Merge ^/head r288197 through r288456.

5 files changed, 23 insertions, 11 deletions

diff --git a/etc/etc.aarch64/ttys b/etc/etc.aarch64/ttys
index b6fd9ed..f5f225e 100644
--- a/etc/etc.aarch64/ttys
+++ b/etc/etc.aarch64/ttys
@@ -29,7 +29,7 @@
 # when going to single-user mode.
 console	none				unknown	off secure
 #
-ttyv0	"/usr/libexec/getty Pc"		xterm	off  secure
+ttyv0	"/usr/libexec/getty Pc"		xterm	onifconsole  secure
 # Virtual terminals
 ttyv1	"/usr/libexec/getty Pc"		xterm	off  secure
 ttyv2	"/usr/libexec/getty Pc"		xterm	off  secure
@@ -41,9 +41,9 @@ ttyv7	"/usr/libexec/getty Pc"		xterm	off  secure
 #ttyv8	"/usr/local/bin/xdm -nodaemon"	xterm	off secure
 # Serial terminals
 # The 'dialup' keyword identifies dialin lines to login, fingerd etc.
-ttyu0	"/usr/libexec/getty std.9600"	vt100	on  secure
-ttyu1	"/usr/libexec/getty std.9600"	dialup	off secure
-ttyu2	"/usr/libexec/getty std.9600"	dialup	off secure
-ttyu3	"/usr/libexec/getty std.9600"	dialup	off secure
+ttyu0	"/usr/libexec/getty 3wire"	vt100	onifconsole  secure
+ttyu1	"/usr/libexec/getty 3wire"	vt100	onifconsole  secure
+ttyu2	"/usr/libexec/getty 3wire"	vt100	onifconsole  secure
+ttyu3	"/usr/libexec/getty 3wire"	vt100	onifconsole  secure
 # Dumb console
 dcons	"/usr/libexec/getty std.9600"	vt100	off secure
diff --git a/etc/mtree/BSD.tests.dist b/etc/mtree/BSD.tests.dist
index 3d2ff51..8ff6189 100644
--- a/etc/mtree/BSD.tests.dist
+++ b/etc/mtree/BSD.tests.dist
@@ -14,6 +14,8 @@
         ..
         expr
         ..
+        ls
+        ..
         mv
         ..
         pax
diff --git a/etc/rc.d/ugidfw b/etc/rc.d/ugidfw
index d65d6a3..09171e4 100755
--- a/etc/rc.d/ugidfw
+++ b/etc/rc.d/ugidfw
@@ -3,6 +3,7 @@
 # $FreeBSD$
 
 # PROVIDE: ugidfw
+# REQUIRE: FILESYSTEMS
 # BEFORE: LOGIN
 # KEYWORD: nojail shutdown
 
@@ -33,9 +34,17 @@ ugidfw_start()
 
 ugidfw_stop()
 {
+	local rulecount
+
 	# Disable the policy
 	#
-	kldunload mac_bsdextended
+	# Check for the existence of rules and flush them if needed.
+	rulecount=$(sysctl -in security.mac.bsdextended.rule_count)
+	if [ ${rulecount:-0} -gt 0 ]; then
+		ugidfw list | sed -n '2,$p' | cut -d ' ' -f 1 | sort -r -n |
+		    xargs -n 1 ugidfw remove
+		echo "MAC bsdextended rules flushed."
+	fi
 }
 
 load_rc_config $name
diff --git a/etc/rc.subr b/etc/rc.subr
index c23c8fd..cd933c6 100644
--- a/etc/rc.subr
+++ b/etc/rc.subr
@@ -768,6 +768,8 @@ check_startmsgs()
 #
 #	${name}_prepend	n	Command added before ${command}.
 #
+#	${name}_login_class n	Login class to use, else "daemon".
+#
 #	${rc_arg}_cmd	n	If set, use this as the method when invoked;
 #				Otherwise, use default command (see below)
 #
@@ -942,7 +944,7 @@ run_rc_command()
 	    _nice=\$${name}_nice	_user=\$${name}_user \
 	    _group=\$${name}_group	_groups=\$${name}_groups \
 	    _fib=\$${name}_fib		_env=\$${name}_env \
-	    _prepend=\$${name}_prepend
+	    _prepend=\$${name}_prepend	_login_class=\${${name}_login_class:-daemon}
 
 	if [ -n "$_user" ]; then	# unset $_user if running as that user
 		if [ "$_user" = "$(eval $IDCMD)" ]; then
@@ -1050,6 +1052,9 @@ $command $rc_flags $command_args"
 				fi
 			fi
 
+					# Prepend default limits
+			_doit="limits -C $_login_class $_doit"
+
 					# run the full command
 					#
 			if ! _run_rc_doit "$_doit"; then
diff --git a/etc/sendmail/Makefile.depend b/etc/sendmail/Makefile.depend
index 3af2d7f..f80275d 100644
--- a/etc/sendmail/Makefile.depend
+++ b/etc/sendmail/Makefile.depend
@@ -1,10 +1,6 @@
 # $FreeBSD$
 # Autogenerated - do NOT edit!
 
-DEP_RELDIR := ${_PARSEDIR:S,${SRCTOP}/,,}
-
-DEP_MACHINE := ${.PARSEFILE:E}
-
 DIRDEPS = \