8 files changed, 89 insertions, 43 deletions

diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
index c776a815003c..ada9094360f6 100644
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -24,7 +24,7 @@
 : ${_localbase:="$(/sbin/sysctl -n user.localbase 2> /dev/null)"}
 : ${_localbase:="/usr/local"}
 
-# rc_debug can't be set here without interferring with rc.subr's setting it
+# rc_debug can't be set here without interfering with rc.subr's setting it
 # when the kenv variable rc.debug is set.
 #rc_debug="NO"		# Set to YES to enable debugging output from rc.d
 rc_info="NO"		# Enables display of informational messages at boot.
@@ -319,8 +319,10 @@ ctld_enable="NO"		# CAM Target Layer / iSCSI target daemon.
 local_unbound_enable="NO"	# Local caching DNS resolver
 local_unbound_oomprotect="YES"	# Don't kill local_unbound when swap space is exhausted.
 local_unbound_tls="NO"		# Use DNS over TLS
-blacklistd_enable="NO"		# Run blacklistd daemon (YES/NO).
-blacklistd_flags=""		# Optional flags for blacklistd(8).
+blacklistd_enable="NO"		# Renamed to blocklistd_enable.
+blacklistd_flags=""		# Renamed to blocklistd_flags.
+blocklistd_enable="NO"		# Run blocklistd daemon (YES/NO).
+blocklistd_flags=""		# Optional flags for blocklistd(8).
 resolv_enable="YES"		# Enable resolv / resolvconf
 
 #
@@ -705,6 +707,7 @@ osrelease_enable="YES"	# Update /var/run/os-release on boot (or NO).
 osrelease_file="/var/run/os-release" # File to update for os-release.
 osrelease_perms="444"	# Default permission for os-release file.
 dmesg_enable="YES"	# Save dmesg(8) to /var/run/dmesg.boot
+dmesg_umask="022"	# Default umask for /var/run/dmesg.boot file.
 watchdogd_enable="NO"	# Start the software watchdog daemon
 watchdogd_flags=""	# Flags to watchdogd (if enabled)
 watchdogd_timeout=""	# watchdogd timeout, overrides -t in watchdogd_flags
diff --git a/libexec/rc/rc.d/Makefile b/libexec/rc/rc.d/Makefile
index f6d1a34ceb9e..3b7f45e8f101 100644
--- a/libexec/rc/rc.d/Makefile
+++ b/libexec/rc/rc.d/Makefile
@@ -111,9 +111,10 @@ AUTOFS=		automount \
 		automountd \
 		autounmountd
 
-CONFGROUPS.${MK_BLACKLIST}+=	BLOCKLIST
+CONFGROUPS.${MK_BLOCKLIST}+=	BLOCKLIST
 BLOCKLISTPACKAGE=		blocklist
-BLOCKLIST=	blacklistd
+BLOCKLIST=	blacklistd \
+		blocklistd
 
 CONFGROUPS.${MK_BLUETOOTH}+=	BLUETOOTH
 BLUETOOTHPACKAGE=		bluetooth
@@ -293,7 +294,7 @@ SSHPACKAGE=			ssh
 SSH=		sshd
 
 CONFGROUPS.${MK_UNBOUND}+=	UNBOUND
-UNBOUNDPACKAGE=			unbound
+UNBOUNDPACKAGE=			local-unbound
 UNBOUND=	local_unbound
 
 CONFGROUPS.${MK_VI}+=		VI
diff --git a/libexec/rc/rc.d/blacklistd b/libexec/rc/rc.d/blacklistd
index 5248b0ea3580..175e3e8c56b3 100755
--- a/libexec/rc/rc.d/blacklistd
+++ b/libexec/rc/rc.d/blacklistd
@@ -29,18 +29,26 @@
 #
 
 # PROVIDE: blacklistd
-# REQUIRE: netif pf
+# REQUIRE: netif ipfilter ipfw pf
 
 . /etc/rc.subr
 
 name="blacklistd"
-desc="System blacklist daemon"
+desc="The blacklist daemon has been renamed to blocklist"
 rcvar="blacklistd_enable"
 command="/usr/sbin/${name}"
 required_files="/etc/blacklistd.conf"
+start_precmd="blacklistd_prestart"
 
