summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* - Replace awk parts with shell.flz2006-03-201-35/+64
| | | | | Approved by: brooks MFC after: 2 weeks
* Merge Perforce change 93569 from TrustedBSD audit3 branch:rwatson2006-03-191-0/+2
| | | | | | | | | Do install sys/security/audit include files. It would be nice just to install audit_ioctl.h, but we seem only to support installing directories, so we get them all. The two not intended for extra- kernel use have !_KERNEL #error's, which should help. Obtained from: TrustedBSD Project
* Reimplementation of world/kernel build options. For details, see:ru2006-03-174-28/+30
| | | | | | | | http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html The src.conf(5) manpage is to follow in a few days. Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
* This script symlinks /boot/kernel to the directory that contains the kerneldes2006-03-172-1/+26
| | | | | | you booted from, unless /boot/kernel already exists and is not a symlink. This should only affect people like me who juggle multiple kernels and have KODIR = /boot/${KERN_IDENT} in /etc/make.conf to keep them apart.
* Reorganize /etc/rc.d/syscons and move all keyboard related settingsemax2006-03-162-47/+57
| | | | | | | | | | | | | | | into one function syscons_configure_keyboard(). Call new function from both syscons_start() and sysconst_setkeyboard(). The reason for this is because syscons_start() will (re)configure both keyboard and screen settings. Apparently, some graphics cards have problems with running vidcontrol(1) while X11 is running. Remove "/etc/rc.d/syscons restart" from /etc/devd.conf. It is no longer required. Using "/etc/rc.d/syscons setkeyboard" is enough. This also should fix annoying "syscons not running?" message. Tested by: Ulrich Spoerlein < q at galgenberg dot net > MFC after: 3 days
* Add missing libdata/ldconfig[32] entries.marcus2006-03-141-0/+4
| | | | Approved by: portmgr (implicit)
* Fix "make distribution" when just NO_CRYPT is defined.ru2006-03-111-1/+1
| | | | | | PR: misc/94309 Submitted by: Matthias Lederhofer MFC after: 3 days
* Fix overriding jail_list from command line.fjoe2006-03-081-1/+3
| | | | MFC after: 3 days
* Fix output and exit status when daily_mailq_shorten is set to YESmatteo2006-03-081-6/+8
| | | | | PR: conf/93472 MFC after: 3
* Two years ago, in rev. 1.12, a typo slipped in etc/isdn/Makefile:yar2006-03-071-1/+0
| | | | | | | | | | | | a control variable was misspelled as `SCRIPTS_NAME_isdntel.sh' (should've been `SCRIPTSNAME_isdntel.sh') when the Makefile was converted to using <bsd.prog.mk>. Consequently, `isdntel.sh' has been installed as `isdntel' since then. Nevertheless, nobody has been unhappy with the change. So it's time to make it official. Approved by: hm Pointy hat to: ru MFC after: 3 days
* Add new 'setkeyboard' method to the /etc/rc.d/syscons. It accepts theemax2006-03-062-5/+22
| | | | | | | | | | | | keyboard device name (i.e. /dev/kbd0). This method will do nothing is kbdmux(4) is the current active keyboard, otherwise it will switch active keyboard as requested. Modify ukbd(4) entries in the /etc/devd.conf to use /etc/rc.d/syscons and new 'setkeyboard' method. No comments from: freebsd-current@ MFC after: 1 day
* Enhance loginfail: it will catch sshd, proftpd and su errors, as well as ↵matteo2006-03-051-1/+1
| | | | | | | | | other programs PR: conf/70973 Submitted by: Ryan Sommers" <ryans@gamersimpact.com> Approved by: philip (mentor) MFC after: 3 days
* Add the graid3(8), gstripe(8) and gconcat(8) status scripts, default is "off".brueffer2006-03-021-0/+9
| | | | Approved by: rwatson (mentor)
* Add periodic scripts that check the status of graid3(8), gstripe(8)brueffer2006-03-024-0/+105
| | | | | | and gconcat(8) devices, respectively. Approved by: rwatson (mentor)
* Document how to change the polling interval for the 64-bit interfaceharti2006-02-271-0/+6
| | | | counters in case an interface reports the wrong speed via if_mib.
