* We now use hash tables instead of a list to store the in kernel
fingerprints.
* Fingerprint methods handling has been made more flexible, it is now
even simpler to add new methods.
* the loader no longer passes in magic numbers representing the
fingerprint method so veriexecctl is not longer kernel specific.
* fingerprint methods can be tailored out using options in the kernel
config file.
* more fingerprint methods added - rmd160, sha256/384/512
* veriexecctl can now report the fingerprint methods supported by the
running kernel.
* regularised the naming of some portions of veriexec.
- Add xen devices to MAKEDEV
- Add Xen kernels to list of kernel to build
- Add INSTALL_XENU to the install kernels
- introduce the xbd disk devices to sysinst.
This will add 3 kernels to the i386 release:
XEN0 for use as a Xen domain0 kernel
XENU for use on a non-privileged domain
INSTALL_XENU to install NetBSD on a non-privileged domain virtual disk.
Support '-s /path/to/etc.tgz' which extract the file to a scratch directory
and run the contained version of postinstall against that directory.
This saves about 5 tedious steps which I've done by hand when updating,
and the expense of some minor CPU time on each invocation of this method.
XXX: postinstall needs a man page. pkill -HINTHINT wizd
makes the field overflow even on archs where ${MACHINE} is pretty short.
Also rearange MKISOFS_FLAGS so that they default to -quiet unless the
user explicitly asks for -v. Add -hide-joliet-trans-tbl to get rid of
the TRANS.TBL files on modern OSs.
node, and use it as a reasonable default when no -A option is passed.
The difference is, modload(8) prefers /dev/ksyms rather than the sysctl
node, which is the behaviour we really want.
Unconditionally passing -A in rc.lkm prevents the loading of inter-
dependent modules from rc.d, as reported by Jeff Rizzo on netbsd-users.
process (we're -- probably inappropriately -- waiting for the kernel to do
that at the end), so cgdconfig -U won't do much until that situation changes.
SMDK2410/2800 now have install kernels.
CVS: ----------------------------------------------------------------------
CVS: CVSROOT cvs.NetBSD.org:/cvsroot
which if true prevents existing but changed files from being updated.
Reimplement compare_dir() in terms of populate_dir() ($onlynew=false)
Reenable do_pam() and use populate_dir() instead of compare_dir().
This allows missing etc/pam.d files to be installed with "fix", but
leaves (possibly end-user) modified files alone.
headers and LKM.
Add MKPF; if set to no, don't build and install the pf(4) programs,
headers, LKM and spamd.
Both options default to yes, so nothing changed in the default build.
Reviewed by lukem.
added to the CD-ROM (only if they exist), as proposed on tech-install
and tech-toolchain without objections. Note, this will "bloat" the CD-ROM
image if you have done a "./build.sh sourcesets". If you don't want that,
just move "source" out of ${RELEASEDIR} for the "make iso-image".
of the appropriate configuration file.
Based on PR 28757 from Jason White.
* Add comments explaining why we flush separately from the reload
(backwards compat with older ipf(8) binaries).
some files were imported to the different places from the previous version.
v3_5:
etc/pf.conf
etc/pf.os
etc/spamd.conf
share/man/man4/pf.4
share/man/man4/pflog.4
share/man/man5/pf.conf.5
share/man/man5/pf.os.5
share/man/man5/spamd.conf.5
v3_6:
dist/pf/etc/pf.conf
dist/pf/etc/pf.os
dist/pf/etc/spamd.conf
dist/pf/share/man/man4/pf.4
dist/pf/share/man/man4/pflog.4
dist/pf/share/man/man5/pf.conf.5
dist/pf/share/man/man5/pf.os.5
dist/pf/share/man/man5/spamd.conf.5
correctly on ipf(8) from prior to 4.1.3 (where -Fa flushes both protocols)
and 4.1.3 (where -Fa only flushes the current protocol).
Fix from Kimmo Suominen, per private discussion.
The Iyonix is a desktop machine from Castle Technology, based on a 600MHz
XScale[tm] 80321 processor.
* Uses the bootloader from NetBSD/acorn32, which is now 32-bit compatible.
* Currently boots multiuser with a serial console.
* Device support is not yet complete.
