summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* MFH (r303716, r303719): drop SSH1 support, disable DSA by defaultdes2016-08-051-1/+1
| | | | | | PR: 208254 Approved by: re (gjb) Relnotes: yes
* MFC r303160.cy2016-07-271-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update leap-seconds to leap-seconds.3676752000. As per https://datacenter.iers.org/web/guest/eop/-/somos/5Rgv/latest/16: UTC TIME STEP on the 1st of January 2017 A positive leap second will be introduced at the end of December 2016. The sequence of dates of the UTC second markers will be: 2016 December 31, 23h 59m 59s 2016 December 31, 23h 59m 60s 2017 January 1, 0h 0m 0s The difference between UTC and the International Atomic Time TAI is: from 2015 July 1, 0h UTC, to 2017 January 1 0h UTC : UTC-TAI = - 36s from 2017 January 1, 0h UTC, until further notice : UTC-TAI = - 37s Obtained from: ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.3676752000 See also: https://www.iers.org/SharedDocs/News/EN/BulletinC.html https://datacenter.iers.org/web/guest/eop/-/somos/5Rgv/latest/16 Relnotes: yes Approved by: re@ (delphij@)
* MFC r302857:jamie2016-07-171-3/+6
| | | | | | | | Start jails non-parallel if jail_parallel_start is NO. This was true for an explicitly specified jail list; now it's also true for all jails. PR: 209112 Approved by: re (gjb)
* MFC r302855:jamie2016-07-171-15/+16
| | | | | | | | | Wait for jails to complete startup if jail_parallel_start is YES, instead of assuming they'll take less than one second. PR: 203172 Submitted by: dmitry2004@yandex.ru Approved by: re (gjb)
* - Remove debugging from GENERIC* kernel configurationsgjb2016-07-081-1/+1
| | | | | | | | | - Enable MALLOC_PRODUCTION - Default dumpdev=NO - Remove UPDATING entry regarding debugging features Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
* Posixify the locales name for variantsbapt2016-07-031-22/+6
| | | | | | | | | | | | | | | | | | | | For all locales with variants: - if no ambiguity on the locale (only one variant) just use the regular name - if ambiguity, pick one as default and append @<variant> to the others respecting POSIX As a result: - All the 3 components locales added recently are renamed to the usual 2 components version for all but sr_RS.UTF-8 - Set sr_RS.UTF-8 to the cyrillic variant - Add sr_RS.UTF-8@latin - Remove the symlinks aliases they were created to represent the 2 components version as aliasas and are now useless - Update the OptionalObsoleteFiles.inc and ObsoleteFiles.inc to reflect those changes Discussed with: ache@ Approved by: re@ (gjb)
* Remove reference to mroute6d in /etc/netstart.bapt2016-06-251-1/+0
| | | | | | | | mroute6d has been removed in r298512. PR: 209405 Submitted by: Trond.Endrestol@ximalas.info Approved by: re (gjb)
* Add support for a /etc/defaults/vendor.conf override filelidl2016-06-231-0/+6
| | | | | | Reviewed by: stas, imp Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D6895
* Commit the bits of nda that were missed. This should fix the build.imp2016-06-101-0/+2
| | | | Approved by: re@
* Implement an NSS backend for netgroups and add getnetgrent_r(3).markj2016-06-091-0/+1
| | | | | | | | | | | | | | | | | | This support appears to have been documented in nsswitch.conf(5) for some time. The implementation adds two NSS netgroup providers to libc. The default, compat, provides the behaviour documented in netgroup(5), so this change does not make any user-visible behaviour changes. A files provider is also implemented. innetgr(3) is implemented as an optional NSS method so that providers such as NIS which are able to implement efficient reverse lookup can do so. A fallback implementation is used otherwise. getnetgrent_r(3) is added for convenience and to provide compatibility with glibc and Solaris. With a small patch to net/nss_ldap, it's possible to specify an ldap netgroup provider, allowing one to query nisNetgroupTriple entries. Sponsored by: EMC / Isilon Storage Division
* Fix typo with description for $ipv6_cpe_wanif (upstram -> upstream)ngie2016-06-081-1/+1
