summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
2009-07-10Delay creation of tun(4) interfaces until the underlying interface andJason Dixon
routes are available. This fixes usage for some OpenVPN users that start it from hostname.tun*. Tested by Johan Huldtgren. ok sthen@, johan@.
2009-06-30extra spaces found during inspection of other gooTheo de Raadt
2009-06-30Make syslogd create a socket in /var/www/dev when httpd is enabled in orderRobert Nagy
to make logging to syslog work with php for example. ok deraadt@, henning@
2009-06-26the correct *.ipk file has ${OSrev} in itTheo de Raadt
2009-06-24Fix a typogiovanni
"sure" sthen@
2009-06-204.6-BETAMiod Vallat
2009-06-10pf should block the port range allocated by net.inet.tcp.baddynamicIgor Sobrado
for the X protocol instead of port 6000 only; this way pf provides the same protection level to all X servers. ok sthen@; "I am convinced that 6000-6010 is acceptable for blocking in pf" deraadt@, "i'd thought of something similar" oga@
2009-06-09By default, don't accept IPv4 ICMP redirects. This behaviour can beStuart Henderson
changed with a sysctl, so note it in sysctl.conf. v6 needs further testing following discussions on the tech mailing list; rainer@ points out possible interactions with neighbour discovery which need to be investigated first. "go ahead on the v4 part" deraadt@
2009-06-03- regenJasper Lievisse Adriaanse
2009-06-03- add hotplug deviceJasper Lievisse Adriaanse
ok miod@
2009-06-03gak, I loose, backout unintended hitchiker on my last commitTodd T. Fries
2009-06-03syncTodd T. Fries
2009-06-03SyncJanne Johansson
2009-06-03Arla client rename from xfs to nnpfs for later upgrades. Tested on various ↵Janne Johansson
arches. ok todd@ beck@
2009-05-31Make sure xdm is installed before trying to run itAlexander Hall
ok deraadt@
2009-05-31enable pf by default.Henning Brauer
turns bombs into flowers, water into beer and eradicts swine flu
2009-05-31224MB is no longer enough for the full sgi iso, crank to 240MB.Miod Vallat
2009-05-30shorter, ok theoHenning Brauer
2009-05-30we want pass, not pass in, so we get state for all connectionsHenning Brauer
2009-05-30Build IP27 and IP30 kernels on sgi; put then on the cdrom images tooMiod Vallat
(although for now our cd images fail to boot on IP27 and IP30).
2009-05-26Three rdist log file name improvements on one single line:Ingo Schwarze
1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
2009-05-25polish comments, no functional change:Ingo Schwarze
1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
2009-05-24new variable SUIDSKIP to exclude paths from setuid and device checks,Ingo Schwarze
useful for example for release(8) DESTDIRs, ro-mounted foreign OS partitions, nosuid+nodev-mounted backup areas and the like while here, do not call ls w/o args in case find returns nothing based on a patch from halex@, re-implemented by me; variable naming by jmc@ ok halex@ jmc@
2009-05-24Before dd'ing raw partitions around, do stricter sanity checking:Ingo Schwarze
Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
2009-05-24Install root's crontab with gid "crontab" to be consistent with whatAntoine Jacoutot
crontab(1) does. ok miod@
2009-05-23Update `cdroot' disktab entry to match the volume header size we use now,Miod Vallat
and mention this in the Makefile so that this hopefully doesn't get broken next time the size is modified. Repairs install45.iso.
2009-05-21skip the ROOTBACKUP when the destination disk device is not configured;Ingo Schwarze
suggested, tweaked and ok by guenther@
2009-05-20add a group _rwalld tooThordur I. Bjornsson
2009-05-20add _rwalld here tooThordur I. Bjornsson
2009-05-20Do not fall back to using nobody if _user is missing, butThordur I. Bjornsson
error out. Add a new user _rwalld for rpc.rwalld, and use that instead of nobody, also unconditionally drop to _rwalld not only if rpc.rwalld was started with euid 0 (as root). ok deraadt@
2009-05-18handle PATH in the same way as in monthly(8) and weekly(8),Ingo Schwarze
i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
2009-05-18/usr/libexec should not be put into the PATHIngo Schwarze
rely on the PATH set up in the root crontab(5), just like in monthly(8) suggested by ajacoutot@; "i like this" okan@; feedback jmc@ sthen@; "absolutely" deraadt@
2009-05-18support shell globs on ^+ lines in changelist(5)Ingo Schwarze
based on a patch from John Wong, johnw at wonghome dot net, tweaked by me while here, document globbing for normal lines, too "i like that" okan@; feedback and ok jmc@
2009-05-18more precise comment for sensor *; ok henning@ jmc@Kevin Steves
2009-05-17change comment for pool.ntp.org: not fixed to 8 servers and not justKevin Steves
stratum 2. ok henning@
2009-05-17move kern.version and uptime back to the top of the outputIngo Schwarze
by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
2009-05-16fix a couple of obvious echo -> next_part conversions i forgot;Ingo Schwarze
found while investigating an unrelated bug report from John Wong
2009-05-15install wsconsctl.conf on more machinesTheo de Raadt
2009-05-14replace the $OUTPUT idiom by the new next_part function from daily(8)Ingo Schwarze
shortening the script by 100 lines and making it easier to understand no functional change intended feedback and ok sthen@ ajacoutot@ okan@
2009-05-14Rename sgi GENERIC and RAMDISK with -IP32 suffixes, and have the buildMiod Vallat
machinery minimally cope with this. Discussed with and reluctantely accepted by deraadt@; we both dislike losing the ``naturally comes out of your fingers'' kernel names and the ``one size fits all'' logic; but for now I don't see any easy way to get a single kernel binary able to run on multiple IP## flavours.
2009-05-12regenMark Kettenis
2009-05-12Add /dev/ttyV*.Mark Kettenis
2009-05-12Add /var/db/sysmergeAntoine Jacoutot
ok deraadt@
2009-05-11New variable VERBOSESTATUS (=1 by default).Ingo Schwarze
When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
2009-05-10avoid unnecessary changes of the outputIngo Schwarze
in order not to annoy parser scripts and their owners (like henning@)
2009-05-09make weekly and monthly silent by defaultIngo Schwarze
add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
2009-05-09revert previous, requested by kettenis@ and deraadt@Ingo Schwarze
2009-05-09remove the empty script /etc/monthlyIngo Schwarze
in preparation for improvements in /etc/daily and /etc/weekly using feedback and suggestions from jmc@ and sthen@ ok jmc@, and sthen@ agreed with the general direction
2009-05-07vax iso has to become a teeny bit biggerTheo de Raadt
2009-05-06Skip terminal initialization when logging in from an xterm, weTodd C. Miller
can be fairly sure the terminal is already initialized. Avoids a one second pause on login. Requested and OK deraadt@