- Copy stable/10@296371 to releng/10.3 in preparation for 10.3-RC1
builds.
- Update newvers.sh to reflect RC1.
- Update __FreeBSD_version to reflect 10.3.
- Update default pkg(8) configuration to use the quarterly branch.

Approved by: re (implicit)

MFC r289421, r293037, r294773, and r294884.

ntp leap-leapseconds support.

r289421:

Add default leap-seconds file. This should help ntp networks get the
leap second date correct

Updates to the file can be obtained from ftp://time.nist.gov/pub/ or
ftp://tycho.usno.navy.mil/pub/ntp/.

r293037:

Update leap-seconds to latest. This will satisfy the ntpd leap-second
version check.

r294773:

Add support for automatic leap-second file updates.

The working copy of leapfile resides in /var/dbntpd.leap-seconds.list.
/etc/ntp/leap-seconds (periodically updated from ftp://time.nist.gov/pub/
or ftp://tycho.usno.navy.mil/pub/ntp/) contains the master copy should
automatic leapfile updates be disabled (default).

Automatic leapfile updates are fetched from $ntp_leapfile_sources,
defaulting to https://www.ietf.org/timezones/data/leap-seconds.list,
within $ntp_leapfile_expiry_days (default 30 days) from leap-seconds
file expiry. Automatic updates can be enabled by setting
$daily_ntpd_leapfile_enable="YES" in periodic.conf. To avoid congesting
the ntp leapfile source the automatic update randomized by default but
can be disabled through daily_ntpd_avoid_congestion="NO" in
periodic.conf.

r294884:

Allow specification of fetch options for ntp leap-seconds fetch.

Approved by: re (gjb)

MFC r292752:

Enhance rc.d/netwait script to wait for late-attaching interfaces such as
USB NICs.

USB network hardware may not be enumerated and available when the rc.d
networking scripts run. Eventually the USB attachment completes and devd
events cause the network initialization to happen, but by then other rc.d
scripts have already failed, because services which depend on NETWORKING
(such as mountcritremote) may end up running before the network is actually
ready.

There is an existing netwait script, but because it is dependent on
NETWORKING it runs too late to prevent failure of some other rc
scripts. This change flips the order so that NETWORKING depends on netwait,
and netwait now depends on devd and routing (the former is needed to make
interfaces appear, and the latter is needed to run the ping tests in
netwait).

The netwait script used to be oriented primarily towards "as soon as any
host is reachable the network is fully functional", so you gave it a list of
IPs to try and you could optionally name an interface and it would wait for
carrier on that interface. That functionality still works the same, but now
you can provide a list of interfaces to wait for and it waits until each one
of them is available. The ping logic still completes as soon as the first IP
on the list responds.

These changes were submitted by Brenden Molloy <brendan+freebsd@bbqsrc.net>
in PR 205186, and lightly modified by me to allow a list of interfaces
instead of just one.

PR: 205186
Relnotes: yes

MFC: r291536
Add support for the new "-manage-gids" option for the nfsuserd daemon
to the rc scripts. With these changes, setting nfs_server_managegids="YES"
in /etc/rc.conf will enable this capability.

Relnotes: yes

MFC r274841

Remove examples of gif_interfaces and gifconfig. These have already been
marked as deprecated in rc.conf(5) manual page but these examples
were still here.

Approved by: re (gjb)

MFH (r270391): don't set rc_debug in /etc/defaults/rc.conf

MFC r274965:

Make it possible to specify flags for autofs daemons in rc.conf.

Sponsored by: The FreeBSD Foundation

MFC r271663:
Fix a typo; master server for iprop service should be singular.

MFC r270782:

Restructure rc.d scripts for kerberos5 daemons:

- Rename $kerberos5_server_enable with $kdc_enable and rename
rc.d/kerberos with rc.d/kdc.

- Rename $kadmin5_server_enable with $kadmind_enable.

- Rename ${kerberos5,kpasswdd}_server with ${kdc,kpasswdd}_program.

- Fix rc.d/{kadmind,kerberos,kpasswdd,kfd} scripts not to change variables
after load_rc_config().

- Add rc.d/ipropd_master and rc.d/ipropd_slave scripts. These are
for iprop-master(8) and iprop-slave(8). Keytab used for iprop service is
defined in ipropd_{master,slave}_keytab (/etc/krb5.keytab by default).

- Add dependency on rc.d/kdc to SERVERS. rc.d/kdc must be invoked as early
as possible before scripts divided by rc.d/SERVERS.

Note that changes to rc.d/{kdc,kpasswdd,kadmind} are backward-compatible
with the old configuration variables:
${kerberos5,kpasswdd,kadmin5}_server{,_enable,_flags}.

MFC r270780:
Fix rc.d/gssd script to define the default values in a standard way.

MFC r270781:
- Add a warning message when an IPv6 address is specified with no prefixlen.
- Use a parameter argument in jls(8) instead of doing grep.

MFC r271424:

- Add $netif_ipexpand_max to specify the upper limit for the number of
addresses generated by an address range specification. The default value
is 2048. This can be increased by setting $netif_ipexpand_max in rc.conf.

PR: 186841

MFC r269392: Add /usr/lib32/compat to the default ld-elf32.so.1 path.

Approved by: re (gjb, delphij)

MFC r270647: Add references to vt(4) and the configuration files in /usr/sha
MFC r270653: Update man-pages to correctly refer to changed pathes and namin
MFC r270657: More man pages that need to know about vt in addition to syscon
MFC r270659: (by pluknet@) Missed comma.
MFC r270660: Back-out the references to vt(4) from this man-page. It appears
MFC r270933: Add references to vt(4) to further man-pages.
MFC r270934: Final patches to the tools used to convert syscons keymaps for
MFC r270935: Add vt(4) support to the console initialisation script, specifi

Second batch of MFCs to add support for Unicode keymaps for use with vt(4).

It contains the following changes:

- Add references to vt(4) to relevant man-pages.
- Update comment in defaults/rc.conf to mention vt
- Update rc.d/syscons to warn about syscons keymaps used under vt.
An attempt is made to identify the vt keymap to load instead.
- Minor changes to the conversion tool based on mail comments on keymaps.

Relnotes: yes

MFC r270096:

Bring in the new automounter, similar to what's provided in most other
UNIX systems, eg. MacOS X and Solaris. It uses Sun-compatible map format,
has proper kernel support, and LDAP integration.

There are still a few outstanding problems; they will be fixed shortly.

Reviewed by: allanjude@, emaste@, kib@, wblock@ (earlier versions)
Phabric: D523
Relnotes: yes
Sponsored by: The FreeBSD Foundation

Fix devfs rules not applied by default for jails.

Fix OpenSSL use-after-free vulnerability.

Fix TCP reassembly vulnerability.

Security: FreeBSD-SA-14:07.devfs
Security: CVE-2014-3001
Security: FreeBSD-SA-14:08.tcp
Security: CVE-2014-3000
Security: FreeBSD-SA-14:09.openssl
Security: CVE-2010-5298

MFC r261931,r261932:

Allow overriding rctl.conf(5) file location for /etc/rc.d/rctl

Approved by: bapt (mentor, implicit)

MFC r260486:
Remove very low default limit of 4 nfsd threads. nfsd's own default is
8 * hw.ncpu, that sounds more appropriate for these SMP/NCQ/... days.

Merge r257694 from head:

Remove remnants of BIND from /etc, since there is no BIND in base now.

Sorry, that would break users running head and BIND from ports, since
ports rely on these scripts. The ports will be fixed soon.

Approved by: re (kib)

MFC r256773:
Enable the automatic creation of a certificate (if one does not exists)
and enable the usage by sendmail if sendmail is enabled.

Reviewed by: gshapiro
Approved by: re (gjb)

MFC r256775,r256776:
Add support for "first boot" rc.d scripts.

Document this new functionality in rc.conf(5) and rc(8).

Bump __FreeBSD_version so that ports can make use of this.

Approved by: re (gjb)

Merge from project branch via main. Uninteresting commits are trimmed.

Refactor of /dev/random device. Main points include:

* Userland seeding is no longer used. This auto-seeds at boot time
on PC/Desktop setups; this may need some tweeking and intelligence
from those folks setting up embedded boxes, but the work is believed
to be minimal.

* An entropy cache is written to /entropy (even during installation)
and the kernel uses this at next boot.

* An entropy file written to /boot/entropy can be loaded by loader(8)

* Hardware sources such as rdrand are fed into Yarrow, and are no
longer available raw.

------------------------------------------------------------------------
r256240 | des | 2013-10-09 21:14:16 +0100 (Wed, 09 Oct 2013) | 4 lines

Add a RANDOM_RWFILE option and hide the entropy cache code behind it.
Rename YARROW_RNG and FORTUNA_RNG to RANDOM_YARROW and RANDOM_FORTUNA.
Add the RANDOM_* options to LINT.

------------------------------------------------------------------------
r256239 | des | 2013-10-09 21:12:59 +0100 (Wed, 09 Oct 2013) | 2 lines

Define RANDOM_PURE_RNDTEST for rndtest(4).

------------------------------------------------------------------------
r256204 | des | 2013-10-09 18:51:38 +0100 (Wed, 09 Oct 2013) | 2 lines

staticize struct random_hardware_source

------------------------------------------------------------------------
r256203 | markm | 2013-10-09 18:50:36 +0100 (Wed, 09 Oct 2013) | 2 lines

Wrap some policy-rich code in 'if NOTYET' until we can thresh out
what it really needs to do.

------------------------------------------------------------------------
r256184 | des | 2013-10-09 10:13:12 +0100 (Wed, 09 Oct 2013) | 2 lines

Re-add /dev/urandom for compatibility purposes.

------------------------------------------------------------------------
r256182 | des | 2013-10-09 10:11:14 +0100 (Wed, 09 Oct 2013) | 3 lines

Add missing include guards and move the existing ones out of the
implementation namespace.

------------------------------------------------------------------------
r256168 | markm | 2013-10-08 23:14:07 +0100 (Tue, 08 Oct 2013) | 10 lines

Fix some just-noticed problems:

o Allow this to work with "nodevice random" by fixing where the
MALLOC pool is defined.

o Fix the explicit reseed code. This was correct as submitted, but
in the project branch doesn't need to set the "seeded" bit as this
is done correctly in the "unblock" function.

o Remove some debug ifdeffing.

o Adjust comments.

------------------------------------------------------------------------
r256159 | markm | 2013-10-08 19:48:11 +0100 (Tue, 08 Oct 2013) | 6 lines

Time to eat crow for me.

I replaced the sx_* locks that Arthur used with regular mutexes;
this turned out the be the wrong thing to do as the locks need to
be sleepable. Revert this folly.

# Submitted by: Arthur Mesh <arthurmesh@gmail.com> (In original diff)

------------------------------------------------------------------------
r256138 | des | 2013-10-08 12:05:26 +0100 (Tue, 08 Oct 2013) | 10 lines

Add YARROW_RNG and FORTUNA_RNG to sys/conf/options.

Add a SYSINIT that forces a reseed during proc0 setup, which happens
fairly late in the boot process.

Add a RANDOM_DEBUG option which enables some debugging printf()s.

Add a new RANDOM_ATTACH entropy source which harvests entropy from the
get_cyclecount() delta across each call to a device attach method.

------------------------------------------------------------------------
r256135 | markm | 2013-10-08 07:54:52 +0100 (Tue, 08 Oct 2013) | 8 lines

Debugging. My attempt at EVENTHANDLER(multiuser) was a failure; use
EVENTHANDLER(mountroot) instead.

This means we can't count on /var being present, so something will
need to be done about harvesting /var/db/entropy/... .

Some policy now needs to be sorted out, and a pre-sync cache needs
to be written, but apart from that we are now ready to go.

Over to review.

------------------------------------------------------------------------
r256094 | markm | 2013-10-06 23:45:02 +0100 (Sun, 06 Oct 2013) | 8 lines

Snapshot.

Looking pretty good; this mostly works now. New code includes:

* Read cached entropy at startup, both from files and from loader(8)
preloaded entropy. Failures are soft, but announced. Untested.

* Use EVENTHANDLER to do above just before we go multiuser. Untested.

------------------------------------------------------------------------
r256088 | markm | 2013-10-06 14:01:42 +0100 (Sun, 06 Oct 2013) | 2 lines

Fix up the man page for random(4). This mainly removes no-longer-relevant
details about HW RNGs, reseeding explicitly and user-supplied
entropy.

------------------------------------------------------------------------
r256087 | markm | 2013-10-06 13:43:42 +0100 (Sun, 06 Oct 2013) | 6 lines

As userland writing to /dev/random is no more, remove the "better
than nothing" bootstrap mode.

Add SWI harvesting to the mix.

My box seeds Yarrow by itself in a few seconds! YMMV; more to follow.

------------------------------------------------------------------------
r256086 | markm | 2013-10-06 13:40:32 +0100 (Sun, 06 Oct 2013) | 11 lines

Debug run. This now works, except that the "live" sources haven't
been tested. With all sources turned on, this unlocks itself in
a couple of seconds! That is no my box, and there is no guarantee
that this will be the case everywhere.

* Cut debug prints.

* Use the same locks/mutexes all the way through.

* Be a tad more conservative about entropy estimates.

