Commit Graph

285 Commits

Author SHA1 Message Date
lukem ce3ce86261 migrate raising of securelevel from sysctl to separate securelevel script.
the latter depends upon aftermountlkm (but is required by DAEMON), so that
lkms may be loaded before the securelevel is raised.
noted by Rafal Boni <rafal@mediaone.net> in [bin/10780]
2000-08-21 23:31:24 +00:00
lukem 09251753f6 migrate rc.wscons to (already existing) rc.d/wscons 2000-08-21 23:01:36 +00:00
abs 31a6224745 Move options into ntp_flags, to make it possible to add '-u' without
modifying rc.d/ntpdate
2000-08-21 14:48:39 +00:00
lukem 5007ab036b - sshd has a pid file, so take advantage of it
- support `reload' arg (using default of SIGHUP)
2000-08-10 22:49:43 +00:00
thorpej 690a071d43 Need bsd.own.mk 2000-08-10 22:02:07 +00:00
lukem 0b1677de5f - provide sshd not ssh
- don't start until after LOGIN (after NETWORK is way too early)
- KNF (as such :)
2000-08-10 01:41:09 +00:00
thorpej f0c5d26a40 Startup script glue for the Heimdal KDC. 2000-08-06 21:32:56 +00:00
itojun e9b5e5d87c fix comment on DAD wait 2000-08-02 13:59:11 +00:00
hubertf dcefdf7722 Adjust comment to what's actually being done 2000-08-02 11:07:51 +00:00
itojun 8451f00774 we need to sleep for IPv6 DAD period, before and after rtsol.
(they are for stability in boot-time configuration)
comment from perry.
2000-08-01 20:49:11 +00:00
jwise d6662ec62f Change name of precmd from start_precmd to sshd_precmd. While it worked
fine as was, the result was the line `start_precmd=start_precmd' which
looked odd.  Pointed out by Bernd Ernesti.

While here, add NetBSD RCS Id.

BTW, to clarify, as people have asked:  this script does not support
pkgsrc/security/sshd -- that package comes with a perfectly fine rc script
which in addition to supporting /etc/rc.d can also be used with 1.4.X.

This script will not trivially work with the ssh package as it a.) calls
the ssh commands at the pathnames they will be installed at by usr.bin/ssh,
and b.) generates a DSA key as well as an RSA key.
2000-08-01 14:28:32 +00:00
jlam f3983ea4df Correct apparent past-o: RSA -> DSA 2000-07-31 21:43:52 +00:00
jwise 5cfec6f11d An sshd startup script for use with usr.bin/sshd. Installation is conditional
on ${SSHDIST}, as with usr.bin/ssh itself.

This script includes a `keygen' target for regenerating RSA and DSA host keys,
and invokes this if these keys are not present when sshd is started up.
2000-07-31 20:39:41 +00:00
chuck c438e69177 if update_motd is set, do not gratuitously force it to have an empty line
in it.  also be a bit smarter about deleting stuff from motd during
update.  it is now possible to have a one line motd just like in SunOS.
2000-07-31 00:17:05 +00:00
veego ea8a88f609 syslog requires databases from sysdb which creates /var/run/utmp. 2000-07-29 21:50:20 +00:00
lukem 392130e304 move recreating /var/run/utmp from mountcritlocal (where /var/run is
purged but /usr/bin/install is not available) to sysdb.
problem noted by Matthias Drochner.
2000-07-27 13:58:49 +00:00
lukem 48b9eee5e1 * add new dummy dependancy `NETWORK' to be REQUIREd by services which need
networking to be operational before starting, and use as appropriate.
  NETWORK depends upon network and dhclient.
* move the guts of systemfs into mountcritlocal
* replace the dependancy on systemfs with mountcritremote, and remove the
  former.
* SERVERS now also depends upon ppp

Notes:
* dhclient (and others) needs /var to be a $critical_filesystem_beforenet
* dhclient now starts before syslogd (because the latter needs /usr, and
  /usr might need dhclient to be mounted)

