392d31ddc2
Use more sane defaults for commented out fingerd entry.
...
From OpenBSD and Zafer Aydogan.
PR/31341.
2005-09-18 19:47:28 +00:00
9cb3a4de17
Default rwhod to running as _rwhod (but leave disabled by default).
...
I thought I already comitted this one...
2005-09-15 03:40:34 +00:00
384be89761
Adjust for ownership of /var/rwho
2005-09-14 14:01:57 +00:00
cd41b5d099
add _rwhod user (and group)
2005-09-12 16:21:56 +00:00
0a8fc88cf5
Remove the localhost ip6.int example since, as per RFC 4159, ip6.int is
...
now depreciated.
Discussedon tech-net.
2005-09-01 14:02:01 +00:00
f851540ac2
Move "named.conf" example configuration to "/etc" because that is where
...
named(8) looks for it. You can now really get a caching name server
by simply setting "named=yes" in "/etc/rc.conf" as documented in
The NetBSD Guide. This fixes PR bin/30662 by Christian Hattemer.
2005-08-30 10:58:33 +00:00
9c1da17e90
pf needs to be started after the network is up, because some pf rules
...
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
2005-08-23 12:12:56 +00:00
15e3f0cc19
Small ugly hack -- sed "Mounted on" to "Mount" so that the df line
...
fits in <80 columns.
We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.
2005-08-22 14:24:45 +00:00
9e84da172c
Make max_loginlen and max_grouplen 16.
...
We've handled 16 character logins for quite some time, and we even
have packages that create >8 character accounts. There is no point in
pretending the limit is 8 any more by default.
Discussed (very lightly -- there was little comment) on tech-userlevel
2005-08-22 14:09:23 +00:00
82bdaacb4f
Adapted to the changes of grfinfo(1) MANSUBDIR (hp300). (thanks Klaus Klein)
2005-08-20 17:23:53 +00:00
35a754577f
add SIP
...
(not going to import everything from IANA, but this is an increasingly
popular one)
2005-08-16 19:41:01 +00:00
ad9c34ce5c
Changes suggested by lukem:
...
1. Order pf to start before the network is configured.
2. If the pf_rules cannot be found at boot time, abort the boot (from the
ipfilter script).
2005-08-10 13:52:05 +00:00
c9c458f33c
Add command_args="-D" to the ftpd rc.d script. This flag is always needed
...
when running ftpd as daemon and it will now automatically be appended to the
command line, even if ftpd_flags doesn't have it.
Suggested by Alan Barrett and Luke Mewburn, thanks.
2005-08-09 14:59:33 +00:00
c100ff5b4d
Add "-ll" to ftpd_flags to be consistent with the entry in inetd.conf.
...
Suggested by lukem@.
2005-08-08 00:20:46 +00:00
9cfba4bb75
Add a note telling that ftpd_flags should always contain "-D".
...
Suggested by lukem@.
2005-08-08 00:19:37 +00:00
d0b18db569
Allow to change the location of the pf ruleset with the variable $pf_rules.
2005-08-07 01:03:39 +00:00
3d4b482c1f
As requested in PR port-cats/30460 add support for GENERIC.ABLE kernel to
...
sysinst, and also add the ABLE install kernel to the generated release
kernels.
2005-08-07 00:21:38 +00:00
f74a86ef4f
Add the new ftpd rc.d script.
2005-08-04 22:32:44 +00:00
cbc0c4b837
Add defaults for ftpd.
2005-08-04 22:29:01 +00:00
7eb092e6c3
Add rc.d support for standalone ftpd, suggested by perry@.
2005-08-04 22:28:17 +00:00
9bc1bf15c8
Add md-kernel for installation: INSTALL_OPENBLOCKS266.
2005-08-03 14:55:37 +00:00
69b6d49897
Add man page for teliosio(4).
2005-07-31 00:12:16 +00:00
acd7c4c5ca
Add a driver for Cypress microcontroller based USB serial adapters.
...
XXX hw flow control is not supported.
2005-07-30 06:14:49 +00:00
0e7146df89
Improve on the migration bit. Check if files are different, and if not,
...
remove the source and leave a symlink behind. Otherwise, let the user know.
2005-07-17 21:28:45 +00:00
a2663103c5
Copy and link files to allow a chrooted named to start-up automatically.
2005-07-17 16:30:57 +00:00
c1a84a4d12
ieee1394 import from FreeBSD.
2005-07-11 15:29:05 +00:00
fccd5bd47c
Update permissions of /var/log/wtmp{,x} to match those installed by
...
etc/Makefile.
Fixes PR 30717 from Jukka Salmi.
2005-07-11 08:41:40 +00:00
478cf01748
added ttyC00 and ttyC01 fopr the SPARCbook's internal modem and PCMCIA
...
modems
2005-07-03 18:08:53 +00:00
aafff09728
Add ptyfs to the file-system types ignored by the find_core check.
...
Ok'ed by Christos Zoulas and Hubert Feyrer.
2005-06-30 18:23:26 +00:00
03c94431fb
add /usr/libexec/ching
2005-06-30 12:40:22 +00:00
87283c876e
PR/29317: ifconfig.if does not allow parameters with spaces
...
OKeyd by christos@
2005-06-28 13:36:40 +00:00
df0caa2637
Remove (pf)spamd. Its right to exist in NetBSD has been questioned since it
...
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.
A port of the latest spamd will be imported into pkgsrc soon.
