Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
145,092 Commits 606 Branches 0 Tags 3.1 GiB
c6d79d21de
Commit Graph

3547 Commits

Author SHA1 Message Date
wiz
850fd51087 Add /usr/share/legal. 2005-10-22 12:31:52 +00:00
hubertf
3b644e49b3 Per Christos (board): 
* move src/etc/COPYRIGHT to src/share/legal/COPYRIGHT and install that
   (in /usr/share/legal)
 * nuke src/share/man/man0/COPYRIGHT
 * mark /usr/share/man/COPYRIGHT as obsolete
 2005-10-22 06:04:57 +00:00
hubertf
df48f941aa Fix comment: "Below", variables are assigned with += not = 2005-10-22 05:46:06 +00:00
elad
07a01daf00 Load Veriexec signatures after mountall. Use veriexec_strict and 
veriexec_verbose to set strict level and verbose level in rc.conf.
Defaults are 0.
 2005-10-15 23:26:30 +00:00
tsutsui
387175fffe - tty0? -> ttyZ? 
- add ttyE0
 2005-10-15 03:00:30 +00:00
tsutsui
822346a086 tty0? -> ttyZ? 2005-10-15 02:58:31 +00:00
elad
78df0b1930 Revert previous commit; I'll find a better solution. 2005-10-11 21:36:11 +00:00
elad
d8980923a4 We need mountall here. 2005-10-11 21:24:09 +00:00
he
6de0a4bd6a Add entries so that ./usr/share/doc/html/bind9/arm gets created, 
now that we want to install something there.
 2005-10-11 06:12:43 +00:00
jmc
38f5f32c9c After building sets, make sure and checksum the kern-* files in binary/sets. 2005-10-07 17:22:12 +00:00
tsutsui
a1987ab423 Remove old tty0? entries and add new ttyC? and ttyM?. 2005-10-07 16:20:43 +00:00
tsutsui
76540c92cb Remove compat symlink entries for old dca(4), dcm(4) and apci(4). 
Now they might cause other problems.
 2005-10-07 16:15:41 +00:00
rpaulo
995861ac50 Replace tty0[0-1] with ttyZ[0-1] because if we list symlinks, PAM 
would break and remove tty0[2-7] since they don't exist.
 2005-10-07 11:38:19 +00:00
martin
c1a47858e9 Better size estimation (the previous code counted the compressed kernels, 
but we only need the constant size volume header)
 2005-10-04 16:11:15 +00:00
christos
1cd51a7e8a update todo items. 2005-10-03 00:17:53 +00:00
jmcneill
d94618bd3e Add gpio devices to template. 2005-09-27 02:44:12 +00:00
christos
bc249013c1 Add the TOG copyright. 2005-09-24 18:22:22 +00:00
tsarna
a3e8f0991e Add pam_afslog. Like pam_krb5, this is a fast, quiet no-op if you aren't 
actually using it the subsystem.

Approved by: gendalia
 2005-09-22 01:02:12 +00:00
elad
392d31ddc2 Use more sane defaults for commented out fingerd entry. 
From OpenBSD and Zafer Aydogan.
PR/31341.
 2005-09-18 19:47:28 +00:00
tsarna
9cb3a4de17 Default rwhod to running as _rwhod (but leave disabled by default). 
I thought I already comitted this one...
 2005-09-15 03:40:34 +00:00
tsarna
384be89761 Adjust for ownership of /var/rwho 2005-09-14 14:01:57 +00:00
tsarna
cd41b5d099 add _rwhod user (and group) 2005-09-12 16:21:56 +00:00
rpaulo
0a8fc88cf5 Remove the localhost ip6.int example since, as per RFC 4159, ip6.int is 
now depreciated.

Discussedon tech-net.
 2005-09-01 14:02:01 +00:00
tron
f851540ac2 Move "named.conf" example configuration to "/etc" because that is where 
named(8) looks for it. You can now really get a caching name server
by simply setting "named=yes" in "/etc/rc.conf" as documented in
The NetBSD Guide. This fixes PR bin/30662 by Christian Hattemer.
 2005-08-30 10:58:33 +00:00
peter
9c1da17e90 pf needs to be started after the network is up, because some pf rules 
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.

Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.

No objections on: tech-security
 2005-08-23 12:12:56 +00:00
perry
15e3f0cc19 Small ugly hack -- sed "Mounted on" to "Mount" so that the df line 
fits in <80 columns.

