at boot automatically, so a machine dual booting another OS that uses
the RTC at localtime and NetBSD agree on the current time even if daylight
saving started/ended (without recompiling a kernel twice per year).
Awk code by Matt Thomas.
isn't enabled.
This is how the rc.d system works in conjunction with our current build
and install system; all the rc.d scripts are installed even if the
subsystems they control are not.
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.
* move kerberos- and kerberos 4-only files into new flists,
distrib/sets/lists/*/krb.*
* make the flist generators grok MKKERBEROS{,4} variables
* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
9 out of 10 experts agree that it is ludicrous to build w/
KERBEROS4 and w/o KERBEROS5.
* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.
* omit some Kerberos-only subdirectories from the build as
MKKERBEROS{,4} indicate
(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly. That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles. While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
that might block startup, and be more permissive in general about
allowing the daemons to start.
Add some descriptive comments to the top of the smmsp script that
describe the purpose of the process.
sendmail 8.12.8. Some of the same machinery (in shorter form) is in
the additions to rc.d/sendmail. Also, add a smmsp startup script for
the sendmail client queue runner.
the state table, making it much more useful.
The behaviour of 'restart' is unchanged (flush state table and reload
rules), but is now done slightly more elegantly.
ok'd by lukem.
dev database be rebuilt after loading modules. Loading modules might
create new nodes in /dev, but the dev database is being initialized
too soon for lkm2 and lkm3. This means that, eg, /dev/xf86 (typically
marked AFTERMOUNT and loaded by lkm2) will show up properly. Reviewed
by lukem.
immediately afterwards before bringing the interface up. This avoids
a small security gap existing in the previous scheme where IP Filter
was synced after all cloning interfaces were created and brought up.
called after quota so we don't end up with fsck and raidframe parity rebuild
taking forever after a crash/reboot.
While we are here check for raid[0-9].conf & raid[1-9][0-9].conf not
raid[0-9].conf & raid[0-9][0-9].conf
"/etc/ssh/ssh_config" (from "/etc/ssh/ssh.conf") for ssh(1) and other
userland tools, and "/etc/ssh/sshd_config (from "/etc/ssh/sshd.conf")
for sshd(8).
etc/postinstall will detect this, and if "fix" is given, rename the files.
- Add support for "setvar", which allows setting of arbitrary wsconsctl(8)
variables. Per email on tech-userlevel from Julio Merino <jmmv@hispabsd.org>
make -V FILES
from being useful (and given that every other variable can be
extracted using make -V, the behaviour was unusually inconsistent
given that the original reason for clearing it doesn't seem to be
relevant anymore)
- use <bsd.prog.mk> instead of directly including <bsd.files.mk>
(and possibly <bsd.man.mk> or <bsd.own.mk>)
- remove obsolete NOPROG
+ it was not discussed first
+ it is not consistent with the rest of the rc.d system. everything else:
- has defaults & example configuration in /etc/defaults/rc.conf
- uses lower-case variable names, including ipmon itself
Similar functionality added by the change I'm backing out may be
reintroduced in the future once it's been changed to meet our de-facto
rc.d standards, as opposed to something that appears to have been
lifted from a non-NetBSD source (HP/UX ?) ...
This occurs before the first load_rc_config() so that it may be
overridden by the user, and appears in single quotes so the
variables don't get evaluated until the eval in run_rc_command().
Problem noted by Patrick Welche <prlw1@cam.ac.uk> in [bin/15912].
Replace $critical_filesystems with $critical_filesystems_remote .
The new names are now consistent with the type argument that
mount_critical_filesystems() is called with, and allows for other types to
be easily supported by that function.
For backwards compatibility purposes, if the now obsolete variable is defined
(even empty), it takes precedence over the new form, and you will be warned.
If you want to stop the warnings, update your rc.conf(5) settings!
NETWORKING, and SERVERS) by specifying that certain things should
come BEFORE a given barrier, rather than having the barrier REQUIRE
a service. This allows scripts to be removed without having to
edit the barrier dependencies.
As discussed on tech-userlevel, and approved by Luke.
make them "externally" available:
Previous Current Purpose
-------- ------- -------
_arg rc_arg Argument to command, after fast/force
processing performed (and prefix
removed)
_flags rc_flags Flags to start the default command
with. Defaults to ${name}_flags,
unless overridden by $flags from the
environment. This variable may be
changed by the precmd method.
_pid rc_pid PID of command (if appropriate).
_rc_run_fast rc_fast Not empty is "fast" was provided.
_rc_run_force rc_force Not empty is "force" was provided.
- Use rc_flags instead of _flags or ${name}_flags in various rc.d scripts,
so that $flags from the environment overrides ${name}_flags from rc.conf(5).
Fixes [bin/15800].
If set to yes, block-type swap partitions will be deleted upon shutdown.
This can be useful if swapping onto a RAIDframe device, but may cause
unnecessary delays during shutdown for the general case, so it's
disabled by default.
Should resolve [bin/14433] and [kern/14769].
become ippp (ISDN ppp) and irip (ISDN raw IP). The character device now
are called: /dev/isdn (isdnd <-> kernel communication), /dev/isdnctl (dialing
and other control), /dev/isdntrc* (tracing), /dev/isdnbchan* (raw B channel
access, i.e. for user land PPP) and /dev/isdntel* (telephone devices, i.e.
for answering machines).
you'll see the following message:
# /etc/rc.d/ipfs stop
/etc/rc.d/ipfs: WARNING: $ipfs is not set properly.