Suggested by several people, no objections on last proposal on tech-userlevel.
2005-06-27 20:32:39 +00:00
92c2871701
Make fb a link to fb0.
...
Add an entry for fb1.
2005-06-24 06:43:40 +00:00
7a2ed0814d
Add an entry for fb1.
2005-06-24 06:43:06 +00:00
68988657cd
Don't allow unprivileged users to access the veriexec device.
2005-06-16 15:31:21 +00:00
faffb35d60
Run veriexec before securelevel and sysctl scripts. Suggested by Nino Dehne.
2005-06-15 18:49:40 +00:00
3ccdf9a0d7
default swapoff to yes, and explain why.
2005-06-15 03:34:45 +00:00
c4f693fe6b
Make a simple fix for inculsion of disklabel.h. Since this script
...
doesn't do CPP conditionals, just avoid trying to "include" files
in the newly established nbinclude area, the in-tree version in the
normal place should work fine.
Fixes build problem for (among several others) cats.
2005-06-14 20:47:46 +00:00
abba7e56c8
Enable RAIDframe support in the NetBSD-macppc installation media.
...
Based on patches submitted by Ian Spray in PR port-macppc/30465.
2005-06-09 13:29:57 +00:00
82e01bc59d
Now that /var/log/wtmp and /var/log/wtmp should have group=utmp,
...
instruct newsyslog to follow up this when rotating these logs.
2005-06-05 07:33:17 +00:00
44d1677f84
Remove support for build.sh -m xen, this has been merged in the i386
...
build. Pointed out by Chuck Silvers.
2005-05-29 10:54:40 +00:00
c1a5be3d85
Fix naming of the verified exec character device placeholder.
2005-05-28 14:54:06 +00:00
d4c33e9952
Ecoff kernels are no longer needed.
2005-05-23 13:05:04 +00:00
d2d9cb8374
added wd*
2005-05-23 00:43:13 +00:00
1bd2839e9a
Consistently use 0664 root:utmp for /var/log/{lastlog,wtmp}{,x}.
...
Rest of PR 18670.
2005-05-22 14:34:20 +00:00
1c2ca83340
add a ramdisk and LIF image for sysinst-based installation.
2005-05-18 14:04:26 +00:00
408467d27a
allow rsh if the user's password is null. from christos.
2005-05-14 15:17:47 +00:00
e03970d626
correct line for "password"
2005-05-13 02:56:34 +00:00
4aafff6cc5
it makes no sense to check ptyfs for new and gone devices. From Rui Paulo,
...
many thanks.
2005-05-12 14:02:05 +00:00
7147ba1184
PR/30177: Rui Paulo: /var/chroot/pflogd isn't created by default
2005-05-11 10:41:51 +00:00
7a5b2dfb39
Tweak the iso-image support: avoid arbitrary hardcoded sizes - use awk to
...
estimate the real size and round up a bit instead. Doesn't matter much, but
produces a "better" sgi volume header.
While there, simplify a few bits and avoid grep|awk pipes.
2005-05-10 21:58:03 +00:00
5f3107ece4
Add wscons virtual consoles
2005-05-02 13:39:54 +00:00
b26a3203a3
Add /etc/pam.conf and /etc/pam.d/*
2005-05-02 03:23:43 +00:00
188cee5c01
Fix previous, caused by premature optimization...
...
Noted by Kirk Russell.
2005-05-02 02:51:04 +00:00
710a7ff6e8
Use zeropad() and hexprint() instead of printf(1).
2005-05-02 00:47:58 +00:00
117d01fe78
Add hexprint(); display the given number as hex.
...
Add a comment to document zeropad()'s purpose.
2005-05-02 00:46:46 +00:00
c246220559
Make /dev/usb readable to all; it is only used to report USB events.
2005-04-30 16:26:06 +00:00
699bb11d46
Add more locale directories in preparation of new gettext.
2005-04-26 19:39:11 +00:00
2dc0814b72
Make ifaliases_lo0 in rc.conf work just like other interfaces (instead of
...
being ignored). Also, when configuring aliases set as ifaliases_xxN,
print out the interface name and the alias address.
2005-04-26 10:28:29 +00:00
441f539b14
Pickup bootblock.h from $DESTDIR to make this work when crosscompiling.
2005-04-22 09:49:45 +00:00
8387760ed1
Rototill of the verified exec functionality.
...
* We now use hash tables instead of a list to store the in kernel
fingerprints.
* Fingerprint methods handling has been made more flexible, it is now
even simpler to add new methods.
* the loader no longer passes in magic numbers representing the
fingerprint method so veriexecctl is not longer kernel specific.
* fingerprint methods can be tailored out using options in the kernel
config file.
* more fingerprint methods added - rmd160, sha256/384/512
* veriexecctl can now report the fingerprint methods supported by the
running kernel.
* regularised the naming of some portions of veriexec.
2005-04-20 13:44:45 +00:00
8232ca0162
Tweaks for the move of postinstall from /etc to /usr/sbin
2005-04-17 23:12:40 +00:00
5c5750a595
Move /etc/postinstall (and the etc.tgz set) to /usr/sbin/postinstall
...
(and the base.tgz set).
2005-04-17 15:15:48 +00:00
41595413ba
elaborate on sysctl rename
2005-04-16 04:19:24 +00:00
7a5e7ac8e9
Adjust for the Argentina directory that came with tzdata2004b;
...
noted by Geoff C. Wing in PR bin/29954.
