Age | Commit message (Collapse) | Author |
|
Now that route are automatically G/C with the address they are attached
to there's no reason to duplicate the kernel's job.
Fix a regression introduced with multipath default routes.
ok deraadt@
|
|
|
|
or carp. Ensure that the noglob option is disabled at the end of
parse_hn_line() and ifstart().
Reported by Christer Solskogen and Stefan Wollny, thanks!
|
|
hostname.if(5) parsing code in ifstart().
Add a -n option to netstart to only print the interface configuration
commands instead of executing them.
Add a HN_DIR variable, that points to the directory of the hostname.if
files (default /etc) that allows for future regression tests.
- add new parse_hn_line() function
- change ifstart()
- rename $if to $_if
- don't ifconfig or ifconfig create if -n option is used
- replace hostname.if(5) parsing code with new parse_hn_line()
- just print configuration commands if -n option is used
- autoconf now happens in ifstart(), remove ifv6autoconf()
- introduce HN_DIR variable for the hostname.if file location
- add handling of the -n option to only print config commands
- ensure -n is only used if interfaces are specified as parameters
Discussed with and positive feedback from many
'commit' deraadt@
OK sthen@
|
|
documentation if the first line of the file is blank.
Quirk reported by Anthony Coulter <bsd at anthonycoulter dot name>.
OK rpe@
|
|
need to do this.
|
|
if so gcc3 should create them itself.
|
|
that direclty uses /etc/ssl/{,private} by default. Adapt the httpd.conf example
accordingly.
ok florian@ benno@ millert@
|
|
without -Q during the build and in weekly(8). According to tests
by many developers, makewhatis(8) takes a few minutes at most even
on slower hardware like octeon, loongson, ALIX, RPI3, Soekris,
cubox, softiron etc., and security(8) is often worse than makewhatis(8).
In case this causes excessive weekly(8) run times on even slower
(~50 MHz-class) CPUs, consider adding "MAKEWHATISARGS=-Q" to
/etc/weekly.local on machines that feel unhappy.
OK sthen@ kettenis@ millert@ deraadt@
|
|
okay tb@
|
|
variables are not named like commands.
- change test from [] to [[]]
OK tb@ halex@
|
|
install.sub which makes it easier to spot changes in the future.
- comments and formatting
- quotes on assignments are not needed (netstart)
- remove stray space in test (netstart)
- use $file variable with while-loop (netstart)
- although valid, instead of i use $i in arithmetic test (install.sub)
OK krw@, tb@
Looks good deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Instead of using the internal "vmboot", VMs will now be booted using
the external BIOS firmware in /etc/firmware/vmm-bios (which is subject
to a LGPLv3 license). Direct booting of OpenBSD kernels or
non-default BIOS images is still supported for now using the -b/boot
option that is replacing the -k/kernel option.
As requested by Theo, vmd(8) fails if neither the default BIOS is
found nor a kernel has been specified in the VM configuration. The
"vmm" BIOS has to be installed using fw_update(1), which will be done
automatically in most cases where the OpenBSD can fetch it after
install/upgrade.
OK mlarkin@
|
|
in rc_pre.
prodded by and ok jmc@, ok halex@
|
|
from Nick Holland (nick AT holland-consulting DOT net)
ok jmc@ florian@
|
|
|
|
ok deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
machdep.lidaction=0 # do nothing
machdep.lidaction=1 # suspend
machdep.lidaction=2 # hibernate
lidsuspend is just an alias for lidaction, so if you change one, the
other one will have the same value. The plan is to remove
machdep.lidsuspend eventually when people have upgraded their
/ets/sysctl.conf.
discussed with deraadt, who came up with the new MIB name
no objections mlarkin
ok stsp halex jcs
|
|
a single configuration file for the OpenBSD repository location.
The pkg_* tools now use installurl(5) to find the package repository.
NOTE:
/etc/installurl only contains a single URL pointing to a mirror.
Use the PKG_PATH environment variable to specify more than one
package repository.
prodded by and OK deraadt@ aja@
|
|
Do it now deraadt@
|
|
|
|
|
|
|
|
'ypbind_flags=""' when domainname is set and /var/yp/binding exists.
This can lead to inconsistent behavior at startup since /var may not be
mounted yet and /etc/rc's start_daemon() will not start ypbind.
A.K.A. make ypbind startup consistent with all other OpenBSD daemons.
ok deraadt@
|
|
checks for the correct mode/ownership.
prodded by ajacoutot@
|
|
/root/.ssh/authorized_keys file with correct permissions (0600 for the
file, 0700 for /root/.ssh dir). Since we encourage administrators to use
public keys only if they want to access root account via ssh, might
aswell make it easier, this will be particularly useful in
managed/provisioned environments (think ansible & others).
Note that administrators might get an e-mail from security(8) if the
file suddenly appears after an update - this is of course expected :)
ok tb@ sthen@ rpe@ ajacoutot@
|
|
|
|
raising openfiles-cur above the implicit -max value (1024 on at least the
common arch) results in the setting not being applied at all.
Earlier version OK tom@ danj@ ajacoutot@ benno@ krw@ beck@, suggestion about
openfiles= from millert@ - changes in this version are to use 1024 for -max
rather than 512 to avoid changing the existing hard limit, and just use
openfiles= for bgpd/unbound where max and cur are the same value.
|
|
OK tb@
|
|
|
|
ok deraadt@ rpe@
|
|
|
|
right before building kernels. This should unbreak 'make release' for
people having this setting.
ok deraadt
|
|
|
|
|
|
give a sensible example for the domain {} section.
ok florian
|
|
and verify patches.
discussed with deraadt@ rpe@
ok deraadt@
|
|
|