Add support for lvm to security script. Backup lvm configuration to /var/backup/lvm with other system backups. Disable lvm check until MKLVM is enabled by default. no objections on tech-userlevel@.

A few more changes, from more discussions with Andrew Brown.
- Resurrect /etc/changelist, even if it's an "empty" file by default,
because it's easier to use than /etc/mtree/special.local for adding
a couple of simple files. Back by popular demand (hi @@@! :-)
- Add /etc/rc.d/* to the list of "dynamic" files; this notices changes
in user-added scripts
- Only calculate the mtree -I nomail list once, and re-use
- Use "cat foo | while read file" instead of "for file in `cat foo`" ;
handles whitespace better...

Major overhaul, with help from Andrew Brown <atatat@netbsd.org>.

Features:
- Add a bunch of stuff to /etc/mtree/special to enable removal of
/etc/changelist:
- files which we want to monitor for changes but don't want to
see the diffs of (master.passwd, ssh_host_key, ...) are
tagged with "nomail"
- files which we don't want to monitor are tagged with "exclude"
(such as netgroup.db, kvm.db, ...)
- monitor /etc/mtree/special.local, /root/.ssh/*
- remove /etc/changelist, and a bunch of XXX comments
- use mtree(8)'s -D, -I, and -E to generate lists of files to
actually do the changelist stuff on.
- support /etc/mtree/special.local as an optional user-provided
version of /etc/mtree/special (effectively, an enhanced
/etc/changelist)
- Add code to monitor: /etc/ifconfig.* /etc/raid*.conf /etc/rc.conf.d/*
including support for these files being added and removed at will.
- If /sbin/fdisk exists, backup the output of "fdisk $disk" for all
the active disk drives as part of $check_disklabels
- Check permissions on: ~/.ssh/* ~/.shosts

Details:
- Reorder initialisation of defaults
- Remove special case for /etc/master.passwd "monitor but don't email diffs"
with general case for other similar files.
- Keep all `autogenerated' files (such as disklabel.*, setuid.current, ...)
in "$backup_dir/work", to minimise name clashes.
- Add migrate_file(old, new) to do the hard work of migrating files
from the old `top level' /var/backups mechanism to the `full path'
mechanism recently added. Use this appropriately.
- Add backup_and_diff(file, printdiffs), to the hard work of backing-up
and diff-ing files.
- Cleanup use of shell redirects
- /bin/sh supports ~root globbing, so use it.
- Improve umask checking; use awk regex rather than awk math

pim6dd.conf is gone. primes -> moduli (openssh)

install /etc/primes for ssh

The script called dhclient-script no longer lives in /etc.

Remove /etc/mail/sendmail-IPv4only.cf which is no longer needed.

remove rc.wscons

Add /etc/{hesiod,passwd}.conf.

sync sendmail default configuration file with GENERIC kernel setting.
was: sendmail-IPv6.cf(v4/v6) + sendmail.cf(v4)
now: sendmail-IPv4only.cf(v4) + sendmail.cf(v4/v6)

do we need etc/obsolete.mi?

Add /etc/netconfig and /etc/security.local.

branches: 1.14.2;
add rc.d/ipsec for ipsec configuration. when enabled, it will inject
/etc/ipsec.conf into "setkey -f". PR 9609.

branches: 1.13.2;
remove /etc/sendmail and other old items.
PR 10171 from Andrew Brown.

remove netstart

make default sendmail.cf IPv4-only again.
roll sendmail-IPv6.cf, which does IPv4/v6.

sync with sendmail upgrade.
- sendmail configuration files are in /etc/mail, not /etc.
- src/etc/aliases will be installed into /etc/mail/aliases (confusing)
- rc.d/sendmail warns if /etc/sendmail.cf exists.

Add login.conf, sysctl.conf and usermgmt.conf.

Add ftpd.conf.

Sync with the reality.

Add some files to security check and backup.

add some files from /etc to the list: csh.logout, inetd.conf,
ld.so.conf, newsyslog.conf, profile, rc.subr, resolv.conf, and rpc.

add /var/cron/tabs/root.

add new files.

RCS id police.

branches: 1.1.1;
update to new security script