Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
153,133 Commits 606 Branches 0 Tags 3.1 GiB
0623ef4ad5
Commit Graph

3681 Commits

Author SHA1 Message Date
christos
bc249013c1 Add the TOG copyright. 2005-09-24 18:22:22 +00:00
tsarna
a3e8f0991e Add pam_afslog. Like pam_krb5, this is a fast, quiet no-op if you aren't 
actually using it the subsystem.

Approved by: gendalia
 2005-09-22 01:02:12 +00:00
elad
392d31ddc2 Use more sane defaults for commented out fingerd entry. 
From OpenBSD and Zafer Aydogan.
PR/31341.
 2005-09-18 19:47:28 +00:00
tsarna
9cb3a4de17 Default rwhod to running as _rwhod (but leave disabled by default). 
I thought I already comitted this one...
 2005-09-15 03:40:34 +00:00
tsarna
384be89761 Adjust for ownership of /var/rwho 2005-09-14 14:01:57 +00:00
tsarna
cd41b5d099 add _rwhod user (and group) 2005-09-12 16:21:56 +00:00
rpaulo
0a8fc88cf5 Remove the localhost ip6.int example since, as per RFC 4159, ip6.int is 
now depreciated.

Discussedon tech-net.
 2005-09-01 14:02:01 +00:00
tron
f851540ac2 Move "named.conf" example configuration to "/etc" because that is where 
named(8) looks for it. You can now really get a caching name server
by simply setting "named=yes" in "/etc/rc.conf" as documented in
The NetBSD Guide. This fixes PR bin/30662 by Christian Hattemer.
 2005-08-30 10:58:33 +00:00
peter
9c1da17e90 pf needs to be started after the network is up, because some pf rules 
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.

Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.

No objections on: tech-security
 2005-08-23 12:12:56 +00:00
perry
15e3f0cc19 Small ugly hack -- sed "Mounted on" to "Mount" so that the df line 
fits in <80 columns.

We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.
 2005-08-22 14:24:45 +00:00
perry
9e84da172c Make max_loginlen and max_grouplen 16. 
We've handled 16 character logins for quite some time, and we even
have packages that create >8 character accounts. There is no point in
pretending the limit is 8 any more by default.

Discussed (very lightly -- there was little comment) on tech-userlevel
 2005-08-22 14:09:23 +00:00
rpaulo
82bdaacb4f Adapted to the changes of grfinfo(1) MANSUBDIR (hp300). (thanks Klaus Klein) 2005-08-20 17:23:53 +00:00
drochner
35a754577f add SIP 
(not going to import everything from IANA, but this is an increasingly
popular one)
 2005-08-16 19:41:01 +00:00
peter
ad9c34ce5c Changes suggested by lukem: 
1. Order pf to start before the network is configured.

2. If the pf_rules cannot be found at boot time, abort the boot (from the
   ipfilter script).
 2005-08-10 13:52:05 +00:00
peter
c9c458f33c Add command_args="-D" to the ftpd rc.d script. This flag is always needed 
when running ftpd as daemon and it will now automatically be appended to the
command line, even if ftpd_flags doesn't have it.

Suggested by Alan Barrett and Luke Mewburn, thanks.
 2005-08-09 14:59:33 +00:00
peter
c100ff5b4d Add "-ll" to ftpd_flags to be consistent with the entry in inetd.conf. 
Suggested by lukem@.
 2005-08-08 00:20:46 +00:00
peter
9cfba4bb75 Add a note telling that ftpd_flags should always contain "-D". 
Suggested by lukem@.
 2005-08-08 00:19:37 +00:00
peter
d0b18db569 Allow to change the location of the pf ruleset with the variable $pf_rules. 2005-08-07 01:03:39 +00:00
chris
3d4b482c1f As requested in PR port-cats/30460 add support for GENERIC.ABLE kernel to 
sysinst, and also add the ABLE install kernel to the generated release
kernels.
 2005-08-07 00:21:38 +00:00
peter
f74a86ef4f Add the new ftpd rc.d script. 2005-08-04 22:32:44 +00:00
peter
cbc0c4b837 Add defaults for ftpd. 2005-08-04 22:29:01 +00:00
peter
7eb092e6c3 Add rc.d support for standalone ftpd, suggested by perry@. 2005-08-04 22:28:17 +00:00
shige
9bc1bf15c8 Add md-kernel for installation: INSTALL_OPENBLOCKS266. 2005-08-03 14:55:37 +00:00
nakayama
69b6d49897 Add man page for teliosio(4). 2005-07-31 00:12:16 +00:00
skrll
acd7c4c5ca Add a driver for Cypress microcontroller based USB serial adapters. 
XXX hw flow control is not supported.
 2005-07-30 06:14:49 +00:00
christos
0e7146df89 Improve on the migration bit. Check if files are different, and if not, 
remove the source and leave a symlink behind. Otherwise, let the user know.
 2005-07-17 21:28:45 +00:00
christos
a2663103c5 Copy and link files to allow a chrooted named to start-up automatically. 2005-07-17 16:30:57 +00:00
kiyohara
c1a84a4d12 ieee1394 import from FreeBSD. 2005-07-11 15:29:05 +00:00
lukem
fccd5bd47c Update permissions of /var/log/wtmp{,x} to match those installed by 
etc/Makefile.
Fixes PR 30717 from Jukka Salmi.
 2005-07-11 08:41:40 +00:00
macallan
478cf01748 added ttyC00 and ttyC01 fopr the SPARCbook's internal modem and PCMCIA 
modems
 2005-07-03 18:08:53 +00:00
rpaulo
aafff09728 Add ptyfs to the file-system types ignored by the find_core check. 
Ok'ed by Christos Zoulas and Hubert Feyrer.
 2005-06-30 18:23:26 +00:00
perry
03c94431fb add /usr/libexec/ching 2005-06-30 12:40:22 +00:00
symka
87283c876e PR/29317: ifconfig.if does not allow parameters with spaces 
OKeyd by christos@
 2005-06-28 13:36:40 +00:00
peter
df0caa2637 Remove (pf)spamd. Its right to exist in NetBSD has been questioned since it 
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.

