Commit Graph

60 Commits

Author SHA1 Message Date
thorpej
7fcb5daedb Add defaults for powerd(8). 2003-04-18 05:21:20 +00:00
atatat
4beb2262be Capitalize the word "if". 2003-04-02 18:17:27 +00:00
atatat
d47616429d Expand the sendmail settings section (from two to five) and elaborate
(in brief) on what it's all about.
2003-03-24 15:20:36 +00:00
wiz
4f30393de2 Allow ccd autoconfiguration to be turned off (by setting ccd=NO in
/etc/rc.conf; default is YES.)
Suggested by elric, ok'ed by lukem.
2003-03-19 08:54:00 +00:00
wiz
4c74ff3fdd Allow cgd configuration to be skipped (by setting cgd=NO, defaults to YES).
Closes my PR/20766.  Based on a suggestion by lukem.
2003-03-19 06:06:47 +00:00
lukem
b307261961 clarify that lkm needs /usr 2003-03-10 18:21:00 +00:00
jhawk
1d79603c81 Use $diff_options when running diff in /etc/security.
Default diff_options to -u, for unified-format context diffs,
because context is essential to a useful evaluation of differences.
This represents a behavior change.

Implements change-request PR security/17247 from
Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
2003-02-21 22:47:51 +00:00
jhawk
3b390ffb5f Suppress emailing the daily security report if it is empty, unless
send_empty_security=YES. Implements change-request PR security/17249
from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
2003-02-21 22:35:46 +00:00
jhawk
687107d3c0 Under check_mtree, invoke mtree with -L if check_mtree_follow_symlinks is set.
Apparently mtree -L is imperfect, but it is far better than the lack thereof
if symlinks are involved reaching files mtree verifies.
2003-02-13 02:42:06 +00:00
jhawk
1a4c8c0295 Add some flexibility to /etc/security, by way of security.conf options:
check_passwd_nowarn_shells	Don't warn about these non-/etc/shells shells
  check_passwd_nowarn_users	Don't warn about these users
  check_passwd_permit_star	Don't warn about "*" in the $2 field
Behavior change: check_passwd_nowarn_shells defaults to /sbin/nologin and
  /usr/libexec/uucp/uucico, so that it will not warn about the default
  master.passwd.
The rationale here is that an administrator who chooses to permit these
  warnable conditions should not be warned about them day after day, yet
  should not be forced to disable check_passwd entirely.
check_passwd_permit_star is primarily of interest to sites who use *'d
  entries for Kerberos or ssh logins, despite the fact that we permit
  "*ssh" (etc.) for this purpose (legacy).
2003-02-13 01:55:10 +00:00
kent
ba5fd9b3f8 /etc/rc.d/mixerctl: Add capability to save and restore mixer settings.
Thanks to Julio Merino.
2002-10-12 11:29:28 +00:00
takemura
b8ce6e8201 Added touch panel calibration utility. 2002-08-27 14:12:09 +00:00
thorpej
afbf483286 Add a wdogctl startup/shutdown script. 2002-07-30 05:58:42 +00:00
christos
e2eb1d43c0 add a line about wsmoused commented out. 2002-06-27 15:10:32 +00:00
lukem
56dc20a9f6 ntpd_chrootdir needs /dev/clockctl as well 2002-06-17 06:47:58 +00:00
lukem
3da8227a70 $ntpd_chroot requires "pseudo-device clockctl" in the kernel 2002-06-15 01:55:44 +00:00
lukem
96e2ff62c8 Add two new rc.conf(5) variables:
rc_rcorder_flags		extra flags to rcorder(8) in /etc/rc
    rcshutdown_rcorder_flags	extra flags to rcorder(8) in /etc/rc.shutdown

This can be used to specify extra directories to search for rc.d scripts in.
For example, adding the following to rc.conf(5):
	rc_rcorder_flags="/usr/pkg/etc/rc.d/*"
	rcshutdown_rcorder_flags="/usr/pkg/etc/rc.d/*"
will add the files in /usr/pkg/etc/rc.d to the list of files that rcorder(8)
uses to build the list of scripts to start or stop.

I proposed this functionality on tech-userlevel@ over one month ago.
Closes the recent [misc/16888], which asked for a similar feature.
2002-05-19 01:01:32 +00:00
lukem
b3cffe8cbf deprecate $sshd_conf_dir and hardcode /etc/ssh.
$sshd_conf_dir wasn't as flexible as liked (it didn't work for ssh(1),
host keys or known_hosts).
2002-04-29 05:55:05 +00:00
lukem
2c1cfc8e8c - in <bsd.files.mk>, don't clear FILES after using it, as that prevents
make -V FILES
  from being useful (and given that every other variable can be
  extracted using make -V, the behaviour was unusually inconsistent
  given that the original reason for clearing it doesn't seem to be
  relevant anymore)
- use <bsd.prog.mk> instead of directly including <bsd.files.mk>
  (and possibly <bsd.man.mk> or <bsd.own.mk>)
- remove obsolete NOPROG
2002-04-24 08:18:45 +00:00
martin
c095b10bc5 Now that isdnd does auto-UP/DOWN itself, remove it from the rc.d script.
Remove all related rc.conf options as well, we now have fine-grained
controll in /etc/isdn/isdnd.rc.
2002-04-10 23:37:12 +00:00
lukem
5ee7ac8886 Replace $critical_filesystems_beforenet with $critical_filesystems_local .
Replace  $critical_filesystems            with  $critical_filesystems_remote .

The new names are now consistent with the type argument that
mount_critical_filesystems() is called with, and allows for other types to
be easily supported by that function.

