![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / etc / rc.d
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.15 / (download) - annotate - [select for diffs], Tue Sep 8 12:52:18 2020 UTC (2 years, 9 months ago) by martin
Branch: MAIN
CVS Tags: netbsd-10-base,
netbsd-10,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
HEAD
Changes since 1.14: +2 -2
lines
Diff to previous 1.14 (colored)
Rename MOUNTCRITLOCAL to CRITLOCALMOUNTED to avoid a name collision on case insensitive file systems
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 22 16:50:41 2020 UTC (2 years, 10 months ago) by martin
Branch: MAIN
Changes since 1.13: +2 -2
lines
Diff to previous 1.13 (colored)
Split the local disk availability step into two phases to allow scripts that pre-populate parts of the system (e.g. a tmpfs based /var) an easy place to plug in like: # REQUIRE: mountcritlocal # BEFORE: MOUNTCRITLOCAL This also cleans up the existing special handling a bit by separating it into new scripts. All later scripts now depend on MOUNTCRITLOCAL. Discussed on tech-userlevel some time ago.
Revision 1.13 / (download) - annotate - [select for diffs], Thu May 7 20:01:04 2020 UTC (3 years, 1 month ago) by riastradh
Branch: MAIN
Changes since 1.12: +3 -2
lines
Diff to previous 1.12 (colored)
If no random seed file exists on boot, create one. rndctl -S triggers entropy consolidation, so whatever we gathered during kernel startup -- interrupt timings, autoconf timings, &c. -- will be incorporated into the seed and into subsequent data read from /dev/urandom, just like if rndctl -L had run at this boot, and the seed will carry them into the next boot too. But it still avoids frequently consolidating entropy on any regular schedule, in order to continue to mitigate iterative-guessing attacks.
Revision 1.12 / (download) - annotate - [select for diffs], Thu May 7 20:00:38 2020 UTC (3 years, 1 month ago) by riastradh
Branch: MAIN
Changes since 1.11: +2 -2
lines
Diff to previous 1.11 (colored)
Omit needless verbiage in error message.
Revision 1.11 / (download) - annotate - [select for diffs], Thu May 7 18:15:29 2020 UTC (3 years, 1 month ago) by riastradh
Branch: MAIN
Changes since 1.10: +3 -2
lines
Diff to previous 1.10 (colored)
Pass full pathname to df, and print warning message on failure. No need to extract dirname; `df -P /var/db/entropy-file' and `df -l /var/db/entropy-file' work just fine.
Revision 1.10 / (download) - annotate - [select for diffs], Wed May 6 18:49:26 2020 UTC (3 years, 1 month ago) by riastradh
Branch: MAIN
Changes since 1.9: +22 -30
lines
Diff to previous 1.9 (colored)
Tweak logic to decide whether a medium is safe for an rndseed. - Teach rndctl to load the seed, but treat it as zero entropy, if the medium is read-only or if the update fails. - Teach rndctl to accept `-i' flag instructing it to ignore the entropy estimate in the seed. - Teach /etc/rc.d/random_seed to: (a) assume nonlocal file systems are unsafe, and use -i, but (b) assume / is safe, even if it is nonlocal. If the medium is nonwritable, leave it to rndctl to detect that. (Could use statvfs and check for ST_LOCAL in rndctl, I guess, but I already implemented it this way.) Treating nonlocal / as safe is a compromise: it's up to the operator to secure the network for (e.g.) nfs mounts, but that's true whether we're talking entropy or not -- if the adversary has access to the network that you've mounted / from, they can do a lot more damage anyway; this reduces warning fatigue for diskless systems, e.g. test racks.
Revision 1.7.26.2 / (download) - annotate - [select for diffs], Sat May 2 16:24:11 2020 UTC (3 years, 1 month ago) by martin
Branch: netbsd-9
CVS Tags: netbsd-9-3-RELEASE,
netbsd-9-2-RELEASE,
netbsd-9-1-RELEASE
Changes since 1.7.26.1: +1 -3
lines
Diff to previous 1.7.26.1 (colored) to branchpoint 1.7 (colored) next main 1.8 (colored)
Pull up following revision(s) (requested by riastradh in ticket #882): etc/rc.d/random_seed: revision 1.9 Don't delete the random seed before issuing `rndctl -S'. `rndctl -S' can replace the file just fine, and deleting it ahead of time adds a window during which we can lose the seed altogether if the system is interrupted by a crash or power outage. XXX pullup
Revision 1.9 / (download) - annotate - [select for diffs], Fri May 1 15:52:38 2020 UTC (3 years, 1 month ago) by riastradh
Branch: MAIN
Changes since 1.8: +1 -3
lines
Diff to previous 1.8 (colored)
Don't delete the random seed before issuing `rndctl -S'. `rndctl -S' can replace the file just fine, and deleting it ahead of time adds a window during which we can lose the seed altogether if the system is interrupted by a crash or power outage. XXX pullup
Revision 1.7.24.1 / (download) - annotate - [select for diffs], Wed Apr 8 14:03:58 2020 UTC (3 years, 2 months ago) by martin
Branch: phil-wifi
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
Merge changes from current as of 20200406
Revision 1.7.26.1 / (download) - annotate - [select for diffs], Sun Mar 1 11:53:09 2020 UTC (3 years, 3 months ago) by martin
Branch: netbsd-9
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
Pull up following revision(s) (requested by riastradh in ticket #743): etc/rc.d/random_seed: revision 1.8 Allow random seed on zfs.
