summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
2011-04-28ftp-proxy(8) now requires a divert-to ruleMike Belopuhov
2011-04-24sync with xorg-docs 1.6 changesMatthieu Herrb
2011-04-23Even though SUIDSKIP used to be a mere shell variable, it was propagatedIngo Schwarze
to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
2011-04-23Remove yet another mention of /etc/security that i missed (doh).Ingo Schwarze
Also pointed out by Mattieu Baptiste <mattieu dot b at gmail dot com>, thanks.
2011-04-22Move the rc.d(8) bits from rc.{local,shutdown} directly into /etc/rc.Antoine Jacoutot
By default, rc.{local,shutdown} don't output anything anymore. original idea from schwarze@ discussed with deraadt@ and no objection from millert@ ok schwarze@ robert@
2011-04-19syncTodd T. Fries
2011-04-19as confirmed by my 11mo old son, this makes midi keyboards work with macppcTodd T. Fries
"no objection" drahn@
2011-04-19/etc/security does not exist any longer,Ingo Schwarze
so stop it from trying to check itself for changes; noticed by Mattieu Baptiste <mattieu dot b at gmail dot com>.
2011-04-19UUCP is no longer contained in the base system, so its home directoryIngo Schwarze
does not require special permissions. The security(8) scripts hates group-writeable home directories, so remove the needless permissions. Issue noticed by Andrew Fresh <andrew at afresh1 dot com>. If i understand naddy@ correctly, this is unlikely to harm even UUCP users. "Just remove the group writeable bit" deraadt@.
2011-04-18do not print 'starting local daemons' if rc_scripts is emptyRobert Nagy
asked by/ok deraadt@, ajacoutot@
2011-04-18Deprecate vnds in favour of svnds.Thordur I. Bjornsson
In effect, this removes the "old" vndX nodes, and renames the svndX nodes to vndX. Old svndX nodes will still continue to work though, for now. Cleanup accordingly. ok deraadt@, todd@ comments and ok on the man page bits from jmc@
2011-04-17Replaced by src/libexec/security a few minutes ago;Ingo Schwarze
deraadt@ suggests to remove the old file right away.
2011-04-17Switch from the old shell script /etc/securityIngo Schwarze
to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
2011-04-16Output 'starting standard daemons:' to be consistent with the rest.Antoine Jacoutot
ok deraadt@
2011-04-15Silence errors in the temp dir cleanup processAlexander Hall
ok phessler@ sthen@
2011-04-15No need to make depend kernelsTheo de Raadt
2011-04-14Don't compress wtmp by default; the tools dealing with this log areStuart Henderson
cumbersome to use with compressed files. Idea from ian@ following a discussion started with a diff to last(1) from by Peter Philipp. ok martynas@ mk@ millert@
2011-04-11allow man(1) to find the ports/infrastructure manpages by default.Stuart Henderson
ok dcoppa@ phessler@ jasper@ landry@ rpointel@ giovanni@ ajacoutot@ henning@ no problem jmc@
2011-04-11Delete 'OpenBSD2.1' and 'simpleroot'. Two entries previously usedKenneth R Westerback
in install image creation and no longer required. ok deraadt@
2011-04-10'fakecdrom' disktab entry no longer needed, nor is mksuncd mangling ofKenneth R Westerback
the boot cd image. ok deraadt@
2011-04-09Fix multiple issues and make the code simpler and more robust:Ingo Schwarze
- As noticed by ajacoutot@, re_format(7) does not treat '\t' as a tab, so some t's got stripped from daemon names. - The tr(1) failed to sanitize mixtures of blanks and tabs. ok ajacoutot@
2011-04-07Update transparent HTTP proxy example:Reyk Floeter
- Use the URL filter to block www.example.com/ - Use "forward to destination" instead of "forward to nat lookup" to use divert-to instead of rdr-to in PF.
