summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Introduce a new option -DNO_ROOT that allows install and distributionbrooks2013-01-221-0/+17
| | | | | | | | | | | | | | | targets to be run without root privilege. Information about ownership, group, flags, and suid bits are stored in the file specified by METALOG which defaults to ${DESTDIR}/METALOG. This file can be used in conjunction with bsdtar or makefs to generate archives or file system images with correct permissions. The packageworld target has been altered to use this metadata allowing non-root releases (subject to further changes in release/Makefile.) Sponsored by: DARPA, AFRL Reviewed by: ian, ray
* Replace all known uses of ln in the build process with appropriatebrooks2013-01-211-7/+10
| | | | | | | | install -l invocations via new INSTALL_LINK and INSTALL_SYMLINK variables. Sponsored by: DARPA, AFRL Reviewed by: ian, ray, rpaulo
* In r245571, "rm -rf <foo>; ln -s <bar> <foo>" needed to be replaced withbrooks2013-01-171-7/+7
| | | | | | | | | "ln -sfh <bar> <foo>" or the links would fail when a valid link to a directly was in place at <foo>. Reported by: peter Tested by: peter Pointy hat to: brooks
* In preparation for logging metadata about each filesystem objectbrooks2013-01-171-19/+13
| | | | | | | | | | | | refactor the link section of distrib-dirs to alwasy install to a full path (the link contents remain relative as they should). Eliminate the use of the "rm -r[f] <foo>; ln -s <bar> <foo>" pattern in favor of "ln -sf <bar> <foo>". None of these links could be directories on a system installed in the last decade. Sponsored by: DARPA, AFRL Reviewed by: mtree
* Rework the mtree portion of etc/Makefile's distrib-dirs target to runbrooks2013-01-171-12/+23
| | | | | | | | mtree in a shell loop so there is only one mtree commandline. Move the implementation of LOCAL_MTREE into etc/Makefile. Sponsored by: DARPA, AFRL Reviewed by: mtree :)
* Add a conditional sleep 1 in case we add any IPv6 addresses to interfaces.bz2013-01-171-1/+8
| | | | | | | | | Do this per jail started, not per address. This will allow DAD to complete and services to properly start. Before we have seen problems with services trying to start before the IPv6 address was available to use and thus erroring and failing to start. MFC after: 3 days
* According to the notes in ObsoleteFiles.inc we last installed sectionbrooks2013-01-161-8/+0
| | | | 1aout manpages in 2002. Stop making the directories and links to them.
* Add an option DB_FROM_SRC to use src/etc's user/group databases whenbrooks2013-01-151-8/+10
| | | | | | | | | | | | | installing. This allows things like running installworld for 10-CURRENT on a 9.0-RELEASE system without adding extra users and groups to the passwd and group files. To prevent potentially risky uid/gid mismatches on systems with non-standard local values, require that DESTDIR be set if DB_FROM_SRC is set. Sponsored by: DARPA, AFRL Reviewed by: peter
* Revert r245316. Systems with non-standard uids/gids are more prevalentbrooks2013-01-111-10/+8
| | | | | that I'd feared. Discussion is ongoing about the scope of a safer solution.
