| Age | Commit message (Collapse) | Author |
|---|
|
|
|
As of usr.bin/xinstall/install.c revision 1.68, -S is a no-op and
install(1) will always create files safely, thus clean the option usage
from the tree.
Diff from Lauri Tirkkonen <lotheac at iki dot fi>, thanks.
|
|
Loop over df(1)'s output directly, ensure the resulting list of block
devices is unique to avoid later duplicity checks and redundant mount(8)
invocations.
This allows direct bail out on invalid types and simpler saving for later
remount.
OK deraadt
|
|
ok deraadt@
|
|
OK sthen
|
|
changing timestamps we can track it in /etc/changelist.
OK sthen
|
|
|
|
|
|
|
|
correctly itself now. At leat considering the end of life times of
OpenBSD releases and the speed at which the root key signing key (KSK)
rolls.
On the other hand, unbound-anchor assumes a certain network quality
which we cannot guarantee in places where we want to run unwind(8).
This in turn can lead to unbound-anchor stalling the boot process.
|
|
|
|
|
|
Note that unwind(8) works without a config file in many (most?) cases.
This provides an example on how to use the captive portal detection
feature.
Input benno
Input & OK sthen
|
|
|
|
|
|
|
|
ok florian@
|
|
ok deraadt@ florian@
|
|
re-commit now that snapshots are over the bump.
OK deraadt
|
|
found the hard way by deraadt
|
|
|
|
|
|
|
|
ok deraadt@, visa@
|
|
suggested by and ok deraadt@ ("I think we never hang there anymore")
|
|
macros with spaces in them. With and OK ajacoutot
|
|
|
|
|
|
sure pexp matches the process (i.e. doesn't include the quotes).
It's a bit hackish but it allows things like these in rc.conf.local:
relayd_flags=-D IPS="1.2.3.4 2.3.4.5"
And we properly end up with...
$ grep ^pexp /var/run/rc.d/relayd
pexp=/usr/sbin/relayd -D IPS=1.2.3.4 1.2.3.5
... which matches what is in the process list:
root 14217 <snip> 0:00.01 /usr/sbin/relayd -D IPS=1.2.3.4 1.2.3.5
There's always the possibility that we have introduced a regressions with hand
crafted functions in rc.d scripts (mostly from packags), so watch out.
reported by and debugged with claudio@
|
|
|
|
|
|
Many arm64 systems use device trees instead of ACPI and acpidump is
expectected to fail on those systems. And vmm(4) doesn't provide ACPI
information either.
ok deraadt@
|
|
agreement url in here we no longer need to updated it all the time.
OK deraadt
|
|
|
|
OK florian@ sthen@
|
|
enable dnssec validation, it's really useful for debug
|
|
|
|
default upstream in 1.7.2 (picked up by us with the update to 1.7.3).
ok florian@
|
|
prefix" address instead - there are so many available with varying
policies that this isn't a good place to list them (and might imply
some kind of recommendation which is not intended).
Particularly prompted by several on the previous list (he.net and opendns)
strip RRSIG from results which cause DNSSEC failures now that validation
is enabled in the example config as noticed by solene@.
While there, shrink qname-minimisation comment to match other nearby
comments, and drop dns64 example which is quite a specialist use case
and not really needed in this basic example.
|
|
Requested by & OK claudio
Input & OK sthen
OK job, solene
Various commenting that they run with validation since a long time
without issues.
|
|
is correct format
|
|
or-longer at useage time.
ok job benno
|
|
Cluebat and OK deraadt@
|
|
|
|
semarie found a few regressions with daemon that will fail if cwd is not
accessible.
|
|
- drop `-'l' to prevent simulating a full login and running /root/.profile
(prodded by a mail from J Greely)
- use `-m' to preserve the environment because we now set HOME to "/" like
/etc/rc does; note that we now also clear the environment using `env -i' before
running su(1) which leaves us with only HOME, PATH and SHELL
Committing early to catch regressions fast, if any.
ok halex@
|
|
This is also be used to simplify the vmd rc stop script.
OK mlarkin@ ccardenas@
|
|
|
|
|
|
|
