summaryrefslogtreecommitdiffstats
path: root/etc/rc.d
Commit message (Collapse)AuthorAgeFilesLines
* Don't be lazy, set the "command" variable even ifyar2005-10-235-0/+5
| | | | | | | | | | /etc/defaults/rc.conf will provide foo_program, too. By specifying "command" we explicitly say that we're going to rely on rc.subr(8) default methods, and rc.subr(8) will take advantage of this soon. The majority of our rc.d scripts already set "command" if appropriate, so fix just the non-compliant handful.
* wpa_supplicant(8) requires -D option for ndis(4) now.jkim2005-10-191-1/+10
|
* First start rc.d/ipsec and then rc.d/mountcritremote, so we can mountpjd2005-10-122-2/+2
| | | | | | NFS file system over IPsec. Suggested by: Tomasz PiĀ³at <tomasz.pilat@axelspringer.pl>
* setkey(8) was repo-copied from usr.sbin/ to sbin/.pjd2005-10-121-1/+1
| | | | | | This will allow for NFS mount of /usr over IPsec. Discussed on: arch@
* Connect rc.d scripts for the hcsecd(8) and sdpd(8) daemons to the build.emax2005-10-121-1/+2
| | | | MFC after: 1 month
* Add rc.d scripts for the hcsecd(8) and sdpd(8) daemons. Put defaults intoemax2005-10-112-0/+44
| | | | | | | | | /etc/defaults/rc.conf. Both daemons can run even if no Bluetooth devices are attached to the system. Both daemons depend on Bluetooth socket layer and thus disabled by default. Bluetooth sockets layer must be either loaded as a module or compiled into kernel before the daemons can run. MFC after: 1 month
* Use available rc.subr features.yar2005-10-021-27/+16
| | | | | Reduce code duplication. Follow the current style of rc.d scripting.
* Record dependency on the newly introduced pfsync.yar2005-10-021-2/+2
| | | | | | | | | | | | | | Start before routing for better system protection. (pf used to start late during system boot, after many a network daemon have started already, which sucked from security POV.) Remark: For maximum security, pf should start before netif, but it would create a dependency loop because pfsync has to start after netif, yet before pf. Discussed with: mlaier on -pf MFC after: 5 days
* Add an rc.d script to start pfsync at the right moment of theyar2005-10-022-1/+54
| | | | | | | | | | | | | system boot, and hook it up in the system. The separate script is needed because in the presence of various interface lists in rc.conf ($network_interfaces, $cloned_interfaces, $sppp_interfaces, $gif_interfaces, more to come) it is hard to start them orderly, so that pfsync is brought up after its syncdev, which is required for the proper startup of pfsync. Discussed with: mlaier on -pf MFC after: 5 days
* Use rc.subr(8) appropriately:yar2005-10-021-44/+23
| | | | | | | | - utilize default methods instead of rolling local ones; - avoid to specify BEFORE conditions we don't really need (pflog will be REQUIRE'd by pf); - omit extra decoration from warning messages, warn() will decorate them sufficiently.
* o Remove unfinished code and make it possible to overridemaxim2005-10-021-14/+5
| | | | | | bsdextended_script from rc.conf(5): Not objected by: trhodes
* Use hw.machine_arch instead of hw.machine.nyan2005-09-301-1/+1
|
* Make it a good-mannered rcNG script respectful to the command line.yar2005-09-281-16/+23
|
* Don't print anything if we can't do any localpkg shutdown (start alreadybrooks2005-09-271-2/+1
| | | | | | | does this). Submitted by: Andre Albsmeier <Andre dot Albsmeier at siemens dot com> PR: conf/86606
* Simplify the code by making use of 'kldstat -q -m <mod>'.pjd2005-09-242-7/+4
| | | | No objections from: mlaier
* Simplify the code a bit by using newly added (to kldstat(8) '-q') option.pjd2005-09-231-4/+1
|
* If we're not installing OpenSSH in the base, don't install its startupwollman2005-09-231-1/+6
| | | | | file either. This clears the way for third-party SSH ports to install an RCng startup script.
