'ramdisk' MAKEDEV goal instead of from a Makefile definition. As there
is just one configuration for the ramdisk, it's better to keep everything
in one place.
(Part 4: documentation and configuration files)
* Support for detachable sensors.
* Cleaned up the API for simplicity and efficiency.
* Ability to send capacity/critical/warning events to powerd(8).
* Adapted all the code to the new locking order.
* Compatibility with the old envsys API: the ENVSYS_GTREINFO
and ENVSYS_GTREDATA ioctl(2)s are supported.
* Added support for a 'dictionary based communication channel' between
sysmon_power(9) and powerd(8), that means there is no 32 bytes event
size restriction anymore.
* Binary compatibility with old envstat(8) and powerd(8) via COMPAT_40.
* All drivers with the n^2 gtredata bug were fixed, PR kern/36226.
Tested by:
blymn: smsc(4).
bouyer: ipmi(4), mfi(4).
kefren: ug(4).
njoly: viaenv(4), adt7463.c.
riz: owtemp(4).
xtraeme: acpiacad(4), acpibat(4), acpitz(4), aiboost(4), it(4), lm(4).
Bug fixes:
- Fix crash reported by Scott Ellis on current-users@.
- Fix race conditions in enforcing the Veriexec rename and remove
policies. These are NOT security issues.
- Fix memory leak in rename handling when overwriting a monitored
file.
- Fix table deletion logic.
- Don't prevent query requests if not in learning mode.
KPI updates:
- fileassoc_table_run() now takes a cookie to pass to the callback.
- veriexec_table_add() was removed, it is now done internally. As a
result, there's no longer a need for VERIEXEC_TABLESIZE.
- veriexec_report() was removed, it is now internal.
- Perform sanity checks on the entry type, and enforce default type
in veriexec_file_add() rather than in veriexecctl.
- Add veriexec_flush(), used to delete all Veriexec tables, and
veriexec_dump(), used to fill an array with all Veriexec entries.
New features:
- Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
database. This allows Veriexec to produce slightly more accurate
logs under certain circumstances. In the future, this can be either
replaced by vnode->pathname translation, or combined with it.
- Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
This can be used to recover a database if the file was lost.
Example usage:
# veriexecctl dump > /etc/signatures
Note that only entries with the filename kept (that is, were loaded
with the '-k' flag) will be dumped.
Idea from Brett Lymn.
- Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
usage:
# veriexecctl flush
- Add a 'veriexec_flags' rc(8) variable, and make its default have
the '-k' flag. On systems using the default signatures file
(generaetd from running 'veriexecgen' with no arguments), this will
use additional 32kb of kernel memory on average.
- Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
load. This is done automatically for files marked as 'untrusted'.
Misc. stuff:
- The code for veriexecctl was massively simplified as a result of
eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
pass of the signatures file, making the loading somewhat faster.
- Lots of minor fixes found using the (still under development)
Veriexec regression testsuite.
- Some of the messages Veriexec prints were improved.
- Various documentation fixes.
All relevant man-pages were updated to reflect the above changes.
Binary compatibility with existing veriexecctl binaries is maintained.
This should avoid occasional problems with syncing or unmounting
filesystems on machines which use the automounter. Tested
successfully under NetBSD-i386 3.1_STABLE and 4.0_BETA2.
by killing the parent process. The parent's PID is saved in $RC_PID.
* In all rc.d/* scripts that previously tried to stop the boot,
replace in-line code with "stop_boot".
* Document this.
This should fix PR 29822.
examples in the wscons.conf). Now, you have to specify wscons
control device and put variable name and parameter on separate
fields.
NB: changes ARE NOT backward compatible and config file must be
checked (but default config doesn't utilizing setvar).
can't find the el-torito boot image with the old syntax. This can be
fixed by removed the leading "i386/" from the -b argument, but then
the mkisofs from the current cdrtools-2.01 package won't find the boot image.
Change the graf-point specifications so that a trailing / terminates
the grafted directories. This way both versions of mkisofs can find the
boot loader.
instead of one by one using mknod. This is much faster (speed
increases of up to 20 times have been observed, but 3 to 5 times is
more common).
* One "-M" flag will create the mfs file system but not redirect output
to a temporary console; "-M -M" will also redirect output.
* Change the way we accumulate options to pass to MAKEDEV.local.
so that it can be loaded by the machine's firmware. Put the resulting
image inside the 'installation/instkernel' release subdirectory, as the
installation instructions explain.
Fixes port-shark/35563.
Since I managed to commit my alternate scheme for zeropad, delete
the commented out lines and replace the only other use.