------------------------------------------------------------------------
r256084 | markm | 2013-10-06 13:35:29 +0100 (Sun, 06 Oct 2013) | 5 lines

Don't use the "real" assembler mnemonics; older compilers may not
understand them (like when building CURRENT on 9.x).

# Submitted by: Konstantin Belousov <kostikbel@gmail.com>

------------------------------------------------------------------------
r256081 | markm | 2013-10-06 10:55:28 +0100 (Sun, 06 Oct 2013) | 12 lines

SNAPSHOT.

Simplify the malloc pools; We only need one for this device.

Simplify the harvest queue.

Marginally improve the entropy pool hashing, making it a bit faster
in the process.

Connect up the hardware "live" source harvesting. This is simplistic
for now, and will need to be made rate-adaptive.

All of the above passes a compile test but needs to be debugged.

------------------------------------------------------------------------
r256042 | markm | 2013-10-04 07:55:06 +0100 (Fri, 04 Oct 2013) | 25 lines

Snapshot. This passes the build test, but has not yet been finished or debugged.

Contains:

* Refactor the hardware RNG CPU instruction sources to feed into
the software mixer. This is unfinished. The actual harvesting needs
to be sorted out. Modified by me (see below).

* Remove 'frac' parameter from random_harvest(). This was never
used and adds extra code for no good reason.

* Remove device write entropy harvesting. This provided a weak
attack vector, was not very good at bootstrapping the device. To
follow will be a replacement explicit reseed knob.

* Separate out all the RANDOM_PURE sources into separate harvest
entities. This adds some secuity in the case where more than one
is present.

* Review all the code and fix anything obviously messy or inconsistent.
Address som review concerns while I'm here, like rename the pseudo-rng
to 'dummy'.

# Submitted by: Arthur Mesh <arthurmesh@gmail.com> (the first item)

------------------------------------------------------------------------
r255319 | markm | 2013-09-06 18:51:52 +0100 (Fri, 06 Sep 2013) | 4 lines

Yarrow wants entropy estimations to be conservative; the usual idea
is that if you are certain you have N bits of entropy, you declare
N/2.

------------------------------------------------------------------------
r255075 | markm | 2013-08-30 18:47:53 +0100 (Fri, 30 Aug 2013) | 4 lines

Remove short-lived idea; thread to harvest (eg) RDRAND enropy into the
usual harvest queues. It was a nifty idea, but too heavyweight.

# Submitted by: Arthur Mesh <arthurmesh@gmail.com>

------------------------------------------------------------------------
r255071 | markm | 2013-08-30 12:42:57 +0100 (Fri, 30 Aug 2013) | 4 lines

Separate out the Software RNG entropy harvesting queue and thread
into its own files.

# Submitted by: Arthur Mesh <arthurmesh@gmail.com>

------------------------------------------------------------------------
r254934 | markm | 2013-08-26 20:07:03 +0100 (Mon, 26 Aug 2013) | 2 lines

Remove the short-lived namei experiment.

------------------------------------------------------------------------
r254928 | markm | 2013-08-26 19:35:21 +0100 (Mon, 26 Aug 2013) | 2 lines

Snapshot; Do some running repairs on entropy harvesting. More needs
to follow.

------------------------------------------------------------------------
r254927 | markm | 2013-08-26 19:29:51 +0100 (Mon, 26 Aug 2013) | 15 lines

Snapshot of current work;

1) Clean up namespace; only use "Yarrow" where it is Yarrow-specific
or close enough to the Yarrow algorithm. For the rest use a neutral
name.

2) Tidy up headers; put private stuff in private places. More could
be done here.

3) Streamline the hashing/encryption; no need for a 256-bit counter;
128 bits will last for long enough.

There are bits of debug code lying around; these will be removed
at a later stage.

------------------------------------------------------------------------
r254784 | markm | 2013-08-24 14:54:56 +0100 (Sat, 24 Aug 2013) | 39 lines

1) example (partially humorous random_adaptor, that I call "EXAMPLE")
* It's not meant to be used in a real system, it's there to show how
the basics of how to create interfaces for random_adaptors. Perhaps
it should belong in a manual page

2) Move probe.c's functionality in to random_adaptors.c
* rename random_ident_hardware() to random_adaptor_choose()

3) Introduce a new way to choose (or select) random_adaptors via tunable
"rngs_want" It's a list of comma separated names of adaptors, ordered
by preferences. I.e.:
rngs_want="yarrow,rdrand"

Such setting would cause yarrow to be preferred to rdrand. If neither of
them are available (or registered), then system will default to
something reasonable (currently yarrow). If yarrow is not present, then
we fall back to the adaptor that's first on the list of registered
adaptors.

4) Introduce a way where RNGs can play a role of entropy source. This is
mostly useful for HW rngs.

The way I envision this is that every HW RNG will use this
functionality by default. Functionality to disable this is also present.
I have an example of how to use this in random_adaptor_example.c (see
modload event, and init function)

5) fix kern.random.adaptors from
kern.random.adaptors: yarrowpanicblock
to
kern.random.adaptors: yarrow,panic,block

6) add kern.random.active_adaptor to indicate currently selected
adaptor:
root@freebsd04:~ # sysctl kern.random.active_adaptor
kern.random.active_adaptor: yarrow

# Submitted by: Arthur Mesh <arthurmesh@gmail.com>

Submitted by: Dag-Erling Smørgrav <des@FreeBSD.org>, Arthur Mesh <arthurmesh@gmail.com>
Reviewed by: des@FreeBSD.org
Approved by: re (delphij)
Approved by: secteam (des,delphij)

- Remove debugging from GENERIC* kernel configurations
- Enable MALLOC_PRODUCTION
- Default dumpdev=NO
- Remove UPDATING entry regarding debugging features
- Bump __FreeBSD_version to 1000500

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

- Update rc.d/jail to use a jail(8) configuration file instead of
command line options. The "jail_<jname>_*" rc.conf(5) variables for
per-jail configuration are automatically converted to
/var/run/jail.<jname>.conf before the jail(8) utility is invoked.
This is transparently backward compatible.

- Fix a minor bug in jail(8) which prevented it from returning false
when jail -r failed.

Approved by: re (glebius)

Add a setup script for unbound(8) called local-unbound-setup. It
generates a configuration suitable for running unbound as a caching
forwarding resolver, and configures resolvconf(8) to update unbound's
list of forwarders in addition to /etc/resolv.conf. The initial list
is taken from the existing resolv.conf, which is rewritten to point to
localhost. Alternatively, a list of forwarders can be provided on the
command line.

To assist this script, add an rc.subr command called "enabled" which
does nothing except return 0 if the service is enabled and 1 if it is
not, without going through the usual checks. We should consider doing
the same for "status", which is currently pointless.

Add an rc script for unbound, called local_unbound. If there is no
configuration file, the rc script runs local-unbound-setup to generate
one.

Note that these scripts place the unbound configuration files in
/var/unbound rather than /etc/unbound. This is necessary so that
unbound can reload its configuration while chrooted. We should
probably provide symlinks in /etc.

Approved by: re (blanket)

Bring in the new iSCSI target and initiator.

Reviewed by: ken (parts)
Approved by: re (delphij)
Sponsored by: FreeBSD Foundation

- Trim an unused and bogus Makefile for mount_smbfs.
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.

- Add vnode-backed swap space specification support. This is enabled when
device names "md" or "md[0-9]*" and a "file" option are specified in
/etc/fstab like this:

md none swap sw,file=/swap.bin 0 0

- Add GBDE/GELI encrypted swap space specification support, which
rc.d/encswap supported. The /etc/fstab lines are like the following:

/dev/ada1p1.bde none swap sw 0 0
/dev/ada1p2.eli none swap sw 0 0

.eli devices accepts aalgo, ealgo, keylen, and sectorsize as options.

swapctl(8) can understand an encrypted device in the command line
like this:

# swapctl -a /dev/ada2p1.bde

- "-L" flag is added to support "late" option to defer swapon until
rc.d/mountlate runs.

- rc.d script change:

rc.d/encswap -> removed
rc.d/addswap -> just display a warning message if $swapfile is defined
rc.d/swap1 -> renamed to rc.d/swap
rc.d/swaplate -> newly added to support "late" option

These changes alleviate a race condition between device creation/removal
and swapon/swapoff.

MFC after: 1 week
Reviewed by: wblock (manual page)

Clean up swapfile memory disk on shutdown

Make the md unit number configurable so that it can be predicted

PR: bin/168544
Submitted by: wblock (based on)
Approved by: kevlo

Use new savecore(8) option and limit number of kernel dumps that will
be kept around to the 10 most recent ones.

Add UPDATING entry with info how to return to the previous behaviour (no
limits).

Obtained from: WHEEL Systems

Merge a number of changes required to hook up OpenBSM 1.2-alpha2's
auditdistd (distributed audit daemon) to the build:

- Manual cross references
- Makefile for auditdistd
- rc.d script, rc.conf entrie
- New group and user for auditdistd; associated aliases, etc.

The audit trail distribution daemon provides reliable,
cryptographically protected (and sandboxed) delivery of audit tails
from live clients to audit server hosts in order to both allow
centralised analysis, and improve resilience in the event of client
compromises: clients are not permitted to change trail contents
after submission.

Submitted by: pjd
Sponsored by: The FreeBSD Foundation (auditdistd)

Disconnect non-MPSAFE SMBFS from the build in preparation for dropping
GIANT from VFS. In addition, disconnect also netsmb, which is a base
requirement for SMBFS.

In the while SMBFS regular users can use FUSE interface and smbnetfs
port to work with their SMBFS partitions.

Also, there are ongoing efforts by vendor to support in-kernel smbfs,
so there are good chances that it will get relinked once properly locked.

This is not targeted for MFC.

Disconnect non-MPSAFE NWFS from the build in preparation for dropping
GIANT from VFS. In addition, disconnect also netncp, which is a base
requirement for NWFS.

In the possibility of a future maintenance of the code and later
readd to the FreeBSD base, maybe we should think about a better location
for netncp. I'm not entirely sure the / top location is actually right,
however I will let network people to comment on that more specifically.

This is not targeted for MFC.

Disconnect non-MPSAFE PORTALFS from the build in preparation for dropping
GIANT from VFS.

This is not targeted for MFC.

- Allow to pass extra parameters for each jails.
- To achieve above, convert jail(8) invocation to use new style
command line "-c" flag.

Reviewed at: freebsd-jail@

Whitespace nit

Make ipfw0 logging pseudo-interface clonable. It can be created automatically
by $firewall_logif rc.conf(5) variable at boot time or manually by ifconfig(8)
after a boot.

Discussed on: freebsd-ipfw@

- Change kfd rc script to be more conformant with rcNG conventions:
o change rcname to kfd;
o move mandatory options to command_args;
o add missing "shutdown" keyword;
o fix require line. Kfd doesn't really need to be started before
daemons.

Suggested by: dougb

- Add rc.d script for kfd, kerberos forwarded tickets daemon.

Increase the default shutdown timer to 90 seconds. This will allow
certain systems that take a long time to shut down, without adversely
affecting things that shut down quickly. It's also 30 seconds less than
the default hard limit of 120 seconds in kern.init_shutdown_timeout.

PR: conf/109272
Submitted by: Radim Kolar SF.NET <hsn@sendmail.cz>

Fix various issues with the NFS and RPC related scripts:

1. Add new functionality to the force_depend method to incorporate the
tests for whether the service is enabled and/or already running.
2. Add a new option to bypass checking only that the service is enabled
at boot time, and always check if it is running.
3. Use this new functionality to greatly simplify the rc.d scripts that
use force_depend.
4. Add a force_depend for statd in lockd
5. Remove the check that either nfs_server or nfs_client is _enable'd
from statd and lockd. This was always overkill, and prevented using
the {one|force}start options, as well as stop'ing on the command line.
6. The yp* scripts had some of their arguments in various weird orders.
Bring them into line with the model.
7. If mountd fails to create /var/db/mountdtab, err out.

Ideas, suggestions, and/or review from delphij and jilles.
Pointy hats are completely my responsibility however.

As it stands right now, the default devfs rulesets are only loaded as a
side effect of something else using them. If they haven't been loaded
already but you want to use them, say for configuring a jail, you're out
of luck.

So add a knob to always load the default rulesets. While I'm here document
the other devfs_ knobs in rc.conf.5.

Add etc/rc.d/static_ndp, analogous to etc/rc.d/static_arp.
Make sure that static ARP and NDP bindings are set before NETWORKING.

As static_ndp is based on static_arp, pass copyright to the project with
permission of the original author (delphij@).

Reviewed by: delphij@FreeBSD.org
MFC after: 3 days

Correct the RFC number for the description of IPv6 privacy addressing

Reviewed by: bz
Approved by: re (kib)

Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE
(r225485). When setting an interface name to it, the following
configurations will be enabled:

1. "no_radr" is set to all IPv6 interfaces automatically.

2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif. This is
done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
means you can manually supersede this configuration if necessary).

3. The node will add RA-sending routers to the default router list
even if net.inet6.ip6.forwarding=1.

This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network). To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.

Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table. To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.

Approved by: re (bz)

Add the netwait rc.d script. It waits for the specified period for the
network to become active.

PR: conf/151063
Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com>

Add rc.d/kld to load kernel modules after local disks are up.
This method is many times faster than doing it in /boot/loader.conf.

Make three one line changes to the rc scripts so that
they work with the new NFS client being the default,
since the new NFS client's module name is nfscl and
not nfsclient.

