| Age | Commit message (Collapse) | Author |
|---|
|
for example, were removed in 2013 because they don't make sense in ldpd.
ok deraadt
|
|
filters (AS, peer-as, source-as, transit-as).
Add a use case (block illegal AS numbers) to the bgpd.conf example.
feedback from claudio, sthen, florian,
ok florian@ phessler@
|
|
Point at wikipedia's list of blacklists instead, some are DNS-only but there
are a few rsyncable ones in there (including a good commercial one and some
free ones).
|
|
frequently for my taste, and disk is cheap.
ok deraadt millert
|
|
- run commands in subshell only if mktemp is successful
- on error just leave the for-loop but set _error=true
- cleanup tmpdirs afterwards
- set _error=true if the ro remount fails
- print appropriate final message depending on $_error
positive feedback from deraadt
OK krw
|
|
are left for now but umg files are no longer built when building
releases.
|
|
|
|
OK deraadt
|
|
OK sthen, deraadt
|
|
|
|
|
|
- move the info message inside the function
- skip reordering if /usr/lib is on a nfs mounted filesystem
- temporarily remount rw if /usr/lib is on a ro ffs file-system
OK deraadt
|
|
|
|
OK deraadt
|
|
|
|
|
|
|
|
|
|
available wide open. there should be some access model either via a
group or fbtab. This will cause a decision to be made.
ok millert
|
|
and force long filenames on the first mount of fat 16 filesystems so
this works.
U-boot scripts have not yet been changed to load these files.
ok kettenis@
|
|
about pkg.conf isn't really that helpful and if a big syntax change comes along
well we have current.html.
it was disabled during p2k16 and no one complained so far
discussed with and ok deraadt@
|
|
|
|
sthen does not object
|
|
|
|
|
|
hppa reverse-stack gives us a valuable test case, but most developers don't
have a 2nd one to proceed further with this.
ok kettenis
|
|
|
|
|
|
|
|
ok beck@
|
|
the University of Alberta moves away from running a spamd fronted MX,
so there is no more source for this traplist anymore.
|
|
above it is "starting network", which can make you think something is
broken when your machine is as slow as some of mine.
"Yeah, that's a pretty crappy machine" deraadt@
|
|
table has to be defined BEFORE
consequently move all tables in the examples to the beginning and before the
listen directive to avoid tables not being found
no functional change
ran into this myself earlier, also reported by cjones via irc
ok gilles
|
|
|
|
On a real mailserver, it's too noisy and may be a privacy concern.
On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially
parse untrusted user data daily, at a predictable time, as root
is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
|
unused for now, but I plan to convert all programs in base to use it in
a future diff. /dev/bpf0 is for compatibility with existing binaries
and is to be removed after a transition period.
ok rpe krw, for the installer part
"Let's see it hit the tree." deraadt
|
|
portmap isn't happy with it as reported by naddy@
|
|
We'll see if something else breaks but it's the right thing to do.
discussed with robert@
|
|
|
|
chance to update the *default* configuration of the important daemons.
Factorize rc.firsttime into a run_upgrade_script() function which takes the
script suffix name as an argument.
i.e. run_upgrade_script sysmerge / run_upgrade_script firsttime
discussed with deraadt@
ok deraadt@ rpe@
|
|
does start as root but does not have a root master process and instead
changed its uid.
reported by deraadt@
|
|
Noted by zhuk@
OK deraadt@
|
|
|
|
It works by adding daemon_rtable=$id in /etc/rc.conf.local.
rcctl(8) support coming in a few and so are the man pages bits.
If you want multiple instances of the same daemon running in different
routing tables, just symlink the original rc.d script.
e.g.
# cd /etc/rc.d && ln -s dhcpd dhcpd42
Then enable your daemons as such in rc.conf.local:
dhcpd_flags=
dhcpd42_flags=
dhcpd42_rtable=42
most work done by Jiri B <jirib@devio.us>; with a few tweaks and simplifications
by yours truly
ok robert@
... should make henning happy ;-)
|
|
daemon_class, daemon_flags, daemon_timeout, daemon_user, pexp
Add "pexp" as a valid variable to _rc_parse_conf() and sort the list while here.
Besides having an easy way to see how a daemon was started exactly, it opens the
door to rdomain/rtable support in rc.d(8). We need to have as much information
on a daemon as possible if we want to target a specific rtable (using -T) and it
also makes it easier to start multiple instances of the same daemon with similar
flags as a different user...
Of course that only works with rc.d scripts *not* overwritting the default rc_*
functions.
Man page tweaks coming later.
discussed with and ok robert@
|
|
order.
with shell script assistance from rpe
|
|
|
|
|
|
|
|
|