With help from abs.
load_rc_config_var cmd var
to load the rc.conf(5) configuration for cmd and set var in the
current shell, using 'load_rc_config var' in a sub-shell to avoid
unwanted side-effects.
* Improve required_vars warning message.
the diffs and possibly install the new version of file.
(Based on sshd_config munging code in do_ssh())
* Use modify_file() in do_hosts() and do_ssh().
* Be more specific in do_x11() about what needs to occur.
(This could still be improved).
* Minor sh cleanups. ("sh is not C")
(based on the guts of do_obsolete().
* Implement obsolete_libs() to print a list of obsolete minor/teeny
shared libraries in the provided directory.
The implementation supports removing old major libraries similar to
src/lib/checkoldvers (except this correctly matches more stuff), but
there's no way to enable that at this time.
* do_rc(): convert to obsolete_paths() to remove old rc.d scripts.
* do_obsolete(): convert to obsolete_paths(). add obsolete_libs() for
/lib and /usr/lib to remove old minor/teeny shared libraries.
* Clean up the usage.
rebuilt from "newer than" to "not older than". The latter check also
manages to take into account cases where the db file doesn't yet exist
because the source is "not older than" something that doesn't yet
exist.
this uses a different name for the parallel ports than the openbsd
port otherwise they conflict with the magma parallel ports and you
would be unable to have both a spif and magma installed at the
same time.
different cd-rom image (e.g. using the INSTALL_LAPTOP-derived boot
image), make it possible to add a string to the cd-rom image name
by setting the optional environment variable CDROM_NAME_ADD.
boot image of the CD-ROM via the CDROM_BOOT_IMAGE variable. The
user may want to create a bootable image with bootlap-big.fs which
uses the INSTALL_LAPTOP kernel configuration instead of the default
boot-big.fs image which uses the INSTALL kernel configuration.
This allows users to override mtree/special entries in mtree/special.local,
which is useful if you've replaced a directory with a symlink (for example).
This effectively makes $check_mtree_follow_symlinks=YES pointless, but
I'm retaining that for compatibility reasons.
Fix bug in generation of $MPBYUID (used "/^+/" instead of "/^\+/" as a regex),
which has existed for a long time but only failed with our awk; GNU awk seems
to have permitted this. (This meant that the duplicate UID check was broken
when using our awk.)
Rename some temp files to more accurately reflect their purpose, to
aid debugging.
(1) The stock sendmail.cf will only listen on the loopback interface.
(2) The stock submit.cf specifally connects to "localhost." which
should be less susceptible to being confused or looking confused.
(3) The smtp listener starts by default, if needed. The setting in
/etc/default/rc.conf is still "no", but rc.d/sendmail detects the
default setting and will change it to yes if need is determined.
Need is defined as "nothing else seems to have been changed about the
mail configuration but we'd like locally originated and locally
destined mail to be delivered". If you change, eg, mailer.conf to
point to postfix or some other MTA, sendmail will not start.
* REQUIRE: isdnd, so this will be shutdown before that, to prevent
future problem if isdnd eve gets an explicit "shutdown" keyword.
Per discussion with Martin Husemann.
* most files are installed with CONFIGFILES (from bsd.files.mk)
* empty files are created in a cleaner fashion
* MAKEVERBOSE is supported for the remaining custom items
that the Macbinary files in the "misc" directly are now directly executable
from within Mac OS. This solves a "chicken-and-egg" problem: you can't even
distribute a tool to unpack the archives on a plain ISO image, as the
executable code is all in the resource fork on mac68k. In other words, a
user can now begin the installation by simply double-clicking on the Booter
program on the CD-ROM.
gaps in the sequence of minor numbers as we allocate ptys. Having gaps
has 2 bad side effects:
- ptm does not like it
- we allocate a lot of storage that we'll never use in the pty array
(the current scheme allocated 62 ptys 0-15,256-301, so we needed
302 entries to get 64).
Now we allocate ptys in groups of 16 or 14 instead of 64, and we follow
the minor number order.
We default to 64 pty's by building pty0-3, which is all using the old
traditional pty names. Of course to do this, the shell code is a bit
convoluted.
/etc/X11/<foo>, where <foo> is one of:
fs lbxproxy proxymngr rstart twm xdm xinit xserver xsm
(I haven't implemented automatic migration at this time; it's too fragile
given that /etc/X11 may already exist on some systems)
* End user modifiable configuration has moved from
/usr/X11R6/lib/X11/<someprog>
to
/etc/X11/<someprog>
This is consistent with our own policies as well as other projects.