2005-04-12 15:35:54 +00:00
bfd29aa656
/var/chroot/spamd is now /var/chroot/pfspamd.
2005-04-12 14:24:32 +00:00
271ad04cd9
Allow an underscore as first character and embedded underscores & dots
...
for login and group names.
Fixes PR misc/29913 from Arto Selonen.
2005-04-11 15:46:42 +00:00
4b058b80fb
Add xencons to the default list of devices. Fix port-xen/29887 by Juan RP.
2005-04-06 21:06:28 +00:00
c37e23a1f9
Add _pflogd group.
2005-04-05 19:57:30 +00:00
96cf4771d1
PR/29891: Arto Selonen: su(1) does not seem to honor SU_ROOTAUTH any more
...
Move the rootauth group line before the wheel check, so that rootauth users
are not required to be in wheel [still commented out]
2005-04-05 18:23:36 +00:00
ee8532311f
Add _pflogd to the uid check. Pointed out by Luke Mewburn.
2005-04-05 07:03:33 +00:00
80271013f5
Add the _pflogd user which will be used by pflogd(8), the logging daemon
...
for pf(4).
Approved by core.
2005-04-04 19:06:43 +00:00
c0372ca1ef
ypserv(8) doesn't need the domainname(1) set -- it will serve any maps
...
present under /var/yp/<somedomain>/<map> -- so don't require it.
Thanks to Chuck Cranor for the suggestion.
2005-04-01 23:25:29 +00:00
7c4b722858
Add pf to the all target. Pointed out by Steve Rumble.
2005-04-01 21:07:01 +00:00
d45db391ec
Install all obsolete X11 sets (even empty ones).
2005-03-28 03:13:39 +00:00
a3b248100e
add csmapper:CNS11643-1,2 and esdb:ISO-2022-CN,
...
integrate esdb:EUC-TW, locale:zh_TW.eucTW.
2005-03-27 22:30:05 +00:00
f1f5ecd1a9
We must check for "${MACHINE}" and not "${MACHINE_ARCH}" of course to
...
decide about port specific obsolete lists.
2005-03-25 20:15:20 +00:00
728512171e
Checking for the file "xserver" in "${OBSOLETE.dir}" doesn't work because
...
the check will be done before the target which is used to create that file.
So simply add "xserver" to "${OBSOLETE.file}" based on the architecture.
2005-03-24 20:23:55 +00:00
6ebdd24d9a
Make var/db/obsolete/xserver optional.
2005-03-24 09:07:17 +00:00
c6b047ea8b
+ do not install getconfig
2005-03-24 05:27:18 +00:00
80843b35d1
+ getconfig scripts and configs
2005-03-22 21:43:24 +00:00
857d896931
-s can be given 'etc.tgz' directly. (Thanks to hubertf for the reminder)
...
Improve usage.
2005-03-22 04:43:53 +00:00
fb571c8922
Add support for handling obsolete X11 files and directories.
2005-03-21 23:09:39 +00:00
96f232123e
Remove directory which got obsoleted by XFree86 4.5.0.
2005-03-21 14:45:19 +00:00
12399bd640
Add the freetype services directory under internal
2005-03-20 18:25:22 +00:00
34be8773f6
Add OPENBLOCKS200 kernel.
2005-03-18 16:32:59 +00:00
c50dc53d46
pam_self is "required" not just sufficient to authorize the Xserver.
2005-03-18 15:15:25 +00:00
878fa2f707
Replace hardcoded "/var/run/named.pid" with ${pidfile}.
2005-03-17 18:44:09 +00:00
5b3d8c8c12
remove stray l.
2005-03-17 01:47:18 +00:00
c788433bb3
Remove ,optional accidentally committed. We are not going to do this after
...
all.
2005-03-17 01:07:51 +00:00
d34097e695
Create the xbd1* devices as well as xbd0*, this is useful to install
...
domUs via CDROM or unmounted FS in the sysinst menu.
2005-03-15 23:46:09 +00:00
80f533ce07
Do a "flush all" when disabling pf. This also changes the restart case
...
to do a "flush all", while the reload case will only reload the rules without
flushing anything.
Suggested by Miles Nordin.
2005-03-15 18:22:03 +00:00
0a9aa9779a
Install pf(4) examples. Reviewed by yamt@.
...
Thanks to hubertf@ for the reminder.
2005-03-15 16:05:03 +00:00
f198807ca5
Explicitly REQUIRE mountcritremote, since this uses awk.
2005-03-15 12:06:12 +00:00
138a35afd9
comment out pam_ssh and mention it has potential security issues.
2005-03-14 23:41:49 +00:00
03258a805a
separate tun(4) and joy(4) entries, those two are totally independant
...
PR: kern/29673 by FUKAUMI Naoki
2005-03-12 10:26:45 +00:00
9533cbbc67
Try last fix once more.
2005-03-12 00:52:51 +00:00
d2a568b356
Fix a bad typo in populate_dir() which broke a lot of checks.
2005-03-12 00:50:23 +00:00
3e8f0992c8
Integrate Xen to the i386 build process:
...
- Add xen devices to MAKEDEV
- Add Xen kernels to list of kernel to build
- Add INSTALL_XENU to the install kernels
- introduce the xbd disk devices to sysinst.
