Home | History | Annotate | Download | only in rc.d
History log of /src/etc/rc.d/Makefile
RevisionDateAuthorComments
 1.119  29-Dec-2024  jmmv Don't install /etc/rc.d/postfix when MKPOSTFIX=no
 1.118  27-Sep-2023  riastradh /etc/rc.d/cerctl_init: New script for certctl rehash in live images.

This is very limited -- it does not supplant postinstall to rehash
certificates on upgrade; it only runs certctl rehash if
/etc/openssl/certs is an empty directory, as you get in live images
not created with sysinst.

We could also have a more general-purpose way to run postinstall(8)
on first boot of an image, but that has a lot more moving parts to
think about, so let's start with this limited-scope low-risk
approach.

PR install/57629

XXX pullup-10
 1.117  03-Feb-2023  mlelstv Add start script to attach iscsi volumes at boot.

The default is to execute the script (iscsid_volumes=YES), so if you have
any volumes defined, you should also start iscsid (iscsid=YES) to avoid
error messages.
 1.116  06-Jun-2022  nia branches: 1.116.2;
build system: Revert all the recent additions of MK[...] knobs that
allow conditionally disabling the building of certain user space
programs in the 'base' set.

There is not enough consensus that this is the right way and a few
people had strong objections, see source-changes-d@.
 1.115  29-May-2022  nia mk: Add a MKPPP flag to exclude pppd(8) and related utilities from
the build
 1.114  28-May-2022  nia mk: Add MKNTP, MKTCPDUMP knobs.
 1.113  25-May-2022  nia mk: Rename the MKMBONE option to MKMROUTING for greater accuracy and
to match the related kernel config option.
 1.112  25-May-2022  nia mk: Allow building base without the MBONE applications by setting
MKMBONE=no in mk.conf
 1.111  26-Jan-2021  martin llvmlockdir -> lvmlockdir
 1.110  10-Jan-2021  riastradh Various entropy integration improvements.

- New /etc/security check for entropy in daily security report.

- New /etc/rc.d/entropy script runs (after random_seed and rndctl) to
check for entropy at boot -- in rc.conf, you can:

. set `entropy=check' to halt multiuser boot and enter single-user
mode if not enough entropy

. set `entropy=wait' to make multiuser boot wait until enough entropy

Default is to always boot without waiting -- and rely on other
channels like security report to alert the operator if there's a
problem.

- New man page entropy(7) discussing the higher-level concepts and
system integration with cross-references.

- New paragraph in afterboot(8) about entropy citing entropy(7) for
more details.

This change addresses many of the issues discussed in security/55659.
This is a first draft; happy to take improvements to the man pages and
scripted messages to improve clarity.

I considered changing motd to include an entropy warning with a
reference to the entropy(7) man page, but it's a little trickier:
- Not sure it's appropriate for all users to see at login rather than
users who have power to affect the entropy estimate (maybe it is,
just haven't decided).
- We only have a mechanism for changing once at boot; the message would
remain until next boot even if an operator adds enough entropy.
- The mechanism isn't really conducive to making a message appear
conditionally from boot to boot.
 1.109  08-Sep-2020  martin Sort - no functional change
 1.108  08-Sep-2020  martin Rename MOUNTCRITLOCAL to CRITLOCALMOUNTED to avoid a name collision
on case insensitive file systems
 1.107  22-Jul-2020  martin Split the local disk availability step into two phases to allow scripts
that pre-populate parts of the system (e.g. a tmpfs based /var) an
easy place to plug in like:

# REQUIRE: mountcritlocal
# BEFORE: MOUNTCRITLOCAL

This also cleans up the existing special handling a bit by separating it
into new scripts. All later scripts now depend on MOUNTCRITLOCAL.
Discussed on tech-userlevel some time ago.
 1.106  18-Sep-2019  nonaka Moved zfs out of MKX11 block.

Fix build failure without X11.
 1.105  15-Sep-2019  brad Add support for legacy ZFS filesystems, specified by mountpoint=legacy
in the ZFS properties of the dataset and a simple man page for
mount_zfs. With this, it is possible to put ZFS filesystems in
/etc/fstab as file system type zfs.

