov-2003 |
bms |
Add a means of starting an IKE daemon from the rc system at an appropriate time during the boot process. This is needed in the case where NFS mounts from servers reachable only via IPSEC are in /etc/fstab.
PR: conf/42497 Submitted by: Volker Stolz Approved by: re (rwatson)
|
121964 |
03-Nov-2003 |
mux |
Change a bogus -n parameter to echo(1).
|
121749 |
30-Oct-2003 |
ume |
install address selection policy into kernel when there is /etc/ip6addrctl.conf. following sample of ip6addrctl.conf is a good default:
#Prefix Precedence Label ::1/128 50 0 ::/0 40 1 2002::/16 30 2 ::/96 20 3 ::ffff:0:0/96 10 4
|
121068 |
13-Oct-2003 |
dougb |
* Remove the OS specific bits, since NetBSD isn't interested in porting this stuff back.
* Test /etc/motd for writability before trying to update it. This is especially useful when /etc/ is mounted ro, like on a diskless boot. (Thanks to phk for the idea on this one.)
* Make the "updating" message reflect what actually happens.
|
121067 |
13-Oct-2003 |
dougb |
Remove trailing whitespace
|
121066 |
13-Oct-2003 |
dougb |
Update references to rc.diskless[12]
|
121014 |
12-Oct-2003 |
kris |
Bump default /etc size from 2MB to 5MB to deal with bloat^Wgrowth in the size of /etc.
|
120711 |
03-Oct-2003 |
phk |
Fix typo.
Spotted by: "Bjoern A. Zeeb" <bzeeb@zabbadoz.net>
|
120706 |
03-Oct-2003 |
phk |
More checking if kenv actually know something.
Guard against test(1)-unfriendly outputs from kenv.
|
120702 |
03-Oct-2003 |
phk |
In case we have no /etc/resolv.conf, don't try to make it out of thin blue air if the kenv doesn't have any info.
This improves the truth value of the comment above significantly and reduces the bogous output on the console considerably.
|
120686 |
03-Oct-2003 |
mux |
Fix bogon in ipfilter_resync() introduced in my last commit.
Spotted by: Gennady Proskurin <gpr@nvnpp.vrn.ru>
|
120515 |
27-Sep-2003 |
mux |
A number of fixes/enhancements for the ipfilter rc script: - Use a more robust check to determine if we need to load ipl.ko. - Don't try to run ipf -E if ipfilter is already enabled. Look at the net.inet.ipf.fr_running sysctl to figure this out. This fixes a warning message about ipfilter being already initialized. - Only one ipf -E command is needed. We don't need an extra one for the -6 case which would only print a warning message about ipfilter being already initialized. - Fix one occurence where we were running /sbin/ipf directly without using the ${ipfilter_program} variable if set. - In ipfilter_stop(), don't try to save the firewall state tables if ipfilter is disabled. Similarly, don't try to disable it if it's already disabled. This fixes some more error messages.
|
120110 |
16-Sep-2003 |
mbr |
Get rid of a nasty error message that tells us dhclient couldn't get killed.
If we execute 'dhclient -r', dhclient gets already killed, so there is no need to do it twice. Only do this if we really have to release some leases.
Reviewed by: silence on freebsd-rc@yahoogroups.com
|
119555 |
29-Aug-2003 |
mtm |
Remove deprecated files no longer neccesary as part of rc.d. Include a note in UPDATING about removing them from current installations.
|
119397 |
24-Aug-2003 |
mtm |
Enhance the jail start/stop script. o The following additional configuration attributes of a jail can be controlled from rc.conf: - mounting devfs(5) - mounting fdescfs(5) - mounting procfs(5) - custom devfs(8) ruleset If no ruleset is specified, the default jail ruleset is used.
o The output of executing /etc/rc in the jail is now redirected to /dev/null. Instead, the hostname of the jail is echoed if the jail(8) command exited successfully. If the output is wanted it can probably be redirected to a file (/var/run/$jail maybe) instead of /dev/null.
Submitted by: Scot W. Hetzel <hetzels@westbend.net> with modifications by Jens Rehsack <rehsack@liwing.de> and me.
|
119166 |
20-Aug-2003 |
mtm |
Add a general mechanism for creating and applying devfs(8) rules in rc(8). It is most useful for applying rules to devfs(5) mount points in /dev or inside jails. The following line of script is sufficient to mount a relatively useful+secure devfs(5) in a jail:
devfs_mount_jail /some/jail/dev
Some new shell routines available to scripts that source rc.subr(5): o devfs_link - Makes it a little easier to create symlinks o devfs_init_rulesets - Create devfs(8) rulesets from devfs.rules o devfs_set_ruleset - Set a ruleset to a devfs(5) mount o devfs_apply_ruleset - Apply a ruleset to a devfs(5) mount o devfs_domount - Mount devfs(5) and apply some ruleset o devfs_mount_jail - Mount devfs(5) and apply a ruleset appropriate to jails.
Additional rulesets can be specified in /etc/devfs.rules. If the devfs_system_ruleset variable is defined in rc.conf and it contains the name of a ruleset defined in /etc/defaults/devfs.rules or user supplied rulesets in /etc/devfs.rules then that ruleset will be applied to /dev at startup by the /etc/rc.d/devfs script. It can also be applied post-startup:
/etc/rc.d/devfs start
This is a more flexible mechanism than the previous method of using /etc/devfs.conf. However, that method is still available.
Note: since devfs(8) doesn't provide any way for creating symlinks as part of a ruleset, anyone wishing to create symlinks in a devfs(5) as part of the bootup sequence will still have to rely on /etc/devfs.conf.
|
119101 |
19-Aug-2003 |
kuriyama |
Quote $jail_exec with double-quote to avoid "[: unexpected operator".
|
119011 |
17-Aug-2003 |
gordon |
Prepend /lib to the search order for libraries.
|
118908 |
14-Aug-2003 |
harti |
Now that routes for IP over ATM may look much more complex than before, use the atmconfig(8) utility instead of route(8) to install those routes. For this we need a new rc.conf variable natm_static_routes that works just like static_routes except that the referenced routes use the syntax of atmconfig(8).
Okay'ed by: mtm
|
118638 |
07-Aug-2003 |
fjoe |
Correct typo in Matt's name.
|
118515 |
06-Aug-2003 |
mtm |
Rename localdaemons to localpkg. The original name was really a mistake since /usr/local/etc/rc.d scripts can (and usually do) start more than just daemons. Even the output in the script uses 'local packages.' Also, the term 'local daemons' is used by rc.d/local, which was etc/rc.local of rcOG fame. No repo-copy because there isn't much history to save. I will remove localdaemons shortly with all the other files that don't belong in rc.d anymore.
Discussed with: dougb, freebsd-rc@yahoogroups.com
|
118224 |
30-Jul-2003 |
mtm |
Apply some sort of order to the FILES list.
|
118223 |
30-Jul-2003 |
mtm |
Add two files (early.sh and gbde) that previously were not hooked up to the build.
|
118219 |
30-Jul-2003 |
mtm |
tty whacking should occur early, but not so early that the required commands are not on a mounted file system.
Noticed by: bde
|
118123 |
28-Jul-2003 |
harti |
Convert the atm{2,3}.sh rc scripts to normal rc.d scripts. Add support for the harp(4) pseudo driver and for loadable native HARP drivers (like hfa_pci).
To use harp(4) the rc variable natm_interfaces must be set to the list of NATM interfaces to be used for HARP. These interfaces will be brought up with ifconfig and the harp(4) will be loaded.
To use loadable native HARP drivers atm_load must be set to the list of drivers to load.
Reviewed by: mtm, gordon (partly)
|
118108 |
28-Jul-2003 |
mbr |
Always start dhclient in the background.
Reviewed by: mtm
|
118099 |
27-Jul-2003 |
mbr |
Add -dynamic to natd if dhcp is used for the natd interface. Kill natd in stop().
Reviewed by: mtm
|
118067 |
26-Jul-2003 |
mtm |
Define the stop command to do nothing when only a specific interface is to be stopped. In this case we don't want to go beyond releasing the lease.
|
118066 |
26-Jul-2003 |
mtm |
When stopping a dhcp interface, don't just release the lease on the address, also kill the dhclient process. Instead of doing the release in the stop command, move it to the precmd stage and allow rc.subr(8) to automatically kill the dhclient process by leaving the stop command undefined.
Noticed by: mbr
|
117636 |
15-Jul-2003 |
mtm |
Move a period out of an if... clause. The period terminates the line and must always appear on the line.
Submitted by: netchild
|
117551 |
14-Jul-2003 |
mtm |
Make sure ipmon is run after cleaning up in /var. Otherwise, we would lose it's pid file. Also, cleanup the depencies in rc.d/cleanvar
PR: bin/53516
|
117495 |
13-Jul-2003 |
mtm |
Not everyone uses the base system sshd. They can use the sshd_program variable in rc.conf to have sshd from ports (or somewhere else) installed. So, don't make the sshd_config for the base system a required file to start the service.
PR: conf/45766
|
117346 |
09-Jul-2003 |
mtm |
Be specific about which domainname is not set. It seems the man page reference is not enough.
|
117088 |
30-Jun-2003 |
mtm |
Have mktemp(1) construct the temporary file name for us instead of providing a template manually.
Submitted by: Lars Eggert <larse@isi.edu>
|
117087 |
30-Jun-2003 |
brooks |
Allow diskless_remount files to contain path beginning with / which will be mounted relative to the NFS root mountpoint.
Reviewed by: dillon at backplane.com MFC After: 3 days
|
117077 |
30-Jun-2003 |
trhodes |
Properly use ld.so.conf and ld-elf.so.conf as discussed in the manual page.
PR: 25527 Submitted by: Alexey Neyman <alex.neyman@auriga.ru> Reviewed by: jdp
|
117032 |
29-Jun-2003 |
mtm |
Ugh. Remove debugging echo.
|
117021 |
29-Jun-2003 |
mtm |
Implement individual operations on static and dhcp interfaces. Previously network interfaces could only be turned on and off as a group (all static interfaces or all dhcp interfaces).
When used to start the interface a 'long form' ifconfig output is used to show the status of the interface, but when stopping an interface the script will simply output the name of the interface. This is simply my personal preference. Hopefully as this functionality matures we can stabilize on a prefered form of output for these scripts.
A stop command to the dhclient script now explicitly releases the dhcp lease. Behaviour at system shutdown; however, is unchanged since dhclient is not, by default, run at that time. The client will not release its lease at shutdown.
|
117020 |
29-Jun-2003 |
mtm |
o Hookup rc.d/routing and rc.d/netoptions o Ensure rc.d/network2 and rc.d/network3 are not automatically run during boot o Modify script headers so rcorder(8) can put the two scripts in the correct sequence.
|
117019 |
29-Jun-2003 |
mtm |
o Repocopied routing and netoptions from network2 and network3, respectively. o Change the provider names. o Separate routing into two parts: static routing and routing options. The start command will run both parts, but they can be run separately using the static and options command, respectively: (/etc/rc.d/routing static; /etc/rc.d/routing options)
|
116874 |
26-Jun-2003 |
smkelly |
- Add a software watchdog facility.
