From fcb1c0aa6d23f22394a713ca07e5b4fe2d77270f Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Sun, 8 Sep 2013 09:40:23 +0000
Subject: Create a private library directory (LIBPRIVATEDIR) for libraries
 which we don't want to expose but which can't or shouldn't be static.

To mark a library as private, define PRIVATELIB in its Makefile.  It
will be installed in LIBPRIVATEDIR, which is normally /usr/lib/private
(or /usr/lib32/private for 32-bit libraries on 64-bit platforms).

To indicate that a program or library depends on a private library,
define USEPRIVATELIB in its Makefile.  The correct version of
LIBPRIVATEDIR will be added to its run-time library search path.

Approved by:	re (blanket)
---
 etc/mtree/BSD.usr.dist | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'etc')

diff --git a/etc/mtree/BSD.usr.dist b/etc/mtree/BSD.usr.dist
index 636a5d2..c06d3e1 100644
--- a/etc/mtree/BSD.usr.dist
+++ b/etc/mtree/BSD.usr.dist
@@ -24,12 +24,16 @@
         ..
         i18n
         ..
+        private
+        ..
     ..
     lib32
         dtrace
         ..
         i18n
         ..
+        private
+        ..
     ..
     libdata
         gcc
-- 
cgit v1.1


From 89699e113faea33b4d774b5e403372f58d276c5b Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Sun, 8 Sep 2013 09:46:22 +0000
Subject: Add a stock libmap32.conf for amd64.  The first two lines have no
 effect except to document the hardcoded standard library search path for
 32-bit binaries.  The third line performs the equivalent substitution for the
 private library directory.

Ironically, these entries rely on functionality which is only available
in the COMPAT_32BIT version of rtld-elf.

Approved by:	re (blanket)
---
 etc/Makefile                | 4 ++++
 etc/etc.amd64/libmap32.conf | 4 ++++
 2 files changed, 8 insertions(+)
 create mode 100644 etc/etc.amd64/libmap32.conf

(limited to 'etc')

diff --git a/etc/Makefile b/etc/Makefile
index 6e2a716..2210cc6 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -50,6 +50,10 @@ BIN1=	crontab \
 	syslog.conf \
 	termcap.small
 
+.if ${MACHINE} == "amd64"
+BIN1+=	etc.${MACHINE}/libmap32.conf
+.endif
+
 .if exists(${.CURDIR}/etc.${MACHINE}/ttys)
 BIN1+=	etc.${MACHINE}/ttys
 .elif exists(${.CURDIR}/etc.${MACHINE_ARCH}/ttys)
diff --git a/etc/etc.amd64/libmap32.conf b/etc/etc.amd64/libmap32.conf
new file mode 100644
index 0000000..6096e21
--- /dev/null
+++ b/etc/etc.amd64/libmap32.conf
@@ -0,0 +1,4 @@
+# $FreeBSD$
+/lib			/lib32
+/usr/lib		/usr/lib32
+/usr/lib/private	/usr/lib32/private
-- 
cgit v1.1


From ea72ce4e68ff79a2be0f5950aecfbbf809fd6afa Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Mon, 9 Sep 2013 06:02:30 +0000
Subject: Remove unneeded mappings from libmap32.conf.  Move it up one level
 and install it on powerpc64 in addition to amd64.

Reviewed by:	kib
Approved by:	re (blanket)
---
 etc/Makefile                | 4 ++--
 etc/etc.amd64/libmap32.conf | 4 ----
 etc/libmap32.conf           | 2 ++
 3 files changed, 4 insertions(+), 6 deletions(-)
 delete mode 100644 etc/etc.amd64/libmap32.conf
 create mode 100644 etc/libmap32.conf

(limited to 'etc')

diff --git a/etc/Makefile b/etc/Makefile
index 2210cc6..b6e1e37 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -50,8 +50,8 @@ BIN1=	crontab \
 	syslog.conf \
 	termcap.small
 
-.if ${MACHINE} == "amd64"
-BIN1+=	etc.${MACHINE}/libmap32.conf
+.if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "powerpc64"
+BIN1+=	libmap32.conf
 .endif
 
 .if exists(${.CURDIR}/etc.${MACHINE}/ttys)
diff --git a/etc/etc.amd64/libmap32.conf b/etc/etc.amd64/libmap32.conf
deleted file mode 100644
index 6096e21..0000000
--- a/etc/etc.amd64/libmap32.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-# $FreeBSD$
-/lib			/lib32
-/usr/lib		/usr/lib32
-/usr/lib/private	/usr/lib32/private
diff --git a/etc/libmap32.conf b/etc/libmap32.conf
new file mode 100644
index 0000000..07fb138
--- /dev/null
+++ b/etc/libmap32.conf
@@ -0,0 +1,2 @@
+# $FreeBSD$
+/usr/lib/private	/usr/lib32/private
-- 
cgit v1.1


From 2a48fed0b32ceb1567f3b7e33835bacfdf3e0971 Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Mon, 9 Sep 2013 17:38:02 +0000
Subject: The correct variable is apparently MACHINE_ARCH, not TARGET_ARCH.