Should fix PRs:
    [install/9853] [bin/10002] [misc/10349] [port-i386/10633] [misc/10641]
2000-07-26 00:11:48 +00:00
jdolecek 1bf05ae3b1 the format without netmask is supported for compatibility only and not
specifying it is discouradged, actually
also add comments about this fact to etc/rc.d/network, for people who
don't read manpages :)
2000-07-25 18:47:28 +00:00
lukem 1a29746222 - fix typo; the first ipsec_start() should be ipsec_prestart()
- if ipsec.conf isn't readable and the system is booting directly to multiuser,
  send SIGTERM to the parent (/etc/rc) so that init(8) aborts the boot.
2000-07-21 01:16:07 +00:00
lukem 262e4b1975 if ipf.conf isn't readable and the system is booting directly to multiuser,
send SIGTERM to the parent (/etc/rc) so that init(8) aborts the boot.
2000-07-21 01:14:23 +00:00
lukem 31e7834913 reword description 2000-07-20 23:36:56 +00:00
thorpej f5e99478c8 Build a list of cloning network interfaces to configure, as well
as normal interfaces.
2000-07-20 19:43:10 +00:00
lukem 47a3878257 reenable stop_cmd now that network doesn't get run at shutdown 2000-07-17 15:25:42 +00:00
lukem db024b3733 add '# KEYWORD: shutdown' so that these scripts get run at shutdown time.
now, only scripts with the keyword `shutdown' will be run by /etc/rc.shutdown,
which speeds up shutdown and makes it more robust.
2000-07-17 15:24:48 +00:00
lukem 97d13d02c3 * remove bogus comment about aborting the boot if ipsec.conf doesn't exist;
this hasn't really worked and is probably too messy to resolve...
2000-07-17 13:10:54 +00:00
lukem a8b1b91ded * add support for `status'
* remove bogus comment about aborting the boot if ipf fails; this hasn't
  been supported since the rc.d migration and is too messy to resolve...
2000-07-17 12:58:14 +00:00
lukem d92b803c29 use "load_rc_config swap" for swap1 and swap2 2000-07-17 12:27:04 +00:00
lukem 8086bde7eb share the same load_rc_config between the lkm* scripts 2000-07-15 02:30:18 +00:00
itojun c60ddc2403 remove ip6defaultif configuration. because:
- ndp is in /usr/sbin, chokes on NFS-mounted /usr installation
- the option is just for IPv6 specification geek, not for normal users
2000-06-20 16:48:14 +00:00
enami 295358cfe1 Don't warn that $hostname isn't set if the hostname is already set. 2000-06-20 08:34:33 +00:00
itojun c45b4229e4 typo 2000-06-14 03:24:16 +00:00
itojun 60cd90f104 TODO; should check /etc/ipsec.conf owner/permission,
while we don't have find(1).
2000-06-13 18:17:13 +00:00
itojun 00ded2c64e add rc.d/ipsec for ipsec configuration. when enabled, it will inject
/etc/ipsec.conf into "setkey -f".  PR 9609.
2000-06-13 16:29:53 +00:00
itojun 246f43dbbb use ${start_precmd} to check duplicate sendmail.cf.
do not use "err" on failure, it is not that fatal (it's okay if we
don't start sendmail)
2000-06-13 15:53:03 +00:00
fvdl 75748efda9 Use load_rc_config 2000-06-09 14:14:44 +00:00
itojun 609377a40f run sendmail under the following conditions:
- /etc/mail/sendmail.cf exists, no /etc/sendmail.cf
- /etc/mail/sendmail.cf exists, /etc/sendmail.cf same content as
  /etc/mail/sendmail.cf
die in other cases.  PR 10243.
2000-06-04 08:33:58 +00:00
fvdl a5f38c029b rpcbind uses a pidfile. 2000-06-03 00:17:17 +00:00
fvdl 02cd59a751 * Portmap is now called rpcbind.
* Add IPv6 RPC entries to inetd.conf (commented out by default, as the others)
* Add netconfig file, needed for TI-RPC code.
2000-06-02 22:54:08 +00:00
itojun a7c4c34f96 refer PR 10100 for /etc/sendmail.cf check 2000-05-31 16:00:36 +00:00
bouyer f5e3c48aad Depends on quota; when quotached runs while NFS clients are writing,
bad things happens.
2000-05-29 07:10:41 +00:00
tron e63bc36c7f Call "load_rc_config()" earlier so that configuration variables are read
before command arguments are defined. Fixes PR bin/10220 by Ron Roskens.
2000-05-29 06:53:03 +00:00