I've not deleted the function itself though.
relies on mkisofs to create bootable ISO image. macppc should also be there,
but it seems the code to make an iso bootable never got added in etc.macppc/
GENERIC kernels. If ACPI is an issue on your hardware, 'boot -c' and
'disable acpi' should be a workaround. ACPI-enabled kernels works fine
on pre-acpi hardware.
for amd64:
- add ACPI to INSTALL and GENERIC, remove the *_ACPI config files.
- get rid of the bootfloppy-big.fs boot image, and got to a 3-floppy boot
image
for i386:
- introduce INSTALL_LARGE which has ACPI and some devices with big firmware
- move some devices from INSTALL to INSTALL_LARGE
- Boot floppies still use INSTALL, and bootfloppy-big.fs is still there
(for thoses who want to build el-torito floppy emulation boot CD) and use
INSTALL.
For both, drop the 'iso-image' code in etc/ to make the iso bootable, we'll
use something else to build bootable CDs.
human procedures) breaking because they assume it's enough to copy
MAKEDEV fom one place to another.
Let MAKEDEV return after defining shell functions but before doing any
real work, if MAKEDEV_AS_LIBRARY is set.
Let MAKEDEV.local load MAKEDEV as a function library via
"MAKEDEV_AS_LIBRARY=1 . MAKEDEV".
filesystem and then populate it.
Determine the actual number of inodes that will be needed and add 10%.
Use "mount_mfs -o union" to save us having to copy MADEDEV (in case
anyone wishes to see it.
use by both MAKEDEV and MAKEDEV.local. This allows MAKEDEV.local
to accept the same command line arguments as MAKEDEV.
The installed MAKEDEV.subr is generated from MAKEDEV.subr.tmpl.
Replace the licence on MAKEDEV.local with a NetBSD licence, since I
rewrote the entire file.
Reviewed by christos and agc
removed.)
Add rebuild_whatisdb weekly variable that defaults to NO.
This is for running makewhatis weekly.
This defaults to NO because it is not needed using just base sets/default
install which provide the whatis.db file(s).
* If per_user_tmp is disabled and /tmp equals to ${per_user_tmp_dir}/@uid,
remove it and recreate it with proper permissions (1777).
This fixes the problem when per_user_tmp is enabled and will put /tmp
on its original state when it's disabled.
Enabled via per_user_tmp in /etc/rc.conf (default off).
See security(8) and rc.conf(5) for more details.
Lots of input from thorpej@ & christos@, thanks!
also recognize "interpreter: daemon" in ps(1) output.
That case statement should be rewritten with expr(1) if more flexibility is
needed.
Fixes PR 35366 by Dominik Joe Pantucek, debugged with much assistance
by him on IRC.
- add a ses(4) major number as the MI MAKEDEV tries to create the
nodes. hi elad.
- create audio devices.
- provide mount_kernfs and a dmesg command.
- start sysinst automagically and fix backspace key.
Mostly prompted by David H. Gutteridge on port-hp700.
GENERIC_PS2TINY kernels.
These kernels are for i386 (and small i486) systems that have almost all
long since met their makers.
Add ALL (to help avoid bitrot).
- if allocated in the MI range, it breaks the builds for ports that do
not use it
- if allocated in the MD range, 3ware's tw_cli tool will break because it
hardcodes the major
remove pseudo-device btdev(4) and inherent limitations
add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.
btdevctl(8) and its cache is updated to handle new semantics
etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf
are development snapshots (although not as "bleeding edge" as current).
Per tron@'s suggestion.
This way we get consistent messages along the development process. Otherwise,
STABLE could carry no message while a RC could, disappearing again after the
real formal release. With this change only formal releases do not carry any
special message in motd.
of /etc/rc.d/ipfilter and family if MKIPFILTER=no. As lukem points
out, skipping installation of etc/rc.d/ scripts is not inconsistent
with other optional components, such as pf, x11, etc.
a release candidate), tell the user that he might expect problems and how
to effectively report them to the developers.
No objections in tech-userlevel@; only positive responses.
Change the way in which bluetooth devices attach to system. The
new way is for devices to attach directly to a btdevN device via
its own control file /dev/btdevN.
- bthub(4) is replaced by btdev(4).
- /dev/bthubctl is replaced by /dev/btdevN.
- configuration now uses proplib(3) property lists.
- btcontrol(8) updated to use new API, and now uses private
- XML config file /var/db/btdev.xml.
commands to the controller.
Add a amrctl(8) control tool, which for now only allows to get status
from the adapter (status of adapter, logical volumes and and individual
drives).
From FreeBSD, with some adjustements by Andrew Doran and me.
