Up to [cvs.NetBSD.org] / src / etc / defaults
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Pull up following revision(s) (requested by abs in ticket #404): etc/rc.d/npf: revision 1.8 etc/defaults/rc.conf: revision 1.167 Add support to npf_rules to rc.conf - Allows overriding default from /etc/npf.conf - Indicate rules file used in output - Drop check for file presence in script - rely on npf exiting with error
Add support to npf_rules to rc.conf - Allows overriding default from /etc/npf.conf - Indicate rules file used in output - Drop check for file presence in script - rely on npf exiting with error
Pull up following revision(s) (requested by riastradh in ticket #381): distrib/utils/embedded/conf/evbarm.conf: revision 1.42 distrib/sets/lists/etc/mi: revision 1.273 etc/rc.d/Makefile: revision 1.118 distrib/utils/embedded/conf/usermode.conf: revision 1.7 etc/rc.d/certctl_init: revision 1.1 distrib/evbarm/liveimage/armimage/rc.conf.armimage: revision 1.2 etc/defaults/rc.conf: revision 1.166 distrib/amd64/liveimage/emuimage/rc.conf.emuimage: revision 1.3 distrib/utils/embedded/conf/x86.conf: revision 1.11 distrib/utils/embedded/conf/evbmips.conf: revision 1.4 /etc/rc.d/cerctl_init: New script for certctl rehash in live images. This is very limited -- it does not supplant postinstall to rehash certificates on upgrade; it only runs certctl rehash if /etc/openssl/certs is an empty directory, as you get in live images not created with sysinst. We could also have a more general-purpose way to run postinstall(8) on first boot of an image, but that has a lot more moving parts to think about, so let's start with this limited-scope low-risk approach. PR install/57629 /etc/rc.d/certctl_init: Default off. Otherwise in systems without certctl_init=YES, such as systems installed with sysinst(8) where it's unnecessary because the rehash has already happened at install time, you'll get spurious warnings.
/etc/rc.d/certctl_init: Default off. Otherwise in systems without certctl_init=YES, such as systems installed with sysinst(8) where it's unnecessary because the rehash has already happened at install time, you'll get spurious warnings. PR install/57629 XXX pullup-10
Pull up following revision(s) (requested by riastradh in ticket #319): sys/dev/pci/ubsec.c: revision 1.64 sys/dev/pci/hifn7751.c: revision 1.82 lib/libc/gen/getentropy.3: revision 1.5 lib/libc/gen/getentropy.3: revision 1.6 share/man/man4/rnd.4: revision 1.41 lib/libc/sys/getrandom.2: revision 1.2 lib/libc/sys/getrandom.2: revision 1.3 share/man/man5/rc.conf.5: revision 1.193 share/man/man7/entropy.7: revision 1.5 share/man/man7/entropy.7: revision 1.6 share/man/man7/entropy.7: revision 1.7 share/man/man7/entropy.7: revision 1.8 etc/security: revision 1.130 share/man/man7/entropy.7: revision 1.9 etc/security: revision 1.131 sys/crypto/cprng_fast/cprng_fast.c: revision 1.19 sys/sys/rndio.h: revision 1.3 tests/lib/libc/sys/t_getrandom.c: revision 1.5 etc/defaults/rc.conf: revision 1.164 etc/defaults/rc.conf: revision 1.165 sys/sys/rndsource.h: revision 1.10 sys/kern/kern_entropy.c: revision 1.62 sys/kern/kern_entropy.c: revision 1.63 sys/kern/kern_entropy.c: revision 1.64 sys/kern/subr_cprng.c: revision 1.44 sys/kern/kern_entropy.c: revision 1.65 sys/kern/kern_clock.c: revision 1.149 sys/dev/pci/viornd.c: revision 1.22 share/man/man9/rnd.9: revision 1.32 sys/kern/subr_prf.c: revision 1.202 sys/sys/rndsource.h: revision 1.8 sys/sys/rndsource.h: revision 1.9 share/man/man7/entropy.7: revision 1.10 1. Reinstate netbsd<=9 entropy estimator to unblock /dev/random, in parallel with assessment of only confident entropy sources (seed, HWRNG) for security warnings like sshd keys in motd and daily insecurity report. 2. Make multiuser boot wait for first /dev/random output soon after loading a seed and configuring rndctl, so that getentropy(3) meets its contract starting early at boot without introducing blocking paths that could cause hangs in init(8) or single-user mode. Operators can choose to disable this wait in rc.conf. 3. Fix some bugs left over from reducing the global entropy lock from a spin lock at IPL_VM to an adaptive lock at IPL_SOFTSERIAL. 4. Update man pages.
Fix typo in comment.
rc.conf(5): Set entropy=wait by default. We no longer block indefinitely -- if nothing else, the hardclock timer should yield enough samples to unblock /dev/random on all but the most severely deterministic machines -- so it should be generally safe for availability to set entropy=wait. This doesn't guarantee that HWRNG/seed has been provided before you run ssh-keygen or call getentropy(3) in a user application, but it does raise the security above netbsd<=9. PR security/55659 PR lib/56905 XXX pullup-10
Add start script to attach iscsi volumes at boot. The default is to execute the script (iscsid_volumes=YES), so if you have any volumes defined, you should also start iscsid (iscsid=YES) to avoid error messages.
Enable critical_filesystems_zfs.
Various entropy integration improvements. - New /etc/security check for entropy in daily security report. - New /etc/rc.d/entropy script runs (after random_seed and rndctl) to check for entropy at boot -- in rc.conf, you can: . set `entropy=check' to halt multiuser boot and enter single-user mode if not enough entropy . set `entropy=wait' to make multiuser boot wait until enough entropy Default is to always boot without waiting -- and rely on other channels like security report to alert the operator if there's a problem. - New man page entropy(7) discussing the higher-level concepts and system integration with cross-references. - New paragraph in afterboot(8) about entropy citing entropy(7) for more details. This change addresses many of the issues discussed in security/55659. This is a first draft; happy to take improvements to the man pages and scripted messages to improve clarity. I considered changing motd to include an entropy warning with a reference to the entropy(7) man page, but it's a little trickier: - Not sure it's appropriate for all users to see at login rather than users who have power to affect the entropy estimate (maybe it is, just haven't decided). - We only have a mechanism for changing once at boot; the message would remain until next boot even if an operator adds enough entropy. - The mechanism isn't really conducive to making a message appear conditionally from boot to boot.
Pull up the following revision, requested by kim in ticket #1603 and accidently lost during initial commit: etc/defaults/rc.conf: revision 1.159 Add optional release info in /etc/motd.
s/parition/partition/
Pull up following revision(s) (requested by kim in ticket #1080): etc/rc.d/motd: revision 1.10 etc/rc.d/motd: revision 1.11 share/man/man5/rc.conf.5: revision 1.186 share/man/man5/rc.conf.5: revision 1.187 etc/defaults/rc.conf: revision 1.159 Add optional release info in /etc/motd My personal preferencese for /etc/rc.conf: update_motd_release=YES motd_release_tag='Binaries: ' This provides an explanation to users about the second version in motd. Document update_motd_release and motd_release_tag New sentence, new line. Make a ": " suffix a fixed part of the release info tag This results in correct updates to /etc/motd even when the value of motd_release_tag is changed (a likely event). Add safe quoting to outputting the read kernel version. Thanks to kre@ for the feedback.
Add optional release info in /etc/motd My personal preferencese for /etc/rc.conf: update_motd_release=YES motd_release_tag='Binaries: ' This provides an explanation to users about the second version in motd.
Rename blacklist -> blocklist
Add support for npfd_flags
dhcpcd: Empty the chroot While here, set correct optional hooks.
Set resize_gpt=NO by default
Mostly merge changes from HEAD upto 20200411
Merge changes from current as of 20200406
Add a default dhcpcd_chrootdir
Enable hostapd syslog support by default.
Pull up following revision(s) (requested by brad in ticket #250): external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.2 external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.3 external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.4 external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.5 distrib/sets/lists/man/mi: revision 1.1652 distrib/sets/lists/man/mi: revision 1.1653 distrib/sets/lists/etc/mi: revision 1.259 etc/rc.d/mountall: revision 1.11 external/cddl/osnet/sbin/zfs/Makefile: revision 1.5 external/cddl/osnet/dist/cmd/zfs/zfs_main.c: revision 1.7 etc/rc.d/Makefile: revision 1.105 distrib/sets/lists/base/mi: revision 1.1217 etc/rc.d/Makefile: revision 1.106 etc/rc.d/zfs: revision 1.1 etc/defaults/rc.conf: revision 1.152 external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.1 Add support for legacy ZFS filesystems, specified by mountpoint=legacy in the ZFS properties of the dataset and a simple man page for mount_zfs. With this, it is possible to put ZFS filesystems in /etc/fstab as file system type zfs. Add a rc.d script that kicks the module ZFS load mostly before mountall runs simular to what LVM does. This allows for any legacy mounts to be specified in critical_local_filesystems and allows for ZFS pools on top of cgd (probably among other things). Introduce a rc.conf variable called zfs which needs to be set to YES, in the usual manor of things, to get zvols and ZFS dataset support rather then just assume that 'zfs mount' does that in mountall. Fix a problem in mountall if ZFS is not compiled into the system. mount_zfs.8: add xref to fstab(5) Use more markup. Include mount_zfs man pages only for MKZFS builds. Moved zfs out of MKX11 block. Fix build failure without X11. Add a copyright to the man page and a bit of history. Use Pa macro for path new sentence, new line
Add support for legacy ZFS filesystems, specified by mountpoint=legacy in the ZFS properties of the dataset and a simple man page for mount_zfs. With this, it is possible to put ZFS filesystems in /etc/fstab as file system type zfs. Add a rc.d script that kicks the module ZFS load mostly before mountall runs simular to what LVM does. This allows for any legacy mounts to be specified in critical_local_filesystems and allows for ZFS pools on top of cgd (probably among other things). Introduce a rc.conf variable called zfs which needs to be set to YES, in the usual manor of things, to get zvols and ZFS dataset support rather then just assume that 'zfs mount' does that in mountall. Fix a problem in mountall if ZFS is not compiled into the system.