A port of the latest spamd will be imported into pkgsrc soon.

Suggested by several people, no objections on last proposal on tech-userlevel.
 2005-06-27 20:32:39 +00:00
jdc
92c2871701 Make fb a link to fb0. 
Add an entry for fb1.
 2005-06-24 06:43:40 +00:00
jdc
7a2ed0814d Add an entry for fb1. 2005-06-24 06:43:06 +00:00
elad
68988657cd Don't allow unprivileged users to access the veriexec device. 2005-06-16 15:31:21 +00:00
elad
faffb35d60 Run veriexec before securelevel and sysctl scripts. Suggested by Nino Dehne. 2005-06-15 18:49:40 +00:00
christos
3ccdf9a0d7 default swapoff to yes, and explain why. 2005-06-15 03:34:45 +00:00
he
c4f693fe6b Make a simple fix for inculsion of disklabel.h. Since this script 
doesn't do CPP conditionals, just avoid trying to "include" files
in the newly established nbinclude area, the in-tree version in the
normal place should work fine.

Fixes build problem for (among several others) cats.
 2005-06-14 20:47:46 +00:00
tron
abba7e56c8 Enable RAIDframe support in the NetBSD-macppc installation media. 
Based on patches submitted by Ian Spray in PR port-macppc/30465.
 2005-06-09 13:29:57 +00:00
he
82e01bc59d Now that /var/log/wtmp and /var/log/wtmp should have group=utmp, 
instruct newsyslog to follow up this when rotating these logs.
 2005-06-05 07:33:17 +00:00
bouyer
44d1677f84 Remove support for build.sh -m xen, this has been merged in the i386 
build. Pointed out by Chuck Silvers.
 2005-05-29 10:54:40 +00:00
blymn
c1a5be3d85 Fix naming of the verified exec character device placeholder. 2005-05-28 14:54:06 +00:00
tsutsui
d4c33e9952 Ecoff kernels are no longer needed. 2005-05-23 13:05:04 +00:00
macallan
d2d9cb8374 added wd* 2005-05-23 00:43:13 +00:00
lukem
1bd2839e9a Consistently use 0664 root:utmp for /var/log/{lastlog,wtmp}{,x}. 
Rest of PR 18670.
 2005-05-22 14:34:20 +00:00
chs
1c2ca83340 add a ramdisk and LIF image for sysinst-based installation. 2005-05-18 14:04:26 +00:00
chs
408467d27a allow rsh if the user's password is null. from christos. 2005-05-14 15:17:47 +00:00
lukem
e03970d626 correct line for "password" 2005-05-13 02:56:34 +00:00
christos
4aafff6cc5 it makes no sense to check ptyfs for new and gone devices. From Rui Paulo, 
many thanks.
 2005-05-12 14:02:05 +00:00
peter
7147ba1184 PR/30177: Rui Paulo: /var/chroot/pflogd isn't created by default 2005-05-11 10:41:51 +00:00
martin
7a5b2dfb39 Tweak the iso-image support: avoid arbitrary hardcoded sizes - use awk to 
estimate the real size and round up a bit instead. Doesn't matter much, but
produces a "better" sgi volume header.
While there, simplify a few bits and avoid grep|awk pipes.
 2005-05-10 21:58:03 +00:00
martin
5f3107ece4 Add wscons virtual consoles 2005-05-02 13:39:54 +00:00
lukem
b26a3203a3 Add /etc/pam.conf and /etc/pam.d/* 2005-05-02 03:23:43 +00:00
lukem
188cee5c01 Fix previous, caused by premature optimization... 
Noted by Kirk Russell.
 2005-05-02 02:51:04 +00:00
lukem
710a7ff6e8 Use zeropad() and hexprint() instead of printf(1). 2005-05-02 00:47:58 +00:00
lukem
117d01fe78 Add hexprint(); display the given number as hex. 
Add a comment to document zeropad()'s purpose.
 2005-05-02 00:46:46 +00:00
augustss
c246220559 Make /dev/usb readable to all; it is only used to report USB events. 2005-04-30 16:26:06 +00:00
christos
699bb11d46 Add more locale directories in preparation of new gettext. 2005-04-26 19:39:11 +00:00
cjs
2dc0814b72 Make ifaliases_lo0 in rc.conf work just like other interfaces (instead of 
being ignored). Also, when configuring aliases set as ifaliases_xxN,
print out the interface name and the alias address.
 2005-04-26 10:28:29 +00:00
martin
441f539b14 Pickup bootblock.h from $DESTDIR to make this work when crosscompiling. 2005-04-22 09:49:45 +00:00
blymn
8387760ed1 Rototill of the verified exec functionality. 
* We now use hash tables instead of a list to store the in kernel
    fingerprints.
  * Fingerprint methods handling has been made more flexible, it is now
    even simpler to add new methods.
  * the loader no longer passes in magic numbers representing the
    fingerprint method so veriexecctl is not longer kernel specific.
  * fingerprint methods can be tailored out using options in the kernel
    config file.
  * more fingerprint methods added - rmd160, sha256/384/512
  * veriexecctl can now report the fingerprint methods supported by the
    running kernel.
  * regularised the naming of some portions of veriexec.
 2005-04-20 13:44:45 +00:00
lukem
8232ca0162 Tweaks for the move of postinstall from /etc to /usr/sbin 2005-04-17 23:12:40 +00:00
lukem
5c5750a595 Move /etc/postinstall (and the etc.tgz set) to /usr/sbin/postinstall 
(and the base.tgz set).
 2005-04-17 15:15:48 +00:00
lukem
41595413ba elaborate on sysctl rename 2005-04-16 04:19:24 +00:00
kleink
7a5e7ac8e9 Adjust for the Argentina directory that came with tzdata2004b; 
noted by Geoff C. Wing in PR bin/29954.
 2005-04-12 15:35:54 +00:00
jwise
bfd29aa656 /var/chroot/spamd is now /var/chroot/pfspamd. 2005-04-12 14:24:32 +00:00
peter
271ad04cd9 Allow an underscore as first character and embedded underscores & dots 
for login and group names.

