* add enss* to ss*
* md* is root.operator 640 not root.wheel 600
* use ${i#...} instead of `expr ...`
* use 'sh $0.local' not 'sh MAKEDEV.local'
* warn on invalid devices
* st* has perms 660 not 640
* use $0 not MAKEDEV
* add enss* to ss*
* remove superfluous use of umask
* ensure umask is reset after running MAKEDEV.local
- clean up comments and generated output.
- clean up $SECUREDIR if SIGINT or SIGQUIT received.
- .rhosts may have to be world readable in NFS environments, so allow it to be.
- update list of disks to check for reasonable permissions
- don't show differences in /etc/master.passwd, as the encrypted strings may
be sent. From reading comments earlier in the script, this was the intention
anyway. Fix from Jim Bernard <jbernard@tater.mines.edu> in [security/3994].
- when checking /etc/ftpusers, skip comment lines and only match full
usernames.
XXX: this should be enhanced to check lines of the enhanced ftpusers format.
an interface to first time its address is referenced. Therefore:
* configure lo0 before all other interfaces (rather than afterwards).
* don't explicitly add a route from `hostname` to localhost
names for the lower density minor dev numbers. My shell code would
even work for a wt1 device, but I would seriously pity anyone trying
to get two of these things to work on one machine. Heck, no one should
even try to use ONE wt device.
Really weird bug. On inspection, the shell code in rc looked fine, but
when tested, sure enough, the semantics of the shell were not what I
thought they were. Very unexpected to me, and obviously to the
hundreds of people who must have read those lines without seeing that
they were broken.
2) substantial cleanup. In particular, I got rid of lots of
egregiously obsolete entries, and I got rid of obsolete
capabilities in the only mostly obsolete entries, etc.
loads before netstart this time.
LKMs can be loaded at 3 strategic places in /etc/rc - before netstart,
before "mount -a" and after all. "before netstart" works only if
the /usr filesystem is local (or on NFS, if root is too).
An additional field ("when") in lkm.conf controls when the LKM is
loaded.
block-type devices are available during disk checks, which may consume
large amounts of memory if large file systems are present. Once "critical"
file systems (e.g. /usr and /var) are mounted, perform a "swapctl -A -t noblk"
to enable swapping on any swap files that may be listed in /etc/fstab.