| | | | | | | MFC after: 3 days PR: 210146 Reported by: Sean M. Collins <sean@coreitpro.com> Sponsored by: EMC / Isilon Storage Division
* Separate BLACKLIST vs BLACKLIST_SUPPORT properlylidl2016-06-072-2/+2
| | | | Sponsored by: The FreeBSD Foundation
* Turn off blacklistd daemon in defaultslidl2016-06-061-1/+1
| | | | | | | | Reported by: Matteo Riondato ( matteo @ FreeBSD.org ) Reviewed by: rpaulo Approved by: rpaulo Relnotes: YES Sponsored by: The FreeBSD Foundation
* Connect ypldap(8) script on Makefile, forgotten on my previous commit r301480.araujo2016-06-061-0/+1
|
* Add rc.d script for ypldap(8).araujo2016-06-062-0/+29
|
* Install/Connect ypldap.conf(5) on examples.araujo2016-06-061-0/+2
|
* Enable daily_ntpd_leapfile_enable by default. Otherwise an expiredcy2016-06-041-2/+1
| | | | | | | | | | leapfile will be ignored and ntpd will behave as if it has no leapfile. While here, remove an extraneous blank line. Suggested by: ache MFC after: 1 week
* Add basic blacklist build supportlidl2016-06-026-2/+81
| | | | | | | | Reviewed by: rpaulo Approved by: rpaulo Relnotes: YES Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D5913
* Fix exit status of "service routing start <af> <iface>"asomers2016-06-021-0/+5
| | | | | | | | | | | etc/rc.d/routing Ignore the exit status of options_{inet,inet6,atm}. It's meaningless. Reviewed by: hrs MFC after: 4 weeks Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6687
* Revert r301137 and r301163, and implement a correct fixgjb2016-06-012-45/+0
| | | | | | | | | | for the CONFS issue with dma.conf and ppp.conf. Thank you very much to Bryan Drewery for looking into the problem and providing this fix. Pointyhat: gjb Sponsored by: The FreeBSD Foundation
* Implement a hack to re-enable installation of the dma.conf.gjb2016-06-011-0/+4
| | | | | | | | | | | | The 'CONFS' entries in share/mk/bsd.confs.mk explicitly check for the 'installconfig', but does not behave properly with the 'distribute' target. This seems to be related to the previously-reported issues with files within /etc in the past. Reported by: Ben Woods Sponsored by: The FreeBSD Foundation
* Revert r289096:gjb2016-06-012-0/+41
| | | | | | | | | | | | | Files listed in 'CONFS' are not properly included in new installations (missing from base.txz), for reasons I still do not fully understand. This reverts the change excluding /etc/ppp/ppp.conf from a new installation. /etc/dma/dma.conf is also affected, but requires a different solution, still being investigated. Reported by: Ben Woods Sponsored by: The FreeBSD Foundation
* Don't rely on $ntpd_enable to periodically fetch the latestcy2016-06-011-2/+2
| | | | | | | leapfile. Suggested by: cperciva MFC after: 1 week
* Fix indentation in dhclient rc.d scriptvangyzen2016-05-311-1/+1
|
* Cosmetics: add missing space after the ':' in etc/rc.d/random.trasz2016-05-311-2/+2
| | | | | MFC after: 1 month Sponsored by: The FreeBSD Foundation
* Fix circular dependency created after r287197 between ldconfig and ↵ngie2016-05-302-4/+14
| | | | | | | | | | | | | | | | | | | mountcritremote ldconfig is already required by mountcritremote indirectly, as noted by rcorder: > rcorder: Circular dependency on provision `mountcritremote' in file `ldconfig'. Having mountcritremote REQUIRE ldconfig breaks dependency ordering. Making the ldconfig hints be conditionally regenerated from mountcritremote when remote filesystems are mounted is done after this change, similar to cleanvar being conditionally called after the change. Differential Revision: https://reviews.freebsd.org/D6621 PR: 202726 Reviewed by: jilles Sponsored by: EMC / Isilon Storage Division
* Make netif REQUIRE hostidngie2016-05-291-1/+1
| | | | | | | | | | | | | As noted in the PR, if etc/rc.d/zvol is removed, netif will be run before hostid, and the MAC address generated for any bridge devices will be non-deterministic. Make the MAC address generated be deterministic for bridge devices by explicitly REQUIRE'ing hostid. This fixes up the rest of the PR, inadvertently committed in r299844 MFC after: 1 week PR: 195188 Sponsored by: EMC / Isilon Storage Division