* Add a new rc.conf entry, kerberos5_server_flags, which allows therwatson2005-09-201-1/+1
| | | | | | | administrator to specify additional start-up flags to the Kerberos 5 Authentication Server. MFC after: 3 days
* In mountd_precmd(), use rc_args, not mountd_args torodrigc2005-09-181-2/+2
| | | | | | | | | | override the value of mountd_args. This fixes the problem where mountd_args was not properly being set if weak_mountd_authentifcation="YES" was set in rc.conf. PR: conf/86260 Submitted by: Thierry Herbelot <thierry at herbelot dot com> MFC after: 3 days
* Use kenv -q to extract dumpdev rather than kenv, in order to avoidrwatson2005-09-131-1/+1
| | | | | | | spamming the console in the event that a loader tunable 'dumpdev' isn't defined, which is not a relevant failure to report. MFC after: 1 week
* Remove duplicate "at" from comment.keramida2005-09-041-1/+1
|
* Actually block Ctrl-C (SIGINT=2).brooks2005-09-021-2/+2
| | | | | Reported by: sam Pointy hat to: brooks
* Block SIGQUIT (Ctrl-C) while running in startup mode. This should allowbrooks2005-09-021-4/+4
| | | | | | dhclient's to be killed without stopping all boot progress. Minor cleanup of the interface list generation code.
* Be sure to execute sendmail_precmd() to check sendmail.cf conflicts andgshapiro2005-08-301-0/+1
| | | | | | | | rebuild the aliases file if necessary. PR: conf/72910 Submitted by: matteo@ MFC after: 3 days
* Fix (/usr could not be mounted yet, so there is no grep(1) available) andpjd2005-08-141-1/+1
| | | | | | simplify checking for g_eli module. MFC after: 3 days
* Connect geli and geli2 ro the build.pjd2005-08-141-1/+1
| | | | MFC after: 3 days
* Add scripts for GELI device configuration on boot.pjd2005-08-142-0/+156
| | | | | | | | | | rc.d/geli - configures encryption (ask for passphrases, etc.); rc.d/geli2 - is called after file systems are mounted and mark devices for detach on last close. Sponsored by: Wheel Sp. z o.o. http://www.wheel.pl MFC after: 3 days
* Move 'local_tr' function to rc.subr and change its name to 'ltr'.pjd2005-08-141-22/+1
| | | | MFC after: 3 days
* Back-out previous commit - we need to skip logging socket when we start apjd2005-08-081-0/+3
| | | | | | | | jail and external syslogd is listening in jail's chroot. Pointed out by: csjp While here, skip also "logpriv" socket.
* Skip jails which are already running and inform why.pjd2005-08-071-0/+4
| | | | | | | | | | | We're checking for /var/run/jail_<name>.id file and if it exists, we don't start the jail. It should be also safe in case of reboot(8), because rc.d/cleanvar script is going to remove /var/run/jail_* files. It helps to avoid potential mess when the same jail is started twice, because of an administrator mistake (been there, done that). MFC after: 1 week
* We don't need to skip /var/run/log socket, as syslogd is always startedpjd2005-08-071-2/+0
| | | | | after rc.d/cleanvar. And if we wanted to skip /var/run/log we still needed to skip /var/run/logpriv, which wasn't implemented.
* Allow to give more than one jail's name, eg.:pjd2005-08-071-2/+6
| | | | | | # /etc/rc.d/jail start www mail MFC after: 3 days
* Teach rc.d/encswap script how to use geli(8) for swap encryption.pjd2005-08-051-15/+17
| | | | MFC after: 3 days
* gbde_swap has been repo-copied to encswap.pjd2005-08-052-57/+2
| | | | Repo-copy made by: markm
* Silence the de-bouncing of dhclient start up. The previous outputbrooks2005-07-261-1/+0
| | | | | caused significant mental anguish for some portions of the user population. :)
* This depends on syslogd due to logger(1).obrien2005-07-221-1/+1
|
* Embellish the dependency lists - this script depends having awk(1),obrien2005-07-221-0/+2
| | | | | and it needs syslogd due to using logger(1). Have it run as early as possible to save battery power for laptop users.
