summaryrefslogtreecommitdiffstats
path: root/etc/mtree/BSD.var.dist
Commit message (Collapse)AuthorAgeFilesLines
* MFC r258664:delphij2013-11-301-1/+1
| | | | | | | | | Create /var/cache with mode 0755 instead of 0750. This directory is used by many third party applications and having permission 0750 makes it impossible to drop group privileges. Approved by: re (glebius)
* Remove BIND.des2013-09-301-4/+0
| | | | Approved by: re (gjb)
* Fix indentation.des2013-09-221-1/+1
| | | | Approved by: re (blanket)
* Build and install the Unbound caching DNS resolver daemon.des2013-09-151-0/+2
| | | | Approved by: re (blanket)
* authpf needs /var/authpf to exist and be writable by group authpf.des2013-09-051-0/+2
|
* Fix location of /var/audit/dist and /var/audit/remote.ume2012-12-281-1/+1
| | | | | | | Note that those who did installworld after r243752 should remove wrongly created /var/dist and /var/remote. Reviewed by: pjd
* Merge a number of changes required to hook up OpenBSM 1.2-alpha2'srwatson2012-12-011-0/+4
| | | | | | | | | | | | | | | | | | | auditdistd (distributed audit daemon) to the build: - Manual cross references - Makefile for auditdistd - rc.d script, rc.conf entrie - New group and user for auditdistd; associated aliases, etc. The audit trail distribution daemon provides reliable, cryptographically protected (and sandboxed) delivery of audit tails from live clients to audit server hosts in order to both allow centralised analysis, and improve resilience in the event of client compromises: clients are not permitted to change trail contents after submission. Submitted by: pjd Sponsored by: The FreeBSD Foundation (auditdistd)
* - Merge in OFED 1.5.3 from projects/ofed/headjeff2011-03-211-0/+2
|
* Create the var/run/wpa_supplicant directory where the wpa_supplicantbschmidt2010-09-101-0/+2
| | | | | | RC script wants to save a pidfile for each interface. MFC after: 2 weeks
* Disable SSL renegotiation in order to protect against a seriouscperciva2009-12-031-1/+1
| | | | | | | | | | | | | | | protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate
* Add FreeBSD Update 2.0 client code. The build code is in the projectscperciva2006-08-311-0/+2
| | | | | | repository. Sponsored by: FreeBSD security development fundraiser
* Change group for /var/audit to audit, so that audit review can berwatson2006-02-051-0/+2
| | | | | | delegated to non-administrators. Obtained from: TrustedBSD Project
* Add /var/audit, mode 750, which will hold audit trail files.rwatson2006-02-021-0/+2
| | | | Obtained from: TrustedBSD Project
* Add portsnap to the base system. This is a secure, easy to use,cperciva2005-08-081-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | fast, lightweight, and generally good way for users to keep their ports trees up to date. This is version 0.9.4 from the ports tree (sysutils/portsnap) with the following changes: 1. The experimental pipelined http code is enabled. No seatbelts in -CURRENT. (^_^) 2. The working directory has moved from /usr/local/portsnap to /var/db/portsnap (as discussed on -arch two days ago). 3. Portsnap now fetches a list of mirrors (distributed as DNS SRV records) and selects one randomly. This should help to avoid the uneven loading which plagues the cvsup mirror network. 4. The license is now 2-clause BSD instead of 3-clause BSD. 5. Various incidental changes to make portsnap fit into the base system's build mechanics. X-MFC-After: 6.0-RELEASE X-MFC-Before: 5.5-RELEASE X-MFC-To: RELENG_6, RELENG_5, ports discussed on: -arch and several other places "yes please" from: simon, remko, flz, Diane Bruce thinks this is a great idea: bsdimp Hopes he didn't forget any files: cperciva
* Remove a redundant "uname=root".ru2004-10-151-1/+1
| | | | Forgotten by: dougb
* Create a named chroot directory structure in /var/named, and use itdougb2004-09-281-0/+2
| | | | | | | | | | | | | | | | by default when named is enabled. Also, improve our default directory layout by creating /var/named/etc/namedb/{master|slave} directories, and use the former for the generated localhost* files. Rather than using pax to copy device entries, mount devfs in the chroot directory. There may be some corner cases where things need to be adjusted, but overall this structure has been well tested on a production network, and should serve the needs of the vast majority of users. UPDATING has instructions on how to do the conversion for those with existing configurations.
* Add /var/db/ports/ (support directory necessary foreivind2004-01-201-0/+2
| | | | ports that use the new OPTIONS infrastructure)
* Scheduled sweep using the README guidelines.ru2003-11-291-4/+2
| | | | Approved by: re (rwatson)
* Restore /var/games; lots of ports' games use it.markm2002-11-041-0/+3
|
* Do not build the majority of the games. Remaining are themarkm2002-10-201-11/+0
| | | | "utility-like" games and everyone's favourite, fortune(6).