This commit has two pieces. One half is the watchdog kernel code which lives primarily in hardclock() in sys/kern/kern_clock.c. The other half is a userland daemon which, when run, will keep the watchdog from firing while the userland is intact and functioning.
Approved by: jeff (mentor)
|
116608 |
20-Jun-2003 |
phk |
Remove the devdb stuff, the kernel answers these questions just fine.
|
116456 |
17-Jun-2003 |
wollman |
Add a script to automatically attach gbde devices found in fstab (or rc.conf) at boot time, and detach them when shutting down. Not added to the Makefile to give the rcng gurus an opportunity to improve it.
|
116223 |
11-Jun-2003 |
bde |
Fixed some style bugs (disorder and long lines).
|
116102 |
09-Jun-2003 |
mtm |
o Have rc.d/apm report on the status of apm. o Modify rc.d/apmd to make correct use of this information.
Submitted by: Simon L. Nielsen <simon@nitro.dk> (with minor modifications)
|
115950 |
07-Jun-2003 |
mtm |
The dhcp_program and dhcp_flags variables have to be renamed to take advantage of the rc.subr(8) glue. They are renamed dhclient_program and dhclient_flags. o Rename them in rc.conf(5) o Rename them in /etc/defaults/rc.conf o Add the deprecated variables to /etc/rc.subr o Isolate the use of the 'command' variable to the NetBSD specific parts in /etc/rc.d/dhclient. o Now that dhcp_flags has also been renamed it will be applied properly by rc.subr(8) glue code.
Reported by: John Nielsen <john@jnielsen.net>
|
115896 |
06-Jun-2003 |
mtm |
Remove a debugging aid the crept in during the last commit. It doesn't really make much difference since this script is not used during startup and is due to be removed before RELENG_5.
Submitted by: "Simon L. Nielsen" <simon@nitro.dk>
|
115585 |
01-Jun-2003 |
gordon |
Move networkfs_types from mountcritlocal into defaults/rc.conf as netfs_types. Also add logic into mountcritremote to add extra_netfs_types to the list.
This unbreaks putting smbfs, portalfs and now nwfs in fstab.
|
115582 |
01-Jun-2003 |
gordon |
nwfs is network filesystem. Treat it as such when mounting filesystems.
|
115124 |
18-May-2003 |
mtm |
Apparently ldconfig(8) prefers the format as the first argument with the rest of the options following it. This caused problems for people using ldconfig_insecure=yes because the '-i' switch was being positioned before the format argument.
Approved by: markm/mentor (implicit), re/rwatson PR: 47430
|
115123 |
18-May-2003 |
mtm |
Install kpasswdd.
Approved by: markm/mentor, re/rwatson
|
114942 |
12-May-2003 |
ume |
pccard_ether didn't setup IPv6 after rcTOS sweep.
Reviewed by: mtm and dougb Approved by: re (scott)
|
114771 |
06-May-2003 |
mtm |
s/kadmind5/kadmin/
Approved by: markm (mentor)
|
114769 |
06-May-2003 |
dougb |
Allow users to configure stuff in /dev once again by re-doing the devfs script to read /etc/devfs.conf, and take appropriate actions based on what it finds there.
The (commented out) examples in the new devfs.conf file are taken in part from the old rc.devfs script.
|
114768 |
06-May-2003 |
obrien |
Back out the amd64 additions. Hammer doesn't do APM, and we certainly aren't ready for any ibcs2_compat bits yet.
|
114766 |
05-May-2003 |
obrien |
We won't do APM on Hammer -- ACPI is the game there.
|
114735 |
05-May-2003 |
mtm |
Move securelevel further back in the boot order.
Approved by: markm (mentor)(implicit) Reviewed by: dougb
|
114726 |
05-May-2003 |
mtm |
The vi(1) recovery script cannot send mail regarding interrupted sessions if the mailer is dynamically linked. This happens because on some systems the ldconfig script is run after the vi recovery script.
I thought I had already fixed this with revision 1.5 of rc.d/ldconfig, but apparently not. So, in addition I'm making ldconfig a requirement of this script.
Approved by: markm (mentor)(implicit) PR: bin/51767
|
114685 |
05-May-2003 |
bde |
Catch up with 1995(?) for modem speeds (use 57600 instead of 115200 for the example host to modem speed).
|
114682 |
04-May-2003 |
bde |
When resetting to defaults, reset drainwait to the current default pf `sysctl -n kern.drainwait` instead of to the boot-time default of 300.
|
114520 |
02-May-2003 |
mtm |
Huh? When did the etc bits for amd64 get added? Make sure they're ported over to rc.d. While I'm at it correct a logic mistake in rc.d/apmd.
Approved by: markm (mentor)(implicit)
|
114516 |
02-May-2003 |
mtm |
Create a symbolic link /dev/vga -> /dev/ttyv0.
We can't remove the sourcing of /etc/rc.devfs yet in case the user might have custom entries in it. We will have to come up with an /etc/devfs.rules or something to make this kind of thing easier.
Approved by: markm (mentor)(implicit)
|
114328 |
30-Apr-2003 |
markm |
Make the defaults for Kerberos 5 a little more up-to-date.
|
114278 |
30-Apr-2003 |
mtm |
This script should require mountcritremote, since that is the last script at which a filesystem will be mounted in FreeBSD. Without this the script was being inserted later in the boot than necessary.
Approved by: markm (mentor) (implicit) Reviewed by: dougb Noticed by: Andrzej ToboÃ…a <san@wilk.2a.pl>
|
114271 |
30-Apr-2003 |
mtm |
o Make the 'Ip-filter module loaded' messages informational o Make 'No ipnat rules' a warning o Remove unecessary ' ..'
Approved by: markm (implicit)
|
114270 |
30-Apr-2003 |
mtm |
Running the script with restart or manually stopping and starting it doesn't work because the start_cmd doesn't enable ipfilter if it is currently disabled.
Approved by: markm (mentor) (implicit) Submitted by: Michael Lyngbøl <lyngbol@bifrost.lyngbol.dk> PR: conf/46103
|
114212 |
29-Apr-2003 |
jwd |
Add rc.subr (found during new /etc/netstart testing)
|
114198 |
29-Apr-2003 |
dougb |
Move the mktemp invocation inside motd_start to avoid creating temp files when uptdate_motd and clear_tmp_enable are both NO.
Submitted by: Alex Deiter <tiamat@komi.mts.ru>
|
114115 |
27-Apr-2003 |
imp |
xten isn't needed after tw is gone.
Approved by: re@ (scottl)
|
113978 |
24-Apr-2003 |
mtm |
Use $ipnat_program instead of the hardcoded path, which was wron anyways.
Approved by: markm (mentor) (implicit) Submitted by: leafy <leafy@leafy.idv.tw>
|
113960 |
24-Apr-2003 |
mtm |
o Add support for running /etc/rc.early o Re-run through /etc/sysctl.conf a second time just before we set the securelevel.
Approved by: markm (mentor) (implicit) Reviewed by: dougb
|
113959 |
24-Apr-2003 |
mtm |
Make ipfilter, ipnat, ipmon, and ipfs behave more like the old rc. o group them together so they run one right after another o use the NetBSD supplied ipfs script instead of tacking it on to the end of ipnat o Load the ipl module in ipnat and ipfilter, if it's not already loaded o In ipmon and ipnat show a warning if neither ipfilter nor ipnat is enabled or the ipl module is not loaded, and exit
Approved by: markm (mentor) (implicit) Tested by: leafy <leafy@leafy.idv.tw>
|
113904 |
23-Apr-2003 |
matusita |
Set appropriate tag "fsck" to logger(1) for background fsck messages.
PR: 51174 Submitted by: Alex Popa <razor@ldc.ro>
|
113759 |
20-Apr-2003 |
mtm |
Run interface specific scripts for dhcp interfaces too. This is how it has always been done (before and after rc.d) but I somehow failed to include it when I broke up network1.
Submitted by: bmah Approved by: markm (mentor)(implicit)
|
113711 |
19-Apr-2003 |
mtm |
Spell ${_jail} correctly
Submitted by: Shizuka Kudo <shizukakudo_99@yahoo.com> Approved by: markm (mentor) (implicit)
|
113702 |
19-Apr-2003 |
mtm |
The changes to rc.d/network1 will not get merged in by mergemaster if it does not appear in the list of files to install.
|
113676 |
18-Apr-2003 |
mtm |
o Hook the new files up to the build. o Make sure all the scripts reference rc.d/netif and not rc.d/network1
Approved by: markm (mentor)
|
113675 |
18-Apr-2003 |
mtm |
Make use of the dhclient script. This will bring up/down dhcp interfaces.
Approved by: markm (mentor)
|
113674 |
18-Apr-2003 |
mtm |
Break out and rewrite the network setup scripts. o /etc/network.subr contains common subroutines used for seting up network interfaces o rc.d/hostname sets the hostname if not already set o rc.d/nisdomain sets the nis domain *after* rpcbind but before the yp* daemons. This fixes issues with temporary hangs when looking up informaion in nis before it's ready. o rc.d/netif brings network interfaces (minus dhcp) up. o rc.d/network1 has been disabled and will be retired before RELENG_5. It will be replaced by rc.d/netif
Approved by: markm (mentor)
|
113570 |
16-Apr-2003 |
mtm |
Fix typo (and make it more explicit/self-documenting).
Noticed by: gshapiro
|
113568 |
16-Apr-2003 |
mtm |
o Add a script to start jails on boot. o Hook it up to the build
Approved by: markm (mentor) Submitted by: Clement Laforet <sheepkiller@cultdeadsheep.org> (modified) Prodded by: mike
|
112849 |
30-Mar-2003 |
mtm |
Make the 'restart' command work. Otherwise, it would successfully stop ipfw, but not enable it again.
Aesthetic changes o Use positve logic (instead of negative) o create a 'stop' function, rather than putting the commands in the stop_cmd variable.
Submitted by: des Approved by: markm (mentor) (implicit)
|
112500 |
22-Mar-2003 |
ume |
add missing `ipf -s'.