Fixes PR misc/29913 from Arto Selonen.
 2005-04-11 15:46:42 +00:00
bouyer
4b058b80fb Add xencons to the default list of devices. Fix port-xen/29887 by Juan RP. 2005-04-06 21:06:28 +00:00
peter
c37e23a1f9 Add _pflogd group. 2005-04-05 19:57:30 +00:00
christos
96cf4771d1 PR/29891: Arto Selonen: su(1) does not seem to honor SU_ROOTAUTH any more 
Move the rootauth group line before the wheel check, so that rootauth users
are not required to be in wheel [still commented out]
 2005-04-05 18:23:36 +00:00
peter
ee8532311f Add _pflogd to the uid check. Pointed out by Luke Mewburn. 2005-04-05 07:03:33 +00:00
peter
80271013f5 Add the _pflogd user which will be used by pflogd(8), the logging daemon 
for pf(4).

Approved by core.
 2005-04-04 19:06:43 +00:00
lukem
c0372ca1ef ypserv(8) doesn't need the domainname(1) set -- it will serve any maps 
present under /var/yp/<somedomain>/<map> -- so don't require it.
Thanks to Chuck Cranor for the suggestion.
 2005-04-01 23:25:29 +00:00
peter
7c4b722858 Add pf to the all target. Pointed out by Steve Rumble. 2005-04-01 21:07:01 +00:00
lukem
d45db391ec Install all obsolete X11 sets (even empty ones). 2005-03-28 03:13:39 +00:00
tnozaki
a3b248100e add csmapper:CNS11643-1,2 and esdb:ISO-2022-CN, 
integrate esdb:EUC-TW, locale:zh_TW.eucTW.
 2005-03-27 22:30:05 +00:00
tron
f1f5ecd1a9 We must check for "${MACHINE}" and not "${MACHINE_ARCH}" of course to 
decide about port specific obsolete lists.
 2005-03-25 20:15:20 +00:00
tron
728512171e Checking for the file "xserver" in "${OBSOLETE.dir}" doesn't work because 
the check will be done before the target which is used to create that file.
So simply add "xserver" to "${OBSOLETE.file}" based on the architecture.
 2005-03-24 20:23:55 +00:00
martin
6ebdd24d9a Make var/db/obsolete/xserver optional. 2005-03-24 09:07:17 +00:00
rtr
c6b047ea8b + do not install getconfig 2005-03-24 05:27:18 +00:00
rtr
80843b35d1 + getconfig scripts and configs 2005-03-22 21:43:24 +00:00
lukem
857d896931 -s can be given 'etc.tgz' directly. (Thanks to hubertf for the reminder) 
Improve usage.
 2005-03-22 04:43:53 +00:00
tron
fb571c8922 Add support for handling obsolete X11 files and directories. 2005-03-21 23:09:39 +00:00
tron
96f232123e Remove directory which got obsoleted by XFree86 4.5.0. 2005-03-21 14:45:19 +00:00
christos
12399bd640 Add the freetype services directory under internal 2005-03-20 18:25:22 +00:00
shige
34be8773f6 Add OPENBLOCKS200 kernel. 2005-03-18 16:32:59 +00:00
christos
c50dc53d46 pam_self is "required" not just sufficient to authorize the Xserver. 2005-03-18 15:15:25 +00:00
tron
878fa2f707 Replace hardcoded "/var/run/named.pid" with ${pidfile}. 2005-03-17 18:44:09 +00:00
christos
5b3d8c8c12 remove stray l. 2005-03-17 01:47:18 +00:00
christos
c788433bb3 Remove ,optional accidentally committed. We are not going to do this after 
all.
 2005-03-17 01:07:51 +00:00
xtraeme
d34097e695 Create the xbd1* devices as well as xbd0*, this is useful to install 
domUs via CDROM or unmounted FS in the sysinst menu.
 2005-03-15 23:46:09 +00:00
peter
80f533ce07 Do a "flush all" when disabling pf. This also changes the restart case 
to do a "flush all", while the reload case will only reload the rules without
flushing anything.

Suggested by Miles Nordin.
 2005-03-15 18:22:03 +00:00
peter
0a9aa9779a Install pf(4) examples. Reviewed by yamt@. 
Thanks to hubertf@ for the reminder.
 2005-03-15 16:05:03 +00:00
lukem
f198807ca5 Explicitly REQUIRE mountcritremote, since this uses awk. 2005-03-15 12:06:12 +00:00
christos
138a35afd9 comment out pam_ssh and mention it has potential security issues. 2005-03-14 23:41:49 +00:00
jdolecek
03258a805a separate tun(4) and joy(4) entries, those two are totally independant 
PR: kern/29673 by FUKAUMI Naoki
 2005-03-12 10:26:45 +00:00
tron
9533cbbc67 Try last fix once more. 2005-03-12 00:52:51 +00:00
tron
d2a568b356 Fix a bad typo in populate_dir() which broke a lot of checks. 2005-03-12 00:50:23 +00:00
bouyer
3e8f0992c8 Integrate Xen to the i386 build process: 
- Add xen devices to MAKEDEV
- Add Xen kernels to list of kernel to build
- Add INSTALL_XENU to the install kernels
- introduce the xbd disk devices to sysinst.

