summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
2011-01-10talk to /dev/arandom as a single read or write.Theo de Raadt
in particular a single write will result in a single re-key event, rather than 64 writes causing 64 re-keys -- wasting the kernel's time. ok guenther
2011-01-05Put the "su -c ..." command into an rcexec variable so that we canAntoine Jacoutot
easily use it in rc scripts instead of copying/pasting the same huge command lines everywhere. ok robert@ sthen@
2011-01-04Check for a login class that match the rc script name and if we find oneAntoine Jacoutot
let's use it. If not, then fall back to using daemon. While here, do some reordering. "I like this" sthen@, ok robert@
2010-12-30Start shipping bsd.mp for hppa; ok miodTheo de Raadt
2010-12-29After the recent changes, there is no need for an rc_conf function.Antoine Jacoutot
As schwarze@ also stated, this will prevent anyone from calling it (which would be an error) and makes it clearer that rc.subr is not just a functions container. No functionnal change, unless you were calling rc_conf from an rc script which would have been wrong anyway. ok schwarze@ robert@
2010-12-28- add /usr/lib/pkgconfig/Jasper Lievisse Adriaanse
2010-12-27There is no point in calling rc_conf manually from each and every rcAntoine Jacoutot
script; instead, rc.subr can call rc_conf itself right after reading in rc.conf. from schwarze@ (committing on his behalf) ok robert@
2010-12-24Fix a flaw in the rc.subr framework reported by stephan@ whereAntoine Jacoutot
local_rcconf would get overwritten by flags from the rc script itself. Based on an original idea and diff from robert@, create an rc_conf function that we add in the rc_script after the defaults daemon* variables. This way we can use defaults variables names in other part of the script (when defining a specific pexp for instance). While here, simplify setting up the default daemon variables so that we don't need to do any substitution in rc_start. rc scripts must include daemon variables before calling rc_conf. All other locally modified variables (pexp, rc_reload, local additions...) must come after. feedback from and works for sthen@ ok robert@
2010-12-22Consistantly use /dev/arandom for feeding entropy to the kernel.Theo de Raadt
ok kjell otto miod
2010-12-17allow default blowfish rounds to be tweakable by arch, no behavioral changeTed Unangst
ok deraadt
2010-12-16Add IANA officially assigned numbers for zabbix.Antoine Jacoutot
ok sthen@ deraadt@
2010-12-13Prefer '-l' over '-' which is deprecated.Antoine Jacoutot
Also noticed and agreed by eric@ ok robert@
2010-12-13simulate a full login with su, now that the environment is fine afterRobert Nagy
the last su(1) commit
2010-12-13Only run tset for interactive shells. OK robert@Todd C. Miller
2010-12-11Make it possible to mark an rc action as unsupported by setting theAntoine Jacoutot
corresponding variable to NO. e.g. rc_reload=NO This will save us the trouble of copying the same rc_reload() function (or others) all over the tree. ok robert@
2010-12-11Sanitise daemon_flags: remove multiple whitespaces from _rcflags.Antoine Jacoutot
requested by okan@, ok robert@
2010-12-11Do not overwrite the settings in the rc scripts itself, so use the sameRobert Nagy
method to handle _class, _user and _shell as we do for _flags. discussed with and ok ajacoutot@
2010-12-10Add support for setting _user _class and _shell for a specific daemon,Robert Nagy
and use su to start the daemons. By default if there is no class defined, daemon will be used. For a shell it defaults to /bin/sh.
2010-12-02The awk's split() starts numbering array indices at 1 not 0.Todd C. Miller
2010-11-28Update example filterset to include a basic IPv6 filterset.Claudio Jeker
While there extend the current IPv4 filterset. OK sthen@, henning@
2010-11-26better line for net.inet.carp.log reflecing current reality;Otto Moerbeek
ok mcbride@ claudio@ henning@
2010-11-26Do like in rc.local and print the daemon name before running rc_stop.Antoine Jacoutot
ok robert@
2010-11-19regenMiod Vallat
2010-11-19Sync MAKEDEV against conf.c, and both against GENERIC.Miod Vallat
2010-11-17Consistency and remove the >50 spaces after 'do'...Antoine Jacoutot
ok robert@
2010-11-11Add libXi doc dirMatthieu Herrb
2010-11-08Don't print 'Null message body; hope that's ok' in the rc output if theAntoine Jacoutot
call to rc.firstime doesn't output anything to mail(1). ok deraadt@ halex@
2010-11-05Print the daemon name _before_ starting the corresponding rc script.Antoine Jacoutot
"makes sense" schwarze@, ok robert@
2010-11-02delete excessive ; useTheo de Raadt
2010-11-01New doc directories for updated libs. remained by naddy@. thanks.Matthieu Herrb
2010-10-28remove my debug printfRobert Nagy
2010-10-28After discussing with Ingo and Antoine we decided to renameRobert Nagy
files to not include -. This way we can easily overwrite daemon flags from rc.conf.local.
2010-10-28add $Robert Nagy
2010-10-27let the readmes directory be standardMarc Espie
2010-10-27Protect variable names, to be consistent with rc(8).Antoine Jacoutot
ok robert@
2010-10-27Remove 'status', because 'check' is what is used internally and we don'tRobert Nagy
need two functions doing the same thing, and also allow check to run as non-root.
2010-10-27Missing redirection to /dev/null in rc_startRobert Nagy
2010-10-27quote $local_rcconf in [ ] and remove eval from rc_start()Robert Nagy
2010-10-26Add a simple 'rc' system to base in order to start/stop/restart/reloadRobert Nagy
services installed by the ports system (for now). It only uses pgrep/pkill to handle these processes. A manual page will come later. 'put it in' deraadt@
2010-10-19grow i386 inside media a teeny bitTheo de Raadt
2010-10-19There is no more groff in the base system, so use mandoc(1) to formatIngo Schwarze
manuals on demand by man(1), even though a few manuals may still have formatting issues with mandoc, and a tiny fraction may still make mandoc error out. Also remove the .me and .ms _build rules: we don't support these formats any longer, and don't have any such manuals in base. OK deraadt@ sthen@
2010-10-18syncTheo de Raadt
2010-10-18oops! we need to retain the usr/share/tmac directory until we figureTheo de Raadt
out what to do with vgrind.
2010-10-18The base no longer uses old groff -- it uses mandoc(1). The ports tree stillTheo de Raadt
sometimes needs groff, but there it is pulled in as a build-dependency, and it is the newer groff. We are able to do this now due to the hard work if ingo.
2010-10-18Revert non-compatible and undocumented bullshit commited by 3 developersTheo de Raadt
who decided to just do it on their own. henning, mcbride, jsing -- shame on you -- if you had shown this diff to just 1 other network developer, the astounding mistake in it would have been noticed. Start practicing inclusionary development instead of going alone. ok claudio
2010-10-18no more misc setTheo de Raadt
2010-10-18stop creating the stupid /usr/share/doc subdirsTheo de Raadt
2010-10-17Add quirks support to operating system fingerprinting. tcpdump partJoel Sing
by mcbride@. ok mcbride@ henning@
2010-10-13add a sample for "socket ... restricted", prompted by mail fromStuart Henderson
Patrick Lamaiziere, ok henning@
2010-10-08install nsd.conf; ok jakob@David Krause