Add a rc.d script that kicks the module ZFS load mostly before
mountall runs simular to what LVM does. This allows for any legacy
mounts to be specified in critical_local_filesystems and allows for
ZFS pools on top of cgd (probably among other things). Introduce a
rc.conf variable called zfs which needs to be set to YES, in the usual
manor of things, to get zvols and ZFS dataset support rather then just
assume that 'zfs mount' does that in mountall. Fix a problem in
mountall if ZFS is not compiled into the system.
 1.104  12-May-2019  kre branches: 1.104.2;

No change... Previous log message should have said:

Install rc.d/smtoff
 1.103  12-May-2019  kre install rc.d
 1.102  25-Apr-2019  roy Fix build, install wsmoused
 1.101  25-Apr-2019  roy Don't install YP rc.d files with MKYP=no
 1.100  10-Apr-2019  sevan Include npf_boot rc.d scripts which loads an interim config early in boot.
By default /etc/default/npf.boot.conf which can be overriden by /etc/npf.boot.conf.
 1.99  23-Sep-2018  maxv Remove the userland part of ISDN. The kernel part is untouched for now.
ipppctl was actually an exact copy of pppoectl; there is no functional
change in pppoectl in this commit.
 1.98  29-Jun-2018  roy Remove dhclient from the base system.

Discussed here:
https://mail-index.netbsd.org/tech-userlevel/2018/06/21/msg011233.html
 1.97  17-Feb-2018  uwe branches: 1.97.2; 1.97.4;
Actually install dhcpd6 rc script. Organize CONFIGFILES
alphabetically again while where.

PR 53018
 1.96  09-Jan-2018  christos Merge autofs support from: Tomohiro Kusumi
XXX: Does not work yet
 1.95  05-Jan-2017  christos branches: 1.95.6;
add scripts for npfd
 1.94  13-Dec-2015  christos branches: 1.94.2;
Add ip6addrctl
 1.93  30-Mar-2015  chopps Add resize_root boot operation. If resize_root=YES in rc.conf then
the system attempts to resize the root file system to fill it's
partition prior to mounting read-write. Useful for things like AMI
file system images. May eventually be used by arm images after
coming up with similar solution for increasing the parition size.
 1.92  21-Mar-2015  jmcneill Process /etc/modules.conf (if present) at startup, before securelevel is
raised, to allow module loading on ports without a module aware bootloader.
 1.91  21-Feb-2015  joerg Add rc script for /sbin/iscsid.
 1.90  11-Sep-2014  roy Don't try and install rc.d/rtsold
 1.89  16-May-2013  yamt branches: 1.89.6;
try to sync lists of rc.d scripts
 1.88  07-Feb-2012  joerg branches: 1.88.6;
Import the new apropos/whatis.

This code has been developed by Abhinav Upadhyay as part of Google's Summer
of Code 2011. It uses libmandoc to parse man pages and builds a Full
Text Index in a SQLite database. The combination of indexing the full
manual page, filtering out stop words and ranking individual matches
based on the section gives a much improved user experience.

The old makewhatis and friends are kept under MKMAKEMANDB=no for now.
 1.87  17-Dec-2011  tsutsui Add an rc.d(8) script for isibootd(8). Taken from ndbootd(8).
 1.86  23-Nov-2011  tls Load entropy at system boot (only works at securelevel < 1); save
at system shutdown. Disable with random_seed=NO in rc.conf if desired.

Goes to some trouble to never load or save to network filesystems.

