NetBSD/etc
riastradh cba96d16f7 Various entropy integration improvements.
- New /etc/security check for entropy in daily security report.

- New /etc/rc.d/entropy script runs (after random_seed and rndctl) to
  check for entropy at boot -- in rc.conf, you can:

  . set `entropy=check' to halt multiuser boot and enter single-user
    mode if not enough entropy

  . set `entropy=wait' to make multiuser boot wait until enough entropy

  Default is to always boot without waiting -- and rely on other
  channels like security report to alert the operator if there's a
  problem.

- New man page entropy(7) discussing the higher-level concepts and
  system integration with cross-references.

- New paragraph in afterboot(8) about entropy citing entropy(7) for
  more details.

This change addresses many of the issues discussed in security/55659.
This is a first draft; happy to take improvements to the man pages and
scripted messages to improve clarity.

I considered changing motd to include an entropy warning with a
reference to the entropy(7) man page, but it's a little trickier:
- Not sure it's appropriate for all users to see at login rather than
  users who have power to affect the entropy estimate (maybe it is,
  just haven't decided).
- We only have a mechanism for changing once at boot; the message would
  remain until next boot even if an operator adds enough entropy.
- The mechanism isn't really conducive to making a message appear
  conditionally from boot to boot.
2021-01-10 23:24:25 +00:00
..
autofs Merge autofs support from: Tomohiro Kusumi 2018-01-09 03:31:12 +00:00
bluetooth Update Raspberry Pi 3 example to use dplcom0 instead of dty00 2017-08-12 11:45:20 +00:00
defaults Various entropy integration improvements. 2021-01-10 23:24:25 +00:00
etc.aarch64 acpi: add character device for accessing ACPI tables 2020-12-06 02:57:29 +00:00
etc.acorn32 remove nsmb from MD list of devices to create for 'all' 2020-04-05 14:09:17 +00:00
etc.algor Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.alpha GENERIC.MP is no more. GENERIC defaults to MULTIPROCESSOR now. 2020-09-19 03:29:57 +00:00
etc.amd64 acpi: add character device for accessing ACPI tables 2020-12-06 02:57:29 +00:00
etc.amiga remove nsmb from MD list of devices to create for 'all' 2020-04-05 14:09:17 +00:00
etc.amigappc remove nsmb from MD list of devices to create for 'all' 2020-04-05 14:09:17 +00:00
etc.arc Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.atari Remove ISDN from the kernel. It has remained unmaintained for a long time, 2018-09-23 09:20:57 +00:00
etc.bebox Remove the satlink driver. It was disabled everywhere, had no man page and 2019-01-27 08:53:28 +00:00
etc.cats Remove ISDN from the kernel. It has remained unmaintained for a long time, 2018-09-23 09:20:57 +00:00
etc.cesfic Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.cobalt Fix leading 8 spaces to a tab. 2020-06-18 16:40:08 +00:00
etc.dreamcast Create wd0 and wd1 device node for G1IDE kernel. 2020-11-25 15:14:03 +00:00
etc.emips Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.epoc32 Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.evbarm Build RPI and RPI2 kernels also for earmv6{,hf}eb. 2020-12-01 04:20:21 +00:00
etc.evbcf Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.evbmips Remove a misleading space in a ".elif". 2020-08-15 05:03:06 +00:00
etc.evbppc Add nvme(4) and raid(4). 2020-11-10 11:22:22 +00:00
etc.evbsh3 Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.ews4800mips Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.hp300 Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.hpcarm Add a synthesized pc beeper and keyboard bell for platforms with an audio 2016-12-08 11:31:08 +00:00
etc.hpcmips Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.hpcsh Add 'bpf' to all ramdisk targets (*), or floppy targets if ramdisk calls that. 2012-08-16 13:31:24 +00:00
etc.hppa Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.i386 acpi: add character device for accessing ACPI tables 2020-12-06 02:57:29 +00:00
etc.ia64 acpi: add character device for accessing ACPI tables 2020-12-06 02:57:29 +00:00
etc.ibmnws Add 'bpf' to all ramdisk targets (*), or floppy targets if ramdisk calls that. 2012-08-16 13:31:24 +00:00
etc.iyonix Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.landisk remove nsmb from MD list of devices to create for 'all' 2020-04-05 14:09:17 +00:00
etc.luna68k Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.mac68k Build and install WSFB and WSFBSBC. 2019-07-26 11:38:21 +00:00
etc.macppc partial port to powerpc64. 2020-09-15 08:14:31 +00:00
etc.mipsco Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.mmeye Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.mvme68k Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.mvmeppc Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.netwinder Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.news68k Add missed bpf(4) node for dhcpcd(8) in INSTALL floppies. 2020-08-09 00:56:44 +00:00
etc.newsmips Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.next68k Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.ofppc build GENERIC64 only on ofppc64 (doesn't build, but a least fails 2019-11-18 01:11:14 +00:00
