| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Reviewed by: imp, simon
Approved by: imp (mentor)
|
|
|
|
| |
support.
|
|
|
|
|
|
| |
with a couple of bits from usr.bin in a crunchgen'd binary.
Submitted by: Tim Kientzle <kientzle@acm.org>
|
| |
|
| |
|
|
|
|
|
| |
is using anyway. Otherwise, "make installworld" insists on resetting
them to 0755.
|
| |
|
|
|
|
|
|
| |
following the lead of The XFree86 Project's default.
Approved by: Murray
|
|
|
|
|
|
|
|
|
|
| |
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.
Reviewed by: ru
Approved by: ru
|
| |
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
|
|
|
|
| |
freebsd-uucp port.
|
|
|
|
| |
Submitted by: Rich Morin <rdm@cfcl.com>
|
| |
|
| |
|
|
|
|
| |
README file before making changes here. Fix them once again.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
it at boot time closer to the way we want it to be in the final version.
* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
and files before the disks are mounted. This gives /dev/random
a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
possibility of accidentally overwriting something other
than a regular file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.
For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.
Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
|
| |
|
|
|
|
| |
rather than /modules.
|
| |
|
| |
|
| |
|
|
|
|
| |
commit is easier to understand.
|
|
|
|
|
|
| |
much a diff as lines with the wrong stuff on it.
Add references in mtree data files to the README.
|
| |
|
|
|
|
| |
Reviewed by: jkh (eyebrown raised a little, I concede)
|
| |
|
|
|
|
| |
permissions for /etc/isdn (suggested by Bruce Evans).
|
| |
|
|
|
|
| |
previous /set defaults
|
|
|
|
| |
to handle new user id's in buildworld/installworld.
|
|
|
|
|
|
|
|
| |
Adjust rc.conf to run named in sandbox, adjust mtree to add /etc/namedb/s
subdirectory (user bind, group bind) to hold secondaries, adjust
comments in named.conf to reflect new secondary scheme. (Note that
core read-only zone files are left owned by root, increasing security even
more).
|
| |
|
| |
|
|
|
|
| |
Partially reviewed by: bde
|
| |
|
|
|
|
| |
branches affected: -current, RELENG_2_2, and RELENG_2_1_0
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
|
|
|
|
|
|
|
| |
built release after fixing all the wrong directory permissions in that release.
Then use diff -c -b to verify them against the old versions, nothing but
new directories added :-). And a lot of alphabetizing done!
|
|
|
|
| |
/etc/ppp/options so that pppd will run.
|
|
|
|
|
|
|
| |
new mtree options.
I will be updating these shortly to remove some old stuff and add some
new stuff. These currently produce the exact same trees as they did.
|
|
|
|
|
|
| |
arrange for that directory to get created by mtree. Also, process secure
directory after all the others, because the programs there may overlay
ones installed from the main part of the tree.
|
| |
|