* Use 'ipfw list' instead of 'ipfw l', since it's deprecated (and warning iswkoszek2006-02-261-1/+1
| | | | | | | printed on system startup). Approved by: cognet (mentor) MFC after: 3 days
* Revert previous change for now. We traditionally add a new localedelphij2006-02-251-4/+0
| | | | | | | | directory when we have 10+ ports that make use of it, and now we have only 3. This change would come back if the tt/ usage grown up to the level. Knowledge provided by: krion, kris
* Add tt locale directory, since more and more ports create and use it.delphij2006-02-251-0/+4
|
* Attempt to make running the new rc in a jail more automatic bydougb2006-02-201-1/+6
| | | | | | | resetting of early_late_divider to a more appropriate value if the admin has not modified the default. Reviewed by: brooks
* Make sure abi (and therefore archdep) start before SERVERS as part ofdougb2006-02-193-5/+3
| | | | | | | | | | | | the ongoing re-alignment of ordering that is necessary as a result of including local scripts in the base rcorder. [1] Accomplish this by removing the BEFORE's, and using REQUIRE instead. This makes the dependencies more obvious, and less susceptible to turning circular and/or nonsensical when seemingly innocent changes are made in one place and not another. Requested by: delphij [1]
* Check if /sbin/nextboot exists before running it.ru2006-02-171-1/+3
| | | | | PR: 93466 Submitted by: Mats Palmgren
* Use example.com rather than bar.com for the system contact example.ceri2006-02-161-1/+1
| | | | Requested by: glebius
* The libwrap built with NO_INET6=yes cannot parse an IPv6 address.ume2006-02-161-1/+3
| | | | | | | So, mention it in comment. Submitted by: Dmitry Morozovsky <marck__at__rinet.ru> MFC after: 2 days
* Update a comment to match functionality changed in r1.39 (allow squareceri2006-02-151-0/+1
| | | | | | brackets in process names). MFC after: 2 days
* Remove vestiges of OLDCARD.imp2006-02-141-6/+0
|
* On ia64, the unaligned_print sysctl is a debugging knob under debugmarcel2006-02-131-3/+0
| | | | | | | | and not under machdep as the behaviour is controlled by the process. When PSR.ac is set the process expects to receive a SIGBUS. Otherwise the processor or the kernel will emulate the misaligned memory access. MFC after: 3 days
* Add a default ldconfig32_paths entry in default/rc.conf for 32-bit ↵matteo2006-02-131-0/+1
| | | | | | | | | | | compatability shared libraries. It is used by the ldconfig rc.d scripts. Document this variable in the man page PR: amd64/91571 Approved by: philip (mentor) MFC after: 3
* Since OLDCARD is gone from the kernel, catchup here and remove supportimp2006-02-133-73/+2
| | | | from here as well.
* Overhaul the named boot script:dougb2006-02-132-22/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Remove a now-spurious NetBSD CVS Id, as we are no longer synching work 2. Remove a now-spurious BEFORE, since ntpdate now REQUIRE's named 3. Replace the call to set rcvar with what that function would output, and generally reduce indirection ($name -> named) since it's highly unlikely the name of the named process or service will change any time soon. 4. Resort the order the variables at the top of the file to a more traditional format, and remove a spurious required_dirs from the top, as it works better after load_rc_config. 5. We do not want the default reload method with named, so define a simple but appropriate substitute using rndc. If I were writing this script for the first time I would not include this at all, since it's preferable to control a running daemon with rndc to start with, but given that this is already here, let's do it right. I hope that future generations will however resist the tempation to add reconfig to extra_commands. 6. By the same token, we want to use rndc to shut down named, but given that by defining a stop function we lose the "find the process by its pid file in an emergency" goodness of rc.subr, try to do something useful in the event that rndc is not available, and keep the user informed. 7. Replace some "test -f" with "test -r" to handle the unlikely event that the relevant file exists, but is unreadable. 8. Twiddle whitespace in a few areas, remove a spurious blank line, a bogus double space, and try to do better indenting. 9. Improve generation of the rndc.key file significantly a. If for some reason a user has an rndc.conf file, assume that they did that on purpose, and hence know what they are doing, so leave them alone. b. Introduce a named_uid configuration variable so that the user which owns the rndc.key file and the user named runs as always match, and is more easily configurable. This should dramatically reduce problems with rndc. c. Also test that the rndc.key file size is greater than zero, rather than simply that the file exists. I have seen at least one user report this exact problem, and although neither of us is sure where the empty file came from, the fix is simple, so include it. d. Rather than try to create an rndc.key file in both /etc/namedb and the chroot'ed /etc/namedb, assume that they are be the same (which they should be), and only create the file in the chroot'ed version of the directory. This partially addresses the problem described in conf/73929, but I have not yet finished thinking about the PREFIX issue that PR also raises. As a result of introducing the named_uid knob, the default named_flags are now empty. Update defaults/rc.conf and rc.conf(5) to reflect these changes.