* Fix "make installworld" with MK_CDDL == no after r300906 byngie2016-05-291-0/+2
| | | | | | | | | adding a missing entry for ${TESTSBASE}/cddl/sbin X-MFC with: r300906 Pointyhat to: asomers Reported by: Shawn Webb <shawn.webb@hardenedbsd.org> Sponsored by: EMC / Isilon Storage Division
* zfsd(8), the ZFS fault management daemonasomers2016-05-286-3/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add zfsd, which deals with hard drive faults in ZFS pools. It manages hotspares and replements in drive slots that publish physical paths. cddl/usr.sbin/zfsd Add zfsd(8) and its unit tests cddl/usr.sbin/Makefile Add zfsd to the build lib/libdevdctl A C++ library that helps devd clients process events lib/Makefile share/mk/bsd.libnames.mk share/mk/src.libnames.mk Add libdevdctl to the build. It's a private library, unusable by out-of-tree software. etc/defaults/rc.conf By default, set zfsd_enable to NO etc/mtree/BSD.include.dist Add a directory for libdevdctl's include files etc/mtree/BSD.tests.dist Add a directory for zfsd's unit tests etc/mtree/BSD.var.dist Add /var/db/zfsd/cases, where zfsd stores case files while it's shut down. etc/rc.d/Makefile etc/rc.d/zfsd Add zfsd's rc script sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c Fix the resource.fs.zfs.statechange message. It had a number of problems: It was only being emitted on a transition to the HEALTHY state. That made it impossible for zfsd to take actions based on drives getting sicker. It compared the new state to vdev_prevstate, which is the state that the vdev had the last time it was opened. That doesn't make sense, because a vdev can change state multiple times without being reopened. vdev_set_state contains logic that will change the device's new state based on various conditions. However, the statechange event was being posted _before_ that logic took effect. Now it's being posted after. Submitted by: gibbs, asomers, mav, allanjude Reviewed by: mav, delphij Relnotes: yes Sponsored by: Spectra Logic Corp, iX Systems Differential Revision: https://reviews.freebsd.org/D6564
* Always create loopback routes on every fibasomers2016-05-271-10/+26
| | | | | | | | | | | | | | | | | | | | | | | | Always create loopback routes on every fib, for both IPv4 and IPv6 etc/rc.d/routing Create loopback IPv4 and IPv6 routes on every fib at boot. Revert 278302; now that all FIBs have IPv6 loopback routes, the "route add -reject" commands won't fail. tests/etc/rc.d/routing_test.sh Greatly simplify static_ipv6_loopback_route_for_each_fib. It was written under the assumption that loopback routes would be added to a given fib by the kernel as soon as an interface is configured on that fib. However, the logic can be much simpler now that we simply add loopback routes to all fibs at boot. This also removes the need to run the test as root, removes the restriction that net.add_addr_allfibs=0, and removes the need to configure fibs in kyua.conf. Also, add a test case for IPv4 loopback routes Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6582
* Use the expiry date to determine whether to replace the DB copy ofcy2016-05-251-2/+2
| | | | | | | | leapfile instead of using the leapfile serial number (create timestamp). PR: 209577 MFC after: 3 days
* Better document security_show_{success,info,badconfig} in /etc/periodic.confasomers2016-05-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | periodic(8) already handles the security_show_{success,info,badconfig} variables correctly. However, those variables aren't explicitly set in /etc/defaults/periodic.conf or anywhere else, which suggests to the user that they shouldn't be used. etc/defaults/periodic.conf Explicitly set defaults for security_show_{success,info,badconfig} usr.sbin/periodic/periodic.sh Update usage string usr.sbin/periodic/periodic.8 Minor man page updates One thing I'm _not_ doing is recommending setting security_output to /var/log/security.log or adding that file to /etc/newsyslog.conf, because periodic(8) would create it with default permissions, usually 644, and that's probably a bad idea. Reviewed by: brd MFC after: 4 weeks Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6477