Entropy should really be loaded by the boot loader but I am still
sorting out how to pass it to the kernel.
 1.85  06-Sep-2011  riz branches: 1.85.2;
Create and install an rc.d file for devpubd - a daemon to listen
on drvctl and autocreate device nodes in /dev for those which don't have any.
Set the default to "NO" for now.
 1.84  27-May-2011  plunky provide a new 'bluetooth' rc.d script, to handle Bluetooth configuration
in a simpler manner. This replaces btattach, btconfig, bthcid, btdevctl
and sdpd scripts, and also should not require any configuration settings
other than "bluetooth=YES", though the full range of configurations is
still possible.
 1.83  18-Feb-2011  jmcneill Add rc.d script to make sure the system fontconfig cache is up to date.
 1.82  02-Feb-2011  rmind NPF checkpoint:
- Add libnpf(3) - a library to control NPF (configuration, ruleset, etc).
- Add NPF support for ftp-proxy(8).
- Add rc.d script for NPF.
- Convert npfctl(8) to use libnpf(3) and thus make it less depressive.
Note: next clean-up step should be a parser, once dholland@ will finish it.
- Add more documentation.
- Various fixes.
 1.81  13-Jan-2011  kefren branches: 1.81.2;
add ldpd rc script
 1.80  29-Sep-2009  tsarna Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.
 1.79  25-Jul-2009  mbalmer Document recent gpio(4) changes and introduce a new config file for GPIO.
Integrate with the startup scripts in /etc/rc.d. Introduce new variable
"gpio" for /etc/rc.conf.
 1.78  28-Apr-2009  roy Add an rc.d script for dhcpcd(8)
 1.77  21-Apr-2009  joerg Split fsck during boot into two phases. Check the root file system
first, mount root and run the various disk providers. Add swap and
check the remaining file systems after that.
This breaks the dependency cycle for lvm, which needs writeable /dev.
Depend on rndctl in cgd.
 1.76  15-Apr-2009  joerg Add a small script to visualize the rc dependency graph and point to it.
 1.75  16-Jan-2009  haad branches: 1.75.2;
Add lvm rc.d script to build.
 1.74  08-Jan-2009  lukem attempt to make the NOTE a bit more prominent
 1.73  04-Jan-2009  apb * Add etc/rc.d/rndctl script, based on work by Brian A. Seklecki. This
allows you to invoke rndctl(8) during the boot.
* Add rndctl=NO and rndctl_flags="" to /etc/defaults/rc.conf.
* Document rndctl and rndctl_flags variables in rc.conf(5).
 1.72  20-Dec-2008  isaki x68k pow(4) now uses MI sysmon_pswitch framework. suggested by tsutsui@.
- Make MD poffd(8) retire, and use MI powerd(8) instead of it.
- Make /dev/pow1 retire, because nobody holds /dev/pow0 any longer.
Use /dev/pow0 for pow(4) ioctl.
- POWIOCSSIGNAL ioctl which is for poffd(8) is also obsoleted.
 1.71  11-Dec-2008  mishka Import rc.d/httpd script for httpd(8) daemon control.
See rc.conf(5) for options explanation.
 1.70  05-Dec-2008  cube - Generate xdm and xfs depending on the value of X11FLAVOUR
- Only generate and install them for MKX11 builds
 1.69  12-Nov-2008  ad Remove LKMs and switch to the module framework, pass 1.

Proposed on tech-kern@.
 1.68  18-Jun-2008  yamt branches: 1.68.2;
merge yamt-pf42 branch.
(import newer pf from OpenBSD 4.2)

ok'ed by peter@. requested by core@
 1.67  15-Apr-2008  plunky branches: 1.67.2; 1.67.4;
some changes to serial bluetooth host controller interfaces

btuartd(8) should be named btattach(8) for consistency
with other parts of NetBSD

make btattach(8) a single-use tool for less complexity

device specicific initialisation (from btuart(4)) is carried
out prior to activating the line discipline (in btattach(8)),
which simplifies the API somewhat and means that the user
tool and the kernel do not need to be kept in sync.

