summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
2016-04-29Delete invocation of mailq(1) that was present for historical reasons.Ingo Schwarze
On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless. Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place. Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
2016-04-28Replace /dev/bpf[0-9] with /dev/bpf and /dev/bpf0. The /dev/bpf node isMartin Natano
unused for now, but I plan to convert all programs in base to use it in a future diff. /dev/bpf0 is for compatibility with existing binaries and is to be removed after a transition period. ok rpe krw, for the installer part "Let's see it hit the tree." deraadt
2016-04-28Experiment on matching on the daemon_user is over. It needs more work.Antoine Jacoutot
portmap isn't happy with it as reported by naddy@
2016-04-27Revert the revert and match on the daemon_user again.Antoine Jacoutot
We'll see if something else breaks but it's the right thing to do. discussed with robert@
2016-04-27Override each and every rc.d functions to be able to match on the user.Antoine Jacoutot
2016-04-27We want to run sysmerge(8) a bit earlier in the boot process so that it has aAntoine Jacoutot
chance to update the *default* configuration of the important daemons. Factorize rc.firsttime into a run_upgrade_script() function which takes the script suffix name as an argument. i.e. run_upgrade_script sysmerge / run_upgrade_script firsttime discussed with deraadt@ ok deraadt@ rpe@
2016-04-27Revert matching on the daemon user for now; it breaks sndiod handling whichAntoine Jacoutot
does start as root but does not have a root master process and instead changed its uid. reported by deraadt@
2016-04-27Use 'sort -V' which is actually meant to sort version numbers.Robert Peichaer
Noted by zhuk@ OK deraadt@
2016-04-26Bump copyright.Antoine Jacoutot
2016-04-26Introduce rtable(4) support to rc.subr(8).Antoine Jacoutot
It works by adding daemon_rtable=$id in /etc/rc.conf.local. rcctl(8) support coming in a few and so are the man pages bits. If you want multiple instances of the same daemon running in different routing tables, just symlink the original rc.d script. e.g. # cd /etc/rc.d && ln -s dhcpd dhcpd42 Then enable your daemons as such in rc.conf.local: dhcpd_flags= dhcpd42_flags= dhcpd42_rtable=42 most work done by Jiri B <jirib@devio.us>; with a few tweaks and simplifications by yours truly ok robert@ ... should make henning happy ;-)
2016-04-26Extend _RC_RUNFILE (/var/run/rc.d/scriptname) content with:Antoine Jacoutot
daemon_class, daemon_flags, daemon_timeout, daemon_user, pexp Add "pexp" as a valid variable to _rc_parse_conf() and sort the list while here. Besides having an easy way to see how a daemon was started exactly, it opens the door to rdomain/rtable support in rc.d(8). We need to have as much information on a daemon as possible if we want to target a specific rtable (using -T) and it also makes it easier to start multiple instances of the same daemon with similar flags as a different user... Of course that only works with rc.d scripts *not* overwritting the default rc_* functions. Man page tweaks coming later. discussed with and ok robert@
2016-04-26Re-link (only the newest) libc.so, placing the objects in a randomTheo de Raadt
order. with shell script assistance from rpe
2016-04-25rm systraceTed Unangst
2016-04-25regenTed Unangst
2016-04-25burn down the systraceTed Unangst
2016-04-21syncStuart Henderson
2016-04-20Remove the requirement that /etc/printcap must be a regular file.Ingo Schwarze
CUPS wants it to be a symlink, and that is probably the most common printing system. Bad idea to constantly spam everybody about that! Antoine already adjusted the file permissions in pkg/cupsd.rc rev. 1.24. OK ajacoutot@ (print/cups MAINTAINER).
