| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
with the rest of the examples, so after discussion with him and gshapiro,
re-sort the examples, and add more comments to make things very obvious.
Also, divide the examples between example.{com|net|org} to make things
even more obvious, and use the same RFC 1918 block for all examples.
Pointed out by: Scot W. Hetzel <hetzels@westbend.net>
|
|
|
|
|
| |
Submitted by: Attila Nagy <bra@fsn.hu>
MFC after: 1 week
|
|
|
|
|
|
|
|
|
| |
/etc/defaults/rc.conf.
PR: conf/76188
Submitted by: Arne Wörner <arne_woerner at yahoo dot com>
Approved by: murray
MFC After: 7 days
|
|
|
|
|
|
|
|
|
|
| |
and so the fix committed in r1.42 was not quite correct for the case
where there are two or more DHCP consuming removable interfaces - dhclient
must be restarted so that the other interfaces continue to function
correctly.
Approved by: murray
MFC After: 7 days
|
| |
|
| |
|
|
|
|
|
|
|
| |
corresponding documentation.
Noticed by: ru
Reviewed by: ru
|
|
|
|
|
| |
Reviewed by: brian, ru
MFC after: 1 week
|
|
|
|
|
|
|
| |
user owns these directories or the sticky bit is unset may open security holes,
so simply create them at startup with the correct owner/mode.
MFC after: 1 day
|
|
|
|
|
|
|
| |
As there are no tabs in maillog, reduce the expression so that only spaces
are used.
Problem raised by: Leif Neland root at internet dot dk
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reject. For example:
Checking for rejected mail hosts:
48 getherbalnow.info (451... resolve)
46 absorb.com (451... resolve)
4 tgmart01.codns.com (553... exist)
3 kali.com.cn (451... resolve)
2 genie.com (451... resolve)
1 zv.qy (553... exist)
1 zd.hinet.hr (553... exist)
....
The bit in parenthesis is the reject code and the last word on the line -
enough to give the admin a better chance of seeing real problems (hopefully!).
While I'm here, remove the "<" at the start of rejects coming from "from"
addresses without a name@ part.
I had to rewrite the patch given by the submitter as this script has been
sed'ified (used to be perl) and I think the reject code is useful....
PR: 17377
Idea from: root at ns dot internet dot dk
MFC after: 7 days
|
|
|
|
|
|
| |
This also trims extraneous commas from domain names.
MFC after: 7 days
|
|
|
|
| |
Pr: 43805
|
| |
|
|
|
|
|
| |
PR: bin/75946
Submitted by: zero@gddn.org (Finn)
|
|
|
|
| |
kbd1 might be something else.
|
|
|
|
|
|
|
| |
PR: bin/75786
Reported by: Radko Keves <rado at daemon dot sk>
Approved by: murray
MFC After: 5 days ( to RELENG_5 )
|
| |
|
|
|
|
|
|
|
|
| |
- correct a sentence so it actually has some meaning [1]
- sprinkle some full stops
Spotted by: markus [1]
MFC after: 3 days
|
| |
|
|
|
|
| |
OK'ed by: core
|
|
|
|
| |
Approved by: dougb@
|
|
|
|
|
|
|
| |
the chroot area. This stops "umount -a" failing when dropping to
single user.
Reviewed by: dougb@
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- add udav(4)
In the scsi-controller-regex:
- correct an entry
- move another one to the right place
- add a bunch of missing drivers
Glanced at by: trhodes (scsi-controller-regex part)
MFC after: 3 days
|
| |
|
| |
|
|
|
|
|
| |
PR: 72505
Submitted by: Amir Shalem <amir@active.ath.cx>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Feature: for flexibility reasons and as a prerequisite to clean
shutdowns, allow the configuration of a stop/shutdown command
via rc.conf variable "jail_<name>_exec_stop" in addition to the
start/boot command (rc.conf variable "jail_<name>_exec_start"). For
backward compatibility reasons, rc.conf variable "jail_<name>_exec"
is still supported, too.
2. Debug: Add the used boot/shutdown commands to the debug output of
the /etc/rc.d/jail script, too.
3. Security: Run the Jail start/boot command in a cleaned environment
to not leak information from the host to the Jail during startup.
4. Feature: Run the Jail stop/shutdown command "jail_<name>_exec_stop" on
"/etc/rc.d/jail stop <name>" to allow a graceful shutdown of the Jail
before its processes are just killed.
