| Age | Commit message (Collapse) | Author |
|---|
|
macros with spaces in them. With and OK ajacoutot
|
|
|
|
|
|
sure pexp matches the process (i.e. doesn't include the quotes).
It's a bit hackish but it allows things like these in rc.conf.local:
relayd_flags=-D IPS="1.2.3.4 2.3.4.5"
And we properly end up with...
$ grep ^pexp /var/run/rc.d/relayd
pexp=/usr/sbin/relayd -D IPS=1.2.3.4 1.2.3.5
... which matches what is in the process list:
root 14217 <snip> 0:00.01 /usr/sbin/relayd -D IPS=1.2.3.4 1.2.3.5
There's always the possibility that we have introduced a regressions with hand
crafted functions in rc.d scripts (mostly from packags), so watch out.
reported by and debugged with claudio@
|
|
|
|
|
|
Many arm64 systems use device trees instead of ACPI and acpidump is
expectected to fail on those systems. And vmm(4) doesn't provide ACPI
information either.
ok deraadt@
|
|
agreement url in here we no longer need to updated it all the time.
OK deraadt
|
|
|
|
OK florian@ sthen@
|
|
enable dnssec validation, it's really useful for debug
|
|
|
|
default upstream in 1.7.2 (picked up by us with the update to 1.7.3).
ok florian@
|
|
prefix" address instead - there are so many available with varying
policies that this isn't a good place to list them (and might imply
some kind of recommendation which is not intended).
Particularly prompted by several on the previous list (he.net and opendns)
strip RRSIG from results which cause DNSSEC failures now that validation
is enabled in the example config as noticed by solene@.
While there, shrink qname-minimisation comment to match other nearby
comments, and drop dns64 example which is quite a specialist use case
and not really needed in this basic example.
|
|
Requested by & OK claudio
Input & OK sthen
OK job, solene
Various commenting that they run with validation since a long time
without issues.
|
|
is correct format
|
|
or-longer at useage time.
ok job benno
|
|
Cluebat and OK deraadt@
|
|
|
|
semarie found a few regressions with daemon that will fail if cwd is not
accessible.
|
|
- drop `-'l' to prevent simulating a full login and running /root/.profile
(prodded by a mail from J Greely)
- use `-m' to preserve the environment because we now set HOME to "/" like
/etc/rc does; note that we now also clear the environment using `env -i' before
running su(1) which leaves us with only HOME, PATH and SHELL
Committing early to catch regressions fast, if any.
ok halex@
|
|
This is also be used to simplify the vmd rc stop script.
OK mlarkin@ ccardenas@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OK phessler@
|
|
network prefix-set ... and filters with prefix-set ... or-longer.
ok claudio@
|
|
commas may become a syntax error.
|
|
|
|
ok deraadt
|
|
script) did 'ifconfig <if> down' before starting dhclient(8). This was
a way of ensuring old running copies of dhclient were killed before a
new one started. Current dhclient does not need this assist, so change
"ifconfig <if> down" to "ifconfig <if> up" pending further script
optimizations.
Similar to a 2014 attempt by halex@. Prompted by a misc@ report
from Kristjan Komlosi reporting hanging diskless setups.
ok halex@ kn@
|
|
We're aiming to work towards an examples/bgpd.conf file that is a good starting
point for real world deployments rather than a showcase of all capabilities
bgpd(8) has.
OK deraadt@ claudio@
|
|
|
|
ok deraadt@, jsg@, mpi@
|
|
|
|
with the syzkaller kernel fuzzer. So far, 8 distinct panics have been found and
fixed. This effort will continue.
kcov is limited to architectures using Clang as their default compiler and is
not enabled by default.
With help from mpi@, thanks!
ok kettenis@ mpi@ visa@
|
|
OK sthen
|
|
OK deraadt@
|
|
|
|
|
|
Macros get sometimes logged so we should not encurage to use them for
sensitive data.
|
|
that, the macro used was password and if we changed it to something like
pass="secret" it would log it if the daemon was ran in verbose mode.
Hint and OK claudio@
|
|
|
|
ok deraadt
|
|
|
|
ok florian@
|