Submitted by: Mark Huizer <xaa+freebsd@timewasters.nl>
|
112355 |
17-Mar-2003 |
cjc |
Attach the kldxref script to the build/install.
|
112354 |
17-Mar-2003 |
cjc |
A new rc-ng script to build linker.hints files with kldxref(8) automatically at boot time. Associated rc.conf(5) knobs and documentation are included.
|
111982 |
08-Mar-2003 |
markm |
Initiate KerberosIV de-orbit burn. Disconnect the /etc configs.
|
111913 |
05-Mar-2003 |
ume |
Latest IPFilter requires flushing rules for IPv6 separately from IPv4.
|
111210 |
21-Feb-2003 |
dougb |
Don't try to deal with vi.recover if the directory doesn't exist
PR: conf/24515 Submitted by: Jeroen C. van Gelderen <jeroen@systemics.com>
|
111019 |
16-Feb-2003 |
mtm |
We stopped reloading rc.conf for each script a long time ago. Things shouldn't depend on that any more.
PR: conf/48332 Approved by: markm (mentor)(implicit)
|
110943 |
15-Feb-2003 |
jhay |
kenv moved from /usr/bin/ to /bin/.
|
110942 |
15-Feb-2003 |
jhay |
Add another backslash ('\').
|
110907 |
15-Feb-2003 |
mtm |
When cleaning /var/run make sure the control files are not removed unconditionally when the script is being rerun (when it is called with the reload argument).
PR: conf/47517 Approved by: markm (mentor)
|
110746 |
12-Feb-2003 |
imp |
Back out 1.143 and 1.144. They are no longer needed now that we start devd later in the boot process. This should fix all the problems people have had with those commits. Diskless should be working again, and those that mount /usr with nfs should be able to do that again too.
|
110745 |
12-Feb-2003 |
imp |
Start devd after the networking stuff, but before we mount the critical remote systems. This lets us run commands from devd that aren't on the / partition. This also means we can remove some kludges from the networking startup that I added a while ago that caused other problems.
There's still a race in starting devd that needs to be fixed in devd so that things present at boot will be configured by the time devd does daemon(). That race will be fixed later.
|
110744 |
12-Feb-2003 |
imp |
Now that we don't have the NODEVFS case, we can just check to see if a device node exists directly to see if OLDCARD is compiled into the kernel. This eliminates the scary warning that people using NEWCARD are seeing when they have pccard_enable=YES in their /etc/rc.conf files.
|
109837 |
25-Jan-2003 |
mtm |
NETWORKING should also mean routing daemons are up.
Approved by: markm (mentor)
|
109836 |
25-Jan-2003 |
mtm |
Start isdnd before ppp for those folks who use ppp-over-isdn.
Approved by: markm (mentor)
|
109828 |
25-Jan-2003 |
mtm |
Read /etc/rc.subr.
Approved by: markm (mentor)(implicit) Noticed by: kris
|
109770 |
24-Jan-2003 |
mtm |
Cleanup as many instances of rc.conf variable use before calling load_rc_config().
Approved by: markm (mentor) dougb
|
109723 |
23-Jan-2003 |
mtm |
Missing '$'
Approved by: markm (mentor)(implicit)
|
109579 |
20-Jan-2003 |
mtm |
Add a missing OR.
Approved by: markm (mentor)(implicit)
|
109348 |
16-Jan-2003 |
mtm |
Purely cosmetic change. The # PROVIDE line should precede the # REQUIRE line.
Approved by: markm (mentor)
|
109232 |
14-Jan-2003 |
mtm |
Finish merging in rev. 1.124 of rc.network, so that natd can be used withough the $natd_interface having to be explicitly specified on the command line.
Approved by: markm (mentor) Submitted by: Aaron D. Gifford <agifford@infowest.com> PR: conf/47024
MFC: upon re approval
|
109127 |
12-Jan-2003 |
mtm |
Fix the named script to find the correct pid file for the named(8) daemon by providing a new rc.conf knob: named_pidfile that defaults to the path specified in the system-installed named.conf(5).
Approved by: markm (mentor) Reviewed by: dougb Noticed by : Galen Sampson <galen_sampson@yahoo.com> Dan Pelleg <daniel+bsd@pelleg.org> PR: conf/46402 MFC: 2 weeks (with re@ approval)
|
108192 |
22-Dec-2002 |
dillon |
Forgot to add rcconf.sh to the Makefile, and forgot to rename rcconf to rcconf.sh in the last commit.
|
108191 |
22-Dec-2002 |
dillon |
Do not unconditionally load the configuration files for the RCNG case. Instead, load them as part of the rc.d system. This allows us to prioritize the initidiskless script so it runs before the configuration files are loaded and allows us to get rid of the exit 2 hack in /etc/rc. The exit 2 never worked anyway since it did not unset the prior configuration, causing the diskless code to not operate properly.
Do a major cleanup and revamping of the diskless code for RCNG. This will be backported to the non-RCNG scripts as well as -stable.
With suggestions from: Mike Makonnen <mtm@identd.net> MFC after: 7 days
|
108018 |
18-Dec-2002 |
mckusick |
Delay an optional amount of time after booting before starting a background fsck. The delay defaults to sixty seconds to allow large applications such as the X server to start before disk I/O bandwidth is monopolized by fsck.
Submitted by: Brooks Davis <brooks@one-eyed-alien.net> Sponsored by: DARPA & NAI Labs.
|
107919 |
15-Dec-2002 |
dougb |
Bring in the settings from /etc/rc.devfs, which include the vga symlink that's being replaced here. This is what /etc/rc does now.
There is no NetBSD devfs, so there is no compatibility issue.
Not objected to by: FreeBSD-rc@yahoogroups.com Approved by: re (murray)
|
107841 |
13-Dec-2002 |
imp |
o Don't consider LOOPBACK devices as configured...
|
107774 |
12-Dec-2002 |
imp |
o redirect the grep to /dev/null o use ifn rather than interface in rc.network o merge into rc.d/network1
Approved by: (re blanket)
|
107397 |
30-Nov-2002 |
imp |
Two fixes for devd: 1) Move devd to the start of the head of the boot process rather than the end. 2) Disable devctl if devd is disabled.
|
107280 |
26-Nov-2002 |
rwatson |
Update rc scripts to load mac_lomac instead of lomac.
Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
106688 |
09-Nov-2002 |
imp |
Add devd to the mix. It should run basically last at this point.
# I've tested this, but only lightly, so please email me with problems.
|
106431 |
04-Nov-2002 |
fenner |
Force rpcbind to start even if it wasn't enabled. This solves the ypbind problems people were having at startup.
Approved by: re
|
106333 |
02-Nov-2002 |
ume |
Add IPv6 setup for ipfilter. `ipv6_ipfilter_rules' was added to specify rules definition file for ipfilter. The default is /etc/ipf6.rules. If there is a file which is specified by 'ipv6_ipfilter_rules', IPv6 rule is installed.
Reviewed by: Ronald van der Pol <Ronald.vanderPol@rvdp.org> MFC after: 1 week
|
106231 |
31-Oct-2002 |
gordon |
Wrap test case in an if statement to avoid crunching a return value.
|
105969 |
26-Oct-2002 |
fenner |
Fix "err" usage.
PR: 44284 Submitted by: Sergey Mokryshev <mokr@mokr.net>
|
105968 |
25-Oct-2002 |
fenner |
Fix two typos. Using "-eq" instead of "=" in a [ caused an error when an entry in /etc/sysctl.conf didn't exist. Fixing this exposed a minor typo "exits" vs. "exist".
However, there doesn't appear to be any provision to run this with the "lastload" argument, meaning that the error will never appear.
|
105364 |
17-Oct-2002 |
sobomax |
Fix silly typo: loacal --> local.
|
104985 |
12-Oct-2002 |
schweikh |
s/dependancy/dependency/
|
104980 |
12-Oct-2002 |
schweikh |
Fix style bugs: * Space -> tabs conversion. * Removed blanks before semicolon in "if ... ; then". * Proper indentation of misindented lines. * Put a full stop after some comments. * Removed whitespace at end of line.
Approved by: silence from gordon
|
104973 |
12-Oct-2002 |
dd |
Aesthetics: Output a prefix before sourcing rc.local as the old rc script did. Stuff in rc.local frequently has lines like "echo -n ' service_name'" which look ugly without a prefix and a trailing period. Likewise for rc.shutdown.local for consistency.
|
104334 |
02-Oct-2002 |
dd |
In a diskless setup, rc.d/initdiskless may overwrite parts of /etc on a per-machine or per-cluster (with different ways of expressing what's part of a cluster) basis. In order for this to be effective, rc.conf has to be reread after initdiskless is finished. Implement this by adding a hook to etc/rc which rereads rc.conf by request. This can also be implemented by renaming initdiskless to initdiskless.sh and sourcing rc.conf there manually, but it was decided that, that would be uglier than a hook in etc/rc.
Developed in concert with: gordon
|
104288 |
01-Oct-2002 |
ru |
test -h is deprecated; use -L instead.
PR: bin/40846
|
104181 |
30-Sep-2002 |
mdodd |
- Recognize 'idt' interfaces. - The start command is 'atm_start' not 'start_cmd'.
|
104039 |
27-Sep-2002 |
gordon |
Fix moused so you can use the stop command
Reported by: wa1ter@myrealbox.com
|
103799 |
22-Sep-2002 |
phk |
Use mdmfs(8) rather than rolling our own RAM-disks.
Sponsored by: DARPA & NAI Labs.
|
103710 |
20-Sep-2002 |
ume |
up gif during setup.
|
103532 |
18-Sep-2002 |
rse |
Fix implementation of rc variables $amd_flags and $amd_map_program in rcNG. The $amd_flags variable was already taken over into $rc_flags by run_rc_command() when amd_precmd() is executed, so changing $amd_flags there no longer effects the actual execution of amd. Hence in amd_precmd() the $rc_flags have to be adjusted instead.
|
103436 |
17-Sep-2002 |
peter |
Initiate deorbit burn for the i386-only a.out related support. Moves are under way to move the remnants of the a.out toolchain to ports. As the comment in src/Makefile said, this stuff is deprecated and one should not expect this to remain beyond 4.0-REL. It has already lasted WAY beyond that.
Notable exceptions: gcc - I have not touched the a.out generation stuff there. ldd/ldconfig - still have some code to interface with a.out rtld. old as/ld/etc - I have not removed these yet, pending their move to ports. some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
|
103264 |
12-Sep-2002 |
gordon |
Fix sendmail to use checkyesno since rc.conf is no longer re'sourced from the debug statement.
|
103231 |
11-Sep-2002 |
jhb |
Cosmetic cleanup to a message.
|
103161 |
09-Sep-2002 |
gordon |
Fix syscons so it actually does start.
