summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Correct US Robotics Wireless Card 2410 entryimp2002-05-241-1/+1
|
* Add a new make.conf knob, SENDMAIL_MAP_PERMS, which specifies thegshapiro2002-05-241-0/+6
| | | | | | | | | permissions to use for alias and map database files built by /etc/mail/Makefile. The default is 0640 to assist users in avoiding a file locking local denial of service. MFC after: 1 day pending RE approval
* Change the default permissions for the sendmail statistics file to 0640gshapiro2002-05-242-2/+2
| | | | | | | | instead of 0644 to help protect users against a file locking local denial of service. MFC after: 1 day pending RE approval
* Add a warning regarding localhost-only listening daemons inside jails.gshapiro2002-05-221-5/+6
| | | | | | | | | | Apparently binding only to 127.0.0.1 inside of a jail actually binds to the jail IP address as well (in effect, bind to all available interfaces in the jail). Submitted by: Helge Oldach <test-smtp@oldach.net> MFC after: 1 day pending RE approval
* Build sccs(1) docs.ru2002-05-221-0/+2
|
* Added share/doc/[pu]sd entries.ru2002-05-221-0/+20
| | | | Reviewed by: grog
* There are still many broken nameservers out there in the wild. Evengshapiro2002-05-211-0/+1
| | | | | | | | | | though I would personally prefer to see the broken nameservers fixed instead of standards compliant applications work around them, I can't force FreeBSD users to help fight that battle. Submitted by: Damon Anton Permezel <dap@damon.com> MFC after: 2 days pending RE approval
* Explictly set kerberos_stash to NO instead of blank. While we are at it,gordon2002-05-201-2/+2
| | | | | | | | | fix a comment that suggested setting ipv6_ipv4mapping to blank. This will aid in merging with rcng which requires all veriables to be explicitly set. Submitted by: Mike Makonnen MFC after: 1 week
* Remove Perl and TCL/TK bits, neither of which are in the base systemmarkm2002-05-181-2/+0
| | | | (anymore).
* Sigh, this README is not a shell script.ru2002-05-181-1/+1
|
* Remind developers to update hier(7) if they make changes to these files.ru2002-05-181-0/+2
|
* We haven't needed libg++ since 1999-04-04 (pre 4.0).obrien2002-05-181-2/+0
|
* Fix the order of shutdown scripts so it not only reverses the order of thegordon2002-05-181-2/+14
| | | | | | | | | | files in each ${local_startup} directory, it also reverses the order of the directories. Suggested by: jhb Reviewed by: jake Approved by: dougb MFC after: 1 week
* Temporarily change our umask to 066 so that the potential creationbrian2002-05-171-0/+3
| | | | | | | | | | of wtmp.0 is done as mode 600. This ensures that tight permissions set in /etc/newsyslog.conf for wtmp logging aren't ``betrayed''. Suggested by: lumpy <lumpy@the.whole.net> MFC after: 3 days
* Change ``dmesg -a'' to ``dmesg''.brian2002-05-171-1/+1
| | | | | | | | | | | The change was introduced in src/etc/security 1.53 almost a year ago in an attempt to see ipfw deny message logs. However, ipfw deny/reject logs have been displayed since version 1.13 of the same file as a separate ``job'' and have since moved to src/etc/periodic/security/500.ipfwdenied. MFC after: 3 days
* Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}brian2002-05-177-7/+7
| | | | | Problem reported by: lumpy <lumpy@the.whole.net> MFC after: 3 days
* Return 3 unless $daily_status_security_enable != YES.brian2002-05-171-1/+1
| | | | | | Returning $? masks security output when ``periodic security'' is successful ! MFC after: 3 days
* No need to build perl dirs anymore.markm2002-05-162-156/+0
|
* MF4: sync with RELENG_4 version as much as possible.ru2002-05-161-0/+3
|
* Consistancy, file system > filesystemtrhodes2002-05-162-6/+6
|
* Time to enter modern age and default to NFS version 3.obrien2002-05-151-1/+1
|
* It is dangerous to use globbing like so in startup scripts:nectar2002-05-081-1/+3
| | | | | | | | | rm -f /tmp/.X11-unix/* If /tmp/.X11-unix didn't already exist, a user could symlink it to a directory with files that he wants to wipe out, and wait for next reboot. Reported by: lumpy <lumpy@the.whole.net>
* Fix typo.gshapiro2002-05-081-1/+1
| | | | | | Submitted by: Marius Strom <marius@marius.org> MFC after: 1 day and RE approval
* Use pam_lastlog(8)'s new no_fail option.des2002-05-083-3/+3
| | | | Sponsored by: DARPA, NAI Labs
* This is two new entries for Taiwanese 16bit PCMCIA cards.keichii2002-05-071-0/+11
| | | | | | | | | The Blue Concentric CF 802.11b card is a compactflash form-factored card that does 802.11b, including 128bit encryption. The Zonet modem pccard is a simple FAX/Modem card. Both are sold in Guang-Hua Market in Taipei, and functions perfectly with -current and -stable.