The files & directories that were moved have _NOT_ been marked
`obsolete', as they contain user configuration and therefore we
don't want the automatic "obsolete file removal" mechanism to
remove them.
* The /etc/font/* and /etc/X11/* configuration files are installed
with 'configinstall' (not 'install'), using CONFIGFILES and
CONFIGSYMLINKS.
This is so that a normal 'make build' in src/x11 will not
trash your configuration.
* A 'distribution' target has been added to src/x11 to perform
'make configinstall' in the appropriate subdirectories.
(Should we consider making 'configinstall' a first-class target?)
* The xdm pixmaps have have been moved to /usr/X11R6/include/X11/pixmaps
where the other pixmaps are.
(I don't consider these pictures end-user configuration).
IMPORTANT NOTE:
* These changes require an up to date xsrc, and 'make cleandir' should
be performed in src/x11 before a build for the changes to fully take
effect.
target) instead of using home-grown 'distribution' targets or using
FILES with the 'install' target.
Add some etc/ subdir Makefiles where appropriate.
XXX: some of etc/Makefile install-etc-files could be converted to CONFIGFILES.
(All paths are relative to usr/X11R6)
* Obsolete:
bin/fontconfig-config
* Add directories:
lib/X11/locale/zh_CN.UTF-8
lib/X11/xkb/geometry/ibm
* Rename include/freetype2/ft2build.h to include/ft2build.h and obsolete former
* Add files:
fonttosfnt(1) program & man page
include/expat.h
lib/X11/app-defaults/XClock-color
lib/X11/fonts/TTF/Vera*.ttf
some font encodings
zn_CN.UTF-8 locale
some font encodings
various xkb config files
lib/X11/xedit/lisp/progmodes/patch.lsp
Xfontcache(3) and various links
XDGA(3) and various links
XRes(3) and various links
Xss(3) and various XScreenSaver*(3) links
* Add some more TODO items
* Clean up lib/expat build now that the version is hard coded.
which may have been introduced by booting a netbsd-current kernel
from between April of 2003 and January 2004. For more information
see <http://mail-index.NetBSD.org/current-users/2004/01/11/0022.html>
This script was developed as a response to NetBSD pr install/25138
This should not be added to the Makefile or the default install until
it has been further tested
(cd ${.CURDIR}/somedir && ${MAKE} AVAR=value atarget)
to
${MAKEDIRTARGET} somedir atarget AVAR=value
which results in a "prettier" display of these operations
name where the user should look at for documentation about rcvar. It defaults
to 'rc.subr(5)', as rc.subr is mainly used by rc.d scripts.
This variable is useful to let the daily, weekly, monthly and security scripts
tune the warning message shown when any of the variables they handle is not
properly set.
Closes PR misc/23908.
Therefore, we need to cd to ${.CURDIR} before re-invoking ${MAKE} so
that it can find the Makefile.
Also, pass ${MFLAGS} to ${MAKE} so that we pick up the source tree's
makefile fragment, not the host system's fragments, so that this
works properly on older NetBSD host systems, as well in other
cross-compile contexts.
MD MAKEDEV.conf into the generated file
don't copy the 'PLEASE RUN ...' paragraph to the generated file
don't copy the list of individual devices to the generated file -
the info is available in MAKEDEV(8) for those who need it
Hopefully I didn't make too much of a hash of the postinstall support for
this; it currently installs the file if there's none in the destination,
and elsewise notes if the CVS version differs (or is missing) but doesn't
try to fix that.
${rcvar}=yes yet all the other prerequisite tests are still performed.
The existing ``force'' prefix is a sledgehammer that ignores all the
prerequisite checks and always returns a zero exit status; this is a
more gentle approach to the problem of "manipulate this disabled
service without editing rc.conf(5)".
Add "iscsi-target" at 3260/tcp as per iana. Add "iscsi-rfc" at
860/tcp. Modify comment on "iscsi" service to indicate that it
should move to 860/tcp after the iSCSI RFC gets released. iscsi-rfc
should be removed at that point.
