* We now use hash tables instead of a list to store the in kernel
fingerprints.
* Fingerprint methods handling has been made more flexible, it is now
even simpler to add new methods.
* the loader no longer passes in magic numbers representing the
fingerprint method so veriexecctl is not longer kernel specific.
* fingerprint methods can be tailored out using options in the kernel
config file.
* more fingerprint methods added - rmd160, sha256/384/512
* veriexecctl can now report the fingerprint methods supported by the
running kernel.
* regularised the naming of some portions of veriexec.
process (we're -- probably inappropriately -- waiting for the kernel to do
that at the end), so cgdconfig -U won't do much until that situation changes.
of the appropriate configuration file.
Based on PR 28757 from Jason White.
* Add comments explaining why we flush separately from the reload
(backwards compat with older ipf(8) binaries).
correctly on ipf(8) from prior to 4.1.3 (where -Fa flushes both protocols)
and 4.1.3 (where -Fa only flushes the current protocol).
Fix from Kimmo Suominen, per private discussion.
rebuilt from "newer than" to "not older than". The latter check also
manages to take into account cases where the db file doesn't yet exist
because the source is "not older than" something that doesn't yet
exist.
(1) The stock sendmail.cf will only listen on the loopback interface.
(2) The stock submit.cf specifally connects to "localhost." which
should be less susceptible to being confused or looking confused.
(3) The smtp listener starts by default, if needed. The setting in
/etc/default/rc.conf is still "no", but rc.d/sendmail detects the
default setting and will change it to yes if need is determined.
Need is defined as "nothing else seems to have been changed about the
mail configuration but we'd like locally originated and locally
destined mail to be delivered". If you change, eg, mailer.conf to
point to postfix or some other MTA, sendmail will not start.
* REQUIRE: isdnd, so this will be shutdown before that, to prevent
future problem if isdnd eve gets an explicit "shutdown" keyword.
Per discussion with Martin Husemann.
target) instead of using home-grown 'distribution' targets or using
FILES with the 'install' target.
Add some etc/ subdir Makefiles where appropriate.
XXX: some of etc/Makefile install-etc-files could be converted to CONFIGFILES.
which may have been introduced by booting a netbsd-current kernel
from between April of 2003 and January 2004. For more information
see <http://mail-index.NetBSD.org/current-users/2004/01/11/0022.html>
This script was developed as a response to NetBSD pr install/25138
This should not be added to the Makefile or the default install until
it has been further tested
cjs