* Use the -N option to install and nmtree to eliminate the need for thebrooks2013-01-111-8/+10
| | | | | | checks for missing users and groups. Sponsored by: DARPA, AFRL
* Allow perl scripts to be used in rc.d scriptssmh2013-01-101-1/+1
| | | | | | | PR: conf/117027 Reviewed by: pjd (mentor) Approved by: hrs MFC after: 2 weeks
* Not using the full domain was a really bad idea.peter2013-01-061-1/+1
|
* Update with new IPv4 address for D root.erwin2013-01-041-5/+5
| | | | Approved by: delphij (mentor)
* Minor changes to force commit these files so new freebsd*.cf files aregshapiro2012-12-292-2/+3
| | | | | | | | built to use the new sendmail-8.14.6/cf tree. While here, update DNSBL link once again. MFC after: 4 days
* Add missing closing quote on commented out examplegshapiro2012-12-291-1/+1
| | | | | | PR: bin/174108 Obtained from: Julian H. Stacey MFC after: 1 day
* Fix location of /var/audit/dist and /var/audit/remote.ume2012-12-281-1/+1
| | | | | | | Note that those who did installworld after r243752 should remove wrongly created /var/dist and /var/remote. Reviewed by: pjd
* Don't reload syslogd after rotating sendmail.st, as this file isn'tmarkj2012-12-201-1/+1
| | | | | | | | managed by syslogd. PR: conf/169973 Approved by: rstone (co-mentor) MFC after: 1 week
* make installation of the 220.backup-pkgdb periodic script depend on PKGTOOLSbapt2012-12-201-2/+2
| | | | knob
* - Set memorylocked limit to 64Kb for default login class.zont2012-12-181-1/+3
| | | | | | | | | | | | This prevents unprivileged users to lock too much memory. - Set memorylocked limit to 64Mb for daemon login class. Some daemons such as amd(8) and watchdogd(8) calls mlockall(2) on startup, they are run from init(8) which uses daemon login class. - Set memorylocked limit to unlimited for root login class. Suggested by: avg Approved by: kib (mentor) MFC after: 1 week
* Use new savecore(8) option and limit number of kernel dumps that willpjd2012-12-161-1/+3
| | | | | | | | | be kept around to the 10 most recent ones. Add UPDATING entry with info how to return to the previous behaviour (no limits). Obtained from: WHEEL Systems
* Regenerate usb.confhselasky2012-12-151-1/+25
| | | | MFC after: 1 week
* - When checking if a dump exists on the given device there is no need topjd2012-12-141-1/+1
| | | | | | | | | | | | | | | | provide dump directory. Eliminate this redundant argument. This changes the usage, but the only risk here is that a warning will be printed about directory given as device. - Update usage of -C option. - When clearing dump header from the given device there is also no need to provide dump directory, although additional arguments for -c were not documented. - Document that -v can be used with -c and that list of devices can be given. Obtained from: WHEEL Systems
* Teach sysctl(8) about parsing a file (while I'm there also give itdelphij2012-12-131-37/+13
| | | | | | | capability of parsing both = and : formats). Submitted by: hrs (initial version, bugs are mine) MFC after: 3 months
* Fix the location of auditdistd configuration file.pjd2012-12-131-1/+1
| | | | Reported by: Johan Hendriks <joh.hendriks@gmail.com>
* Sync pf.os with OpenBSD:delphij2012-12-101-2/+10
| | | | | | | add a handful of linux signatures from p0fv2 and some other signatures from observation. MFC after: 2 weeks
* Add a new 900MHz GSM regulatory SKU for the Xagyl Communications XC900M.adrian2012-12-071-0/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | The XC900M acts as a Ubiquiti XR9 (and I _think_ SR9) by default; it uses the same 900MHz<->2.4GHz downconverter mapping. However it has an alternative frequency mapping which squeezes in a couple more half/quarter rate channels. Since the default HAL doesn't support fractional tuning (sub-1MHz) in 2.4GHz mode on the AR5413/AR5414, they implement it using a jumper. Datasheet: http://www.xagyl.com/download/XC900M_Datasheet.pdf Thankyou to Xagyl Communications for the XC900M NICs and Edgar Martinez for organising the donation. Tested: * XC900M <-> XC900M * Ubiquiti XR9 <-> XC900M TODO: * Test against SR9 and GZ901 if possible (the IEEE channel<->frequency mapping may not match up, thanks to the slightly different channels involved)
* Remove hack to emulate effective uid and just use the EUID's name in theeadler2012-12-051-4/+1
| | | | | | | | | first place. I was unaware of this option when originally committing this change. Submitted by: gcooper Approved by: cperciva MFC after: 3 days
* Merge a number of changes required to hook up OpenBSM 1.2-alpha2'srwatson2012-12-017-0/+32
| | | | | | | | | | | | | | | | | | | auditdistd (distributed audit daemon) to the build: - Manual cross references - Makefile for auditdistd - rc.d script, rc.conf entrie - New group and user for auditdistd; associated aliases, etc. The audit trail distribution daemon provides reliable, cryptographically protected (and sandboxed) delivery of audit tails from live clients to audit server hosts in order to both allow centralised analysis, and improve resilience in the event of client compromises: clients are not permitted to change trail contents after submission. Submitted by: pjd Sponsored by: The FreeBSD Foundation (auditdistd)
* Regenerate usb.confhselasky2012-11-281-2/+13
| | | | MFC after: 1 week
* Fix typo in weekly line which made it to rotated after reaching > 1 Kb.glebius2012-11-261-1/+1
| | | | | PR: conf/173857 Submitted by: Matt Smith <matt xtaz.co.uk>
* Revert r243228. This commit appears to cause more trouble thancrees2012-11-211-1/+1
| | | | | it was designed to avoid; the issue described in the PR was no longer an issue anyway.
