summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
2002-06-11another bit that got missedBob Beck
2002-06-11pfctl -f instead of -N/-R, ok deraadt@Daniel Hartmeier
2002-06-09Update to the latest and greatest from arla.Hans Insulander
2002-06-09Remove startup stuff for Kerberos 4 servers.Hans Insulander
ok deraadt@
2002-06-09rm trailing whitespaceTodd T. Fries
2002-06-09syncTodd T. Fries
2002-06-09remove the `real' Id string in generated output, keeps conflicts downTodd T. Fries
miod@ ok, requested a long time ago by misc
2002-06-08spool dirs should be group daemon, mode 0775Todd C. Miller
2002-06-07clear /var/authpf on bootup - ensure we don't kill things we shouldn'tBob Beck
2002-06-07make /var/authpf owned and writable by group authpfBob Beck
2002-06-07authpf group, for authpfBob Beck
2002-06-06Path to 'bootpd' is /usr/sbin. From dfa@solo.eeMike Pechkin
millert@ ok
2002-06-05try to avoid DNS hereTheo de Raadt
2002-06-01fix mkr for libssl changesTheo de Raadt
2002-06-01spaces to tabBrad Smith
2002-05-31ecn is disabled by default, so show the option enabled.Federico G. Schwindt
deraadt@ ok.
2002-05-31comma splicePaul Janzen
2002-05-31No dm -> no dm.conf.Paul Janzen
2002-05-30space nitsTheo de Raadt
2002-05-30space nitsTheo de Raadt
2002-05-24Not that kvm parts are removed, run rpc.rstatd and rpc.rusers asTheo de Raadt
nobody. While I do not like running things as nobody since the step up is very small, we use this for other daemons in inetd. And it is still a small step.
2002-05-23more dm parts going away; pjanzenTheo de Raadt
2002-05-23Sigh, add the rule in the right place (not just when NFS is used).Daniel Hartmeier
From Dries Schellekens
2002-05-23Allow incoming ssh connections in the initial temporary rule set that'sDaniel Hartmeier
active before /etc/pf.conf is loaded, just in case loading fails (and leaves the inital set active). ok deraadt@
2002-05-23The troll strikes.. The troll strikes.. The dungeon master ↵Theo de Raadt
dies.distrib/sets/lists
2002-05-22Check for S/Key entries in /etc/skey, not /etc/skeyeys; David KrauseTodd C. Miller
We could use skeyinfo(1) to check but this is much cheaper.
2002-05-22oops, missed another fileTheo de Raadt
2002-05-21create /etc/authpf and /var/authpf dirsTheo de Raadt
2002-05-21fake sync (not yet using MAKEDEV.md)Theo de Raadt
2002-05-21remove MAKEDEV.local finallyTheo de Raadt
2002-05-20blob for splassert.Artur Grabowski
suggested by deraadt@.
2002-05-20update user list; spotted by hshoexer@yerbouti.franken.deTheo de Raadt
2002-05-16Add systrace devices until vax is converted to new MAKEDEV scheme (soon)Miod Vallat
2002-05-16Regen.Miod Vallat
2002-05-16Add systrace support to all the remaining architectures.Miod Vallat
Tested by various people on various platforms, I'm willing to fix any breakage this causes. ok niels@ deraadt@ and mickey@ (after his comments were applied)
2002-05-16ignore non-existent cases where '$if' evaluates to '*'.Todd T. Fries
From André Lucas <andre@ae-35.com>, fixes pr # 2658. 'Looks good' from miod@, millert@, and krw@.
2002-05-16show net.inet.tcp.ecn optionTheo de Raadt
2002-05-16Replace skeykeys entry with proper skey entry. Pointed out by mickey@Todd C. Miller
2002-05-16syncNiels Provos
2002-05-16add systrace device okay fries@Niels Provos
2002-05-16No more /etc/skeykeys; brad@Todd C. Miller
2002-05-14Major changes:Todd C. Miller
Job names are now "runtime.queue" where runtime is when the job will run in Unix time format. This is what SysV at does and allows us to nuke the .SEQ file. Historic BSD options for atq and atrm are now implemented; atq and atrm get their own man pages. At no longer does anything with the -v flag. We print the execution time when jobs are submitted so there is no need. Most *scanf() usage is gone (one remains in atrun). Better sanity checks in atrun. Random style/cleanup. With these changes we have the best of both worlds; POSIX compliance with the traditional BSD features.
2002-05-13move common distrib rules to main Makefile,Marc Espie
make -> ${MAKE} add phony targets remove unnecessary subshells install kernel in a separate target from building. some SUDO. okay deraadt@ (checked bootstrap on i386, should be safe elsewhere, and trivial to fix anyways)
2002-05-12Remove unnecessary subshellsMarc Espie
make -> ${MAKE} add exec at end of lines sprinkle with SUDO where needed (not enough for a full release yet) PHONY targets. ok millert@, deraadt@
2002-05-11at(1) is no longer setuid root, it is setgid crontab.Todd C. Miller
This means that /var/at/at.{allow,deny} must be readable by group crontab, /var/at/jobs is mode 01770, and /var/at/.SEQ is mode 0660.
2002-05-09crontab is no longer setuid root, it is now setgid crontab.Todd C. Miller
These changes were modelled after the Owl version of vixie-cron, but developed independently. Our crontab used to send cron SIGUSR1 to tell cron to reread the spool dir. Now that crontab is not setuid root this doesn't work. Instead, crontab pokes cron via a Unix domain socket located in the tabs dir. Please note, after these changes, the owner on user crontab files will have to be changed manually from root to the uid of the corresponding user for crontab to be usable. cron itself will accept tab files owned by either root or the user. Also, any /var/cron/{allow,deny} files must be readable by group crontab.
2002-05-09Add crontab group for when crontab loses its setuid bit tomorrow.Todd C. Miller
Consider this a head-up...
2002-05-08move to sshd.sshd insteadTheo de Raadt
2002-05-07ssh uid and gid for privsepTheo de Raadt
2002-05-06rlogind and rexecd are historyTodd C. Miller