Fix typo in comment (s/partion/partition/).
Sync with HEAD
Pull up following revision(s) (requested by maxv in ticket #1265): etc/rc.d/smtoff: revision 1.1 etc/rc.d/smtoff: revision 1.2 distrib/sets/lists/etc/mi: revision 1.258 etc/rc.d/smtoff: revision 1.3 etc/rc.d/smtoff: revision 1.4 etc/defaults/rc.conf: revision 1.148 etc/rc.d/Makefile: revision 1.103 usr.sbin/postinstall/postinstall: revision 1.226 etc/rc.d/Makefile: revision 1.104 etc/mtree/special: revision 1.167 share/man/man5/rc.conf.5: revision 1.180 Add smtoff, an rc.d script that disables Simultaneous Multi-Threading. It parses the output of cpuctl, and executes "cpuctl offline" for each CPU that has SmtID!=0. The default is "smtoff=NO", which means that SMT remains enabled. Restructure code a little. Use quoting everywhere possibly useful (always the right way, except in the few cases where it is wrong...) Avoid using cut & grep (from /usr/bin) so script could run before /usr is mounted (pity cpuctl is in /usr/sbin ...). Use sysctl -n rather than attempting to parse its output. install rc.d No change... Previous log message should have said: Install rc.d/smtoff I should know better! Don't rely upon the way the shell implements pipes. Skip the "error" printf from GetSmtId() as there is no easy portable way to avoid it occurring (there are complicated ways) - but we don't need it, there is no logical difference between "error" and "" so just use the latter (if we get an ID, good, if there is nothing, then there is none - saying 'error' does not mean anything.) Remove comment, since there is no parsing anymore.
revert previous. somehowI failedto see that was already done.
install rc.d
Add smtoff, an rc.d script that disables Simultaneous Multi-Threading. It parses the output of cpuctl, and executes "cpuctl offline" for each CPU that has SmtID!=0. The default is "smtoff=NO", which means that SMT remains enabled.
Synch with HEAD
Setup default wpa_supplicant flags so that it: * Writes diagnostics to syslog * Enables interface matching to hotplug wireless interfaces * Uses /etc/wpa_supplicant.conf
Sync with head
Apply patch from Ian D. Leroux in PR bin/51019: when unmounting tmpfs file systems at shutdown time, avoid unmounting a tmpfs created by init on /dev - behaviour overridable from rc.conf. By default all tmpfs that have device nodes are not mounted.
Ssync with HEAD
Remove the userland part of ISDN. The kernel part is untouched for now. ipppctl was actually an exact copy of pppoectl; there is no functional change in pppoectl in this commit.
Sync with HEAD
Remove dhclient from the base system. Discussed here: https://mail-index.netbsd.org/tech-userlevel/2018/06/21/msg011233.html
Sync with HEAD
Provide resize_disklabel=NO default. Used by arm images and is not part of the stock rc.d yet. This silences rc when you delete the whole resize_* block from rc.conf after the first boot.
Sync with HEAD
Cosmetics: default to dmesg -t when writing /var/run/dmesg.boot - the timestamps at boot time are mostly useless.
Merge autofs support from: Tomohiro Kusumi XXX: Does not work yet
Add startup file for dhcp v6 with builtin isc-dhcp. Alas, this needs to be a seperate process. On the positive side: this can't break the dhcpd for IPv4 when tested.
Sync with HEAD
add nsd
Sync with HEAD. (Note that most of these changes are simply $NetBSD$ tag issues.)
add scripts for npfd
unbound additions
Instead of waiting for a duration based in IPv6 DAD count sysctl, wait for 15 seconds for tentative flags to clear allowing 5 seconds for detached flags to clear as well from configured addresses. This is now protocol independant and allows time for the interfaces to work out if they have a carrier or not.
"ip6addrctl_enable" is now "ip6addrctl", set the default appropriately
Add defaults for ip6addrctl
Pull up following revision(s) (requested by skrll in ticket #909): distrib/sets/lists/etc/mi: revision 1.237 distrib/sets/lists/tests/mi: revision 1.613 distrib/utils/embedded/conf/armv7.conf: revisions 1.1, 1.2 distrib/utils/embedded/conf/beagleboard.conf: delete distrib/utils/embedded/conf/evbarm.conf: revisions 1.21, 1.22 distrib/utils/embedded/conf/rpi.conf: revisions 1.28, 1.29 distrib/utils/embedded/conf/rpi_inst.conf: revisions 1.7, 1.8 distrib/utils/embedded/conf/usermode.conf: revision 1.5 distrib/utils/embedded/conf/x86.conf: revision 1.5 distrib/utils/embedded/files/resize_disklabel: revision 1.1 distrib/utils/embedded/mkimage: revisions 1.49, 1.55-1.59 etc/defaults/rc.conf: revision 1.133 etc/etc.evbarm/Makefile.inc: revisions 1.72, 1.76 etc/rc.d/Makefile: revision 1.93 via patch etc/rc.d/resize_root: revisions 1.1-1.3 etc/rc.d/root: revision 1.5 sbin/resize_ffs/Makefile: revision 1.5 sbin/resize_ffs/resize_ffs.8: revisions 1.14-1.16 sbin/resize_ffs/resize_ffs.c: revisions 1.39-1.44 share/man/man5/rc.conf.5: revision 1.158, 1.159 tests/sbin/resize_ffs/Makefile: revision 1.4 tests/sbin/resize_ffs/common.sh: revision 1.14 tests/sbin/resize_ffs/t_check.sh: revision 1.1 tests/sbin/resize_ffs/t_grow.sh: revision 1.9 tests/sbin/resize_ffs/t_grow_swapped.sh: revision 1.3 tests/sbin/resize_ffs/t_shrink.sh: revision 1.8 tests/sbin/resize_ffs/t_shrink_swapped.sh: revision 1.2 fix image building: - round up the total size of the disk image - fix fdisk offset for netbsd ffs images -- Make get_dev_size work on regular files too. -- Use `!= -1' instead of `== 0' out of paranoia. -- - Add -c to check to see if grow/shrink is required - Divide by DEV_BSIZE when returning size of file. - Update manpage -- New sentence, new line. Sort option descriptions. -- Add resize_root boot operation. If resize_root=YES in rc.conf then the system attempts to resize the root file system to fill it's partition prior to mounting read-write. Useful for things like AMI file system images. May eventually be used by arm images after coming up with similar solution for increasing the parition size. -- - Add new tests for -c check flag in resize_ffs -- Bump date for previous. it's -> its -- Handle case in grow() where last cylinder group is too small for ufs2. Align with code in shrink(). -- factor out geometry calculation and use this also in CheckOnly mode. be a bit more verbose in Verbose mode. -- Add support for auto-growing the root partition. Enable it for rpi.img. -- initialize resize before pulling in board config -- add KEYWORD: interactive, honour resize_root_flags and resize_root_postcmd rc vars -- if the -p flag is specified, display a progress bar while growing the file-system -- show resize_ffs progress bar when resizing root partition -- fix typo in previous; pass -y unconditionally to resize_ffs, not -p -- Rename beagleboard.img to armv7.img. The new image includes the same kernels as beagleboard.img plus support for Raspberry Pi 2, ODROID-C1, Cubieboard2, Cubietruck, Hummingbird A31, and Banana Pi. -- Properly spell X' name. From X(7): The X.Org Foundation requests that the following names be used when referring to this software: X X Window System X Version 11 X Window System, Version 11 X11 -- Add some documentation: Tell what this does, and what it expects from conf files -- Cleanup: make_filesystems is not used any longer, purge remains -- More cleanup: Instead of first overwriting the *_evbarm functions with own code, and then calling them from the regular functions, directly put the code into the regular functions. No more functions from evbarm.conf are used now. Some variables are still used! -- define TOOL_MKUBOOTIMAGE for mkimage -- fix mkubootimage