* Remove DTrace tooklkit from the mtree and add the files to removegnn2016-05-201-2/+0
| | | | | | to the ObsoleteFiles list. Sponsored by: DARPA, AFRL
* Update leap-seconds to leap-seconds.3661459200.cy2016-05-191-6/+6
| | | | | | | | | | NO leap second will be introduced at the end of June 2016. This commit reapplies the r298887 minor spelling fix. Obtained from: ftp://tycho.usno.navy.mil/pub/ntp/. See also: http://www.iers.org/SharedDocs/News/EN/BulletinC.html MFC after: 2 weeks
* Make hostid_save depend on hostidngie2016-05-151-1/+1
| | | | | MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* Fix broken dependency with routed when MK_ROUTED != nongie2016-05-152-1/+2
| | | | | | | | Remove routed as a requirement in NETWORKING, and put it in routed as a BEFORE requirement instead MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* Conditionalize installing etc/rc.d/atm{1,2,3}ngie2016-05-152-4/+9
| | | | | | | | `BEFORE: netif` was already in etc/rc.d/atm1, so no additional changes are needed in that script MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* Conditionalize etc/rc.d/{zfs,zvol} install on MK_ZFS != nongie2016-05-151-2/+7
| | | | | MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* Make FILESYSTEMS, dumpon, and var not depend on zfs and zvolngie2016-05-155-3/+4
| | | | | | | | Make zfs and zvol come before all of the items that depended on them previously MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* Reduce redundancy after release-pkg merge to head in r298107ngie2016-05-151-38/+17
| | | | | | | | | | - Use BINDIR instead of FILESDIR - Default all <FILESGROUPS>MODEs to BINMODE with a single for-loop at the bottom of the Makefile - Move all of the conditionals under the relevant MK_* != no build conditional blocks Sponsored by: EMC / Isilon Storage Division
* iconvctl(3): remove superfluous NULL pointer testsvangyzen2016-05-141-0/+2
| | | | | | | | | | | | | | | convname and dst are guaranteed to be non-NULL by iconv_open(3). src is an array. Remove these tests for NULL pointers. While I'm here, eliminate a strlcpy with a correct but suspicious-looking calculation for the third parameter (i.e. not a simple sizeof). Compare the strings in-place instead of copying. Found by: bdrewery Found by: Coverity CID: 1130050, 1130056 MFC after: 3 days Sponsored by: Dell Inc. Differential Revision: https://reviews.freebsd.org/D6338
* MFV r299425:mm2016-05-121-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update libarchive to 3.2.0 New features: - new bsdcat command-line utility - LZ4 compression (in src only via external utility from ports) - Warc format support - 'Raw' format writer - Zip: Support archives >4GB, entries >4GB - Zip: Support encrypting and decrypting entries - Zip: Support experimental streaming extension - Identify encrypted entries in several formats - New --clear-nochange-flags option to bsdtar tries to remove noschg and similar flags before deleting files - New --ignore-zeros option to bsdtar to handle concatenated tar archives - Use multi-threaded LZMA decompression if liblzma supports it - Expose version info for libraries used by libarchive Patched files (fixed compiler warnings): contrib/libarchive/cat/bsdcat.c (vendor PR #702) contrib/libarchive/cat/bsdcat.h (vendor PR #702) contrib/libarchive/libarchive/archive_read_support_format_mtree.c (PR #701) contrib/libarchive/libarchive_fe/err.c (vendor PR #703) MFC after: 1 month Relnotes: yes
* Capitalize "LDAP" in the description field of the _ypldap entry.bcr2016-05-101-1/+1
| | | | | | Reviewed by: bapt MFC after: 5 days Differential Revision: https://reviews.freebsd.org/D5267
* Refactor the root mount hold code and add the wait to etc/rc.d/fsck.trasz2016-05-103-28/+48
| | | | | | | | | | | This fixes mounting (non-root) USB drives on boot with fsck enabled (with non-zero 'Pass#' field in fstab(5)). Reported by: Graham Menhennitt <graham at menhennitt.com.au> Reviewed by: jilles@ MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6221