This will add 3 kernels to the i386 release:
XEN0 for use as a Xen domain0 kernel
XENU for use on a non-privileged domain
INSTALL_XENU to install NetBSD on a non-privileged domain virtual disk.
 2005-03-11 20:55:10 +00:00
lukem
8286cd5e07 Deprecate etc_release check, since etc/release is now part of base.tgz. 
Support '-s /path/to/etc.tgz' which extract the file to a scratch directory
and run the contained version of postinstall against that directory.
This saves about 5 tedious steps which I've done by hand when updating,
and the expense of some minor CPU time on each invocation of this method.

XXX: postinstall needs a man page.  pkill -HINTHINT wizd
 2005-03-08 14:09:25 +00:00
martin
cefddd30c8 Remove ${MACHINE} from the volume name of iso images - our new naming sheme 
makes the field overflow even on archs where ${MACHINE} is pretty short.

Also rearange MKISOFS_FLAGS so that they default to -quiet unless the
user explicitly asks for -v. Add -hide-joliet-trans-tbl to get rid of
the TRANS.TBL files on modern OSs.
 2005-03-08 07:39:30 +00:00
cube
4804c0d992 modload(8) already obtain the value of the machdep.booted_kernel sysctl 
node, and use it as a reasonable default when no -A option is passed.

The difference is, modload(8) prefers /dev/ksyms rather than the sysctl
node, which is the behaviour we really want.

Unconditionally passing -A in rc.lkm prevents the loading of inter-
dependent modules from rc.d, as reported by Jeff Rizzo on netbsd-users.
 2005-03-04 21:11:23 +00:00
christos
b8911768e7 Add lastlogx to the list of files created. 2005-03-04 16:16:00 +00:00
christos
f709224812 PR/18670: Charles Blundell: Add entries for lastlog and lastlogx 2005-03-04 16:14:46 +00:00
christos
2bd312ac59 PR/29594: Geoff C. Wing: Allow root in rsh like we used to. 2005-03-04 15:30:59 +00:00
christos
37fd46a3fc by popular demand, and now that we have verified that password authentication 
works, allow a user to start the Xserver without a password.
 2005-03-03 04:21:51 +00:00
christos
afaa144fe7 Add a no nested option that avoids updating the {u,w}tmp databases on a 
nested login.
 2005-03-03 02:12:32 +00:00
tv
0a66272c73 Revert previous, for now. We don't umount filesystems in the shutdown 
process (we're -- probably inappropriately -- waiting for the kernel to do
that at the end), so cgdconfig -U won't do much until that situation changes.
 2005-03-02 19:09:22 +00:00
tv
e32d4e2d39 Unconfigure cgd devices on shutdown, so that underlying layers (i.e., 
RAIDframe) are happier.
 2005-03-02 12:14:47 +00:00
christos
7f1a777aba Add the xserver description file. 2005-03-01 16:29:44 +00:00
christos
ba359ad0ee use the ksu module not the krb one. Do kerberos authentication first. 2005-03-01 16:28:46 +00:00
christos
9d1d1be44f Add a new pam description file for the xserver. This is used when the 
Xserver is started manually using xinit.
 2005-03-01 16:27:52 +00:00
sekiya
a7ca5e9389 Now that the install kernel creates its devices at boot-time, we need to 
properly populate the init case.  Reworked, using amd64 as a prototype.
 2005-03-01 02:36:12 +00:00
sekiya
1bf17b3733 Oops, the init case must create md0. 2005-03-01 01:42:21 +00:00
sekiya
c0336fc23d Add bpf devices. 2005-02-28 08:27:54 +00:00
christos
d81b21774f Add -a valid for PAM. 2005-02-28 02:35:55 +00:00
christos
5bea007640 disable pam_ftpusers module because our /etc/ftpusers has different syntax 
than what it expects.
 2005-02-28 02:21:46 +00:00
thorpej
1c5ae7179a passwd(1) does not require -p to use PAM. 2005-02-28 01:59:21 +00:00
christos
74bb35d6b9 update for current reality. 2005-02-28 01:27:01 +00:00
christos
0215fc5818 add display_manager and ppp 2005-02-27 22:34:18 +00:00
thorpej
98a2507fb6 Make a note about when telnetd uses the "telnetd" PAM service, and 
when the "login" PAM service is used instead.
 2005-02-27 21:49:14 +00:00
thorpej
c3bf5c7ebe Disable pam_ssh by default, and refer people to pam_ssh(8) for information 
on its security risks.
 2005-02-27 21:35:59 +00:00
christos
2b9f821fc2 Mention the problem with ftpusers and that we have a ppp config now. 2005-02-27 19:30:20 +00:00
christos
b89b9e58a2 Add a config file for ppp; same like ftp for now. 2005-02-27 19:29:43 +00:00
thorpej
13eb2abf9e Major cleanup of PAM service configuration files. 2005-02-27 03:40:14 +00:00
bsh
2871250238 add TWINTAIL. 
SMDK2410/2800 now have install kernels.
CVS: ----------------------------------------------------------------------
CVS: CVSROOT  cvs.NetBSD.org:/cvsroot
 2005-02-27 02:27:12 +00:00
lukem
5b0739524b Improve the description of the "pam" check/fix; it doesn't ensure 
that /etc/pam.d is up to date, just populated.
 2005-02-27 00:06:25 +00:00
christos
d242353e08 Update status. 2005-02-24 15:15:27 +00:00
manu
77389b1f94 Update racoon status 2005-02-24 13:16:42 +00:00
lukem
118f369d29 Rename compare_dir() to populate_dir() and add "$onlynew" argument, 
which if true prevents existing but changed files from being updated.

