| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Feature: for flexibility reasons and as a prerequisite to clean
shutdowns, allow the configuration of a stop/shutdown command
via rc.conf variable "jail_<name>_exec_stop" in addition to the
start/boot command (rc.conf variable "jail_<name>_exec_start"). For
backward compatibility reasons, rc.conf variable "jail_<name>_exec"
is still supported, too.
2. Debug: Add the used boot/shutdown commands to the debug output of
the /etc/rc.d/jail script, too.
3. Security: Run the Jail start/boot command in a cleaned environment
to not leak information from the host to the Jail during startup.
4. Feature: Run the Jail stop/shutdown command "jail_<name>_exec_stop" on
"/etc/rc.d/jail stop <name>" to allow a graceful shutdown of the Jail
before its processes are just killed.
5. Bugfix: When killing the remaining Jail processes give the processes
time to actually perform their termination sequence. Without this the
subsequent umount(8) operations usually fail because the resources
are still in use. Additionally, if after trying to TERM-inate the
processes there are still processes hanging around, finally just KILL
them.
6. Bugfix: In rc.shutdown, if running inside a Jail, skip the /etc/rc.d/*
scripts which are flagged with the KEYWORD "nojail" to allow the
correct operation of rc.shutdown under jail_<name>_exec_stop="/bin/sh
/etc/rc.shutdown". This is analogous to what /etc/rc does inside a Jail.
Now the following typical host-configuration for two Jails works as
expected and correctly boots and shutdowns the Jails:
-----------------------------------------------------------
# /etc/rc.conf:
jail_enable="YES"
jail_list="foo bar"
jail_foo_rootdir="/j/foo"
jail_foo_hostname="foo.example.com"
jail_foo_ip="192.168.0.1"
jail_foo_devfs_enable="YES"
jail_foo_mount_enable="YES"
jail_foo_exec_start="/bin/sh /etc/rc"
jail_foo_exec_stop="/bin/sh /etc/rc.shutdown"
jail_bar_rootdir="/j/bar"
jail_bar_hostname="bar.example.com"
jail_bar_ip="192.168.0.2"
jail_bar_devfs_enable="YES"
jail_bar_mount_enable="YES"
jail_bar_exec_start="/path/to/kjailer -v"
jail_bar_exec_stop="/bin/sh -c 'killall kjailer && sleep 60'"
-----------------------------------------------------------
# /etc/fstab.foo
/v/foo /j/foo/v/foo nullfs rw 0 0
-----------------------------------------------------------
# /etc/fstab.bar
/v/bar /j/bar/v/bar nullfs rw 0 0
-----------------------------------------------------------
Reviewed by: freebsd-hackers
MFC after: 2 weeks
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
rebadged Xircom REM56 RealPort card. Short MFC timeout to beat the 4.11
code freeze.
PR: 53027
Submitted by: John Merryweather Cooper <coop9211 at uidaho dot edu>
Approved by: imp (mentor)
MFC after: 2 days
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ifnet_rename() to support situations where rc.conf's $network_interfaces
variable is set to an explicit list of network interfaces (instead of
the default "auto").
Using "list_network_interfaces all" resulted in using
$network_interfaces for both interface _renaming_ and interface
_configuration_ which obviously cannot work either before (if the
new name is in $network_interfaces) or after (if the old name is in
$network_interfaces) renaming the interface.
|
| | |
|
| |
|
|
|
|
|
| |
for cleanup of pkg-plist files with respect to handling of the share/locale
subdirectories.
MFC after: 3 days
|
| |
|
|
|
|
| |
can't be removed as ofw_console(4) and zs(4) use them so one has to
live with some complaints about non-existent devices at boot time and
remove the respective entries locally for now.
|
| |
|
|
| |
Approved by: alfred
|
| |
|
|
|
|
|
|
| |
adapters from usbd.conf to devd.conf. USB ethernet devices were
already handled in devd.conf so this just removes their usbd.conf
entry.
PR: conf/73799
|
| |
|
|
|
|
| |
MFC after: 1 week
PR: conf/73239
Submitted by: Daan Vreeken
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
packet counts by pf(4).
This adds a ``daily_status_security_pfdenied_enable'' variable to
periodic.conf, which defaults to ``YES'' as the matching IPF(W) versions.
The output will look like this (line wrapped):
pf denied packets:
> block drop log on rl0 proto tcp all [ Evaluations: 504986 Packets: 0
Bytes: 0 States: 0 ]
> block drop log on rl0 all [ Evaluations: 18559 Packets: 427 Bytes: 140578
States: 0 ]
Submitted by: clive (thanks a lot!)
MFC after: 2 weeks
|
| |
|
|
| |
Spotted by: ceri
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
this feature for a jail named foo :
jail_foo_mount_enable="YES"
jail_foo_fstab="/etc/fstab.foo"
The second line is actually useless, since the code defaults to
using "/etc/fstab.$jailname" as the fstab file if none is specified.