Pull up blacklistd(8), requested by christos in ticket #711: crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.1024 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.1536 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.1.1.1 crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c up to 1.2 crypto/external/bsd/openssh/dist/kexc25519.c up to 1.3 crypto/external/bsd/openssh/dist/smult_curve25519_ref.c up to 1.3 crypto/external/bsd/openssh/dist/bitmap.c up to 1.2 plus patch crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.1 crypto/external/bsd/openssh/dist/PROTOCOL.key up to 1.1.1.1 crypto/external/bsd/openssh/dist/blf.h up to 1.1 crypto/external/bsd/openssh/dist/blocks.c up to 1.3 crypto/external/bsd/openssh/dist/blowfish.c up to 1.2 crypto/external/bsd/openssh/dist/chacha.c up to 1.3 crypto/external/bsd/openssh/dist/chacha.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/cipher-aesctr.c up to 1.1.1.2 crypto/external/bsd/openssh/dist/cipher-aesctr.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.3 crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/crypto_api.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/digest-libc.c up to 1.3 crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.3 crypto/external/bsd/openssh/dist/digest.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/ed25519.c up to 1.3 crypto/external/bsd/openssh/dist/fe25519.c up to 1.3 crypto/external/bsd/openssh/dist/fe25519.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/ge25519.c up to 1.3 crypto/external/bsd/openssh/dist/ge25519.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/ge25519_base.data up to 1.1.1.1 crypto/external/bsd/openssh/dist/hash.c up to 1.3 crypto/external/bsd/openssh/dist/hmac.c up to 1.3 crypto/external/bsd/openssh/dist/hmac.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/kexc25519c.c up to 1.3 crypto/external/bsd/openssh/dist/kexc25519s.c up to 1.3 crypto/external/bsd/openssh/dist/poly1305.c up to 1.3 crypto/external/bsd/openssh/dist/poly1305.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/rijndael.c up to 1.1.1.2 crypto/external/bsd/openssh/dist/rijndael.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/sc25519.c up to 1.3 crypto/external/bsd/openssh/dist/sc25519.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/ssh-ed25519.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf-misc.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf.h up to 1.4 crypto/external/bsd/openssh/dist/ssherr.c up to 1.3 crypto/external/bsd/openssh/dist/ssherr.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/sshkey.c up to 1.3 crypto/external/bsd/openssh/dist/sshkey.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/verify.c up to 1.3 crypto/external/bsd/openssh/dist/opacket.c up to 1.2 crypto/external/bsd/openssh/dist/umac128.c up to 1.1 crypto/external/bsd/openssh/dist/pfilter.c up to 1.2 crypto/external/bsd/openssh/dist/pfilter.h up to 1.1 crypto/external/bsd/openssh/dist/bitmap.h up to 1.2 crypto/external/bsd/openssh/dist/opacket.h up to 1.2 crypto/external/bsd/openssh/dist/ssh_api.c up to 1.2 crypto/external/bsd/openssh/dist/ssh_api.h up to 1.2 crypto/external/bsd/openssh/dist/auth2-jpake.c delete crypto/external/bsd/openssh/dist/compress.c delete crypto/external/bsd/openssh/dist/compress.h delete crypto/external/bsd/openssh/dist/jpake.c delete crypto/external/bsd/openssh/dist/jpake.h delete crypto/external/bsd/openssh/dist/schnorr.c delete crypto/external/bsd/openssh/dist/schnorr.h delete crypto/external/bsd/openssh/dist/strtonum.c 1.1 crypto/external/bsd/openssh/Makefile.inc up to 1.8 crypto/external/bsd/openssh/bin/Makefile.inc up to 1.3 crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.2 crypto/external/bsd/openssh/bin/sshd/Makefile up to 1.12 crypto/external/bsd/openssh/dist/PROTOCOL up to 1.5 crypto/external/bsd/openssh/dist/PROTOCOL.krl up to 1.1.1.2 crypto/external/bsd/openssh/dist/addrmatch.c up to 1.8 crypto/external/bsd/openssh/dist/atomicio.c up to 1.6 crypto/external/bsd/openssh/dist/auth-bsdauth.c up to 1.4 crypto/external/bsd/openssh/dist/auth-chall.c up to 1.6 crypto/external/bsd/openssh/dist/auth-krb5.c up to 1.7 crypto/external/bsd/openssh/dist/auth-options.c up to 1.9 crypto/external/bsd/openssh/dist/auth-options.h up to 1.6 crypto/external/bsd/openssh/dist/auth-passwd.c up to 1.4 crypto/external/bsd/openssh/dist/auth-rh-rsa.c up to 1.6 crypto/external/bsd/openssh/dist/auth-rhosts.c up to 1.5 crypto/external/bsd/openssh/dist/auth-rsa.c up to 1.10 crypto/external/bsd/openssh/dist/auth.c up to 1.12 crypto/external/bsd/openssh/dist/auth.h up to 1.10 crypto/external/bsd/openssh/dist/auth1.c up to 1.11 crypto/external/bsd/openssh/dist/auth2-chall.c up to 1.7 crypto/external/bsd/openssh/dist/auth2-gss.c up to 1.8 crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.7 crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.5 crypto/external/bsd/openssh/dist/auth2-krb5.c up to 1.4 crypto/external/bsd/openssh/dist/auth2-none.c up to 1.5 crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.5 crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.11 crypto/external/bsd/openssh/dist/auth2.c up to 1.11 crypto/external/bsd/openssh/dist/authfd.c up to 1.8 crypto/external/bsd/openssh/dist/authfd.h up to 1.5 crypto/external/bsd/openssh/dist/authfile.c up to 1.10 crypto/external/bsd/openssh/dist/authfile.h up to 1.6 crypto/external/bsd/openssh/dist/bufaux.c up to 1.7 crypto/external/bsd/openssh/dist/bufbn.c up to 1.5 crypto/external/bsd/openssh/dist/bufec.c up to 1.5 crypto/external/bsd/openssh/dist/buffer.c up to 1.6 crypto/external/bsd/openssh/dist/buffer.h up to 1.7 crypto/external/bsd/openssh/dist/canohost.c up to 1.8 crypto/external/bsd/openssh/dist/channels.c up to 1.13 crypto/external/bsd/openssh/dist/channels.h up to 1.10 crypto/external/bsd/openssh/dist/cipher-3des1.c up to 1.7 crypto/external/bsd/openssh/dist/cipher-bf1.c up to 1.6 crypto/external/bsd/openssh/dist/cipher.c up to 1.7 crypto/external/bsd/openssh/dist/cipher.h up to 1.7 crypto/external/bsd/openssh/dist/clientloop.c up to 1.13 crypto/external/bsd/openssh/dist/compat.c up to 1.9 crypto/external/bsd/openssh/dist/compat.h up to 1.6 crypto/external/bsd/openssh/dist/deattack.c up to 1.4 crypto/external/bsd/openssh/dist/deattack.h up to 1.4 crypto/external/bsd/openssh/dist/dh.c up to 1.8 crypto/external/bsd/openssh/dist/dh.h up to 1.4 crypto/external/bsd/openssh/dist/dispatch.c up to 1.5 crypto/external/bsd/openssh/dist/dispatch.h up to 1.4 crypto/external/bsd/openssh/dist/dns.c up to 1.11 crypto/external/bsd/openssh/dist/dns.h up to 1.6 crypto/external/bsd/openssh/dist/groupaccess.c up to 1.5 crypto/external/bsd/openssh/dist/gss-genr.c up to 1.7 crypto/external/bsd/openssh/dist/gss-serv-krb5.c up to 1.8 crypto/external/bsd/openssh/dist/gss-serv.c up to 1.7 crypto/external/bsd/openssh/dist/hostfile.c up to 1.7 crypto/external/bsd/openssh/dist/hostfile.h up to 1.7 crypto/external/bsd/openssh/dist/includes.h up to 1.4 crypto/external/bsd/openssh/dist/kex.c up to 1.10 crypto/external/bsd/openssh/dist/kex.h up to 1.9 crypto/external/bsd/openssh/dist/kexdh.c up to 1.4 crypto/external/bsd/openssh/dist/kexdhc.c up to 1.6 crypto/external/bsd/openssh/dist/kexdhs.c up to 1.8 crypto/external/bsd/openssh/dist/kexecdh.c up to 1.5 crypto/external/bsd/openssh/dist/kexecdhc.c up to 1.5 crypto/external/bsd/openssh/dist/kexecdhs.c up to 1.5 crypto/external/bsd/openssh/dist/kexgex.c up to 1.4 crypto/external/bsd/openssh/dist/kexgexc.c up to 1.6 crypto/external/bsd/openssh/dist/kexgexs.c up to 1.8 crypto/external/bsd/openssh/dist/key.c up to 1.16 crypto/external/bsd/openssh/dist/key.h up to 1.9 crypto/external/bsd/openssh/dist/krl.c up to 1.5 crypto/external/bsd/openssh/dist/krl.