diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index 3872a23a1069..2f4701b9ef23 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -1,4 +1,4 @@ -# $NetBSD: rc.conf,v 1.98 2008/12/20 13:20:58 isaki Exp $ +# $NetBSD: rc.conf,v 1.99 2009/01/04 12:10:30 apb Exp $ # # /etc/defaults/rc.conf -- # default configuration of /etc/rc.conf @@ -110,6 +110,7 @@ newsyslog=NO newsyslog_flags="" # trim log files quota=YES # check and enable quotas ldconfig=YES # rebuild a.out ldconfig cache sysdb=YES # build system databases +rndctl=NO rndctl_flags="" # configure rndctl(8) # cope with other OSes using the real time clock at localtime on this # machine (by adjusting kern.rtc_offset at boot) diff --git a/etc/rc.d/Makefile b/etc/rc.d/Makefile index 52bc657920f4..71ca0f2a24ba 100755 --- a/etc/rc.d/Makefile +++ b/etc/rc.d/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.72 2008/12/20 13:20:58 isaki Exp $ +# $NetBSD: Makefile,v 1.73 2009/01/04 12:10:30 apb Exp $ .include @@ -24,8 +24,8 @@ CONFIGFILES=\ named ndbootd network newsyslog nfsd nfslocking ntpd ntpdate \ perusertmp pf pf_boot pflogd postfix powerd ppp pwcheck \ quota \ - racoon rpcbind raidframe raidframeparity rarpd rbootd root \ - route6d routed rtadvd rtclocaltime rtsold rwho \ + racoon rpcbind raidframe raidframeparity rarpd rbootd rndctl \ + root route6d routed rtadvd rtclocaltime rtsold rwho \ savecore screenblank sdpd securelevel sshd \ staticroute swap1 swap2 sysctl sysdb syslogd \ timed tpctl ttys \ diff --git a/etc/rc.d/rndctl b/etc/rc.d/rndctl new file mode 100644 index 000000000000..647c691c4ce1 --- /dev/null +++ b/etc/rc.d/rndctl @@ -0,0 +1,77 @@ +#!/bin/sh +# +# $NetBSD: rndctl,v 1.1 2009/01/04 12:10:30 apb Exp $ +# + +# PROVIDE: rndctl +# BEFORE: disks ike ipsec sshd + +$_rc_subr_loaded . /etc/rc.subr + +name="rndctl" +rcvar=$name +command="/sbin/${name}" + +start_cmd="rndctl_startcmd" + +rndctl_startcmd() +{ + # $rndctl_flags can contain multiple semicolon-separated + # segments in which each segment contains optional flags + # followed by one or more device or type names. If none of the + # -c/-C/-e/-E flags is specified, then "-c -e" is used. If + # neither of the -d/-t flags is specified, then "-d" is used. + # + # For example, given + # rndctl_flags="wd0 wd1; -t tty; -c -t net" + # we will perform the following commands: + # rndctl -c -e -d wd0 + # rndctl -c -e -d wd1 + # rndctl -c -e -t tty + # rndctl -c -t net + + local args arg flags + + # Split $rndctl_flags on semicolons + oIFS="$IFS" + IFS=';' + set -- $rndctl_flags + IFS="$oIFS" + # The outer "for args" loop cycles once per semicolon-separated + # segment; the inner "for arg" loop cycles once per word in a + # segment. + for args in "$@"; do + #echo >&2 "${name} DEBUG: Parsing segment: $args"; + flags='' + for arg in ${args}; do + case "${arg}" in + -*) + flags="${flags} ${arg}" + ;; + *) + # We have a device or type name. + # If none of -c/-C/-e/-E flags was + # specified, add "-c -e". If neither + # of -d/-t was specified, add "-d". + # Then perform the command with the + # specified device or type name. + # + case "${flags}" in + *[cCeE]*) ;; + *) flags="${flags} -c -e" ;; + esac + case "${flags}" in + *[dt]*) ;; + *) flags="${flags} -d" ;; + esac + #echo >&2 "${name} DEBUG: running:" \ + # "$command $flags $arg" + $command ${flags} ${arg} + ;; + esac + done + done +} + +load_rc_config $name +run_rc_command "$1" diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index c1ce7d316d13..a822f44ce0e4 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -1,4 +1,4 @@ -.\" $NetBSD: rc.conf.5,v 1.126 2008/12/20 17:17:05 wiz Exp $ +.\" $NetBSD: rc.conf.5,v 1.127 2009/01/04 12:10:30 apb Exp $ .\" .\" Copyright (c) 1996 Matthew R. Green .\" All rights reserved. @@ -26,7 +26,7 @@ .\" .\" Copyright (c) 1997 Curt J. Sampson .\" Copyright (c) 1997 Michael W. Long -.\" Copyright (c) 1998-2002 The NetBSD Foundation, Inc. +.\" Copyright (c) 1998-2009 The NetBSD Foundation, Inc. .\" All rights reserved. .\" .\" This document is derived from works contributed to The NetBSD Foundation @@ -55,7 +55,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd December 20, 2008 +.Dd January 4, 2009 .Dt RC.CONF 5 .Os .Sh NAME @@ -342,6 +342,55 @@ can be used to override the default location of the .Dq real temporary directories, .Dq Pa /private/tmp . +.It Sy rndctl +.Sq YES +or +.Sq NO . +Runs the +.Xr rndctl 8 +utility one or more times according to the specification in +.Sy rndctl_flags . +.Pp +If +.Sy rndctl_flags +does not contain a semicolon +.Pq Ql \&; +then it is expected to contain zero or more flags, +followed by one or more device or type names. +The +.Xr rndctl 8 +command will be executed once for each device or type name. +If the specified flags do not include any of +.Fl c , C , e , +or +.Fl E , +then the flags +.Fl c +and +.Fl e +are added, to specify that entropy from the relevant device or type +should be both collected and estimated. +If the specified flags do not include either of +.Fl d +or +.Fl t , +then the flag +.Fl d +is added, to specify that the non-flag arguments are device names, +not type names. +.Pp +.Sy rndctl_flags +may contain multiple semicolon-separated segments, in which each +segment contains flags and device or type names as described above. +This allows different flags to be associated with different +device or type names. +For example, given +.Li rndctl_flags="wd0 wd1; -t tty; -c -t net" , +the following commands will be executed: +.Li "rndctl -c -e -d wd0" ; +.Li "rndctl -c -e -d wd1" ; +.Li "rndctl -c -e -t tty" ; +.Li "rndctl -c -t net" . .It Sy savecore .Sq YES or