This horrible change is needed because of the "shutdown" keyword.
keep state to be locked (modification prevented) and then saved to disk,
allowing for the system to experience a reboot, followed by the restoration
of that information, resulting in connections not being interrupted.
To activate this feature, set ipfs=YES in /etc/rc.conf
and links exist:
${ntpd_chrootdir}/dev/clockctl
/var/db/ntp.drift -> ${ntpd_chrootdir}/var/db/ntp.drift
and then start ntpd with the appropriate options to run chroot(2)ed
under $ntpd_chrootdir as user ntpd group ntpd.
to take advantage of this, set ntpd_chrootdir in /etc/rc.conf.
[this is based on similar work i did for rc.d/named]
always perform the disk check (unless /fastboot exists). Previously
this would only occur when booting directly to multi-user, so the
fsck wouldn't happen after a single user boot going into multi-user.
releases, but has been ignored since an am-utils update six months ago.
This fixes [misc/11971] submitted by Jun-ichiro itojun Hagino. (Note that
$amd_flags is still supported, contrary to what the PR says).
keymap file to wscons.conf.
Follows PR misc/12760 by Stephen Borrill, but uses the external keymap
file instead of individual key entries in wscons.conf. This saves a lot
of editing work if the map has to be switched.
and links exist:
${named_chrootdir}/usr/libexec/named-xfer
${named_chrootdir}/dev/null
${named_chrootdir}/etc/localtime
/var/run/named.pid -> ${named_chrootdir}/var/run/named.pid
/var/run/ndc -> ${named_chrootdir}/var/run/ndc
and then start named with the appropriate options to run chroot(2)ed
under $named_chrootdir as user named group named.
to take advantage of this, an admin should copy /etc/namedb ->
${named_chrootdir}/etc/namedb, and set named_chrootdir in /etc/rc.conf.
[dev/null & etc/localtime setup inspired by openbsd. i already had the rest]
"kdc" (since you might want to use IPsec on your Kerberos server,
and might be using GSSAPI to authenticate Phase 1) and "ppp" (since
racoon(8) needs to know about all of your network interfaces).
Despite that /etc/amd.conf is now the default configuration file, it needs
to be defined if you supply other options when you start amd, so add it here.
introduce syntaxical ambiguousity, and having concatenation with && or
|| costs nothing because our sh(1) has test(1) builtin.
- use elif construct to avoid dungling else-ifs.
- while-read construct does not need enclosed by a sub-shell.
- variable detection could be done in eval args=\$ifconfig_$int
- smart variable substitution occationally saves lines and extra command
invocations.
implicitly using $name if $rcvar isn't set), and always perform this check,
even when using start_cmd (et al).
this check is performed before the pidcmd
is run, speeding up scripts that weren't going to be run anyway.
this should speed up booting slow systems.
- take advantage of the above and remove
start_precmd="checkyesno foo"
in scripts that use start_cmd.
- explicitly set rcvar=foo in the rc.d/foo scripts which have an equivalent
rc.conf entry
- fix `rcvar' and `restart' when $rcvar isn't set.
these above changes fix PR [bin/11027].
- when doing `force*', ignore the return value of *_precmd.
this fixes PR [bin/10781].
- rename what sysdb provides from `databases' to `sysdb', to reflect
the name of the script.
- improve the comments in rc.subr
the latter depends upon aftermountlkm (but is required by DAEMON), so that
lkms may be loaded before the securelevel is raised.
noted by Rafal Boni <rafal@mediaone.net> in [bin/10780]
fine as was, the result was the line `start_precmd=start_precmd' which
looked odd. Pointed out by Bernd Ernesti.
While here, add NetBSD RCS Id.
BTW, to clarify, as people have asked: this script does not support
pkgsrc/security/sshd -- that package comes with a perfectly fine rc script
which in addition to supporting /etc/rc.d can also be used with 1.4.X.
This script will not trivially work with the ssh package as it a.) calls
the ssh commands at the pathnames they will be installed at by usr.bin/ssh,
and b.) generates a DSA key as well as an RSA key.
on ${SSHDIST}, as with usr.bin/ssh itself.
This script includes a `keygen' target for regenerating RSA and DSA host keys,
and invokes this if these keys are not present when sshd is started up.
networking to be operational before starting, and use as appropriate.
NETWORK depends upon network and dhclient.
* move the guts of systemfs into mountcritlocal
* replace the dependancy on systemfs with mountcritremote, and remove the
former.
* SERVERS now also depends upon ppp
Notes:
* dhclient (and others) needs /var to be a $critical_filesystem_beforenet
* dhclient now starts before syslogd (because the latter needs /usr, and
/usr might need dhclient to be mounted)
Should fix PRs:
[install/9853] [bin/10002] [misc/10349] [port-i386/10633] [misc/10641]
- /etc/mail/sendmail.cf exists, no /etc/sendmail.cf
- /etc/mail/sendmail.cf exists, /etc/sendmail.cf same content as
/etc/mail/sendmail.cf
die in other cases. PR 10243.
