| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
A malicious user could create a file named /tmp/.diskless and cause
the script to misbehave.
PR: conf/141258
Reported by: Jon Passki
MFC after: 1 week
|
| |
|
|
|
|
| |
rc.d'ish way.
Not objected to by: netchild
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At least in RELENG_7 this fixes some start problems for some programs
from the ports. It is also more correct, as a jail shall not expect
input (interactivity) from the jail-host.
Revert the current behavior of starting jails in the background and
make it optional only for the start of jails (jail_parallell_start=YES
in rc.conf):
- The stop can not be done in the background, the system needs to wait
until everything is stopped correctly before it can reboot or power
down.
- The start should not be done in parallel by default, this not only
breaks POLA for people comming from RELENG_x, it may also break a
dependency chain with other scripts in the jail-host, which need to
do some stuff after the jails are up and running (e.g. hardlinking
a mysql socket from one jail into another one).
Discussed on: freebsd-jails@
|
| |
|
|
|
| |
Pointed out by: dougb
MFC after: 3 days
|
| |
|
|
| |
Pointed out by: dougb
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HAST allows to transparently store data on two physically separated machines
connected over the TCP/IP network. HAST works in Primary-Secondary
(Master-Backup, Master-Slave) configuration, which means that only one of the
cluster nodes can be active at any given time. Only Primary node is able to
handle I/O requests to HAST-managed devices. Currently HAST is limited to two
cluster nodes in total.
HAST operates on block level - it provides disk-like devices in /dev/hast/
directory for use by file systems and/or applications. Working on block level
makes it transparent for file systems and applications. There in no difference
between using HAST-provided device and raw disk, partition, etc. All of them
are just regular GEOM providers in FreeBSD.
For more information please consult hastd(8), hastctl(8) and hast.conf(5)
manual pages, as well as http://wiki.FreeBSD.org/HAST.
Sponsored by: FreeBSD Foundation
Sponsored by: OMCnet Internet Service GmbH
Sponsored by: TransIP BV
|
| |
|
|
|
|
|
|
|
| |
specify list of executables and/or rc scripts that should be executed
after firewall starts/stops.
Submitted by: Yuri Kurenkov <y dot kurenkov at init dot ru>
Reviewed by: rhodes, rc@
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
| |
The rtsol(8) handles just one RA then exit. So, the OtherConfig flag
may not be handled well by rtsol(8) in the environment where there are
multiple RA servers on the segment. In such case, rtsold(8) will be
your friend.
Reviewed by: hrs
MFC after: 2 weeks
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
|
|
|
| |
does not work for link in subdirectory, and sometimes it is useful to
create symlink in advance for dynamically created device node.
MFC after: 1 week
|
| | |
|
| |
|
|
| |
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't complain when we encounter the "cache" source, it's valid. Also fix
the error message to include a line feed and not include a stray comma.
PR: bin/121671
Submitted by: Artis Caune artis.caune gmail.com
Approved by: ed (mentor)
MFC after: 2 weeks
While here, change "> /dev/stderr" for more usual ">&2"
Submitted by: jilles
|
| |
|
|
|
|
|
|
| |
slightly while here.
PR: bin/121671
Submitted by: Artis Caune artis.caune gmail.com
Approved by: ed (mentor)
|
| |
|
|
|
|
|
| |
the command to create it was right, but the check was wrong, so it
was getting created every time. Mea culpa.
Submitted by: oliver
|
| |
|
|
|
|
|
|
|
|
|
| |
would be "/etc/namedb" in a number of places. Since the user may make
a different choice, introduce a new internal variable, named_confdir
that is generated relative to the location of $named_conf.
While this will work for some things (especially a highly customized
build from ISC source) there are still a number of places where
/etc/namedb is assumed that it is not easily virtualized (E.g., mtree).
If you deviate from the defaults you'd better know what you're doing. :)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command in the rc.d script if we have a corresponding ${name}_program
entry, which we do for named.
Rename named_precmd to named_prestart to make it more clear and match
convention.
Move the command_args definition related to -u up into _prestart().
It (and the associated $named_uid value) are only used there, and
unlike required_* and pidfile don't need to be used until this stage.
Fix a silly bug that would only have affected people who were using
the new named_wait or named_auto_forward features, AND had set up an
rndc.conf file instead of using the automatically generated rndc.key.
For named_conf:
Add "-c $named_conf" to command_args if it's not set to the
default. If it is set to the default and we're using the base
BIND it's not necessary. If we're using BIND from the ports
the user is likely to have included it in _flags (due to long
necessity for doing so) so don't duplicate that if it's set.
Add $named_conf to required_files
|
| |
|
|
|
|
|
| |
and rc.d/ip6fw.