We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.
 2005-08-22 14:24:45 +00:00
perry
9e84da172c Make max_loginlen and max_grouplen 16. 
We've handled 16 character logins for quite some time, and we even
have packages that create >8 character accounts. There is no point in
pretending the limit is 8 any more by default.

Discussed (very lightly -- there was little comment) on tech-userlevel
 2005-08-22 14:09:23 +00:00
rpaulo
82bdaacb4f Adapted to the changes of grfinfo(1) MANSUBDIR (hp300). (thanks Klaus Klein) 2005-08-20 17:23:53 +00:00
drochner
35a754577f add SIP 
(not going to import everything from IANA, but this is an increasingly
popular one)
 2005-08-16 19:41:01 +00:00
peter
ad9c34ce5c Changes suggested by lukem: 
1. Order pf to start before the network is configured.

2. If the pf_rules cannot be found at boot time, abort the boot (from the
   ipfilter script).
 2005-08-10 13:52:05 +00:00
peter
c9c458f33c Add command_args="-D" to the ftpd rc.d script. This flag is always needed 
when running ftpd as daemon and it will now automatically be appended to the
command line, even if ftpd_flags doesn't have it.

Suggested by Alan Barrett and Luke Mewburn, thanks.
 2005-08-09 14:59:33 +00:00
peter
c100ff5b4d Add "-ll" to ftpd_flags to be consistent with the entry in inetd.conf. 
Suggested by lukem@.
 2005-08-08 00:20:46 +00:00
peter
9cfba4bb75 Add a note telling that ftpd_flags should always contain "-D". 
Suggested by lukem@.
 2005-08-08 00:19:37 +00:00
peter
d0b18db569 Allow to change the location of the pf ruleset with the variable $pf_rules. 2005-08-07 01:03:39 +00:00
chris
3d4b482c1f As requested in PR port-cats/30460 add support for GENERIC.ABLE kernel to 
sysinst, and also add the ABLE install kernel to the generated release
kernels.
 2005-08-07 00:21:38 +00:00
peter
f74a86ef4f Add the new ftpd rc.d script. 2005-08-04 22:32:44 +00:00
peter
cbc0c4b837 Add defaults for ftpd. 2005-08-04 22:29:01 +00:00
peter
7eb092e6c3 Add rc.d support for standalone ftpd, suggested by perry@. 2005-08-04 22:28:17 +00:00
shige
9bc1bf15c8 Add md-kernel for installation: INSTALL_OPENBLOCKS266. 2005-08-03 14:55:37 +00:00
nakayama
69b6d49897 Add man page for teliosio(4). 2005-07-31 00:12:16 +00:00
skrll
acd7c4c5ca Add a driver for Cypress microcontroller based USB serial adapters. 
XXX hw flow control is not supported.
 2005-07-30 06:14:49 +00:00
christos
0e7146df89 Improve on the migration bit. Check if files are different, and if not, 
remove the source and leave a symlink behind. Otherwise, let the user know.
 2005-07-17 21:28:45 +00:00
christos
a2663103c5 Copy and link files to allow a chrooted named to start-up automatically. 2005-07-17 16:30:57 +00:00
kiyohara
c1a84a4d12 ieee1394 import from FreeBSD. 2005-07-11 15:29:05 +00:00
lukem
fccd5bd47c Update permissions of /var/log/wtmp{,x} to match those installed by 
etc/Makefile.
Fixes PR 30717 from Jukka Salmi.
 2005-07-11 08:41:40 +00:00
macallan
478cf01748 added ttyC00 and ttyC01 fopr the SPARCbook's internal modem and PCMCIA 
modems
 2005-07-03 18:08:53 +00:00
rpaulo
aafff09728 Add ptyfs to the file-system types ignored by the find_core check. 
Ok'ed by Christos Zoulas and Hubert Feyrer.
 2005-06-30 18:23:26 +00:00
perry
03c94431fb add /usr/libexec/ching 2005-06-30 12:40:22 +00:00
symka
87283c876e PR/29317: ifconfig.if does not allow parameters with spaces 
OKeyd by christos@
 2005-06-28 13:36:40 +00:00
peter
df0caa2637 Remove (pf)spamd. Its right to exist in NetBSD has been questioned since it 
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.

A port of the latest spamd will be imported into pkgsrc soon.