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/mac.c up to 1.11 crypto/external/bsd/openssh/dist/mac.h up to 1.5 crypto/external/bsd/openssh/dist/match.c up to 1.5 crypto/external/bsd/openssh/dist/misc.c up to 1.10 crypto/external/bsd/openssh/dist/misc.h up to 1.9 plus patch crypto/external/bsd/openssh/dist/moduli.c up to 1.8 crypto/external/bsd/openssh/dist/monitor.c up to 1.14 crypto/external/bsd/openssh/dist/monitor.h up to 1.7 crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.5 crypto/external/bsd/openssh/dist/monitor_mm.c up to 1.6 crypto/external/bsd/openssh/dist/monitor_mm.h up to 1.4 crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.11 crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.8 crypto/external/bsd/openssh/dist/msg.c up to 1.4 crypto/external/bsd/openssh/dist/msg.h up to 1.4 crypto/external/bsd/openssh/dist/mux.c up to 1.11 crypto/external/bsd/openssh/dist/myproposal.h up to 1.10 crypto/external/bsd/openssh/dist/namespace.h up to 1.5 crypto/external/bsd/openssh/dist/packet.c up to 1.18 crypto/external/bsd/openssh/dist/packet.h up to 1.11 crypto/external/bsd/openssh/dist/pathnames.h up to 1.9 crypto/external/bsd/openssh/dist/pkcs11.h up to 1.4 crypto/external/bsd/openssh/dist/progressmeter.c up to 1.7 crypto/external/bsd/openssh/dist/progressmeter.h up to 1.4 crypto/external/bsd/openssh/dist/reallocarray.c new crypto/external/bsd/openssh/dist/readconf.c up to 1.13 crypto/external/bsd/openssh/dist/readconf.h up to 1.12 crypto/external/bsd/openssh/dist/readpass.c up to 1.6 crypto/external/bsd/openssh/dist/roaming_client.c up to 1.7 crypto/external/bsd/openssh/dist/roaming_common.c up to 1.9 crypto/external/bsd/openssh/dist/roaming_dummy.c up to 1.4 crypto/external/bsd/openssh/dist/rsa.c up to 1.5 crypto/external/bsd/openssh/dist/rsa.h up to 1.4 crypto/external/bsd/openssh/dist/sandbox-systrace.c up to 1.1.1.5 crypto/external/bsd/openssh/dist/scp.1 up to 1.9 crypto/external/bsd/openssh/dist/scp.c up to 1.11 crypto/external/bsd/openssh/dist/servconf.c up to 1.17 crypto/external/bsd/openssh/dist/servconf.h up to 1.11 crypto/external/bsd/openssh/dist/serverloop.c up to 1.12 crypto/external/bsd/openssh/dist/session.c up to 1.14 crypto/external/bsd/openssh/dist/session.h up to 1.4 crypto/external/bsd/openssh/dist/sftp-client.c up to 1.13 crypto/external/bsd/openssh/dist/sftp-client.h up to 1.7 crypto/external/bsd/openssh/dist/sftp-common.c up to 1.7 crypto/external/bsd/openssh/dist/sftp-common.h up to 1.5 crypto/external/bsd/openssh/dist/sftp-glob.c up to 1.8 crypto/external/bsd/openssh/dist/sftp-server.8 up to 1.9 crypto/external/bsd/openssh/dist/sftp-server.c up to 1.11 crypto/external/bsd/openssh/dist/sftp.1 up to 1.11 crypto/external/bsd/openssh/dist/sftp.c up to 1.15 crypto/external/bsd/openssh/dist/ssh-add.1 up to 1.9 crypto/external/bsd/openssh/dist/ssh-add.c up to 1.10 crypto/external/bsd/openssh/dist/ssh-agent.1 up to 1.8 crypto/external/bsd/openssh/dist/ssh-agent.c up to 1.14 crypto/external/bsd/openssh/dist/ssh-dss.c up to 1.7 crypto/external/bsd/openssh/dist/ssh-ecdsa.c up to 1.6 crypto/external/bsd/openssh/dist/ssh-gss.h up to 1.5 crypto/external/bsd/openssh/dist/ssh-keygen.1 up to 1.13 crypto/external/bsd/openssh/dist/ssh-keygen.c up to 1.16 crypto/external/bsd/openssh/dist/ssh-keyscan.1 up to 1.10 crypto/external/bsd/openssh/dist/ssh-keyscan.c up to 1.13 crypto/external/bsd/openssh/dist/ssh-keysign.8 up to 1.9 crypto/external/bsd/openssh/dist/ssh-keysign.c up to 1.8 crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.6 crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.8 crypto/external/bsd/openssh/dist/ssh-pkcs11.c up to 1.7 crypto/external/bsd/openssh/dist/ssh-pkcs11.h up to 1.4 crypto/external/bsd/openssh/dist/ssh-rsa.c up to 1.7 crypto/external/bsd/openssh/dist/ssh.1 up to 1.14 crypto/external/bsd/openssh/dist/ssh.c up to 1.16 crypto/external/bsd/openssh/dist/ssh2.h up to 1.6 crypto/external/bsd/openssh/dist/ssh_config up to 1.8 crypto/external/bsd/openssh/dist/ssh_config.5 up to 1.13 crypto/external/bsd/openssh/dist/sshconnect.c up to 1.11 crypto/external/bsd/openssh/dist/sshconnect.h up to 1.6 crypto/external/bsd/openssh/dist/sshconnect1.c up to 1.6 crypto/external/bsd/openssh/dist/sshconnect2.c up to 1.19 crypto/external/bsd/openssh/dist/sshd.8 up to 1.13 crypto/external/bsd/openssh/dist/sshd.c up to 1.18 crypto/external/bsd/openssh/dist/sshd_config up to 1.13 crypto/external/bsd/openssh/dist/sshd_config.5 up to 1.17 crypto/external/bsd/openssh/dist/sshlogin.c up to 1.6 crypto/external/bsd/openssh/dist/sshpty.c up to 1.4 crypto/external/bsd/openssh/dist/uidswap.c up to 1.4 crypto/external/bsd/openssh/dist/umac.c up to 1.9 crypto/external/bsd/openssh/dist/version.h up to 1.14 crypto/external/bsd/openssh/dist/xmalloc.c up to 1.5 crypto/external/bsd/openssh/lib/Makefile up to 1.17 plus patch crypto/external/bsd/openssh/lib/shlib_version up to 1.13 distrib/sets/lists/base/ad.aarch64 patch distrib/sets/lists/base/ad.arm patch distrib/sets/lists/base/ad.mips patch distrib/sets/lists/base/ad.powerpc patch distrib/sets/lists/base/md.amd64 patch distrib/sets/lists/base/md.sparc64 patch distrib/sets/lists/base/mi patch distrib/sets/lists/base/shl.mi patch distrib/sets/lists/comp/ad.aarch64 patch distrib/sets/lists/comp/ad.arm patch distrib/sets/lists/comp/ad.mips patch distrib/sets/lists/comp/ad.powerpc patch distrib/sets/lists/comp/md.amd64 patch distrib/sets/lists/comp/md.sparc64 patch distrib/sets/lists/comp/mi patch distrib/sets/lists/comp/shl.mi patch distrib/sets/lists/debug/ad.aarch64 patch distrib/sets/lists/debug/ad.arm patch distrib/sets/lists/debug/ad.mips patch distrib/sets/lists/debug/ad.powerpc patch distrib/sets/lists/debug/md.amd64 patch distrib/sets/lists/debug/md.sparc64 patch distrib/sets/lists/debug/shl.mi patch distrib/sets/lists/etc/mi patch distrib/sets/lists/man/mi patch etc/defaults/rc.conf 1.130 etc/mtree/NetBSD.dist.base 1.142 external/bsd/Makefile up to 1.48 external/bsd/blacklist/bin/Makefile up to 1.11 plus patch external/bsd/blacklist/bin/blacklistctl.8 up to 1.6 external/bsd/blacklist/bin/blacklistctl.c up to 1.17 external/bsd/blacklist/bin/blacklistd.8 up to 1.10 external/bsd/blacklist/bin/blacklistd.c up to 1.32 external/bsd/blacklist/bin/blacklistd.conf.5 up to 1.2 external/bsd/blacklist/bin/conf.c up to 1.18 external/bsd/blacklist/bin/conf.h up to 1.6 external/bsd/blacklist/bin/internal.c up to 1.5 external/bsd/blacklist/bin/internal.h up to 1.12 external/bsd/blacklist/bin/run.c up to 1.12 external/bsd/blacklist/bin/run.h up to 1.5 external/bsd/blacklist/bin/state.c up to 1.15 external/bsd/blacklist/bin/state.h up to 1.5 external/bsd/blacklist/bin/support.c up to 1.6 external/bsd/blacklist/bin/support.h up to 1.5 external/bsd/blacklist/etc/rc.d/Makefile up to 1.1 external/bsd/blacklist/etc/rc.d/blacklistd up to 1.1 external/bsd/blacklist/etc/Makefile up to 1.3 external/bsd/blacklist/etc/blacklistd.conf up to 1.3 external/bsd/blacklist/etc/npf.conf up to 1.1 external/bsd/blacklist/Makefile up to 1.2 external/bsd/blacklist/Makefile.inc up to 1.3 external/bsd/blacklist/README up to 1.7 external/bsd/blacklist/TODO up to 1.7 external/bsd/blacklist/diff/ftpd.diff up to 1.1 external/bsd/blacklist/diff/named.diff up to 1.6 external/bsd/blacklist/diff/ssh.diff up to 1.6 external/bsd/blacklist/include/Makefile up to 1.1 external/bsd/blacklist/include/bl.h up to 1.12 external/bsd/blacklist/include/blacklist.h up to 1.3 external/bsd/blacklist/include/config.h new external/bsd/blacklist/lib/Makefile up to 1.3 external/bsd/blacklist/lib/bl.c up to 1.24 external/bsd/blacklist/lib/blacklist.c up to 1.5 external/bsd/blacklist/lib/libblacklist.3 up to 1.3 external/bsd/blacklist/lib/shlib_version up to 1.1 external/bsd/blacklist/libexec/Makefile up to 1.1 external/bsd/blacklist/libexec/blacklistd-helper up to 1.4 external/bsd/blacklist/port/m4/.cvsignore up to 1.1 external/bsd/blacklist/port/Makefile.am up to 1.4 external/bsd/blacklist/port/_strtoi.h up to 1.1 external/bsd/blacklist/port/clock_gettime.c up to 1.2 external/bsd/blacklist/port/configure.ac up to 1.7 external/bsd/blacklist/port/fgetln.c up to 1.1 external/bsd/blacklist/port/fparseln.c up to 1.1 external/bsd/blacklist/port/getprogname.c up to 1.4 external/bsd/blacklist/port/pidfile.c up to 1.1 external/bsd/blacklist/port/popenve.c up to 1.2 external/bsd/blacklist/port/port.h up to 1.6 external/bsd/blacklist/port/sockaddr_snprintf.c up to 1.9 external/bsd/blacklist/port/strlcat.c up to 1.2 external/bsd/blacklist/port/strlcpy.c up to 1.2 external/bsd/blacklist/port/strtoi.c up to 1.3 external/bsd/blacklist/test/Makefile up to 1.2 external/bsd/blacklist/test/cltest.c up to 1.6 external/bsd/blacklist/test/srvtest.c up to 1.9 lib/libpam/modules/pam_ssh/pam_ssh.c up to 1.23 libexec/ftpd/pfilter.c up to 1.1 libexec/ftpd/pfilter.h up to 1.1 libexec/ftpd/Makefile up to 1.64 libexec/ftpd/ftpd.c up to 1.201 Add blacklistd(8), a daemon to block and release network ports on demand to mitigate abuse, and related changes to system daemons to support it. [christos, ticket #711]
Add resize_root boot operation. If resize_root=YES in rc.conf then the system attempts to resize the root file system to fill it's partition prior to mounting read-write. Useful for things like AMI file system images. May eventually be used by arm images after coming up with similar solution for increasing the parition size.