Revision 1.8 / (download) - annotate - [select for diffs], Sun Feb 23 08:53:14 2020 UTC (3 years, 3 months ago) by riastradh
Branch: MAIN
CVS Tags: phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
is-mlppp-base,
is-mlppp
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
Allow random seed on zfs.
Revision 1.2.2.3 / (download) - annotate - [select for diffs], Tue Aug 19 23:45:51 2014 UTC (8 years, 9 months ago) by tls
Branch: tls-maxphys
Changes since 1.2.2.2: +3 -3
lines
Diff to previous 1.2.2.2 (colored) to branchpoint 1.2 (colored) next main 1.3 (colored)
Rebase to HEAD as of a few days ago.
Revision 1.6.8.1 / (download) - annotate - [select for diffs], Sun Aug 10 06:49:24 2014 UTC (8 years, 10 months ago) by tls
Branch: tls-earlyentropy
Changes since 1.6: +3 -3
lines
Diff to previous 1.6 (colored) next main 1.7 (colored)
Rebase.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jul 22 17:11:09 2014 UTC (8 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: tls-maxphys-base,
tls-earlyentropy-base,
prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
phil-wifi-base,
phil-wifi-20191119,
phil-wifi-20190609,
pgoyette-localcount-base,
pgoyette-localcount-20170426,
pgoyette-localcount-20170320,
pgoyette-localcount-20170107,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
pgoyette-localcount,
pgoyette-compat-merge-20190127,
pgoyette-compat-base,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
pgoyette-compat,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
netbsd-9-base,
netbsd-9-0-RELEASE,
netbsd-9-0-RC2,
netbsd-9-0-RC1,
netbsd-8-base,
netbsd-8-2-RELEASE,
netbsd-8-1-RELEASE,
netbsd-8-1-RC1,
netbsd-8-0-RELEASE,
netbsd-8-0-RC2,
netbsd-8-0-RC1,
netbsd-8,
netbsd-7-nhusb-base-20170116,
netbsd-7-nhusb-base,
netbsd-7-nhusb,
netbsd-7-base,
netbsd-7-2-RELEASE,
netbsd-7-1-RELEASE,
netbsd-7-1-RC2,
netbsd-7-1-RC1,
netbsd-7-1-2-RELEASE,
netbsd-7-1-1-RELEASE,
netbsd-7-1,
netbsd-7-0-RELEASE,
netbsd-7-0-RC3,
netbsd-7-0-RC2,
netbsd-7-0-RC1,
netbsd-7-0-2-RELEASE,
netbsd-7-0-1-RELEASE,
netbsd-7-0,
netbsd-7,
matt-nb8-mediatek-base,
matt-nb8-mediatek,
localcount-20160914,
bouyer-socketcan-base1,
bouyer-socketcan-base,
bouyer-socketcan
Branch point for: phil-wifi,
netbsd-9
Changes since 1.6: +3 -3
lines
Diff to previous 1.6 (colored)
'file system' for consistency with documentation (instead of 'filesystem').
Revision 1.2.2.2 / (download) - annotate - [select for diffs], Mon Feb 25 00:24:52 2013 UTC (10 years, 3 months ago) by tls
Branch: tls-maxphys
Changes since 1.2.2.1: +56 -43
lines
Diff to previous 1.2.2.1 (colored) to branchpoint 1.2 (colored)
resync with head
Revision 1.1.4.5 / (download) - annotate - [select for diffs], Wed Jan 23 00:04:31 2013 UTC (10 years, 4 months ago) by yamt
Branch: yamt-pagecache
CVS Tags: yamt-pagecache-tag8
Changes since 1.1.4.4: +56 -43
lines
Diff to previous 1.1.4.4 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)
sync with head
Revision 1.1.4.4 / (download) - annotate - [select for diffs], Wed Jan 16 05:26:14 2013 UTC (10 years, 4 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.1.4.3: +8 -1
lines
Diff to previous 1.1.4.3 (colored) to branchpoint 1.1 (colored)
sync with (a bit old) head
Revision 1.6 / (download) - annotate - [select for diffs], Sat Dec 29 22:15:07 2012 UTC (10 years, 5 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
yamt-pagecache-base8,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2,
khorben-n900,
agc-symver-base,
agc-symver
Branch point for: tls-earlyentropy
Changes since 1.5: +52 -45
lines
Diff to previous 1.5 (colored)
better messages, more quoting.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Dec 17 18:20:50 2012 UTC (10 years, 5 months ago) by apb
Branch: MAIN
Changes since 1.4: +3 -3
lines
Diff to previous 1.4 (colored)
Reinstate the dirname invocations that were recently removed from rc.d/random_seed. The new dirname shell function provided by rc.subr will be used, so it should work before the /usr file system is mounted. This should fix a problem in which the fs_safe shell function failed when passed the name of a file that did not exist.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Dec 14 18:42:25 2012 UTC (10 years, 5 months ago) by apb
Branch: MAIN
Changes since 1.3: +16 -10
lines
Diff to previous 1.3 (colored)
Avoid using programs from /usr/bin. This should fix PR 47326. - no need for "dirname", because "df -G" can take a file name directly. - replace use of "awk" with a shell while read loop. - replace use of "stat -s" with "ls -ldn". - no need for "tail" now that the use of "stat" has changed. While here, also add some shell quotes and improve the grammar in a comment.
