src - OpenBSD base system

Age	Commit message (Collapse)	Author
2015-07-15	Drop comments; we already have a fully documented file under	Antoine Jacoutot
	/etc/examples/ntpd.conf ok deraadt@ benno@ schwarze@
2015-07-15	Fix base rc.d scripts after the recent rc.subr change.	Antoine Jacoutot
	ok halex@
2015-07-15	By default, require an exact match of the process name and argument list.	Antoine Jacoutot
	This allows running several instances of the same rc.d(8) script by just linking it to different name. e.g. ln -s ftpproxy ftpproxy6 echo 'ftpproxy6_flags=-6' >>/etc/rc.conf.local This is likely to break some rc.d scripts in ports. I will try and fix them all in the next few days but I'd appreciate reports if I missed some. ok halex@
2015-07-15	Always use the default flags when running !start.	Antoine Jacoutot
	This is necessary so that rc.d scripts launched with `-f' can be properly stopped, checked and reloaded. ok schwarze@
2015-07-15	Merge comments.	Antoine Jacoutot

2015-07-07	/var/unbound/db/root.key can be stored in plain text actually; that's just	Antoine Jacoutot
	the public key. prodded by semarie@ ok sthen@
2015-07-07	Only store checksums for:	Antoine Jacoutot
	/var/nsd/etc/nsd.conf (may contain a key) /var/unbound/db/root.key (fix path as well) from Tim van der Molen ok millert@ sthen@
2015-07-03	Remove sudoers	Todd C. Miller

2015-06-29	enable vexpress	Jonathan Gray

2015-06-28	regen	Jonathan Matthew

2015-06-28	add usb devices	Jonathan Matthew

2015-06-23	fix emacs pkg names	Giovanni Bechis

2015-06-21	sync	Theo de Raadt

2015-06-21	5.9 base key	Theo de Raadt

2015-06-19	add 5.9 packages key	Christian Weisgerber

2015-06-18	I'm afraid it will be a sunday.	Miod Vallat

2015-06-18	add 5.9 firmware key	Stuart Henderson

2015-06-17	crank to 5.8-beta	Theo de Raadt

2015-06-17	Really make daemon_class read-only; it's set to "daemon" of a matching	Antoine Jacoutot
	login class.
2015-06-16	Typos in comments; Ville Valkonen	Miod Vallat

2015-06-13	add miniroot to MDEXT	Jasper Lievisse Adriaanse

2015-06-09	miniroot for octeon; tested on edgerouter lite with local usb storage	Jasper Lievisse Adriaanse
	ok jmatthew@ miod@
2015-06-06	Allow rtsol keyword in hostname.if(5) with net.inet6.ip6.forwarding=1.	Florian Obser
	"inet6 autoconf" was working before and rtsol should behave the same. OK phessler
2015-06-02	Rename the imx miniroot to nitrogen as it creates "6x_bootscript".	Jonathan Gray
	Add a miniroot for the CuBox-i which needs u-boot at a particular offset in the sd image to boot. Based on changes made by Patrick Wildt in bitrig.
2015-05-28	Remove 1k bit groups. ok deraadt@, markus@	Darren Tucker

2015-05-26	Create aliases.db from the installed aliases file, so we get the correct	Christian Weisgerber
	owner and group. Reported by Mark Patruck. ok deraadt@ miod@
2015-05-22	Update DH groups	Darren Tucker

