summaryrefslogtreecommitdiff
path: root/etc/rc
AgeCommit message (Collapse)Author
2015-12-05add rcscript for vmdJasper Lievisse Adriaanse
ok mlarkin@ prompted by deraadt@
2015-12-02Since version 1.467 of /etc/rc, it was no longer possible to addRobert Peichaer
shlib_dirs using /etc/rc.conf.local. Fix from Jan Johansson, thanks. OK krw@, halex@
2015-11-27yppasswd went awayTheo de Raadt
2015-11-10Fix typos in commentsTim van der Molen
2015-11-01A missed backticks to $() conversion.Robert Peichaer
OK krw@
2015-10-18Finish first round of rework of the rc script.Robert Peichaer
OK krw@ halex@
2015-10-18Forcibly delete /var/run/ypbind.lock to prepare for the worst cases.Theo de Raadt
ok aja
2015-10-03Enable eigrpd(8) and eigrpctl(8) in the buildsRenato Westphal
ok deraadt@
2015-09-29Besides the usual style changes:Robert Peichaer
- verify that kbd is executable and kbdtype is not empty - use safer 'print --' to pipe the initial pf ruleset to pfctl - simplify the ipsecctl if-block Feedback and OK halex@ OK krw@
2015-09-13- FOO=bar; export FOO -> export FOO=barRobert Peichaer
- run domainname only with a non-empty /etc/defaultdomain file - Make single-user if-block more intuitive, which also matches better what the comment actually says OK halex@, krw@ on a similar diff
2015-09-13Remove setup_X_sockets():Robert Peichaer
The creation of Unix sockets directories in /tmp for X happens right after pruning /tmp. So the whole dance of checking for their existence, ownership or permissions is not necessary. It's safe to just create them with the right permissions if X is installed. Changes to do_fsck(): Remove the _flags variable and pass flags to fsck directly with "$@". Feedback and OK halex@ OK krw@ on a similar diff
2015-09-12Provide an ftpproxy6 rc script. ftp-proxy can only open one listening socketStuart Henderson
at a time, so a second instance of the daemon is required. OK mikeb stsp ajacoutot
2015-08-28Changes for start_daemon():Robert Peichaer
- use more descriptive variable name Changes for make_keys(): - use variables for file paths - key -> keys in message - take into account the return codes of isakmpd private *and* public key generation OK krw@ halex@
2015-08-22- add usage infoRobert Peichaer
- initialize _ban variable - style OK halex@
2015-08-22Restore previous behaviour for wsconsctl_conf().Robert Peichaer
In wsconsctl.conf configuration variables can contain doublequotes which are removed by the shell if wsconsctl is used interactively. In scripts, without using eval, these doublequotes are preserved and the wsconsctl command complains about "illegal character in input". Found by and OK jmc@ With feedback from and OK krw@, halex@
2015-08-13Changes to sysctl_conf(), mixerctl_conf() and wsconsctl_conf():Robert Peichaer
- no need to check for non-empty *.conf files, stripcom handles that now - pipe stripcom output directly to while-read-loop - quote the argument to the *ctl commands - no need to double shutup mixerctl, -q already means quiet OK krw@, halex@
2015-08-12Start the rework of the /etc/rc shell script.Robert Peichaer
General changes: - apply a similar 'style' as used in the installer scripts - improve comments to be more to the point, remove where code is obvious - document usage of functions if they have arguments - rename variables where it improves readability - replace really old-school shell code with more contemporary idioms Changes to stripcom(): - skip empty files (eleminates tests for this before calling stripcom) - remove {} around the while-loop, feed file directly - instead of continue if empty and then print, print only if non-empty - use the safer "print -r --" instead of plain "echo" - quote "$_line" on output to prevent globbing Changes to update_limit(): - use {,-cur,-max} instead of "" -cur -max - eleminate if-block with reverse test and continue OK halex@ krw@
2015-08-03Place etc/defaults/radiusd.conf and etc/rc.d/radiusd. Modify etc/rcYASUOKA Masahiko
to hook the rc script and modify etc/rc.conf to make it disable by default. Also add an entry for /etc/radiusd.conf to etc/changelist and etc/mtree/special. ok deraadt
2015-07-20Disable Strict Bourne shell mode for /etc/rc and /etc/netstart to beRobert Peichaer
able to use ksh syntax within these scripts. This way init doesn't need to be changed, which starts /etc/rc using /bin/sh and people can still use "sh /etc/netstart ifname". Idea from and OK halex@ OK deraadt@ krw@ guenther@
2015-07-19Replace test command with [].Robert Peichaer
OK halex@ krw@
2015-07-18Put the opening curley brackets on the same line as the function name.Robert Peichaer