Reimplement compare_dir() in terms of populate_dir() ($onlynew=false)

Reenable do_pam() and use populate_dir() instead of compare_dir().
This allows missing etc/pam.d files to be installed with "fix", but
leaves (possibly end-user) modified files alone.
 2005-02-24 04:06:53 +00:00
martin
dcffc13e8d Rename /dev/fb to /dev/fb0 and make /dev/fb a symlink to it. 2005-02-23 22:56:20 +00:00
lukem
327af7ca04 Only install postfix config if ${MKPOSTFIX} != "no". 
Based on PR misc/29341 by Takeshi Nakayama <nakayama@NetBSD.org>
 2005-02-23 02:10:33 +00:00
christos
714867dee9 update for rexecd 2005-02-23 01:28:40 +00:00
peter
1c9b56c830 Add MKIPFILTER; if set to no, don't build and install the ipf(4) programs, 
headers and LKM.

Add MKPF; if set to no, don't build and install the pf(4) programs,
headers, LKM and spamd.

Both options default to yes, so nothing changed in the default build.

Reviewed by lukem.
 2005-02-22 14:39:58 +00:00
sketch
fbdc9c3fcb Use hostname(1) in preference to uname(1) in case /usr isn't mounted. 2005-02-22 09:12:17 +00:00
sketch
28dfc695f0 Revision 1.2 of dot.shrc changed the prompt to use a HOST variable without 
setting it anywhere, so set it here.
 2005-02-22 08:28:34 +00:00
christos
97552a9c4d Update for ppp and passwd. 2005-02-22 01:09:29 +00:00
jdolecek
989b421981 add nsmb(4) for NetBSD/amiga 
Fixes PR port-amiga/29066 by Florian Stoehr
 2005-02-20 17:49:49 +00:00
christos
379a5c3295 rsh is done. 2005-02-20 05:47:13 +00:00
christos
b757d80462 ftpd is done. 2005-02-20 01:47:04 +00:00
christos
56c6171b31 whitespace 2005-02-20 01:46:42 +00:00
christos
75e797d45f Update. 2005-02-20 00:52:21 +00:00
christos
e51566c11b Add a status file so that we can coordinate who works on what. 2005-02-20 00:02:53 +00:00
perry
ac4f38d372 Try to explain what this file does a little bit better. 2005-02-19 17:25:16 +00:00
thorpej
354f2a1004 Switch to ipsec-tools for libipsec, setkey, and racoon. From 
Emmanuel Dreyfus, with some small changes by me.
 2005-02-19 16:55:02 +00:00
jwise
4cf2ccf6dc Wording fix. Comment still not entirely clear. 2005-02-16 14:47:46 +00:00
tnozaki
fcff889a4d remove ko_KR.UTF-8. 
this locale is alias for en_US.UTF-8 by locale.alias now.
 2005-02-10 18:03:01 +00:00
jdolecek
8e401e6c31 add a check_passwd_permin_nonalpha option, which changes the passwd 
test to permit non-alphanumeric characters in login names
 2005-02-05 15:26:37 +00:00
perry
c3f3d85961 Restore the html directories. They are indeed functional. 2005-02-04 17:10:40 +00:00
wiz
195aff13a9 Remove /usr/share/man/html* directories. They have been there, 
empty, for 3 years, and there was no public plan on how to fill
them in all that time.  Let's re-add them when they have a purpose.
 2005-02-04 15:07:54 +00:00
christos
bde7c7493a Add a commented out option that shows how to get back the rootauth 
functionality
 2005-02-01 22:56:14 +00:00
shige
dcaf7f8abc Build OPENBLOCKS266 kernel. 2005-02-01 17:02:57 +00:00
manu
25f1e3eda9 Set the pam_nologin call to keep our current behavior: login is refused 
after password is given.
 2005-01-23 09:48:38 +00:00
fredb
ca38156730 Permit a "README", "SOURCE_DATE", and "source" at the top-level to be 
added to the CD-ROM (only if they exist), as proposed on tech-install
and tech-toolchain without objections. Note, this will "bloat" the CD-ROM
image if you have done a "./build.sh sourcesets". If you don't want that,
just move "source" out of ${RELEASEDIR} for the "make iso-image".
 2005-01-15 18:18:18 +00:00
lukem
1e55b5223c Disable "pam" check/fix, since the current implementation will overwrite 
any local changes, which is sub-optimal.
 2005-01-11 12:19:35 +00:00
tron
3952de4581 Backout last change. I'm not sure what the correct fix is but the last 
change wasn't it.
 2005-01-10 11:23:53 +00:00
tron
66db1620b2 Fix this so that "make install" will actually work. 2005-01-10 11:20:01 +00:00
lukem
da9dede24f add MKINET6 to etc/release 2005-01-10 02:49:46 +00:00
lukem
2ec73172c7 don't bother linking ftp -> ftpd 2005-01-10 01:51:13 +00:00
lukem
8516a4eb2a install-etc-files: also descend into "pam.d" for configinstall 2005-01-10 01:17:25 +00:00
lukem
50da6bf581 NetBSD Is Not FreeBSD: 
* use CONFIGFILES instead of FILES
* use CONFIGLINKS instead of LINKS
 2005-01-10 01:15:44 +00:00
tsutsui
14a351eefe Create wscons devices. 2005-01-09 15:50:53 +00:00
sketch
715473130b Quote MAILTO properly so that more descriptive names can be used. 2005-01-09 13:07:14 +00:00
christos
2cfa477387 Install pam configuration files. 2005-01-09 07:27:14 +00:00
manu
c6d0cd4217 Remove pam_ssh for system config, it's not always used. 2005-01-08 22:42:22 +00:00
cube
9dc874ea69 Create tap (cloning), tap0 .. tap3 in /dev by default. 2005-01-08 22:31:28 +00:00
joff
d17ffac202 Add tslcd 2005-01-08 20:32:10 +00:00
christos
247ec215ec add ssh and krb5 now that they compile 2005-01-08 08:43:03 +00:00
lukem
7812888715 add MKPAM 2005-01-06 00:47:34 +00:00
manu
99a658efd4 Fix bpf/bpf0 swap 2005-01-04 15:06:24 +00:00
manu
9fba78b0b3 Link /dev/bpf to /dev/bpf0. dhclient looks for /dev/bpf now... 2005-01-03 22:45:34 +00:00
dsainty
7e7f191f7d Add a missing space in a comment 2004-12-30 09:32:13 +00:00
joff
38cddbe010 Add epcom serial UART char device found on Cirrus Logic EP93xx ARM9 SoC's 2004-12-29 06:36:46 +00:00
thorpej
9c276b19a0 Add /usr/lib/security 2004-12-28 23:59:22 +00:00
thorpej
186e7464e2 Add /usr/include/security 2004-12-28 22:00:36 +00:00
joff
db2d37d14e Add TS7200 2004-12-28 16:51:15 +00:00
lukem
eca6f3c39f * Conditionalize flushing of IPv4 vs IPv6 rules based on the existance 
of the appropriate configuration file.
  Based on PR 28757 from Jason White.