* install: Add some tests.jilles2016-05-081-0/+2
|
* Make "-S" a default option for mountd.rmacklem2016-05-081-1/+1
| | | | | | | | | | | | After a discussion on freebsd-fs@ there seemed to be a consensus that the "-S" option for mountd should become the default. Since the only known issue w.r.t. using "-S" was fixed by r299201, this commit adds "-S" to the default mountd_flags. Discussed on: freebsd-fs PR: 9619, 131342, 206855 MFC after: 2 weeks Relnotes: yes
* Only install etc/rc.d/{rfcomm_pppd_server,sdpd} if MK_BLUETOOTH != nongie2016-05-061-2/+2
| | | | | | | These are bluetooth specific services MFC after: 1 week Sponsored by: EMC / Isilon Storage Division
* Improve performance and functionality of the bitstring(3) apiasomers2016-05-041-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Two new functions are provided, bit_ffs_at() and bit_ffc_at(), which allow for efficient searching of set or cleared bits starting from any bit offset within the bit string. Performance is improved by operating on longs instead of bytes and using ffsl() for searches within a long. ffsl() is a compiler builtin in both clang and gcc for most architectures, converting what was a brute force while loop search into a couple of instructions. All of the bitstring(3) API continues to be contained in the header file. Some of the functions are large enough that perhaps they should be uninlined and moved to a library, but that is beyond the scope of this commit. sys/sys/bitstring.h: Convert the majority of the existing bit string implementation from macros to inline functions. Properly protect the implementation from inadvertant macro expansion when included in a user's program by prefixing all private macros/functions and local variables with '_'. Add bit_ffs_at() and bit_ffc_at(). Implement bit_ffs() and bit_ffc() in terms of their "at" counterparts. Provide a kernel implementation of bit_alloc(), making the full API usable in the kernel. Improve code documenation. share/man/man3/bitstring.3: Add pre-exisiting API bit_ffc() to the synopsis. Document new APIs. Document the initialization state of the bit strings allocated/declared by bit_alloc() and bit_decl(). Correct documentation for bitstr_size(). The original code comments indicate the size is in bytes, not "elements of bitstr_t". The new implementation follows this lead. Only hastd assumed "elements" rather than bytes and it has been corrected. etc/mtree/BSD.tests.dist: tests/sys/Makefile: tests/sys/sys/Makefile: tests/sys/sys/bitstring.c: Add tests for all existing and new functionality. include/bitstring.h Include all headers needed by sys/bitstring.h lib/libbluetooth/bluetooth.h: usr.sbin/bluetooth/hccontrol/le.c: Include bitstring.h instead of sys/bitstring.h. sbin/hastd/activemap.c: Correct usage of bitstr_size(). sys/dev/xen/blkback/blkback.c Use new bit_alloc. sys/kern/subr_unit.c: Remove hard-coded assumption that sizeof(bitstr_t) is 1. Get rid of unrb.busy, which caches the number of bits set in unrb.map. When INVARIANTS are disabled, nothing needs to know that information. callapse_unr can be adapted to use bit_ffs and bit_ffc instead. Eliminating unrb.busy saves memory, simplifies the code, and provides a slight speedup when INVARIANTS are disabled. sys/net/flowtable.c: Use the new kernel implementation of bit-alloc, instead of hacking the old libc-dependent macro. sys/sys/param.h Update __FreeBSD_version to indicate availability of new API Submitted by: gibbs, asomers Reviewed by: gibbs, ngie MFC after: 4 weeks Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6004
* Add a debug dir for /boot/modules.jhb2016-05-031-0/+2
| | | | | | | This provides a place for standalone modules to store debug symbols. Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D6190
* etc: minor spelling fixes.pfg2016-05-014-5/+5
| | | | | | Mostly comments but these tend to be user-visible. MFC after: 2 weeks
OpenPOWER on IntegriCloud