This will add 3 kernels to the i386 release:
XEN0 for use as a Xen domain0 kernel
XENU for use on a non-privileged domain
INSTALL_XENU to install NetBSD on a non-privileged domain virtual disk.
2005-03-11 20:55:10 +00:00
8286cd5e07
Deprecate etc_release check, since etc/release is now part of base.tgz.
...
Support '-s /path/to/etc.tgz' which extract the file to a scratch directory
and run the contained version of postinstall against that directory.
This saves about 5 tedious steps which I've done by hand when updating,
and the expense of some minor CPU time on each invocation of this method.
XXX: postinstall needs a man page. pkill -HINTHINT wizd
2005-03-08 14:09:25 +00:00
cefddd30c8
Remove ${MACHINE} from the volume name of iso images - our new naming sheme
...
makes the field overflow even on archs where ${MACHINE} is pretty short.
Also rearange MKISOFS_FLAGS so that they default to -quiet unless the
user explicitly asks for -v. Add -hide-joliet-trans-tbl to get rid of
the TRANS.TBL files on modern OSs.
2005-03-08 07:39:30 +00:00
4804c0d992
modload(8) already obtain the value of the machdep.booted_kernel sysctl
...
node, and use it as a reasonable default when no -A option is passed.
The difference is, modload(8) prefers /dev/ksyms rather than the sysctl
node, which is the behaviour we really want.
Unconditionally passing -A in rc.lkm prevents the loading of inter-
dependent modules from rc.d, as reported by Jeff Rizzo on netbsd-users.
2005-03-04 21:11:23 +00:00
b8911768e7
Add lastlogx to the list of files created.
2005-03-04 16:16:00 +00:00
f709224812
PR/18670: Charles Blundell: Add entries for lastlog and lastlogx
2005-03-04 16:14:46 +00:00
2bd312ac59
PR/29594: Geoff C. Wing: Allow root in rsh like we used to.
2005-03-04 15:30:59 +00:00
37fd46a3fc
by popular demand, and now that we have verified that password authentication
...
works, allow a user to start the Xserver without a password.
2005-03-03 04:21:51 +00:00
afaa144fe7
Add a no nested option that avoids updating the {u,w}tmp databases on a
...
nested login.
2005-03-03 02:12:32 +00:00
0a66272c73
Revert previous, for now. We don't umount filesystems in the shutdown
...
process (we're -- probably inappropriately -- waiting for the kernel to do
that at the end), so cgdconfig -U won't do much until that situation changes.
2005-03-02 19:09:22 +00:00
e32d4e2d39
Unconfigure cgd devices on shutdown, so that underlying layers (i.e.,
...
RAIDframe) are happier.
2005-03-02 12:14:47 +00:00
7f1a777aba
Add the xserver description file.
2005-03-01 16:29:44 +00:00
ba359ad0ee
use the ksu module not the krb one. Do kerberos authentication first.
2005-03-01 16:28:46 +00:00
9d1d1be44f
Add a new pam description file for the xserver. This is used when the
...
Xserver is started manually using xinit.
2005-03-01 16:27:52 +00:00
a7ca5e9389
Now that the install kernel creates its devices at boot-time, we need to
...
properly populate the init case. Reworked, using amd64 as a prototype.
2005-03-01 02:36:12 +00:00
1bf17b3733
Oops, the init case must create md0.
2005-03-01 01:42:21 +00:00
c0336fc23d
Add bpf devices.
2005-02-28 08:27:54 +00:00
d81b21774f
Add -a valid for PAM.
2005-02-28 02:35:55 +00:00
5bea007640
disable pam_ftpusers module because our /etc/ftpusers has different syntax
...
than what it expects.
2005-02-28 02:21:46 +00:00
1c5ae7179a
passwd(1) does not require -p to use PAM.
2005-02-28 01:59:21 +00:00
74bb35d6b9
update for current reality.
2005-02-28 01:27:01 +00:00
0215fc5818
add display_manager and ppp
2005-02-27 22:34:18 +00:00
98a2507fb6
Make a note about when telnetd uses the "telnetd" PAM service, and
...
when the "login" PAM service is used instead.
2005-02-27 21:49:14 +00:00
c3bf5c7ebe
Disable pam_ssh by default, and refer people to pam_ssh(8) for information
...
on its security risks.
2005-02-27 21:35:59 +00:00
2b9f821fc2
Mention the problem with ftpusers and that we have a ppp config now.
2005-02-27 19:30:20 +00:00
b89b9e58a2
Add a config file for ppp; same like ftp for now.
2005-02-27 19:29:43 +00:00
13eb2abf9e
Major cleanup of PAM service configuration files.
2005-02-27 03:40:14 +00:00
2871250238
add TWINTAIL.
...
SMDK2410/2800 now have install kernels.
CVS: ----------------------------------------------------------------------
CVS: CVSROOT cvs.NetBSD.org:/cvsroot
2005-02-27 02:27:12 +00:00
5b0739524b
Improve the description of the "pam" check/fix; it doesn't ensure
...
that /etc/pam.d is up to date, just populated.
2005-02-27 00:06:25 +00:00
d242353e08
Update status.
2005-02-24 15:15:27 +00:00
77389b1f94
Update racoon status
2005-02-24 13:16:42 +00:00
118f369d29
Rename compare_dir() to populate_dir() and add "$onlynew" argument,
...
which if true prevents existing but changed files from being updated.