Suggested by several people, no objections on last proposal on tech-userlevel.
 2005-06-27 20:32:39 +00:00
jdc
92c2871701 Make fb a link to fb0. 
Add an entry for fb1.
 2005-06-24 06:43:40 +00:00
jdc
7a2ed0814d Add an entry for fb1. 2005-06-24 06:43:06 +00:00
elad
68988657cd Don't allow unprivileged users to access the veriexec device. 2005-06-16 15:31:21 +00:00
elad
faffb35d60 Run veriexec before securelevel and sysctl scripts. Suggested by Nino Dehne. 2005-06-15 18:49:40 +00:00
christos
3ccdf9a0d7 default swapoff to yes, and explain why. 2005-06-15 03:34:45 +00:00
he
c4f693fe6b Make a simple fix for inculsion of disklabel.h. Since this script 
doesn't do CPP conditionals, just avoid trying to "include" files
in the newly established nbinclude area, the in-tree version in the
normal place should work fine.

Fixes build problem for (among several others) cats.
 2005-06-14 20:47:46 +00:00
tron
abba7e56c8 Enable RAIDframe support in the NetBSD-macppc installation media. 
Based on patches submitted by Ian Spray in PR port-macppc/30465.
 2005-06-09 13:29:57 +00:00
he
82e01bc59d Now that /var/log/wtmp and /var/log/wtmp should have group=utmp, 
instruct newsyslog to follow up this when rotating these logs.
 2005-06-05 07:33:17 +00:00
bouyer
44d1677f84 Remove support for build.sh -m xen, this has been merged in the i386 
build. Pointed out by Chuck Silvers.
 2005-05-29 10:54:40 +00:00
blymn
c1a5be3d85 Fix naming of the verified exec character device placeholder. 2005-05-28 14:54:06 +00:00
tsutsui
d4c33e9952 Ecoff kernels are no longer needed. 2005-05-23 13:05:04 +00:00
macallan
d2d9cb8374 added wd* 2005-05-23 00:43:13 +00:00
lukem
1bd2839e9a Consistently use 0664 root:utmp for /var/log/{lastlog,wtmp}{,x}. 
Rest of PR 18670.
 2005-05-22 14:34:20 +00:00
chs
1c2ca83340 add a ramdisk and LIF image for sysinst-based installation. 2005-05-18 14:04:26 +00:00
chs
408467d27a allow rsh if the user's password is null. from christos. 2005-05-14 15:17:47 +00:00
lukem
e03970d626 correct line for "password" 2005-05-13 02:56:34 +00:00
christos
4aafff6cc5 it makes no sense to check ptyfs for new and gone devices. From Rui Paulo, 
many thanks.
 2005-05-12 14:02:05 +00:00
peter
7147ba1184 PR/30177: Rui Paulo: /var/chroot/pflogd isn't created by default 2005-05-11 10:41:51 +00:00
martin
7a5b2dfb39 Tweak the iso-image support: avoid arbitrary hardcoded sizes - use awk to 
estimate the real size and round up a bit instead. Doesn't matter much, but
produces a "better" sgi volume header.
While there, simplify a few bits and avoid grep|awk pipes.
 2005-05-10 21:58:03 +00:00
martin
5f3107ece4 Add wscons virtual consoles 2005-05-02 13:39:54 +00:00
lukem
b26a3203a3 Add /etc/pam.conf and /etc/pam.d/* 2005-05-02 03:23:43 +00:00
lukem
188cee5c01 Fix previous, caused by premature optimization... 
Noted by Kirk Russell.
 2005-05-02 02:51:04 +00:00
lukem
710a7ff6e8 Use zeropad() and hexprint() instead of printf(1). 2005-05-02 00:47:58 +00:00
lukem
117d01fe78 Add hexprint(); display the given number as hex. 
Add a comment to document zeropad()'s purpose.
 2005-05-02 00:46:46 +00:00
augustss
c246220559 Make /dev/usb readable to all; it is only used to report USB events. 2005-04-30 16:26:06 +00:00
christos
699bb11d46 Add more locale directories in preparation of new gettext. 2005-04-26 19:39:11 +00:00
cjs
2dc0814b72 Make ifaliases_lo0 in rc.conf work just like other interfaces (instead of 
being ignored). Also, when configuring aliases set as ifaliases_xxN,
print out the interface name and the alias address.
 2005-04-26 10:28:29 +00:00
martin
441f539b14 Pickup bootblock.h from $DESTDIR to make this work when crosscompiling. 2005-04-22 09:49:45 +00:00
blymn
8387760ed1 Rototill of the verified exec functionality. 
* We now use hash tables instead of a list to store the in kernel
    fingerprints.
  * Fingerprint methods handling has been made more flexible, it is now
    even simpler to add new methods.
  * the loader no longer passes in magic numbers representing the
    fingerprint method so veriexecctl is not longer kernel specific.
  * fingerprint methods can be tailored out using options in the kernel
    config file.
  * more fingerprint methods added - rmd160, sha256/384/512
  * veriexecctl can now report the fingerprint methods supported by the
    running kernel.
  * regularised the naming of some portions of veriexec.
 2005-04-20 13:44:45 +00:00
lukem
8232ca0162 Tweaks for the move of postinstall from /etc to /usr/sbin 2005-04-17 23:12:40 +00:00
lukem
5c5750a595 Move /etc/postinstall (and the etc.tgz set) to /usr/sbin/postinstall 
(and the base.tgz set).
 2005-04-17 15:15:48 +00:00
lukem
41595413ba elaborate on sysctl rename 2005-04-16 04:19:24 +00:00
kleink
7a5e7ac8e9 Adjust for the Argentina directory that came with tzdata2004b; 
noted by Geoff C. Wing in PR bin/29954.
 2005-04-12 15:35:54 +00:00
jwise
bfd29aa656 /var/chroot/spamd is now /var/chroot/pfspamd. 2005-04-12 14:24:32 +00:00
peter
271ad04cd9 Allow an underscore as first character and embedded underscores & dots 
for login and group names.

