summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* cosmetic fix - add a space.jkh2000-02-297-7/+7
|
* Add the new ses example code directories, unbreak world.billf2000-02-291-0/+10
| | | | | | Submitted by: cpiazza, who... Actually tested: make world Desired by: jkh, mjacob
* Document NODESCRYPTLINKSkris2000-02-291-0/+1
|
* Get the order of things right; the keys need to be generatedmarkm2000-02-288-28/+9
| | | | | early to allow entropy to replenish. sshd must start late to catch the full effects of ldconfig.
* Generate new sshd host key when necessary. I'm tired ofjkh2000-02-287-7/+49
| | | | waiting for someone to commit this. :)
* Update the description of NOCRYPT and NOSECURE to match reality.kris2000-02-281-2/+2
|
* Fix a typo, so that the Aironet 4500 really does have an entry here.steve2000-02-282-2/+2
| | | | | | PR: 17028 Submitted by: David Malone <dwmalone@maths.tcd.ie> Approved by: jkh
* Document the following buildworld knobs:kris2000-02-271-4/+11
| | | | NO_FORTRAN NOCRYPT NOGAMES NOINFO NOLIBC_R NOSECURE NOSHARE
* Document NOPERL for disabling building of PERL altogether.kris2000-02-271-0/+3
|
* Add IPv6 services into inetd.conf.shin2000-02-271-0/+31
| | | | | | | | Also enable some standard IPv6 apps by default. These entries will be simply ignored on systems with no INET6 defined. Approved by: jkh Suggested by: peter
* Add IPv6 related docs.shin2000-02-261-0/+4
| | | | Reviewed by: phantom
* Install ssh files in /etc/ssh and tidy up a couple of other nitspeter2000-02-251-5/+9
|
* Add /etc/sshpeter2000-02-251-0/+2
|
* Ack! Time to get the pointy hat. Re-add missing / I left out.peter2000-02-251-1/+1
| | | | Submitted by: John Hay <jhay@mikom.csir.co.za>
* Fix references to crypto code to check that it exists first. Otherwisepeter2000-02-251-1/+1
| | | | | | | it breaks mergemaster (and probably other things). Submitted by: Munehiro Matsuda <haro@tk.kubota.co.jp> Approved by: jkh
* Run sshd at boot time if the sysadmin wants it. Also installmarkm2000-02-248-0/+54
| | | | ssh[d] config files in the right place.
* Add userland tweakables for OpenSSH and OpenSSL.markm2000-02-242-0/+10
|
* -Remove IPv6 initialization failed interfaces from the list ofshin2000-02-242-6/+42
| | | | | | | | | interfaces passed to rtadvd -Comment out example sentences more completely -Redirect error message of ifconfig output into /dev/null, to correctly find out working IPv6 interfaces Approved by: jkh
* -Removed unnecessary use of awk.shin2000-02-242-10/+10
| | | | | | | | -small comment fix. Approved by: jkh Submitted by: Chris Costello <chris@calldei.com>
* Added rc.network6.shin2000-02-241-1/+1
| | | | | | | Approved by: jkh Submitted by: bmah@CA.Sandia.GOV (Bruce A. Mah), Ruslan Ermilov <ru@ucb.crimea.ua>
* Add IPv6 configuration scripts.shin2000-02-234-0/+529
| | | | | | | | | | | Initial version created by, and kindly much tested by: bmah@CA.Sandia.GOV (Bruce A. Mah) Approved by: jkh Reviewed by: bmah@CA.Sandia.GOV (Bruce A. Mah), Ollivier Robert <roberto@keltia.freenix.fr> Obtained from: KAME project
* Fixed a typo. The D-Link is a DFE-650, not a DEF-650.joe2000-02-222-8/+8
| | | | Approved by: jkh
* PS/2 mice are a lot more common than serial mice now; use /dev/psm0jkh2000-02-191-1/+1
| | | | as default rather than /dev/cuaa0
* Modify MAKEDEV to create four bpf devices instead of one when doing arwatson2000-02-181-1/+2
| | | | | | | | | | | | MAKEDEV all, making DHCP on multiple interfaces happier, and allowing use of tcpdump to to debug DHCP, without creating more devices. (we need devfs) Modify MAKEDEV to create four tun devices in MAKEDEV all as well, since we're being gratuitous with network pseudo-devices. (we need devfs) Approved by: The Hubbard
* Add ${X11BASE}/lib/X11/local -- this directory is created by the Xasami2000-02-182-0/+4
| | | | | | installation, so it should be in this file too. Approved by: jkh
* Fix previous commit to not use the PAO 'any' keyword.imp2000-02-172-6/+6
| | | | Approved: Prior commit approved by jkh
* The default rule in this file actually sent mail to root as its defaultjkh2000-02-171-3/+2
| | | | | | action when denying access to a service. Unfortunately, this also makes a dandy denial-of-service attack possible. Change to just log the event and shoot a "go away" response back down the socket.