Reimplement compare_dir() in terms of populate_dir() ($onlynew=false)
Reenable do_pam() and use populate_dir() instead of compare_dir().
This allows missing etc/pam.d files to be installed with "fix", but
leaves (possibly end-user) modified files alone.
2005-02-24 04:06:53 +00:00
dcffc13e8d
Rename /dev/fb to /dev/fb0 and make /dev/fb a symlink to it.
2005-02-23 22:56:20 +00:00
327af7ca04
Only install postfix config if ${MKPOSTFIX} != "no".
...
Based on PR misc/29341 by Takeshi Nakayama <nakayama@NetBSD.org>
2005-02-23 02:10:33 +00:00
714867dee9
update for rexecd
2005-02-23 01:28:40 +00:00
1c9b56c830
Add MKIPFILTER; if set to no, don't build and install the ipf(4) programs,
...
headers and LKM.
Add MKPF; if set to no, don't build and install the pf(4) programs,
headers, LKM and spamd.
Both options default to yes, so nothing changed in the default build.
Reviewed by lukem.
2005-02-22 14:39:58 +00:00
fbdc9c3fcb
Use hostname(1) in preference to uname(1) in case /usr isn't mounted.
2005-02-22 09:12:17 +00:00
28dfc695f0
Revision 1.2 of dot.shrc changed the prompt to use a HOST variable without
...
setting it anywhere, so set it here.
2005-02-22 08:28:34 +00:00
97552a9c4d
Update for ppp and passwd.
2005-02-22 01:09:29 +00:00
989b421981
add nsmb(4) for NetBSD/amiga
...
Fixes PR port-amiga/29066 by Florian Stoehr
2005-02-20 17:49:49 +00:00
379a5c3295
rsh is done.
2005-02-20 05:47:13 +00:00
b757d80462
ftpd is done.
2005-02-20 01:47:04 +00:00
56c6171b31
whitespace
2005-02-20 01:46:42 +00:00
75e797d45f
Update.
2005-02-20 00:52:21 +00:00
e51566c11b
Add a status file so that we can coordinate who works on what.
2005-02-20 00:02:53 +00:00
ac4f38d372
Try to explain what this file does a little bit better.
2005-02-19 17:25:16 +00:00
354f2a1004
Switch to ipsec-tools for libipsec, setkey, and racoon. From
...
Emmanuel Dreyfus, with some small changes by me.
2005-02-19 16:55:02 +00:00
4cf2ccf6dc
Wording fix. Comment still not entirely clear.
2005-02-16 14:47:46 +00:00
fcff889a4d
remove ko_KR.UTF-8.
...
this locale is alias for en_US.UTF-8 by locale.alias now.
2005-02-10 18:03:01 +00:00
8e401e6c31
add a check_passwd_permin_nonalpha option, which changes the passwd
...
test to permit non-alphanumeric characters in login names
2005-02-05 15:26:37 +00:00
c3f3d85961
Restore the html directories. They are indeed functional.
2005-02-04 17:10:40 +00:00
195aff13a9
Remove /usr/share/man/html* directories. They have been there,
...
empty, for 3 years, and there was no public plan on how to fill
them in all that time. Let's re-add them when they have a purpose.
2005-02-04 15:07:54 +00:00
bde7c7493a
Add a commented out option that shows how to get back the rootauth
...
functionality
2005-02-01 22:56:14 +00:00
dcaf7f8abc
Build OPENBLOCKS266 kernel.
2005-02-01 17:02:57 +00:00
25f1e3eda9
Set the pam_nologin call to keep our current behavior: login is refused
...
after password is given.
2005-01-23 09:48:38 +00:00
ca38156730
Permit a "README", "SOURCE_DATE", and "source" at the top-level to be
...
added to the CD-ROM (only if they exist), as proposed on tech-install
and tech-toolchain without objections. Note, this will "bloat" the CD-ROM
image if you have done a "./build.sh sourcesets". If you don't want that,
just move "source" out of ${RELEASEDIR} for the "make iso-image".
2005-01-15 18:18:18 +00:00
1e55b5223c
Disable "pam" check/fix, since the current implementation will overwrite
...
any local changes, which is sub-optimal.
2005-01-11 12:19:35 +00:00
3952de4581
Backout last change. I'm not sure what the correct fix is but the last
...
change wasn't it.
2005-01-10 11:23:53 +00:00
66db1620b2
Fix this so that "make install" will actually work.
2005-01-10 11:20:01 +00:00
da9dede24f
add MKINET6 to etc/release
2005-01-10 02:49:46 +00:00
2ec73172c7
don't bother linking ftp -> ftpd
2005-01-10 01:51:13 +00:00
8516a4eb2a
install-etc-files: also descend into "pam.d" for configinstall
2005-01-10 01:17:25 +00:00
50da6bf581
NetBSD Is Not FreeBSD:
...
* use CONFIGFILES instead of FILES
* use CONFIGLINKS instead of LINKS
2005-01-10 01:15:44 +00:00
14a351eefe
Create wscons devices.
2005-01-09 15:50:53 +00:00
715473130b
Quote MAILTO properly so that more descriptive names can be used.
2005-01-09 13:07:14 +00:00
2cfa477387
Install pam configuration files.
2005-01-09 07:27:14 +00:00
c6d0cd4217
Remove pam_ssh for system config, it's not always used.
2005-01-08 22:42:22 +00:00
9dc874ea69
Create tap (cloning), tap0 .. tap3 in /dev by default.