Reported by: keramida, ume Submitted by: keramida
|
103019 |
06-Sep-2002 |
gordon |
Convert from `${CMD_OSTYPE}` to ${OSTYPE}. This saves a shell invocation on OS-dependent case switches.
|
102997 |
06-Sep-2002 |
peter |
rev 1.6 claimed to add 'bootparams', but in fact added 'bootparamd' which does not exist.
|
102993 |
05-Sep-2002 |
fenner |
Only try to initialize syscons if /dev/ttyv0 exists and it's not a pcvt.
|
102992 |
05-Sep-2002 |
fenner |
Only try to run /usr/sbin/ispcvt if it exists and is executable.
|
102986 |
05-Sep-2002 |
gordon |
Add an archdep script and hook it up to the build.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
102983 |
05-Sep-2002 |
gordon |
Hook bootparams up to the world
|
102982 |
05-Sep-2002 |
gordon |
Introduce bootparamd into the boot scripts. Add a bootparamd_enable and _flags to rc.conf
Submitted by: John Hay <jhay@zibbi.icomtek.csir.co.za>
|
102901 |
03-Sep-2002 |
gordon |
nfsd doesn't die on SIGTERM but on SIGUSR1, correct script to kill nfsd with the right signal.
|
102866 |
02-Sep-2002 |
gordon |
We don't use single_mountd_enable anymore. It's just mountd_enable. I must have missed this in my earlier sweep.
|
102865 |
02-Sep-2002 |
gordon |
Only install the scripts that actually used on FreeBSD.
|
102864 |
02-Sep-2002 |
gordon |
Commit a revised sendmail script that works the same way as rc.sendmail. This should also quell warnings when sendmail_enable="NONE"
|
102615 |
30-Aug-2002 |
hm |
integrate pcvt configuration into the new /etc/rc.d startup system
PR: i386/7100 Reviewed by: Gordon Tetlow <gordon@FreeBSD.org>
|
102154 |
20-Aug-2002 |
gordon |
Print out a carriage return to make the screen output make more sense
Submitted by: mike@
|
101851 |
14-Aug-2002 |
gordon |
Clean up the scripts to use the new variables: xntpd_* -> ntpd_* portmap_* -> rpcbind_*
Also change single_mountd_enable -> mountd_enable Changing the mountd flags brings us closer to NetBSD.
All of the old variable names are shimmed so you can continue to use the old variable name.
Finally make /etc/rc.d/mountd no longer dependent on nfs as there are (apparently) other consumers of mountd.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
101718 |
12-Aug-2002 |
schweikh |
Fix typos (s/seperat/separat/ et al); add FreeBSD ID. Suggested by: bde MFC after: 3 days
|
101596 |
09-Aug-2002 |
gordon |
Make the othermta script DTRT when an mta startup script is not specified.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
101594 |
09-Aug-2002 |
gordon |
Correct comment
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
101085 |
31-Jul-2002 |
ume |
FreeBSD has setkey in different location from NetBSD.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
100791 |
28-Jul-2002 |
dd |
Stock -current has more than 300 files in /etc, so 255 inodes for the /etc filesystem isn't enough; consequently, add "-i 4096" to the newfs command for /etc. This results in 1022 inodes, which should be enough for the forseeable future (although I don't know why we would ever have more than 1000 files in a default /etc).
Silence by: -current
|
100790 |
28-Jul-2002 |
dd |
Add a period to the end of the "starting" message to be consistent with the rest of the output during a boot.
|
100449 |
21-Jul-2002 |
ume |
be able to configure to run an IPv6 routing daemon even on an end node (sync with rc.network6 1.30).
Approved by: gordon
|
100286 |
18-Jul-2002 |
dd |
Remove spurious "echo '.'".
|
100285 |
18-Jul-2002 |
bsd |
Apply same fix as Rev 1.19 of /etc/rc.diskless2: create sendmail required directories if sendmail_enable is not set to "none".
Suggested by: gordon
|
100284 |
18-Jul-2002 |
dougb |
Anonymize the "portmap" program to get better compatibility with rpcbind in -current.
Submitted by: Alexander Kabaev <ak03@gte.com>
|
100283 |
18-Jul-2002 |
dougb |
Make nisdomainname=NO DTRT
Submitted by: des, via Mike Makonnen <makonnen@pacbell.net>
|
100282 |
18-Jul-2002 |
dougb |
Cleanup some pollution from the NetBSD sync, and add gif setup.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
100281 |
18-Jul-2002 |
gordon |
Fix a typo that caused dhclient not to work.
Submitted by: Dennis Kristensen <snicki@snicki.dk> Reviewed by: Mike Makonnen <makonnen@pacbell.net>
|
100280 |
18-Jul-2002 |
gordon |
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next.
Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
|
100279 |
18-Jul-2002 |
ume |
be able to configure to run an IPv6 routing daemon even on an end node.
Requested by: Masachika ISHIZUKA <ishizuka@ish.org> MFC after: 1 week
|
99609 |
08-Jul-2002 |
gordon |
Remove debugging nit
Submitted by: bmah
|
99550 |
07-Jul-2002 |
gordon |
nfsd and mountd now live in /usr/sbin not /sbin. Correct the command args. This also reduces the diff to NetBSD (very marginally).
Reviewed by: jake (mentor)
|
99518 |
07-Jul-2002 |
dougb |
Another update from Mike Makonnen.
Missed by: Me
|
99511 |
07-Jul-2002 |
dougb |
Latest improvements from Mike Makonnen. Better kerberos and apm handling.
|
98774 |
24-Jun-2002 |
jdp |
Fix the amd invocation to honor the amd_flags setting.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
98585 |
21-Jun-2002 |
dougb |
Hone the rpcbind dependency checking.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
|
98577 |
21-Jun-2002 |
obrien |
This commit was generated by cvs2svn to compensate for changes in r98576, which included commits to RCS files with non-trunk default branches.
|
98486 |
20-Jun-2002 |
dougb |
Anonymize the "portmap" program to get better compatibility with rpcbind in -current.
Submitted by: Alexander Kabaev <ak03@gte.com>
|
98399 |
18-Jun-2002 |
gordon |
Fix a typo in the named startup options
Submitted by: sheldonh@
|
98261 |
15-Jun-2002 |
gordon |
Make sendmail really not start when sendmail_enable="NONE"
Submitted by: Dennis Kristensen <snicki@snicki.dk> Reviewed by: Mike Makonnen <makonnen@pacbell.net>
|
98184 |
13-Jun-2002 |
gordon |
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next.
Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
|
95305 |
23-Apr-2002 |
sobomax |
Correct default value of drainwait: it should be 300 seconds, not forever.
PR: 37370 Submitted by: Daniel O'Connor <doconnor@gsoft.com.au> MFC after: 2 weeks
|
95280 |
22-Apr-2002 |
obrien |
Utilize dhcp information in the kernel environment if we don't have hostname and DNS information already.
Submitted by: Danny Braniss <danny@cs.huji.ac.il>
|
95258 |
22-Apr-2002 |
des |
Usage style sweep: spell "usage" with a small 'u'. Also change one case of blatant __progname abuse (several more remain) This commit does not touch anything in src/{contrib,crypto,gnu}/.
|
94465 |
11-Apr-2002 |
des |
Cosmetic changes to the previous commit, bringing it closer to what I already had in my tree but didn't want to commit.
|
94391 |
10-Apr-2002 |
peter |
Since sshd expects /etc/ssh/ssh_host_rsa_key to exist, we had better create it. Also specify protocol v1/v2 in case people wonder why we generate two RSA keys.
|
93974 |
06-Apr-2002 |
ume |
Now, you can specify "" or "NONE" for ipv6_network_interfaces to prevent the interfaces from being initialized by /etc/rc.network6 wrongly. So, you can explicitly initialize the interfaces by /etc/pccard_ether. With previous rc.network6, if you specify pccardd_flags="-z", net.inet6.ip6.accept_rtadv was wronly set to 0, then RA was not accepted.
|
93566 |
01-Apr-2002 |
dougb |
The good news is that my initial PR was correct... the bad news is that I was apparently smoking something when I committed the last fix, because as ume was kindly enough to set me straight on, amd *will* start with no arguments at all, as long as there is an /etc/amd.conf file for it to read. What it won't do is start with *just* -p.
In any case, now it's fixed.
|
92638 |
19-Mar-2002 |
des |
Don't try to generate ssh keys if ssh isn't installed.
|
92628 |
19-Mar-2002 |
cjc |
IPFilter may need to be re-sync'ed even if we are not filtering, but only doing ipnat(8). Go back to using $ipfilter_active, but turn off $ipfilter_active when loading ipl.ko has failed.
Submitted by: devet@devet.org (Arjan de Vet) MFC after: 3 days
|
92516 |
17-Mar-2002 |
dougb |
Distinguish between first and last passes of rc.sysctl, and only set mibs whose values are not already what is specified in sysctl.conf.
|
92478 |
17-Mar-2002 |
dougb |
Answer the question posed in 1.126. amd won't start without either a conf file, or command line options. I brought this up in PR 12432, which (ironically) obrien assigned to me after I became a committer. :)
PR: conf/12432 Submitted by: Me
|
92184 |
12-Mar-2002 |
cjc |
The reload of ipf(8) rules should depend on $ipfilter_enable, not $ipfilter_active. $ipfilter_enable is set to "NO" if modules fail to load, and $ipfilter_active can be "YES" when we are not using ipf(8).
MFC after: 3 days
|
92127 |
12-Mar-2002 |
obrien |
Background the startup of `Amd', it often blocks on startup.
|
92126 |
12-Mar-2002 |
obrien |
Why shouldn't amd always write its PID to a file? Since I cannot answer that question, make it.
|
91785 |
07-Mar-2002 |
obrien |
fix backwards spelling
|
91626 |
04-Mar-2002 |
dd |
Redirect stdout of `ipf -y' to /dev/null. This removes a stray "filter sync'd" in the middle of the boot output if IPFilter is enabled, but does not hide any potential errors, which go to stderr.
|
91105 |
23-Feb-2002 |
obrien |
The usage of 'newaliases' needs to be after we know for sure that /usr is mounted.
Submitted by: rizzo
|
91074 |
22-Feb-2002 |
obrien |
The existing bazaar and site-specific policy in rc.diskless1 is Just Wrong; and looks like no other Unix diskless configuration I've ever seen. Thus allow a more traditional /etc.
Note, the use of an MFS /var should also be settable. Otherwise installing ports(packages) is just a total PITA.
|
90957 |
20-Feb-2002 |
cjc |
There is no reason to demand the administrator set 'natd_interface' when running natd(8) out of the rc-files. It is perfectly valid for the interface or alias address to be set in a natd(8) configuration file, not on the command line. Also, loosen up the restrictions on identifying an IP address argument in 'natd_interface.'
Fix the documentation, rc.conf(5), to reflect this change.
Take the bogus default for 'natd_interface' out of /etc/defaults/rc.conf.
MFC after: 3 days
|
90403 |
08-Feb-2002 |
cjc |
peter points out that we probably should not mess with the sysctl(8) values at all if they are not purposefully set. What if the administrator messed with them in /etc/sysctl.conf? We don't want to overwrite them.
If 'log_in_vain' is zero, do not force the issue. If it is non-zero, set it.
|
89911 |
28-Jan-2002 |
sheldonh |
Register amd's dependency on NFS.