hubertf cdc1e0be32 /etc/dhclient.conf is *not* required for dhclient to run. 2000-05-26 20:44:17 +00:00
oster 4c318b5d41 At boot, initiate parity/mirror reconstruction as required.
This operation is backgrounded, and sequentially ordered.
2000-05-16 16:54:33 +00:00
tron d683136c9f Don't complain about existence of "/etc/sendmail.cf" if "sendmail" is
not set to "YES" in "/etc/rc.conf".
2000-05-15 06:16:04 +00:00
tron 24ad7fd36c Add "wscons" to requirement list so that a tty used for syslog output
will be created before starting the syslog daemon.
2000-05-14 13:12:11 +00:00
lukem 5c1b0ec207 Use load_rc_config() (from rc.subr) instead of sourcing /etc/rc.conf.
This allows us or a user to change the configuration file method in
one place - rc.subr - without having to edit all of the rc.d/* files.
2000-05-13 08:45:06 +00:00
lukem d934c3b536 only support reload as an extra command; there's too much special case
code that needs to be implemented to make this script totally replicate
what /usr/sbin/ndc does.
2000-05-13 03:46:42 +00:00
itojun 4bc21c2fb4 do not let 127.0.0.0/8 leave the node. based on RFC1122. 2000-05-09 10:49:26 +00:00
tsarna fff5c01493 This was doubly borken... 2000-05-07 19:03:25 +00:00
tsarna fe4377f98c Only warn on non-default old nfsiod args. 2000-05-07 02:04:20 +00:00
itojun 78565052f1 do not cope with pre-8.10 configuration file. do not start sendmail.
From: hubert
2000-05-03 17:03:10 +00:00
joda dc09e9637e xntpd -> ntpd 2000-05-03 14:40:39 +00:00
itojun 366bbade5a sync with sendmail upgrade.
- sendmail configuration files are in /etc/mail, not /etc.
- src/etc/aliases will be installed into /etc/mail/aliases (confusing)
- rc.d/sendmail warns if /etc/sendmail.cf exists.
2000-05-03 10:55:19 +00:00
augustss b09bd0e884 s/xntpd/ntpd/ 2000-05-02 16:31:11 +00:00
simonb e5150c9868 Out with the old, in with the new. 2000-05-02 12:19:20 +00:00
lukem 0a610ebbd3 use extra_commands= instead of using 2nd argument to run_rc_command 2000-04-30 13:23:04 +00:00
lukem 3b853f3018 remove /var/run/dmesg.boot before attempting to write to it 2000-04-30 12:39:56 +00:00
lukem 32c9a44095 - use checkyesno in $start_precmd and change start_cmd to `postfix start'
- use $extra_commands instead of passing "reload" to run_rc_command
2000-04-30 12:21:00 +00:00
veego 63f94fabf2 Fix the last change so it doesn't fail due too a missing '; then'. 2000-04-29 06:01:08 +00:00
thorpej 7a38ab7c44 Don't warn about $hostname not being set if $dhclient == YES; it's quite
likely that we'll be getting the hostname via DHCP when it runs.
2000-04-28 00:13:39 +00:00
veego ebe6c4d40d Use the stop_cmd to unmount the filesystems with 'umount -a'.
This helps to fix the unclean reboots (at least on my system).
2000-04-27 21:00:50 +00:00
veego c9f5754ee8 You need to add a xxx_precmd with a checkyesno yyy if you use a xxx_cmd
in an rc.d script.
2000-04-27 20:58:26 +00:00
thorpej fad0a37405 Provide rc.d support for the Postfix mail system. Committed to the
base because there is no support for packages in rc.d, and Postfix
is supposed to become part of the base system anyhow.
2000-04-26 05:28:03 +00:00
thorpej 0316517d36 Make ccd and raidframe provide `disks', and make swap1 and fsck
depend on `disks', rather than `ccd' and `raidframe'.
2000-04-26 05:13:51 +00:00
itojun 3fff16ff47 rtsol is not a daemon. rtsol.d should have been killed by rc.d/rtsold.
(correct me if i'm wrong)
2000-04-20 02:12:04 +00:00
thorpej a596663a81 nfsiod script is gone. 2000-04-16 04:18:51 +00:00
tsarna a32696c2de Death to nfsiod!
It is replaced by kernel threads that do the same thing. The number of
kernel threads used is set with the vfs.nfs.iothreads sysctl.
2000-04-15 21:14:48 +00:00
lukem f408de971d as this script is primarily for compatibility (with people's
rc.local), call it in a way that is compatible with the old behaviour:
	* remove the stop case
	* don't set $1="start" in the start case

