| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running an rc command, if the target rc script defines
<command>_cmd, e.g., start_cmd=..., then the run_rc_command() executes
that instead of $command. In general it's a shell function, and
"cpuset -l <n> <shell function>" doesn't work.
Moreover, it doesn't really make sense to run cpuset for anything other
than start_cmd.
Other optional isolation mechanisms (e.g., <name>_fib,
<name>_chroot) are only used when invoking $command directly as part of
the "start" command. Make <name>_cpuset consistent with everything else
by removing these extraneous cpuset invocations.
Reviewed by: 0mp
MFC after: 2 weeks
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D53746
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifically, make this code fit in fewer columns:
- deindent cases to conform to the usual style,
- use a local variable to minimize duplication in each case.
No functional change intended.
Reviewed by: 0mp, netchild
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D53754
|
| |
|
|
|
|
|
|
|
|
|
| |
This updates the nuageinit man page by aligning mentions of the
cloud-config header line with the cloud-init documentation[0], removing
an unwanted "!" character.
[0] https://docs.cloud-init.io/en/latest/explanation/about-cloud-config.html#how-do-i-create-a-cloud-config-file
Signed-off-by: Jonathan Matthews <freebsd@hello.jonathanmatthews.com>
Differential Revision: https://reviews.freebsd.org/D53706
|
| |
|
|
|
|
|
| |
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Reviewed by: imp, markj, emaste
Differential Revision: https://reviews.freebsd.org/D53616
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This periodic script only makes sense if mandoc is installed, so move
it to the mandoc package like other periodic scripts.
/usr/libexec/makewhatis.local only exists for the enjoyment of this
script, and doesn't work without mandoc installed, so move that as
well.
This change moves files between packages so, until we have a proper
policy on how to handle this in release/stable branches, it should
not be MFC'd.
MFC after: never
Reviewed by: ziaee, manu
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D53609
|
| |
|
|
|
|
|
|
|
|
|
| |
Commit 9065390ddc7b moved atf to its own package, but mistakenly moved
the tests as well. Put the tests back into the test package.
Fixes: 9065390ddc7b ("packages: Remove the tests-dev package")
MFC after: 1 day
Reviewed by: emaste
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D53594
|
| |
|
|
|
|
|
|
|
| |
Files read by '.' cannot workout for themselves where they are
or what they are called, so set dot_dir and dot_file to pass
this information to them.
Reviewed by: obrien, stevek
Differential Revision: https://reviews.freebsd.org/D53476
|
| |
|
|
|
|
|
|
|
|
|
| |
Instead of sleeping after pwait returns, use its new -p option to
obtain the list of processes that still have not terminated.
MFC after: 3 days
PR: 290357
Fixes: 5953e7c98427 ("rc.subr: Move the sleep in wait_for_pids")
Reviewed by: 0mp, markj
Differential Revision: https://reviews.freebsd.org/D53294
|
| |
|
|
|
|
|
|
|
|
|
| |
This reverts commit 2347ca21d657121670e6e7246c6ac32efc996cac.
A fix has been implemented in 99560fe98c76 ("pfctl: Do not warn if there
is no Ethernet anchor").
Revert this commit to avoid having differences with upstream.
MFC after: 2 days
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 67ade69eb6079887215db1fde86eba2fb8e2acf7.
A fix has been implemented in a943a96a50ba ("libpfctl: Fix displaying
deeply nested anchors").
Revert this commit to avoid having differences with upstream.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The blocklist daemon depends on a packet filter in order to block.
Add all supported packet filters to the REQUIRE line, not just pf, to
indicate rcorder(8) that it should start after the packet filter service
has started.
While here, change the mode of the rc file to include the executable
bit, just like the rest of the files in the rc.d source directory.
Reviewed by: 0mp
MFC after: 2 days
Differential Revision: https://reviews.freebsd.org/D53364
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
flua is a standalone third-party component that deserves its own
package. In particular, this means things can use flua without
having to depend on FreeBSD-utilities, which will be useful as
more base utilities use flua.
This saves ~500kB in FreeBSD-utilities for systems which don't
need flua.
MFC after: 3 days
Reviewed by: kevans
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D53161
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It has been reported as PR 290478. In the meantime, just sweep under
the carpet.
It is worth noting that neither commit:
2347ca21d657 ("blocklist-helper: Silence a bogus pf warning")
nor this one will be upstreamed, as this is a FreeBSD-specific issue.
