| #
f99f0ee1
|
| 22-May-2024 |
Alexander Leidinger <netchild@FreeBSD.org> |
rc.d: add a service jails config to all base system services
This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
servic
rc.d: add a service jails config to all base system services
This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
service jail.
The sshd patch is important for the sshd-related functionality as
described in the man-page in the service jails part.
The location of the added env vars is supposed to allow overriding them
in rc.conf, and to hard-disable the use of svcj for some parts where it
doesn't make sense or will not work.
Only a subset of all of the services are fully tested (I'm running this
since more than a year with various services started as service jails).
The untested parts should be most of the time ok, in some edge-cases
more permissions are needed inside the service jail.
Differential Revision: https://reviews.freebsd.org/D40371
show more ...
|
| #
d0b2dbfa
|
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
| #
51d97e1b
|
| 06-May-2019 |
Andrey V. Elsukov <ae@FreeBSD.org> |
Add ipsec.ko to required_modules for rc.d/ipsec script.
Thus it can be automatically loaded if ipsec_enable="YES" and option IPSEC
is not in the kernel config.
MFC after: 1 week
|
| #
0696600c
|
| 17-Oct-2018 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Move the rc framework out of sbin/init into libexec/rc.
The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update bec
Move the rc framework out of sbin/init into libexec/rc.
The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update because an rc script was touched.
(a follow-up commit will make init its own package)
* having rc in its own place will allow more easy replacement
of the rc framework with alternatives, such as openrc.
Discussed with: brd (during BSDCam), kmoore
Requested by: cem, bz
PR: 231522
Approved by: re (gjb)
show more ...
|
| #
1135e97b
|
| 28-Jul-2018 |
Brad Davis <brd@FreeBSD.org> |
Move rc startup scripts from etc/ to sbin/init/
This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.
Approved by: will (mentor)
Differential Revision:
Move rc startup scripts from etc/ to sbin/init/
This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16466
show more ...
|
| #
05370e9a
|
| 05-Jul-2017 |
Kristof Provost <kp@FreeBSD.org> |
Allow ipsec to run in vnet jails
ipsec is usable in vnet jails, so allow it to run there.
PR: 211364
Submitted by: Matthias Meyser <meyser xenet.de>
|
| #
6c1a5e83
|
| 23-Apr-2016 |
Lars Engels <lme@FreeBSD.org> |
- Add descriptions to most of the rc scripts. Those are mostly taken from their
daemon's manpage and probably improved.
- Consistently use "filesystem" not "file system".
Approved by: bapt, brueff
- Add descriptions to most of the rc scripts. Those are mostly taken from their
daemon's manpage and probably improved.
- Consistently use "filesystem" not "file system".
Approved by: bapt, brueffer
Differential Revision: D452
show more ...
|
| #
801c4383
|
| 14-Jan-2012 |
Doug Barton <dougb@FreeBSD.org> |
Prepare for the removal of set_rcvar() by changing the rcvar=
assignments to the literal values it would have returned.
The concept of set_rcvar() was nice in theory, but the forks
it creates are a
Prepare for the removal of set_rcvar() by changing the rcvar=
assignments to the literal values it would have returned.
The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.
During the discussion on freebsd-rc@ a preference was expressed for
using ${name}_enable instead of the literal values. However the
code portability concept doesn't really apply since there are so
many other places where the literal name has to be searched for
and replaced. Also, using the literal value is also a tiny bit
faster than dereferencing the variables, and every little bit helps.
show more ...
|
| #
3198bdba
|
| 23-Aug-2009 |
Doug Barton <dougb@FreeBSD.org> |
Fix the typo mentioned in the PR, and one additional.
Fix caps while I'm here.
PR: conf/138087
Submitted by: Chris Petrik <c.petrik.sosa@gmail.com>
|
| #
e3c46a33
|
| 08-Dec-2007 |
Doug Barton <dougb@FreeBSD.org> |
Remove $NetBSD$ CVS tags. We no longer attempt to synch our rc.d files
with theirs, so this information doesn't need to be in the live file.
Having it in our CVS history is enough.
|
| #
3d03791b
|
| 18-May-2007 |
Mike Makonnen <mtm@FreeBSD.org> |
o Implement the stop_boot subroutine [1]. This subroutine can be used by
scripts in rc.d to stop rc(8) from booting into multi-user mode when
a critical or severe error condition is encountered.
o Implement the stop_boot subroutine [1]. This subroutine can be used by
scripts in rc.d to stop rc(8) from booting into multi-user mode when
a critical or severe error condition is encountered.
o Modify scripts in etc/rc.d that already implemented this functionality
independently.
o Document it.
