Use /var/db/obsolete instead of /etc/obsolete
etc/Makefile:
Create separate target "install-obsolete-files" to populate
/var/db/obsolete, instead of using "install-etc-files".
Makefile:
Add do-obsolete target, to run "cd etc && make install-obsolete-files",
and add this to BUILDTARGETS.
This moves the "obsolete files" creation from "distribution" to "build".
Per discussion with Andrew Brown.
Default diff_options to -u, for unified-format context diffs,
because context is essential to a useful evaluation of differences.
This represents a behavior change.
Implements change-request PR security/17247 from
Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
* Improve message display in find_file_in_dirlist()
* do_obsolete(): instead of running distrib/sets/makeobsolete to
temporarily generate the obsolete sets lists, look for them in
${SRC_DIR}/etc/obsolete/* or ${DEST_DIR}/etc/obsolete/*.
The obsolete check now works for "extracted etc.tgz" as the source dir.
etc/Makefile (install-etc-files), distrib/sets/lists/*
* Install obsolete set lists into /etc/obsolete/
* Tweak how pwd_mkdb files are added to METALOG
distrib/sets/makeobsolete
* Don't bother with "_obsolete" suffix on generated file names.
the state table, making it much more useful.
The behaviour of 'restart' is unchanged (flush state table and reload
rules), but is now done slightly more elegantly.
ok'd by lukem.
The old behaviour caused problems when /home is a symlink on a system
and pax is used to extract base.tgz or "installworld" the base set
(because pax will remove the symlink before creating the now-empty
directory). It also made it more difficult for a site that wants
permissions on /home to be something other than what the NetBSD
defaults are.
For sites which want /home, it's a "once off" operation to create it,
and "useradd -m" (with the default "base-dir" of /home) will create
it anyway.
This resolves PR [install/19673], as well as being more consistent
with our defacto policy of "not stomping on stuff we don't need to".
check_passwd_nowarn_shells Don't warn about these non-/etc/shells shells
check_passwd_nowarn_users Don't warn about these users
check_passwd_permit_star Don't warn about "*" in the $2 field
Behavior change: check_passwd_nowarn_shells defaults to /sbin/nologin and
/usr/libexec/uucp/uucico, so that it will not warn about the default
master.passwd.
The rationale here is that an administrator who chooses to permit these
warnable conditions should not be warned about them day after day, yet
should not be forced to disable check_passwd entirely.
check_passwd_permit_star is primarily of interest to sites who use *'d
entries for Kerberos or ssh logins, despite the fact that we permit
"*ssh" (etc.) for this purpose (legacy).
(Using partition f to boot, since that is the default on sparc64
machines and we don't have to consider conflicts for single arch CDs -
this means "boot cdrom" just works)
- Add ${.CURDIR} to various rules.
- Remove the ${KERNOBJDIR} (sys/arch/${MACHINE}/compile) objdir creation
from here.
- Rework iso-image to copy temporary files (such as kernels or boot files)
into a temporary directory instead of stomping over ${RELEASEDIR}, and
use mkisofs -graft-points to merge the temporary directory and
${RELEASEDIR}/${MACHINE}.
NOTE: mkisofs 2.0 is highly recommended for functioning -graft-points
- Add some more comments
- add '-D ${DESTDIR}' to INSTPRIV, so install(8) removes the leading
${DESTDIR} from the metalogged path
- provide ${METADB.add} variable (for "${CAT} -l >> ${METALOG}"), to make
it easier to replace manual metalog manipulation in the future.
- with manual metalog additions, don't add the leading ${DESTDIR} in the path
- in maketars, use "mtree -C ..." instead of
"mtree -D ... | sed -e 's,\(.*\) \(\..*\),\2 \1,";
Benefits:
- maketars "Parsing METALOG" step speeds up from 29 seconds to 1.2 seconds
on a P3-600.
(This also benefits "make installworld" at the top level.)
- ${DESTDIR}/METALOG is easier to read without the leading "${DESTDIR}"
on all the pathnames, and it's smaller as well.
or the command with an interactive question. (This also prevents
weird problems if a directory element of '-f path' is missing and
'make -j N' is being used).
MD disktab where possible (everything but vax)
the MD disktab was often either empty, or contained entries even for disks
which support geometry autodetection (SCSI), and/or non-interesting/long
obsolete entries
the old records are still available in example disktab in
/usr/share/examples/disktab/disktab in case anyone would need them
remove special ttyaction hook from etc/etc.sun[23]/Makefile.inc, it's no longer
needed
ld.so.conf is ${MACHINE}-specific, the code happened to work for i386 and sparc
only because ${MACHINE} == ${MACHINE_ARCH} there
remove basesrc/etc/ld.so.conf and its special vax/ns32k/m68k hook in Makefile -
vax & m68k are ELF now, and ns32k doesn't need to be handled here
for all platforms.
- remove now unnecessary replicated code in the various snap_md_post targets
- remove snap_md_pre; nothing uses it any more
- use ${NETBSDSRCDIR} and ${KERNSRCDIR} as appropriate
most machines, but ones that are slept overnight (like laptops) will
no longer suddenly have all overnight jobs start simultaneously upon
awakening, rendering the machine useless. I thought I had done this
long ago, but it turned out I'd only done it for my own machines.
which bits to build, and to allow "make -j N" actually do something in
parallel:
- build_kernels: for each of ${ALL_KERNELS}, create kern-${NAME} target
which configures & builds the kernel ${NAME}.
- build_kernsets: for each of ${KERNEL_SETS}, create kernset-${NAME} target
to create ${RELEASEDIR}/binary/sets/kern-${NAME}.tgz
- build_releasekernels: for each of ${KERNEL_SETS} ${EXTRA_KERNELS}, create
${RELEASEDIR}/binary/kernel/netbsd-${NAME}.gz (et al)
(The latter two .WAIT until build_kernels has completed)
Supports either ${SRCDIR}/crypto/dist/ssh (if using -s on a src tree)
or ${SRCDIR}/etc (if using -s on an extracted etc.tgz set) for the
"source" location of moduli.
needed to fully support the "new distrib world order"):
* remove unnecessary trailing ;
* clean up whitespace
* remove unnecessary chown root or chgrp wheel directives; older code here
didn't bother doing this, so why be inconsistent
* don't barf when we have fdesc mounted; just skip the devices fdesc provides
* when making directories, don't use -p and don't redirect stdout to /dev/null
* add /dev/fd/* support [hp300]
* convert to new pty generation [hp300]