* Add comments explaining why we flush separately from the reload
  (backwards compat with older ipf(8) binaries).
 2004-12-23 03:31:54 +00:00
jmc
a837ad61c2 Make sure miniroot subdir gets created 2004-12-15 15:03:14 +00:00
christos
6b367bf779 - Add NetBSD RCSID's 
- comment out opie since we don't have it.
 2004-12-12 08:54:34 +00:00
christos
cad237d3f4 Pam configuration files from FreeBSD; perl script not imported. 2004-12-12 08:48:21 +00:00
jmc
fa6a23da15 Check and report if authpf isn't in group file 2004-12-09 04:42:54 +00:00
kleink
c17d5db72f Add the `shutdown' keyword, giving racoon a chance to flush the SAD 
upon termination.
 2004-12-07 17:37:15 +00:00
christos
9e47818662 Only make bpf, not bpfN 2004-12-02 16:44:28 +00:00
christos
0b731a56a1 Marry tun and joy. 2004-12-01 23:09:04 +00:00
christos
98baff9ba7 Create /dev/bpf not /dev/bpfN 2004-12-01 23:06:57 +00:00
jwise
5b40cd9b6b With the recent fixes to cpp(1) and calendar(1), it is now safe to turn 
on run_calendar by default.  Include a note advising users who replace
/usr/bin/cpp with a non-basesrc version to turn this off.
 2004-11-30 02:03:57 +00:00
perry
87352ee9ba add ./var/chroot and subdirectories 2004-11-25 01:33:31 +00:00
jmc
2a2d87d1db Remove all references to vnd usage here now that sgivol works correctly on file 
images
 2004-11-24 22:01:42 +00:00
soren
c43d1a68db Print interface packet counters as strings to prevent integer overflow in awk. 2004-11-22 04:53:46 +00:00
is
e61255615c Ensure ISDN kernels can be built for future releases. 2004-11-21 21:07:15 +00:00
kim
f7dc8a9650 When checking /etc/exports, account for "-network=XXX" as restricting 
the mount (i.e. it is not considered globally exported).

Fixes PR: 26890
 2004-11-21 19:00:12 +00:00
christos
13b48b2499 Add ${.CURDIR}. 2004-11-16 03:51:30 +00:00
christos
d6ecb79b20 Use the ttys file from etc.${MACHINE} directly. 2004-11-16 02:33:21 +00:00
he
52bd3adde5 Don't leave the stray reference to etc.${MACHINE}/ behind in the ttys 
file installation command.
 2004-11-15 16:33:41 +00:00
christos
829bf2603d Don't append ptys to the ttys file. It is not needed anymore as ttyslot 
will DTRT.
 2004-11-15 00:28:16 +00:00
yamt
ded5cfa88c install PF configs. 2004-11-14 20:28:28 +00:00
yamt
23c8222edb merge after importing pf from openbsd 3.6. (userland part) 
some files were imported to the different places from the previous version.
v3_5:
	etc/pf.conf
	etc/pf.os
	etc/spamd.conf
	share/man/man4/pf.4
	share/man/man4/pflog.4
	share/man/man5/pf.conf.5
	share/man/man5/pf.os.5
	share/man/man5/spamd.conf.5
v3_6:
	dist/pf/etc/pf.conf
	dist/pf/etc/pf.os
	dist/pf/etc/spamd.conf
	dist/pf/share/man/man4/pf.4
	dist/pf/share/man/man4/pflog.4
	dist/pf/share/man/man5/pf.conf.5
	dist/pf/share/man/man5/pf.os.5
	dist/pf/share/man/man5/spamd.conf.5
 2004-11-14 11:26:43 +00:00
sekiya
c1d9edf7a4 Add the IP12 GENERIC kernel. 2004-11-13 10:27:14 +00:00
christos
573e338f96 Don't try to chmod ptys if we have none. 2004-11-10 05:04:51 +00:00
christos
440dc51bb7 Don't declare ptys in tty's. None of the other ports do this. 2004-11-08 19:59:07 +00:00
lukem
4ffd3a5be3 Redo previous (rev 1.12) in a manner that allows this rc.d script to operate 
correctly on ipf(8) from prior to 4.1.3 (where -Fa flushes both protocols)
and 4.1.3 (where -Fa only flushes the current protocol).
Fix from Kimmo Suominen, per private discussion.
 2004-11-08 02:09:01 +00:00
soren
c41dd8b49a - .isc.netbsd.org aliases are gone 
- zathras is gone, alias releng to www
 2004-11-07 19:41:45 +00:00
peter
195fae85fa Remove the "(not in tree)" part in the comment for PF. 2004-10-22 14:08:22 +00:00
gavan
0560d8b947 Initial import of iyonix port. 
The Iyonix is a desktop machine from Castle Technology, based on a 600MHz
XScale[tm] 80321 processor.