2005-01-08 22:31:28 +00:00
d17ffac202
Add tslcd
2005-01-08 20:32:10 +00:00
247ec215ec
add ssh and krb5 now that they compile
2005-01-08 08:43:03 +00:00
7812888715
add MKPAM
2005-01-06 00:47:34 +00:00
99a658efd4
Fix bpf/bpf0 swap
2005-01-04 15:06:24 +00:00
9fba78b0b3
Link /dev/bpf to /dev/bpf0. dhclient looks for /dev/bpf now...
2005-01-03 22:45:34 +00:00
7e7f191f7d
Add a missing space in a comment
2004-12-30 09:32:13 +00:00
38cddbe010
Add epcom serial UART char device found on Cirrus Logic EP93xx ARM9 SoC's
2004-12-29 06:36:46 +00:00
9c276b19a0
Add /usr/lib/security
2004-12-28 23:59:22 +00:00
186e7464e2
Add /usr/include/security
2004-12-28 22:00:36 +00:00
db2d37d14e
Add TS7200
2004-12-28 16:51:15 +00:00
eca6f3c39f
* Conditionalize flushing of IPv4 vs IPv6 rules based on the existance
...
of the appropriate configuration file.
Based on PR 28757 from Jason White.
* Add comments explaining why we flush separately from the reload
(backwards compat with older ipf(8) binaries).
2004-12-23 03:31:54 +00:00
a837ad61c2
Make sure miniroot subdir gets created
2004-12-15 15:03:14 +00:00
6b367bf779
- Add NetBSD RCSID's
...
- comment out opie since we don't have it.
2004-12-12 08:54:34 +00:00
cad237d3f4
Pam configuration files from FreeBSD; perl script not imported.
2004-12-12 08:48:21 +00:00
fa6a23da15
Check and report if authpf isn't in group file
2004-12-09 04:42:54 +00:00
c17d5db72f
Add the `shutdown' keyword, giving racoon a chance to flush the SAD
...
upon termination.
2004-12-07 17:37:15 +00:00
9e47818662
Only make bpf, not bpfN
2004-12-02 16:44:28 +00:00
0b731a56a1
Marry tun and joy.
2004-12-01 23:09:04 +00:00
98baff9ba7
Create /dev/bpf not /dev/bpfN
2004-12-01 23:06:57 +00:00
5b40cd9b6b
With the recent fixes to cpp(1) and calendar(1), it is now safe to turn
...
on run_calendar by default. Include a note advising users who replace
/usr/bin/cpp with a non-basesrc version to turn this off.
2004-11-30 02:03:57 +00:00
87352ee9ba
add ./var/chroot and subdirectories
2004-11-25 01:33:31 +00:00
2a2d87d1db
Remove all references to vnd usage here now that sgivol works correctly on file
...
images
2004-11-24 22:01:42 +00:00
c43d1a68db
Print interface packet counters as strings to prevent integer overflow in awk.
2004-11-22 04:53:46 +00:00
e61255615c
Ensure ISDN kernels can be built for future releases.
2004-11-21 21:07:15 +00:00
f7dc8a9650
When checking /etc/exports, account for "-network=XXX" as restricting
...
the mount (i.e. it is not considered globally exported).
Fixes PR: 26890
2004-11-21 19:00:12 +00:00
13b48b2499
Add ${.CURDIR}.
2004-11-16 03:51:30 +00:00
d6ecb79b20
Use the ttys file from etc.${MACHINE} directly.
2004-11-16 02:33:21 +00:00
52bd3adde5
Don't leave the stray reference to etc.${MACHINE}/ behind in the ttys
...
file installation command.
2004-11-15 16:33:41 +00:00
829bf2603d
Don't append ptys to the ttys file. It is not needed anymore as ttyslot
...
will DTRT.
2004-11-15 00:28:16 +00:00
ded5cfa88c
install PF configs.
2004-11-14 20:28:28 +00:00
23c8222edb
merge after importing pf from openbsd 3.6. (userland part)
...
some files were imported to the different places from the previous version.
v3_5:
etc/pf.conf
etc/pf.os
etc/spamd.conf
share/man/man4/pf.4
share/man/man4/pflog.4
share/man/man5/pf.conf.5
share/man/man5/pf.os.5
share/man/man5/spamd.conf.5
v3_6:
dist/pf/etc/pf.conf
dist/pf/etc/pf.os
dist/pf/etc/spamd.conf
dist/pf/share/man/man4/pf.4
dist/pf/share/man/man4/pflog.4
dist/pf/share/man/man5/pf.conf.5
dist/pf/share/man/man5/pf.os.5
dist/pf/share/man/man5/spamd.conf.5
2004-11-14 11:26:43 +00:00
c1d9edf7a4
Add the IP12 GENERIC kernel.
2004-11-13 10:27:14 +00:00
573e338f96
Don't try to chmod ptys if we have none.
2004-11-10 05:04:51 +00:00
440dc51bb7
Don't declare ptys in tty's. None of the other ports do this.
2004-11-08 19:59:07 +00:00
4ffd3a5be3
Redo previous (rev 1.12) in a manner that allows this rc.d script to operate
...
correctly on ipf(8) from prior to 4.1.3 (where -Fa flushes both protocols)
and 4.1.3 (where -Fa only flushes the current protocol).
Fix from Kimmo Suominen, per private discussion.