No logner set an IPv4 loopback address by default in defaults/rc.conf.
If not specified, network.subr will add it automatically if we have
INET support (1).

In network.subr only call the address family up/down functions
if the respective AF is available.

Switch to new kern.features variables for inet and inet6 as the
inet sysctl tree is also available for IPv6-only kernels leading
to unexpected results.

Suggested by: hrs (1)
Reviewed by: hrs
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 20 days

Update the /etc/rc.d scripts for mountd and nfsd so they
can use the "-o" option to force the old NFS server to run.
Running the old NFS server is enabled by setting
oldnfs_server_enable="YES". The scripts will only enable
providing service for NFSv4 if nfsv4_server_enable="YES"
is set.

Reviewed by: dougb (rc)

Introduce to rc.subr get_pidfile_from_conf(). It does just what it sounds
like, determines the path to a pid file as it is specified in a conf file.

Use the new feature for rc.d/named and rc.d/devd, the 2 services in the
base that list their pid files in their conf files.

Remove the now-obsolete named_pidfile, and warn users if they have it set.

- Merge in OFED 1.5.3 from projects/ofed/head

Replace nfs4 with newnfs in netfs_types. nfs4 was removed in r192578 and
mount(8) has supported newnfs since r192930.

PR: conf/153655
Submitted by: Anonymous <swell.k@gmail.com>
MFC after: 3 weeks

Add gptboot_enable rc variable, which allows to turn gptboot reporting off in
case user wants to implement his own actions and doesn't want the attributes to
vanish.

Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
MFC after: 3 days

Commit the rest of r213270.

Thanks to Anonymous <swell dot k at gmail.com> for spotting this.

Split $ipv6_prefer into $ip6addrctl_policy and $ipv6_activate_all_interfaces.

The $ip6addrctl_policy is a variable to choose a pre-defined address
selection policy set by ip6addrctl(8).
The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3,
the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484,
respectively. When "AUTO" is specified, it attempts to read
/etc/ip6addrctl.conf first. If it is found, it reads and installs it as
a policy table. If not, either of the two pre-defined policy tables is
chosen automatically according to $ipv6_activate_all_interfaces.

When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding
$ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.

The default values are ip6addrctl_policy=AUTO and
ipv6_activate_all_interfaces=NO.

Discussed with: ume and bz

Add $ipv6_privacy to support net.inet6.ip6.use_tempaddr. Note that this
will be replaced with a per-IF version later.

Based on: changes in r206408 by dougb

Fix $ipv6_network_interfaces and set it as AUTO by default.

Based on: changes in r206408 by dougb

Revert changes in r206408.

Discussed with: dougb, core.5, and core.6

o Correct typo.

Submitted by: Bojidara Marinchovska via -stable
MFC after: 1 week

Remove trailing white space. No functional changes.

Better handling of ipv6_default_interface using
net.inet6.ip6.use_defaultzone=1. Now, it works IPv6 link-local
unicast addresses as well as IPv6 link-local multicast addresses.

MFC after: 1 week

Use ubthidhci_enable="NO" to avoid the bootup warning.

Submitted by: Jilles Tjoelker <jilles@stack.nl>
MFC after: 3 days

In case a user wants to configure only an IPv6 link-local address
add an example that shows how to do it.

Add rc.d/ubthidhci. This small script calls usbconfig(1) to change a USB
Bluetooth controller from HID mode to HCI mode.

MFC after: 1 week

Improve the handling of IPv6 configuration in rc.d. The ipv6_enable
and ipv6_ifconfig_<interface> options have already been deprecated,
these changes do not alter that.

With these changes any value set for ipv6_enable will emit a
warning. In order to avoid a POLA violation for the deprecation
of the option ipv6_enable=NO will still disable configuration
for all interfaces other than lo0. ipv6_enable=YES will not have
any effect, but will emit an additional warning. Support and
warnings for this option will be removed in FreeBSD 10.x.

Consistent with the current code, in order for IPv6 to be configured
on an interface (other than lo0) an ifconfig_<interface>_ipv6
option will have to be added to /etc/rc.conf[.local].

1. Clean up and minor optimizations for the following functions:
ifconfig_up (the ipv6 elements)
ipv6if
ipv6_autoconfif
get_if_var
_ifconfig_getargs
The cleanups generally were to move the "easy" tests earlier in the
functions, and consolidate duplicate code.

2. Stop overloading ipv6_prefer with the ability to disable IPv6
configuration.

3. Remove noafif() which was only ever called from ipv6_autoconfif.
Instead, simplify and integrate the tests into that function, and
convert the test to use is_wired_interface() instead of listing
wireless interfaces explicitly.

4. Integrate backwards compatibility for ipv6_ifconfig_<interface>
into _ifconfig_getargs. This dramatically simplifies the code in
all of the callers, and avoids a lot of other code duplication.

5. In rc.d/netoptions, add code for an ipv6_privacy option to use
RFC 4193 style pseudo-random addresses (this is what windows does
by default, FYI).

6. Add support for the [NO]RTADV options in ifconfig_getargs() and
ipv6_autoconfif(). In the latter, include support for the explicit
addition of [-]accept_rtadv in ifconfig_<interface>_ipv6 as is done
in the current code.

7. In rc.d/netif add a warning if $ipv6_enable is set, and remove
the set_rcvar_obsolete for it. Also remove the latter from
rc.d/ip6addrctl.

8. In /etc/defaults/rc.conf:

Add an example for RTADV configuration.

Set ipv6_network_interfaces to AUTO.

Switch ipv6_prefer to YES. If ipv6_enable is not set this will have
no effect.

Add a default for ipv6_privacy (NO).

9. Document all of this in rc.conf.5.

Redirect stdin from /dev/null when starting a jail:
At least in RELENG_7 this fixes some start problems for some programs
from the ports. It is also more correct, as a jail shall not expect
input (interactivity) from the jail-host.

Revert the current behavior of starting jails in the background and
make it optional only for the start of jails (jail_parallell_start=YES
in rc.conf):
- The stop can not be done in the background, the system needs to wait
until everything is stopped correctly before it can reboot or power
down.
- The start should not be done in parallel by default, this not only
breaks POLA for people comming from RELENG_x, it may also break a
dependency chain with other scripts in the jail-host, which need to
do some stuff after the jails are up and running (e.g. hardlinking
a mysql socket from one jail into another one).

Discussed on: freebsd-jails@

Please welcome HAST - Highly Avalable Storage.

HAST allows to transparently store data on two physically separated machines
connected over the TCP/IP network. HAST works in Primary-Secondary
(Master-Backup, Master-Slave) configuration, which means that only one of the
cluster nodes can be active at any given time. Only Primary node is able to
handle I/O requests to HAST-managed devices. Currently HAST is limited to two
cluster nodes in total.

HAST operates on block level - it provides disk-like devices in /dev/hast/
directory for use by file systems and/or applications. Working on block level
makes it transparent for file systems and applications. There in no difference
between using HAST-provided device and raw disk, partition, etc. All of them
are just regular GEOM providers in FreeBSD.

For more information please consult hastd(8), hastctl(8) and hast.conf(5)
manual pages, as well as http://wiki.FreeBSD.org/HAST.

Sponsored by: FreeBSD Foundation
Sponsored by: OMCnet Internet Service GmbH
Sponsored by: TransIP BV

Introduce new rc.conf variable firewall_coscripts. It can be used to
specify list of executables and/or rc scripts that should be executed
after firewall starts/stops.

Submitted by: Yuri Kurenkov <y dot kurenkov at init dot ru>
Reviewed by: rhodes, rc@
MFC after: 1 week

Add rc.d script for the rtsold(8) daemon.

The rtsol(8) handles just one RA then exit. So, the OtherConfig flag
may not be handled well by rtsol(8) in the environment where there are
multiple RA servers on the segment. In such case, rtsold(8) will be
your friend.

Reviewed by: hrs
MFC after: 2 weeks

Remove the rules using 'me6'. Now, 'me' matches both any IPv6 address
and any IPv4 address configured on an interface in the system.

Reviewed by: David Horn <dhorn2000__at__gmail.com>, luigi, qingli
MFC after: 2 weeks

With the introduction of named_conf the -c example in named_flags
is no longer necessary or desirable. Update the comment to indicate
that _flags should be used for options other than -u and -c.

Add support for configuring vlan(4) interfaces as child devices similar to
wlan(4) interfaces. vlan(4) interfaces are listed via a new 'vlans_<IF>'
variable. If a vlan interface is a number, then that number is treated as
the vlan tag for the interface and the interface will be named '<IF>.<tag>'.
Otherwise, the vlan tag must be provided via a vlan parameter in a
'create_args_<vlan>' variable.

While I'm here, fix a few nits in rc.conf(5) and mention create_args_<IF> in
the description of cloned_interfaces.

Reviewed by: brooks
MFC after: 2 weeks

Unify rc.firewall and rc.firewall6, and obsolete rc.firewall6
and rc.d/ip6fw.

Reviewed by: dougb, jhb
MFC after: 1 month

Add empty watchdogd_flags.

PR: 136620
Submitted by: amdmi3
MFC after: 3 days

By popular acclaim, enable "Starting foo:" messages by default

Add a knob to show 'Starting foo:' messages when faststart is used,
such as at boot time.

The following changes are added because of
network_ipv6->rc.d/netif integration:

- $ipv6_enable is now obsolete. Instead, IPv6 is enabled by
default if the kernel supports it, and $ipv6_network_interfaces
is "none" by default. If you want to use IPv6, define
$ipv6_network_interfaces and $ifconfig_xxx_ipv6.

An interface which is in $network_interfaces and not in
$ipv6_network_interfaces will be marked as "inet6
-auto_linklocal ifdisabled" (see ifconfig(8)).

- $ipv6_ifconfig_xxx is renamed to ifconfig_xxx_ipv6 for
consistency with other address families. The old variables
still work but can be removed in the future. Note that
ipv6_ifconfig_xxx="..." should be replaced with
ifconfig_xxx_ipv6="inet6 ...".

- Receiving ICMPv6 Router Advertisement is not automatically
enabled even if there is no manual configuration of IPv6 in
rc.conf. If you want it, define
ifconfig_xxx_ipv6="inet6 ... accept_rtadv".

- The rc.d/ip6addrctl now chooses address selection policy based
on $ipv6_prefer, not $ipv6_enable. The default is
ipv6_prefer=NO.

- $router* and $ipv6_router* are replaced with $routed_* and
$route6d_* for consistency. The old variables still work but
can be removed in the future.

MFC after: 3 days

Add a new rc.d script, static_arp, which enables the administrator to
statically bind IPv4 <-> MAC address at boot time.

In order to use this, the administrator needs to configure the following
rc.conf(5) variable:

- static_arp_pairs: A list of names for static bind pairs, and,
- a series of static_arp_(name): the arguments that is being passed to
``arp -S'' operation.

Example:
static_arp_pairs="gw"
static_arp_gw="192.168.1.1 00:01:02:03:04:05"

See the rc.conf(5) manual page for more details.

Reviewed by: -rc@
MFC after: 2 weeks

rc.d/fsck: allow additional options for fsck_y_enable via fsck_y_flags

Primary intention is to allow to pass -C option to avoid (re-)checking
clean filesystems when preening fails and fsck -y kicks in.

Submitted by: marck
Reviewed by: current@
Approved by: jhb (mentor)
MFC after: 1 week

Add support for the experimental nfs subsystem to the scripts in
/etc/rc.d. They use the following new rc variables:
nfsv4_server_enable - set to "YES" to run the experimental server
nfsuserd_enable - set to "YES" to run nfsuserd for NFSv4 client and
server
nfsuserd_flags - command line flags for nfsuserd
nfscbd_enable - set to "YES" to run the experimental nfs client's
NFSv4 callback daemon
nfscbd_flags - command line flags for nfscbd

Reviewed by: dougb
Approved by: kib (mentor)

Further idmapd garbage collection -- remove rc.d Makefile reference and
default settings.

Submitted by: Pawel Worach <pawel.worach at gmail.com>

1. New feature; option to have the script loop until a specified hostname
(localhost by default) can be successfully looked up. Off by default.
2. New feature: option to create a forwarder configuration file based on
the contents of /etc/resolv.conf. This allows you to utilize a local
resolver for better performance, less network traffic, custom zones, etc.
while still relying on the benefits of your local network resolver.
Off by default.
3. Add named-checkconf into the startup routine. This will prevent named
from trying to start in a situation where it would not be possible to do
so.

Set crashinfo_enable to "YES" by default.
During bootup, if /etc/rc.d/savecore detects a core dump file
on the dump device, the core file will be saved, and the crashinfo
script will be run to generate a human-readable report.

This will make it easier for end-users to provide feedback to
developers about kernel crashes.

Reviewed by: jhb

Revert r188010. When dhclient is backgrounded, services such as ntpdate,
sendmail / postfix etc. may fail to start because DNS is unavailable and /
or the server is unreachable. In the worst case, the machine may become
unusable.

Debugging this issue was far more difficult than it should have been, due
to earlier changes to the rc framework to hide almost all useful information
about the boot process.

Approved by: silence

Add support for setting the debug flags on wlan interfaces after the are
created using wlandebug_<ifn> variables.

Rename the rc.conf(5) knob if_up_delay to defaultroute_delay to better
reflect its purpose.

