Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
92,593 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

186 Commits

Author SHA1 Message Date
itojun dcdec20e94 check existence of /etc/ssh_host_rsa_key too 2001-03-26 22:32:39 +00:00
itojun 27c0127814 auto-generate SSH protocol version 2 RSA key. 
use newer command line syntax for ssh-keygen (-t <type>, instead of -d)
 2001-03-26 22:21:26 +00:00
lukem 6ddd47cd37 if $named_chrootdir != "", ensure that the following files, devices, 
and links exist:
	${named_chrootdir}/usr/libexec/named-xfer
	${named_chrootdir}/dev/null
	${named_chrootdir}/etc/localtime
	/var/run/named.pid -> ${named_chrootdir}/var/run/named.pid
	/var/run/ndc -> ${named_chrootdir}/var/run/ndc
and then start named with the appropriate options to run chroot(2)ed
under $named_chrootdir as user named group named.

to take advantage of this, an admin should copy /etc/namedb ->
${named_chrootdir}/etc/namedb, and set named_chrootdir in /etc/rc.conf.

[dev/null & etc/localtime setup inspired by openbsd. i already had the rest]
 2001-03-12 16:08:38 +00:00
lukem a2c01fa479 if $named_chrootdir is defined, add ${named_chrootdir}/var/run/log to 
the list of sockets listened to.
 2001-03-12 16:04:20 +00:00
itojun 5c34a310c2 comment correction: 127/8 must not leave the node (RFC1122) 2001-03-02 03:07:29 +00:00
lukem 9c42e9ee42 explicitly REQUIRE mountcritremote. sort REQUIRE entries 2001-02-28 18:14:50 +00:00
lukem a65b46cfa0 clarify purposes 2001-02-28 17:19:42 +00:00
lukem 12c191e0cc support `resync' (ipf -y). 
suggested by Johnny C. Lam in [misc/12300]
 2001-02-28 17:03:50 +00:00
fredb fac4bf8060 Add "hup" and "stop" commands. Closes PR bin/12135. 2001-02-11 00:51:35 +00:00
thorpej 04e705cf5a Depend on "ike". 2001-01-18 04:57:48 +00:00
thorpej 4baa94651d Startup script for racoon(8). Racoon provides "ike", and requires 
"kdc" (since you might want to use IPsec on your Kerberos server,
and might be using GSSAPI to authenticate Phase 1) and "ppp" (since
racoon(8) needs to know about all of your network interfaces).
 2001-01-18 02:01:12 +00:00
thorpej b170714679 The KDC requires only the network. Anyone running a KDC with 
the binary on NFS deserves to lose.
 2001-01-18 02:00:02 +00:00
minoura cb75d98f1d Add /etc/rc.d/poffd, for x68k power management deamon. 2001-01-14 15:37:22 +00:00
itojun 7de2724c3a move IPv6 mode/route configuration upwards, so that !rtsol in 
/etc/ifconfig.* is meaningful.
 2001-01-13 13:26:36 +00:00
itojun 3711020b5c extend /etc/ifconfig.xxN, for comment lines (#) and shell script 
fragment (!).  inspired by openbsd /etc/hostname.xxN.
 2001-01-11 17:56:16 +00:00
martin 5b6d57d949 Supply enough rope to let the user disable or override all interface 
up/down magic.
 2001-01-08 12:45:39 +00:00
martin f9d12c2349 Don't fiddle with any isdn interface if the isdnd variable is set to NO 
in rc.conf.