Reviewed by: dougb, jhb
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
| |
This will prevent that the script hangs during startup, which
could cause annoying effects after rebooting for example.
PR: kern/139422
Submitted by: Andrey Groshev <greenx at yartv dot ru>
Approved by: imp (mentor, implicit)
MFC after: 3 days
Facilitated by: Snow B.V.
|
| |
|
|
| |
Spotted by: swell.k
|
| |
|
|
|
| |
Submitted by: Mykola Dzham <freebsd@levsha.org.ua>
Approved by: hrs
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
employ a more generic solution, and use it in the individual rc.d scripts
that also have an $rc_quiet test:
1. Add check_startmsgs() to rc.subr.
2. In the rc.d scripts that use rc_quiet (and rc.subr) substitute
variations of [ -z "$rc_quiet" ] with check_startmsgs
3. In savecore add a trailing '.' to the end of the message to make it
more consistent with other scripts.
4. In newsyslog remove a : before the terminal '.' since we do not expect
there to be anything printed out in between to make it more consistent.
5. In the following scripts change "quotes" to 'quotes' where no variables
exist in the message: savecore pf newsyslog
6. In the following scripts substitute if/then/fi for the simpler (and
more consistent) check_startmsgs &&: faith stf
7. In the following scripts separate the "Starting foo:" from the terminal
'.' to make them more consistent: moused hostname pf
8. In nfsclient move the message to its own line to avoid a style bug
9. In pf rc_quiet does not apply to the _stop method, so remove the
test there.
10. In motd add 'quotes' around the terminal '.' for consistency
|
| |
|
|
|
|
| |
- Simplify helper functions.
Discussed with: ume
|
| | |
|
| |
|
|
|
|
|
| |
the user should not be ignored if possible even if the kernel does not
support the prerequisite feature.
Discussed with: ume
|
| |
|
|
|
|
|
|
| |
for each address family. Replace AF_static() with static_AF() for
consistency.
- Display a message only if the user sets a non-default value, and set
a sysctl explicitly even if it is the default value.
|
| |
|
|
|
|
|
|
|
|
| |
- Split netoptions_start() to netoptions_AF() and add afexists() check
for each address family.
- Display a message only if the user sets a non-default value, and set
a sysctl explicitly even if it is the default value.
Spotted by: Pegasus Mc Cleaft[*]
|
| |
|
|
|
|
| |
- Add afexists() check to address family specific rc.d scripts. A
script for an AF will be silently ignored if the kernel has no
support for the AF.
|
| |
|
|
|
|
|
|
| |
an IPv6 support.
Reported by: Alexander Best <alexbestms__at__math.uni-muenster.de>
Confirmed by: Paul B. Mahol <onemda__at__gmail.com>,
Alexander Best <alexbestms__at__math.uni-muenster.de>
|
| | |
|
| |
|
|
| |
Pointed out by: tegge
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
re-add $ipv6_enable support for backward compatibility. From
UPDATING:
1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
for IPv4. For aliases, $ifconfig_IF_aliasN should be used.
Note that both variables need the "inet6" keyword at the head.
Do not set $ipv6_network_interfaces manually if you do not
understand what you are doing. It is not needed in most cases.
$ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
they are obsolete.
2. $ipv6_enable is obsolete. Use $ipv6_prefer and/or
"inet6 accept_rtadv" keyword in ifconfig(8) instead.
If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
all configured interfaces have "inet6 accept_rtadv" in the
$ifconfig_IF_ipv6. These are for backward compatibility.
3. A new variable $ipv6_prefer has been added. If NO, IPv6
functionality of interfaces with no corresponding
$ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
and the default address selection policy of ip6addrctl(8)
is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
Note that if you want to configure IPv6 functionality on the
disabled interfaces after boot, first you need to clear the flag by
using ifconfig(8) like:
ifconfig em0 inet6 -ifdisabled
If YES, the default address selection policy is set as
IPv6-preferred.
The default value of $ipv6_prefer is NO.
4. If your system need to receive Router Advertisement messages,
define "inet6 accept_rtadv" in $ifconfig_IF_ipv6. The rc(8)
scripts automatically invoke rtsol(8) when the interface becomes
UP. The Router Advertisement messages are used for SLAAC
(State-Less Address AutoConfiguration).
|
| |
|
|
|
|
|
| |
This allows pruning of rc.d scripts without getting too many ugly boottime
error messages.
Inspired by phk's r128714 change to netif.
|
| |
|
|
|
|
|
|
|
| |
legacy IP handling rather than the IPv6 version.
Reported by: Pegasus Mc Cleaft (ken mthelicon.com)
Tested by: Pegasus Mc Cleaft (ken mthelicon.com)
MFC after: 2 days
X-MFX with: r197139
|
| |
|
|
|
|
| |
names.
