| Age | Commit message (Collapse) | Author |
|---|
|
tweak from deraadt@
ok martijn@ tb@
|
|
ok tb@ (who had the same diff) & deraadt@
|
|
|
|
|
|
okay millert@, tb@
|
|
|
|
compute, based upon flags. OpenBGPD compatible format by default if
no options, to integrate with bgpd.conf and bgpctl reload. Adapt
mtree and stuff. This will receive further refactoring...
ok benno job
|
|
rpki-client(8) can deal with it (some upcoming changes...)
|
|
OK otto
|
|
these are public files.
Agreed by deraadt@ (and florian@)
|
|
such a circumstance ever occurs.
ok job
|
|
ok kettenis
|
|
Note that unwind(8) works without a config file in many (most?) cases.
This provides an example on how to use the captive portal detection
feature.
Input benno
Input & OK sthen
|
|
|
|
agreement url in here we no longer need to updated it all the time.
OK deraadt
|
|
ok florian@
|
|
Unhook rtadvd from build.
OK deraadt, phessler
|
|
|
|
|
|
one location under /usr/share/relink.
Be more specific in src/etc/rc reorder_libs() what filesystems
need r/w remount and ensure that their mount state is restored.
Idea and positive feedback from deraadt@
OK aja@ tb@
|
|
makegap.sh
ok tb
|
|
/usr/share/ so that next boot will find it and perhaps use it.
ok tb rpe
|
|
This contains the relevant pieces from all the GENERIC* compile directories
(*.o ld.script Makefile gap.S). It also includes the machine/ subdir for
now, to support re-randomizing of gap.S, though other methods are being
investigated. (Any binutils ld.script hackers out there?)
collaboration with rpe
|
|
okay millert@ deraadt@
|
|
$RELEASEDIR
ok tb rpe
|
|
OK phessler, deraadt
|
|
okay tb@
|
|
ok deraadt@
|
|
a single configuration file for the OpenBSD repository location.
The pkg_* tools now use installurl(5) to find the package repository.
NOTE:
/etc/installurl only contains a single URL pointing to a mirror.
Use the PKG_PATH environment variable to specify more than one
package repository.
prodded by and OK deraadt@ aja@
|
|
Do it now deraadt@
|
|
/root/.ssh/authorized_keys file with correct permissions (0600 for the
file, 0700 for /root/.ssh dir). Since we encourage administrators to use
public keys only if they want to access root account via ssh, might
aswell make it easier, this will be particularly useful in
managed/provisioned environments (think ansible & others).
Note that administrators might get an e-mail from security(8) if the
file suddenly appears after an update - this is of course expected :)
ok tb@ sthen@ rpe@ ajacoutot@
|
|
OK tb@
|
|
|
|
right before building kernels. This should unbreak 'make release' for
people having this setting.
ok deraadt
|
|
help, testing & ok rpe
|
|
to /usr/src or /usr/xenocara.
Change /usr/{,x}obj to owner build:wobj with mode 770 and install the
systemwide makefiles before starting a build. The root of the noperm fs
containing DESTDIR should also be owned by build:wobj.
Developers will need to add their users to group wobj to be able to write
to /usr/{,x}obj/.
"push forward" deraadt; testing, input & ok rpe
|
|
The installer will create these directories during install.
So local setups will not get overwritten during upgrades.
idea from and OK deraadt@
with help from and OK tb@
feedback from and no objections halex@
|
|
and de-escalate to $BUILDUSER.
Much help from natano and tb.
|
|
filesystem permissions are required.
requested by deraadt
|
|
down and enforce reasonable permissions for RELEASEDIR.
prodded by and ok deraadt
ok tb
|
|
OK deraadt@
|
|
of the target to the message to be more descriptive.
ok deraadt tb
|
|
when the source tree is not owned by ${BUILDUSER}.
ok deraadt
|
|
ok natano
|
|
- If you start make build as root, everything will be run as root.
Nothing new here. New is, that you can set BUILDUSER=somebody and the
unprived parts will be run as somebody.
- If you start make build with sudo, the unprived parts will be run as
the real user (meaning YOU). You can still set BUILDUSER=somebody and
the uprived parts will run as somebody.
- If you start make build as a normal user it will error out. "I'm sorry
Dave."
Note that DESTDIR must be on partition with the noperm flag set for make
release to work correctly as an unprivileged user.
idea and ok deraadt
input and ok tb ratchov millert
rpe, halex and probably others where part of the conversation to make
this happen, thanks!
|
|
align everyone who is using SUDO builds towards the new strategy.
ok natano
|
|
|
|
it can be worked on in the tree).
ok florian@ deraadt@
|
|
from rpe
|
|
should be owned by root.
ok deraadt
|
