| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
is set and "natd_enable" is NOT set;
- Accept and pass firewall type to the external firewall script.
Submitted by: Yuri Kurenkov < y -dot- kurenkov -at- init -dot- ru >
MFC after: 3 days
No response from: freebsd-rc
|
|
|
|
| |
PR: conf/127510
|
| |
|
|
|
|
| |
MFC after: 2 weeks
|
|
|
|
|
|
|
|
|
|
|
|
| |
sendmail / postfix etc. may fail to start because DNS is unavailable and /
or the server is unreachable. In the worst case, the machine may become
unusable.
Debugging this issue was far more difficult than it should have been, due
to earlier changes to the rc framework to hide almost all useful information
about the boot process.
Approved by: silence
|
|
|
|
| |
created using wlandebug_<ifn> variables.
|
| |
|
|
|
|
|
| |
is degraded upon the next reboot and will have to be rebuild.
Thus call swapoff when rebooting (read: when stopping swap1)
|
|
|
|
|
|
|
|
| |
needed by the hal port. This will be removed before 8.0.
Add an exclusion to kdump as some structs will be redefined.
Requested by: marcus
|
| |
|
|
|
|
| |
reflect its purpose.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Even though I increased the amount of pts(4) entries in /etc/ttys some
time ago, I didn't realize back then those entries shouldn't have been
there in the first place.
I just looked at the getttyent() source code and it turns out when you
call setttyent(), it walks through /dev/pts and looks for the device
with the highest number. After you receive EOF's from getttyent(), it
makes up entries for pts(4) devices.
This means that adding entries for pts(4) is somewhat harmful, because
if you now traverse the list, you get redundant entries, so just remove
them.
|
|
|
|
| |
Reviewed by: imp
|
|
|
|
| |
PR: conf/131458
|
|
|
|
|
|
|
|
|
|
| |
the jail case specifically. In case we find a proper pre-seeded
devfs in the chroot path (mounted from the base system) permit
starting chrooted else give proper warn/error messages.
PR: conf/103489
Reviewed by: dougb
MFC after: 5 days
|
|
|
|
| |
rc.conf but not necessarily started.
|
|
|
|
|
|
| |
default route to show up we can turn this knob back on
without screwing subsequent daemons that expect to be
able to talk to the outside world.
|
|
|
|
|
|
| |
time to boot an unplugged system 30 sec. longer for no good reason. Therefore,
add a check to make sure that any DHCP interfaces are plugged in before
waiting.
|
|
|
|
|
|
| |
all in this function, and grep shows no other instances of it
(besides, this is a function, and in a sub-shell, so all changes are
local).
|
|
|
|
|
|
| |
when ntpd_sync_on_start is set.
Noticed by: rafan
|
|
|
|
|
|
| |
o no need for special country codes; it's sufficient to use the sku
o no need to specify bands w/ 2.4G frequencies, use the real values
o remove duplicate band specs
|
|
|
|
|
|
|
|
|
| |
the -g and -q options. They do a slightly different thing and
both are necessary when the time difference is large.
Noticed by: danger, in the forums
Approved by: roberto
MFC after: 1 week
|
|
|
|
|
|
|
| |
Leave a comment for the next person that thinks they need to be helpful.
Reviewed by: imp, jhb
MFC after: 2 weeks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Note: this is only really necessary because of the ifconfig
logic to add/remove the jail IPs upon start/stop.
Consensus among simon and I is that the logic should
really be factored out from the startup script and put
into a proper management solution.
- We now support starting of no-IP jails.
- Remove the global jail_<jname>_netmask option as it is only
helpful to set netmasks/prefixes for the right address
family and per address.
- Implement jail_<jname>_ip options to support both
address familes with regard to ifconfig logic.
- Implement _multi<n> support suffix to the jail_<jname>_ip
option to configure additional addresses to avoid overlong,
unreadbale jail_<jname>_ip lines with lots of addresses.
Submitted by: initial work from Ruben van Staveren
Discussed on: freebsd-jail in Nov 2008.
Reviewed by: simon, ru (partial, older version)
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rcshutdown_timeout (normally 30s) around re-parented to init, make
sure both go away using pkill -P.
While noone normally notices this for the system shutdown, it helps for
cleanly shutting down trusted jails.
Found without a killall in the base system, which in rc.d/jail normally
ensures that all processes of a jail to be stopped will be killed.
Reviewed by: silence on current@
MFC after: 4 weeks
|
| |
|
|
|
|
| |
modeled after the Atheros SKU of the same name
|
| |
|
|
|
|
|
|
| |
security.7 manpage a while ago.
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
| |
the suggested ruleset[1].
While here use an IP from the 'test-net' prefix for docs.
PR: kern/130102 ([1] different problem in the end)
Reviewed by: simon
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
| |
easier to maintain custom rules for non-system things like ACPI hotkeys.
/etc/devd.conf is already set up to check this directory, no change needed there.
|
|
|
|
|
|
|
|
|
| |
newline when it fails to obtain an address via DHCP. This made the next
rc script begin its output on the same line.