2004-11-08 02:09:01 +00:00
c41dd8b49a
- .isc.netbsd.org aliases are gone
...
- zathras is gone, alias releng to www
2004-11-07 19:41:45 +00:00
195fae85fa
Remove the "(not in tree)" part in the comment for PF.
2004-10-22 14:08:22 +00:00
0560d8b947
Initial import of iyonix port.
...
The Iyonix is a desktop machine from Castle Technology, based on a 600MHz
XScale[tm] 80321 processor.
* Uses the bootloader from NetBSD/acorn32, which is now 32-bit compatible.
* Currently boots multiuser with a serial console.
* Device support is not yet complete.
With help from abs.
2004-10-13 23:28:34 +00:00
1ecb0d140f
Use 'load_rc_config_var CMD VAR' to set VAR for "foreign" rc.conf(5)
...
variables that may be set in /etc/rc.conf.d/CMD instead of /etc/rc.conf.
Fixes PR 20768 from Pavel Cahyna.
2004-10-12 14:51:03 +00:00
3c81b28a9a
* Implement
...
load_rc_config_var cmd var
to load the rc.conf(5) configuration for cmd and set var in the
current shell, using 'load_rc_config var' in a sub-shell to avoid
unwanted side-effects.
* Improve required_vars warning message.
2004-10-12 14:45:29 +00:00
a22353007b
PR/27235: Jukka Salmi: MAKEDEV regression because of printf -> zeropad change
2004-10-12 14:42:08 +00:00
573992ef57
Implement reload, using "amq -f".
...
Suggested by Hauke Fath in PR 26589.
2004-10-12 13:44:45 +00:00
b9fbb3f21a
manage tpctl with do_rc(). Fix from Jukka Salmi in PR 26754
2004-10-12 13:29:05 +00:00
d65dca170c
Fix for /bin/ksh, from Jukka Salmi in PR 27232.
2004-10-12 13:23:44 +00:00
6e9a790e1f
Use new style command substitution.
2004-10-11 15:00:51 +00:00
c73be7a88d
Explicitly REQUIRE: rpcbind since these services directly use RPC...
2004-10-11 14:11:43 +00:00
6ede50a341
Use load_rc_config `basename chrootdirscript` in a subshell to determine
...
the rc.conf(5) setting for chrootdirscript, incase the configuration
for that is in /etc/rc.conf.d/chrootdirscript.
Fixes PR 26478 from Jukka Salmi.
2004-10-11 13:29:52 +00:00
dc75bc2463
PR/27196: Jukka Salmi: missing amanda server ports in /etc/services
2004-10-09 17:04:41 +00:00
3507ec273f
Comment typos: unecessary->unnecessary, accidentaly->accidentally
2004-10-09 02:18:48 +00:00
7da8bb106d
PR misc/7716: add configuration options find_core_ignore_fstypes and
...
check_devices_ignore_fstypes to allow the filesystem types that are
ignored during the daily and security runs to be adjusted.
2004-09-28 15:03:58 +00:00
d355f71bc3
Dig {cat,man,html}4/hp700.
2004-09-24 13:47:46 +00:00
70f35b6f77
Remove support for ALIASES in share/locale/ctype/Makefile, which
...
created symlinks in the filesystem. Put the one existing alias
(zh_TW.BIG5) into the newer locale.alias file.
2004-09-10 15:12:51 +00:00
ac418f52f5
Explicitly flush (-Fa) rules when loading or reloading IPv4 and IPv6 rules,
...
rather than relying upon running "ipf -Fa" beforehand (which only flushes IPv4)
Should fix PR 26885 and PR 26857.
2004-09-09 00:33:03 +00:00
08c7699414
* Implement modify_file() to apply an awk program against a file and display
...
the diffs and possibly install the new version of file.
(Based on sshd_config munging code in do_ssh())
* Use modify_file() in do_hosts() and do_ssh().
* Be more specific in do_x11() about what needs to occur.
(This could still be improved).
* Minor sh cleanups. ("sh is not C")
2004-08-30 04:57:39 +00:00
4d1e9e453b
The hosts file is /etc/hosts not /hosts.
2004-08-30 02:46:07 +00:00
85b920f8a2
add a dotted alias for localhost so that sendmail doesn't pause on startup
...
if a system's hostname is not set. PR 26550.
2004-08-29 13:26:17 +00:00
93f4534edf
add "drvctl" template
2004-08-27 17:50:57 +00:00
c41b76304f
Quieten stat(1) with the -q flag.
...
Addresses PR bin/26711.
2004-08-19 04:44:10 +00:00
7d2e1537c5
Add an _rc_subr_loaded variable, set to ":" by rc.subr. Scripts can use this
...
for a speedup by doing:
$_rc_subr_loaded . /etc/rc.subr
2004-08-13 18:08:03 +00:00
5d87974ec4
Search /usr/lib/i18n and /usr/X11R6/lib for obsolete minor shared libraries.
2004-08-12 13:32:37 +00:00
a5e99ebea6
* Implement obsolete_paths() to obsolete the paths provided on stdin.
...
(based on the guts of do_obsolete().
* Implement obsolete_libs() to print a list of obsolete minor/teeny
shared libraries in the provided directory.
The implementation supports removing old major libraries similar to
src/lib/checkoldvers (except this correctly matches more stuff), but
there's no way to enable that at this time.
* do_rc(): convert to obsolete_paths() to remove old rc.d scripts.