Pull up following revision(s) (requested by jmcneill in ticket #635): etc/rc.d/Makefile: revision 1.92 distrib/sets/lists/man/mi: revision 1.1497 share/man/man5/Makefile: revision 1.71 etc/defaults/rc.conf: revision 1.132 etc/rc.d/modules: revision 1.1 usr.sbin/postinstall/postinstall: revision 1.190 distrib/sets/lists/etc/mi: revision 1.236 etc/mtree/special: revision 1.152 share/man/man5/modules.conf.5: revision 1.1 Process /etc/modules.conf (if present) at startup, before securelevel is raised, to allow module loading on ports without a module aware bootloader.
Process /etc/modules.conf (if present) at startup, before securelevel is raised, to allow module loading on ports without a module aware bootloader.
Add rc script for /sbin/iscsid.
add blacklistd
Pull up following revision(s) (requested by jmcneill in ticket #443): etc/defaults/rc.conf: revision 1.129 etc/rc.d/wpa_supplicant: revision 1.6 It doesn't make sense to start wpa_supplicant from an rc.d script without the -B flag, so always prepend it to $rc_flags.
It doesn't make sense to start wpa_supplicant from an rc.d script without the -B flag, so always prepend it to $rc_flags.
Revert last change. This was already fixed differently and something went wrong with the change anyway. Sorry
Re-add default for "rtsol". "/etc/rc.d/network" still checks for this setting and complains if it isn't defined at all. Add a comment that it is deprecated and suggest to use "dhcpcd=YES" instead.
rtsol has gone.
Add the -M flag to dhcpcd so it stays in master mode even for one interface. Suggested by apb@
Remove rtsol(8) and rtsold(8) as their functionality is in dhcpcd(8). Remove rtsol(8) from rc.d/network. Add -w seconds command to ifconfig to wait for N seconds for until DAD has finished on all addresses. Use ifconfig -w in rc.d/network instead of a forced sleep. As discussed on tech-net@
Rebase to HEAD as of a few days ago.
Rebase.
'file system' for consistency with documentation (instead of 'filesystem').
resync with head
sync with head
Add ppp=YES variable. Currently pppd(8) starts automatically if ppp_peers is not empty. Adding a ppp variable allows the default peer to be set, and ppp set to NO so that dialing can happen with /etc/rc.d/ppp onestart. Default set to YES so that old behaviour is preserved. http://mail-index.netbsd.org/tech-userlevel/2012/08/21/msg006656.html
Nix `-b 1024' from ssh_keygen_flags in /etc/defaults/rc.conf. No objections on tech-security: http://mail-index.NetBSD.org/tech-security/2012/09/03/msg000548.html The security of generating keys at boot remains questionable, but this change makes that no worse.
sync with head
No need to specify nfsd flags anymore. The defaults DTRT.
sync with head
Import the new apropos/whatis. This code has been developed by Abhinav Upadhyay as part of Google's Summer of Code 2011. It uses libmandoc to parse man pages and builds a Full Text Index in a SQLite database. The combination of indexing the full manual page, filtering out stop words and ranking individual matches based on the section gives a much improved user experience. The old makewhatis and friends are kept under MKMAKEMANDB=no for now.
Add a default for isibootd(8). Pointed out by nonaka@.
Load entropy at system boot (only works at securelevel < 1); save at system shutdown. Disable with random_seed=NO in rc.conf if desired. Goes to some trouble to never load or save to network filesystems. Entropy should really be loaded by the boot loader but I am still sorting out how to pass it to the kernel.
Allow pf flags to be specified in rc.conf. Add default to defaults/rc.d as suggested by lukem@
Create and install an rc.d file for devpubd - a daemon to listen on drvctl and autocreate device nodes in /dev for those which don't have any. Set the default to "NO" for now.
Modify etc/defaults/Makefile so that architectures can specify an additional rc.conf file. This one should reside under etc/etc.${MACHINE}/, and will get automatically appended to etc/defaults/rc.conf at build time if present. This is used by i386 and amd64 to append a small MD rc.conf(5) configuration at the end of the defaults/rc.conf file, so that powerd(8) can be started by default when we are running in a Xen environment. This is needed to support save/restore functions for domains. From all the alternatives proposed to fix that issue (from /etc/rc.conf parsing in postinstall to etc/defaults/rc.conf arch-hooks) I believe this one will appease everyone because it: - does not touch etc/defaults/rc.conf template file, - patches it at build time for MD hooks only when required, - does not need to parse/modify a user-specified file like /etc/rc.conf (which is a complex, error-prone operation), - only enables powerd(8) by default when conditions are met (Xen environment) while still allowing root to shoot himself in the foot if he wants to override this manually in /etc/rc.conf. See also http://mail-index.netbsd.org/tech-userlevel/2011/07/25/msg005246.html
provide a new 'bluetooth' rc.d script, to handle Bluetooth configuration in a simpler manner. This replaces btattach, btconfig, bthcid, btdevctl and sdpd scripts, and also should not require any configuration settings other than "bluetooth=YES", though the full range of configurations is still possible.
Sync with HEAD
Add rc.d script to make sure the system fontconfig cache is up to date.
Sync with HEAD
NPF checkpoint: - Add libnpf(3) - a library to control NPF (configuration, ruleset, etc). - Add NPF support for ftp-proxy(8). - Add rc.d script for NPF. - Convert npfctl(8) to use libnpf(3) and thus make it less depressive. Note: next clean-up step should be a parser, once dholland@ will finish it. - Add more documentation. - Various fixes.
add ldpd rc script
sync to netbsd-5
Pull up following revision(s) (requested by dholland in ticket #1195): etc/defaults/rc.conf: revision 1.107 Make rtsold_flags default to -a as per PR 39657.
Pull up the following revisions(s) (requested by dholland in ticket #1370): etc/defaults/rc.conf: revision 1.107 Make rtsold_flags default to -a. Closes PR/39657.
mdnsd enhancements and fixes: - Enhance the built-in drop-privs support and use it instead of having the rc.conf do it. Avoids log error on startup. From OpenSolaris, with enhancements. - Add dumping of the unicast server list to the DumpStateLog debugging output, a'la Mac OS X. - Fix a locking botch that caused warnings in the log. - Fix FILE leak. From OpenSolaris.
Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
Make rtsold_flags default to -a as per PR 39657.