* Uses the bootloader from NetBSD/acorn32, which is now 32-bit compatible.
* Currently boots multiuser with a serial console.
* Device support is not yet complete.

With help from abs.
 2004-10-13 23:28:34 +00:00
lukem
1ecb0d140f Use 'load_rc_config_var CMD VAR' to set VAR for "foreign" rc.conf(5) 
variables that may be set in /etc/rc.conf.d/CMD instead of /etc/rc.conf.
Fixes PR 20768 from Pavel Cahyna.
 2004-10-12 14:51:03 +00:00
lukem
3c81b28a9a * Implement 
load_rc_config_var cmd var
  to load the rc.conf(5) configuration for cmd and set var in the
  current shell, using 'load_rc_config var' in a sub-shell to avoid
  unwanted side-effects.

* Improve required_vars warning message.
 2004-10-12 14:45:29 +00:00
christos
a22353007b PR/27235: Jukka Salmi: MAKEDEV regression because of printf -> zeropad change 2004-10-12 14:42:08 +00:00
lukem
573992ef57 Implement reload, using "amq -f". 
Suggested by Hauke Fath in PR 26589.
 2004-10-12 13:44:45 +00:00
lukem
b9fbb3f21a manage tpctl with do_rc(). Fix from Jukka Salmi in PR 26754 2004-10-12 13:29:05 +00:00
lukem
d65dca170c Fix for /bin/ksh, from Jukka Salmi in PR 27232. 2004-10-12 13:23:44 +00:00
christos
6e9a790e1f Use new style command substitution. 2004-10-11 15:00:51 +00:00
lukem
c73be7a88d Explicitly REQUIRE: rpcbind since these services directly use RPC... 2004-10-11 14:11:43 +00:00
lukem
6ede50a341 Use load_rc_config basename chrootdirscript in a subshell to determine 
the rc.conf(5) setting for chrootdirscript, incase the configuration
for that is in /etc/rc.conf.d/chrootdirscript.
Fixes PR 26478 from Jukka Salmi.
 2004-10-11 13:29:52 +00:00
christos
dc75bc2463 PR/27196: Jukka Salmi: missing amanda server ports in /etc/services 2004-10-09 17:04:41 +00:00
dsainty
3507ec273f Comment typos: unecessary->unnecessary, accidentaly->accidentally 2004-10-09 02:18:48 +00:00
erh
7da8bb106d PR misc/7716: add configuration options find_core_ignore_fstypes and 
check_devices_ignore_fstypes to allow the filesystem types that are
ignored during the daily and security runs to be adjusted.
 2004-09-28 15:03:58 +00:00
wiz
d355f71bc3 Dig {cat,man,html}4/hp700. 2004-09-24 13:47:46 +00:00
ian
70f35b6f77 Remove support for ALIASES in share/locale/ctype/Makefile, which 
created symlinks in the filesystem.  Put the one existing alias
(zh_TW.BIG5) into the newer locale.alias file.
 2004-09-10 15:12:51 +00:00
lukem
ac418f52f5 Explicitly flush (-Fa) rules when loading or reloading IPv4 and IPv6 rules, 
rather than relying upon running "ipf -Fa" beforehand (which only flushes IPv4)
Should fix PR 26885 and PR 26857.
 2004-09-09 00:33:03 +00:00
lukem
08c7699414 * Implement modify_file() to apply an awk program against a file and display 
the diffs and possibly install the new version of file.
  (Based on sshd_config munging code in do_ssh())
* Use modify_file() in do_hosts() and do_ssh().
* Be more specific in do_x11() about what needs to occur.
  (This could still be improved).
* Minor sh cleanups.  ("sh is not C")
 2004-08-30 04:57:39 +00:00
augustss
4d1e9e453b The hosts file is /etc/hosts not /hosts. 2004-08-30 02:46:07 +00:00
chs
85b920f8a2 add a dotted alias for localhost so that sendmail doesn't pause on startup 
if a system's hostname is not set.  PR 26550.
 2004-08-29 13:26:17 +00:00
drochner
93f4534edf add "drvctl" template 2004-08-27 17:50:57 +00:00
atatat
c41b76304f Quieten stat(1) with the -q flag. 
Addresses PR bin/26711.
 2004-08-19 04:44:10 +00:00
mycroft
7d2e1537c5 Add an _rc_subr_loaded variable, set to ":" by rc.subr. Scripts can use this 
for a speedup by doing:
$_rc_subr_loaded . /etc/rc.subr
 2004-08-13 18:08:03 +00:00
lukem
5d87974ec4 Search /usr/lib/i18n and /usr/X11R6/lib for obsolete minor shared libraries. 2004-08-12 13:32:37 +00:00
lukem
a5e99ebea6 * Implement obsolete_paths() to obsolete the paths provided on stdin. 
(based on the guts of do_obsolete().
* Implement obsolete_libs() to print a list of obsolete minor/teeny
  shared libraries in the provided directory.
  The implementation supports removing old major libraries similar to
  src/lib/checkoldvers (except this correctly matches more stuff), but
  there's no way to enable that at this time.
* do_rc(): convert to obsolete_paths() to remove old rc.d scripts.
* do_obsolete(): convert to obsolete_paths().  add obsolete_libs() for
  /lib and /usr/lib to remove old minor/teeny shared libraries.
* Clean up the usage.
 2004-08-12 02:30:23 +00:00
simonb
c0760527d2 Add Multicast DNS on port 5353 (from the IANA list). 2004-08-09 05:24:38 +00:00
atatat
8fb0a9f1ca Switch the check to see if the corresponding db file needs to be 
rebuilt from "newer than" to "not older than".  The latter check also
manages to take into account cases where the db file doesn't yet exist
because the source is "not older than" something that doesn't yet
exist.
 2004-08-08 17:41:15 +00:00
bouyer
dc32cbc366 Add atabus devices. 2004-08-01 21:52:09 +00:00
mrg
04f2810d39 add an entry for spif(4). 
this uses a different name for the parallel ports than the openbsd
port otherwise they conflict with the magma parallel ports and you
would be unable to have both a spif and magma installed at the
same time.
 2004-08-01 10:43:47 +00:00
he
e92ef40b67 Now that one can choose boot image for i386 to produce a slightly 
different cd-rom image (e.g. using the INSTALL_LAPTOP-derived boot
image), make it possible to add a string to the cd-rom image name
by setting the optional environment variable CDROM_NAME_ADD.
 2004-07-28 11:35:44 +00:00
thorpej
fa4f012f1e Add a: to the getopt string so that the -a option is actually recognized. 2004-07-25 01:37:14 +00:00
tron
8849562832 Add new kernel configuration for ACPI based SMP systems which can also be 
used to utilize Hyper-Threading.
 2004-07-23 17:57:41 +00:00
he
3d7c07bfa4 Allow the user to specify which file system image to use as the 
boot image of the CD-ROM via the CDROM_BOOT_IMAGE variable.  The
user may want to create a bootable image with bootlap-big.fs which
uses the INSTALL_LAPTOP kernel configuration instead of the default
boot-big.fs image which uses the INSTALL kernel configuration.
 2004-07-23 15:25:04 +00:00
lukem
610ee5bd6f Merge /etc/mtree/special & /etc/mtree/special.local using "mtree -M". 
This allows users to override mtree/special entries in mtree/special.local,
which is useful if you've replaced a directory with a symlink (for example).
This effectively makes $check_mtree_follow_symlinks=YES pointless, but
I'm retaining that for compatibility reasons.