2016-04-20Don't watch unbound's dnssec root zone key, to reduce security(8) spam.Stuart Henderson
ok martijn@ semarie@ matthieu@ danj@ benno@
2016-04-20adds iked(8) default key.Sebastien Marie
ok sthen@
2016-04-11syncStuart Henderson
2016-04-08syncStuart Henderson
2016-04-07syncStuart Henderson
2016-04-01Tweak rcctl wording.Antoine Jacoutot
from ian@
2016-04-01Rename the 'faulty' list action to 'failed'; it clearer.Antoine Jacoutot
prodded by matthieu@ ok millert@ jung@ sthen@
2016-03-30add "outgoing-interface" to sample unbound.confStuart Henderson
2016-03-27Don't delete the 224/4 route in netstart, unless it's being done to ensure thatStuart Henderson
a -reject route can be added. Restores the ability to set an interface route before daemons are started, lost during the previous simplification. ok millert mpi
2016-03-26Make it possible to get usage as a non-root user.Antoine Jacoutot
ok robert@
2016-03-26Handle the rc_stop=NO => rc_restart=NO case within _rc_not_supported().Antoine Jacoutot
2016-03-22syncStuart Henderson
2016-03-20add include directories used by recent versions of libdrmJonathan Gray
2016-03-14fix word issue, as reported by hansJason McIntyre
2016-03-12regen generated files after MAKEDEVs commitsMarc Espie
2016-03-12reflect reality (MAKEDEV can take no parms and still work)Marc Espie
2016-03-12tweak MAKEDEV.mi to use new makedev(8) capabilities and speed it up.Marc Espie
2016-03-11syncStuart Henderson
2016-03-09We are done providing support for the vax.Theo de Raadt
lots of agreement.
2016-03-08adjust for lpd(8) top spool dir permissions change, so security(8)tb
won't complain in the daily(8) mail. ok ajacoutot@
2016-03-05Change default lpd spool directory to match the code; from Chris BennettAntoine Jacoutot
Add /var/spool/output/lpd to mtree(1). This removes the ability for the daemon group to write directly under /var/spool/output; though no breakage is expected since this directory was only supposed to contain line printer spooling directories. ok sthen@
2016-03-05add proper entries for pkg_add privsep, instead of piggy-backing on _pfetchMarc Espie
which was a "better than nothing" measure for 5.9. Another user to come. Approved by deraadt@ on principle. thanks sthen@ for checking my lines over.
2016-03-03Remove option USER_LDT and everything depending on it.Christian Weisgerber
Remove machdep.userldt sysctl. Remove i386_[gs]et_ldt syscall stub from libi386. Remove i386_[gs]et_ldt regression test. ok mlarkin@ millert@ guenther@
2016-03-01Update moduli file.Darren Tucker
2016-02-29delete the kern.emul/KERN_EMUL sysctl bits since there are noChristian Weisgerber
emulations left; ok millert@ deraadt@, jmc@ (man pages)
2016-02-15When the default mode on /var/log/maillog was changed to 640 theTodd C. Miller
creation of maillog as part of the distribution-etc-root-var target was missed. From Nathanael Rensen
2016-02-14syncStuart Henderson
2016-02-09syncStuart Henderson
2016-02-07Remove setproctitle() for the parent process. Because rc.d(8) uses processStuart Henderson
titles (including flags) to distinguish between daemons, this makes it possible to manage multiple copies of a daemon using the normal infrastructure by symlinking rc.d scripts to a new name. ok jung@ ajacoutot@, missed in previous commit noticed after re-checking following report in bgpd.
2016-02-07Remove setproctitle() for the parent process. Because rc.d(8) uses processStuart Henderson
titles (including flags) to distinguish between daemons, this makes it possible to manage multiple copies of a daemon using the normal infrastructure by symlinking rc.d scripts to a new name. ok jung@ ajacoutot@, missed in previous commit, problem reported by mxb/alumni/chalmers/se.
2016-02-05RegenMasao Uebayashi
2016-02-05Add ipmi(4) cdev entry on amd64 and i386Masao Uebayashi
2016-02-04syncStuart Henderson