Add the ability for file systems mounted via mount_critical_filesystems() in rc.subr to be marked as optional. This means that it's not an error if the file system is not mentioned in /etc/fstab. It is still an error if something else goes wrong. Change the defaults for these two variables in /etc/defaults/rc.conf: critical_filesystems_local="OPTIONAL:/var" critical_filesystems_remote="OPTIONAL:/usr"
Add a postprocessor to /etc/rc, which logs messages to /var/run/rc.log, and which can suppress output in silent mode. Silent mode is enabled via the new rc_silent variable, which defaults to a value that depends on the kern.boothowto sysctl. Part of the /etc/rc silent changes requested in PR 41946 and proposed in tech-userlevel.
Document recent gpio(4) changes and introduce a new config file for GPIO. Integrate with the startup scripts in /etc/rc.d. Introduce new variable "gpio" for /etc/rc.conf.
Sync with HEAD. Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
Pull up following revision(s) (requested by roy in ticket #534): etc/defaults/rc.conf: revision 1.103 etc/rc.d/Makefile: revision 1.78 via patch etc/rc.d/dhcpcd: revision 1.1 Add an rc.d script for dhcpcd(8)
Add an rc.d script for dhcpcd(8)
Add rc_directories to specify where to look for rc scripts. For the moment all scripts must be in /root and non-existent directories are skipped.
Pull up following revision(s) (requested by hannken in ticket #606): etc/defaults/rc.conf: revision 1.101 etc/rc.d/ipfilter: revision 1.18 Add flags to rc.d/ipfilter. Use it from rc.conf like ipfilter=YES ipfilter_flags="-T fr_statemax=18963,fr_statesize=27091" Ok: Christos Zoulas <christos@netbsd.org>
Add flags to rc.d/ipfilter. Use it from rc.conf like ipfilter=YES ipfilter_flags="-T fr_statemax=18963,fr_statesize=27091" Ok: Christos Zoulas <christos@netbsd.org>
Pull up following revision(s) (requested by apb in ticket #406): etc/defaults/rc.conf: revision 1.99 etc/rc.d/Makefile: revision 1.73 etc/rc.d/rndctl: revision 1.1 share/man/man5/rc.conf.5: revision 1.127 * Add etc/rc.d/rndctl script, based on work by Brian A. Seklecki. This allows you to invoke rndctl(8) during the boot. * Add rndctl=NO and rndctl_flags="" to /etc/defaults/rc.conf. * Document rndctl and rndctl_flags variables in rc.conf(5).
Pull up following revision(s) (requested by rafal in ticket #297): distrib/sets/lists/etc/mi: revision 1.203 doc/CHANGES: revision 1.1151 via patch etc/defaults/rc.conf: revision 1.97 etc/mtree/special: revision 1.123 etc/rc.d/Makefile: revision 1.71 etc/rc.d/httpd: revision 1.1 share/man/man5/rc.conf.5: revision 1.123 usr.sbin/postinstall/postinstall: revision 1.80 Import rc.d/httpd script for httpd(8) daemon control. See rc.conf(5) for options explanation.
Sync with HEAD.
Add lvm rc script for starting LV's during boot. starting lvm is turn off by default, until MKLVM is enabled by default. This script can be used without /usr/bin.
* Add etc/rc.d/rndctl script, based on work by Brian A. Seklecki. This allows you to invoke rndctl(8) during the boot. * Add rndctl=NO and rndctl_flags="" to /etc/defaults/rc.conf. * Document rndctl and rndctl_flags variables in rc.conf(5).
x68k pow(4) now uses MI sysmon_pswitch framework. suggested by tsutsui@. - Make MD poffd(8) retire, and use MI powerd(8) instead of it. - Make /dev/pow1 retire, because nobody holds /dev/pow0 any longer. Use /dev/pow0 for pow(4) ioctl. - POWIOCSSIGNAL ioctl which is for poffd(8) is also obsoleted.
Import rc.d/httpd script for httpd(8) daemon control. See rc.conf(5) for options explanation.
Remove LKMs and switch to the module framework, pass 1. Proposed on tech-kern@.
Sync with HEAD.
Sync with wrstuden-revivesa-base-2.
Update build glue for dhcpcd 4.0.0rc3 and move it to src/external/dhcpcd. Make dhcpcd quiet by default when run from rc.
Sync with HEAD.
Sync w/ -current. 34 merge conflicts to follow.
add a default for ftp_proxy as reminded by Geoff Wing and others.
sync with head
Sync with HEAD.
Allow per-interface DHCP configuration using dhcpcd via ifconfig_xxN=dhcp or a dhcp line in /etc/ifconfig.xxN.
some changes to serial bluetooth host controller interfaces btuartd(8) should be named btattach(8) for consistency with other parts of NetBSD make btattach(8) a single-use tool for less complexity device specicific initialisation (from btuart(4)) is carried out prior to activating the line discipline (in btattach(8)), which simplifies the API somewhat and means that the user tool and the kernel do not need to be kept in sync. btuart(4) driver is much reduced; naming is made consistent and all tsleep() and delay() are removed to userland
Enable devfsd by default. Thanks to riz for pointing this out.
Sync with HEAD.
The previous versions of kdc got different levels of patches to make them work like a standard detaching daemon. Now keep the original and just supply the "work as a daemon" command line option as a default.
dctl: - Make dctl see aware of device driver names being added and removed so that it can signal devfsd(8), which in turn will request device node creation of deletion from a particular devfs mount. - Each device that registers the need for a device node also passes on some info about what sort of device they are. We now package this up in the dctl messaging framework to let devfsd(8) know. - Use a dev_t for the cookie for each device that dctl(4) knows about. This was changed from a device_t because some devices (zero(4)) don't have corresponding device_t's. - dctl mount functions have grown a visibility argument which specifies the default visibility for that mount. - Since we want to get information about devices (for matching against rules) through ioctl calls to match against rules, but for userland to ioctl they need device nodes, dctl provides an "inner" ioctl function that calls the ioctl function of the device driver directly. devfsd: - Run in the background. - Convert all output to use syslog(3). - When devices are removed request the corresponding device node be removed from every devfs mount. - Start using the dctl "innerioctl" facility to get information about devices which will be useful for matching. We're only handling disk devices, and can only grok information about a partition's file system type at the moment. - Fix code that handles rules that specify filenames. - Specifying visibility for device nodes now works. mount_devfs: - Catch up with devfs changes. Provide an -f option which means that the devfs can only be unmounted it if it forced. - Provide -i option to specify that the default visibility for a mount should be invisible. This means device nodes are not visible in the devfs mount by default, rather they must have a rule for devfsd that specifies that they should be visible. - Provide -v option that specifies a devfs mount should be visible. This is the default. - Update man page to reflect these changes. etc/defaults/rc.conf: - Turn devfsd off by default. Device nodes can now be dynamically created and removed from a device file system.
Start where the mjf-devfs branch left off.
Add some devfs code that's been sitting in my local tree for a while. devfsd(8) is now the first daemon to be started after init(8). It tracks device insertion (will eventually track removal) and devfs mounts. Currently, we can mount multiple device file systems and have device special files pushed into the mounts automatically, though, the device special files aren't created with the correct major/minor number pairs yet. More work to come soon.
Catch up with 4.0 RC3
Pull up following revision(s) (requested by xtraeme in ticket #930): etc/group: revision 1.22 etc/defaults/rc.conf: revision 1.85 etc/master.passwd: revision 1.38 usr.sbin/sdpd/sdpd.8: revision 1.2 usr.sbin/sdpd/sdpd.8: revision 1.3 share/man/man5/rc.conf.5: revision 1.113 etc/rc.d/sdpd: revision 1.2 usr.sbin/sdpd/server.c: revision 1.3 usr.sbin/postinstall/postinstall: revision 1.38 usr.sbin/sdpd/server.h: revision 1.2 usr.sbin/sdpd/main.c: revision 1.2 usr.sbin/sdpd/main.c: revision 1.3 Add an option to permit members of a specific group to register services, in order to lower the barrier for users of bluetooth devices which may need to query services on the local host. change default user/group from nobody/nobody to _sdpd/_sdpd
Sync w/ NetBSD-4-RC_1
Pull up following revision(s) (requested by pavel in ticket #845): etc/rc.d/postfix: revision 1.14 etc/defaults/rc.conf: revision 1.90 Add some magic (similar to the one in rc.d/sendmail introduced with 2.0 release) to not start postfix if $postfix is not explicitely set and another mailer is selected in /etc/mailer.conf. Also print a warning if it happens because the mailer in rc.conf is the removed sendmail. This prevents starting two MTAs at once if one uses a custom MTA. As proposed on tech-userlevel, approved by martin.
Add some magic (similar to the one in rc.d/sendmail introduced with 2.0 release) to not start postfix if $postfix is not explicitely set and another mailer is selected in /etc/mailer.conf. Also print a warning if it happens because the mailer in rc.conf is the removed sendmail. This prevents starting two MTAs at once if one uses a custom MTA. As proposed on tech-userlevel, approved by martin.
Let an rc variable, sysdb=YES|NO, control the building of the system databases. Defaults to YES.
fixsb has done its job.