* do_obsolete(): convert to obsolete_paths(). add obsolete_libs() for
/lib and /usr/lib to remove old minor/teeny shared libraries.
* Clean up the usage.
2004-08-12 02:30:23 +00:00
c0760527d2
Add Multicast DNS on port 5353 (from the IANA list).
2004-08-09 05:24:38 +00:00
8fb0a9f1ca
Switch the check to see if the corresponding db file needs to be
...
rebuilt from "newer than" to "not older than". The latter check also
manages to take into account cases where the db file doesn't yet exist
because the source is "not older than" something that doesn't yet
exist.
2004-08-08 17:41:15 +00:00
dc32cbc366
Add atabus devices.
2004-08-01 21:52:09 +00:00
04f2810d39
add an entry for spif(4).
...
this uses a different name for the parallel ports than the openbsd
port otherwise they conflict with the magma parallel ports and you
would be unable to have both a spif and magma installed at the
same time.
2004-08-01 10:43:47 +00:00
e92ef40b67
Now that one can choose boot image for i386 to produce a slightly
...
different cd-rom image (e.g. using the INSTALL_LAPTOP-derived boot
image), make it possible to add a string to the cd-rom image name
by setting the optional environment variable CDROM_NAME_ADD.
2004-07-28 11:35:44 +00:00
fa4f012f1e
Add a: to the getopt string so that the -a option is actually recognized.
2004-07-25 01:37:14 +00:00
8849562832
Add new kernel configuration for ACPI based SMP systems which can also be
...
used to utilize Hyper-Threading.
2004-07-23 17:57:41 +00:00
3d7c07bfa4
Allow the user to specify which file system image to use as the
...
boot image of the CD-ROM via the CDROM_BOOT_IMAGE variable. The
user may want to create a bootable image with bootlap-big.fs which
uses the INSTALL_LAPTOP kernel configuration instead of the default
boot-big.fs image which uses the INSTALL kernel configuration.
2004-07-23 15:25:04 +00:00
610ee5bd6f
Merge /etc/mtree/special & /etc/mtree/special.local using "mtree -M".
...
This allows users to override mtree/special entries in mtree/special.local,
which is useful if you've replaced a directory with a symlink (for example).
This effectively makes $check_mtree_follow_symlinks=YES pointless, but
I'm retaining that for compatibility reasons.
Fix bug in generation of $MPBYUID (used "/^+/" instead of "/^\+/" as a regex),
which has existed for a long time but only failed with our awk; GNU awk seems
to have permitted this. (This meant that the duplicate UID check was broken
when using our awk.)
Rename some temp files to more accurately reflect their purpose, to
aid debugging.
2004-07-23 06:12:16 +00:00
ecb1a2e0ed
There is really just no point in having every root login get spamming with
...
syslog crap. Goodbye.
2004-07-23 03:45:42 +00:00
d2dd73eec2
More better description of current state of sendmail stuff in more
...
places. This is intended to make some people a tad happier.
2004-07-22 03:44:12 +00:00
e0fb433b4f
Add one more check to the sendmail auto-start heuristic: check the
...
value of MTAHost in the submit.cf. If it doesn't indicate localhost,
we probably don't need the sendmail listener.
Addresses PR bin/26391.
2004-07-22 03:36:29 +00:00
89fc8be761
Change the default settings for sendmail.
...
(1) The stock sendmail.cf will only listen on the loopback interface.
(2) The stock submit.cf specifally connects to "localhost." which
should be less susceptible to being confused or looking confused.
(3) The smtp listener starts by default, if needed. The setting in
/etc/default/rc.conf is still "no", but rc.d/sendmail detects the
default setting and will change it to yes if need is determined.
Need is defined as "nothing else seems to have been changed about the
mail configuration but we'd like locally originated and locally
destined mail to be delivered". If you change, eg, mailer.conf to
point to postfix or some other MTA, sendmail will not start.
2004-07-15 03:47:18 +00:00
5f89bdd921
Make the directory into which crash dumps are saved into something
...
that can be controlled via rc.conf. The default is, of course,
/var/crash.
2004-07-15 03:29:55 +00:00
c2e5d3b127
Make lpt devices.
2004-07-14 14:16:14 +00:00
bad83f3d79
Add locale/nb for texinfo-4.7.
2004-07-12 23:55:33 +00:00
8120bbbeda
run getty on /dev/ttyE0 by default.
...
otherwise, user can't start X server.
2004-07-11 16:08:55 +00:00
ee2f9a6e6f
Add mention of Portuguese builtin keyboard map.
2004-07-06 04:02:05 +00:00
20fd132b8d
* Add BEFORE: SERVERS, so state is restored much earlier in the boot sequence.
...
* REQUIRE: isdnd, so this will be shutdown before that, to prevent
future problem if isdnd eve gets an explicit "shutdown" keyword.
Per discussion with Martin Husemann.
2004-07-05 08:21:15 +00:00
ebdc55a49e
Make sure "downinterfaces" comes first - this means on shutdown this
...
script will run before downinterfaces destroys all state we try to
save here.
2004-07-05 07:53:03 +00:00
81b4ff7c8b
PR bin/26142: add defaults for $pf and $pflogd.
2004-07-04 13:59:34 +00:00
17835aa16b
add apm
2004-07-03 14:59:17 +00:00
3112a70615
Check for "pf" and "pflogd".
2004-06-30 11:25:22 +00:00
elad