summaryrefslogtreecommitdiff
path: root/etc
AgeCommit message (Collapse)Author
2019-09-18Correct sysctl section is 2solene
ok jmc millert
2019-09-18Add explanation about the default value of sysctl keysolene
machdep.pwraction ok jmc millert
2019-09-15Add ttyC4 to lost of devices to change when logging in on ttyC0 (and inMark Kettenis
some cases also the serial console) such that X can use it as its VT when running without root privileges. ok jsg@, matthieu@
2019-09-09Inform about system call memory write protection and stack mappingAlexander Bluhm
violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
2019-09-08Bump datasize-cur to 4Gb for pbuild class on sparc64, rust is a pig.Landry Breuil
ok semarie@
2019-09-07Remove dependency on basename(1).Antoine Jacoutot
prodded by deraadt@ ok kn@ deraadt@ tb@
2019-08-25space -> tabsAntoine Jacoutot
ok deraadt@ kn@
2019-08-19The piggies have outgrown their pen again: Firefox 69 will no longerChristian Weisgerber
build in 5 GB of memory. Bump default datasize for pbuild to 6 GB. ok landry@ ajacoutot@
2019-08-19add 6.7 syspatch keyRobert Nagy
2019-08-12Add the rpki TAL files to the changelist including arin.tal (which is notClaudio Jeker
shipeed by default). OK job@ sthen@ deraadt@
2019-08-12There is no reason why the TAL files are installed only readable by rootClaudio Jeker
these are public files. Agreed by deraadt@ (and florian@)
2019-08-10move to 6.6-betaTheo de Raadt
2019-08-09add 6.7 firmware keyStuart Henderson
2019-08-06oops, 6.7, spotted by tedu well in advance of it becoming an issueTheo de Raadt
2019-08-056.7 packages keyChristian Weisgerber
2019-08-04Revise the way how the octeon bootloader is built. The originalVisa Hankala
approach was not right, and there is still room for improvement. OK deraadt@
2019-08-03good idea to make next-generation keys available well before heading into ↵Theo de Raadt
release.
2019-07-28Link octeon bootloader to the build.Visa Hankala
OK deraadt@
2019-07-28Add a dedicated ramdisk entry for the octeon bootloader to reduceVisa Hankala
the size of the "boot" file. OK deraadt@
2019-07-27man5/sparc64 is now required (on all arch)Theo de Raadt
2019-07-26standard DoT port is 853 not 953; from myportslist20190323 at nym.hush.comStuart Henderson
2019-07-25Show unveil(2) violators in lastcomm(1) output and daily mail.Alexander Bluhm
input Janne Johansson, schwarze@; OK deraadt@ millert@
2019-07-24Stop using reserved words in the smtpd.conf configuration exampleskmos
in the default smtpd.conf and smtpd.conf(5) manual page. This eliminates ambiguity in our documentation examples that can cause confusion. Input and OK deraadt@ schwarze@ kn@
2019-07-17regenVisa Hankala
2019-07-17Add a bootloader for octeon.Visa Hankala
The firmware on OCTEON machines usually does not provide an interface for accessing devices, which has made it tricky to implement an OpenBSD bootloader. To solve this device access problem, this new loader has been built on top of a small kernel. The kernel provides all the necessary devices drivers, while most of the usual bootloader logic is in a userspace program in a ramdisk. The loader program is accompanied by a special device, octboot(4). The main purpose of this device is to implement a mechanism for loading and launching kernels. The mechanism has been inspired by Linux' kexec(2) system call. The bootloader will be enabled later when it is ready for general use. Discussed with deraadt@
2019-07-15Add tls-cert-bundle and example of using a DNS-over-TLS forwarder.Darren Tucker
Note that, at this time, Unbound does not re-use TLS connections (https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4089) so the TCP and TLS handshakes will cause a disproportiate increase in latency compared to UDP. ok sthen@ florian@
2019-07-04add server time.cloudflare.com.Theo de Raadt
- Cloudflare have very good adjacency (if PCH did anycast ntp, we'd use it) - As ntp input, it is great they don't leapsmear - Not all their nodes do ntp, hope they succeed at scaling that up - ntpd constrains (un-auth) ntp packets within a TLS constraint window so there is no downside (unlike pool.ntp entries which slowly decay but that's a story for another commit..) ok otto
2019-06-28miniroot prototype disklabels should attempt to contain accurateTheo de Raadt
prototype information (in this case, the miniroot-building code is completely lovecraft)
2019-06-19move tals to /etc, where they can be upgraded by a "sysupgrade" ifTheo de Raadt
such a circumstance ever occurs. ok job
2019-06-11regenJoshua Stein
2019-06-11make 10 wsmouse devicesJoshua Stein
for anything other than a regular old mouse, X needs to be able to directly talk to the device and newer machines can have all kinds of touchscreens, pen devices, touchpads, etc. ok deraadt
2019-06-08grow sparc64 miniroot a littleTheo de Raadt
2019-06-07Switch to v02 api url.Florian Obser
2019-06-02spelling/grammar fixes; from larry hynesJason McIntyre
2019-05-27add vulkan dirsJonathan Gray
2019-05-12Stop generating keys for nsd-control(8). These are unused since nsd wasTim van der Molen
switched to using a local control socket by default. OK florian@ sthen@
2019-05-12Add first drm render node to list of devices to change when logging inJonathan Gray
on ttyC0. While here add drm0 to loongson and add the complete set of wscons and drm devices to arm64. ok kettenis@
2019-05-11socppc makes an extended visit to the bigbucket.Theo de Raadt
ok kettenis
2019-05-10few can remember what apm wasSebastian Benoit
ok deraadt@
2019-05-10ld.so boot cleanup support:Philip Guenther
- put functions and data which are only used before calling the executable's start function into their own page-aligned segments for unmapping (only done on amd64, arm64, armv7, powerpc, and sparc64 so far) - pass .init_array and .preinit_array functions an addition argument which is a callback to get a structure which includes a function that frees the boot text and data - sometimes delay doing RELRO processing: for a shared-object marked DF_1_INITFIRST do it after the object's .init_array, for the executable do it after the .preinit_array - improve test-ld.so to link against libpthread and trigger its initialization late libc changes to use this will come later ok kettenis@
2019-05-10syncStuart Henderson
2019-05-10vmm(4) was removed from share/man/man8/man8.i386/MAKEDEV.8 but not theStuart Henderson
input file or MAKEDEV script itself; sync up the input file. req by jmc@
2019-05-02pbuild class: bump datasize and maxproc; these should be sufficient forAntoine Jacoutot
running a ports bulk without bumping anything else (matches what's on amd64.ports and exopi) ok sthen@ phessler@ espie@ naddy@
2019-04-26no more libFSMatthieu Herrb
2019-04-26Import regenerated moduli.Darren Tucker
2019-04-26we stopped making floppies a while agoTheo de Raadt
2019-04-1463 keys no longer usefulTheo de Raadt
2019-04-14syncJonathan Gray
2019-04-14create drm render node devicesJonathan Gray
2019-04-05Fix hack(6).Anthony J. Bentley
- Write savegames and scorefiles to the current directory instead of /var - Save oc_name and oc_descr alongside oc_uname in all situations - When a levitation potion times out, explicitly float down These patches were contributed last year by "tonypony76"; thanks! ok deraadt@, with added enthusiasm from tedu@