Imported envsys 2, a brief description of the new features: (Part 4: documentation and configuration files) * Support for detachable sensors. * Cleaned up the API for simplicity and efficiency. * Ability to send capacity/critical/warning events to powerd(8). * Adapted all the code to the new locking order. * Compatibility with the old envsys API: the ENVSYS_GTREINFO and ENVSYS_GTREDATA ioctl(2)s are supported. * Added support for a 'dictionary based communication channel' between sysmon_power(9) and powerd(8), that means there is no 32 bytes event size restriction anymore. * Binary compatibility with old envstat(8) and powerd(8) via COMPAT_40. * All drivers with the n^2 gtredata bug were fixed, PR kern/36226. Tested by: blymn: smsc(4). bouyer: ipmi(4), mfi(4). kefren: ug(4). njoly: viaenv(4), adt7463.c. riz: owtemp(4). xtraeme: acpiacad(4), acpibat(4), acpitz(4), aiboost(4), it(4), lm(4).
Some Veriexec stuff that's been rotting in my tree for months. Bug fixes: - Fix crash reported by Scott Ellis on current-users@. - Fix race conditions in enforcing the Veriexec rename and remove policies. These are NOT security issues. - Fix memory leak in rename handling when overwriting a monitored file. - Fix table deletion logic. - Don't prevent query requests if not in learning mode. KPI updates: - fileassoc_table_run() now takes a cookie to pass to the callback. - veriexec_table_add() was removed, it is now done internally. As a result, there's no longer a need for VERIEXEC_TABLESIZE. - veriexec_report() was removed, it is now internal. - Perform sanity checks on the entry type, and enforce default type in veriexec_file_add() rather than in veriexecctl. - Add veriexec_flush(), used to delete all Veriexec tables, and veriexec_dump(), used to fill an array with all Veriexec entries. New features: - Add a '-k' flag to veriexecctl, to keep the filenames in the kernel database. This allows Veriexec to produce slightly more accurate logs under certain circumstances. In the future, this can be either replaced by vnode->pathname translation, or combined with it. - Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database. This can be used to recover a database if the file was lost. Example usage: # veriexecctl dump > /etc/signatures Note that only entries with the filename kept (that is, were loaded with the '-k' flag) will be dumped. Idea from Brett Lymn. - Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample usage: # veriexecctl flush - Add a 'veriexec_flags' rc(8) variable, and make its default have the '-k' flag. On systems using the default signatures file (generaetd from running 'veriexecgen' with no arguments), this will use additional 32kb of kernel memory on average. - Add a '-e' flag to veriexecctl, to evaluate the fingerprint during load. This is done automatically for files marked as 'untrusted'. Misc. stuff: - The code for veriexecctl was massively simplified as a result of eliminating the need for VERIEXEC_TABLESIZE, and now uses a single pass of the signatures file, making the loading somewhat faster. - Lots of minor fixes found using the (still under development) Veriexec regression testsuite. - Some of the messages Veriexec prints were improved. - Various documentation fixes. All relevant man-pages were updated to reflect the above changes. Binary compatibility with existing veriexecctl binaries is maintained.
For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd
Supprot Bluetooth HCI UART (H4) driver and daemon.
Add support for per-user /tmp. Enabled via per_user_tmp in /etc/rc.conf (default off). See security(8) and rc.conf(5) for more details. Lots of input from thorpej@ & christos@, thanks!
"Verified exec" -> "Veriexec", in comment.
PR 34692: wpa_supplicant script. By Jukka Salmi.
Pull up following revision(s) (requested by plunky in ticket #81): usr.sbin/postinstall/postinstall: revision 1.23 distrib/sets/lists/man/mi: revision 1.919 distrib/sets/lists/etc/mi: revision 1.174 usr.sbin/btdevctl/btdevctl.c: revision 1.1 usr.sbin/btdevctl/hid.c: revision 1.1 usr.sbin/Makefile: revision 1.217 usr.sbin/btdevctl/btdevctl.h: revision 1.1 usr.sbin/btdevctl/btdevctl.8: revision 1.1 etc/rc.d/btcontrol: file removal distrib/sets/lists/comp/mi: revision 1.910 etc/rc.d/Makefile: revision 1.61 usr.sbin/btdevctl/cfg.c: revision 1.1 usr.sbin/btdevctl/dev.c: revision 1.1 share/man/man4/btkbd.4: revision 1.2 share/man/man4/bthidev.4: revision 1.4 usr.sbin/btcontrol/hid.c: file removal usr.sbin/btdevctl/Makefile: revision 1.1 share/man/man4/btsco.4: revision 1.3 distrib/sets/lists/base/mi: revision 1.644 share/man/man4/btdev.4: revision 1.3 share/man/man4/btms.4: revision 1.2 etc/mtree/special: revision 1.100 share/man/man5/rc.conf.5: revision 1.105 usr.sbin/btcontrol/cfg.c: file removal etc/rc.d/btdevctl: revision 1.1 etc/defaults/rc.conf: revision 1.80 usr.sbin/btcontrol/btcontrol.h: file removal usr.sbin/btcontrol/btcontrol.8: file removal usr.sbin/btcontrol/dev.c: file removal usr.sbin/btcontrol/btcontrol.c: file removal usr.sbin/btcontrol/Makefile: file removal rename btcontrol(8) as btdevctl(8) to make it fit with the NetBSD naming scheme for control programs. This fixes pr 34051.
rename btcontrol(8) as btdevctl(8) to make it fit with the NetBSD naming scheme for control programs. This fixes pr 34051.
Bluetooth fixes by Iain Hibbert: Create "/etc/rc.d/btcontrol" to attach bluetooth devices at boot.
Initial import of bluetooth stack on behalf of Iain Hibbert. (plunky@, NetBSD Foundation Membership still pending.) This stack was written by Iain under sponsorship from Itronix Inc. The stack includes support for rfcomm networking (networking via your bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets. Drivers for both PCMCIA and USB bluetooth controllers are included.
Remove sendmail (approved by core)
Add a script to start irdaattach on boot.
rc script to control hostapd.
Pull up following revision(s) (requested by ghen in ticket #1226): etc/defaults/rc.conf: revision 1.74 etc/mtree/special: revision 1.93 share/man/man5/rc.conf.5: revision 1.99 Document the defaultroute6 rc.conf variable and the /etc/mygate6 file in /etc/defaults/rc.conf, /etc/mtree/special, and rc.conf(5). Ok with wiz.
Document the defaultroute6 rc.conf variable and the /etc/mygate6 file in /etc/defaults/rc.conf, /etc/mtree/special, and rc.conf(5). Ok with wiz.
Add distribution entries and supporting files for the iSCSI target.
remove reference to sushi
RFC 3879 deprecated the IPv6 site-local prefix (fec0::/10): * remove all references to $ip6sitelocal and output a warning message if the variable is defined. * introduce $ip6uniquelocal (defaults to 'NO') that will control the behaviour of the system when $ip6mode is ``router'' (i.e. fc00::/7 will not be routed if the variable is ``NO'') as per RFC 4193. Thanks to Jonathan A. Kollasch for pointing this out in PR 32152.
Pull up following revision(s) (requested by elad in ticket #896): etc/defaults/rc.conf: revision 1.70 etc/rc.d/veriexec: revision 1.8 Load Veriexec signatures after mountall. Use veriexec_strict and veriexec_verbose to set strict level and verbose level in rc.conf. Defaults are 0.
Load Veriexec signatures after mountall. Use veriexec_strict and veriexec_verbose to set strict level and verbose level in rc.conf. Defaults are 0.
Default rwhod to running as _rwhod (but leave disabled by default). I thought I already comitted this one...
Pull up revision 1.66 (requested by peter in ticket #660): Allow to change the location of the pf ruleset with the variable $pf_rules.
Add command_args="-D" to the ftpd rc.d script. This flag is always needed when running ftpd as daemon and it will now automatically be appended to the command line, even if ftpd_flags doesn't have it. Suggested by Alan Barrett and Luke Mewburn, thanks.
Add "-ll" to ftpd_flags to be consistent with the entry in inetd.conf. Suggested by lukem@.
Allow to change the location of the pf ruleset with the variable $pf_rules.
Add defaults for ftpd.
default swapoff to yes, and explain why.
Comment typos: unecessary->unnecessary, accidentaly->accidentally
Pull up revision 1.62 (requested by atatat in ticket #662): Change the default settings for sendmail: 1) The stock sendmail.cf will only listen on the loopback interface 2) The stock submit.cf specifically connects to "localhost.", which should be less susceptible to being confused or looking confused. 3) The SMTP listener starts by default, if needed. The setting in /etc/default/rc.conf is still "no", but rc.d/sendmail detects the default setting and will change it to "yes" if need is determined. "Need" is defined as "nothing else seems to have been changed about the mail configuration but we would like locally originated and locally destined mail to be delivered". If you change e.g. mailer.conf to point to postfix or some other MTA, sendmail will not start.
Pull up revision 1.61 (requested by atatat in ticket #660): Make the directory into which crash dumps are saved into something that can be controlled via rc.conf. The default is, of course, /var/crash.