Fix bug in generation of $MPBYUID (used "/^+/" instead of "/^\+/" as a regex),
which has existed for a long time but only failed with our awk; GNU awk seems
to have permitted this.  (This meant that the duplicate UID check was broken
when using our awk.)

Rename some temp files to more accurately reflect their purpose, to
aid debugging.
 2004-07-23 06:12:16 +00:00
mycroft
ecb1a2e0ed There is really just no point in having every root login get spamming with 
syslog crap.  Goodbye.
 2004-07-23 03:45:42 +00:00
atatat
d2dd73eec2 More better description of current state of sendmail stuff in more 
places.  This is intended to make some people a tad happier.
 2004-07-22 03:44:12 +00:00
atatat
e0fb433b4f Add one more check to the sendmail auto-start heuristic: check the 
value of MTAHost in the submit.cf.  If it doesn't indicate localhost,
we probably don't need the sendmail listener.

Addresses PR bin/26391.
 2004-07-22 03:36:29 +00:00
atatat
89fc8be761 Change the default settings for sendmail. 
(1) The stock sendmail.cf will only listen on the loopback interface.
(2) The stock submit.cf specifally connects to "localhost." which
    should be less susceptible to being confused or looking confused.
(3) The smtp listener starts by default, if needed.  The setting in
    /etc/default/rc.conf is still "no", but rc.d/sendmail detects the
    default setting and will change it to yes if need is determined.

Need is defined as "nothing else seems to have been changed about the
mail configuration but we'd like locally originated and locally
destined mail to be delivered".  If you change, eg, mailer.conf to
point to postfix or some other MTA, sendmail will not start.
 2004-07-15 03:47:18 +00:00
atatat
5f89bdd921 Make the directory into which crash dumps are saved into something 
that can be controlled via rc.conf.  The default is, of course,
/var/crash.
 2004-07-15 03:29:55 +00:00
tsutsui
c2e5d3b127 Make lpt devices. 2004-07-14 14:16:14 +00:00
wiz
bad83f3d79 Add locale/nb for texinfo-4.7. 2004-07-12 23:55:33 +00:00
uch
8120bbbeda run getty on /dev/ttyE0 by default. 
otherwise, user can't start X server.
 2004-07-11 16:08:55 +00:00
fredb
ee2f9a6e6f Add mention of Portuguese builtin keyboard map. 2004-07-06 04:02:05 +00:00
lukem
20fd132b8d * Add BEFORE: SERVERS, so state is restored much earlier in the boot sequence. 
* REQUIRE: isdnd, so this will be shutdown before that, to prevent
  future problem if isdnd eve gets an explicit "shutdown" keyword.

Per discussion with Martin Husemann.
 2004-07-05 08:21:15 +00:00
martin
ebdc55a49e Make sure "downinterfaces" comes first - this means on shutdown this 
script will run before downinterfaces destroys all state we try to
save here.
 2004-07-05 07:53:03 +00:00
martin
81b4ff7c8b PR bin/26142: add defaults for $pf and $pflogd. 2004-07-04 13:59:34 +00:00