PR: 290478
MFC after: 2 days
|
| |
|
|
|
|
|
|
|
|
|
|
| |
bfb202c4554a addresses the CTRL-EVENT-SCAN-FAILED. Upstream d807e289d
caused FreeBSD regression in driver_bsd.c, which this rc.d patch
worked around. As of bfb202c4554a this workaround is no longer needed.
052211e08c0e implemented this change for wpa_supplicant but not for
hostapd.
Reported by: avg
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow umask to be configurable.
Being able to set the umask via an rc variable is useful when setting:
security.bsd.unprivileged_read_msgbuf=0
As it allows a user to configure:
dmesg_umask="066"
Without modifying the rc script, and preventing the contents of the
$dmesg_file (/var/run/dmesg.boot) from being publicly readable.
PR: 272552
Reviewed by: netchild
MFC after: 2 days
Differential Revision: https://reviews.freebsd.org/D53169
|
| |
|
|
|
|
| |
Reviewed by: emaste
MFC after: 2 days
Differential Revision: https://reviews.freebsd.org/D53168
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This more accurately reflects its purpose, and its contents, since
everything in the package is prefixed with "local-".
While here, add a message on upgrade about regenerating the config.
MFC after: 3 seconds
Requested by: des
Reviewed by: des
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D53056
|
| |
|
|
|
|
|
|
|
|
| |
Silence a bogus warning about (an ethernet) anchor not being found.
It has been reported as PR 280516. In the meantime, just sweep under
the carpet.
Approved by: emaste (mentor)
MFC after: 2 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up upstream rename from blacklist to blocklist.
- Old names and rc scripts are still valid, but emitting an ugly warning
- Old firewall rules and anchor names should work, but emitting an ugly
warning
- Old MK_BLACKLIST* knobs are wired to the new ones
Although care has been taken not to break current configurations, this
is a large patch containing mostly duplicated code. If issues arise, it
will be swiftly reverted.
Reviewed by: ivy (pkgbase)
Approved by: emaste (mentor)
MFC after: 2 days
Relnotes: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
sndiod is part of audio/sndio, so we should avoid referencing a port
utility from base.
We should also require NETWORKING for the service to start, since
virtual_oss can be configured to send audio through the network.
Sponsored by: The FreeBSD Foundation
MFC after: 1 day
Reviewed by: des, markj, emaste
Differential Revision: https://reviews.freebsd.org/D53019
|
| |
|
|
|
|
| |
Reviewed by: des
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D52954
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
After commit 900bc0206348, zpool depends on mountcritlocal. zpoolreguid
and zpoolupgrade depend on zpool and want to run before mountcritcycle,
so we have a pair of cycles.
Update zpoolreguid and zpoolupgrade to avoid this.
Reviewed by: des
MFC after: 3 days
Fixes: 900bc0206348 ("rc.d/zpool: change mountcritlocal dep from BEFORE to REQUIRE")
Differential Revision: https://reviews.freebsd.org/D52953
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Replace .if statements with CONFGROUPS.${MK_FOO} where possible,
and also sort and re-indent the file for readability.
A couple of more complicated sections don't work with CONFGROUPS.yes
yet, so leave those as they are for now.
MFC after: 1 week
Reviewed by: imp
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D52974
|
| |
|
|
|
|
|
|
|
| |
Disable if IPv6 is not supported, and instead of 10 seconds, default to
one more than the value of net.inet6.ip6.dad_count.
Fixes: 5ead817c3b7a ("rc: Teach netwait to wait for DAD")
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D52905
|
| |
|
|
|
|
|
|
|
| |
Local tree pollution let this escape. *sigh*.
Pointy hat: kevans
Pointy hat: kevans
Pointy hat: kevans
Fixes: 9c7db0931d486ce ("flua: move lposix back into flua for now")
|
| |
|
|
|
|
|
| |
nuageinit largely already did this, but one spot was missed -- add the
necessary require() in to get the module loaded.
Fixes: b11a5709ec2b6 ("flua: kick out the remaining builtin modules")
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The real luaposix is structured differently, and our builtin version
tends to model that in its own special way. Build it back in until we
get the shlib model just right to unbreak nuageinit, among other things.
This is a partial revert of the below-referenced commit; the other two
modules are simple, though, and were accurately split out.