Approved by:	re (blanket)
---
 etc/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/Makefile b/etc/Makefile
index b6e1e37..ae52d79 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -50,7 +50,7 @@ BIN1=	crontab \
 	syslog.conf \
 	termcap.small
 
-.if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "powerpc64"
+.if ${MACHINE_ARCH} == "amd64" || ${MACHINE_ARCH} == "powerpc64"
 BIN1+=	libmap32.conf
 .endif
 
-- 
cgit v1.1


From fb54646ac9d6c54d3873fc73c0ddfaec79b684a2 Mon Sep 17 00:00:00 2001
From: cy <cy@FreeBSD.org>
Date: Tue, 10 Sep 2013 13:48:33 +0000
Subject: ipfilter 5.1.2 no longer supports sysctl. Use ipf -V to determine if
 available (the kernel module is loaded or compiled into the kernel).

Approved by:	glebius (mentor)
Approved by:	re (blanket)
---
 etc/rc.d/ipfilter | 6 ++----
 etc/rc.d/ipfs     | 2 +-
 etc/rc.d/ipmon    | 2 +-
 3 files changed, 4 insertions(+), 6 deletions(-)

(limited to 'etc')

diff --git a/etc/rc.d/ipfilter b/etc/rc.d/ipfilter
index ec8e2f1..d540a6f 100755
--- a/etc/rc.d/ipfilter
+++ b/etc/rc.d/ipfilter
@@ -29,7 +29,7 @@ required_modules="ipl:ipfilter"
 ipfilter_start()
 {
 	echo "Enabling ipfilter."
-	if [ `sysctl -n net.inet.ipf.fr_running` -le 0 ]; then
+	if ! ${ipfilter_program:-/sbin/ipf} -V | grep -q 'Running: yes'; then
 		${ipfilter_program:-/sbin/ipf} -E
 	fi
 	${ipfilter_program:-/sbin/ipf} -Fa
@@ -37,7 +37,6 @@ ipfilter_start()
 		${ipfilter_program:-/sbin/ipf} \
 		    -f "${ipfilter_rules}" ${ipfilter_flags}
 	fi
-	${ipfilter_program:-/sbin/ipf} -6 -Fa
 	if [ -r "${ipv6_ipfilter_rules}" ]; then
 		${ipfilter_program:-/sbin/ipf} -6 \
 		    -f "${ipv6_ipfilter_rules}" ${ipfilter_flags}
@@ -46,8 +45,7 @@ ipfilter_start()
 
 ipfilter_stop()
 {
-	# XXX - The ipf -D command is not effective for 'lkm's
-	if [ `sysctl -n net.inet.ipf.fr_running` -eq 1 ]; then
+	if ${ipfilter_program:-/sbin/ipf} -V | grep -q 'Running: yes'; then
 		echo "Saving firewall state tables"
 		${ipfs_program:-/sbin/ipfs} -W ${ipfs_flags}
 		echo "Disabling ipfilter."
diff --git a/etc/rc.d/ipfs b/etc/rc.d/ipfs
index ff4c74d..ac6d5c2 100755
--- a/etc/rc.d/ipfs
+++ b/etc/rc.d/ipfs
@@ -23,7 +23,7 @@ ipfs_prestart()
 	if ! checkyesno ipfilter_enable -o ! checkyesno ipnat_enable ; then
 		err 1  "${name} requires either ipfilter or ipnat enabled"
 	fi
-	if ! sysctl net.inet.ipf.fr_pass >/dev/null 2>&1; then
+	if ! ${ipfilter_program:-/sbin/ipf} -V | grep -q 'Running: yes' >/dev/null 2>&1; then
 		err 1 "ipfilter module is not loaded"
 	fi
 	return 0
diff --git a/etc/rc.d/ipmon b/etc/rc.d/ipmon
index 27f483c..cdd8742 100755
--- a/etc/rc.d/ipmon
+++ b/etc/rc.d/ipmon
@@ -23,7 +23,7 @@ ipmon_precmd()
 	if ! checkyesno ipfilter_enable && ! checkyesno ipnat_enable ; then
 		err 1  "${name} requires either ipfilter or ipnat enabled"
 	fi
-	if ! sysctl net.inet.ipf.fr_pass >/dev/null 2>&1; then
+	if ! ${ipfilter_program:-/sbin/ipf} -V | grep -q 'Running: yes' >/dev/null 2>&1; then
 		err 1 "ipfilter module is not loaded"
 	fi
 	return 0
-- 
cgit v1.1