This change was submitted to the freebsd-audit mailing list for review but received no feedback. Hindsight-enabled reviews are welcome.
PR: conf/31358 Submitted: Thomas Quinot <thomas@cuivre.fr.eu.org>
|
89808 |
26-Jan-2002 |
cjc |
Make the rc.conf(5) 'log_in_vain' knob an integer.
Try this out in -CURRENT, MFC, and then consider dropping the 'log_in_vain' knob all together. It really is something for sysctl.conf(5).
PR: bin/32953 Reviewed by: -bugs discussion MFC after: 1 week
|
89438 |
17-Jan-2002 |
rwatson |
o Improve the line-wrapping of additional comments, some of which appeared to be wrapped around 60, others around 40 columns.
|
89437 |
17-Jan-2002 |
rwatson |
o Remove a somewhat less comprehensible comment about modifying /etc/rc. o Improve line-wrapping of another comment for consistency.
|
88497 |
26-Dec-2001 |
rwatson |
o Add a comment indicating that if /tmp==/var/tmp in rc.diskless2, the md device and file system creation occurs *after* mtree is run, and as such an /var/tmp/* or /tmp/* entries will be under the mountpoint (or fail) rather than appearing in the md filesystems. This prevents the creation of vi.recover, and might affect other localizations that rely on the mtree calls affecting these directories.
|
88496 |
26-Dec-2001 |
rwatson |
Remove incorrect comments about the population of /etc: no attempt is made to copy the NFS-mounted on to /tmp/etc, instead, it is populated entirely from /conf/default, then overriden from /conf/IP.
|
87974 |
15-Dec-2001 |
ume |
automatic creation of faith0 and stf0 for backward compatibility.
MFC after: 2 days
|
87781 |
13-Dec-2001 |
alfred |
rpc.lockd needs rpc.statd to be running for it to start up properly. so swap the order.
Also allow rpc.lockd and rpc.statd to be turned on if nfsclient is enabled. They are needed to provide client side locking support.
PR: conf/27811
|
87646 |
11-Dec-2001 |
ru |
s/sysctl -w/sysctl/
|
87500 |
07-Dec-2001 |
rwatson |
o Update rc.network to reflect the recent change of default in the kernel TCP timer code: rather than checking for tcp_keepalive being set to "YES", check for "NO" and turn off keepalives if the variable is set in that manner.
o Note: eventually, it would make sense to remove this variable from rc.conf management, and instead rely on sysctl.conf. In fact, this is probably true of a number of rc.conf variables whose sole aim is to drive the setting of sysctls at boot time.
|
87443 |
06-Dec-2001 |
cjc |
Protect the '*' in pppoed_provider (the default) from metacharacter expansion in the rc-scripts.
PR: 32552 Submitted by: Gleb Smirnoff <glebius@rinet.ru> Approved by: ru Obtained from: ru MFC after: 1 day
|
87010 |
27-Nov-2001 |
rwatson |
Remeber to set the permissions on an md-backed /tmp to 01777, rather than using the default of 0755.
|
86882 |
24-Nov-2001 |
dd |
Spelling police: sucessful -> successful.
|
86851 |
24-Nov-2001 |
darrenr |
Resolve all the ipfilter startup issues in rc.network with one big patch to get it all right, allowing ipnat to be enabled independantly of ipfilter in rc.conf (among other things).
PR: multiple Submitted by: Arjan de Vet <devet@devet.org> Reviewed by: Giorgos Keramidas <keramida@FreeBSD.org>
|
86653 |
20-Nov-2001 |
ume |
The rtsol must be done before the alias processing.
PR: conf/31366 Submitted by: gshapiro MFC after: 1 week
|
86603 |
19-Nov-2001 |
sheldonh |
Use shell functions for printing hex instead of printf(1) so that printf(1) can be dropped from the system shell as a shell builtin.
|
86342 |
14-Nov-2001 |
sheldonh |
Avoid unnecessary calls to expr(1) by using standard shell arithmetic expansion instead.
|
86163 |
07-Nov-2001 |
fenner |
Update the nsswitch.conf -> host.conf generator to handle criteria, continuation lines, extra whitespace, and to use the last matching line in the file. This syncs the host.conf generation with how the nsswitch.conf is parsed. Only print " host.conf" instead of a multi-line message, since this happens on every boot.
|
85831 |
01-Nov-2001 |
des |
Modify the way host.conf and nsswitch.conf are treated at boot time:
- if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries.
- if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
|
85222 |
20-Oct-2001 |
darrenr |
Do an ipf -y after bringing up ppp to ensure rules which mention ppp get matched. Moification on PR to handle ipnat not being dependant on ipfilter_enable
PR: 22859
|
85221 |
20-Oct-2001 |
darrenr |
Allow ipnat_enable to be set to "yes" without requiring ipfiltre_enable to be set to "yes"
PR: 25223
|
85219 |
20-Oct-2001 |
darrenr |
Put in place for using ipfs use on shutdown and startup.
PR: 27070
|
85136 |
19-Oct-2001 |
dougb |
Handle the lack of nfs server or client support in the kernel by kldload'ing the appropriate modules before enabling the service.
|
85062 |
17-Oct-2001 |
bsd |
Ensure that /var/log/lastlog exists so that login doesn't complain.
Submitted by: Harti Brandt <brandt@fokus.gmd.de> MFC after: 2 weeks
|
84780 |
10-Oct-2001 |
jhb |
Remove references to nfsiod and nfs_client_flags now that they are obsolete.
Submitted by: Gordon Tetlow <gordont@gnf.org>
|
83677 |
19-Sep-2001 |
brooks |
Add a new rc.conf variable, cloned_interfaces, to create cloned interfaces at boot.
|
83656 |
19-Sep-2001 |
peter |
The vfs.nfs.bufpackets sysctl is in the client, not the server. Move it to the client section. Turn off nfsiod, it no longer exists (now just kthreads). I need revisit nfsiod so that we have an argument passthrough.
|
82660 |
31-Aug-2001 |
dd |
Make the 'echo' output for blanktime and scrnmap consistent with their variable names. There were minor differences in both cases, which were needlessly confusing and inconsistent.
|
81357 |
09-Aug-2001 |
obrien |
Fix minor typo.
|
80683 |
30-Jul-2001 |
darrenr |
Merge in patch to automagically decide whether or not a kldload of ipfilter is required into rc.network.
Person failed to use a real name so both email addresses from PR included (Sent was different to From).
PR: 22998 Submitted by: dl@leo.org/spock@empire.trek.org
|
80515 |
28-Jul-2001 |
markm |
Upgraded launchpad for kerberos. Noe kerberos IV OR kerberos 5 may be started at boot for kerberos servers.
|
80051 |
20-Jul-2001 |
ume |
Do more strict checking for an interface.
Suggested by: matusita@jp.FreeBSD.org MFC after: 1 week
|
79958 |
19-Jul-2001 |
ume |
- Avoid to select an interface which is not good for RA/RS. Submitted by: sakane@kame.net - Avoid to select lo0 or faith for a default interface.
|
79839 |
17-Jul-2001 |
jhb |
sysctl(8) doesn't need '-w' to write to sysctl variables anymore.
|
79107 |
02-Jul-2001 |
brooks |
Create gif devices in the "gifconfig" stage while configuring them.
Reviewed by: ru, ume Obtained from: NetBSD MFC after: 1 week
|
78475 |
19-Jun-2001 |
ume |
Add configuration for a FAITH IPv6-to-IPv4 TCP translator. To use a FAITH actually, you also need faithd(8) setup. Please consult faithd(8) manpage.
|
78354 |
16-Jun-2001 |
schweikh |
Fix misindented esac.
MFC after: 1 week
|
78345 |
16-Jun-2001 |
obrien |
This commit was generated by cvs2svn to compensate for changes in r78344, which included commits to RCS files with non-trunk default branches.
|
78344 |
16-Jun-2001 |
obrien |
Import the NetBSD 1.5 RC system.
Note that `rc' and `rc.shutdown' could not be imported because we already have files with those names.
|
78064 |
11-Jun-2001 |
ume |
Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge.
TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT.
Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
|
77992 |
10-Jun-2001 |
brian |
Add a missing \n
Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> PR: 28014 MFC after: 1 week
|
77651 |
03-Jun-2001 |
brian |
Move gif_interfaces from an IP6 option to a regular IP option.
PR: 26543 Submitted by: Brooks Davis <brooks@one-eyed-alien.net> MFC after: 3 weeks
|
77575 |
01-Jun-2001 |
ru |
Remove vestiges of MFS.
|
76846 |
19-May-2001 |
schweikh |
Anti-foot-shooting for pcvt users: ignore isdn_screenflags which is only for syscons.
Requested by: Alexander Leidinger <Alexander@Leidinger.net> MFC after: 7 days
|
76820 |
18-May-2001 |
obrien |
Restore the RSA host key to /etc/ssh/ssh_host_key. Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
|
76695 |
16-May-2001 |
jesper |
Link /etc/ssh/ssh_host_key to /etc/ssh/ssh_host_rsa_key to deal with gratutious changes in the latest SSH
Reviewed by: obrien Approved by: obrien
|
76592 |
14-May-2001 |
schweikh |
New option isdn_screenflags to set the syscons screen params for isdnd, plus documentation.
Submitted by: Alexander Leidinger <Alexander@Leidinger.net> Not objected to by: hm MFC after: 1 week
|
76409 |
09-May-2001 |
bsd |
* Simplify the population of the /etc memory filesystem. To avoid the null mount, we currently create a temporary mfs on /tmp, copy /etc to /tmp, then mount /etc as mfs and copy everything back from /tmp, then delete the /tmp mfs.
The patch eliminates the temporary /tmp mfs and the subsequent copying and simply populates the /etc mfs by copying from /conf/default/etc. This requires that /conf/default/etc contain a complete copy of all the /etc stuff instead of just overrides. I don't think that is too much of an extra step in setting up a diskless environment.
* Provide the ability to make /tmp a memory filesystem independent of /var. This removes the requirement that /tmp be a symlink to /var/tmp and this makes the diskless code work with the default filesystem layout. If a seperate /tmp memory filesystem is created, the 'tmpsize' environment variable is used to determine its size (default to 10 Meg).
* Reduce diffs between the -current and -stable versions of these files to a bare minimum. Only the definition of the shell function 'mount_md' is different.
Not Objected to by: -arch@, -small@
MFC after: 2 days
|
76400 |
09-May-2001 |
peter |
s/ssh_host_key/ssh_host_rsa_key/ since that is what openssh uses now after a mergemaster.
|
76193 |
01-May-2001 |
phk |
Don't mount a md(4) over /dev on DEVFS enabled diskless systems.
|
76110 |
28-Apr-2001 |
dd |
Add an allscreens_kbdflags option. Same thing as allscreens_flags, but runs kbdcontrol instead of vidcontrol.