* Add IPv6 loopback entry into src/etc/hosts.shin2000-02-151-0/+1
| | | | | | | | Missing IPv6 loopback name record cause name resolving lock on INET6 enabled systems in some cases. So define it. Approved by: jkh
* No arguments needed for fore_dnld any longer.phk2000-02-156-6/+6
| | | | Approved by: jkh
* More cards from posts to -mobile.imp2000-02-142-14/+72
|
* Fix typo (s/Pladio/Paldio/).kuriyama2000-02-132-2/+2
|
* Add the uhid device.n_hibma2000-02-121-1/+7
| | | | Approved by: jhk
* Add ftpd entries into /etc/pam.conf.shin2000-02-121-0/+6
| | | | | | | | | | | S/Key authentication for ftpd was not working due to ftp implementation and /etc/pam.conf missmatch. So add ftpd entries into /etc/pam.conf. Reported by: "Jose M. Alcaide" <jose@we.lc.ehu.es> Approved by: jkh Reviewed by: markm
* Added Melco Airconnect wireless Ethernet.hosokawa2000-02-122-0/+16
| | | | | Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp> OK'ed by: jkh@FreeBSD.org
* When running dhclient on a PC-Card insertion, specify the insertednsayer2000-02-111-4/+5
| | | | | | | | | | interface on the dhclient command line. Not doing so screws up vmware's network interface by attempting to configure it for DHCP (which will never work, of course). It also would impact any other interface that may be present that, again, would likely be manually configured for some other purpose. Approved by: jkh
* Remove /dev/console from the jail /dev environment. It's probably notrwatson2000-02-091-1/+2
| | | | | | | | | | | | strictly a security hole, but neither is it a very good idea. Replace it with a symlink to /dev/null to happify programs that expect it. It is suggested that users of the jail environment modify the jail's syslog.conf to not send stuff to /dev/console, but instead syslog it somewhere else. Such as a loghost, potentially even to the host environment's syslog. Approved by: jkh
* Intoduce a new make.conf entry, NO_MAKEDEV, and modifications torwatson2000-02-092-0/+5
| | | | | | | | | /etc/Makefile so that if it is defined, MAKEDEV all is not called during a make distribution. This helps clean up the messy userland in jail(), by reducing the number of devices exposed in jail. Modifications to jail(2) to follow. Approved by: jkh-arius
* Add two commented out syslog.conf entries, one to demonstrate the use ofrwatson2000-02-082-1/+6
| | | | | | | | | | | | | | an all.log for logging all messages, and one to demonstrate use of loghosts. Also, a matching entry in newsyslog.conf for all.log. Per request of Garrett Wollman, also modified the maillog entry to use the @T newsyslog time specification mechanism. Because newsyslog doesn't support the mod date specification machanism, couldn't change other entries that required more than one execution a month, but less than once a day. Approved by: jkh Reviewed by: freebsd-security
* Add a firewall_flags option that is used when ipfw processes a file. It allowspaul2000-02-062-1/+2
| | | | | | | you to run a preprocessor, such as m4, so that you can use macros in your rules file. Approved by: jkh
* Approved by: jkhhm2000-02-067-70/+70
| | | | | | | | | | | Reviewed by: joerg The isdnd is able to listen on a socket for isdnmonitor to connect to it to remotely control it (similar to ppp and pppctl). When this is enabled in the isdnd config file, it will fail currently because isdnd is started before the network interfaces are configured. It is necessary to move the isdnd start after the ifconfig of the network interfaces, then this problem will not occur.
* /dev/vn0b is a character device now.nsayer2000-02-031-1/+1
| | | | Approved by: jkh
* Revert to rev 1.6 until post 4.0-R. As probably 98% of i386 installsobrien2000-01-292-2/+4
| | | | | | happen with a keyboard and monitor the console change was not as needed in the i386 case as the Alpha case. IMO >50% of Alpha installs are using a serial console, the change matching rev 1.7 should not be backed out.
* Fixed chgrp lossage in rev.1.233. Most floppy devices and all slices for diskbde2000-01-291-39/+41
| | | | | | | | | | | devices because accessible by group wheel instead of group operator. Didn't fix fishy group for rsa*.ctl. This device should have group operator if that is safe, or mode 600 and group wheel. Removed ssc and uk*. Removed bogus (redundant) chmod's to 600.
* Add three entries:imp2000-01-292-0/+50
| | | | | | | | | # Apollo PCMCIA Ethernet Adapter # Olicom OC2220 # National Semiconductor InfoMover NE4100 I forgot who submitted the first two, but the third one was submitted by Jim Bloom.
* * Use `console' rather than `ttyv0' so there will always be a getty onobrien2000-01-293-7/+9
| | | | | the console reguardless of the type of console. * Make the Alpha version match the i386 version.
* Update this with the additional nets recomended by readingrgrimes2000-01-281-14/+26
| | | | | | | | | | | draft-manning-dsua-01.txt. Stop using public addresses as samples and use the recommended 192.0.2.0/24 netblock that has specifically been set aside for documentation purposes. Reviewed by: readers of freebsd-security did not respond to a request for review
* Add 'config auto' confirmed entries.iwasaki2000-01-272-0/+46
| | | | | | Submitted by: Atsushi Onoe <onoe@sm.sony.co.jp>, YAMAMOTO Shigeru <shigeru@iij.ad.jp>, Masahide -mac- NODA <mac@clave.gr.jp>
* Revert to rev 1.3 since the sed'ing is wrong. Revisit this after 4.0-RELEASE.obrien2000-01-271-3/+3
|
* Remove 'USE_INET6' define. Now we check IPv6 ability by 'OSVERSION'sumikawa2000-01-271-5/+0
| | | | Suggested by: asami
* Fix English. Also use full spelling and reorg a little while I'm here.obrien2000-01-251-5/+5
| | | | Submitted by: Andy Farkas <andyf@speednet.com.au>
OpenPOWER on IntegriCloud