Revision 1.2.2.1 / (download) - annotate - [select for diffs], Tue Nov 20 02:57:56 2012 UTC (10 years, 6 months ago) by tls
Branch: tls-maxphys
Changes since 1.2: +8 -1
lines
Diff to previous 1.2 (colored)
Resync to 2012-11-19 00:00:00 UTC
Revision 1.3 / (download) - annotate - [select for diffs], Sat Nov 10 15:10:22 2012 UTC (10 years, 7 months ago) by apb
Branch: MAIN
CVS Tags: yamt-pagecache-base7
Changes since 1.2: +8 -1
lines
Diff to previous 1.2 (colored)
Cause /etc/rc.d/random_seed to be the first script to run after mountcritlocal. Everything else that runs after mountcritlocal depends directly or indirectly on bootconf, so making random_seed run before bootconf has the desired result.
Revision 1.1.4.3 / (download) - annotate - [select for diffs], Tue Oct 30 18:49:10 2012 UTC (10 years, 7 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.1.4.2: +2 -2
lines
Diff to previous 1.1.4.2 (colored) to branchpoint 1.1 (colored)
sync with head
Revision 1.2 / (download) - annotate - [select for diffs], Sun Jul 8 14:25:49 2012 UTC (10 years, 11 months ago) by hans
Branch: MAIN
CVS Tags: yamt-pagecache-base6
Branch point for: tls-maxphys
Changes since 1.1: +2 -2
lines
Diff to previous 1.1 (colored)
It's msdos, not msdosfs.
Revision 1.1.4.2 / (download) - annotate - [select for diffs], Tue Apr 17 00:02:59 2012 UTC (11 years, 1 month ago) by yamt
Branch: yamt-pagecache
Changes since 1.1.4.1: +91 -0
lines
Diff to previous 1.1.4.1 (colored) to branchpoint 1.1 (colored)
sync with head
Revision 1.1.4.1, Wed Nov 23 10:47:48 2011 UTC (11 years, 6 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.1: +0 -91
lines
FILE REMOVED
file random_seed was added on branch yamt-pagecache on 2012-04-17 00:02:59 +0000
Revision 1.1 / (download) - annotate - [select for diffs], Wed Nov 23 10:47:48 2011 UTC (11 years, 6 months ago) by tls
Branch: MAIN
CVS Tags: yamt-pagecache-base5,
yamt-pagecache-base4,
netbsd-6-base,
netbsd-6-1-RELEASE,
netbsd-6-1-RC4,
netbsd-6-1-RC3,
netbsd-6-1-RC2,
netbsd-6-1-RC1,
netbsd-6-1-5-RELEASE,
netbsd-6-1-4-RELEASE,
netbsd-6-1-3-RELEASE,
netbsd-6-1-2-RELEASE,
netbsd-6-1-1-RELEASE,
netbsd-6-1,
netbsd-6-0-RELEASE,
netbsd-6-0-RC2,
netbsd-6-0-RC1,
netbsd-6-0-6-RELEASE,
netbsd-6-0-5-RELEASE,
netbsd-6-0-4-RELEASE,
netbsd-6-0-3-RELEASE,
netbsd-6-0-2-RELEASE,
netbsd-6-0-1-RELEASE,
netbsd-6-0,
netbsd-6,
matt-nb6-plus-nbase,
matt-nb6-plus-base,
matt-nb6-plus
Branch point for: yamt-pagecache
Load entropy at system boot (only works at securelevel < 1); save at system shutdown. Disable with random_seed=NO in rc.conf if desired. Goes to some trouble to never load or save to network filesystems. Entropy should really be loaded by the boot loader but I am still sorting out how to pass it to the kernel.