[1] - This subroutine was implemented in FreeBSD in rc.d/fsck. I moved it
to rc.subr(8). Our version differs slightly in that it takes an
optional argument to stop the boot even if "autoboot" is not set.
Obtained from: NetBSD
MFC after: 2 weeks
show more ...
|
| #
255d327c
|
| 09-Apr-2007 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
FILESYSTEMS requires root, so requiring both of them is redundant.
|
| #
7bd5b79d
|
| 02-Apr-2007 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Add a dummy script, FILESYSTEMS, which depends on root and mountcritlocal
and takes over mountcritlocal's role as the early / late divider. This
makes it far easier to add rc scripts which need to r
Add a dummy script, FILESYSTEMS, which depends on root and mountcritlocal
and takes over mountcritlocal's role as the early / late divider. This
makes it far easier to add rc scripts which need to run early, such as a
startup script for zfs, which is right around the corner.
This change should be a no-op; I have verified that the only change in
rcorder's output is the insertion of FILESYSTEMS immediately after
mountcritlocal.
MFC after: 3 weeks
show more ...
|
| #
219d40fb
|
| 24-Jan-2006 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
The 'reload' command did the same as 'restart' command.
Allow user to decide if SAD and SPD entries should be flushed on 'reload'.
With this change flush/spdflush is not done automatically (it could
The 'reload' command did the same as 'restart' command.
Allow user to decide if SAD and SPD entries should be flushed on 'reload'.
With this change flush/spdflush is not done automatically (it could still
be done from ipsec.conf).
show more ...
|
| #
76098314
|
| 24-Jan-2006 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Remove stale comment.
This change should be made in rev1.9.
MFC after: 1 week
|
| #
2d7b4465
|
| 24-Jan-2006 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Use $ipsec_file instead of hardcoded /etc/ipsec.conf.
This change should be made in rev1.2.
MFC after: 1 week
|
| #
384c6482
|
| 12-Oct-2005 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
First start rc.d/ipsec and then rc.d/mountcritremote, so we can mount
NFS file system over IPsec.
Suggested by: Tomasz Pi³at <tomasz.pilat@axelspringer.pl>
|
| #
a0b8a85f
|
| 12-Oct-2005 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
setkey(8) was repo-copied from usr.sbin/ to sbin/.
This will allow for NFS mount of /usr over IPsec.
Discussed on: arch@
|
| #
337338ee
|
| 07-Oct-2004 |
Mike Makonnen <mtm@FreeBSD.org> |
Remove the requirement for the FreeBSD keyword as it no longer
makes any sense.
Discussed with: dougb, brooks
MFC after: 3 days
|
| #
bd57d5b0
|
| 08-Mar-2004 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Mark scripts as not usable inside a jail by adding keyword 'nojail'.
Some suggestions from: rwatson, Ruben de Groot <mail25@bzerk.org>
|
| #
6e571c70
|
| 05-Mar-2004 |
Mike Makonnen <mtm@FreeBSD.org> |
Remove scripts we don't use from requirement lines. These were
hold-overs from the initial NetBSD import.
|
| #
9dd342fe
|
| 17-Jan-2004 |
Mike Makonnen <mtm@FreeBSD.org> |
Luke Mewburn has indicated that they (NetBSD) are not interested
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than nece
Luke Mewburn has indicated that they (NetBSD) are not interested
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than necessary).
The NetBSD ident string will be left intact, both for history and
also incase we wish to pull in future versions.
show more ...
|
| #
1afce003
|
| 17-Jan-2004 |
Mike Makonnen <mtm@FreeBSD.org> |
Luke Mewburn has indicated that they (NetBSD) are not interested
in keeping the scripts under rc.d in sync with us. So, begin removal
of NetBSD specific stuff (which made our scripts more complicated
Luke Mewburn has indicated that they (NetBSD) are not interested
in keeping the scripts under rc.d in sync with us. So, begin removal
of NetBSD specific stuff (which made our scripts more complicated
than necessary), starting with the NetBSD KEYWORD.
show more ...
|
| #
7a34a70b
|
| 30-Jul-2003 |
Mike Makonnen <mtm@FreeBSD.org> |
tty whacking should occur early, but not so early that the
required commands are not on a mounted file system.
Noticed by: bde
|
| #
f8a5334b
|
| 16-Feb-2003 |
Mike Makonnen <mtm@FreeBSD.org> |
We stopped reloading rc.conf for each script a long time ago. Things
shouldn't depend on that any more.
PR: conf/48332
Approved by: markm (mentor)(implicit)
|