2015-05-22	Remove 6k and 8k bit moduli fragments since they are now kept in	Darren Tucker
	usr.bin/ssh/moduli-gen.
2015-05-20	Now all the socs use the same va entry point and don't have any	Jonathan Gray
	conflicting symbols we can combine the configs. Multiple umg files are still required however. The bsd.umg target in the kernel is replaced by targets for bsd.IMX.umg, bsd.OMAP.umg and bsd.SUNXI.umg.
2015-05-19	use the same va entry point on all armv7 socs	Jonathan Gray
	Similiar changes were made in bitrig by Patrick Wildt. As part of this change the physical load address for imx and sunxi have changed. Any u-boot settings that include it will need to be modified. imx: 0x10800000 -> 0x10300000 sunxi: 0x40800000 -> 0x40300000 Tested by bmercer, canacar and myself. ok bmercer@
2015-05-18	Change spamd to use divert-to instead of rdr-to.	Reyk Floeter
	divert-to has many advantages over rdr-to for proxies. For example, it is much easier to use, requires less code, does not depend on /dev/pf, works in-band without the asynchronous lookup (DIOCNATLOOK ioctl), saves us from additional port allocations by the rdr/NAT code, and even avoids potential collisions and race conditions that could theoretically happen with the lookup. Heads up: users will have to update their spamd PF rules from rdr-to to divert-to. spamd now also listens to 127.0.0.1 instead of "any" (0.0.0.0) by default which should be fine with most setups but has to be considered for some special configurations. Based on a diff is almost two years old but got delayed several times ... beck@: "now is the time to get it in" :) Tested by many With help from okan@ OK okan@ beck@ millert@
2015-05-18	Put ntpd.conf in MUTABLE so it's installed with 0644 mode.	Antoine Jacoutot
	discussed by deraadt@
2015-05-18	enable ntpd by default at install time. We use pools and a reliable	Theo de Raadt
	constraint to keep them in check. in the worst case of being on a dark net, nothing changes. this is being enabled by default to allow gathering of more operational information from users. and if the operational heuristics in ntpd can be suitable refined, this may stay the default into the future. if not, ntpd will become even more awesome along the way. with reyk rpe
2015-05-18	Simplify example constraints URL to reduce load on the server side.	Darren Tucker
	ok henning@, reyk@
2015-05-04	fix numbers for pppx, vscsi and diskmap	Jonathan Matthew
	ok dlg@
2015-05-04	Remove comments about default daemon_flags; most are empty, those	Ingo Schwarze
	that aren't are redundant because they can be found in the rc.d(8) scripts themselves, and they risk getting out of sync. While here, sort the daemons alphabetically. No functional change. Triggered by a much smaller nameserver-only patch from stephan@. OK ajacoutot@ rpe@ stephan@ and looks good to sthen@.
2015-05-02	No more pf_rules ipsec_rules.	Antoine Jacoutot

2015-05-02	Drop pf_rules and ipsec_rules from rc.conf(5); it shouldn't have been made	Antoine Jacoutot
	tweakable: there's no real point and these files support the 'include' option so one can always get its config from whatever path... especially useful when testing a new ruleset. man page inputs from schwarze@ ok halex@ schwarze@ rpe@ deraadt@
2015-04-30	Add smtpd(8) spool directories so that they are registered as part of base.	Antoine Jacoutot
	ok henning@ gilles@ deraadt@
2015-04-29	Check arguments before eval so we don't end up with a cryptic error message.	Antoine Jacoutot
	reported by jasper@ While here: _rc_is_supported() -> _rc_not_supported() - saves a fork - reduces triple negation to double negation in _rc_not_supported() - simplifie condition for rc_restart=NO from schwarze@ ok jasper@ schwarze@
2015-04-29	VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still	Alexander Hall
	worth noting "go ahead" schwarze@
2015-04-27	Simplify remote(5) example file and remove stuff not supported by cu(1).	Nicholas Marriott
	some tweaks from sobrado@, ok deraadt@
2015-04-27	Add a _file user and use for privsep, ok deraadt	Nicholas Marriott

2015-04-15	add the include dir for libepoxy	Jonathan Gray

2015-04-12	Switch example NSD config to splitting master and slave zones into different	Stuart Henderson
	subdirectories (/var/nsd/zones/{master,slave}) and create these in mtree. Nearly everybody that uses NSD for slave zones that I talked to already has this layout. Bikesh^Wdiscussed with ajacoutot florian millert and others. ok ajacoutot@ florian@ phessler@ claudio@ jung@
2015-04-03	Add ddb.log example; OK halex@	Todd C. Miller

2015-03-31	For consistency with the diff subcommand, add rdiff -u	Christian Weisgerber
	(-N is always implied and -p isn't available.) ok guenther@, sthen@
2015-03-28	_rc_err(): only display error message if there's an actual one.	Antoine Jacoutot
	Remove an exit() statement that could never be reached.
2015-03-27	Actually use the new man.conf(5) "output" directive.	Ingo Schwarze
	Additional functionality, yet minus 45 lines of code.
2015-03-27	Move man.conf from /etc to /etc/examples, deleting what's no longer supported.	Ingo Schwarze
	Discussed with many and OK ajacoutot@.