5. Bugfix: When killing the remaining Jail processes give the processes
time to actually perform their termination sequence. Without this the
subsequent umount(8) operations usually fail because the resources
are still in use. Additionally, if after trying to TERM-inate the
processes there are still processes hanging around, finally just KILL
them.
6. Bugfix: In rc.shutdown, if running inside a Jail, skip the /etc/rc.d/*
scripts which are flagged with the KEYWORD "nojail" to allow the
correct operation of rc.shutdown under jail_<name>_exec_stop="/bin/sh
/etc/rc.shutdown". This is analogous to what /etc/rc does inside a Jail.
Now the following typical host-configuration for two Jails works as
expected and correctly boots and shutdowns the Jails:
-----------------------------------------------------------
# /etc/rc.conf:
jail_enable="YES"
jail_list="foo bar"
jail_foo_rootdir="/j/foo"
jail_foo_hostname="foo.example.com"
jail_foo_ip="192.168.0.1"
jail_foo_devfs_enable="YES"
jail_foo_mount_enable="YES"
jail_foo_exec_start="/bin/sh /etc/rc"
jail_foo_exec_stop="/bin/sh /etc/rc.shutdown"
jail_bar_rootdir="/j/bar"
jail_bar_hostname="bar.example.com"
jail_bar_ip="192.168.0.2"
jail_bar_devfs_enable="YES"
jail_bar_mount_enable="YES"
jail_bar_exec_start="/path/to/kjailer -v"
jail_bar_exec_stop="/bin/sh -c 'killall kjailer && sleep 60'"
-----------------------------------------------------------
# /etc/fstab.foo
/v/foo /j/foo/v/foo nullfs rw 0 0
-----------------------------------------------------------
# /etc/fstab.bar
/v/bar /j/bar/v/bar nullfs rw 0 0
-----------------------------------------------------------
Reviewed by: freebsd-hackers
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
| |
rebadged Xircom REM56 RealPort card. Short MFC timeout to beat the 4.11
code freeze.
PR: 53027
Submitted by: John Merryweather Cooper <coop9211 at uidaho dot edu>
Approved by: imp (mentor)
MFC after: 2 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ifnet_rename() to support situations where rc.conf's $network_interfaces
variable is set to an explicit list of network interfaces (instead of
the default "auto").
Using "list_network_interfaces all" resulted in using
$network_interfaces for both interface _renaming_ and interface
_configuration_ which obviously cannot work either before (if the
new name is in $network_interfaces) or after (if the old name is in
$network_interfaces) renaming the interface.
|
| |
|
|
|
|
|
|
|
| |
for cleanup of pkg-plist files with respect to handling of the share/locale
subdirectories.
MFC after: 3 days
|
|
|
|
|
|
| |
can't be removed as ofw_console(4) and zs(4) use them so one has to
live with some complaints about non-existent devices at boot time and
remove the respective entries locally for now.
|
|
|
|
| |
Approved by: alfred
|
|
|
|
|
|
|
|
| |
adapters from usbd.conf to devd.conf. USB ethernet devices were
already handled in devd.conf so this just removes their usbd.conf
entry.
PR: conf/73799
|
|
|
|
|
|
| |
MFC after: 1 week
PR: conf/73239
Submitted by: Daan Vreeken
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
packet counts by pf(4).
This adds a ``daily_status_security_pfdenied_enable'' variable to
periodic.conf, which defaults to ``YES'' as the matching IPF(W) versions.
The output will look like this (line wrapped):
pf denied packets:
> block drop log on rl0 proto tcp all [ Evaluations: 504986 Packets: 0
Bytes: 0 States: 0 ]
> block drop log on rl0 all [ Evaluations: 18559 Packets: 427 Bytes: 140578
States: 0 ]
Submitted by: clive (thanks a lot!)
MFC after: 2 weeks
|
|
|
|
| |
Spotted by: ceri
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this feature for a jail named foo :
jail_foo_mount_enable="YES"
jail_foo_fstab="/etc/fstab.foo"
The second line is actually useless, since the code defaults to
using "/etc/fstab.$jailname" as the fstab file if none is specified.
MFC after: 3 days
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
|
| |
|
| |
|
|
|
|
|
| |
Submitted by: Ben Kelly <ben.kelly@ieee.org>
PR: bin/64079
|
| |
|
|
|
|
| |
character for both.
|
| |
|
|
|
|
|
|
| |
the change in the default behavior may break existing, working setups.
Requested by: brooks
|