Since, rc.d/defaultroute has the ability to wait for a
default route to show up we can turn this knob back on
without screwing subsequent daemons that expect to be
able to talk to the outside world.

Update jail startup script for multi-IPv4/v6/no-IP jails.

Note: this is only really necessary because of the ifconfig
logic to add/remove the jail IPs upon start/stop.
Consensus among simon and I is that the logic should
really be factored out from the startup script and put
into a proper management solution.

- We now support starting of no-IP jails.
- Remove the global jail_<jname>_netmask option as it is only
helpful to set netmasks/prefixes for the right address
family and per address.
- Implement jail_<jname>_ip options to support both
address familes with regard to ifconfig logic.
- Implement _multi<n> support suffix to the jail_<jname>_ip
option to configure additional addresses to avoid overlong,
unreadbale jail_<jname>_ip lines with lots of addresses.

Submitted by: initial work from Ruben van Staveren
Discussed on: freebsd-jail in Nov 2008.
Reviewed by: simon, ru (partial, older version)
MFC after: 1 week

The description of the various securelevels has moved to the
security.7 manpage a while ago.

MFC after: 1 week

Put the devfs ruleset next to devfs enable, add a comment about
the suggested ruleset[1].

While here use an IP from the 'test-net' prefix for docs.

PR: kern/130102 ([1] different problem in the end)
Reviewed by: simon
MFC after: 2 weeks

Add defaults for /etc/rc.d/gssd

Approved by: dfr

Allow a jail to be started with a specific route fib.

Reviewed by: secteam (simon)
Reviewed by: brooks, bz

Add the ability to run /usr/sbin/crashinfo on a new core dump automatically
during boot. Right now this is disabled by default, but it can be enabled
by setting 'crashinfo_enable=YES' in rc.conf.

MFC after: 2 weeks

Make obrien happy #2

Rename the RCng 'kernel' script to 'kernel_symlink'.

Requested by: many

Allow the network addresses and interface names for the "client" and
"workstation" firewall types to be set from rc.conf so that rc.firewall
no longer needs local patching to be usable for those types. For now
I've set the variables in /etc/defaults/rc.conf to the previous defaults
in /etc/rc.firewall.

PR: bin/65258
Submitted by: Valentin Nechayev netch of netch.kiev.ua
Silence from: net
MFC after: 2 weeks

For the firewall_* variables that are specific to the "workstation"
firewall type, note that property in their description.

MFC after: 1 week

Only symlink booted kernel directory to /boot/kernel if user has explicitly
requested it. This is too dangerous to just do behind the admin's back.

Add the -c option for named_flags (still commented out) that is
relevant for ports users, and change the comment to match.

While I'm here fix the capitalization of the named_program comment.

Make quota knob conform to other rc(8) knobs. Keep older knob for
compatibility.

Requested by: Volker <volker@vwsoft.com>

Remove ISDN4BSD (I4B) from HEAD as it is not MPSAFE and
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.

This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation

Discussed with: rwatson, re

Change the default value of synchronous_dhclient to NO.

To preserve the existing behavior of etc/rc.d/netif, add code to wait
up to if_up_delay seconds (30 seconds by default) for a default route to
be configured if there are any dhcp interfaces. This should be extended
to test that the interface is actually up.

X-MFC after:

Replace a couple mentions of the soon to be removed vaps_<ifn>
variable form with wlans_<ifn>.

Revert rev 1.332 and keep ddb scripts off by default for now. Minidumps
are more flexable and much text-dump like output can be produced from
them so there's a good argument they are a better default.

Change the default of ddb_enable to YES so we default to generating textdumps
on panic. This means you get a potentially useful dump even if your system
is running X when you panic.

X-MFC after: never

rc support for vaps

Set defaults for the rfcomm_pppd_server rc script

MFC after: 1 week

o add rc.conf knobs to set the wpa_supplicant program, logging flags,
and config file
o change default logging options from -q to -s (log to syslog); this
is currently broken for boot-time startup as syslogd is started too
late but that'll be dealt with separately

MFC after: 2 weeks

The rarpd(8) daemon must be instructed to start on all interfaces or a
specific one. Instruct it to listen on all interfaces so that enabling
it in rc.conf(5) works "out of the box."

PR: conf/121406
Submited by: trasz
MFC after: 1 week

Use the new command file feature of ddb(8) to support setting ddb(4)
scripts at boot. This is currently disabled by default. /etc/ddb.conf
contains some potentially reasonable default scripts.

PR: conf/119995
Submitted by: Scot Hetzel <swhetzel at gmail dot com> (Earlier version)
X-MFC after: textdumps

Add a dummynet_enable knob to go with firewall_enable. If this knob
is enabled dummynet(4) is added to the list of required modules.

Discussed on: #freebsd-bugbusters (rwatson, trhodes)
PR: conf/79196
MFC after: 1 week

Clarify that devfs_system_ruleset should contain a name, not a number.
Prompted by PR conf/85363

MFC after: 3 days

Rev. 1.6 made it impossible to use rc.d/kerberos with the krb5 port.
Re-implement the change so that the script once again works with
the krb5 port.

Submitted by: kensmith (slightly modified)
MFC after: 3 days

Improve kernel NAT support in rc.firewall

- Allow IP in firewall_nat_interface, just like natd_interface
- Allow additional configuration parameters passed to ipfw via
firewall_nat_flags
- Document firewall_nat_* in defaults/rc.conf

Tested by: Albert B. Wang <abwang at gmail.com>
MFC after: 1 month

o From the Problem Report: the TCP_DROP_SYNFIN kernel option is now
included in the kernel by default. Remove reference to this option
from defaults/rc.conf and rc.conf(5).

PR: conf/119098
Submitted by: Beat Gaetzi
MFC after: 1 week

Backout sensors framework.

Requested by: phk
Discussed on: cvs-all

Import OpenBSD's sysctl hardware sensors framework.

This commit includes the following core components:

* sample configuration file for sensorsd
* rc(8) script and glue code for sensorsd(8)
* sysctl(3) doc fixes for CTL_HW tree
* sysctl(3) documentation for hardware sensors
* sysctl(8) documentation for hardware sensors
* support for the sensor structure for sysctl(8)
* rc.conf(5) documentation for starting sensorsd(8)
* sensor_attach(9) et al documentation
* /sys/kern/kern_sensors.c
o sensor_attach(9) API for drivers to register ksensors
o sensor_task_register(9) API for the update task
o sysctl(3) glue code
o hw.sensors shadow tree for sysctl(8) internal magic
* <sys/sensors.h>
* HW_SENSORS definition for <sys/sysctl.h>
* sensors display for systat(1), including documentation
* sensorsd(8) and all applicable documentation

The userland part of the framework is entirely source-code
compatible with OpenBSD 4.1, 4.2 and -current as of today.

All sensor readings can be viewed with `sysctl hw.sensors`,
monitored in semi-realtime with `systat -sensors` and also
logged with `sensorsd`.

Submitted by: Constantine A. Murenin <cnst@FreeBSD.org>
Sponsored by: Google Summer of Code 2007 (GSoC2007/cnst-sensors)
Mentored by: syrinx
Tested by: many
OKed by: kensmith
Obtained from: OpenBSD (parts)

Teach /etc/rc.d/ppp to start multiple instances of ppp.

ppp_profile variable can now contain multiple profiles.
Overrides for ppp mode and nat can go into ppp_$profile_mode
and ppp_$profile_nat variables respectively. If those are
not specified, defaults from ppp_mode and ppp_nat are used.

Submitted by: Yuri Kurenkov < y dot kurenkov at init dot ru >
Reviewed by: mtm
MFC after: 1 week

Finishing renaming of cached into nscd. etc/rc.d and usr.sbin/Makefile
updated. Note added to UPDATING.

Approved by: re (kensmith, bmah), brooks (mentor)

Add a startup script for ftp-proxy(8) now that it is no longer started as
part of inetd(8).

Approved by: re (bmah)
Reviewed by: freebsd-rc (a while back)
Reminded by: kevlo

Add a new rc.conf variable, sendmail_rebuild_aliases, which tells
/etc/rc.d/sendmail whether or not to run newaliases if the database
is missing or the aliases text file is newer than aliases.db.

In my opinion, the aliases file should never be automatically rebuilt.
The current text form could represent a work in progress. Therefore,
in FreeBSD 7.0, this new option will default to "NO". When this rc.d
change is MFC'ed, it will need to remain "YES" to maintain backward
compatibility.

PR: conf/86252
Approved by: re (kensmith)
MFC after: 3 days

Now that a separate /usr/X11R6 directory is no longer in fashion,
stop looking there for things like rc.d and periodic. This avoids
duplicating effort when /usr/X11R6 is a symlink to /usr/local,
which it is by default now.

It is not anticipated at this time that we will MFC this change, since
we'd like to avoid breaking legacy systems. However, there is a fix for
/etc/rc.subr in the works to avoid running any rc.d scripts twice which
we should be able to MFC.

Add a pfsync_syncpeer option to /etc/defaults/rc.conf and rc.conf(5),
which can be used to turn off multicast pfsync support, and enable
the transmission of directed PFSYNC (IP protocol: 240) packets to
a specific "sync peer" host.

PR: conf/111225
Submitted by: Bas van Beek <bas@tobin.nl>
Approved by: mtm, mlaier
MFC after: 2 weeks

Add rc.d/hostid script (turned on by default) which on first boot generates
UUID and stores it in /etc/hostid ($hostid_file) as well as sets kern.hostuuid
and kern.hostid sysctls on every boot.

Hostid can be reset using '/etc/rc.d/hostid reset' command.

Hostid generation and setting can be turned off by setting variable
hostid_enable to "NO" in /etc/rc.conf.

Reviewed by: mlaier, rink, brooks, rwatson

- Add ZFS startup script.

Submitted by: des

- When starting mountd(8) and ZFS is enabled, add /etc/zfs/exports file.
- Update rc.conf(5).

Add rpc_statd_flags and rpc_lockd_flags options to allow options to be
passed to rpc.statd and rpc.lockd

MFC after: 1 week

Fix typo FILESYSTEM -> FILESYSTEMS
This bug prevents local scripts to start up

Add a dummy script, FILESYSTEMS, which depends on root and mountcritlocal
and takes over mountcritlocal's role as the early / late divider. This
makes it far easier to add rc scripts which need to run early, such as a
startup script for zfs, which is right around the corner.

This change should be a no-op; I have verified that the only change in
rcorder's output is the insertion of FILESYSTEMS immediately after
mountcritlocal.

MFC after: 3 weeks

Oops wrong line commented out in prev fix

Back out network.subr :- fix and comment out dhc*_fxp0 examples instead

Submitted by: jhb

As suggested more than once in the lists, drop -M from flags to mfs
for /tmp and /var. This makes the memory discs swap-backed instead
of malloc-backed. A swap-backed memory disc should not be worse
than a malloc-backed one in any scenario because it will start
touching swap only when needed. OTOH, a malloc-backed disc can
starve limited kernel resources and evenually crash the system.

Reflect the change in the rc.conf(5) manpage. Also stop telling
lies there about softupdates: it does not waste disc space, it
just can delay its freeing.

Suggested by: many
PR: kern/87255
MFC after: 1 week

Turn default address selection on by default. Now, when
ipv6_enable="NO", an IPv4 address is preferred for a
destination address.

MFC after: 1 month

Add support for EtherChannel configuration to rc startup scripts.

Note: This also deprecates "NO" as a way to specify an empty list of
interfaces for gif_interfaces.

PR: conf/104884
Submitted by: nork
Harassed by: brd
Discussed with: brooks, dougb

Add the following knobs for quotas if they are enabled:

quotaon_flags - flags for the quotaon command
quotaoff_flags - flags for the quotaoff command
quotacheck_flags - flags for the quotacheck command

Add auditd_program variable to defaults, in order to make it more clear
how to change the auditd instance. When using a port/package-based
OpenBSM, changing the auditd pointer may be desirable.

Obtained from: TrustedBSD Project
MFC after: 3 weeks

Give rc.firewall a polish and a new method.

Factor out the loopback setup

Use "me" instead of hardcoded $ip where possible.

Add "workstation" which protects just this machine with stateful
firewalling. Put the variables for this in rc.conf.

Submitted by: Flemming Jacobsen <fj@batmule.dk>
Reviewed by: cperciva

Add idmapd_flags to defaults/rc.conf.
Document it and idmapd_enable.

RC script for idmapd(8), defaulting to off.

Introduce mixer_enable (default: YES).

PR: conf/101268
Submitted by: Eugene Grosbein <eugen@grosbein.pp.ru>
Approved by: cperciva (mentor)
X-MFC after: 6.2-RELEASE
Sponsored by: FreeBSD Test-Bugathon

Push removal of mrouted down to the rest of the tree.

Flushing all IPv4 routes when an interface is removed or unconfigured
makes no sense. Remove the undocumented removable_route_flush feature
from pccard_ether.

X-MFC after: never

Add bthidd(8) rc(8) script

MFC after: 1 month

Make it a little clearer that interface-specific flags aren't additional
to specified dhclient flags.

Mention background_dhclient_iface.

Suggested by: ru

Add a -p switch to dhclient. The switch tells dhclient to persist
despite the interface link status.

Add dhclient_flags_iface and background_dhclient_iface rc.conf options.
(where iface is a specific interface). These can be used to give
interface specific flags to dhclient.

