| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After a change of devd.conf, devd(8) handles NIC attach/detach event
by using /etc/pccard_ether with the interface name as the argument.
This model does not work properly with IPv6 configuration because the
implementation of IPv6 stateless auto-configuration in the FreeBSD
rc.d scripts depends on whether there are any explicit configurations
for interfaces or not. It works this way: if no manual configuration,
it will perform auto-configuration, but otherwise no
auto-configuration will be performed. So, this behavior can only be
determined by all of the interfaces on a system, not a single one.
For this reason, the network6_interface_setup() function called from
the pccard_ether_start() does not work with a single interface name.
And what is worse, this combination of devd.conf and
pccard_ether_start() caused a bad side-effect that when
ipv6_enable=YES, all of interfaces marked as DOWN would be UP
unconditionally (and router solicitation was sent) just after devd(8)
was invoked. This should be fixed in a more sophisticated way.
|
| |
|
|
|
|
|
|
| |
A kernel with INET6 always has ::1 on lo0, so in the case of
ipv6_enable="NO" the lo0 can have ::1 with no link-local address.
This is a violation of the IPv6 specification. As a workaround for
this situation, fe80::1 is added in rc.d/auto_linklocal when lo0 has
no link-local address. This should not be harmful for IPv4-only users.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- add better checks on non-existing directories to prevent error
messages at run time;
- introduce a function log() to help debugging diskless booting
when things don't work;
- modify the parsing of diskless_remount so you can add mount_nfs
options after the pathname. You could use 'remount' to do something
similar, but this way is more convenient because you don't have to
hardwire the server name in the command.
- document the above.
I have been running the above in a diskless lab since february on RELENG_6.
MFC after: 1 week
|
| |
|
|
|
| |
Obtained from: NetBSD
X-MFC after: 6.2-RELEASE
|
| |
|
|
|
|
|
|
| |
There's no dollar use in variable assignment in sh.
Assuming this is can be expected behavior for some
people, this change won't be MFC'ed to RELENG_6.
Discussed with: yar on -rc
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
loading them into the live one too.
PR: conf/97311
Submitted by: David Bushong
Reviewed by: silence on rc@
Approved by: ru (mentor)
MFC after: 10 days
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
| |
Reviewed by: philip
|
| |
|
|
|
|
|
|
| |
how to change the auditd instance. When using a port/package-based
OpenBSM, changing the auditd pointer may be desirable.
Obtained from: TrustedBSD Project
MFC after: 3 weeks
|
| | |
|
| |
|
|
| |
Sponsored by: home.pl
|
| |
|
|
|
|
|
| |
automatically work on multi-homed hosts and without explicite specification
of the hostname in the config file.
Submitted by: jmg
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Factor out the loopback setup
Use "me" instead of hardcoded $ip where possible.
Add "workstation" which protects just this machine with stateful
firewalling. Put the variables for this in rc.conf.
Submitted by: Flemming Jacobsen <fj@batmule.dk>
Reviewed by: cperciva
|
| |
|
|
|
|
|
|
| |
With this patch, pf rules with dynamically created devices such like tun0
works without further intervention.
Reviewed by: mlaier
MFC after: 3 days
|
| |
|
|
|
|
| |
Obtained from: OpenBSD
MFC After: 3 days
Approved by: mlaier (maintainer)
|
| |
|
|
|
|
|
|
| |
used.
Spotted by: ru
Reviewed by: ume
MFC after: 3 days
|
| |
|
|
|
|
| |
PR: conf/104507
Submitted by: Douglas K. Rand <rand@meridian-enviro.com>
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
+ Use rc.subr(8) features properly.
+ Do the whole job of obliterating /tmp contents in find(1).
+ Leave lost+found and quota.{user,group} in /tmp only if root-owned.
+ Make the overall structure clearer by first removing the X dirs
(perhaps along with the rest of /tmp) and then re-creating them.
+ Use "find -exec rm -rf {} +" for efficiency: each rm instance gets
a chance to kill as much files in /tmp as ARG_MAX permits.
PR: bin/104044
Submitted by: Andrey Simonenko <see PR for email>
Hacked by: yar
MFC after: 1 month
|
| |
|
|
| |
Document it and idmapd_enable.
|
| | |
|
| |
|
|
|
|
| |
description with a reference to the disktab(5) manpage.