xxx: it's debatable if this script should even exist, but i digress ;-)
2000-04-13 00:39:47 +00:00
lukem 2665e61925 make `stop' a no-op, so that the network doesn't disappear at an
inconvenient time during boot.

this may be fixed a different way in the long term...  (not that the old
rc.shutdown supported stopping the network, or could i really see a
practical use for allowing it at this stage, but in the future someone
might want the functionality i've just disabled).
2000-04-11 05:03:24 +00:00
tsarna 506c359083 Improve backwards compatability and leave securelevel the old way. 2000-04-09 21:00:04 +00:00
tsarna 163510ecf4 The file /etc/sysctl.conf is now run with sysctl -f at boot time.
This replaces the previous /etc/rc.d/sysctl. Also, the variables are now
set earlier, between ipf/ipnat and the network coming up.

The rc.conf defcorename and securelevel variables are no more. You can
set them directly in sysctl.conf now.
2000-04-08 23:02:53 +00:00
thorpej 93f24178a7 dhclient does not, in fact, require /var/db/dhclient.leases to exist. 2000-04-06 17:19:13 +00:00
enami 129d97f658 routed is live in /sbin, not /usr/sbin. Pointed out by kay@kaynet.or.jp. 2000-03-29 09:09:06 +00:00
itojun 0a94c72b0f correct reject route installations for IPv6. improve comments. 2000-03-17 17:41:01 +00:00
lukem 174455c38a fix check for domainname since it can come from /etc/defaultdomain as well as $domainname 2000-03-16 22:22:15 +00:00
fvdl 8fbb81c21e dhclient lives in /sbin, not /usr/sbin 2000-03-15 03:15:47 +00:00
lukem 0059d641e5 * replace daemon, login, servers with DAEMON, LOGIN, SERVERS
* remove sshd (it was from my private system)
2000-03-13 04:03:52 +00:00
itojun deaf45edc1 disallow packets to malicious 6to4 prefix, based on
http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
2000-03-12 04:21:26 +00:00
thorpej 5d18d90843 Rearrange so the ouput of this is a bit more cosmetic. 2000-03-12 03:49:36 +00:00
veego bfa0f14ea6 Fix the network_stop function so it doesn't fails due to missing ]['s. 2000-03-11 20:13:42 +00:00
veego 0cc5873563 Add raidframe to the REQUIRE list. rcorder seems to get it right, but it
is better to add it.
2000-03-11 20:12:22 +00:00
veego b869270297 Don't start rc.wscons with an start/stop argument. Disable stop and add an
checkyesno check.
2000-03-11 20:11:16 +00:00
veego 84807b9933 Add missing checkyesno's. 2000-03-11 20:10:21 +00:00
veego aacfec2af3 mountd requires mountall. 2000-03-11 17:29:50 +00:00
lukem c53094a738 rc.d scripts derived from /etc/rc 2000-03-10 11:53:23 +00:00