 # no svcj options needed
 : ${blacklistd_svcj_options:=""}
 
+blacklistd_prestart()
+{
+	echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
+	echo "@  WARNING: blacklistd has been renamed to blocklistd      @"
+	echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
+}
+
 load_rc_config $name
 run_rc_command "$1"
diff --git a/libexec/rc/rc.d/blocklistd b/libexec/rc/rc.d/blocklistd
new file mode 100755
index 000000000000..f979162ec3e0
--- /dev/null
+++ b/libexec/rc/rc.d/blocklistd
@@ -0,0 +1,46 @@
+#!/bin/sh
+#
+# Copyright (c) 2016 The FreeBSD Foundation
+#
+# This software was developed by Kurt Lidl under sponsorship from the
+# FreeBSD Foundation.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+#
+
+# PROVIDE: blocklistd
+# REQUIRE: netif ipfilter ipfw pf
+
+. /etc/rc.subr
+
+name="blocklistd"
+desc="System blocklist daemon"
+rcvar="blocklistd_enable"
+command="/usr/sbin/${name}"
+required_files="/etc/blocklistd.conf"
+
+# no svcj options needed
+: ${blocklistd_svcj_options:=""}
+
+load_rc_config $name
+run_rc_command "$1"
diff --git a/libexec/rc/rc.d/dmesg b/libexec/rc/rc.d/dmesg
index 51e35d5d4e80..736449f3b159 100755
--- a/libexec/rc/rc.d/dmesg
+++ b/libexec/rc/rc.d/dmesg
@@ -19,7 +19,7 @@ stop_cmd=":"
 do_dmesg()
 {
 	rm -f ${dmesg_file}
-	( umask 022 ; /sbin/dmesg $rc_flags > ${dmesg_file} )
+	( umask "${dmesg_umask}" ; /sbin/dmesg $rc_flags > ${dmesg_file} )
 }
 
 load_rc_config $name
diff --git a/libexec/rc/rc.d/hostapd b/libexec/rc/rc.d/hostapd
index 264cb4ef476b..15b20c95c488 100755
--- a/libexec/rc/rc.d/hostapd
+++ b/libexec/rc/rc.d/hostapd
@@ -11,15 +11,6 @@
 name="hostapd"
 desc="Authenticator for IEEE 802.11 networks"
 command=${hostapd_program}
-start_postcmd="hostapd_poststart"
-
-hostapd_poststart() {
-	if [ -n "$ifn" ]; then
-		ifconfig ${ifn} down
-		sleep 2
-		ifconfig ${ifn} up
-	fi
-}
 
 ifn="$2"
 if [ -z "$ifn" ]; then
diff --git a/libexec/rc/rc.d/virtual_oss b/libexec/rc/rc.d/virtual_oss
index 4f5c34ce03f3..b9c830617385 100644
--- a/libexec/rc/rc.d/virtual_oss
+++ b/libexec/rc/rc.d/virtual_oss
@@ -1,8 +1,8 @@
 #!/bin/sh
 
 # PROVIDE: virtual_oss
-# REQUIRE: kld ldconfig
-# BEFORE: LOGIN sndiod
+# REQUIRE: NETWORKING kld ldconfig
+# BEFORE: LOGIN
 # KEYWORD: shutdown
 
 . /etc/rc.subr
diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
index 6be226021949..e4ad14f582d6 100644
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -121,11 +121,22 @@ dotted=
 dot()
 {
 	local f verify
+	local dot_dir dot_file
 
 	o_verify_set off verify
 	for f in "$@"; do
 		if [ -f $f -a -s $f ]; then
 			dotted="$dotted $f"
+			case $f in
+			*/*)
+				dot_dir=${f%/*}
+				dot_file=${f##*/}
+				;;
+			*)
+				dot_dir=.
+				dot_file=$f
+				;;
+			esac
 			. $f
 		fi
 	done
@@ -152,8 +163,7 @@ vdot()
 	for f in "$@"; do
 		[ -f $f -a -s $f ] || continue
 		if is_verified $f 2> /dev/null; then
-			dotted="$dotted $f"
-			. $f
+			dot $f
 		else
 			rc=80	# EAUTH
 		fi
@@ -792,31 +802,18 @@ sort_lite()
 #
 wait_for_pids()
 {
-	local _list _prefix _nlist _j
+	local _list _prefix _j
 
-	_list="$@"
-	if [ -z "$_list" ]; then
-		return
-	fi
-	_prefix=
-	while true; do
-		_nlist=""
-		for _j in $_list; do
-			if kill -0 $_j 2>/dev/null; then
-				_nlist="${_nlist}${_nlist:+ }$_j"
-			fi
-		done
-		if [ -z "$_nlist" ]; then
-			break
+	for _j in "$@"; do
+		if kill -0 $_j 2>/dev/null; then
+			_list="${_list}${_list:+ }$_j"
 		fi
-		_list=$_nlist
+	done
+	_prefix=
+	while [ -n "$_list" ]; do
 		echo -n ${_prefix:-"Waiting for PIDS: "}$_list
 		_prefix=", "
-		pwait -o $_list 2>/dev/null
-		# At least one of the processes we were waiting for
-		# has terminated.  Give init a chance to collect it
-		# before looping around and checking again.
-		sleep 1
+		_list=$(pwait -op $_list 2>/dev/null)
 	done
 	if [ -n "$_prefix" ]; then
 		echo "."