| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The zfskeys service script starts before the zfs service script, so that
dataset decryption keys are available when `zfs mount -a` is run. One of
the potential edge cases of this design is that if a key is stored on
ZFS it won't be loaded until `zfs mount -a` is issued.
In order to address that let's try to load the additional keys and mount
related ZFS datasets after the zfs script finishes its standard mounting
procedure.
PR: 262468
Reported by: Graham Perrin <grahamperrin@gmail.com>
Reviewed by: allanjude
Approved by: re (delphij)
Approved by: allanjude (src)
Fixes: 33ff39796ffe Add zfskeys rc.d script for auto-loading encryption keys
Sponsored by: Modirum
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D34601
(cherry picked from commit 97aeda2243568b386d792514996a06daec55eece)
(cherry picked from commit 2411090f69401998569f24144b08ffc050e3cebc)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Using /etc/jail.{jailname}.conf is nice, however it makes /etc/ very
messy if you have many jails. This patch allows one to move these
config files out of the way into /etc/jail.conf.d/{jailname}.conf.
Note that the same caveat as /etc/jail.*.conf applies: the jail service
will not autodiscover all of these for starting 'all' jails. This is
considered future work, since the behavior matches.
(cherry picked from commit 7955efd574b98601a95da45d6d8e7f452631fddd)
|
| |
|
|
|
|
|
| |
PR: 262194
Fixes: f90218886fc8 ("rtld: introduce PRELOAD_FDS")
(cherry picked from commit 6c799530d8dc91d4e5c390274b8a27231f369a56)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously it depended on sysctl, which itself has no dependencies,
so rcorder(8) had a bit too much flexibility when choosing when to run
it. Make sure it runs just between 'fsck' and 'root'.
Reviewed By: jmg, imp
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D29748
(cherry picked from commit b68e6569221ecade8899eaab8e1b088947ef2f8a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, if the linux service is run twice, mount(8) fails with:
mount: linprocfs: Device busy
mount: linsysfs: Device busy
mount: devfs: Device busy
mount: fdescfs: Device busy
mount: tmpfs: Device busy
It is a bit more user-friendly if before running mount(8) the service
checks if there are any file systems left to be mounted. This patch
implements this behavior.
Also, while here, create mount points directories (as suggested by
otis).
Reviewed by: trasz
Approved by: trasz (src)
Differential Revision: https://reviews.freebsd.org/D32463
(cherry picked from commit 5690261858b6bd8f7d09eda2ae74f3def2d69a01)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Arno Tuber reported via email that he needed to restart the gssd daemon
after booting, to get his Kerberized NFS mount to work.
Without this patch, rcorder shows that the gssd starts before NETWORKING
and kdc. The gssd will need NETWORKING to connect to the KDC and, if
the kdc is running on the same system, it does not make sense to start it
before the kdc. This fixed the problem for Arno.
While here, I also added a "# BEFORE: mountcritremote".
It does not affect ordering at this time, but I felt
it should be added, since the gssd needs to be running
when remote NFS mounts are done.
PR: 261939
(cherry picked from commit 0f5e9425e74b0e0ecf60c293525a307a6e709967)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This addresses the following boot message:
/etc/rc: WARNING: $zfskeys_enable is not set properly - see rc.conf(5).
Reported by: Mark Millard
Sponsored by: Modirum MDPay
Sponsored by: Klara Inc.
Fixes: bfb7a31b6a22 ("rc: Hook zfskeys to the build")
Fixes: 33ff39796ffe ("Add zfskeys rc.d script for auto-loading encryption keys")
(cherry picked from commit 6596f19daa42d5b968030e08826542c704533b73)
|
| |
|
|
| |
(cherry picked from commit b1b517412342f336a8e6d153130b2f4110e0285b)
|
| |
|
|
| |
(cherry picked from commit 55abf23dd36b2fa1499bd6806ce4c9510f7a4ee5)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes a minor annoyance with Linux jails, where you often
want linux_mounts_enable="NO", yet you want those filesystems
available for mounting in jails; normally mount(8) would result
in kernel automatically loading the KLD, but this doesn't work
inside jails or chroots.
PR: 242955
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D29725
(cherry picked from commit 45aec46246fe61a3f45cf7da1c80850dc226f609)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support loading a default pf ruleset in case of invalid pf.conf.
If no pf rules are loaded pf will pass/allow all traffic, assuming the
kernel is compiled without PF_DEFAULT_TO_DROP, as is the case in
GENERIC.
In other words: if there's a typo in the main pf_rules we would allow
all traffic. The new default rules minimise the impact of this.
If $pf_program (i.e. pfctl) fails to set $pf_fules and
$pf_fallback_rules_enable is YES we will load $pf_fallback_rules_file if
set, or $pf_fallback_rules.
$pf_fallback_rules can include multiple rules, for example to permit
traffic on a management interface.
$pf_fallback_rules_enable defaults to "NO", preserving historic behaviour.
man page changes by ceri@.