* Revert previous delta, setting the system immutable flag on /var/emptysheldonh2002-06-261-1/+1
| | | | | instead of the user immutable flag, now that mergemaster handles schg directories in its /var/tmp/temproot.
* Tone down the previous delta: don't set the system immutable flag onsheldonh2002-06-261-1/+1
| | | | | /var/empty, because it makes it difficult for mergemaster(8) to remove /var/tmp/temproot/var.
* The previous delta introduced /var/empty, for use by openssh-portable,sheldonh2002-06-241-1/+1
| | | | | | | | | | which needs an empty directory into which to chroot(2). Hint to the operator that this directory really _should_ be empty by creating it with mode 0555 and the system immutable flag (schg) set. Reviewed by: des
* Add /var/empty for the OpenSSH privsep code.des2002-06-231-0/+2
|
* In my continuing crusade to make life better for non-sendmail users, avoidgshapiro2002-04-201-2/+0
| | | | | | | | the creation of /var/spool/clientmqueue and therefore the need for the smmsp user and group if NO_SENDMAIL is defined. This required breaking out the creation of the directory into a new BSD.sendmail.dist mtree file. MFC after: 1 week
* Add /var/spool/clientmqueue for 8.12's non-set-user-ID root mail submissiongshapiro2002-02-171-0/+2
|
* Apply README style guidelines (this time checked).ru2001-11-191-10/+10
|
* Change mode for var/db/ipf to 0700guido2001-11-171-1/+1
|
* Fix a bug I introduced yesterday. People who built world since thecjc2001-11-021-0/+1
| | | | previous commit yesterday may wish to check /var/run for junk.
* Add a directory in /var/run to store ppp(8) command sockets.cjc2001-11-011-0/+1
| | | | | | PR: bin/29966 Approved by: brian MFC after: 4
* Remove /var/spool/uucp subtree, not needed for 'cu'ache2001-10-261-14/+0
|
* The same unbreakage (0755 -> 0775) for /var/games and subdirsache2001-10-251-3/+3
|
* Fix /var/mail, /var/rwho and /var/spool/lock back to 0775ache2001-10-251-3/+3
| | | | Not sure about other dirs with the same damage (0755) by recent commit.
* Style these once again.ru2001-10-251-9/+8
|
* Create /var/db/ipfdarrenr2001-10-201-0/+2
| | | | PR: 27070
* Put back /var/spool/uucp so it can be used for serial port locking.kris2001-10-011-0/+14
|
* UUCP removal phase II. These directories are now created by thekris2001-10-011-16/+0
| | | | freebsd-uucp port.
* Invoke named with privilege of bind:bind.kuriyama2001-08-231-0/+2
| | | | Change pidfile location to /var/run/named/pid.
* Build standard directory for kerberos 5 (Heimdal) database.markm2001-07-281-1/+4
|
* Mention the path to the README file in the header comment.nik2001-06-261-1/+1
| | | | Submitted by: Rich Morin <rdm@cfcl.com>
* Apparently, people do not listen for a plea to look into theru2001-02-151-27/+27
| | | | README file before making changes here. Fix them once again.
* Move the process of storing entropy from /dev/random and reseeding withdougb2001-01-141-0/+4
| | | | | | | | | | | | | | | | it at boot time closer to the way we want it to be in the final version. * Move the default directory to /var/db/entropy * Run the entropy saving cron job every 11 minutes. This seems to be a better default, although still bikeshed material. * Feed /dev/random some cheesy "entropy" from various commands and files before the disks are mounted. This gives /dev/random a better chance of running without blocking early. * Move the reseeding with previously stored entropy to the point immediately after the disks are mounted. * Make the harvesting script a little safer in regards to the possibility of accidentally overwriting something other than a regular file.
* $Id$ -> $FreeBSD$peter1999-08-271-1/+1
|
* This cleans up all the white space errors so that the nextrgrimes1999-08-241-8/+8
| | | | commit is easier to understand.
* Fix script in README to actually work, empty lines produce asrgrimes1999-08-231-1/+3
| | | | | | much a diff as lines with the wrong stuff on it. Add references in mtree data files to the README.
* Explicitly specify mode 755 for /var/db/pkg -- it will be mode 700 otherwise.asami1999-03-311-2/+2
|
* Add /var/db/pkg.asami1999-03-311-1/+3
| | | | Submitted by: John Hay <jhay@mikom.csir.co.za>
* Old nit lying around in a source tree: Slightly optimize the number ofpeter1998-12-161-13/+15
| | | | uname/gname overrides and /sets.
* Simplify these now that default owner is root.wheel.obrien1998-09-191-5/+5
| | | | Partially reviewed by: bde
* Change file ownership from bin.bin to root.wheel.obrien1998-09-141-12/+12
|
OpenPOWER on IntegriCloud