* Fix the output when daily_status_mailq_shorten is set to YESbrian2002-05-071-4/+4
| | | | | | PR: 23766 Mostly submitted by: lambert@ssabsd.csw.net MFC after: 3 days
* Include 'www' in the list of forbidden ftp users.maxim2002-05-071-0/+1
| | | | | Reviewed by: sheldonh MFC after: 3 days
* Remove leading whitespace from the setuid file lists.cjc2002-05-051-2/+2
| | | | | | | | | | | | | | Due to the way we run ls(1), through xargs(1), the leading whitespace can change even when the setuid files haven't. To avoid displaying these lines, we currently run diff(1) with the '-w' option. However, this is probably not the ideal way to go; there is a very, very small possibility for diff(1) to miss things is shouldn't. So, with the leading space cleaned, we can revert to the '-b' option which is "safer." PR: conf/37618 Reviewed by: brian MFC after: 3 days
* Add a PAM policy for rexecd(8).des2002-05-022-1/+17
| | | | Sponsored by: DARPA, NAI Labs
* xdm plays horrid tricks with PAM, and dumps core if it's allowed to calldes2002-05-022-0/+2
| | | | | | | | pam_lastlog, so add a dummy session chain to avoid using the one from pam.d/other. I assume gdm does something similar, so give it a dummy session chain as well. Sponsored by: DARPA, NAI Labs.
* Handle .bz2 files created by newsyslogbrian2002-04-302-0/+7
| | | | | | PR: 37529 Partially submitted by: Peter Hollaubek <fifteen@inext.hu> MFC after: 1 week
* Don't use ISO_8859 when I should use ISO8859.dwmalone2002-04-291-1/+1
|
* Add no_warn to pam_lastlog. This should prevent xdm from dumping coredes2002-04-291-1/+1
| | | | when linked with Linux-PAM.
* Add a French calendar.dwmalone2002-04-281-0/+2
| | | | | | PR: 32265 Submitted by: Thierry Thomas <thierry@pompo.net> MFC after: 1 week
* Remove reference to the TCP_RESTRICT_RST option, which was removeddougb2002-04-271-3/+3
| | | | | | over a year ago. Small ws twiddle while I'm here.
* Rename the file used to specify the nextboot to make it clear that thiswes2002-04-261-1/+1
| | | | | | | is a loader configuration file and can be used for more than just a kernel name. Submitted by: Gordon Tetlow <gordont@gnf.org>
* Milestone #1 in cross-arch make releases.ru2002-04-261-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not install games and profiled libraries to the ${CHROOTDIR} with the initial installworld. Eliminate the need in the second installworld. For that, make sure _everything_ is built in the "world" environment, using the right tool chain. Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1. Split the buildworld process into stages, and skip some stages when SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5 dists). Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running makewhatis(1) at the end of installworld (used when making crypto, krb4, and krb5 dists). In release/scripts/doFS.sh, ensure that the correct boot blocks are used. Moved the creation of the "crypto" dist from release.5 to release.2. In release.3 and doMFSKERN, build kernels in the "world" environment. KERNELS now means "additional" kernels, GENERIC is always built. Ensure we build crunched binaries in the "world" environment. Obfuscate release/Makefile some more (WMAKEENV) to achieve this. Inline createBOOTMFS target. Use already built GENERIC kernel modules to augment mfsfd's /stand/modules. GC doMODULES as such. Assorted fixes: Get rid of the "afterdistribute" target by moving the single use of it from sys/Makefile to etc/Makefile's "distribute". Makefile.inc1: apparently "etc" no longer needs to be last for "distribute" to succeed. gnu/usr.bin/perl/library/Makefile.inc: do not override the "install" and "distribute" targets, do it the "canonical" way. release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and catpages appear in the right dists. Note that because Perl does not respect the MANBUILDCAT (and NOMAN), this results in a loss of /usr/share/perl/man/cat* empty directories. This will be fixed soon. Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it means "make KerberosIV"), as documented in the make.conf(5) manpage. Most of the userland makefiles did not test it for "YES" anyway. XXX Should specialized kerberized libpam versions be included into the krb4 and krb5 dists? (libpam.a would be incorrect anyway if both krb4 and krb5 dists were choosen.) Make sure "games" dist is made before "catpages", otherwise games catpages settle in the wrong dist. Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