For backwards compatibility purposes, if the now obsolete variable is defined
(even empty), it takes precedence over the new form, and you will be warned.
If you want to stop the warnings, update your rc.conf(5) settings!
2002-03-27 08:53:39 +00:00
lukem
3c3d3219ff Implement rc.conf(5) variable `` $swapoff ''.
If set to yes, block-type swap partitions will be deleted upon shutdown.
This can be useful if swapping onto a RAIDframe device, but may cause
unnecessary delays during shutdown for the general case, so it's
disabled by default.
Should resolve [bin/14433] and [kern/14769].
2002-03-21 23:08:35 +00:00
itojun
0a2445c3b6 move sshd config files to /etc/ssh 2002-03-11 04:57:55 +00:00
lukem
c5a625870b ipmon: set -D via command_args rather than the default ipmon_flags.
resolves [install/15753]
2002-02-28 01:06:13 +00:00
lukem
7d6824228d Support alternate config dir for sshd conf file and keys (defaults to "/etc").
Based on [misc/12473] from Jim Bernard.
2002-02-24 12:50:08 +00:00
garbled
120f0525b3 add a note requesting people edit share/sushi/system/rcconf/form when editing
this file to keep it in sync.
2002-02-21 19:59:09 +00:00
martti
d7bcd10a27 ipfs allows state information created for NAT entries and rules using
keep state to be locked (modification prevented) and then saved to disk,
allowing for the system to experience a reboot, followed by the restoration
of that information, resulting in connections not being interrupted.

To activate this feature, set ipfs=YES in /etc/rc.conf
2002-02-11 10:19:55 +00:00
lukem
6405cef9be minor cosmetic changes (no functional change) 2002-01-21 14:33:25 +00:00
lukem
f9d5a55631 commented out entry for ntpd_chrootdir 2002-01-18 10:53:29 +00:00
martin
2859135383 Add rc.d support for ifwatchd (used to run ip-up/ip-down scripts for
in-kernel pppoe interfaces).
2001-12-10 16:53:06 +00:00
augustss
0f4c5ed617 Add moused, default off. 2001-10-29 23:25:00 +00:00
lukem
01c63bc35a - add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by
future work to support a chroot(8)ed ntpd
- move /var/named -> /var/chroot/named for consistency with ntpd
2001-10-11 07:21:07 +00:00
lukem
8c4fc91c36 replace "pkg_dbdir" with "pkgdb_dir", to be consistent with "backup_dir" 2001-10-03 15:41:25 +00:00
atatat
9202500182 Add a chunk of code to check the installed pkgs list by making a list
of all installed pkgs and their +CONTENTS and +REQUIRED_BY files (if
they have one) and handling this file along with all the other
CHANGELIST stuff.

Greg Woods gets points for coming up with the idea.

Luke Mewburn asked me to do it, and provided lots of criticism along
the way.
2001-10-01 02:21:20 +00:00
hubertf
d8250777f4 Make rtsol_flags default to -a, to do Router Solicitation on all
interfaces when someone sets rtsol=YES.

OK'd by Itojun.
2001-09-24 11:34:11 +00:00
mason
80e5affebe language corrections 2001-09-19 23:42:21 +00:00
martin
d7e4ab316c Add support to down some interfaces before shutting down the system. All
pppoe*  interfaces are automatically shut down by this script, others may be
added to the force_down_interfaces variable in /etc/rc.conf.
2001-09-04 18:09:13 +00:00
tron
3543e0f5fa Start "ipmon" with option "D" for daemon mode instead of starting it
in a subshell.
2001-07-05 05:26:57 +00:00
lukem
919eb089e2 change mountd to use its own $mountd variable (instead of $nfs_server).
nfsd will complain if mountd isn't set.  from [misc/13135] by Johnny C. Lam.
2001-06-16 06:13:09 +00:00
lukem
586521f84e - Implement an optional global watchdog timeout for rc.shutdown, which is
enabled by setting $rcshutdown_timeout to a number of seconds to wait for
  before terminating rc.shutdown.  This is disabled by default.
- Use symbolic names rather than numbers when defining a trap.
- Improve some comments.
2001-06-16 04:09:19 +00:00
fredette
b934309492 sunndd has been renamed to ndbootd. 2001-05-22 14:51:37 +00:00
fredette
bc14be100e Added rc.d support for sunndd. 2001-05-17 23:19:06 +00:00
jdolecek
a0cf66443f change comment for accouting; /var/account/acct is not needed to be created
manually any more
2001-04-25 11:50:56 +00:00
pk
87f992edd6 Put `gated' back; we still refer to it. 2001-04-12 09:59:18 +00:00
wiz
dc5eda62fb Remove references to gated, except the conflict check in rc.d/routed.
Noted by Launey Thomas <ljt@alum.mit.edu>.
2001-04-06 09:38:54 +00:00
thorpej
bd4e08b66c Add defaults for altqd. 2001-04-06 00:37:03 +00:00
atatat
2811b1707a Provide the capability of storing backups via RCS instead of just a
"current" and a "last" (which is useless if you wanna know what you
changed last week).  Set the default to on.
2001-04-04 03:17:19 +00:00
hubertf
efc93d040b Run skeyaudit (only) from /etc/daily instead of /etc/security, else there's
some risk that the users don't get warned if an admin turns off running
/etc/security (by putting run_security=no into daily.conf).

Fixes PR 12267.
2001-03-15 02:23:47 +00:00
lukem
c01bf98a39 commented out entry for named_chrootdir 2001-03-12 16:13:17 +00:00
lukem
7c7983ed46 provide commented-out example for rc_fast_and_loose 2001-02-28 16:52:04 +00:00