Fixes PR misc/29913 from Arto Selonen.
 2005-04-11 15:46:42 +00:00
bouyer
4b058b80fb Add xencons to the default list of devices. Fix port-xen/29887 by Juan RP. 2005-04-06 21:06:28 +00:00
peter
c37e23a1f9 Add _pflogd group. 2005-04-05 19:57:30 +00:00
christos
96cf4771d1 PR/29891: Arto Selonen: su(1) does not seem to honor SU_ROOTAUTH any more 
Move the rootauth group line before the wheel check, so that rootauth users
are not required to be in wheel [still commented out]
 2005-04-05 18:23:36 +00:00
peter
ee8532311f Add _pflogd to the uid check. Pointed out by Luke Mewburn. 2005-04-05 07:03:33 +00:00
peter
80271013f5 Add the _pflogd user which will be used by pflogd(8), the logging daemon 
for pf(4).

Approved by core.
 2005-04-04 19:06:43 +00:00
lukem
c0372ca1ef ypserv(8) doesn't need the domainname(1) set -- it will serve any maps 
present under /var/yp/<somedomain>/<map> -- so don't require it.
Thanks to Chuck Cranor for the suggestion.
 2005-04-01 23:25:29 +00:00
peter
7c4b722858 Add pf to the all target. Pointed out by Steve Rumble. 2005-04-01 21:07:01 +00:00
lukem
d45db391ec Install all obsolete X11 sets (even empty ones). 2005-03-28 03:13:39 +00:00
tnozaki
a3b248100e add csmapper:CNS11643-1,2 and esdb:ISO-2022-CN, 
integrate esdb:EUC-TW, locale:zh_TW.eucTW.
 2005-03-27 22:30:05 +00:00
tron
f1f5ecd1a9 We must check for "${MACHINE}" and not "${MACHINE_ARCH}" of course to 
decide about port specific obsolete lists.
 2005-03-25 20:15:20 +00:00
tron
728512171e Checking for the file "xserver" in "${OBSOLETE.dir}" doesn't work because 
the check will be done before the target which is used to create that file.
So simply add "xserver" to "${OBSOLETE.file}" based on the architecture.
 2005-03-24 20:23:55 +00:00
martin
6ebdd24d9a Make var/db/obsolete/xserver optional. 2005-03-24 09:07:17 +00:00
rtr
c6b047ea8b + do not install getconfig 2005-03-24 05:27:18 +00:00
rtr
80843b35d1 + getconfig scripts and configs 2005-03-22 21:43:24 +00:00
lukem
857d896931 -s can be given 'etc.tgz' directly. (Thanks to hubertf for the reminder) 
Improve usage.
 2005-03-22 04:43:53 +00:00