PR: doc/48105
|
| |
|
|
|
|
|
|
| |
If ipv6_enable is not set to "YES", net.inet6.ip6.auto_linklocal
is turned to 0 at boot.
Discussed with: re@, gnn@
MFC after: 3 days
|
| |
|
|
|
|
|
| |
renaming /lib/libalias_*.so.4 to /lib/libalias_*.so.
Approved by: glebius
Reviewed by: glebius, ru
|
| |
|
|
|
|
| |
be coexist with ipv6_enable="YES".
MFC after: 3 days
|
| |
|
|
|
|
|
|
| |
PR: conf/101268
Submitted by: Eugene Grosbein <eugen@grosbein.pp.ru>
Approved by: cperciva (mentor)
X-MFC after: 6.2-RELEASE
Sponsored by: FreeBSD Test-Bugathon
|
| |
|
|
|
|
|
|
|
|
| |
read requests to its consumer. It has been developed to address
the problem of a horrible read performance of a 64k blocksize FS
residing on a RAID3 array with 8 data components, where a single
disk component would only get 8k read requests, thus effectively
killing disk performance under high load. Documentation will be
provided later. I'd like to thank Vsevolod Lobko for his bright
ideas, and Pawel Jakub Dawidek for helping me fix the nasty bug.
|
| |
|
|
|
|
|
|
| |
set there. This is required for consistency with /etc/rc.d/netif.
PR: conf/103893
Submitted by: Nick Hibma <nick at anywi.com>
MFC after: 3 days
|
| |
|
|
|
|
|
| |
in rc.conf
Reviewed by: KAME core team, cperciva
MFC after: 3 days
|
| |
|
|
| |
Noticed by: David Thompson <dat1965 yahoo com>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the first part of my previous Summer of Code work, we get:
-made libalias modular:
-support for 'particular' protocols (like ftp/irc/etcetc) is no more
hardcoded inside libalias, but it's available through external
modules loadable at runtime
-modules are available both in kernel (/boot/kernel/alias_*.ko) and
user land (/lib/libalias_*)
-protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
skinny and smedia
-added logging support for kernel side
-cleanup
After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.
During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.
User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.
The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).
General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.
NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.
Approved by: glebius
Reviewed by: glebius, ru
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
chance to actually terminate the audit service and exit. Otherwise, on
an rc.d/auditd restart, the new audit daemon instance may try to start
auditing while the previous session is still running. Likewise, this
ensures a chance for auditd to terminate the audit trail at system
shutdown.
Perhaps more ideally, the script would wait synchronously for auditd to
exit rather than for an arbitrary but short period of time.
MFC after: 3 days
Obtained from: TrustedBSD Project
|
| |
|
|
|
|
| |
before starting devd so they don't trip over each other.
PR: conf/103428
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
interface is an IPv6 interface.
Use this method to decide if we should attempt to configure an interface
with an IPv6 address in pccard_ether. The mechanism pccard_ether uses
to do this is unsuited to the task because it assumes the list of
interfaces it is passed is the full list of IPv6 interfaces and makes
decissions based on that. This is at least a step in the right
direction and is probably about as much as we can MFC safely.
PR: conf/103428
MFC after: 3 days
|
| |
|
|
|
|
|
| |
makes no sense. Remove the undocumented removable_route_flush feature
from pccard_ether.
X-MFC after: never
|
| |
|
|
|
| |
greping for UP in "ifconfig $ifn". This eliminates a dependancy on
/usr.
|
| |
|
|
| |
MFC after: 1 month
|
| |
|
|
| |
MFC after: 1 month
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Note that diskless_remount files may use ".." to support mounts above
the root path.
- Copy dot files when populating directories from /conf. [1]
PR: misc/102724 [1]
Submitted by: Attila Nagy <bra at fsn.hu> [1]
|
| |
|
|
| |
Obtained from: OpenBSD
|
| |
|
|
| |
login.conf resource limits and features.
|
| |
|
|
|
|
| |
repository.
Sponsored by: FreeBSD security development fundraiser
|