Actually do install the isdnd script.
 2001-01-07 17:53:36 +00:00
martin 15a3b3b6e1 Add startup script for isdnd. 2001-01-07 17:04:49 +00:00
itojun 6c348b2e2e add $ip6sitelocal, to control installation of reject route for fec0::/10. 2001-01-03 17:54:04 +00:00
jmc c5ddb89d6e Patch from Hubert. aliases never get rebuilt if aliases.db is never originally generated. 2000-12-18 07:56:41 +00:00
nisimura 46d6b5a7cd More cautious about undefined hostname check in terms of what hostname(1) 
returns.
 2000-11-26 06:46:42 +00:00
nisimura 7fecedd930 I believe in that the facy nested quotes was intended to skip blank 
lines, but am not sure it is allowed as a standard practice of the
/etc/ifconfig.xxN file.
 2000-11-22 04:20:04 +00:00
wiz f457c2158d un-break. 2000-11-21 16:12:48 +00:00
veego a497b11b46 The new am-utils use now /etc/amd.conf and no longer the $amd_master file. 
Despite that /etc/amd.conf is now the default configuration file, it needs
to be defined if you supply other options when you start amd, so add it here.
 2000-11-21 12:20:12 +00:00
lukem f8ea339f55 minor typo in previous 2000-11-21 09:59:02 +00:00
nisimura fa16d69a56 Shell programming police for sophistication; take #2. Handle the 
case when the filename expansion results in no match more gracefully.
Far less costy than invoking a new process.
 2000-11-21 09:38:06 +00:00
nisimura f412f76212 Shell programming police for sophistication. It's not necessary 
to enclose `prog` backquote command substitution with double quotes
as it produces a quoted string.  Other changes are pending this time.
 2000-11-21 08:39:50 +00:00
lukem 84fed31e23 start all raid[0-9].conf and raid[0-9][0-9].conf, not just raid[0-3].conf. 
do in order, so that raidN.conf is started before raidNN.conf.
 2000-11-17 05:43:46 +00:00
lukem 616bd9bad1 - replace `IFS='.'; set -- $int; echo $2` with ${int##*.} 
- can't use $configured_interfaces in network_stop(), so use `ifconfig -lu`
  instead
 2000-11-17 04:19:06 +00:00
jdolecek cb5786ecbe make this REQUIRE also cleartmp, so that it's started after /tmp 
is cleared, otherwise the xfs's socket might get removed
This fixes misc/10310 by Alasdair Baird
 2000-11-09 00:05:31 +00:00
nisimura 585c4dc3e6 Add missing -n option of sysctl(8) booted_kernel name retrival. 2000-10-14 07:33:39 +00:00
nisimura 17e8cec25b Use && and || for logical concatenations instead of -a/-o test operators. 2000-10-09 06:11:38 +00:00
nisimura 15bcada9c3 - Remove extra 'rm -f' since file redirect safely clobbers existing files. 
- Remove one sed invocation replacing it with shell internal construct.
 2000-10-09 06:01:18 +00:00
nisimura a1cd6987aa Use find(1) to search files in straight fashion with the cost of external 
command invocation.
 2000-10-09 05:33:53 +00:00
nisimura fb62520419 Avoid extra command invocation as possible, and use smart variable 
substitution instead.
 2000-10-09 05:30:17 +00:00
nisimura e4d2a57704 - avoid -a or -o logical operator of test command as possible. They would 
introduce syntaxical ambiguousity, and having concatenation with && or
  || costs nothing because our sh(1) has test(1) builtin.
- use elif construct to avoid dungling else-ifs.
- while-read construct does not need enclosed by a sub-shell.
- variable detection could be done in eval args=\$ifconfig_$int
- smart variable substitution occationally saves lines and extra command
  invocations.
 2000-10-09 05:02:14 +00:00
lukem 641a3c9378 support loading ipf6.conf as well as ipf.conf. 
inspired by [misc/11033] by Gregory McGarry <g.mcgarry@ieee.org>
 2000-10-01 05:58:06 +00:00
fvdl 5927169fa7 Mention "a.out" in the start message to be clear about the purpose of 
this script.
 2000-09-29 17:49:25 +00:00
thorpej c949d8af3c Always install sshd. 2000-09-28 22:16:15 +00:00
ad d43acf7d93 Provide the option of running newsyslog at boot time; mainly for laptop 
people.
 2000-09-21 10:36:02 +00:00
lukem bd11504cb2 - only perform the checkyesno on the variable named in $rcvar (rather than 
implicitly using $name if $rcvar isn't set), and always perform this check,
  even when using start_cmd (et al).
  this check is performed before the pidcmd
  is run, speeding up scripts that weren't going to be run anyway.
  this should speed up booting slow systems.