* Install audit_control and audit_user, both of which are likely to berwatson2006-02-121-1/+1
| | | | | | modified by the administrator, as user-writable instead of read-only. Obtained from: TrustedBSD Project
* Don't include geli devices in list when noauto is specified in the options ↵flz2006-02-121-1/+10
| | | | | | | field. Approved by: pjd MFC after: 3 days
* Make localpkg print local scripts names when the boot is verbosematteo2006-02-121-0/+3
| | | | | | PR: conf/68525 Approved by: philip (mentor) MFC after: 3 days
* The bar.com is an existing domain. Instead of trying to listen onglebius2006-02-081-2/+2
| | | | | | | 64.15.205.248 address, change host to "foobar". This won't be resolvable in most cases, so administrator will need to change it. Also do not send our trap messages to 64.15.205.248, use localhost as default traphost.
* When there are no interesting information in output, exit with 0.matteo2006-02-071-3/+3
| | | | | | | PR: conf/92299 Submitted by: Petr Rehor <prehor@gmail.com> Approved by: philip (mentor) MFC after: 3 days
* pflog is a separate module now.mlaier2006-02-051-3/+3
| | | | | | Submitted by: Antoine Brodin PR: kern/88271 MFC after: 1 week
* Assign gid 77 to audit instead of gid 73. The ports group list did notrwatson2006-02-051-1/+1
| | | | | | include '73', which was assigned in a ports passwd entry to ircservices. Pointed out by: ceri
* The rpc.pcnfsd server was in the base for a little over seven minutesceri2006-02-051-1/+1
| | | | | back in 1994. Change the example entry to point at the port, as per the entries for uucpd et al.
* Change group for /var/audit to audit, so that audit review can berwatson2006-02-051-0/+2
| | | | | | delegated to non-administrators. Obtained from: TrustedBSD Project
* Allocate an 'audit' group, membership in which will grant the auditrwatson2006-02-051-0/+1
| | | | | | | review right by virtue of read file permission on /var/audit and its contents. Obtained from: TrustedBSD Project
* Enable getty(8) on ttyu2 by default in order to get machines that use amarius2006-02-041-1/+1
| | | | | | | | | RSC (Remote System Control) connected via uart2 as console working out of the box. On machines that use uart2 to connect a keyboard and thus the ttyu2 node doesn't exist this will trigger a warning from getty(8) but cause no real harm. MFC after: 1 week
* - Add a startup script for hostapd.flz2006-02-033-1/+24
| | | | | | | - Document associated variable in rc.conf(5). Approved by: dougb MFC after: 1 week
* Install /etc/security configuration files from OpenBSM.rwatson2006-02-021-0/+15
| | | | Obtained from: TrustedBSD Project
* Add auditd rc.d script.rwatson2006-02-022-1/+35
| | | | | Submitted by: trhodes Obtained from: TrustedBSD Project
* Add auditd_enable and auditd_flags rc.d scripts.rwatson2006-02-021-0/+2
| | | | Obtained from: TrustedBSD Project
* Add /var/audit, mode 750, which will hold audit trail files.rwatson2006-02-021-0/+2
| | | | Obtained from: TrustedBSD Project
* Make df output more consistent:matteo2006-01-301-1/+1
| | | | | | | | Remove -k now that -h is present use -l instead of -t nonfs to match smbfs too [1] PR: conf/50956 [1] Approved by: philip (mentor) MFC after: 3 days
* Make df output in periodic mail human readablematteo2006-01-301-1/+1
| | | | | | | PR: conf/87196 Submitted by: Mike <mspam@ideaway.net> Approved by: philip (mentor) MFC after: 3 days
* Enable the lowest Cx state by default. This will save power and we havenjl2006-01-291-2/+2
| | | | had enough testing of acpi_cpu to know this is stable now.
* Document the user/group LOR in our sample pf.confmlaier2006-01-271-0/+4
| | | | Submitted by: Devon H. O'Dell
* o Add IANA assigned InterBase Database Remote Protocol 3050/tcp/udp.maxim2006-01-251-0/+2
| | | | | | PR: conf/92319 Submitted by: skv MFC after: 1 week
OpenPOWER on IntegriCloud