OK krw@ halex@
2015-07-18- remove trailing blanks introduced in previous commitRobert Peichaer
- no space in redirections like </foo or >$bar - few other minor whitespaces OK krw@
2015-07-18Improve commentsRobert Peichaer
- Add comments for functions - Start comments with capital letters - End comments with a full stop - Allow comments to extend up to column 80 OK krw@
2015-05-02Drop pf_rules and ipsec_rules from rc.conf(5); it shouldn't have been madeAntoine Jacoutot
tweakable: there's no real point and these files support the 'include' option so one can always get its config from whatever path... especially useful when testing a new ruleset. man page inputs from schwarze@ ok halex@ schwarze@ rpe@ deraadt@
2015-03-11'rc.firstime' -> 'rc.firsttime' in comment.Kenneth R Westerback
Diff from Navan Carson via tech@
2015-01-22Use /etc/services names in all the default pf rules (most alreadyKenneth R Westerback
did). This allows any local changes to /etc/services to be effective if all you have is the default. Issue pointed out by Brian S. Vangsgaard on bugs@. Thanks! ok phessler@ deraadt@
2014-12-03Unhook rtsol(8) and rtsold(8) from the build.Florian Obser
OK deraadt@
2014-11-30Fix comment: We don't use RC4 anymore, it's better to be moreDavid Coppa
generic. ok miod@
2014-11-17Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in theTheo de Raadt
often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation. Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something. done with rpe ok many
2014-11-05When clearing /tmp, use "-maxdepth -1" instead of "-type d -prune".Todd C. Miller
This is easier to understand and fixes a bug where the "-type d -prune" was misplaced as noticed by pirofti@. OK deraadt@
2014-09-15Remove sendmail tentacles. ok krw@ ajacoutot@Matthieu Herrb
2014-08-26usr.sbinRobert Nagy
2014-08-22disable use of bind in base; in the base use nsd/unbound instead.Theo de Raadt
a proper & complete bind port will show up. discussed with many for years
2014-08-17Execute /etc/netstart using sh(1) instead of sourcing it.Antoine Jacoutot
Committing early to make sure we have time to fix any side-effect. ok deraadt@
2014-08-04enable httpd; ok deraadt@Christian Weisgerber
2014-07-19Print a warning message if the files with the random seed are notAlexander Bluhm
writeable during shutdown. This prevents ugly error messages when the machine is rebooted from singe-user without mounting the file systems read-write. suggested by deraadt@
2014-07-18ugly ugly whitespaceTheo de Raadt
2014-07-17sh netstart, instead of using .Theo de Raadt
We don't want any of the variables created inside netstart to infect the rc script. ok claudio sthen aja
2014-07-14quiet /etc/rc.shutdown, it may not exist.Antoine Jacoutot
ok deraadt@
2014-07-14This isn't C.Antoine Jacoutot
2014-07-14Only set kern.securelevel=1 if it was not lowered nor bumped byAntoine Jacoutot
rc.securelevel, with deraadt@
2014-07-14rc.{local,securelevel,shutdown} become examples. If versions of themTheo de Raadt
are created in /etc, they are executed (they used to be sourced) to avoid polluting the rc variable space. The powerdown= and securelevel= features are removed; they are likely only used by 2 people. the secureleve is now always raised; this is the only sensible default. ok ajacoutot
2014-07-14check for existance of rc.shutdown, before sourcing itTheo de Raadt
2014-07-13rc bits for iscsid. Start iscsid as early as possible. Use the new -NClaudio Jeker
flag for fsck and mount to check and mount the iscsi file systems (marked with option net) right after the mount -a. "Get it in" deraadt@ rpe@ is OK with this going in but it may need further changes
2014-07-12Make rc.conf a parsed configuration file and stop sourcing it as a shellRobert Nagy
script. From now on rc.conf has a fixed syntax (key=val) and it is not allowed to add anything to it besides the supported syntax, it all going to be ignored. discussed with and help from deraadt@ and halex@
2014-04-25Redirecting stderr to /dev/null suppresses all errors. Instead useAlexander Bluhm
the new status=none feature to make dd quiet. OK halex@
2014-04-24rm rwhod tentaclesTed Unangst
2014-04-23Remove krb5 bits from rc(8).Antoine Jacoutot
ok reyk@
2014-04-19use "!received-on any" to absolutely ensure that we're not forwardingHenning Brauer
carp, rpc or nfs traffic in the initial ruleset active during network startup for a short time (or a much longer time if /etc/pf.conf is screwed up). ok phessler
2014-03-15Enable Unbound in base, ok deraadt@Stuart Henderson