- take advantage of the above and remove
	start_precmd="checkyesno foo"
  in scripts that use start_cmd.

- explicitly set rcvar=foo in the rc.d/foo scripts which have an equivalent
  rc.conf entry

- fix `rcvar' and `restart' when $rcvar isn't set.
  these above changes fix PR [bin/11027].

- when doing `force*', ignore the return value of *_precmd.
  this fixes PR [bin/10781].

- rename what sysdb provides from `databases' to `sysdb', to reflect
  the name of the script.

- improve the comments in rc.subr
 2000-09-19 13:04:38 +00:00
jdolecek 1c61a5d083 On sendmail start, check modification time of /etc/mail/aliases 
and couple of other common map files and regenerate appropriate
*.db files as needed.
Idea taken from RedHat 6.2.
 2000-09-14 21:03:17 +00:00
lukem 42655f8ee9 REQUIRE ipnat and mountd. 
fixes PRs [misc/10958] and [misc/10959] by Mike Santos <mike@ethmoid.org>
 2000-09-06 01:05:43 +00:00
lukem ebc99afce8 sort lines. add nonlocalswap, securelevel 2000-08-21 23:39:07 +00:00
lukem e26f093e93 convert fsck.sh -> fsck (using kill -TERM $$ to stop autoboot). 2000-08-21 23:38:07 +00:00
lukem b94d4bd809 sort REQUIRE lines 2000-08-21 23:36:50 +00:00
lukem 093b7f0ae5 remove BEFORE DAEMON 2000-08-21 23:35:41 +00:00
lukem 3f5134ff22 REQUIRE ipfilter and ipsec 2000-08-21 23:35:20 +00:00
lukem 8f896c47b9 `REQUIRE bootconf' in lkm1 rather than `BEFORE beforenetlkm' in bootconf.sh 2000-08-21 23:34:45 +00:00
lukem a4517195f9 needs to run after mountcritremote, since ipnat is in /usr/sbin 2000-08-21 23:33:50 +00:00
lukem d8b52eec28 support running /etc/rc.shutdown.local 2000-08-21 23:33:06 +00:00
lukem ce3ce86261 migrate raising of securelevel from sysctl to separate securelevel script. 
the latter depends upon aftermountlkm (but is required by DAEMON), so that
lkms may be loaded before the securelevel is raised.
noted by Rafal Boni <rafal@mediaone.net> in [bin/10780]
 2000-08-21 23:31:24 +00:00
lukem 09251753f6 migrate rc.wscons to (already existing) rc.d/wscons 2000-08-21 23:01:36 +00:00
abs 31a6224745 Move options into ntp_flags, to make it possible to add '-u' without 
modifying rc.d/ntpdate
 2000-08-21 14:48:39 +00:00
lukem 5007ab036b - sshd has a pid file, so take advantage of it 
- support `reload' arg (using default of SIGHUP)
 2000-08-10 22:49:43 +00:00
thorpej 690a071d43 Need bsd.own.mk 2000-08-10 22:02:07 +00:00
lukem 0b1677de5f - provide sshd not ssh 
- don't start until after LOGIN (after NETWORK is way too early)
- KNF (as such :)
 2000-08-10 01:41:09 +00:00
thorpej f0c5d26a40 Startup script glue for the Heimdal KDC. 2000-08-06 21:32:56 +00:00
itojun e9b5e5d87c fix comment on DAD wait 2000-08-02 13:59:11 +00:00
hubertf dcefdf7722 Adjust comment to what's actually being done 2000-08-02 11:07:51 +00:00
itojun 8451f00774 we need to sleep for IPv6 DAD period, before and after rtsol. 
(they are for stability in boot-time configuration)
comment from perry.
 2000-08-01 20:49:11 +00:00
jwise d6662ec62f Change name of precmd from start_precmd to sshd_precmd. While it worked 
fine as was, the result was the line `start_precmd=start_precmd' which
looked odd.  Pointed out by Bernd Ernesti.

While here, add NetBSD RCS Id.