2011-04-06- in case reload fails, print the failed message (from Piotr Sikora)Robert Nagy
- (ok) is only printed while in interactive mode, but (failed) stays even for rc if the command fails ok ajacoutot@
2011-04-06Remove leading/trailing spaces from daemon_flags.Antoine Jacoutot
ok schwarze@
2011-04-05Remove portalfs.Thordur I. Bjornsson
While it is a terribly cool idea, it's just awful and since noone has stepped up to the plate to keep it up with the current vop state, retire it to the attic. ok krw@, deraadt@, guenther@, miod@. comments from jmc@
2011-04-05Bye bye, kern.emul.freebsdPhilip Guenthe
Pointed out by aja@
2011-04-05Handle a daemon_flags of '-n' by using printf '%s\n' instead of echoPhilip Guenthe
ok otto@, aja@
2011-04-05Quote $daemon_flags to prevent echo(1) picking them as input flags.Antoine Jacoutot
from Piotr Sikora ok robert@
2011-04-04Dump some useless calls to dhclient-script. i.e. MEDIUM, PREINIT,Kenneth R Westerback
ARPSEND, ARPCHECK. Drop support for 'media', 'medium' and 'alias' specifications in dhclient.conf. Old leases still parse but these options now have no effect. Be more polite and decline all offers we don't accept. Fix a IMSG length check. Many expressions of support at various bars. ok henning@ deraadt@ beck@
2011-04-04show how to disable pool_debugTheo de Raadt
2011-03-25Bump timeout to 30s.Antoine Jacoutot
ok robert@
2011-03-24if daemon_flags=NO is set, just exitRobert Nagy
ok ajacoutot@
2011-03-23use ssh-keygen -A; ok deraadtKevin Steves
2011-03-23Update since ICMP6 redirects are disabled by default now.Federico G. Schwindt
After discussion with bluhm@, fgsch@, sthen@ and deraadt@ claudio@ and sthen@ ok.
2011-03-19Since we now use pkill -0 for "check", it must be run as root,Ian Darwin
so remove that test condition. Commented by schwarze@, OK ajacoutot@
2011-03-17- introduce the INRC environment variable so that rc.subr(8) knows if itRobert Nagy
gets called from rc.local or rc.shutdown - notify the user if a given operation was successfull or not by appending the (ok) or (failed) strings to the end of the daemon name - hide stdout and stdin unless RC_DEBUG=1 is set, otherwise all the function names will be printed out and all output sent to stdin or stdout - since from now on rc.subr is taking care of printing out the daemon names on startup, we don't need to do this from rc.{local,shutdown} anymore brainkilling work done by me and ajacoutot@, ok ajacoutot@
2011-03-14Return proper codes so that we don't rc_start if rc_pre failed and weAntoine Jacoutot
don't rc_post if rc_stop failed. "I agree with the direction" sthen@ ok robert@
2011-03-10Add a small comment at the top to explain what this file does.Antoine Jacoutot
Use $() constructs as it's safer than ``. Both req. by deraadt@ Use pkill instead of pgrep in rc_check so that we don't need to fiddle with redirections in reload. prodded by schwarze@ ok robert@
2011-03-09Make reload and check consistent with start/stop.Antoine Jacoutot
ok robert@
2011-03-09Move the redirections into the rc_cmd itself instead of rc_start andAntoine Jacoutot
rc_stop so scripts don't need to set it. ok sthen@ (on a much bigger diff) robert@
2011-03-09Move rc_pre and rc_post out of the rc_start/rc_stop functions into theAntoine Jacoutot
rc_cmd start/stop actions. This way when rc.d(8) scripts override these functions, we don't loose rc_{pre,post}. Add a max 5 secs loop after rc_stop in the rc_cmd top action. This seems to be a good default for returning to command line only after the daemon has really stopped. This fixes "restart" for some daemons and allows to properly stop some others at shutdown time. Note that this is just a best-effort default, some daemons may need a lot more time to shutdown but this case is usually handled in the rc.d(8) script itself and we obviously do not want to hang the shutdown process. Call rc_cmd start/stop in restart and _not_ rc_start/rc_stop which can get overriden in a script. discussed with and inputs from sthen@ and schwarze@ ok sthen@ robert@
2011-03-06Add an "rc_bg" variable that is undefined by default and allows to startAntoine Jacoutot
a daemon in the background. man page tweaks from schwarze@ discussed with an ok schwarze@ robert@
2011-02-24Remove daemon_shell and force the use of /bin/sh for the su(1) call.Antoine Jacoutot
ok robert@ espie@ miod@
2011-02-16allow users to enable access to the /dev/crypto, but keep it turned offMike Belopuhov
by default, adjust comments in sysctl.conf; ok markus, tedu, djm, miod
2011-02-12Add the rc_scripts variable for rc.d(8).Antoine Jacoutot
prodded by espie@ ok miod@
2011-02-09fix an unbalanced parenthesis in a comment; while here, split the commentIgor Sobrado
in a better place to make it more readable. ok jmc@ and miod@
2011-01-24change default nsd(8) paths. ok sthen@Jakob Schlyter
2011-01-19add ldapd.conf; ok sthen@David Krause
2011-01-19catch up changelist with recent additions; ok sthen@David Krause
2011-01-19Add 2001:2::/48 (prefix used for benchmarking) to the list ofClaudio Jeker
non-routeable prefixes. While there sort list. Diff provided by Andre Keller.