* Do not put "already running" message when rc_quiet=yes.hrs2012-11-201-1/+4
| | | | PR: bin/165477
* cp -R misses out dotfiles; use pax instead to copy file hierarchiescrees2012-11-181-1/+1
| | | | | | | PR: conf/99721 (based on) Submitted by: Florian Zavatzki <f_zavatzki@blue-network.org> Approved by: hrs MFC after: 1 month
* Fix condition to check if the maximum number of FIBs is greater than 0 or not.hrs2012-11-181-1/+1
| | | | Spotted by: zont
* Use -fib N modifier to add/delete a route to/from multiple FIBs.hrs2012-11-171-33/+11
|
* Add check_namevarlist() to check if ${name}_var is reserved in rc.subr or not.hrs2012-11-171-0/+17
|
* last commit was a mistakeeadler2012-11-161-1/+1
| | | | | Pointyhat to: me (for real) Approved by: cperciva (implicit)
* dot.login is supposed to be for bourne shell, not csheadler2012-11-161-1/+1
| | | | | Pointyhat to: me Approved by: cperciva (implicit)
* Using set -x produces output on stderr instead of stdout.eadler2012-11-151-4/+2
| | | | | | | | | | | It also doesn't work with make -s. Prefer the use of builtin make features. PR: misc/126312 Reported by: Nejc Skoberne <nejc@skoberne.net> Submitted by: bdrewery Approved by: cperciva MFC after: 1 week
* Only pass ip[46].addr when _addrl contains a valueeadler2012-11-151-1/+2
| | | | | | | Submitted by: crees Reviewed by: Mike Jakubik <mike.jakubik@intertainservices.com> Approved by: cperciva MFC after: 2 weeks
* Not only load pccard_ether settings, also load network settings. Thisn_hibma2012-11-081-0/+1
| | | | | | | | is only a problem when a /etc/rc.conf.d/network file is being used. PR: conf/160373 Submitted by: n_hibma MFC after: 1 week
* The first line must contain "Content-Type:". Move the $FreeBSD$marcel2012-11-072-2/+2
| | | | | | keyword line to the comment block underneath. Submitted by: Garrett Cooper <yanegomi@gmail.com>
* Change default prompt to show ~ again for the home directorybapt2012-11-041-1/+1
| | | | | Submitted by: flo Approved by: eadler
* Revert the change that makes less default.eadler2012-11-031-1/+1
| | | | | | | | | | | | | | | | | Since I've committed this I've receieved roughly an equal amount of email thanking me for making this change and asking me to revert it. I've resisted making this change because new users tend to prefer less over more and these users are the least likely to know how to change the PAGER on their own. Requested by: many Objected to: just as many Decision made by: core Approved by: cperciva MFC after: 3 days
* 10 years too late add support for "2.88MB 3.5in Extra High Density"eadler2012-11-021-0/+6
| | | | | | | | | | | | | | floppies. Its unlikely that anyone actually uses these or cares about these anymore, since we support other floppy types and this change doesn't hurt - just add it. PR: conf/40777 Submitted by: Antti Kantee <pooka@cubical.fi> Arrival-Date: Fri Jul 19 08:50:02 PDT 2002 Approved by: cperciva (implicit) MFC after: 1 week
* The test fails with "exit 1" if /usr/games/fortune doesn't actuallyeadler2012-11-011-1/+1
| | | | | | | | | | | exist. Fix that. PR: conf/71994 Submitted by: Mikael Eklund <rma@ludd.ltu.se> Reviewed by: crees Reviewed by: jilles Approved by: cperciva (implicit) MFC after: 3 days
* Load ipdivert.ko when natd_enable=YES.hrs2012-10-291-4/+4
| | | | PR: conf/167566
* Add setfib(1) support for services as <name>_fib in rc.conf.hrs2012-10-271-1/+6
|
* Allow spaces in _chrootcrees2012-10-271-3/+3
| | | | | | Noticed by: adj (IRC/#bsdports) Approved by: hrs MFC after: 1 month
* Fix an issue when ipv6_enable=YES && ipv6_gateway_enable=YES which couldhrs2012-10-272-5/+5
| | | | | | | prevent rtadvd(8) from working as intended. Spotted by: brian Discussed with: brian
OpenPOWER on IntegriCloud