Reviewed by: ru
|
76045 |
26-Apr-2001 |
ume |
Enable static IPv6 address assignment on PCMCIA NIC.
PR: conf/26633
|
75931 |
25-Apr-2001 |
imp |
Move to using md. o create a simple wrapper function mount_md that makes it easy to move from mount_mfs.
# NOTE: you will need to MAKEDEV md[0123] in order for this to work.
Reviewed by: bsd, keichii
|
75919 |
24-Apr-2001 |
schweikh |
Don't hardcode isdn_ttype overwriting rc.conf settings. PR: conf/24865 Submitted by: schweikh Reviewed by: hm
|
75898 |
24-Apr-2001 |
imp |
MFS: the MFS still applies to -current until such time as someone fixes rc.diskless2 to use mdconfig rather than mount_mfs. These changes are still relevant to -current.
|
75746 |
20-Apr-2001 |
bsd |
Eliminate the null mount for /etc for diskless clients.
|
75708 |
19-Apr-2001 |
ache |
Add mousechar_start hook
Reviewed by: Nick Hibma <n_hibma@qubesoft.com>
|
75101 |
03-Apr-2001 |
bsd |
Change the order in which /etc files are copied into place; copy default first, then network-specific files, then host-specific files. I think this was the original intent, as Matt indicated the previous code appeared to be a bug.
|
74493 |
19-Mar-2001 |
des |
Axe TCP_RESTRICT_RST. It was never a particularly good idea except for a few very specific scenarios, and now that we have had net.inet.tcp.blackhole for quite some time there is really no reason to use it any more.
(second of three commits)
|
74462 |
19-Mar-2001 |
alfred |
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the 1999 release.
Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface.
Many userland updates were done to bring the code up to par with the recent RPC API.
There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library.
While we're at it, bring in NetBSD's lockd, it's been far too long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
|
74418 |
18-Mar-2001 |
ume |
Add `ipv6_ifconfig_IFN_aliasN' directive to allow multiple aliases.
PR: conf/24239
|
73524 |
04-Mar-2001 |
jhb |
Alter the pccard setup a bit so that it looks prettier by redirecting pccardc's stdout to /dev/null and outputting short messages on succesful completion instead much like other rc scripts.
Reviewed by: imp
|
71638 |
25-Jan-2001 |
ume |
- Don't try to send RA to lo0, gifN and faithN. - ipv6_network_interfaces has all available interfaces to work for static configuration even if the host is end host. When rtsol is invoked, singleness of interface is checked.
|
71020 |
14-Jan-2001 |
dougb |
Fix this to be more consistent with similar constructions elsewhere
|
70856 |
09-Jan-2001 |
jhb |
Move the syscons configuration to a machine independent rc.syscons. The syscons sh code was identical on both platforms except for whitespace differences.
|
70129 |
17-Dec-2000 |
dougb |
* Add an eval so that ipnat_flags=">/dev/null" works, per the PR * Do some line length and specify full path cleanups while I'm here
PR: conf/22937 Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
|
70108 |
17-Dec-2000 |
dougb |
Apply a more consistent style to the echo statements in /etc/ scripts. * Put quotes around each line * Single quotes for lines with no variable interpolation * Double quotes if there is * Capitalize each word that begins a line * Make echo -n 'Doing foo:' ... echo '.' more of a standard
No functionality changes
|
68721 |
14-Nov-2000 |
ume |
Don't install route for fec0::/10. It was wrongly replaced from ff02::/16 by me.
PR: 22715
|
67906 |
29-Oct-2000 |
ume |
- ipv6_prefix_* and ipv6_ifconfig_* work for end node - rtsol should be work for only one interface - new variable ipv6_defaultrouter is added - option name of rtadvd in comment are corrected - ipv6_firewall_enable, ipv6_firewall_type, ipv6_firewall_script, ipv6_firewall_logging are added to introduce rc.firewall6.
IPv6 firewall rule is just starting point and should be brushed up. This commit includes PR18621, PR21694, PR22051.
PR: conf/18621, conf/21694, conf/22051 Reviewed by: asmodai
|
67012 |
12-Oct-2000 |
ru |
Fixed the reporting of ip_portrange_{first|last}.
|
66830 |
08-Oct-2000 |
obrien |
Add copyright notices. Other systems have been barrowing our /etc files w/o giving any credit.
|
66745 |
06-Oct-2000 |
darrenr |
This brings support for IP Filter into rc.network and rc.conf with the appropriate documentation added to rc.conf(5). If all goes well with this over the next few weeks, the PR will be closed with the pullup of patches back to 4-STABLE.
PR: 20202 Submitted by: Gerhard Sittig <Gerhard.Sittig@gmx.net> Reviewed by: Darren Reed <darrenr@freebsd.org> Approved by: Darren Reed <darrenr@freebsd.org> Obtained from: Gerhard Sittig <Gerhard.Sittig@gmx.net>
|
66422 |
28-Sep-2000 |
brian |
Use su -m instead of just su to avoid reading the users login profile
|
66298 |
23-Sep-2000 |
alex |
Print "Enable PC-card." before anything else is done with PC-card stuff. Also print a NEWLINE (!!) after that.
I'm driving mad each time when I see messages related to pccard before "Enable PC-card." and particulary when I see "Doing initial network setup". on the same line w/o a break.
|
65701 |
10-Sep-2000 |
ume |
Make default interface work.
Obtained from: KAME
|
65532 |
06-Sep-2000 |
nectar |
Add nsswitch support. By creating an /etc/nsswitch.conf file, you can configure FreeBSD so that various databases such as passwd and group can be looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch: . getgrent, getgrnam, getgrgid . getpwent, getpwnam, getpwuid . getusershell . getaddrinfo . gethostbyname, gethostbyname2, gethostbyaddr . getnetbyname, getnetbyaddr . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified to warn that host.conf is no longer used at boot time. In addition, if there is a host.conf but no nsswitch.conf, the latter is created at boot time from the former.
Obtained from: NetBSD
|
65509 |
06-Sep-2000 |
ume |
Avoid doing rtsol to psuedo interface.
PR: bin/21062
|
64731 |
16-Aug-2000 |
jhb |
Fix a whitespace bogon.
|
64471 |
10-Aug-2000 |
brian |
Allow a ppp_user specification to run ppp at startup
PR: 20258
|
64446 |
09-Aug-2000 |
chris |
Use shell matching instead of sed(1) to strip comments and blank lines. Since it doesn't depend on anything in /usr, it should work with a NFS-mounted /usr partition.
Thanks to Bruce Evans to bringing this to my attention.
|
63400 |
18-Jul-2000 |
ume |
Fix an unmatched opening quote.
PR: conf/20000 Submitted by: Alex Kapranoff <alex@kapran.bitmcnit.bryansk.su>
|
63147 |
14-Jul-2000 |
nbm |
Add to, don't overwrite, user-settable mountd_flags.
PR: conf/15745 Submitted by: Vivek Khera <khera@kciLink.com>
|
62859 |
09-Jul-2000 |
ume |
- Remove use of programs in /usr like sed as possible. In this time, I have no idea if there is equivalence of printf. So, stf setup still depends on /usr. In addition, prefix(8) and gifconfig(8) are in /usr/sbin. Should we move these into /sbin?
- Sync with latest stf behavior. Latest stf doesn't have link-local address. And, latest stf is not gif but stf.
|
61961 |
22-Jun-2000 |
dillon |
Add ip_portrange_first and ip_portrange_last rc.conf/rc.network options. This allows you to set the standard dynamic port assignment range prior to any network daemons (like named) starting up, necessary if you are also using a firewall to restrict lower ports. will be MFC'd in a few days
|
60628 |
16-May-2000 |
dillon |
Add ipsec_enable and ipsec_file options to run IPSEC's setkey program with the specified configuration file at the appropriate time.
|
60613 |
15-May-2000 |
kris |
Remove extraneous ";;" in previous commit
Submitted by: jedgar
|
60578 |
15-May-2000 |
kris |
Create a DSA host key if one does not already exist, and teach sshd_config about it.
|
60103 |
06-May-2000 |
ache |
Add firewall_logging knob to enable/disablle events logging, disabled by default. Needed mainly for ipfw kernel module to enable logging disabled there.
|
59674 |
27-Apr-2000 |
sheldonh |
Add to defaults/rc.conf a new function source_rc_confs which rc scripts may use to source safely overrides in ${rc_conf_files} files.
This protects users who insist on the bad practice of copying /etc/defaults/rc.conf to /etc/rc.conf from a recursive loop that exhausts available file descriptors.
Several people have expressed interest in breaking this function out into its own shell script. Anyone who wants to embark on such an undertaking would do well to study the attributed PR.
PR: 17595 Reported by: adrian Submitted by: Doug Barton <Doug@gorean.org>
|
59056 |
06-Apr-2000 |
shin |
Removed unnecessary comma in stf addr printf in hex format, which I mysteriously added.
Submitted by: ume
|
58753 |
28-Mar-2000 |
shin |
Avoid using sed and awk in configure script.
TODO: also replace other sed and awk usages.
Submitted by: wollman
|
58752 |
28-Mar-2000 |
shin |
Add a configuration options which enable/disable IPv4 mapped IPv6 addr support.
Suggested and Reviewed by: ume
|
58710 |
27-Mar-2000 |
dillon |
Add a sysctl to specify the amount of UDP receive space NFS should reserve, in maximal NFS packets. Originally only 2 packets worth of space was reserved. The default is now 4, which appears to greatly improve performance for slow to mid-speed machines on gigabit networks.
Add documentation and correct some prior documentation.
Problem Researched by: Andrew Gallatin <gallatin@cs.duke.edu> Approved by: jkh
|
57944 |
12-Mar-2000 |
shin |
IPv6 related configuration updates. - 6to4(stf) interface configuration. - Static route configuration. - Comment additions. - Replaced a still existed '@' to '%' in IPv6 scoped addr format. (This became necessary as previous IPv6 scoped addr format change.)
Much thanks to ume, who helped me reviewing, testing, and finding problems with these changes.
Approved by: jkh
Reviewed by: ume
|
57913 |
11-Mar-2000 |
shin |
Prevent multicast packets from being sent over stf0 interface, to avoid error messages printed on /var/log/messages.
Recently added "stf" interface has IFF_MULTICAST bit set, because IPv6 don't work on non IFF_MULTICAST set interfaces in current implementation. But "stf" interface is multi-dest IPv6 over IPv4 tunnel, so can't treat multicast packet with no special configuration.
On the other hand, tools like "rtadvd", "pim6dd", "pim6sd" send messages on IFF_MULTICAST set interfaces by default. So there will be many bogus error message on /var/log/messages, that multicast packets sent to "stf0" failed.
So,
-strip "stf0" from rtadvd sending interfaces in rc.network6 ("rtadvd" is a daemon used only for local subnet, so it will never need to send its packets over "stf0" interfaces.)
