Commit Graph

3476 Commits

Author SHA1 Message Date
tsarna
cd41b5d099 add _rwhod user (and group) 2005-09-12 16:21:56 +00:00
rpaulo
0a8fc88cf5 Remove the localhost ip6.int example since, as per RFC 4159, ip6.int is
now depreciated.

Discussedon tech-net.
2005-09-01 14:02:01 +00:00
tron
f851540ac2 Move "named.conf" example configuration to "/etc" because that is where
named(8) looks for it. You can now really get a caching name server
by simply setting "named=yes" in "/etc/rc.conf" as documented in
The NetBSD Guide. This fixes PR bin/30662 by Christian Hattemer.
2005-08-30 10:58:33 +00:00
peter
9c1da17e90 pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.

Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.

No objections on: tech-security
2005-08-23 12:12:56 +00:00
perry
15e3f0cc19 Small ugly hack -- sed "Mounted on" to "Mount" so that the df line
fits in <80 columns.

We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.
2005-08-22 14:24:45 +00:00
perry
9e84da172c Make max_loginlen and max_grouplen 16.
We've handled 16 character logins for quite some time, and we even
have packages that create >8 character accounts. There is no point in
pretending the limit is 8 any more by default.

Discussed (very lightly -- there was little comment) on tech-userlevel
2005-08-22 14:09:23 +00:00
rpaulo
82bdaacb4f Adapted to the changes of grfinfo(1) MANSUBDIR (hp300). (thanks Klaus Klein) 2005-08-20 17:23:53 +00:00
drochner
35a754577f add SIP
(not going to import everything from IANA, but this is an increasingly
popular one)
2005-08-16 19:41:01 +00:00
peter
ad9c34ce5c Changes suggested by lukem:
1. Order pf to start before the network is configured.

2. If the pf_rules cannot be found at boot time, abort the boot (from the
   ipfilter script).
2005-08-10 13:52:05 +00:00
peter
c9c458f33c Add command_args="-D" to the ftpd rc.d script. This flag is always needed
when running ftpd as daemon and it will now automatically be appended to the
command line, even if ftpd_flags doesn't have it.

Suggested by Alan Barrett and Luke Mewburn, thanks.
2005-08-09 14:59:33 +00:00
peter
c100ff5b4d Add "-ll" to ftpd_flags to be consistent with the entry in inetd.conf.
Suggested by lukem@.
2005-08-08 00:20:46 +00:00
peter
9cfba4bb75 Add a note telling that ftpd_flags should always contain "-D".
Suggested by lukem@.
2005-08-08 00:19:37 +00:00
peter
d0b18db569 Allow to change the location of the pf ruleset with the variable $pf_rules. 2005-08-07 01:03:39 +00:00
chris
3d4b482c1f As requested in PR port-cats/30460 add support for GENERIC.ABLE kernel to
sysinst, and also add the ABLE install kernel to the generated release
kernels.
2005-08-07 00:21:38 +00:00
peter
f74a86ef4f Add the new ftpd rc.d script. 2005-08-04 22:32:44 +00:00
peter
cbc0c4b837 Add defaults for ftpd. 2005-08-04 22:29:01 +00:00
peter
7eb092e6c3 Add rc.d support for standalone ftpd, suggested by perry@. 2005-08-04 22:28:17 +00:00
shige
9bc1bf15c8 Add md-kernel for installation: INSTALL_OPENBLOCKS266. 2005-08-03 14:55:37 +00:00
nakayama
69b6d49897 Add man page for teliosio(4). 2005-07-31 00:12:16 +00:00
skrll
acd7c4c5ca Add a driver for Cypress microcontroller based USB serial adapters.
XXX hw flow control is not supported.
2005-07-30 06:14:49 +00:00
christos
0e7146df89 Improve on the migration bit. Check if files are different, and if not,
remove the source and leave a symlink behind. Otherwise, let the user know.
2005-07-17 21:28:45 +00:00
christos
a2663103c5 Copy and link files to allow a chrooted named to start-up automatically. 2005-07-17 16:30:57 +00:00
kiyohara
c1a84a4d12 ieee1394 import from FreeBSD. 2005-07-11 15:29:05 +00:00
lukem
fccd5bd47c Update permissions of /var/log/wtmp{,x} to match those installed by
etc/Makefile.
Fixes PR 30717 from Jukka Salmi.
2005-07-11 08:41:40 +00:00
macallan
478cf01748 added ttyC00 and ttyC01 fopr the SPARCbook's internal modem and PCMCIA
modems
2005-07-03 18:08:53 +00:00
rpaulo
aafff09728 Add ptyfs to the file-system types ignored by the find_core check.
Ok'ed by Christos Zoulas and Hubert Feyrer.
2005-06-30 18:23:26 +00:00
perry
03c94431fb add /usr/libexec/ching 2005-06-30 12:40:22 +00:00
symka
87283c876e PR/29317: ifconfig.if does not allow parameters with spaces
OKeyd by christos@
2005-06-28 13:36:40 +00:00
peter
df0caa2637 Remove (pf)spamd. Its right to exist in NetBSD has been questioned since it
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.