Reported by: markj
Fixes: b11a5709ec2b6 ("flua: kick out the remaining builtin modules")
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Bootstrap flua has some magic now to handle modules by building them in
and discovering them via linker sets. This is slightly cleaner than
always building them in and baking them into loadedlibs for both
bootstrap and system flua.
Adjust the stand build now that these three libs have their own new
homes.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D51891
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This version builds every module into the flua binary itself, since all
of the bootstrap tools are built -DNO_SHARED. As a result, we also
cannot dlsym(), so we can't really discover the names of our newly
builtin modules. Instead, just build out a linker set with all of our
luaopen_*() functions to register everything up-front.
Building in all of the modules isn't strictly necessary, but it means
that we have an example of how to add a bootstrap module everywhere you
go and one doesn't need to consider whether bootstrap flua can use a
module when writing scripts. On my build machine, the consequence on
our binary size is an increase from around 1.6M -> 1.9M, which isn't
really that bad.
.lua modules can install into their usual path below $WORLDTMP/legacy
and we'll pick them up automagically by way of the ctor that sets up
LUA_PATH early on.
This re-lands bootstrap module support with a more sensible subset, and
after having verified that it cross-builds fine on macOS and Linux -- we
cannot do libfreebsd on !FreeBSD because it's more system header
dependant. We also need to bootstrap libmd to bring in libhash, and
libucl + libyaml.
Reviewed by: bapt, emaste (both previous version)
Differential Revision: https://reviews.freebsd.org/D51890
|
| |
|
|
|
|
|
| |
This reverts commit 1953a12ee2cde1afacb3e3f7612d89695c96e04f, because it
cannot work at all on macOS without more work, at a minimum. We use
linker sets for module discovery, but we don't have a version of this
that works for mach-o at the moment.
|
| |
|
|
|
| |
This reverts commit 80ada959004c4386880e47b11618f8abfc2d80e1, because
bootstrap flua is about to get backed out.
|
| |
|
|
|
| |
This reverts commit 31320402472394af57eb3a36bee7f944117ca0ed, because
bootstrap flua is about to get backed out.
|
| |
|
|
| |
Other systems don't have jail support, and we won't be using it anyways.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Bootstrap flua has some magic now to handle modules by building them in
and discovering them via linker sets. This is slightly cleaner than
always building them in and baking them into loadedlibs for both
bootstrap and system flua.
Adjust the stand build now that these three libs have their own new
homes.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D51891
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This version builds every module into the flua binary itself, since all
of the bootstrap tools are built -DNO_SHARED. As a result, we also
cannot dlsym(), so we can't really discover the names of our newly
builtin modules. Instead, just build out a linker set with all of our
luaopen_*() functions to register everything up-front.
Building in all of the modules isn't strictly necessary, but it means
that we have an example of how to add a bootstrap module everywhere you
go and one doesn't need to consider whether bootstrap flua can use a
module when writing scripts. On my build machine, the consequence on
our binary size is an increase from around 1.6M -> 1.9M, which isn't
really that bad.
.lua modules can install into their usual path below $WORLDTMP/legacy
and we'll pick them up automagically by way of the ctor that sets up
LUA_PATH early on.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D51890
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change simplifies integration of gdb python scripts with our kernel
debugging infrastructure. Rather than putting debugging scripts in
/usr/libexec/kgdb, move them to <path-to-kernel-debug-symbols>/gdb, and
add a kernel-gdb.py which automatically loads modules from that
directory. kernel-gdb.py will be automatically executed by kgdb when
loading kernel debug symbols (assuming a default configuration), so one
no longer needs to do anything to use these modules.
The change also adds a couple of new modules, vnet.py and pcpu.py, for
conveniently accessing VNET symbols and PCPU/DPCPU fields, respectively.
Note that these require a change to the kernel linker when accessing
symbols from a loadable kernel module.
sys/tools/gdb/README.txt describes the scheme in more detail and
provides some rudiementary documentation for the commands and functions
added by these modules. It should be updated when adding new features.
sys/tools/gdb/selftest.py can be used to do some primitive testing of
the modules. All it does is execute a number of gdb commands making use
of commands and functions added by these modules. The developer is
expected to verify that the commands complete without errors and that
the output looks sane.
Discussed with: kp, avg, jhb, glebius
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D50825
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In some configurations, especially in jails, it is possible for the
system to boot so fast that we end up launching daemons while duplicate
address detection is still ongoing. If that happens, said daemons may
fail to bind to IPv6 addresses, as they are still tentative. Teach the
netwait service to wait (up to 10 seconds, by default) for the tentative
flag to vanish.