-Add default configuration files for "pim6dd" and "pim6sd", and disable "stf0" in those files.
Approved by: jkh
|
57627 |
29-Feb-2000 |
jkh |
cosmetic fix - add a space.
|
57572 |
28-Feb-2000 |
markm |
Get the order of things right; the keys need to be generated early to allow entropy to replenish. sshd must start late to catch the full effects of ldconfig.
|
57567 |
28-Feb-2000 |
jkh |
Generate new sshd host key when necessary. I'm tired of waiting for someone to commit this. :)
|
57459 |
24-Feb-2000 |
markm |
Run sshd at boot time if the sysadmin wants it. Also install ssh[d] config files in the right place.
|
57436 |
24-Feb-2000 |
shin |
-Remove IPv6 initialization failed interfaces from the list of interfaces passed to rtadvd -Comment out example sentences more completely -Redirect error message of ifconfig output into /dev/null, to correctly find out working IPv6 interfaces
Approved by: jkh
|
57408 |
24-Feb-2000 |
shin |
-Removed unnecessary use of awk. -small comment fix.
Approved by: jkh
Submitted by: Chris Costello <chris@calldei.com>
|
57398 |
23-Feb-2000 |
shin |
Add IPv6 configuration scripts.
Initial version created by, and kindly much tested by: bmah@CA.Sandia.GOV (Bruce A. Mah)
Approved by: jkh
Reviewed by: bmah@CA.Sandia.GOV (Bruce A. Mah), Ollivier Robert <roberto@keltia.freenix.fr> Obtained from: KAME project
|
57230 |
15-Feb-2000 |
phk |
No arguments needed for fore_dnld any longer.
Approved by: jkh
|
57012 |
06-Feb-2000 |
hm |
Approved by: jkh Reviewed by: joerg
The isdnd is able to listen on a socket for isdnmonitor to connect to it to remotely control it (similar to ppp and pppctl). When this is enabled in the isdnd config file, it will fail currently because isdnd is started before the network interfaces are configured. It is necessary to move the isdnd start after the ifconfig of the network interfaces, then this problem will not occur.
|
56118 |
16-Jan-2000 |
chris |
Add and document support for handling comments and blank lines in /etc/sysctl.conf.
Reviewed by: imp, jkh
|
56038 |
15-Jan-2000 |
green |
This is another in Martin Blapp's N-series of mount-related cleanups :) Changes are: - rpc.umntall is called at the right places now in /etc/rc* - rpc.umntall timeout has been lowered from two days (too high) to one - verbose messages in rpc.umntall have been clarified - kill double entries in /var/db/mounttab when rpc.umntall is invoked - ${early_nfs_mounts} has been removed from /etc/rc - patched mount(8) -p to print different pass/dump values for ufs filesystems. (last patch recieved from dan <bugg@bugg.strangled.net>)
Submitted by: Martin Blapp <mbr@imp.ch>, dan <bugg@bugg.strangled.net>
|
55520 |
06-Jan-2000 |
luigi |
Cleanup diskless support in current, mostly aligning it to the one in the 3.x branch. Also remove the dependency on /usr to find the boot address/interface. Mostly-submitted-abd-tested-by: MIHIRA Sanpei Yoshiro <sanpei@sanpei.org>
|
54739 |
17-Dec-1999 |
roberto |
xntpd -> ntpd.
Submitted by: ru
|
54458 |
12-Dec-1999 |
obrien |
Suport multiple ``ifconfig_*?="DHCP"'' configurations.
Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface).
PR: 14810 Submitted by: n_hibma
|
54041 |
02-Dec-1999 |
imp |
Now that pccardc beep actually works, add knob for it in rc.conf/rc.pccard
Submitted by: sanpei@sanpei.org (MIHIRA-san Yoshiro)
|
53613 |
23-Nov-1999 |
brian |
Oops, typo
|
53611 |
23-Nov-1999 |
brian |
Add pppoed startup options
|
53314 |
17-Nov-1999 |
ache |
Add network pass4 - after all local (/usr/local/etc/rc.d f.e.) daemons started. Move log_in_vain option there. It is needed to avoid lot of connections to port 80 logged on production WWW server prior Apache started from /usr/local/etc/rc.d
|
53158 |
14-Nov-1999 |
ache |
Add single_mountd_enable hook to run mountd but not NFS server Needed for machine with CFS but without real NFS
|
51426 |
19-Sep-1999 |
green |
Make the firewall file variable space-safe.
|
51237 |
13-Sep-1999 |
peter |
Add/adjust some $FreeBSD$ tags.
Noted by: Doug <Doug@gorean.org>
|
51231 |
13-Sep-1999 |
sheldonh |
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity.
Changes discussed on freebsd-hackers.
Submitted by: Doug Barton <Doug@gorean.org>
|
51209 |
12-Sep-1999 |
des |
Add the net.inet.tcp.restrict_rst and net.inet.tcp.drop_synfin sysctl variables, conditional on the TCP_RESTRICT_RST and TCP_DROP_SYNFIN kernel options, respectively. See the comments in LINT for details.
|
50735 |
01-Sep-1999 |
peter |
-background is also a legitimate ppp mode. Don't change it to -auto.
|
50472 |
27-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
50470 |
27-Aug-1999 |
jkh |
Catch an extra X on DHCP.
Spotted by the eagle eyes of: Pierre DAVID <Pierre.David@prism.uvsq.fr>
|
50454 |
27-Aug-1999 |
sheldonh |
Small whitespace change to fix run-over lines introduced in the previous commit.
Reported by: bde
|
50357 |
25-Aug-1999 |
sheldonh |
Style clean-up:
* All variables are now embraced: ${foo}
* All comparisons against some value now take the form: [ "${foo}" ? "value" ] where ? is a comparison operator
* All empty string tests now take the form: [ -z "${foo}" ]
* All non-empty string tests now take the form: [ -n "${foo}" ]
Submitted by: jkh
|
50193 |
22-Aug-1999 |
brian |
ppp_alias -> ppp_nat
Submitted by: Josef L. Karthauser <joe@FreeBSD.org.uk>
|
50063 |
19-Aug-1999 |
brian |
Quieten ppp at startup.
|
49603 |
10-Aug-1999 |
des |
Add net.inet.icmp.log_redirect and net.inet.icmp.drop_redirect, for respectively logging and dropping ICMP REDIRECT packets.
Note that there is no rate limiting on the log messages, so log_redirect should be used with caution (preferrably only for debugging purposes).
|
49122 |
26-Jul-1999 |
brian |
Start ppp before natd, not afterwards.
Submitted by: Josef L. Karthauser <joe@uk.FreeBSD.org>
|
49110 |
26-Jul-1999 |
brian |
Add a default ppp.conf (mode 600).
Originally submitted by: Wayne Self <wself@cdrom.com>
Allow a ppp startup option in rc.conf.
Adjust sysinstall so that it appends to the end of ppp.conf and uses the generated profile to start ppp in auto mode on boot.
Submitted by: Josef L. Karthauser <joe@uk.FreeBSD.org>
|
49092 |
26-Jul-1999 |
obrien |
Don't background pccardd, it nullfies the "-z" flag. pccardd itself daemonizes, lets just let things progress normally.
|
48842 |
16-Jul-1999 |
jkh |
Allow DHCP to be used in an ifconfig variable instead of the usual address information, producing the obvious effect (dhcp configuration).
Submitted by: "Sean O'Connell" <sean@stat.Duke.EDU>
|
48687 |
08-Jul-1999 |
peter |
Tweak previous commit. Only sense the configuration if network_interfaces is set to "auto". Any network_interfaces settings will be treated as before.
|
48662 |
07-Jul-1999 |
peter |
Do away with ${network_interfaces} in rc.conf. Just use `ifconfig -l` to get a list of interfaces, and then automatically configure them if ${ifconfig_${ifn}} or /etc/start_if.${ifn} exists.
This makes it a lot easier to deal with machines that constantly change their network configuration as you can leave ifconfig settings for all the possible cards - just the ones that are present will be configured.
|
48649 |
07-Jul-1999 |
hosokawa |
Removed my name and (old) e-mail address from comments.
|
48648 |
07-Jul-1999 |
hosokawa |
Added pccard_conf parameter to /etc/rc.conf, and set it to "/etc/pccard.conf.sample" in /etc/defaults/rc.conf. Perhaps this default value can be inappropriate, but I set to this value for the convenience of PC-card boot.flp users. Please correct it if there are better solutions.
|
48554 |
04-Jul-1999 |
hosokawa |
Added "pccardd_flags" for rc.conf.
|
47838 |
08-Jun-1999 |
brian |
If amd_flags is empty, don't add -p as it makes amd abend.
|
47755 |
05-Jun-1999 |
bde |
Don't discard error output from sysctl(8).
Do discard standard output from the sysctl for approxy_all, and echo what this sysctl is doing in the usual way. This fix is probably backwards. We should probably just use the standard sysctl output in all cases (it needs to have a newline filtered out).
Echo what the sysctls for nfs_reserved_port_only and nfs_access_cache are doing.
|
47752 |
05-Jun-1999 |
phk |
Add handle to control global TCP keepalives and turn them on as default.
Despite their name it doesn't keep TCP sessions alive, it kills them if the other end has gone AWOL. This happens a lot with clients which use NAT, dynamic IP assignment or which has a 2^32 * 10^-3 seconds upper bound on their uptime.
There is no detectable increase in network trafic because of this: two minimal TCP packets every two hours for a live TCP connection.
Many servers already enable keepalives themselves.
The host requirements RFC is 10 years old, and doesn't know about the loosing clients of todays InterNet.
|
46521 |
05-May-1999 |
markm |
This has bitrotted to the state that it is no longer functional. Make Mike Smith very happy by nuking the PCIC auto-load code. :-)
NOTE - You will have to have PCIC in your kernel again!! You have been warned!!
|
46390 |
04-May-1999 |
dima |
Use ``grep -w'' to prevent catching "pcic_pci"
|
45622 |
12-Apr-1999 |
brian |
Remove extraneous space PR: 11096
|
45542 |
10-Apr-1999 |
des |
Allow the user to specify a different firewall script than /etc/rc.firewall.
|
45096 |
28-Mar-1999 |
imp |
Add two features: log_in_vain: log_in_vain turns on logging for packets to ports for which there is no listener. rc.sysctl: A generic way to set sysctl values. It reads /etc/syslog.conf and sets values based on that. No /etc/syslog.conf has been checked in yet, and I've not added this to the makefile yet until I get more feedback.
Reviewed by: -current, -hackers and bde especially
|
44992 |
24-Mar-1999 |
brian |
Move natd from network_pass3 to network_pass1
|
44837 |
17-Mar-1999 |
nate |
- Mixup of kldstat arguments. Use '-i 1' instead of '-n 1' when checking for the PCIC module in the kernel.