Reviewed by: brooks@

Set removable_route_flush to NO be default. It's clearly the wrong
thing to do in most (all?) cases and certainly should not be the default
now that we're running pccard_ether on all interface creates and
destroys.

MFC after: 3 days

Back out 1.272. The LAPIC timer conflicts with C2/3 on various systems,
and so users get hangs until interrupts are generated another way. We'll
have to find a way to make the 2 work together before re-enabling this by
default.

Since Alpha support isn't in HEAD anymore, remove Alpha-specific
rc.conf(5) knobs, too: osf1_enable, unaligned_print.

- Remove hardcoded /etc/ntp.conf configuration file from ntpdate rc.d script
and replace it with a new ntpdate_config variable.
- Document it in defaults/rc.conf and rc.conf.5.
- Document ntpdate_hosts in defaults/rc.conf.

Requested by: Chris Timmons <cwt@networks.cwu.edu>
Approved by: cperciva (mentor, implicit)
MFC after: 1 week

Update geli_swap_flags, -e is now used to specify the encryption algorithm.

Add rc.d/bridge which is invoked when a new interface arrives and can
automaticly add it to an Ethernet bridge. This is intended for applications
such as qemu, vmware, openvpn, ... which open tap interfaces and need them
bridged with the hosts network adapter, the user can set up a glob for
interfaces to be automatically added (eg tap*).

Add jail_<jname>_exec_afterstart<N> rc.conf variable, where <N> is
1,2 and so on.
It specifies the command to be run as Nth after jail startup.

sh(1)-fu by: Dario Freni
PR: conf/97697
MFC after: 2 weeks
Reviewed by: ru@ (man page)

Increase the nfs access cache timeout from 2 to 60. The latter is a
more appropriate value and is also the default set by the kernel. I
could not find a justification of why rc.conf began overriding it back
in 1998.

This dramatically cuts NFS traffic on e.g. a busy system with NFS root.

Reviewed by: mohans
MFC After: 2 weeks

Send the pcvt(4) driver off to retirement.

- Change the "jail_" prefix for internal script variables. This fixes an
issue where some global jail_* variables were overriden in the script. [1]
- Change "jid" to "jname" in rc.conf(5), since it's more a jail name than a
jail id. [1]
- Update examples and comments in defaults/rc.conf to advertise new
variables and the fact that some of the jail-specific variables may be made
jail-global. [2]

Reported by: pjd [1], clsung [2]
Approved by: cperciva
X-MFC after: i got sufficient testing from people using rc.d/jail

- Extend the nsswitch to support Services, Protocols and Rpc
databases.
- Make nsswitch support caching.

Submitted by: Michael Bushkov <bushman__at__rsu.ru>
Sponsored by: Google Summer of Code 2005

- Add new ntpd_config variable so that people can override it in rc.conf.
- Add default value in /etc/defaults/rc.conf.
- Add documentation bits to rc.conf(5).

Approved by: cperciva (mentor)
MFC after: 1 week

Spell synchronous with required silent 'h'.

Reported by: ru, ceri
Pointy hat: brooks

Commit the various network interface configutation updates I've been
working on.
1) Make it possible to configure interfaces with certain characters in
their names that aren't valid in shell variables. Currently supported
characters are ".-/+". They are converted into '_' characters.
2) Replace nearly all eval statements in network.subr with a new
function get_if_var which substitues an interface name (after the
translations above) for "IF" in a variable name.
3) Fix list_net_interfaces() in the nodhcp case.
4) Allow the administrator to specify if dhclient should be started
when /etc/rc.d/netif configures the interface or only by devd.
This can be set on both a per interface and system wide basis.

PR: conf/88974 [1,2], conf/92433 [1,2]

- Fix amd startup when amd is installed from ports.
- Add the according amd_program default value in defaults.

PR: conf/82738
Submitted by: TAOKA Fumiyoshi <fmysh@iijmio-mail.jp>
Approved by: cperciva (mentor)
MFC after: 3 days

Remove vestiges of OLDCARD.

Add a default ldconfig32_paths entry in default/rc.conf for 32-bit compatability shared libraries.
It is used by the ldconfig rc.d scripts.
Document this variable in the man page

PR: amd64/91571
Approved by: philip (mentor)
MFC after: 3

Overhaul the named boot script:

1. Remove a now-spurious NetBSD CVS Id, as we are no longer synching work
2. Remove a now-spurious BEFORE, since ntpdate now REQUIRE's named
3. Replace the call to set rcvar with what that function would output,
and generally reduce indirection ($name -> named) since it's highly
unlikely the name of the named process or service will change any time soon.
4. Resort the order the variables at the top of the file to a more
traditional format, and remove a spurious required_dirs from the top, as it
works better after load_rc_config.
5. We do not want the default reload method with named, so define a simple
but appropriate substitute using rndc. If I were writing this script for
the first time I would not include this at all, since it's preferable to
control a running daemon with rndc to start with, but given that this is
already here, let's do it right. I hope that future generations will
however resist the tempation to add reconfig to extra_commands.
6. By the same token, we want to use rndc to shut down named, but given
that by defining a stop function we lose the "find the process by its
pid file in an emergency" goodness of rc.subr, try to do something useful
in the event that rndc is not available, and keep the user informed.
7. Replace some "test -f" with "test -r" to handle the unlikely event
that the relevant file exists, but is unreadable.
8. Twiddle whitespace in a few areas, remove a spurious blank line,
a bogus double space, and try to do better indenting.
9. Improve generation of the rndc.key file significantly
a. If for some reason a user has an rndc.conf file, assume that they
did that on purpose, and hence know what they are doing, so leave them alone.
b. Introduce a named_uid configuration variable so that the user which owns
the rndc.key file and the user named runs as always match, and is more
easily configurable. This should dramatically reduce problems with rndc.
c. Also test that the rndc.key file size is greater than zero, rather than
simply that the file exists. I have seen at least one user report this exact
problem, and although neither of us is sure where the empty file came from,
the fix is simple, so include it.
d. Rather than try to create an rndc.key file in both /etc/namedb and the
chroot'ed /etc/namedb, assume that they are be the same (which they should
be), and only create the file in the chroot'ed version of the directory.
This partially addresses the problem described in conf/73929, but I have
not yet finished thinking about the PREFIX issue that PR also raises.

As a result of introducing the named_uid knob, the default named_flags
are now empty.

Update defaults/rc.conf and rc.conf(5) to reflect these changes.

- Add a startup script for hostapd.
- Document associated variable in rc.conf(5).

Approved by: dougb
MFC after: 1 week

Add auditd_enable and auditd_flags rc.d scripts.

Obtained from: TrustedBSD Project

Enable the lowest Cx state by default. This will save power and we have
had enough testing of acpi_cpu to know this is stable now.

Add an rc.d script for stand-alone ftpd.

Document the script's controls on the rc.conf(5)
manpage and touch its Dd.

PR: conf/90893
MFC after: 5 days

Add a mechanism to include files added by ports which contain
the names of directories to include in the base ldconfig script.
This will eliminate the need for each port to install its own
boot script which does nothing but ldocnfig a given directory.

This code was developed by flz (ports committer), discussed on
freebsd-rc@, and modified slightly by me.

Submitted by: flz
Reviewed by: brooks

Brooks pointed out a potential problem with disabling the X cleaning
by default, so add a new knob that is on by default, and check that
knob in start_precmd so that it can run even if cleaning /tmp is
not enabled. This has the advantage of not violating POLA, while
still allowing the user to disable this behavior if they wish (for
example on a server that will never run X).

Clear up problems with /etc/rc.d/{abi|cleanvar|cleartmp} brought
to light by the PR. Specifically, convert these three scripts
into good rc.d citizens, making sure that their functionality
is preserved, but the rc.d framework rules are not broken.

Add support for cleanvar as a regular rc.d script in the
default rc.conf, and document this in the man page.

Add a descriptive comment to rc.conf that regarding the
three emulation/compatibility services provided by abi
so users will not be confused by these services not having
their own startup scripts.

PR: conf/84574
Submitted by: Alexander Botero-Lowry

Remove usbd(8) and all references to it. It is no longer necessary
since devd(8) now provides the same functionality.

Submitted by: Anish Mistry

Remove rcconf.sh from /etc/rc.d, and instead load the configuration
as part of rc. Doing this, and the sourcing of rc.subr after we have
determined if we are booting diskless (and correspondingly run
rc.initdiskless if necessary) are safe, and actually allow fewer files
to be needed on the diskless box. This also allows variables from
the configuration to be available to rc itself, such as ...

Add a variable to rc.conf, early_late_divider, which designates the
script which separates the early and late stages of the boot process.
Default this to mountcritlocal, and add text to etc/defaults/rc.conf,
rc.conf(5) and diskless(8) which describes how and why one might want
to change this.

Reviewed by: brooks

Add a -f configfile option to devd(8), based on a patch submitted by
Wojciech A. Koszek.

Submitted by: Wojciech A. Koszek <dunstan@freebsd.czest.pl>

Revise hcsecd(8) and sdpd(8) rc.d scripts one more time

- Use _prestart rc.d method to automatically kldload ng_btsocket(4) if needed;

- Rename "sdpd_user" to "sdpd_username" and "sdpd_group" to "sdpd_groupname"
to avoid collision with "magic" variables;

Inspired by: yar
MFC after: 3 days

Add a new configuration variable, ipv4_addrs_<ifn>, which adds one or
more IPv4 address from a ranged list in CIRD notation:

ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"

In the process move alias processing into new ipv4_up/down functions to
more toward a less IPv4 centric world.

Submitted by: Philipp Wuensche <cryx dash freebsd at h3q dot com>

Add rc.d scripts for the hcsecd(8) and sdpd(8) daemons. Put defaults into
/etc/defaults/rc.conf. Both daemons can run even if no Bluetooth devices
are attached to the system. Both daemons depend on Bluetooth socket layer
and thus disabled by default. Bluetooth sockets layer must be either loaded
as a module or compiled into kernel before the daemons can run.

MFC after: 1 month

Add an rc.d script to start pfsync at the right moment of the
system boot, and hook it up in the system.

The separate script is needed because in the presence of various
interface lists in rc.conf ($network_interfaces, $cloned_interfaces,
$sppp_interfaces, $gif_interfaces, more to come) it is hard to start
them orderly, so that pfsync is brought up after its syncdev, which
is required for the proper startup of pfsync.

Discussed with: mlaier on -pf
MFC after: 5 days

Add a new rc.conf entry, kerberos5_server_flags, which allows the
administrator to specify additional start-up flags to the Kerberos
5 Authentication Server.

MFC after: 3 days

Stop hard-coding an -M flag to mdmfs(8) in /etc/rc.subr.
Now this flag can be set, or not set, for memory-backed
file systems on individual basis, as illustrated by the
rc.conf(5) variables tmpmfs_flags and varmfs_flags. The
flag is set for those FS'en by default, in /etc/defaults/rc.conf,
in order to stay compatible with the old rc.subr behaviour.

Submitted by: marck
MFC after: 3 days

- Remove the removable_interfaces variable. /etc/pccard_ether will
now run on any interface.
- Add a new ifconfig_<ifn> keyword, NOAUTO which prevents configuration
of an interface at boot or via /etc/pccard_ether. This allows
/etc/rc.d/netif to be used to start and stop an interface on a purely
manual basis. The decision to affect pccard_ether may be revisited at
a later date.

Requested by: imp, gallatin (removable_interfaces)
Discussed with: sam, Randy Bush (NOAUTO)

Add scripts for GELI device configuration on boot.

rc.d/geli - configures encryption (ask for passphrases, etc.);
rc.d/geli2 - is called after file systems are mounted and mark devices for
detach on last close.

Sponsored by: Wheel Sp. z o.o.
http://www.wheel.pl
MFC after: 3 days

Teach rc.d/encswap script how to use geli(8) for swap encryption.

MFC after: 3 days

Remove gbde_swap_enable option which doesn't work and doesn't really have to
work, as one still needs to put <device>.bde into /etc/fstab.

Minor comment re-alignment.

- Mention special behaviour of init(8) when kern_securelevel="0"

Suggested by: Miroslav Lachman <000.fbsd@quip.cz>
Approved by: cperciva (src hat)

Introduce new per-jail variable jail_<name>_flags, which allows to specify
jail(8) flags (before the change we had hardcoded "-l -U root").

Submitted by: Frank Behrens <frank@pinky.sax.de>
PR: conf/80244
Approved by: re (scottl)
MFC after: 1 week

Remove default and documenation for pccard_ether_delay since I removed
it from /etc/pccard_ether.

Submitted by: Jeremie Le Hen <jeremie at le-hen dot org>

Change the default for dumpdev to "AUTO". It should be reverted to "NO"
on RELENG_* branches.

Support code for the OpenBSD dhclient. This significantly changes the
way interfaces are configured. Some key points:

- At startup, all interfaces are configured through /etc/rc.d/netif.
- ifconfig_<if> variables my now mix real ifconfig commands the with
DHCP and WPA directives. For example, this allows media
configuration prior to running dhclient.
- /etc/rc.d/dhclient is not run at startup except by netif to start
dhclient on specific interfaces.
- /etc/pccard_ether calls "/etc/rc.d/netif start <if>" to do most of
it's work.
- /etc/pccard_ether no longer takes additional arguments to pass to
ifconfig. Instead, ifconfig_<if> variables are now honored in favor
of pccard_ifconfig when available.
- /etc/pccard_ether will only run on interfaces specified in
removable_interfaces, even if pccard_ifconfig is set.