PR: 256410
Reviewed by: donner, kp
Sponsored by: semaphor.dk
Differential Revision: https://reviews.freebsd.org/D30791
(cherry picked from commit 28f47a199cfd8749ab30a0327b0a3f8977ec2b43)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a use sets umask in login.conf(5) to 027 or 077 a subsequently
fetched /var/db/ntpd.leap-seconds.list will inherit the permissions
allowed by the umask, resulting in a file that may not be readable
ntpd running under the ntp account. This patch adds a umask command
to preempt the umask in login.conf(5) prior to fetching a new copy
of the leap-seconds file.
PR: 261298
Reported by: Martin Waschbusch <martin@waschbuesch.de>
(cherry picked from commit c6806434e79079f4f9419c3ba4fec37efcaa1635)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This fixes a problem where ctld(8) would refuse to start on boot
with a specific IP address to listen on configured in ctl.conf(5).
It also fixes a problem where ctld(8) would fail to start with
some network interfaces which require a sysctl.conf(5) tweak
to configure them, eg to switch them from InfiniBand to IP mode.
PR: 232397
(cherry picked from commit 015351de04e3e621cff825cc1fdad5faf078c3ac)
|
| |
|
|
|
|
|
|
|
| |
CONFGROUPS needs to be in CAPS
Fixes: a30235a4c360 ("pkgbase: Create a FreeBSD-kerberos package")
Reported by: kp
(cherry picked from commit 860ee1792a6b37cc531fcae94c2144c8d62e8fc2)
|
| |
|
|
|
|
|
|
|
|
| |
And put ftpd into it.
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33453
(cherry picked from commit 20cd6e315e05a76ee0b745a029ebfd4a79d98e55)
|
| |
|
|
|
|
|
|
|
|
|
| |
And put the tcp-wrapper utilities in it.
Reviewed by: emaste
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33439
(cherry picked from commit 078b764da3a12c354b331764c6b86886f2464960)
|
| |
|
|
|
|
|
|
|
|
|
| |
Move some needed binaries/libs from FreeBSD-utilities to FreeBSD_runtime.
This is everything needed to boot to multiuser with FreeBSD-rc installed.
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33435
(cherry picked from commit 93c43690960274dd3bb67b1ee0f1dd3ca4d13def)
|
| |
|
|
|
|
|
|
|
|
|
| |
YP is less and less used, split them to users have the choice to not
install them.
MFC after: 2 weeks
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33441
(cherry picked from commit 5abb10faa1ff471b45ac4f49ace2b79cc57d7c3c)
|
| |
|
|
|
|
|
|
| |
Put all hyperv utilities in it.
Differential Revision: https://reviews.freebsd.org/D31805
(cherry picked from commit db953e8b97756df2d6907408388952bcc301c762)
|
| |
|
|
|
|
|
|
|
| |
This allows users to install or not kerberos related utilities
and libs.
Differential Revision: https://reviews.freebsd.org/D31801
(cherry picked from commit a30235a4c360c06bb57be1f10ae6866a71fb5622)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
both telnet and telnetd aren't that useful nowadays but some
might want them.
Create a FreeBSD-telnet package so users have a choice to have
them or not.
Differential Revision: https://reviews.freebsd.org/D31791
Reviewed by: emaste
(cherry picked from commit c7fd29f0f29ae3eb9d86cc019f6c1bab35634548)
|
| |
|
|
| |
(cherry picked from commit c210ef1347929cb3a0f46cdfdb3d4ad738e3af74)
|
| |
|
|
| |
(cherry picked from commit 01c77a436e35d6dc9660ec7bac477946f563c99d)
|
| |
|
|
|
|
|
|
|
|
| |
In network6_getladdr() we are iterating over inet6 lines and are not
interested in any others. So tell ifconfig to limit output to "inet6"
as much as possible.
This is probably a micro-optimisation but was noticed while looking
at other IPv6-related boot-time improvements.
(cherry picked from commit e448ff6f0e8035c3dd5b7bd0872f3f0d91c4e0d0)
|
| |
|
|
|
|
|
|
|
|
| |
Like wpa_supplicant, hostapd does not automatically UP the interface
when configured. The fix is similar to 5fcdc19a8111.
Reported by: avg
Tested by: avg
(cherry picked from commit 0da2c91e64528d896f69d36670e25b4b4a140579)
|
| |
|
|
| |
(cherry picked from commit 63fc4e820c86f5dedb80cc31b7918deb284b455e)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Parentheses added to HASZERO macro to avoid a GCC warning, and formatted
with clang-format as we have adopted these and don't consider them
'contrib' code.
Obtained from: musl (snapshot at commit 4d0a82170a25)
Reviewed by: kib (libc integration), mjg (both earlier)
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D17630
(cherry picked from commit 7f72497ef756ff7d03d5560c2d1c1f92f73fcb52)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This disables the random (between zero and one seconds) delay before
rtsol and rtsold send a a Router Solicitation packet. This delay is
specified as a SHOULD by RFC 4861 for avoidance of network congestion,
but network speeds have increased enough in the 25 years since this
first appeared (in RFC 1970) that it seems unnecessary as a default
at this point.
This speeds up the FreeBSD boot process by an average of 500 ms.
