and links exist:
${named_chrootdir}/usr/libexec/named-xfer
${named_chrootdir}/dev/null
${named_chrootdir}/etc/localtime
/var/run/named.pid -> ${named_chrootdir}/var/run/named.pid
/var/run/ndc -> ${named_chrootdir}/var/run/ndc
and then start named with the appropriate options to run chroot(2)ed
under $named_chrootdir as user named group named.
to take advantage of this, an admin should copy /etc/namedb ->
${named_chrootdir}/etc/namedb, and set named_chrootdir in /etc/rc.conf.
[dev/null & etc/localtime setup inspired by openbsd. i already had the rest]
"kdc" (since you might want to use IPsec on your Kerberos server,
and might be using GSSAPI to authenticate Phase 1) and "ppp" (since
racoon(8) needs to know about all of your network interfaces).
Despite that /etc/amd.conf is now the default configuration file, it needs
to be defined if you supply other options when you start amd, so add it here.
introduce syntaxical ambiguousity, and having concatenation with && or
|| costs nothing because our sh(1) has test(1) builtin.
- use elif construct to avoid dungling else-ifs.
- while-read construct does not need enclosed by a sub-shell.
- variable detection could be done in eval args=\$ifconfig_$int
- smart variable substitution occationally saves lines and extra command
invocations.
implicitly using $name if $rcvar isn't set), and always perform this check,
even when using start_cmd (et al).
this check is performed before the pidcmd
is run, speeding up scripts that weren't going to be run anyway.
this should speed up booting slow systems.
- take advantage of the above and remove
start_precmd="checkyesno foo"
in scripts that use start_cmd.
- explicitly set rcvar=foo in the rc.d/foo scripts which have an equivalent
rc.conf entry
- fix `rcvar' and `restart' when $rcvar isn't set.
these above changes fix PR [bin/11027].
- when doing `force*', ignore the return value of *_precmd.
this fixes PR [bin/10781].
- rename what sysdb provides from `databases' to `sysdb', to reflect
the name of the script.
- improve the comments in rc.subr
the latter depends upon aftermountlkm (but is required by DAEMON), so that
lkms may be loaded before the securelevel is raised.
noted by Rafal Boni <rafal@mediaone.net> in [bin/10780]
lukem