PR: conf
Submitted by: Bruce Cran <bruce at cran dot org dot uk>
MFC after: 3 days
|
|
|
|
| |
o add definitions for 900MHz radios: Ubiquiti SR9 and XR9, and ZComax GZ-901
|
|
|
|
|
|
|
| |
it does come back it would probably be better if users who were interested
in slip added appropriate lines instead of this being here unconditionally.
Reminded by: tut <at> nhamon <dot> com <dot> ua
|
|
|
|
|
|
| |
does ever come back it's probably best if its log file be something that
gets added if the user decided they want to run slip instead of having
it here unconditionally.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
src/sys/dev/usb2/core/usbdevs
src/sys/dev/usb2/include/urio2_ioctl.h
src/sys/dev/usb2/storage/ustorage2_fs.h
These files are not used any more.
src/usr.sbin/Makefile
src/etc/mtree/BSD.include.dist
src/include/Makefile
src/lib/Makefile
src/share/man/man7/hier.7
src/share/mk/bsd.libnames.mk
src/etc/mtree/BSD.include.dist
Make "usbconfig" and "libusb20" a part of the default build.
src/sys/dev/usb/rio500_usb.h
src/sys/dev/usb2/storage/urio2.c
Use common include file.
src/sys/dev/usb2/bluetooth/ng_ubt2.c
Make USB bluetooth depend on "ng_hci" module.
src/sys/dev/usb2/controller/ehci2.c
src/sys/dev/usb2/controller/ehci2.h
Patches for Marvell EHCI.
src/sys/dev/usb2/core/usb2_busdma.c
Bugfix for 64-bit platforms. Need to unload the previously loaded DMA
map and some cleanup regarding some corner cases.
src/sys/dev/usb2/core/usb2_core.h
src/sys/dev/usb2/core/usb2_dev.c
src/sys/dev/usb2/core/usb2_dev.h
Bugfix for libusb filesystem interface.
New feature: Add support for filtering device data at the expense of the
userland process.
Add some more comments.
Some minor code styling.
Remove unused function, usb2_fifo_get_data_next().
Fix an issue about "fifo_index" being used instead of "ep_index".
src/sys/dev/usb2/core/usb2_device.c
src/sys/dev/usb2/core/usb2_generic.c
Bugfix for Linux USB compat layer. Do not free non-generic FIFOs when
doing an alternate setting.
Cleanup USB IOCTL and USB reference handling.
Fix a corner case where USB-FS was left initialised after
setting a new configuration or alternate setting.
src/sys/dev/usb2/core/usb2_hub.c
Improvement: Check all USB HUB ports by default at least one time.
src/sys/dev/usb2/core/usb2_request.c
Bugfix: Make sure destination ASCII string is properly zero terminated
in all cases.
Improvement: Skip invalid characters instead of replacing with a dot.
src/sys/dev/usb2/core/usb2_util.c
src/sys/dev/usb2/image/uscanner2.c
Spelling.
src/sys/dev/usb2/include/Makefile
Share "usbdevs" with the old USB stack.
src/sys/dev/usb2/include/usb2_devid.h
src/sys/dev/usb2/include/usb2_devtable.h
Regenerate files.
Alfred: Please fix the RCS tag at the top.
src/sys/dev/usb2/include/usb2_ioctl.h
Fix compilation of "kdump".
src/sys/dev/usb2/serial/ubsa2.c
src/sys/dev/usb2/serial/ugensa2.c
Remove device ID's which will end up in a new 3G driver.
src/sys/dev/usb2/sound/uaudio2.c
Correct a debug printout.
src/sys/dev/usb2/storage/umass2.c
Sync with old USB stack.
src/lib/libusb20/libusb20.3
Add more documentation.
src/lib/libusb20/libusb20.c
Various bugfixes and improvements.
src/usr.sbin/usbconfig/dump.c
src/usr.sbin/usbconfig/usbconfig.c
New commands for dumping strings and doing custom USB requests from
the command line.
Remove keyword requirements from generated files:
"head/sys/dev/usb2/include/usb2_devid.h"
"head/sys/dev/usb2/include/usb2_devtable.h"
|
|
|
|
| |
Approved by: dfr
|
|
|
|
| |
devd.
|
|
|
|
|
|
|
| |
PR: 128553
Submitted by: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
Reviewed by: philip
MFC after: 2 months
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager. I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.
The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.
To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.
As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.
Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.
The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.
Sponsored by: Isilon Systems
MFC after: 1 month
|
| |
|
|
|
|
| |
Not objected to by: sam
|
| |
|
|
|
|
| |
keyboard on the EeePC.
|
|
|
|
|
|
|
| |
but there won't be one so root won't be able to login; edit the installed
file to use /bin/sh in this case.
o while here split csh-related files apart from sh and only install them
when requested
|
|
|
|
| |
process.
|
|
|
|
|
|
|
|
|
|
|
|
| |
I noticed on a system at home that restarting named(8) causes the
/var/named/dev mount to be moved to the bottom of the mount list,
because it gets remounted. When I received the daily security email this
morning, I was quite amazed to see that the security report listed the
differences, while it was nothing out of the ordinary.
If we just throw the `mount -p' output through sort(1), we'll only
receive notifications about changes to mounts if something has really
changed.
|
|
|
|
| |
so far are uart subclasses. Also, turn uart0 on by default.
|