A port of the latest spamd will be imported into pkgsrc soon.

Suggested by several people, no objections on last proposal on tech-userlevel.
2005-06-27 20:32:39 +00:00
jdc
92c2871701 Make fb a link to fb0.
Add an entry for fb1.
2005-06-24 06:43:40 +00:00
jdc
7a2ed0814d Add an entry for fb1. 2005-06-24 06:43:06 +00:00
elad
68988657cd Don't allow unprivileged users to access the veriexec device. 2005-06-16 15:31:21 +00:00
elad
faffb35d60 Run veriexec before securelevel and sysctl scripts. Suggested by Nino Dehne. 2005-06-15 18:49:40 +00:00
christos
3ccdf9a0d7 default swapoff to yes, and explain why. 2005-06-15 03:34:45 +00:00
he
c4f693fe6b Make a simple fix for inculsion of disklabel.h. Since this script
doesn't do CPP conditionals, just avoid trying to "include" files
in the newly established nbinclude area, the in-tree version in the
normal place should work fine.

Fixes build problem for (among several others) cats.
2005-06-14 20:47:46 +00:00
tron
abba7e56c8 Enable RAIDframe support in the NetBSD-macppc installation media.
Based on patches submitted by Ian Spray in PR port-macppc/30465.
2005-06-09 13:29:57 +00:00
he
82e01bc59d Now that /var/log/wtmp and /var/log/wtmp should have group=utmp,
instruct newsyslog to follow up this when rotating these logs.
2005-06-05 07:33:17 +00:00
bouyer
44d1677f84 Remove support for build.sh -m xen, this has been merged in the i386
build. Pointed out by Chuck Silvers.
2005-05-29 10:54:40 +00:00
blymn
c1a5be3d85 Fix naming of the verified exec character device placeholder. 2005-05-28 14:54:06 +00:00
tsutsui
d4c33e9952 Ecoff kernels are no longer needed. 2005-05-23 13:05:04 +00:00
macallan
d2d9cb8374 added wd* 2005-05-23 00:43:13 +00:00
lukem
1bd2839e9a Consistently use 0664 root:utmp for /var/log/{lastlog,wtmp}{,x}.
Rest of PR 18670.
2005-05-22 14:34:20 +00:00
chs
1c2ca83340 add a ramdisk and LIF image for sysinst-based installation. 2005-05-18 14:04:26 +00:00
chs
408467d27a allow rsh if the user's password is null. from christos. 2005-05-14 15:17:47 +00:00
lukem
e03970d626 correct line for "password" 2005-05-13 02:56:34 +00:00
christos
4aafff6cc5 it makes no sense to check ptyfs for new and gone devices. From Rui Paulo,
many thanks.
2005-05-12 14:02:05 +00:00
peter
7147ba1184 PR/30177: Rui Paulo: /var/chroot/pflogd isn't created by default 2005-05-11 10:41:51 +00:00
martin
7a5b2dfb39 Tweak the iso-image support: avoid arbitrary hardcoded sizes - use awk to
estimate the real size and round up a bit instead. Doesn't matter much, but
produces a "better" sgi volume header.
While there, simplify a few bits and avoid grep|awk pipes.
2005-05-10 21:58:03 +00:00
martin
5f3107ece4 Add wscons virtual consoles 2005-05-02 13:39:54 +00:00
lukem
b26a3203a3 Add /etc/pam.conf and /etc/pam.d/* 2005-05-02 03:23:43 +00:00