Add startup script and default configuration file for bsnmpd.

Reviewed by: harti

Document that dumpdev may be set to AUTO to dump to the first appropriate
swap device listed in /etc/fstab.

The alternative suggested for /entropy as a shutdown
save file was /var/db/entropy, which also happens to
be the directory where the individual entropy files
created by /usr/libexec/save-entropy are stored.
Change the suggestion to be /var/db/entropy-file
instead.

In an error condition where the shutdown file is not
created, the error message accessed a variable that
doesn't exist.

PR: conf/75722
Submitted by: Nicolas Rachinsky <list@rachinsky.de>

Set CPU speed to 100% in acpi_throttle attach. This is needed for some
systems that boot with this value at the lowest setting. Change the
default boot config back to "leave frequency as BIOS set it". Also, fix
buglet where acpi_throttle wouldn't be used if p4tcc was present but
disabled by the user.

MFC after: 1 week

Instead of leaving the current frequency setting at whatever the BIOS set
on boot, force it to HIGH. This is needed for some systems which appear
to boot with a low acpi_throttle setting by default. Thanks to Christian
Brueffer for tracking this down on his system.

MFC after: 1 day

Remove mac_lomac(4) functionality. The proper way is to use loader.conf
or build the policy into a kernel.

Approved by: rwatson

Allow chkprintcap(8) to be run before lpd is started. Disabled by
default for now. Default flags create missing directories.

Remove comment about doing this in etc/rc.d/var.

Unlike in the PR, I chose to do this in the lpd script where we reliably
have /usr available.

PR: conf/71488
Submitted by: RZ-FreeBSD0904 at fh-karlsruhe dot de

- Update etc/rc.d/newsyslog to FreeBSD standards and install it.
- Enable it by default, running newsyslog with -CN which creates files
that have the C flag specified in /etc/newsyslog.conf.
- Remove the "newsyslog -CC" call from etc/rc.d/var and the check for
newsyslog.
- Add the C flag to entries in /etc/newsyslog.conf that are currently
installed as part of the base system.

There are two effects from this change:
- Users who delete default syslog files to stop logging to them
will need to set newsyslog_enable=NO in rc.conf or remove the C
flag from those file in /etc/newsyslog.conf or they will come back
on the next boot.
- Diskless systems now create the same set of files that ordinary
systems have by default instead of every file in newsyslog.conf.

Due to a couple complaints about C3 failing on an old Compaq Armada and
a mobile Celeron, disable it by default for the release. We'll have to
nail the last few cases later.

Add rc.conf options for powerd (disabled by default) and hook the script
up to the build.

Make power_profile not touch cpufreq by default.

Add support for cpufreq to power_profile(8). Values for on/offline cpu
frequencies are specified with performance_cpu_freq and economy_cpu_freq.
Of course, special values LOW and HIGH are also supported. Also, remove
old throttling support.

Add a reference to rc.conf(5).

PR: docs/35648
Submitted by: Gary W. Swearingen

Use rc.subr

PR: 72505
Submitted by: Amir Shalem <amir@active.ath.cx>

Improve the RC framework for the clean booting/shutdown of Jails:

1. Feature: for flexibility reasons and as a prerequisite to clean
shutdowns, allow the configuration of a stop/shutdown command
via rc.conf variable "jail_<name>_exec_stop" in addition to the
start/boot command (rc.conf variable "jail_<name>_exec_start"). For
backward compatibility reasons, rc.conf variable "jail_<name>_exec"
is still supported, too.

2. Debug: Add the used boot/shutdown commands to the debug output of
the /etc/rc.d/jail script, too.

3. Security: Run the Jail start/boot command in a cleaned environment
to not leak information from the host to the Jail during startup.

4. Feature: Run the Jail stop/shutdown command "jail_<name>_exec_stop" on
"/etc/rc.d/jail stop <name>" to allow a graceful shutdown of the Jail
before its processes are just killed.

5. Bugfix: When killing the remaining Jail processes give the processes
time to actually perform their termination sequence. Without this the
subsequent umount(8) operations usually fail because the resources
are still in use. Additionally, if after trying to TERM-inate the
processes there are still processes hanging around, finally just KILL
them.

6. Bugfix: In rc.shutdown, if running inside a Jail, skip the /etc/rc.d/*
scripts which are flagged with the KEYWORD "nojail" to allow the
correct operation of rc.shutdown under jail_<name>_exec_stop="/bin/sh
/etc/rc.shutdown". This is analogous to what /etc/rc does inside a Jail.

Now the following typical host-configuration for two Jails works as
expected and correctly boots and shutdowns the Jails:

-----------------------------------------------------------
# /etc/rc.conf:
jail_enable="YES"
jail_list="foo bar"
jail_foo_rootdir="/j/foo"
jail_foo_hostname="foo.example.com"
jail_foo_ip="192.168.0.1"
jail_foo_devfs_enable="YES"
jail_foo_mount_enable="YES"
jail_foo_exec_start="/bin/sh /etc/rc"
jail_foo_exec_stop="/bin/sh /etc/rc.shutdown"
jail_bar_rootdir="/j/bar"
jail_bar_hostname="bar.example.com"
jail_bar_ip="192.168.0.2"
jail_bar_devfs_enable="YES"
jail_bar_mount_enable="YES"
jail_bar_exec_start="/path/to/kjailer -v"
jail_bar_exec_stop="/bin/sh -c 'killall kjailer && sleep 60'"
-----------------------------------------------------------
# /etc/fstab.foo
/v/foo /j/foo/v/foo nullfs rw 0 0
-----------------------------------------------------------
# /etc/fstab.bar
/v/bar /j/bar/v/bar nullfs rw 0 0
-----------------------------------------------------------

Reviewed by: freebsd-hackers
MFC after: 2 weeks

Add nfs4 to list of net filesystems.

Approved by: alfred

Implement per-jail fstab(5) files. Here's a rc.conf sample using
this feature for a jail named foo :

jail_foo_mount_enable="YES"
jail_foo_fstab="/etc/fstab.foo"

The second line is actually useless, since the code defaults to
using "/etc/fstab.$jailname" as the fstab file if none is specified.

MFC after: 3 days
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>

Revert the noexec,nosuid,nodev options for md /tmp file systems, since
the change in the default behavior may break existing, working setups.

Requested by: brooks

Add two new rc.conf options: tmpmfs_flags and varmfs_flags.

These can be used to pass extra options to the mdmfs(8) utility,
to customize the finer details of the md file system creation
(i.e. to turn on/off softupdates, to specify a default owner for md
filesystem, etc).

Use these two new flags to mount tmpmfs and varmfs without
softupdates, since it doesn't make much sense to use SU on
malloc-backed file systems.

Reviewed by: mtm
Inspired by: J. D. Bronson, jbronson at wixb dot com

Sync up with vinum(8) and rc.d/vinum removal.

OK'ed by: phk

Do a better job of supporting more than one mouse device
on the system.

To start/stop/check on a specific device give the device name as
the second argument to the script:
# /etc/rc.d/moused start ums0

To use different rc.conf(5) knobs with different mice use the device
name as part of the knob. For example, if the mouse device is ums0, then:
moused_ums0_enable=yes
moused_ums0_flags="-z 4"
moused_ums0_port="/dev/ums0"

Starting rc.d/moused without the device argument will use the standard
moused_* flags. So, this commit should not disrupt or change current usage.

To preserve current behaviour with respect to usb mice, which appear
automatically when inserted, there is a new knob, moused_nondefault_enable,
which will treat any devices without rc.conf knobs as enabled.

To minimize knobs in /etc/rc.conf, the device file and pid file are
auto-computed, so that in the typical case for a usb mouse you don't
need to add anything extra in /etc/rc.conf to get it working.

Additionally, this updates /etc/usbd.conf to use the rc.d/moused script so
people don't have to modify it to configure their usb mouse anymore.

MFC after: 1 month

Allow to change interfaces name on boot time.
Now, one should be able to put something like this into /etc/rc.conf:

ifconfig_fxp0_name="net0"
ifconfig_net0="inet 10.0.0.1/16"

Reviewed by: green

Introduce root_rw_mount as a new variable in defaults/rc.conf to
unbreak /etc/rc.d/root for diskless systems that get their root
filesystem from a read-only NFS mount.

PR: conf/72927
Submitted by: Ralf Wenk <RZ-FreeBSD1004@fh-karlsruhe.de>
Reviewed by: brooks

Accidentally removed the last component of the pathname when committing.

Fix a botched rev. 1.221 commit. Also, a number of people have
pointed out that /usr/local/etc/rc.d/000.pkgtools.sh installed
with the portupgrade does an equivalent thing, so I personally
would like to see the change reverted, but let David handle it.

Remove hcsecd line which was inadvertantly included in the previous commit.

Remove a pointless syslogd_flags example.

MFC after: 2 weeks

'portupgrade' places obsoleted shared libraries in /usr/local/lib/compat/pkg,
so add this the list of directories ldconfig'ed.

Correct a trivial typo.

Give users the ability to load a mac_bsdextended(4) ruleset on boot (defaults
to NO of course). Provide a basic ruleset file, rc.bsdextended, but allow
the filename to be overridden through rc.conf.

Discussed with: rwatson (awhile ago)

Create a named chroot directory structure in /var/named, and use it
by default when named is enabled. Also, improve our default directory
layout by creating /var/named/etc/namedb/{master|slave} directories,
and use the former for the generated localhost* files.

Rather than using pax to copy device entries, mount devfs in the
chroot directory.

There may be some corner cases where things need to be adjusted,
but overall this structure has been well tested on a production
network, and should serve the needs of the vast majority of users.

UPDATING has instructions on how to do the conversion for those
with existing configurations.

For the default FreeBSD install, the file path actually is
/var/run/named/pid. This is done so that named can start
with -u bind and still dump a pid file in that directory,
which is chowned to user bind.

It's named.pid, not named/pid.

Pointy hat to: dougb@

Add a note to indicate that the path set in named_pidfile must
also be set in named.conf. Our default named.conf has this already.

Update the note for named_symlink_enable to indicate that ndc is gone.

Bring back etc/rc.d/ntpdate as requested by scads of people. This isn't a
complete backout as the ntpd_sync_on_start etc/rc.conf tunable is still
present, though the default is now NO (was YES). Since we're no longer
syncing time at startup by default when ntpd is enabled (as was the case
24hrs ago), remove UPDATING entry pointing out that ntpd(1) -g is slower
than ntpdate(1).

Hopefully ntpd_sync_on_start="YES" can be made the default for -CURRENT
after 5.3 is cut. At the very least, this should be set to YES when a
user requests to have ntpd enabled via sysinstall(1).

Requested by: many

Stop using ntpdate(1) in our startup proceedure. Replace ntpdate(1) with
calls to ntpd -g. ntpd is noticably slower than ntpdate, but is also more
accurate. This removes the nasty hackery in rc.d/ntpdate that would parse
out ntp servers from /etc/ntp.conf (ntpd knows how to read its own config
file). By default, ntpd *will* sync with its listed time servers. To
turn this off so that ntpd does not sync, ntpd_sync_on_start="NO" can be
added to /etc/rc.conf. If ntpd is not enabled (the default), then time is
not synced on startup. ntpdate's use has been depreciated by the ntpd
authors for quite some time so this change shouldn't be unexpected.

Suggested by: des
Approved by: roberto (resident ntp guru)

Fix typo in description of pflog_logfile.

Submitted by: Mike Jakubik

For the gbde attach script:
- Ask the user up to X times (3 by default) for the pass-phrase, if
it is incorrect the first time.
- Add support for storing the lockfiles in another other directory
than /etc.
- Document that it is possible to override the location of each single
lockfile.

Approved by: pjd

devd is now on by default

Reviewed by: dfr,njr (not nate!)

Allow setting the system console keyboard via the ${keyboard} rc.conf
directive.

fix typo in comment in my previous commit.

Add ip6addrctl_enable and ip6_addrctl_verbose option. If
ip6addrctl_enable is set to YES, address selection policy is installed
into kernel.
If there is /etc/ip6addrctl.conf, it is used for address selection
policy. Even if there is no /etc/ip6addrctl.conf, we install default
policy. In this case, if ipv6_enable is set to YES, we use address
selection policy described in RFC 3484 as default. Otherwise, we
install priority policy for IPv4 address.
The default of ip6addrctl_enable is NO for now. However, it may
better to enable it by default.

Throw the switch and enable use of the lowest idle states while online in
addition to offline. This can be overridden in /etc/rc.conf if it causes
trouble although this has been stable since 2003/12.

Document devfs_set_rulesets a little.

Document sendmail_pidfile variable.
Add sendmail_procname variable.

Add rc.d script to start pflogd and add rcvars etc. Also document vars in
rc.conf(5) and put a sample entry to newsyslog.conf

Reviewed by: -current
Approved by: bms(mentor)

Overhaul the /etc/rc.d/diskless script by splitting it out into
hostname, resolve, tmp, and var scripts. The latter three are new and
were repo copied. These scripts no longer depend on being booted with
and NFS root instead attempt to automaticly create mfs /tmp and /var
volumes if the they are not writable. This behavior can be overridden
in /etc/rc.conf.