etc.or1k Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.playstation2 Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.pmax Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.prep Remove ISDN from the kernel. It has remained unmaintained for a long time, 2018-09-23 09:20:57 +00:00
etc.riscv Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.rs6000 Remove ISDN from the kernel. It has remained unmaintained for a long time, 2018-09-23 09:20:57 +00:00
etc.sandpoint Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.sbmips Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.sgimips Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.shark Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.sparc remove nsmb from MD list of devices to create for 'all' 2020-04-05 14:09:17 +00:00
etc.sparc64 remove nsmb from MD list of devices to create for 'all' 2020-04-05 14:09:17 +00:00
etc.sun2 sun2 kernel is restricted to ~2MB due to bootloader. 2020-03-08 06:23:18 +00:00
etc.sun3
etc.vax Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
etc.x68k Remove ISDN from the kernel. It has remained unmaintained for a long time, 2018-09-23 09:20:57 +00:00
etc.zaurus Switch default console tty from /dev/console to /dev/constty 2019-09-25 23:09:19 +00:00
iscsi
mtree Add directory entry for new libossaudio test 2020-12-12 02:50:26 +00:00
namedb Update to 2019093001 2019-10-09 22:58:39 +00:00
pam.d Add a commented out entry for pam_u2f.so 2020-03-03 00:47:33 +00:00
powerd Remove the stopping and starting of various network scripts on 2017-07-13 13:50:48 +00:00
rc.d Various entropy integration improvements. 2021-01-10 23:24:25 +00:00
root uname -p, pointed out by various 2020-08-24 12:46:57 +00:00
skel /usr/X11R6 has been empty on most NetBSD installations since 2008, 2018-03-01 06:12:09 +00:00
ssh Remove MKCRYPTO option. 2017-05-21 15:28:36 +00:00
MAKEDEV.awk When reading in the MD MAKEDEV.conf, perform block / char major 2020-06-13 19:46:23 +00:00
MAKEDEV.local
MAKEDEV.tmpl acpi: add character device for accessing ACPI tables 2020-12-06 02:57:29 +00:00
Makefile If MKX11 and MKDEBUG, add the xdebug set to the obsolete file handling. 2020-12-29 16:46:44 +00:00
Makefile.params Document NETBSD_OFFICIAL_RELEASE and add it to /etc/release - it is 2019-11-22 13:30:19 +00:00
aliases
auto_master Merge autofs support from: Tomohiro Kusumi 2018-01-09 03:31:12 +00:00
bootptab
changelist
crontab Fix skipped daily in Eastern Europe 2020-03-29 06:44:16 +00:00
csh.cshrc
csh.login
csh.logout
daily Convert uses of test (ie: '[') to use only POSIX specified forms, 2018-09-23 23:16:34 +00:00
daily.conf
disktab
dm.conf
envsys.conf Update contact info for changes to this file. 2017-10-21 19:43:53 +00:00
floppytab
ftpchroot
ftpusers
gettytab
gpio.conf
group Add _dhcpcd user and group 2020-04-02 12:35:13 +00:00
hosts Replace the comment on this file. It appears to date back to CSRG days 2013-11-24 07:20:01 +00:00
hosts.equiv
hosts.lpd
inetd.conf mention that -a valid does not work, requested by felix. 2016-10-25 17:16:34 +00:00
locate.conf 'file system' for consistency with documentation (instead of 'filesystem'). 2014-07-22 17:11:09 +00:00
login.conf /usr/X11R6 has been empty on most NetBSD installations since 2008, 2018-03-01 06:12:09 +00:00
mailer.conf
man.conf man.conf(5): Drop support for .me files 2020-11-30 14:27:23 +00:00
master.passwd Add _dhcpcd user and group 2020-04-02 12:35:13 +00:00
minfree
mkttys
monthly
monthly.conf
motd.beta Simplify default motd text and include donation link. 2020-11-25 21:40:22 +00:00
motd.current Simplify default motd text and include donation link. 2020-11-25 21:40:22 +00:00
motd.default motd needs to be re-generated when DISTRIBVER changes, so change he 2012-11-04 11:09:14 +00:00
motd.rc Simplify default motd text and include donation link. 2020-11-25 21:40:22 +00:00
mrouted.conf
named.conf Also edns-udp-size. 2020-10-11 22:14:55 +00:00
netconfig
networks
newsyslog.conf Specify PID file to properly rotate npf log file. 2019-05-16 20:12:35 +00:00
nsswitch.conf
ntp.conf Add iburst to peer and server. 2020-10-05 06:45:40 +00:00
passwd.conf
phones
pkgpath.conf Fix for problematic paths in /etc/daily and /etc/security reported in 2013-05-01 05:36:25 +00:00
printcap
profile
protocols regen 2019-01-03 17:30:06 +00:00
rbootd.conf
rc Ooops, overlooked one MOUNTCRITLOCAL reference in the rename to 2020-09-08 16:10:53 +00:00
rc.conf Consistency changes only. Start sentences with a capital letter and end 2014-07-14 12:29:48 +00:00
rc.local
rc.shutdown PR/46601 - Jim Bernard -- add support for rc_directories 2012-06-25 07:22:45 +00:00
rc.subr run_rc_command - don't prefix the rcvar variable name with the dollar sign. 2020-12-20 21:30:28 +00:00
remote
rpc
security Various entropy integration improvements. 2021-01-10 23:24:25 +00:00
security.conf
services sync with latest from IANA 2019-10-09 22:42:14 +00:00
shells
shrc
sysctl.conf
syslog.conf
weekly Convert to POSIX specified usage of test (even though it would probably 2018-09-23 23:12:21 +00:00
weekly.conf
wpa_supplicant.conf Add a default wpa_supplicant.conf which allows wpa_cli(8) to configure 2019-01-12 16:51:54 +00:00
wscons.conf Point readers at wskbd.4 2020-07-13 11:17:54 +00:00