summaryrefslogtreecommitdiff
path: root/etc/etc.amd64
AgeCommit message (Collapse)Author
2021-02-12syncJonathan Gray
2021-02-12create /dev/ drm nodes with the same names as linuxJonathan Gray
This was proposed by Emil Velikov to simplify libdrm and will remove the need for some patches in ports. /dev/drm0 -> /dev/dri/card0 /dev/drmR128 -> /dev/dri/renderD128 The previous names will remain for a period of time and will later be removed. Major and minor numbers remain the same. libdrm will not be changed to use the new names until known privsep and sandbox use has been updated to allow the new names. ok deraadt@
2021-01-23syncTheo de Raadt
2021-01-23introduce ujoy(4), a restricted subset of uhid(4) for gamecontrollers.thfr
This includes ujoy_hid_is_collection() to work around limitations of hid_is_collection() until this can be combined without fallout. input, testing with 8bitdo controller, and ok brynet@ PS4 controller testing, fix for hid_is_collection, and ok mglocker@
2021-01-08Bump default datasize-max and datasize-cur since clang now seems toChristian Weisgerber
require more than 768M to build itself.
2021-01-07add a xenodm login class and bump openfiles to 512 to avoid running outRobert Nagy
of file descriptors while running a busy desktop the xenodm login class expands the records from the daemon login class ok aja@, deraadt@, kettenis@, sthen@
2020-09-15grow amd64 ramdisk_cd.......Theo de Raadt
2020-08-03grow to cope with clang10Theo de Raadt
2020-07-06regen after kstat additionDavid Gwynne
2020-07-06wire up kstat(4).David Gwynne
it's only accessible to root:wheel. ok deraadt@
2020-06-23bump pbuild datasize limit to 8G to allow Firefox to build with Rust 1.44Christian Weisgerber
ok deraadt@
2020-06-08growthTheo de Raadt
2020-05-23Remove useless line from daemon class in login.confDaniel Jakots
We used to have different numbers of blowfish rounds between the default and daemon classes in login.conf. On Jun 26, 2016, tedu committed "upgrade selected login.conf to use auto rounds for bcrypt" for amd64, sparc64, i386, and maccpc. Since the class daemon inherits from the default class, the :localcipher=blowfish,a:\ is a duplicate. ok millert@ deraadt@ sthen@
2020-05-17Change install images called *.fs to *.img. These are UFS filesystem images,Theo de Raadt
but additionally have a bootblock in the first 8K (since UFS does not use that space). There are some UEFI direct-from-internet bootloaders that require the name *.img. So this makes things more convenient for those, while keeping it consistant in all architectures. ok kettenis beck kn
2020-04-24Bump audio devices count to 4Alexandre Ratchov
ok deraadt
2020-04-18regenAlexandre Ratchov
2020-03-11Bump the pbuild data size limit to 7G; Firefox 74 no longer builds in 6G.Christian Weisgerber
ok deraadt@
2020-01-23regen after adding pppacDavid Gwynne
2020-01-23wire up pppac(4).David Gwynne
with help from claudio@
2020-01-21regenMartin Pieuchot
2020-01-21Add /dev/dtMartin Pieuchot
2019-12-17syncReyk Floeter
2019-12-17Add fido(4), a HID driver for FIDO/U2F security keysReyk Floeter
While FIDO/U2F keys were already supported by the generic uhid(4) driver, this driver adds the first step to tighten the security of FIDO/U2F access. Specifically, users don't need read/write access to all USB/HID devices anymore and the driver also improves integration with pledge(2) and unveil(2): It is pledge-friendly because it doesn't require any ioctls to discover the device and unveil-friendly because it uses a single /dev/fido/* directory for its device nodes. It also allows to support FIDO/U2F in firefox without further weakening the "sandbox" of the browser. Firefox does not have a proper privsep design and many operations, such as U2F access, are handled directly by the main process. This means that the browser's "fat" main process needs direct read/write access to all USB HID devices, at least on other operating systems. With fido(4) we can support security keys in Firefox under OpenBSD without such a compromise. With this change, libfido2 stops using the ioctl to query the device vendor/product and just assumes "OpenBSD" "fido(4)" instead. The ioctl is still supported but there was no benefit in obtaining the vendor product or name; it also allows to use libfido2 under pledge. With feedback from deraadt@ and many others OK kettenis@ djm@ and jmc@ for the manpage bits
2019-12-14syncTheo de Raadt
2019-12-13syncTheo de Raadt
2019-12-13gpr(4) goes awayTheo de Raadt
2019-11-15grow an install mediaTheo de Raadt
2019-11-05Add a default priority of 5 for user _pbuild, this should help keeping systemsolene
responsive during packages compilation, especially on slower machines. feedback welcome from people building ports discussed with deraadt@
2019-09-18Add explanation about the default value of sysctl keysolene
machdep.pwraction ok jmc millert
2019-09-15Add ttyC4 to lost of devices to change when logging in on ttyC0 (and inMark Kettenis
some cases also the serial console) such that X can use it as its VT when running without root privileges. ok jsg@, matthieu@
2019-08-19The piggies have outgrown their pen again: Firefox 69 will no longerChristian Weisgerber
build in 5 GB of memory. Bump default datasize for pbuild to 6 GB. ok landry@ ajacoutot@
2019-06-11regenJoshua Stein
2019-06-02spelling/grammar fixes; from larry hynesJason McIntyre
2019-05-12Add first drm render node to list of devices to change when logging inJonathan Gray
on ttyC0. While here add drm0 to loongson and add the complete set of wscons and drm devices to arm64. ok kettenis@
2019-05-02pbuild class: bump datasize and maxproc; these should be sufficient forAntoine Jacoutot
running a ports bulk without bumping anything else (matches what's on amd64.ports and exopi) ok sthen@ phessler@ espie@ naddy@
2019-04-14syncJonathan Gray
2019-03-05install*.{fs,iso} get larger due to clang library changesTheo de Raadt
2019-02-05sets grew a little, install*.* need to alsoTheo de Raadt
2019-01-19document pwraction in the example fileTed Unangst
2018-08-31syncJoshua Stein
2018-08-19syncanton
2018-08-19Add kcov(4), a kernel code coverage tracing driver. It's used in conjunctionanton
with the syzkaller kernel fuzzer. So far, 8 distinct panics have been found and fixed. This effort will continue. kcov is limited to architectures using Clang as their default compiler and is not enabled by default. With help from mpi@, thanks! ok kettenis@ mpi@ visa@
2018-07-28syncAlexandre Ratchov
2017-11-14syncChristian Weisgerber
2017-10-16syncChristian Weisgerber
2017-07-21syncMike Belopuhov
2017-07-08Increase size to make slaacd fit.Florian Obser
Size problem noted by me, correct fix from deraadt@
2017-06-13The KARL compile.tgz linkkit adds some growth to the base set.Theo de Raadt
Prepare the install*.fs files for this growth.
2017-04-04cp -p the bootblocks to RELEASEDIR; ok tbTheo de Raadt
2017-03-02Add a new sysctl machdep.lidaction. The sysctl works as follows:Martin Natano
machdep.lidaction=0 # do nothing machdep.lidaction=1 # suspend machdep.lidaction=2 # hibernate lidsuspend is just an alias for lidaction, so if you change one, the other one will have the same value. The plan is to remove machdep.lidsuspend eventually when people have upgraded their /ets/sysctl.conf. discussed with deraadt, who came up with the new MIB name no objections mlarkin ok stsp halex jcs