Reviewed by: luigi, pjd

Add rc.d script for pf(4) (more to come once pflogd(8) works as well).
Update defaults and write some lines for rc.conf(5) also.
Mostly dup'ed from ipf

Reviewed by: -current
Approved by: bms(mentor)

1. Remove the named_rcng variable. Mike's caution in this area was a good
thing, but we're ready to move on.

2. Remove the -g default argument in named_flags. It doesn't actually do
what most users think it does, and what most users want it to do is already
accomplished with a proper default group for the bind user, which we have.
Also, the -g knob does something entirely different in BIND 9, which leads
to a lot of needless confusion/aggravation.

3. In the rc.d script, don't bogusly override $command, or $rc_flags. Both
are adequately handled in rc.conf[.local].

4. DO properly override $rc_flags if user has named_chrootdir set.
This may need to be revisited, but should be ok for now.

5. Protect all chrootdir-related bits under that variable, instead of
named_rcng.

There is more work to be done here, especially in the area of BIND 9
compatibility, but this is a start at least.

Prompted in part by (legitmate) grousing from: kuriyama, Randy Bush

From the PR:
Certain MTA configurations mean that the notifications from
virecover keep bouncing; so here's a patch to allow administrators
to turn them off.

PR: conf/54910
Submitted by: bms (with a minor cleanup)

Add support for initializing swap devices with random one-shot keys. Note
that the keys are currently generated by computing the MD5 checksum of 512
bytes read from /dev/random, and are passed to gbde on the command line.

Sponsored by: Teleplan AS

Ruleset numbers are not allowed in devfs_* knobs.
Noticed by someone on -current.

Support starting/stoping of jails individually.

This commit also removes the support for the sysutils/jailer port. This
is inline with the general policy to keep ports related knobs out
of the base system's configuration mechanism.

Submitted by: Juergen Unger <j.unger@addict.de>

Added support for intelligent handling of DST transitions in cron.

reviewed by: imp

Add power_profile, a script that changes the ACPI CPU Cx idle state and/or
the throttling state in response to line transitions. Future plans
include adding support for CPU frequency changes.

Add a devd.conf entry for calling this script.

The default values for this are:
performance_cx_lowest="HIGH" # Use HLT (C0) online
performance_throttle_state="HIGH" # 100% (no throttling)
economy_cx_lowest="LOW" # Use the lowest Cx state possible
economy_throttle_state="HIGH" # 100% (no throttling)

Backout ataraid rcng script. I must have missed ar0 in my scan of /dev
after my first reboot because sure enough, I'm seeing it there now and
ata(4) is doing the right thing(TM).

Pointed out by: des

Add a script that allows software RAID sets to be created before file
systems are mounted. An example set of entries for /etc/rc.conf:

ataraid_enable="YES"
ataraid_devices="ar0"
ataraid_ar0_set="ad2 ad3"
ataraid_ar0_type="RAID1"

Because there is no "correct" way of doing ATA raid (ie, geom vs.
atacontrol vs. vinum) that is bikeshed proof, this rcng script stays within
the bounds of atacontrol and assumes that other RAID solutions for GEOM or
vinum will end up in a different rcNG script.

Reviewed by: green

Add a means of starting an IKE daemon from the rc system at an appropriate
time during the boot process. This is needed in the case where NFS mounts
from servers reachable only via IPSEC are in /etc/fstab.

PR: conf/42497
Submitted by: Volker Stolz
Approved by: re (rwatson)

Default ntpd to write a "driftfile" in /var/db/ntpd.drift.

A "driftfile" caches the oscillator offset estimate from boot to boot,
having this means faster and less bumpy time synchronization. Will
be overridden by any value in the config file.

Add a default setting of NO for the gbde auto attach script, and
document the options.

Add `-C 60' to the default flags for inetd, so that it is less
vulnerable to run-of-the-mill DoS attacks in the default installation.

Enhance the jail start/stop script.
o The following additional configuration attributes of a jail can be
controlled from rc.conf:
- mounting devfs(5)
- mounting fdescfs(5)
- mounting procfs(5)
- custom devfs(8) ruleset
If no ruleset is specified, the default jail ruleset is used.

o The output of executing /etc/rc in the jail is now redirected
to /dev/null. Instead, the hostname of the jail is echoed if
the jail(8) command exited successfully. If the output is wanted
it can probably be redirected to a file (/var/run/$jail maybe)
instead of /dev/null.

Submitted by: Scot W. Hetzel <hetzels@westbend.net>
with modifications by Jens Rehsack <rehsack@liwing.de>
and me.

o Reduce rc(8) startup clutter by turning the informational messages
off by default.
o Apparently the routine displaying the informational messages wasn't
checking its knob in rc.conf, so fix that as well.

Requested by: obrien

Add a general mechanism for creating and applying
devfs(8) rules in rc(8). It is most useful for applying
rules to devfs(5) mount points in /dev or inside jails.
The following line of script is sufficient to
mount a relatively useful+secure devfs(5) in a jail:

devfs_mount_jail /some/jail/dev

Some new shell routines available to scripts that source
rc.subr(5):
o devfs_link - Makes it a little easier to create symlinks
o devfs_init_rulesets - Create devfs(8) rulesets from devfs.rules
o devfs_set_ruleset - Set a ruleset to a devfs(5) mount
o devfs_apply_ruleset - Apply a ruleset to a devfs(5) mount
o devfs_domount - Mount devfs(5) and apply some ruleset
o devfs_mount_jail - Mount devfs(5) and apply a ruleset
appropriate to jails.

Additional rulesets can be specified in /etc/devfs.rules.
If the devfs_system_ruleset variable is defined in rc.conf
and it contains the name of a ruleset defined in /etc/defaults/devfs.rules
or user supplied rulesets in /etc/devfs.rules then that ruleset will
be applied to /dev at startup by the /etc/rc.d/devfs script. It can
also be applied post-startup:

/etc/rc.d/devfs start

This is a more flexible mechanism than the previous method of using
/etc/devfs.conf. However, that method is still available.

Note: since devfs(8) doesn't provide any way for creating symlinks
as part of a ruleset, anyone wishing to create symlinks in a devfs(5)
as part of the bootup sequence will still have to rely on /etc/devfs.conf.

Now that routes for IP over ATM may look much more complex than before,
use the atmconfig(8) utility instead of route(8) to install those routes.
For this we need a new rc.conf variable natm_static_routes that works
just like static_routes except that the referenced routes use the syntax
of atmconfig(8).

Okay'ed by: mtm

add rtsol_flags.

MFC after: 1 week

Change the default for background_dhclient back to NO. It can
cause to much troubles with applications.

Always start dhclient in the background.

Reviewed by: mtm

- Add a software watchdog facility.

This commit has two pieces. One half is the watchdog kernel code which lives
primarily in hardclock() in sys/kern/kern_clock.c. The other half is a userland
daemon which, when run, will keep the watchdog from firing while the userland
is intact and functioning.

Approved by: jeff (mentor)

Update a comment about symlinking named's pid file to correctly
reflect the code.

Suggested by: maxim

The dhcp_program and dhcp_flags variables have to be renamed to
take advantage of the rc.subr(8) glue. They are renamed dhclient_program
and dhclient_flags.
o Rename them in rc.conf(5)
o Rename them in /etc/defaults/rc.conf
o Add the deprecated variables to /etc/rc.subr
o Isolate the use of the 'command' variable to the
NetBSD specific parts in /etc/rc.d/dhclient.
o Now that dhcp_flags has also been renamed it will
be applied properly by rc.subr(8) glue code.

Reported by: John Nielsen <john@jnielsen.net>

Move networkfs_types from mountcritlocal into defaults/rc.conf as netfs_types.
Also add logic into mountcritremote to add extra_netfs_types to the list.

This unbreaks putting smbfs, portalfs and now nwfs in fstab.

Per previous announcement, remove the old version of the rc system.

All functionality from the previous system has been preserved, and
users should still customize their system boot with the familiar
methods, rc.conf, rc.conf.local, rc.firewall, sysctl.conf, etc.

Users who have customized versions of scripts that have been removed
should take great care when upgrading, since the compatibility code
that used those old scripts has also been removed.

Make the defaults for Kerberos 5 a little more up-to-date.

Change the name of the kadmind binary to match reality, now that
KerberosIV is no longer an issue.

xten isn't needed after tw is gone.

Approved by: re@ (scottl)

Add new knobs for controlling jails in rc.d and document them.

Approved by: makrm (mentor)

A new rc-ng script to build linker.hints files with kldxref(8)
automatically at boot time. Associated rc.conf(5) knobs and
documentation are included.

Make it more clear how to disable keybell, and where its options are found.

PR: conf/41772

Initiate KerberosIV de-orbit burn. Disconnect the /etc configs.

/etc/rc.network isn't built to handle a value of "DEFAULT" (nor should it
be). Using that string leads rc.network to execute:

# sysctl -w vfs.nfs.bufpackets=DEFAULT
vfs.nfs.bufpackets: 4 -> 0

Which isn't what was intended.

PR: conf/31280
MFC after: 3 days

Add rc_debug knob to rc.conf. The code for it has been in rc.subr for
some time now.
Document all knobs introduced by rc.d

Approved by: markm (mentor)
Reviewd by: gordon (earlier revision)

Fix the named script to find the correct pid file for the
named(8) daemon by providing a new rc.conf knob: named_pidfile
that defaults to the path specified in the system-installed named.conf(5).

Approved by: markm (mentor)
Reviewed by: dougb
Noticed by : Galen Sampson <galen_sampson@yahoo.com>
Dan Pelleg <daniel+bsd@pelleg.org>
PR: conf/46402
MFC: 2 weeks (with re@ approval)

Delay an optional amount of time after booting before starting a
background fsck. The delay defaults to sixty seconds to allow
large applications such as the X server to start before disk I/O
bandwidth is monopolized by fsck.

Submitted by: Brooks Davis <brooks@one-eyed-alien.net>
Sponsored by: DARPA & NAI Labs.

Make pccardd have -z by default. This fixes a few startup problems
where people want to have the cards configured. Lack of -z is a speed
optimization.

Submitted by: many voices on mobile@
Approved by: re@ (rwatson)
MFC after: 3 days

Fixed two typos in comments.

Turn off devd until I have a devd.conf file that I can install one
that does no harm.

Add devd_enable

Submitted by: dougb

Add IPv6 setup for ipfilter. `ipv6_ipfilter_rules' was added
to specify rules definition file for ipfilter. The default is
/etc/ipf6.rules. If there is a file which is specified by
'ipv6_ipfilter_rules', IPv6 rule is installed.

Reviewed by: Ronald van der Pol <Ronald.vanderPol@rvdp.org>
MFC after: 1 week

Introduce bootparamd into the boot scripts. Add a bootparamd_enable and
_flags to rc.conf

Submitted by: John Hay <jhay@zibbi.icomtek.csir.co.za>

Deprecate the use of sendmail_enable="NONE" as it adversely affects the
new rcNG effort.

Submitted by: Mike Makonnen <makonnen@pacbell.net>

Turn rc_ng on by default now, it's time has come. While we are at it, I'd
like to thank Mike Makonnen for all his work on rcNG. Without him, none
of this would have been possible.

establish default values for /etc/rc.d/pcvt script

Clean up some variables that should have been done before:
xntpd_* -> ntpd_*
portmap_* -> rpcbind_*

Also change single_mountd_enable to mountd_enable.

We also include shims for all the old variable names.

Submitted by: Mike Makonnen <makonnen@pacbell.net>

Change the default setting of an IPv4-mapped IPv6 address to off.

Requested by: many people

be able to configure to run an IPv6 routing daemon even on
an end node.

Requested by: Masachika ISHIZUKA <ishizuka@ish.org>
MFC after: 1 week

Add a couple of variables for rc.d

Submitted by: Mike Makonnen

We want to play osterage and stick our heads in the sand and ignore things.

Requested by: jhb

ntpdate(1) is depreciated.

Explictly set kerberos_stash to NO instead of blank. While we are at it,
fix a comment that suggested setting ipv6_ipv4mapping to blank. This
will aid in merging with rcng which requires all veriables to be
explicitly set.

Submitted by: Mike Makonnen
MFC after: 1 week

Remove reference to the TCP_RESTRICT_RST option, which was removed
over a year ago.

Small ws twiddle while I'm here.

Consistently use full pathnames for files, especially executables.

PR: conf/37292
Submitted by: Helge Oldach <send-pr@oldach.net>
MFC after: 3 days

Back out /etc/rc.d addition. I'd like to see something come of what has
already been imported. It would have been nice to get it out there
in DP1, but that is too late now.

<peril sensitive sunglasses on>
Add /etc/rc.d to the startup dirs list. It is a convenient place to put
custom startup scripts instead of hacking a shared rc.local. eg: ftpd in
listener mode, or maybe even sendmail or another mailer, etc.
<peril sensitive sunglasses off>

Correct path for saver to reflect reality.

Submitted by: Martin Faxer <gmh003532@brfmasthugget.se>

Correct grammar(?) in comments.

PR: 36808
Submitted by: Andrew Boothman <andrew@cream.org>

Quoting Peter Wemm, "At great personal risk, touch the sendmail startup
again."