Change the default settings for sendmail. (1) The stock sendmail.cf will only listen on the loopback interface. (2) The stock submit.cf specifally connects to "localhost." which should be less susceptible to being confused or looking confused. (3) The smtp listener starts by default, if needed. The setting in /etc/default/rc.conf is still "no", but rc.d/sendmail detects the default setting and will change it to yes if need is determined. Need is defined as "nothing else seems to have been changed about the mail configuration but we'd like locally originated and locally destined mail to be delivered". If you change, eg, mailer.conf to point to postfix or some other MTA, sendmail will not start.
Make the directory into which crash dumps are saved into something that can be controlled via rc.conf. The default is, of course, /var/crash.
PR bin/26142: add defaults for $pf and $pflogd.
Pull up revision 1.59 (requested by abs in ticket #455): Add quota=YES and ldconfig=YES
Add quota=YES and ldconfig=YES
Pull up revision 1.58 (requested by dbj in ticket #185) Fix problems related to superblock upgrade issues which may be experienced by -current users from 2003.
add support for turning off fixsb in rc.conf default is fixsb=YES
Pull up revision 1.57 (requested by mrg in ticket #1663): move ipmon's "-D" argument from "command_args" to "ipmon_flags" so that passing an (optional) filename argument (that must come last) works fine from $ipmon_flags. from PR#25006.
Pullup rev 1.57 (requested by mrg in ticket #66) Move ipmon's "-D" argument from "command_args" to "ipmon_flags" so that passing an (optional) filename argument (that must come last) works fine from $ipmon_flags. PR#25006
move ipmon's "-D" argument from "command_args" to "ipmon_flags" so that passing an (optional) filename argument (that must come last) works fine from $ipmon_flags. from PR#25006.
Add ssh_keygen_flags variable to rc.conf to allow users to set the size of auto-generated keys if desired.
add line for standalone identd invocation.
Add veriexec to defaults.
Define an rcvar "virecover" so that this can be configurable. The default is YES.
Add a new /etc/rc.conf option: rtclocaltime=YES adapts the RTC offset at boot automatically, so a machine dual booting another OS that uses the RTC at localtime and NetBSD agree on the current time even if daylight saving started/ended (without recompiling a kernel twice per year). Awk code by Matt Thomas.
Pullup rev 1.51 (requested by martti in ticket #1543) Allow custom fsck options via fsck_flags.
set fsck_flags=-p in /etc/defaults/rc.conf instead of checking if it is empty in /etc/rc.d/fsck. From Bernd Ernesti.
Add a knob to turn off automatic configuration (via rc.d) of non-auto-configured (via kernel) raid devices. oster says ok.
Add defaults for powerd(8).
Capitalize the word "if".
Expand the sendmail settings section (from two to five) and elaborate (in brief) on what it's all about.
Allow ccd autoconfiguration to be turned off (by setting ccd=NO in /etc/rc.conf; default is YES.) Suggested by elric, ok'ed by lukem.
Allow cgd configuration to be skipped (by setting cgd=NO, defaults to YES). Closes my PR/20766. Based on a suggestion by lukem.
clarify that lkm needs /usr
Pull up revision 1.41 (requested by thorpej in ticket #584): Add a wdogctl startup/shutdown script.
/etc/rc.d/mixerctl: Add capability to save and restore mixer settings. Thanks to Julio Merino.
Added touch panel calibration utility.
Add a wdogctl startup/shutdown script.
add a line about wsmoused commented out.
Pull up revision 1.39 (requested by lukem in ticket #294): ntpd_chrootdir needs /dev/clockctl as well
ntpd_chrootdir needs /dev/clockctl as well
Pull up revision 1.38 (requested by lukem in ticket #277): $ntpd_chroot requires "pseudo-device clockctl" in the kernel
$ntpd_chroot requires "pseudo-device clockctl" in the kernel
Add two new rc.conf(5) variables: rc_rcorder_flags extra flags to rcorder(8) in /etc/rc rcshutdown_rcorder_flags extra flags to rcorder(8) in /etc/rc.shutdown This can be used to specify extra directories to search for rc.d scripts in. For example, adding the following to rc.conf(5): rc_rcorder_flags="/usr/pkg/etc/rc.d/*" rcshutdown_rcorder_flags="/usr/pkg/etc/rc.d/*" will add the files in /usr/pkg/etc/rc.d to the list of files that rcorder(8) uses to build the list of scripts to start or stop. I proposed this functionality on tech-userlevel@ over one month ago. Closes the recent [misc/16888], which asked for a similar feature.
deprecate $sshd_conf_dir and hardcode /etc/ssh. $sshd_conf_dir wasn't as flexible as liked (it didn't work for ssh(1), host keys or known_hosts).
Now that isdnd does auto-UP/DOWN itself, remove it from the rc.d script. Remove all related rc.conf options as well, we now have fine-grained controll in /etc/isdn/isdnd.rc.
Replace $critical_filesystems_beforenet with $critical_filesystems_local . Replace $critical_filesystems with $critical_filesystems_remote . The new names are now consistent with the type argument that mount_critical_filesystems() is called with, and allows for other types to be easily supported by that function. For backwards compatibility purposes, if the now obsolete variable is defined (even empty), it takes precedence over the new form, and you will be warned. If you want to stop the warnings, update your rc.conf(5) settings!
Implement rc.conf(5) variable `` $swapoff ''. If set to yes, block-type swap partitions will be deleted upon shutdown. This can be useful if swapping onto a RAIDframe device, but may cause unnecessary delays during shutdown for the general case, so it's disabled by default. Should resolve [bin/14433] and [kern/14769].
move sshd config files to /etc/ssh
Pull up revisions 1.19,1.28,1.31 (via patch, requested by martti): Added ipfs to save state tables. Use -D for ipmon.
ipmon: set -D via command_args rather than the default ipmon_flags. resolves [install/15753]
Support alternate config dir for sshd conf file and keys (defaults to "/etc"). Based on [misc/12473] from Jim Bernard.
add a note requesting people edit share/sushi/system/rcconf/form when editing this file to keep it in sync.
ipfs allows state information created for NAT entries and rules using keep state to be locked (modification prevented) and then saved to disk, allowing for the system to experience a reboot, followed by the restoration of that information, resulting in connections not being interrupted. To activate this feature, set ipfs=YES in /etc/rc.conf
minor cosmetic changes (no functional change)
commented out entry for ntpd_chrootdir
Add rc.d support for ifwatchd (used to run ip-up/ip-down scripts for in-kernel pppoe interfaces).
Add moused, default off.
Pull up revision 1.22 (via patch, requested by hubertf): By default issue Router Solicitation requests on all interfaces if someone sets rtsol=YES.
- add "ntpd" user (homedir: /var/chroot/ntpd) and "ntpd" group, for use by future work to support a chroot(8)ed ntpd - move /var/named -> /var/chroot/named for consistency with ntpd
Make rtsol_flags default to -a, to do Router Solicitation on all interfaces when someone sets rtsol=YES. OK'd by Itojun.
language corrections
Add support to down some interfaces before shutting down the system. All pppoe* interfaces are automatically shut down by this script, others may be added to the force_down_interfaces variable in /etc/rc.conf.
Pull up revision 1.2 (requested by he): Remind people to edit /etc/*.conf instead of /etc/defaults/*.conf.
Start "ipmon" with option "D" for daemon mode instead of starting it in a subshell.
change mountd to use its own $mountd variable (instead of $nfs_server). nfsd will complain if mountd isn't set. from [misc/13135] by Johnny C. Lam.
- Implement an optional global watchdog timeout for rc.shutdown, which is enabled by setting $rcshutdown_timeout to a number of seconds to wait for before terminating rc.shutdown. This is disabled by default. - Use symbolic names rather than numbers when defining a trap. - Improve some comments.
sunndd has been renamed to ndbootd.
Added rc.d support for sunndd.
change comment for accouting; /var/account/acct is not needed to be created manually any more
Put `gated' back; we still refer to it.
Remove references to gated, except the conflict check in rc.d/routed. Noted by Launey Thomas <ljt@alum.mit.edu>.
Add defaults for altqd.
commented out entry for named_chrootdir
provide commented-out example for rc_fast_and_loose
Add a default for racoon.
Add /etc/rc.d/poffd, for x68k power management deamon.
Supply enough rope to let the user disable or override all interface up/down magic.
Add startup script for isdnd.
add $ip6sitelocal, to control installation of reject route for fec0::/10.
Remove $amd_master. We now use /etc/amd.conf.
remind people to edit /etc/*.conf instead of /etc/defaults/*.conf
pull up rev 1.1 (approved by thorpej): move default config files from /etc/default -> /etc/defaults, to be consistent with what FreeBSD uses /etc/defaults for, and since SVR4 uses /etc/default for another purpose. as discussed on tech-userlevel, and no objections were made.
file rc.conf was added on branch netbsd-1-5 on 2000-10-02 03:13:04 +0000
move default config files from /etc/default -> /etc/defaults, to be consistent with what FreeBSD uses /etc/defaults for and since SVR4 uses /etc/default for another purpose. as discussed on tech-userlevel, and no objections were made.