MFC after: 1 week
Reviewed by: olce
Differential Revision: https://reviews.freebsd.org/D51889
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Put virtual_oss, /etc/devd/snd.conf and the other audio-related tools
into a new "sound" package. Don't create a separate -lib package,
since it's unlikely someone will want mixer(3) without mixer(8).
Put the sound package in the optional set rather than minimal, since
it's not actually required for audio hardware support, and many systems
(including nearly all servers) won't want it installed.
MFC after: 3 seconds
Reviewed by: christos
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D52823
|
| |
|
|
|
|
| |
Reviewed by: emaste
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D52830
|
| |
|
|
|
|
|
|
| |
There is no virtual_oss package. Install the virtual_oss script in
rc, since there's currently no specific package for sound utilities.
This fixes the pkgbase build.
Fixes: f040ee6e4078 ("virtual_oss: Do not build if WITHOUT_CUSE is set")
|
| |
|
|
|
|
|
|
|
| |
PR: 289920
Fixes: 9cab9fde5eda ("virtual_oss: Port to base")
Sponsored by: The FreeBSD Foundation
MFC after: 1 day
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D52807
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was previously deprecated and is slated for removal in 15.0.
Users who still need ftpd(8) can install the ftp/freebsd-ftpd port.
Retain the ftp(d) PAM services since other FTP daemons use them.
Update /etc/inetd.conf to point to /usr/local.
Add ftpd to ObsoleteFiles, but do not list configuration files since
users may want to preserve these to use with the freebsd-ftpd port.
There is still some language in the manual referring to ftpd(8)
which is relevant to the port, which has been retained but updated
to reference the port.
MFC after: 3 days
Relnotes: yes
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D52739
|
| |
|
|
|
|
|
|
| |
Reviewed by: emaste
Approved by: emaste (mentor)
Obtained from: NetBSD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52746
|
| |
|
|
|
|
|
|
|
| |
Add a blocklist probe when user access is denied.
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52747
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch diverges quite a bit from the current upstream [1] in a few
ways:
1. virtual_oss(8), virtual_bt_speaker(8) and virtual_oss_cmd(8) are
actually separate programs.
2. Backends (lib/virtual_oss) are built as separate shared libraries and
we dlopen() them in virtual_oss(8) and virtual_bt_speaker(8) on
demand.
3. virtual_equalizer(8) and the sndio and bluetooth backends are built
as ports, because they depend on third-party libraries.
4. Use newer libav API in bluetooth backend (see HAVE_LIBAV ifdefs) to
address compiler errors.
[1] https://github.com/freebsd/virtual_oss
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D52308
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After f99f0ee14e3a ("rc.d: add a service jails config to all base system
services"), the FTP service ignores the flags configured in ftpd_flags:
# sysrc ftpd_flags=-B
ftpd_flags: -> -B
# service ftpd enable
ftpd enabled in /etc/rc.conf
# service ftpd start
Starting ftpd.
# pgrep -fl ftpd
1234 /usr/libexec/ftpd -D
Notice the absence of the "-B" flag.
PR: 285600
Reviewed by: 0mp, emaste
Approved by: emaste (mentor)
Fixes: f99f0ee14e3a ("rc.d: add a service jails config to all base system services")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52745
|
| |
|
|
|
|
|
|
|
|
| |
In cloud-init, when a group specified in the 'users.{index}.groups' parameter
does not exist, it is ignored, but the user is created anyway. In the case of
nuageinit, it exits with an exception, since pw(8) expects each group to exist.
Reviewed by: bapt@
Approved by: bapt@
Differential Revision: https://reviews.freebsd.org/D52718
|
| |
|
|
|
|
| |
MFC after: 1 day
Reviewed by: manu
Differential Revision: https://reviews.freebsd.org/D52650
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Nearly everyone wants powerd to manage CPU frequency scaling on real
hardware, even if -utilities isn't installed. Conversely, very small
jails might want -utilities but don't need powerd.
Move it to its own package and add it to the minimal set.
MFC after: 1 day
Reviewed by: manu, imp
Differential Revision: https://reviews.freebsd.org/D52645
|
| |
|
|
|
|
|
|
|
|
| |
Instead of sleeping while constructing the list of PIDs to wait for,
sleep briefly after pwait to give init a chance to reap the processes
that just terminated before we loop around and start probing them.
PR: 289630
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D52619
|