* Add a -k option to reboot to specify the kernel to boot next timewes2002-04-261-0/+4
| | | | | | | | | | | | | | | | around. If the kernel boots successfully, the record of this kernel is erased, it is intended to be a one-shot option for testing kernels. This could be improved by having the loader remove the record of the next kernel to boot, it is currently removed in /etc/rc immediately after disks are mounted r/w. I'd like to MFC this before the 4.6 freeze unless there is violent objection. Reviewed by: Several on IRC MFC after: 4 days
* Change the name of the 'bin' distribution to 'base'.obrien2002-04-231-2/+2
| | | | | | | This is done since it contains much more than /bin, and also gets in the way when making a combined install+fixit CD. OK'ed by: jkh
* sys.mk no longer includes bsd.own.mk so I need to include it here forgshapiro2002-04-231-0/+3
| | | | | | the definition of SHAREMODE. Submitted by: Udo Schweigert <Udo.Schweigert@siemens.com>
* Correct default value of drainwait: it should be 300 seconds, not forever.sobomax2002-04-232-2/+2
| | | | | | PR: 37370 Submitted by: Daniel O'Connor <doconnor@gsoft.com.au> MFC after: 2 weeks
* Do not use 'ps -e' for entropy gathering. It uses /proc/*/mem to rummageobrien2002-04-231-1/+1
| | | | | | | around *user* memory to extract the environment variable strings. This is problematic for us. Submitted by: peter
* Utilize dhcp information in the kernel environment if we don't haveobrien2002-04-223-3/+60
| | | | | | hostname and DNS information already. Submitted by: Danny Braniss <danny@cs.huji.ac.il>
* Bring in changes from smbfs-1.4.4.sheldonh2002-04-221-2/+3
|
* Usage style sweep: spell "usage" with a small 'u'.des2002-04-223-3/+3
| | | | | Also change one case of blatant __progname abuse (several more remain) This commit does not touch anything in src/{contrib,crypto,gnu}/.
* Non-sendmail users use the FreeBSD sendmail startup functionality to startgshapiro2002-04-213-197/+1
| | | | | | | | | | | | alternative MTAs. Therefore, always install rc.sendmail, regardless of NO_SENDMAIL make.conf setting. Users can still set mta_start_script to a different script. This commit is after a repo-copy of src/etc/sendmail/rc.sendmail to src/etc/rc.sendmail. Noticed by: Calvin NG <calvinng@brel.com> MFC after: 3 days
* Consistently use full pathnames for files, especially executables.cjc2002-04-211-4/+4
| | | | | | PR: conf/37292 Submitted by: Helge Oldach <send-pr@oldach.net> MFC after: 3 days
* In my continuing crusade to make life better for non-sendmail users, avoidgshapiro2002-04-203-2/+20
| | | | | | | | the creation of /var/spool/clientmqueue and therefore the need for the smmsp user and group if NO_SENDMAIL is defined. This required breaking out the creation of the directory into a new BSD.sendmail.dist mtree file. MFC after: 1 week
* Don't list pam_unix in the session chain, since it does not provide anydes2002-04-189-11/+1
| | | | | | session management services. Sponsored by: DARPA, NAI Labs
* Fixed bugs in previous revision:ru2002-04-181-20/+6
| | | | | | | | | | | | | Added NOOBJ if anyone even attempts to "make obj" here. Revert to installing files with mode 644 except README. Make this overall look like a BSD-style Makefile rather than roll-your-own (this is not a bug). For the record. Previous revision also fixed the breakage introduced by the sys.mk,v 1.60 commit: bsd.own.mk is no longer automatically included from sys.mk. Reported by: jhay
OpenPOWER on IntegriCloud