Reviewed by: kp
Relnotes: yes
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D33089
(cherry picked from commit e29711da2352dae50c575ab884399a6147e9444d)
|
| |
|
|
|
|
|
|
|
|
| |
Reviewed by: allanjude
Approved by: allanjude (src)
MFC after: 3 days
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D33230
(cherry picked from commit bfb7a31b6a22f4a2c6fb9881bd1e3ae7523a2290)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Variables must be quoted if they contain non-alphanumeric characters.
Warner noted in the review that the lack of quoting causing problems
here is rather an edge case. I believe that it's worth adding the quotes
here anyway because this is what the specification says and there is no
good reason not to follow it.
Reviewed by: imp
Approved by: imp (src)
MFC after: 7 days
(cherry picked from commit 169e06fa7852810f4ced2cce7a3c14ca9443bf39)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since vfs.nfsd.srvmaxio can only be set when nfsd.ko
is loaded, but nfsd is not running, setting it in
/etc/sysctl.conf is not feasible when "options NFSD"
was not specified for the kernel.
This patch adds a new rc variable nfs_server_maxio,
which sets vfs.nfsd.srvmaxio at the correct time.
rc.conf.5 will be patched separately.
(cherry picked from commit 5509bad74e44eed3b9d54fbd74d3752b88428147)
|
| |
|
|
| |
(cherry picked from commit f340188625d4e0e4db850becb0a9b25448053e10)
|
| |
|
|
|
|
|
|
|
| |
Both rctl and used xargs utility live in /usr/bin
so add REQUIRE: FILESYSTEMS
Reported by: Peter <pmc@citylink.dinoex.sub.org>
(cherry picked from commit 0c54fe172ad365e7e60d6249484a7579c18b7d2d)
|
| |
|
|
|
|
| |
on format
(cherry picked from commit b61bce17f346d79cecfd8f195a64b10f77be43b1)
|
| |
|
|
| |
(cherry picked from commit 3a902ef253853e367bd755222ed8fe4f101fbf2c)
|
| |
|
|
| |
(cherry picked from commit 64ba1f4cf3a6847a1dacf4bab0409d94898fa168)
|
| |
|
|
| |
(cherry picked from commit 77c088ab2109a376b71decce80e89d4f20ef8223)
|
| |
|
|
| |
(cherry picked from commit 74aec9618fd709513ef2d319598dd82801c29726)
|
| |
|
|
| |
(cherry picked from commit c5637b8be8a5b6aaf663a58b0027f7f924d78b04)
|
| |
|
|
| |
(cherry picked from commit 8363963a8f3fc8226b1e3aa627e2fdd09688704e)
|
| |
|
|
|
|
|
|
|
|
| |
This has the effect of installing the same file twice at the same location
and confuse pkgbase as we add this file twice in the package config part.
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
(cherry picked from commit d0f0e0bd741af867582ceede8ac1b0aec90eae2d)
|
| |
|
|
|
|
|
|
|
|
|
| |
5fcdc19a8111 didn't fully resolve the issue. There remains a report
that an ifconfig wlan0 up by itself is insufficient. Ifconfig down
must precede it.
Reported by: Filipe da Silva Santos <contact _ shiori_com_br>
Fixes: 5fcdc19a8111
(cherry picked from commit d06d7eb09131edea666bf049d6c0c55672726f76)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some installations may experience CTRL-EVENT-SCAN-FAILED when
associating to an AP. Installations that specify
ifconfig_wlan0="WPA ... up" in rc.conf do not experience
the problem whereas those which specify ifconfig_wlan0="WPA" without
the "up" will experience CTRL-EVENT-SCAN_FAILED.
However those that specify "up" in ifconfig_wlan0 will be able to
reproduce this problem by service netif stop wlan0;
service netif start wlan0. Interestingly The service netif stop/start
problem is reproducible on the older wpa 2.9 as well.
Reported by: dhw
Reported by: "Oleg V. Nauman" <oleg _ theweb_org_ua>
Reported by: Filipe da Silva Santos <contact _ shiori_com_br>
Reported by: Jakob Alvermark <jakob _ alvermark_net>
(cherry picked from commit 5fcdc19a81115d975e238270754e28557a2fcfc5)
|
| |
|
|
| |
(cherry picked from commit 40ddde6ef9f38fd238fd1d84d77750f96c96a157)
|
| |
|
|
| |
(cherry picked from commit 33dba3bb0ec2a0f0a401bed145cc0ef95f37a5c3)
|
| |
|
|
| |
(cherry picked from commit a7d137fcbcac7182d4fcdc97a46b10edc5c7041d)
|
| |
|
|
|
|
| |
PR: 259076
(cherry picked from commit 73dddffc3175581ba99f6ced9a2e508a0e880e59)
|
| |
|
|
|
|
| |
PR: 259076
(cherry picked from commit 19e008e7f79ce55182d227be8513b3fa520471d8)
|
| |
|
|
| |
(cherry picked from commit 0b72d2965d68113bce16f6cccea77257283ef0a7)
|
| |
|
|
| |
(cherry picked from commit ba7f9c1b61329630af25e75cdaca261b389318c7)
|
