| #
f99f0ee1 |
|
22-May-2024 |
Alexander Leidinger <netchild@FreeBSD.org> |
rc.d: add a service jails config to all base system services
This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
service jail.
The sshd patch is important for the sshd-related functionality as
described in the man-page in the service jails part.
The location of the added env vars is supposed to allow overriding them
in rc.conf, and to hard-disable the use of svcj for some parts where it
doesn't make sense or will not work.
Only a subset of all of the services are fully tested (I'm running this
since more than a year with various services started as service jails).
The untested parts should be most of the time ok, in some edge-cases
more permissions are needed inside the service jail.
Differential Revision: https://reviews.freebsd.org/D40371
|
| #
9e248b7f |
|
18-Apr-2024 |
Cy Schubert <cy@FreeBSD.org> |
kdc: Add restart option
Add a new kdc_restart rc variable that manages kdc (or krb5kdc) under
daemon(8). This automatically restarts the kdc should it fail, i.e.
when it's configured to use LDAP as a backend and cannot connect to its
LDAP directory.
Set kdc_restart="YES" to auto restart kdc on abnormal termination.
Set kdc_restart_delay="N" to the number of seconds to delay before
restarting the kdc. The daemon(8) default seconds applies when not set.
Reported by: Lexi Winter <lexi.freebsd@le-fay.org>
PR: 278395
Differential Revision: https://reviews.freebsd.org/D44898
|
| #
91f78c32 |
|
20-Jan-2024 |
Cy Schubert <cy@FreeBSD.org> |
rc.d/kdc: Support start of MIT krb5kdc
Some users wishing to use the MIT krb5kdc have discovered the
kdc script workaround applied to the MIT krb5 ports is insufficient.
Let's build into this rc script the smarts to determine whether
base or ports Hiemdal kdc is being invoked or the MIT krb5kdc.
While at it, remove kdc_start_precmd(). This will simplify a future
jail patch.
Suggested by: netchild
Original patch: netchild
Reviewed by: emaste, netchild
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43523
|
| #
d0b2dbfa |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
| #
0696600c |
|
17-Oct-2018 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Move the rc framework out of sbin/init into libexec/rc.
The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update because an rc script was touched.
(a follow-up commit will make init its own package)
* having rc in its own place will allow more easy replacement
of the rc framework with alternatives, such as openrc.
Discussed with: brd (during BSDCam), kmoore
Requested by: cem, bz
PR: 231522
Approved by: re (gjb)
|