* `net.inet.ipf.fr_running' can be a negative value, which was introduced byjkim2005-07-071-1/+1
| | | | | | recent ipfilter import. Approved by: re (scottl), anholt (mentor)
* Remove REQUIRE and BEFORE lines since this script is not run by rcorderbrooks2005-06-301-2/+0
| | | | | | at startup. Instead it is called by other scripts. Approved by: re (network interface startup blanket)
* Add support for starting wpa_supplicant by adding the WPA keyword to anbrooks2005-06-302-1/+30
| | | | | | interface's ifconfig_<ifn> entry in /etc/rc.conf. Approved by: re (network interface startup blanket)
* When interfaces are given on the command line, don't attempt to filterbrooks2005-06-301-7/+4
| | | | | | | | them. Just try to run the given command on them. We need to be able to run stop functions on interfaces that have been deleted to stop wpa_supplicant. Approved by: re (interface startup blanket)
* Introduce new per-jail variable jail_<name>_flags, which allows to specifypjd2005-06-261-1/+4
| | | | | | | | | jail(8) flags (before the change we had hardcoded "-l -U root"). Submitted by: Frank Behrens <frank@pinky.sax.de> PR: conf/80244 Approved by: re (scottl) MFC after: 1 week
* Unbreak the ipfilter_loaded function. There doesn't seem to be a waydd2005-06-211-1/+1
| | | | | | | | | | for kldstat to ever print "IP Filter" (the module is called "ipfilter" and modules don't have anything like a description), so this function would always return false. That would cause prestart to attempt to load the module even if it's already loaded, which would fail and prevent the rules from being loaded. Approved by: re (dwhite)
* Honor the "dumpdev" kenv variable if it is set and the "dumpdev" rcdes2005-06-071-6/+17
| | | | | | variable is set to "AUTO". MFC after: 2 weeks
* Support code for the OpenBSD dhclient. This significantly changes thebrooks2005-06-072-81/+21
| | | | | | | | | | | | | | | | | | way interfaces are configured. Some key points: - At startup, all interfaces are configured through /etc/rc.d/netif. - ifconfig_<if> variables my now mix real ifconfig commands the with DHCP and WPA directives. For example, this allows media configuration prior to running dhclient. - /etc/rc.d/dhclient is not run at startup except by netif to start dhclient on specific interfaces. - /etc/pccard_ether calls "/etc/rc.d/netif start <if>" to do most of it's work. - /etc/pccard_ether no longer takes additional arguments to pass to ifconfig. Instead, ifconfig_<if> variables are now honored in favor of pccard_ifconfig when available. - /etc/pccard_ether will only run on interfaces specified in removable_interfaces, even if pccard_ifconfig is set.
* Remove RCng files that were brought in from NetBSD, but we ended up notobrien2005-06-0627-1188/+0
| | | | using them (or did and no longer do).
* We need to use 'applyset' command for devfs, 'apply hide' is not enough,pjd2005-05-231-6/+2
| | | | | | | because new devfs entries can show up later and one can access such entires from inside named chroot. In rc.d scripts we can use devfs_domount() function with devfsrules_hide_all policy and unhide 'null' and 'random' manually.
* Do not unconditionally mount devfs to ${jail_devdir}/dev. First checkcsjp2005-04-301-9/+12
| | | | | | | | | to see if a prior devfs has been mounted. If no devfs is mounted on ${jail_devdir}/dev then proceed. This will prevent the stack up of multiple devfs mounts on the same mount point. Discussed with: pjd MFC after: 1 week
* To allow /etc to be as minimal as possible in a diskless setup, we needbrooks2005-04-294-365/+2
| | | | | | | | | | | | | to run initdiskless before we run rcorder on /etc/rc.d. To allow this, move /etc/rc.d/initdiskless to /etc/rc.initdiskless and run it directly from /etc/rc. Remove /etc/rc.d/preseedrandom as it is no longer necessicary (we start with entropy unblocked) and was only used by initdiskless when it was needed. Discussed on: freebsd-rc Repocopy by: peter
* Add -h to the ln command to make the -f flag actually do something.dougb2005-04-241-1/+1
| | | | | | | | | | | | Without this flag, if the symlink existed already a new symlink would be created in the source directory. While harmless if the two symlinks were the same, it nonetheless caused pointless confusion. The pathological case is that when there is an existing /etc/namedb symlink, but named_chrootdir in rc.conf pointed to a different directory, it was the symlink in /var/named that was getting updated, not the one in /etc. This led to some difficult to diagnose problems for users.
OpenPOWER on IntegriCloud