BTW, to clarify, as people have asked:  this script does not support
pkgsrc/security/sshd -- that package comes with a perfectly fine rc script
which in addition to supporting /etc/rc.d can also be used with 1.4.X.

This script will not trivially work with the ssh package as it a.) calls
the ssh commands at the pathnames they will be installed at by usr.bin/ssh,
and b.) generates a DSA key as well as an RSA key.
 2000-08-01 14:28:32 +00:00
jlam f3983ea4df Correct apparent past-o: RSA -> DSA 2000-07-31 21:43:52 +00:00
jwise 5cfec6f11d An sshd startup script for use with usr.bin/sshd. Installation is conditional 
on ${SSHDIST}, as with usr.bin/ssh itself.

This script includes a `keygen' target for regenerating RSA and DSA host keys,
and invokes this if these keys are not present when sshd is started up.
 2000-07-31 20:39:41 +00:00
chuck c438e69177 if update_motd is set, do not gratuitously force it to have an empty line 
in it.  also be a bit smarter about deleting stuff from motd during
update.  it is now possible to have a one line motd just like in SunOS.
 2000-07-31 00:17:05 +00:00
veego ea8a88f609 syslog requires databases from sysdb which creates /var/run/utmp. 2000-07-29 21:50:20 +00:00
lukem 392130e304 move recreating /var/run/utmp from mountcritlocal (where /var/run is 
purged but /usr/bin/install is not available) to sysdb.
problem noted by Matthias Drochner.
 2000-07-27 13:58:49 +00:00
lukem 48b9eee5e1 * add new dummy dependancy `NETWORK' to be REQUIREd by services which need 
networking to be operational before starting, and use as appropriate.
  NETWORK depends upon network and dhclient.
* move the guts of systemfs into mountcritlocal
* replace the dependancy on systemfs with mountcritremote, and remove the
  former.
* SERVERS now also depends upon ppp

Notes:
* dhclient (and others) needs /var to be a $critical_filesystem_beforenet
* dhclient now starts before syslogd (because the latter needs /usr, and
  /usr might need dhclient to be mounted)