Pointed out by: sam
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and $desc.
The set_rcvar_obsolete() is for displaying an obsolete variable
and the new one. More specifically, a warning is displayed when
a variable is removed or changed in the source tree and the user
still defines the old one.
$router* and $ipv6_router* are replaced with $routed_* and
$route6d_* for consistency. The old variables still work but
can be removed in the future.
MFC after: 3 days
|
| |
|
|
| |
MFC after: 3 days
|
| |
|
|
|
|
| |
- Wrap a long line.
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
| |
- Add rc.d/stf and rc.d/faith for stf(4) and faith(4).
- Remove rc.d/auto_linklocal and rc.d/network_ipv6.
- Move rc.d/sysctl to just before FILESYSTEMS because rc.d/netif
depends on some sysctl variables.
Reviewed by: brooks
MFC after: 3 days
|
| |
|
|
| |
Submitted by: dougb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
statically bind IPv4 <-> MAC address at boot time.
In order to use this, the administrator needs to configure the following
rc.conf(5) variable:
- static_arp_pairs: A list of names for static bind pairs, and,
- a series of static_arp_(name): the arguments that is being passed to
``arp -S'' operation.
Example:
static_arp_pairs="gw"
static_arp_gw="192.168.1.1 00:01:02:03:04:05"
See the rc.conf(5) manual page for more details.
Reviewed by: -rc@
MFC after: 2 weeks
|
| |
|
|
|
|
|
| |
Fix caps while I'm here.
PR: conf/138087
Submitted by: Chris Petrik <c.petrik.sosa@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
simplify it a bit, and make use of that method to determine if an
interface is a candidate for IPv6 rtsol rather than listing all of the
possible wireless interfaces that should _not_ get rtsol'ed.
This change is only relevant for 8.0+ unless the "wlan mandatory" code
gets ported back to RELENG_7.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
top of ZVOLs. The problem is that rc.d/fsck runs before rc.d/zfs. The
latter makes ZVOLs to appear in /dev/. In such case rc.d/fsck cannot
find devfs entry and aborts. We cannot simply move rc.d/zfs before
rc.d/fsck, because we first want kern.hostid to be configured (by
rc.d/hostid). If we won't wait (hostid will be 0) we can reuse disks
which are in use by different systems (eg. in SAN/NAS environment).
We also cannot move rc.d/hostid before rc.d/fsck, because rc.d/hostid on
first system start stores generated kern.hostuuid in /etc/hostid file,
so it needs root file system to be mounted read-write.
The fix is to split rc.d/hostid so that rc.d/hostid (which will now run
before rc.d/fsck) only generates hostid and sets up sysctls, but doesn't
touch root file system and rc.d/hostid_save (which is run after
rc.d/root) and only creates /etc/hostid file.
With that in place, we can move ZVOL initialization to dedicated
rc.d/zvol script which runs before rc.d/fsck.
PR: conf/120194
Reported by: James Snow <snow@teardrop.org>
Reviewed by: brooks
Approved by: re (kib)
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
allow them to start after netif. There were too many problems reported
with this change in the short period of time that it lived in HEAD, and
we are too late in the release cycle to properly shake it out.
IMO the issue of having the firewalls up before the network is still a
valid concern, particularly for pf whose default state is wide open.
However properly solving this issue is going to take some investment
on the part of the people who actually use those tools.
This is not a strict reversion of all the changes for r193198 since it
also included some simplification of the BEFORE/REQUIRE logic which is
still valid for ipfilter and ip6fw.
|
| |
|
|
|
|
|
|
|
|
| |
Primary intention is to allow to pass -C option to avoid (re-)checking
clean filesystems when preening fails and fsck -y kicks in.
Submitted by: marck
Reviewed by: current@
Approved by: jhb (mentor)
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
| |
- Remove redundant debugging of consolelog.
- Use `while :', instead of `while [ true ]'. This is done in other
places as well.
Submitted by: Jille Timmermans <jille quis cx> (not jilles)
Reviewed by: jilles
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
/etc/rc.d. They use the following new rc variables:
nfsv4_server_enable - set to "YES" to run the experimental server
nfsuserd_enable - set to "YES" to run nfsuserd for NFSv4 client and
server
nfsuserd_flags - command line flags for nfsuserd
nfscbd_enable - set to "YES" to run the experimental nfs client's
NFSv4 callback daemon
nfscbd_flags - command line flags for nfscbd
Reviewed by: dougb
Approved by: kib (mentor)
|
| |
|
|
|
| |
already does. This eliminates a logical inconsistency, and a small
window where the system is open after the network comes up.
|
