- Resurrect /etc/changelist, even if it's an "empty" file by default,
because it's easier to use than /etc/mtree/special.local for adding
a couple of simple files. Back by popular demand (hi @@@! :-)
- Add /etc/rc.d/* to the list of "dynamic" files; this notices changes
in user-added scripts
- Only calculate the mtree -I nomail list once, and re-use
- Use "cat foo | while read file" instead of "for file in `cat foo`" ;
handles whitespace better...
Features:
- Add a bunch of stuff to /etc/mtree/special to enable removal of
/etc/changelist:
- files which we want to monitor for changes but don't want to
see the diffs of (master.passwd, ssh_host_key, ...) are
tagged with "nomail"
- files which we don't want to monitor are tagged with "exclude"
(such as netgroup.db, kvm.db, ...)
- monitor /etc/mtree/special.local, /root/.ssh/*
- remove /etc/changelist, and a bunch of XXX comments
- use mtree(8)'s -D, -I, and -E to generate lists of files to
actually do the changelist stuff on.
- support /etc/mtree/special.local as an optional user-provided
version of /etc/mtree/special (effectively, an enhanced
/etc/changelist)
- Add code to monitor: /etc/ifconfig.* /etc/raid*.conf /etc/rc.conf.d/*
including support for these files being added and removed at will.
- If /sbin/fdisk exists, backup the output of "fdisk $disk" for all
the active disk drives as part of $check_disklabels
- Check permissions on: ~/.ssh/* ~/.shosts
Details:
- Reorder initialisation of defaults
- Remove special case for /etc/master.passwd "monitor but don't email diffs"
with general case for other similar files.
- Keep all `autogenerated' files (such as disklabel.*, setuid.current, ...)
in "$backup_dir/work", to minimise name clashes.
- Add migrate_file(old, new) to do the hard work of migrating files
from the old `top level' /var/backups mechanism to the `full path'
mechanism recently added. Use this appropriately.
- Add backup_and_diff(file, printdiffs), to the hard work of backing-up
and diff-ing files.
- Cleanup use of shell redirects
- /bin/sh supports ~root globbing, so use it.
- Improve umask checking; use awk regex rather than awk math
It still doesn't work, but you won't get the error about an Unknown option: `-a'
anymore.
The login shell for uucp is /usr/libexec/uucp/uucico, so su -m doesn't work.
This needs to be fixed.
Use a default "/set uname=root gname=wheel".
This drastically reduces the size of the file, as well as making it
far more maintainable. The differences are:
lines words bytes filename
342 1633 16272 special-relative
295 998 11971 special-absolute
This drastically reduces the size of the file, as well as making it
far more maintainable. The differences are:
lines words bytes filename
3240 3847 43634 NetBSD.dist-relative
632 696 17166 NetBSD.dist-absolute
of all installed pkgs and their +CONTENTS and +REQUIRED_BY files (if
they have one) and handling this file along with all the other
CHANGELIST stuff.
Greg Woods gets points for coming up with the idea.
Luke Mewburn asked me to do it, and provided lots of criticism along
the way.
1) If a password entry is of the form \*[A-z-]+, do not complain that
the account is off but has a valid password. Thus you can do
passwords like *ssh to indicate ssh only logins.
We should come up with a standard scheme for what various *keywords mean.
Note that if the field length is 13, 20 or 34 you'll still get
bitched at.
This code should be cleaned up. (So should the password scheme.)
2) If the entry is for "toor", don't complain that the account is off
but has a valid shell. We ship with toor:*:, there is no point in
complaining about it.
Part of the campaign against spurious security warning output.
according to cvs log of basesrc/etc/etc.sun3/ttyaction and
archive of source-changes, it was backed out with MAKEDEV
because of portability issue.
but i think ttyaction doesn't have that issue as it's never
executed on non-NetBSD environment.
boot console tty, so that the console is on the same place that the kernel
dmesg output goes, whether wscons or serial. Users who want to use tty00
or ttyE0 explicitly can change /etc/ttys themselves.
Also use "vt100" as terminal type for /dev/console (for a reasonable baseline
that also works with wscons; pccons is long since no longer default).
This addresses PR install/13249, i386-specific, but may be appropriate to
apply to all ports.
- Skip files that end with `~', `#', `.OLD' or `.orig', as these are usually
scratch or backup files created by programs, and we don't want to start them.
- Only try and run non `.sh' files if they're executable.
Per discussions with Andrew Brown, and closing his PR [bin/9981].
always perform the disk check (unless /fastboot exists). Previously
this would only occur when booting directly to multi-user, so the
fsck wouldn't happen after a single user boot going into multi-user.
releases, but has been ignored since an am-utils update six months ago.
This fixes [misc/11971] submitted by Jun-ichiro itojun Hagino. (Note that
$amd_flags is still supported, contrary to what the PR says).
enabled by setting $rcshutdown_timeout to a number of seconds to wait for
before terminating rc.shutdown. This is disabled by default.
- Use symbolic names rather than numbers when defining a trap.
- Improve some comments.