MFC after: 3 days
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
|
| | |
|
| | |
|
| |
|
|
|
| |
Submitted by: Ben Kelly <ben.kelly@ieee.org>
PR: bin/64079
|
| | |
|
| |
|
|
| |
character for both.
|
| | |
|
| |
|
|
|
|
| |
the change in the default behavior may break existing, working setups.
Requested by: brooks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
These can be used to pass extra options to the mdmfs(8) utility,
to customize the finer details of the md file system creation
(i.e. to turn on/off softupdates, to specify a default owner for md
filesystem, etc).
Use these two new flags to mount tmpmfs and varmfs without
softupdates, since it doesn't make much sense to use SU on
malloc-backed file systems.
Reviewed by: mtm
Inspired by: J. D. Bronson, jbronson at wixb dot com
|
| | |
|
| |
|
|
|
| |
FEtherII PCC-TXD to the FEther PCC-TXD entry (since they appear to be
handled the same).
|
| |
|
|
|
| |
Now gmirror use shutdown hooks to mark mirrors as clean on shutdown,
so this is not needed anymore.
|
| |
|
|
|
| |
- The 'before ipfw' directive seems bogus, and should instead
be 'before rcconf'.
|
| |
|
|
| |
OK'ed by: phk
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
user (for creation of the zone journal file). This is separate from the
master/ directory for security. Give an example dynamic zone in the
sample named.conf.
Approved by: dougb
Noticed by: Eivind Olsen <eivind at aminor.no>
MFC after: 1 week
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
on the system.
To start/stop/check on a specific device give the device name as
the second argument to the script:
# /etc/rc.d/moused start ums0
To use different rc.conf(5) knobs with different mice use the device
name as part of the knob. For example, if the mouse device is ums0, then:
moused_ums0_enable=yes
moused_ums0_flags="-z 4"
moused_ums0_port="/dev/ums0"
Starting rc.d/moused without the device argument will use the standard
moused_* flags. So, this commit should not disrupt or change current usage.
To preserve current behaviour with respect to usb mice, which appear
automatically when inserted, there is a new knob, moused_nondefault_enable,
which will treat any devices without rc.conf knobs as enabled.
To minimize knobs in /etc/rc.conf, the device file and pid file are
auto-computed, so that in the typical case for a usb mouse you don't
need to add anything extra in /etc/rc.conf to get it working.
Additionally, this updates /etc/usbd.conf to use the rc.d/moused script so
people don't have to modify it to configure their usb mouse anymore.
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
| |
Now, one should be able to put something like this into /etc/rc.conf:
ifconfig_fxp0_name="net0"
ifconfig_net0="inet 10.0.0.1/16"
Reviewed by: green
|
| |
|
|
|
|
| |
- Before flushing rules in 'reload' command, check first if rules are
correct.
- Do not duplicate checking if $pf_rules file exists.
|
| |
|
|
| |
any fake value.
|
| |
|
|
|
| |
will show the real device name
- show different error messages for missing dump device and directory
|
| |
|
|
|
|
| |
programs may need to use the symlinks and permissions that it sets up.
Discussed on: -current
|
| |
|
|
| |
and natd_enable is true.
|
| |
|
|
|
|
|
|
|
| |
unbreak /etc/rc.d/root for diskless systems that get their root
filesystem from a read-only NFS mount.
PR: conf/72927
Submitted by: Ralf Wenk <RZ-FreeBSD1004@fh-karlsruhe.de>
Reviewed by: brooks
|
| | |
|
| |
|
|
|
| |
create a symbolic link /dev/dumpdev designating that device so
savecore can find and save a previous kernel dump.
|
| |
|
|
| |
Submitted by: ache
|
| |
|
|
| |
Reviewed by: des
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
do not have these device special files. Where this previously failed
quietly, it now emits annoying but complete messages at best and
incomprehensible prefixes on average. During all of October, this is
a string of 16 O's, as in:
:
Starting inetd.
Sun Oct 17 15:09:09 PDT 2004
OOOOOOOOOOOOOOOO
FreeBSD/ia64 (itanium.pn.xcllnt.net) (ttyu2)
login:
|
| |
|
|
|
|
|
|
|
|
|
| |
_msg="a" \
" b"
to concat the strings. Use
_msg="a"
_msg="$_msg b"
instead (intent is to not exceed 80 chars per line).
MFC after: 1 week
|
| |
|
|
| |
Forgotten by: dougb
|
| |
|
|
| |
Skipped by: mtm (/me glares at mtm) :)
|
| | |
|
| | |
|
| |
|
|
|
|
| |
pointed out that /usr/local/etc/rc.d/000.pkgtools.sh installed
with the portupgrade does an equivalent thing, so I personally
would like to see the change reverted, but let David handle it.
|
| | |
|