The problem with the iscsi service at present is that all through
draft development, everyone used 3260. As part of the RFC publishing,
the port number will be changed to 860. However no one has started
to use the new port number yet, so it's premature to switch yet.
information about the build, and "install-release-info" to install it.
(The latter will be invoked by src/Makefile)
Based on work by Hubert Feyrer <hubertf@> and the "params" target in
src/Makefile.
at boot automatically, so a machine dual booting another OS that uses
the RTC at localtime and NetBSD agree on the current time even if daylight
saving started/ended (without recompiling a kernel twice per year).
Awk code by Matt Thomas.
isn't enabled.
This is how the rc.d system works in conjunction with our current build
and install system; all the rc.d scripts are installed even if the
subsystems they control are not.
* Use "mknod -F netbsd -r" to create nodes, instead of
"rm ; mknod; chmod; chown".
This means permissions & ownership of existing nodes will
not be changed.
This is up to 30% faster when populating an empty /dev,
and nearly 2x faster when re-running on an existing /dev.
* New options:
-f force change of permission & ownership of existing
devices
-m mknod override name/path of mknod program
(which defaults to $TOOL_MKNOD, then "mknod").
-s generate mtree(8) specfile instead of creating devices
* Remove /usr/etc from $PATH; not needed anymore.
* Provide functions to create devices & directories:
mkdev name [b|c] major minor [mode{=600} [gid{=0} [uid{=0}]]]
create device node `name' with the appropriate permissions
lndev src target
create a symlink from src to target
makedir dir mode
create directory with appropriate mode
* UIDs and GIDs are hardcoded in at MAKEDEV generation time.
(Unfortunately there's not a simple way of determining a GID
a la "id -n user" for determining a UID).
This was tested by generating MAKEDEV for each MACHINE,MACHINE_ARCH
combination and comparing the results of "MAKEDEV all" from the
previous version to the new one.
(This testing actually highlighted mistakes in the previous configuration!)
Simplify distrib/common/Makefile.makedev to use "MAKEDEV -s"
instead of -v ETCDIR.
* Parse $NETBSDSRCDIR/etc/{master.passwd,group} to build a list of
user->uid and group->gid mappings, and replace %uid_XXX% and %gid_XXX%
appropriately.
* Whitespace & regex tweaks.
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.
* move kerberos- and kerberos 4-only files into new flists,
distrib/sets/lists/*/krb.*
* make the flist generators grok MKKERBEROS{,4} variables
* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
9 out of 10 experts agree that it is ludicrous to build w/
KERBEROS4 and w/o KERBEROS5.
* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.
* omit some Kerberos-only subdirectories from the build as
MKKERBEROS{,4} indicate
(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly. That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles. While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
Uses a hook in spec_strategy() to save data written from a mounted
file system to its block device and a hook in dounmount().
Not enabled by default in any kernel config.
Approved by: Frank van der Linden <fvdl@netbsd.org>
print a summary rather than the full (and not usually desired) output
of netstat -inv. The old behavior can be returned by simply setting
full_netstat to YES in daily.conf.
Original idea by me, cleaner and more correct execution via small awk
script from Greg Woods.
add some example country codes, and use disjoint CNAMES by default, as
discussed in PR misc/23283 (by Adrian 'Dagurashibanipal' von Bidder),
the pool.ntp.org mastermind and maintainer).
- use ttyC[0123] for DCA and APCI with MI com(4)
- use ttyM[0-f] for DCM instead of tty0[0-f] to avoid confusion with MI com(4)
- create the foloowing symlnks to compatibility:
tty0 -> ttyC0 (for DCA)
ttya0 -> ttyC1 (for APCI)
ttya1 -> ttyC2 (for APCI)
ttya2 -> ttyC3 (for APCI)
tty0? -> ttyM? (for DCM)
- note the above symlinks should be removed after the next release
As per discussion on recent port-hp300 (ok'ed by thorpej).
When /dev is an fdesc, and /dev/tty is stat()ed without a controlling tty,
a "Device not configured" error is returned.
Filter mtree's stderr to ignore this error.
If fdesc is fixed to not behave in this fashion, this workaround can
be removed; bin/12900 should remain open until that time.
Make ls -A explicit, to help n debugging when not run as root
(-A is implied when ls is run as root)
Ignore dotfiles, as they are not mailboxes (e.g. .jhawk.pop)
lukem