As an alternative to sendmail_enable=NONE, solve the boot time problem
for non-sendmail users completely by moving all of the sendmail startup
code from /etc/rc to /etc/rc.sendmail. The source for that script will
be kept in src/etc/sendmail/rc.sendmail so make.conf's NO_SENDMAIL will
prevent it from being installed. A new rc.conf variable,
mta_start_script specifies the script to run to start the user's
preferred MTA. For backward compatibility, it will default to
/etc/rc.sendmail. The specified script is called out of /etc/rc after
checking to make sure it exists. A new rc.sendmail.8 man page has also
been added which now houses the sendmail_* variable descriptions
formerly in rc.conf.5.

Use /etc/rc.sendmail in /etc/mail/Makefile to reduce code duplication.

Reviewed by: -current, -stable, obrien, peter, ru
MFC after: 1 week

Provide a way for users to completely prevent sendmail from trying to start
at boot time.

Instead of rc.conf's sendmail_enable only accepting YES or NO, it can now
also accept NONE. If set to NONE, none of the other sendmail related
startup items will be done.

Remove an extra queue running daemon might be started that wasn't necessary
(it didn't hurt anything but it wasn't needed).

The new logic is:

# MTA
if ${sendmail_enable} == NONE
# Do nothing
else if ${sendmail_enable} == YES
start sendmail with ${sendmail_flags}
else if ${sendmail_submit_enable} == YES
start sendmail with ${sendmail_submit_flags}
else if ${sendmail_outbound_enable} == YES
start sendmail with ${sendmail_outbound_flags}
endif
# MSP Queue Runner
if ${sendmail_enable} != NONE &&
[ -r /etc/mail/submit.cf] && ${sendmail_msp_queue_enable} == YES
start sendmail with ${sendmail_msp_queue_flags}
endif

Discussed with: Thomas Quinot <Thomas.Quinot@Cuivre.FR.EU.ORG>,
Christopher Schulte <schulte+freebsd@nospam.schulte.org>
MFC after: 1 week

Allow LOMAC to be loaded as part of the boot scripts using "lomac_enable"
setting in rc.conf.

Extracted from the still clammy hands of: green
Sponsored by: DARPA, NAI Labs

There is no reason to demand the administrator set 'natd_interface'
when running natd(8) out of the rc-files. It is perfectly valid for
the interface or alias address to be set in a natd(8) configuration
file, not on the command line. Also, loosen up the restrictions on
identifying an IP address argument in 'natd_interface.'

Fix the documentation, rc.conf(5), to reflect this change.

Take the bogus default for 'natd_interface' out of /etc/defaults/rc.conf.

MFC after: 3 days

Add infrastructure for sendmail 8.12. If users are not starting a daemon
at boot (sendmail_enable=NO), a localhost-only daemon may started
(sendmail_submit_enable) as it is needed to accept mail from command line
submissions. If this isn't desired, see etc/mail/README for more hints.

Optionally (sendmail_msp_queue_enable) start a queue runner for the
submission queue in case a daemon isn't available to accept command line
submitted mail at submission time.

Note that the syslog labels for all of these sendmail processes have been
uniquified for easier log parsing.

Make the rc.conf(5) 'log_in_vain' knob an integer.

Try this out in -CURRENT, MFC, and then consider dropping the
'log_in_vain' knob all together. It really is something for
sysctl.conf(5).

PR: bin/32953
Reviewed by: -bugs discussion
MFC after: 1 week

Don't require operators to override the list of network filesystem
types (networkfs_types) with a version that includes the original
list.

This increases the scope for user error and also means that systems with
networkfs_types set in /etc/rc.conf will not benefit from changes to the
list in /etc/defaults/rc.conf on upgrade.

Instead, store the default list in /etc/rc itself and allow the operator
to append to that list by specifying her own list in networkfs_types.

Rename networkfs_types to extra_netfs_types accordingly, as the new name
better describes the purpose of the variable. Default the value to
'NO'.

Re-introduce the fix that delays mounting of network filesystems until
the network is initialized. This was first implemented in rev 1.268
of src/etc/rc, but was backed out at wollman's request.

The objection was that the right place for the fix is in mount(8).
Having looked at that problem, I find it hard to believe that
the hoops one would have to jump through can be justified by the
desire for purity alone.

Note that there are reported issues surrounding nfsclient kernel
support and mount_nfs(8), which currently make NFS an ugly exception
to the general case.

With this change, systems with non-NFS network filesystems configured
for mounting on startup in /etc/fstab are no longer guaranteed to
fail on startup.

Add a commented-out defaultrouter entry for 6to4 users. See RFC-3068

Whitespace police.

Submitted by: cjc, ru

second part of the patches to complete ipf changes to rc

PR: multiple
Submitted by: Arjan de Vet <devet@devet.org>

Put in place for using ipfs use on shutdown and startup.

PR: 27070

Update to note that rpc.statd and rpc.lockd are now needed for
client side NFS mounts.

Stumbled upon by: rwatson

Remove references to nfsiod and nfs_client_flags now that they are
obsolete.

Submitted by: Gordon Tetlow <gordont@gnf.org>

Add a dumpdir variable that determines where savecore stores crash dumps.
I've had this on my development box for ages...

Quote the value of pccard_ether_delay, the only unquoted value in the
entire file.

We don't ship pim6dd/pim6sd any more.

MFC after: 1 week

Add a new rc.conf variable, cloned_interfaces, to create cloned
interfaces at boot.

Due to a bug in the ed driver, which leads to hangs when using it with
dhclient and pccard_ether, introduce the concept of a "settle time" to
pccard_ether with the new pccard_ether_delay variable. Defaults to 5
seconds, which is enough time for the ed driver to finish its
autoconfiguration for newer Linksys based cards. This also can
eliminate the ed0: timeout messages that happen at startup as well.

MFC: after RE says OK.

o Add sample syslogd_flags for "-ss" which causes syslogd not to bind
an inet socket.

Remove more vestages of diskcheckd, which is now in ports/sysutils.

Invoke named with privilege of bind:bind.
Change pidfile location to /var/run/named/pid.

Upgraded launchpad for kerberos. Noe kerberos IV OR kerberos 5
may be started at boot for kerberos servers.

change the default for isdn_fsdev to NO. specifying a device here
results in a potential conflict with a getty running on that device.
PR: 26818
Submitted by: Clement Ballabriga <clement@asso.ups-tlse.fr>

Add a script_name_sep rc.conf knob to specify the IFS character
for separating the startup scripts' list into individual filenames.

Run the shutdown scripts in reverse alphabetical order, so dependent
services are stopped before the services they depend upon.

Reviewed by: -arch, -audit
MFC after: 3 weeks

Change default of ipv6_default_interface to NO. This is meaningless
in most cases and rather harmful.

Reported by: Kevin Oberman <oberman@es.net>
MFC after: 1 week

Introduce syslogd_program and inetd_program variables in case somebody
wants to replace one of those programs.

PR: 13609
Submitted by: Goran Lowkrantz <goran.lowkrantz@infologigruppen.se>

Change default value of rtadvd_enable to NO to be compatible with
the following description in RFC2461:

AdvSendAdvertisements
A flag indicating whether or not the router sends
periodic Router Advertisements and responds to
Router Solicitations.

Default: FALSE

Note that AdvSendAdvertisements MUST be FALSE by
default so that a node will not accidentally start
acting as a router unless it is explicitly
configured by system management to send Router
Advertisements.

Submitted by: JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
MFC after: 1 week

Add configuration for a FAITH IPv6-to-IPv4 TCP translator.
To use a FAITH actually, you also need faithd(8) setup.
Please consult faithd(8) manpage.

Explicitly set arpproxy_all and start_vinum to "NO" for consistency.

PR: 28185
Submitted by: Gordon Tetlow <gordont@bluemtn.net>

prefixcmd_enable was obsoleted by syncing recent KAME. New prefix(8)
is just a shell script for backward compatibility. Now, we always use
ifconfig(8) instead of prefix(8).

MFC after: 3 weeks

Add diskcheckd to /etc/rc with a knob in rc.conf.

Make the default setting YES for now to get some experience with it.

Note: If people starts seeing disk errors because of this then it
should not be backed.

Move gif_interfaces from an IP6 option to a regular IP option.

PR: 26543
Submitted by: Brooks Davis <brooks@one-eyed-alien.net>
MFC after: 3 weeks

I didn't fix the comment in rev 1.107.

Turn on TCP_EXTENSIONS (rfc1323) by defualt.

Introduce a background_fsck rc.conf option which allows the user to
enable or disable background fsck'ing all in one shot. Default is
currently 'YES'.

Reviewed by: jkh

New option isdn_screenflags to set the syscons screen params for isdnd,
plus documentation.

Submitted by: Alexander Leidinger <Alexander@Leidinger.net>
Not objected to by: hm
MFC after: 1 week

Use foo () instead of foo ( ) for function definition,
so zsh can parse this file as well.

Add an allscreens_kbdflags option. Same thing as allscreens_flags,
but runs kbdcontrol instead of vidcontrol.

Reviewed by: ru

Add isdn_ttype (moved to rc.conf from rc.isdn)
PR: conf/24865
Submitted by: schweikh
Reviewed by: hm

Fix typo in mouse_char range

Add mousechar_start hook

Reviewed by: Nick Hibma <n_hibma@qubesoft.com>

Add removable_interfaces to /etc/defaults/rc.conf. It is used
(undocumented until now) by /etc/pccard_ether.

MFC candidate.

Pointed out by: Dave Crane <dave@trig.net>
Reviewed by: -mobile

Change ntp_flags to "-b" to inspire people to set it right.

Note that "right" in this case is not universally recognized, but
NTP-practittioners as opposed to theoretians generally agree that
getting "inside the window" using ntpdate is TRTTD on PC hardware.

PR: 25514
Submitted by: Chris Johnson <cjohnson-pr@palomine.net>

Axe TCP_RESTRICT_RST. It was never a particularly good idea except for a few
very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.

(second of three commits)

Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

Bring in required TLI library routines to support this.

Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.

This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).

The submitter has agreed to continue on and bring us up to the
1999 release.

Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.

Many userland updates were done to bring the code up to par with
the recent RPC API.

There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.

While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.

New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.

Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.

Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul

Add `ipv6_ifconfig_IFN_aliasN' directive to allow multiple aliases.

PR: conf/24239

At great personal risk, touch the sendmail startup again. This adds easy
seperate knobs for inbound (accepting SMTP connections) and outbound (just
occasionally dequeueing) sendmail daemon startup.

Add flags option for savecore.

Submitted by: David A. Panariti <davep@who.net>

Avoid complicated tests of whether devices are present or not, and
enable all harvesting options by default since having them on for
devices not present doesn't hurt anything. Leave them on by default
since for the most part they are not producing noticable slowdown,
and are about to get a lot more efficient.

Re-order part of the cheesy entropy process in preparation for
its complete removal.

Add code to turn on the entropy harvesting sysctl's as early as possible
during the boot process. We're turning it on by default, based on the
actual presence of a configured ethernet card, and/or ppp/tun devices.
Of course, it's easy to disable in rc.conf.

Have coff be a default ibcs2 loader if we have ibcs2 support enabled.

Introduce the option of running fsck -y if the initial preen fails.
Defaults to off.

Obtained from: Yahoo!

Mention about rtadvd_interfaces. It should be specified if you want
use rtadvd.

Add the options of which cron program to run, and specifying flags
to it.

PR: conf/24358
Submitted by: Gerhard Sittig <Gerhard.Sittig@gmx.net>

Add a sysvipc_enable variable that causes the SysV IPC modules to be loaded.

Reviewed by: dougb

Move the process of storing entropy from /dev/random and reseeding with
it at boot time closer to the way we want it to be in the final version.

* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
and files before the disks are mounted. This gives /dev/random
a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
possibility of accidentally overwriting something other
than a regular file.

Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.

- ipv6_prefix_* and ipv6_ifconfig_* work for end node
- rtsol should be work for only one interface
- new variable ipv6_defaultrouter is added
- option name of rtadvd in comment are corrected
- ipv6_firewall_enable, ipv6_firewall_type, ipv6_firewall_script,
ipv6_firewall_logging are added to introduce rc.firewall6.

IPv6 firewall rule is just starting point and should be brushed up.
This commit includes PR18621, PR21694, PR22051.

PR: conf/18621, conf/21694, conf/22051
Reviewed by: asmodai

add PC-Card melody beep(PC Card bus, kludge version)

Original idea from: PAO3

Set new default: entropy_file="/entropy"

with /var/db/entropy being a hardcoded backup.

Submitted by: Doug Barton <DougB@gorean.org>
Approved by: markm

This brings support for IP Filter into rc.network and rc.conf with
the appropriate documentation added to rc.conf(5). If all goes well
with this over the next few weeks, the PR will be closed with the
pullup of patches back to 4-STABLE.

PR: 20202
Submitted by: Gerhard Sittig <Gerhard.Sittig@gmx.net>
Reviewed by: Darren Reed <darrenr@freebsd.org>
Approved by: Darren Reed <darrenr@freebsd.org>
Obtained from: Gerhard Sittig <Gerhard.Sittig@gmx.net>

Add a unaligned_print option (alpha only)
Document osf1_enable

Submitted by: Eric D. Futch <efutch@nyct.net>
PR: 21649

Remove our override on the default time that a looked up name remains
cached when not in use. This changes the FreeBSD default from 30 minutes
to 5 minutes. JKH was the one that added the override to amd_flags, but
there was no reason given other to serve as an example of what could be
done.