{ I promise this is the last commit! }
Submitted by: "Sean O'Connell" <sean@stat.Duke.EDU>
|
44835 |
17-Mar-1999 |
nate |
Whoops, fixed typos in PCIC loading command when I modified Sean's original patch.
Submitted by: "Sean O'Connell" <sean@stat.Duke.EDU>
|
44830 |
17-Mar-1999 |
nate |
Add a Q&D test before loading the pcic module to make sure there isn't a compiled in one.
Submitted by: "Sean O'Connell" <sean@stat.Duke.EDU>
|
44668 |
11-Mar-1999 |
jfitz |
Add ${lpd_program} and ${portmap_program} as variables in rc.conf, with suitable defaults pointing to the FreeBSD-shipped versions. This will allow for easier integration of third-party replacements for these daemons. Reviewed by: Several members of -committers
|
44573 |
08-Mar-1999 |
hm |
fix cosmetic ISDN startup problem mentioned in PR conf/9957
|
43849 |
10-Feb-1999 |
jkh |
Use /etc/defaults/rc.conf everywhere, falling back to /etc/rc.conf as necessary (for half-assed upgrades).
|
43803 |
09-Feb-1999 |
dillon |
Revamp rc.diskless. Split into rc.diskless1 and rc.diskless2. provide more opportunities for overriding. Clean up /etc/rc ( remove conf_dir, remove startup mount special cases, remove other special cases )
|
43590 |
04-Feb-1999 |
markm |
Add bits useful to getting laptops going (my Libretto in particular) Add ActionTec v.90 modem and Libretto Floppy to pccard database; Autoload pcic device.
|
42627 |
13-Jan-1999 |
joerg |
Add some special hooks for sppp(4) interfaces. In addition to the normal ifconfig stuff, one might need to pass down authentication parameters for them.
This is closely tied to Hellmuth's impending rc patches for ISDN, but sppp can also be used separately (thus it doesn't go directly into the planned ISDN section of rc.conf).
Reviewed by: hm
|
42621 |
13-Jan-1999 |
hm |
Integrate the ISDN subsystem into the /etc/rc framework Reviewed by: Joerg Wunsch
|
42270 |
03-Jan-1999 |
jkh |
Allow rwhod to take flags.
PR: 7705 Submitted by: Johan Karlsson <k@numeri.campus.luth.se>
|
41371 |
27-Nov-1998 |
jkoshy |
Direct std{err,out} to /dev/null when invoking sysctl(8) for setting `nfs_access_cache_timeout'.
Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
|
41185 |
15-Nov-1998 |
msmith |
Implement the nfs_access_cache variable, allowing us to set the timeout for the NFS client's ACCESS cache.
|
41077 |
11-Nov-1998 |
peter |
kldload ipfw, it's installed always and works on both kernel formats
|
40056 |
08-Oct-1998 |
phk |
Avoid using dmesg to find devices, the buffer may not be big enough.
Reviewed by: phk Submitted by: Mike Spengler <mks@networkcs.com>
|
40006 |
06-Oct-1998 |
phk |
Here are some scripts and man pages for configuring HARP ATM interfaces.
Reviewed by: phk Submitted by: Mike Spengler <mks@networkcs.com>
|
39380 |
16-Sep-1998 |
cracauer |
rc.conf variable $amd_map_program needs to be eval'ed. PR: misc/7435 Submitted by: David Wolfskill <dhw@whistle.com>
|
39267 |
15-Sep-1998 |
jkoshy |
Turn off replies to ICMP echo requests for broadcast and multicast addresses by default.
Add a knob "icmp_bmcastecho" to "rc.network" to allow this behaviour to be controlled from "rc.conf".
Document the controlling sysctl variable "net.inet.icmp.bmcastecho" in sysctl(3).
Reviewed by: dg, jkh Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
|
38876 |
06-Sep-1998 |
phk |
tcp_extensions now only applies to RFC1323
|
38316 |
14-Aug-1998 |
phk |
In /etc/rc.network, near line 242, setting up Kerberos, variable "stash_flag" is set. A few lines later, it is evaluated as "stash_flags" with a trailing "s", and then a bit later the singular version is unset.
PR: 7609 Reviewed by: phk Submitted by: Walt Howard <howard@ee.utah.edu>
|
38238 |
10-Aug-1998 |
brian |
Add Id keyword.
|
37514 |
08-Jul-1998 |
nectar |
Allow either an IP address or an interface to be specified in the rc.conf variable ``natd_interface''. rc.network will determine whether it is an IP address or an interface name, and invoke natd with the -a or -n flag as appropriate.
PR: 6947 Reviewed by: jkh@FreeBSD.ORG
|
36985 |
14-Jun-1998 |
steve |
Cleanup natd startup test.
PR: 6946 Submitted by: Jacques Vidrine <n@nectar.com>
|
36174 |
19-May-1998 |
jkh |
cosmetic: clean up startup messages and rearrange some options to go in a more proper order.
|
35787 |
06-May-1998 |
andreas |
Overlooked, that newer naming convention is xxx_program instead of xxx_prog. So changed it to ntpdate_program and xntpd_program. Backout last change, now we have again named_program, sorry.
|
35751 |
05-May-1998 |
andreas |
Add variables for the ntpdate and xntpd program, you might want to run the binaries from the new ntp v4 port.
|
35459 |
26-Apr-1998 |
phk |
Jean-Simon Pendry's paper on amd refers to the use of "ypcat -k" against the "master map" to get the list of mount point/amd map correspondences, and using that list as command-line arguments to start amd.
When I tried to do this with the existing /etc/rc* scripts, I found that I couldn't do this by modifying only /etc/rc.conf: that file gets sourced very early by /etc/rc, well before any networking functionality is present, let alone NIS. Further, I wasn't able to figure out a way to use various levels & types of quoting to defer evaluation of the string to a point subsequent to NIS initialization.
As a result, I resorted to hacking /etc/rc.network -- but I did it in a way that ought to be reasonably general, and avoid breakage for anyone else.
PR: 6387 Reviewed by: phk Submitted by: David Wolfskill <dhw@whistle.com>
|
35267 |
18-Apr-1998 |
brian |
Add natd support. PR: 6339 Submitted by: cdillon@wolves.k12.mo.us
|
35149 |
12-Apr-1998 |
markm |
Enable the SecureRPC bits in rc.conf, if the Administrator wants them.
|
34561 |
13-Mar-1998 |
danny |
Submitted by: bde Back out last brain blip.
|
34550 |
13-Mar-1998 |
danny |
Change examples for Cyclades cards (c -> c0) to fit with reality.
|
34395 |
09-Mar-1998 |
jkh |
Allow rarpd to be started from rc.conf PR: 5457 Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
|
33682 |
20-Feb-1998 |
brian |
Remove useless argument to ``. start_if.$ifn'' Pointed out by: Tim Tsai <tim@futuresouth.com>
|
33439 |
16-Feb-1998 |
guido |
Add 2 new rc.conf variables: forward_sourceroute : controls setting of existing net.inet.ip.sourceroute accept_sourceroute : control setting of new net.inet.ip.accept_sourceroute
|
33337 |
14-Feb-1998 |
alex |
Avoid using grep when determining ipfw's default policy -- it may not be available at this stage of the boot if /usr is NFS mounted.
|
33149 |
07-Feb-1998 |
alex |
Don't assume that IP services are disabled just because firewall_enable is not set to YES in rc.conf.
Noticed by: Mikael Karpberg <karpen@ocean.campus.luth.se>
|
32949 |
01-Feb-1998 |
wollman |
Add an additional `named_program' variable so that we can easily choose between 4.9.6 and the port of 8.x.
|
32382 |
10-Jan-1998 |
alex |
Compare return code from ipfw against 0 for success instead of == 1 for error.
Pointed out by: Matthew Thyer <thyerm@camtech.net.au>
|
31472 |
01-Dec-1997 |
obrien |
MF 22s
|
31033 |
07-Nov-1997 |
sef |
Allow the system to be configured to pass "-n" to kerberos and kadmind or not; also, only run kadmind on a non-slave server. Man page for rc.conf is also updated.
Reviewed by: Mark Murray
|
29590 |
18-Sep-1997 |
danny |
Fix some problems in the rules file loading and need for modload detection.
Found by: "James E. Housley" <housley@pr-comm.com>
|
29300 |
11-Sep-1997 |
danny |
Reviewed by: msmith, alex Cosmetic changes to the loading of firewall rules and lkm.
|
27218 |
06-Jul-1997 |
pst |
Merge from 2.2 (tcp extensions in phase 1)
|
25916 |
19-May-1997 |
jkh |
Neaten up some things which were inconsistent, add a few more flags to things which need them, general cleanup. Submitted by: Brian Somers <brian@awfulhak.org>
|
25765 |
13-May-1997 |
jkh |
Add arp_proxyall knob. Submitted by: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>
|
25412 |
03-May-1997 |
jkh |
Update the etc world from RELENG_2_2 which is now more up-to-date (gotta get myself -current again, this is a drag).
Also-fixes-problems-noted-by: Wolfgang Helbig & Joerg Wunsch
|
25365 |
01-May-1997 |
jkh |
Ack, learn to spell "extentions" the same way in the same file. Also make the output a little less cryptic for sysctl settings.
Suggested by: bde
|
25364 |
01-May-1997 |
jkh |
YAMF22 PR: 3456
|
25337 |
01-May-1997 |
jkh |
YAMF22
|
25238 |
28-Apr-1997 |
jkh |
YAMF22
|
25184 |
27-Apr-1997 |
jkh |
Bring in rc file changes from -current.
|
23607 |
10-Mar-1997 |
bde |
Fixed the Cyclades and Digiboard port numbers.
|
23037 |
23-Feb-1997 |
peter |
Revert $FreeBSD$ to $Id$
|
21673 |
14-Jan-1997 |
jkh |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
21365 |
06-Jan-1997 |
nate |
Minor modifications to the PCCARD startup files and comments.
Submitted by: The Nomads
|
14624 |
14-Mar-1996 |
nate |
Renamed the relevant PC-Card support files to reflect the newest release.
|
14239 |
24-Feb-1996 |
bde |
Added support for Cyclades and Digiboard devices.
Submitted by: Daniel O'Callaghan <danny@lynx.its.unimelb.edu.au> + mods by bde
|
13798 |
31-Jan-1996 |
mpp |
Another round of spelling fixes.
|
7708 |
09-Apr-1995 |
rgrimes |
This is a purely cosmetic clean up. Fix many cut and paste problems that had turned tabs into spaces.
|
5398 |
05-Jan-1995 |
ache |
Add drainwait option examples
|
4982 |
04-Dec-1994 |
ache |
cua*0? --> cua*a?
|
1675 |
04-Jun-1994 |
ache |
Now rc.serial used for initial setup of serial lines
|