Should fix PRs:
    [install/9853] [bin/10002] [misc/10349] [port-i386/10633] [misc/10641]
 2000-07-26 00:11:48 +00:00
jdolecek 1bf05ae3b1 the format without netmask is supported for compatibility only and not 
specifying it is discouradged, actually
also add comments about this fact to etc/rc.d/network, for people who
don't read manpages :)
 2000-07-25 18:47:28 +00:00
lukem 1a29746222 - fix typo; the first ipsec_start() should be ipsec_prestart() 
- if ipsec.conf isn't readable and the system is booting directly to multiuser,
  send SIGTERM to the parent (/etc/rc) so that init(8) aborts the boot.
 2000-07-21 01:16:07 +00:00
lukem 262e4b1975 if ipf.conf isn't readable and the system is booting directly to multiuser, 
send SIGTERM to the parent (/etc/rc) so that init(8) aborts the boot.
 2000-07-21 01:14:23 +00:00
lukem 31e7834913 reword description 2000-07-20 23:36:56 +00:00
thorpej f5e99478c8 Build a list of cloning network interfaces to configure, as well 
as normal interfaces.
 2000-07-20 19:43:10 +00:00
lukem 47a3878257 reenable stop_cmd now that network doesn't get run at shutdown 2000-07-17 15:25:42 +00:00
lukem db024b3733 add '# KEYWORD: shutdown' so that these scripts get run at shutdown time. 
now, only scripts with the keyword `shutdown' will be run by /etc/rc.shutdown,
which speeds up shutdown and makes it more robust.
 2000-07-17 15:24:48 +00:00
lukem 97d13d02c3 * remove bogus comment about aborting the boot if ipsec.conf doesn't exist; 
this hasn't really worked and is probably too messy to resolve...
 2000-07-17 13:10:54 +00:00
lukem a8b1b91ded * add support for `status' 
* remove bogus comment about aborting the boot if ipf fails; this hasn't
  been supported since the rc.d migration and is too messy to resolve...
 2000-07-17 12:58:14 +00:00
lukem d92b803c29 use "load_rc_config swap" for swap1 and swap2 2000-07-17 12:27:04 +00:00
lukem 8086bde7eb share the same load_rc_config between the lkm* scripts 2000-07-15 02:30:18 +00:00
itojun c60ddc2403 remove ip6defaultif configuration. because: 
- ndp is in /usr/sbin, chokes on NFS-mounted /usr installation
- the option is just for IPv6 specification geek, not for normal users
 2000-06-20 16:48:14 +00:00
enami 295358cfe1 Don't warn that $hostname isn't set if the hostname is already set. 2000-06-20 08:34:33 +00:00
itojun c45b4229e4 typo 2000-06-14 03:24:16 +00:00
itojun 60cd90f104 TODO; should check /etc/ipsec.conf owner/permission, 
while we don't have find(1).
 2000-06-13 18:17:13 +00:00
itojun 00ded2c64e add rc.d/ipsec for ipsec configuration. when enabled, it will inject 
/etc/ipsec.conf into "setkey -f".  PR 9609.
 2000-06-13 16:29:53 +00:00
itojun 246f43dbbb use ${start_precmd} to check duplicate sendmail.cf. 
do not use "err" on failure, it is not that fatal (it's okay if we
don't start sendmail)
 2000-06-13 15:53:03 +00:00
fvdl 75748efda9 Use load_rc_config 2000-06-09 14:14:44 +00:00
itojun 609377a40f run sendmail under the following conditions: 
- /etc/mail/sendmail.cf exists, no /etc/sendmail.cf
- /etc/mail/sendmail.cf exists, /etc/sendmail.cf same content as
  /etc/mail/sendmail.cf
die in other cases.  PR 10243.
 2000-06-04 08:33:58 +00:00
fvdl a5f38c029b rpcbind uses a pidfile. 2000-06-03 00:17:17 +00:00
fvdl 02cd59a751 * Portmap is now called rpcbind. 
* Add IPv6 RPC entries to inetd.conf (commented out by default, as the others)
* Add netconfig file, needed for TI-RPC code.
 2000-06-02 22:54:08 +00:00
itojun a7c4c34f96 refer PR 10100 for /etc/sendmail.cf check 2000-05-31 16:00:36 +00:00
bouyer f5e3c48aad Depends on quota; when quotached runs while NFS clients are writing, 
bad things happens.
 2000-05-29 07:10:41 +00:00
tron e63bc36c7f Call "load_rc_config()" earlier so that configuration variables are read 
before command arguments are defined. Fixes PR bin/10220 by Ron Roskens.
 2000-05-29 06:53:03 +00:00
hubertf cdc1e0be32 /etc/dhclient.conf is *not* required for dhclient to run. 2000-05-26 20:44:17 +00:00
oster 4c318b5d41 At boot, initiate parity/mirror reconstruction as required. 
This operation is backgrounded, and sequentially ordered.
 2000-05-16 16:54:33 +00:00
tron d683136c9f Don't complain about existence of "/etc/sendmail.cf" if "sendmail" is 
not set to "YES" in "/etc/rc.conf".
 2000-05-15 06:16:04 +00:00
tron 24ad7fd36c Add "wscons" to requirement list so that a tty used for syslog output 
will be created before starting the syslog daemon.
 2000-05-14 13:12:11 +00:00
lukem 5c1b0ec207 Use load_rc_config() (from rc.subr) instead of sourcing /etc/rc.conf. 
This allows us or a user to change the configuration file method in
one place - rc.subr - without having to edit all of the rc.d/* files.
 2000-05-13 08:45:06 +00:00
lukem d934c3b536 only support reload as an extra command; there's too much special case 
code that needs to be implemented to make this script totally replicate
what /usr/sbin/ndc does.
 2000-05-13 03:46:42 +00:00
itojun 4bc21c2fb4 do not let 127.0.0.0/8 leave the node. based on RFC1122. 2000-05-09 10:49:26 +00:00
tsarna fff5c01493 This was doubly borken... 2000-05-07 19:03:25 +00:00