btuart(4) driver is much reduced; naming is made consistent
and all tsleep() and delay() are removed to userland
 1.66  14-Jul-2007  ad branches: 1.66.8; 1.66.12;
fixsb has done its job.
 1.65  01-Jul-2007  xtraeme Add the /etc/rc.d/envsys script required by envsys2.
 1.64  20-Feb-2007  briggs Install sys/dev/bluetooth/btuart.h.
Descend into and build/install usr.sbin/btuartd.
Install etc/rc.d/btuartd.
 1.63  04-Feb-2007  xtraeme Install the perusertmp file.
 1.62  07-Oct-2006  rpaulo PR 34692: wpa_supplicant script.
By Jukka Salmi.
 1.61  13-Aug-2006  plunky rename btcontrol(8) as btdevctl(8) to make it fit with the NetBSD naming
scheme for control programs. This fixes pr 34051.
 1.60  07-Aug-2006  dyoung branches: 1.60.2;
Per lukem's request, revert previous change which skipped installation
of /etc/rc.d/ipfilter and family if MKIPFILTER=no. As lukem points
out, skipping installation of etc/rc.d/ scripts is not inconsistent
with other optional components, such as pf, x11, etc.
 1.59  05-Aug-2006  dyoung Only install ipfilter, ipfs, ipmon, and ipnat if MKIPFILTER=no.
 1.58  26-Jul-2006  tron Bluetooth fixes by Iain Hibbert:
Create "/etc/rc.d/btcontrol" to attach bluetooth devices at boot.
 1.57  19-Jun-2006  gdamore Initial import of bluetooth stack on behalf of Iain Hibbert. (plunky@,
NetBSD Foundation Membership still pending.) This stack was written by
Iain under sponsorship from Itronix Inc.

The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.

Drivers for both PCMCIA and USB bluetooth controllers are included.
 1.56  30-May-2006  christos Remove sendmail (approved by core)
 1.55  14-May-2006  simonb In the rc.d file list, start a new line for each first letter of
the rc.d scripts. Indent by an extra tab to match indentation of
usr.sbin/postinstall/postinstall
 1.54  30-Apr-2006  rpaulo add missing files
 1.53  08-Feb-2006  agc Add distribution entries and supporting files for the iSCSI target.
 1.52  23-Aug-2005  peter pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.

Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.

No objections on: tech-security
 1.51  04-Aug-2005  peter Add the new ftpd rc.d script.
 1.50  17-Apr-2005  lukem Tweaks for the move of postinstall from /etc to /usr/sbin
 1.49  30-Jun-2004  tron branches: 1.49.2;
Install "pf" and "pflogd".
 1.48  16-May-2004  lukem Consistently use CONFIGFILES & CONFIGLINKS (which enable the 'configinstall'
target) instead of using home-grown 'distribution' targets or using
FILES with the 'install' target.
Add some etc/ subdir Makefiles where appropriate.

XXX: some of etc/Makefile install-etc-files could be converted to CONFIGFILES.
 1.47  18-Apr-2004  dbj enable rc.d fixsb script
initial testing suggests that it is working and I am confident it
will not cause irrevocable damage
 1.46  01-Feb-2004  christos branches: 1.46.2;
add identd
 1.45  14-Jan-2004  jmmv Add the veriexec rc.d script.
 1.44  27-Dec-2003  martin Add rtclocaltime.
 1.43  26-Dec-2003  lukem Revert part of previous; etc/rc.d/kdc must be installed even if Kerberos
isn't enabled.
This is how the rc.d system works in conjunction with our current build
and install system; all the rc.d scripts are installed even if the
subsystems they control are not.
 1.42  11-Dec-2003  dyoung Fix the checkflist for builds without Kerberos 4 (MKKERBEROS4=no)
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.

* move kerberos- and kerberos 4-only files into new flists,
distrib/sets/lists/*/krb.*

* make the flist generators grok MKKERBEROS{,4} variables

* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
9 out of 10 experts agree that it is ludicrous to build w/
KERBEROS4 and w/o KERBEROS5.

* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.

* omit some Kerberos-only subdirectories from the build as
MKKERBEROS{,4} indicate

(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly. That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles. While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
 1.41  18-Apr-2003  thorpej Add an rc script for powerd(8).
 1.40  24-Mar-2003  atatat Tweak postinstall to check for (and help out on) the upgrade to
sendmail 8.12.8. Some of the same machinery (in shorter form) is in
the additions to rc.d/sendmail. Also, add a smmsp startup script for
the sendmail client queue runner.
 1.39  16-Jan-2003  martti Back out previous (as discussed with releng). The correct way to set this is:

# echo "myserver" > /var/yp/binding/`domainname`.ypservers
 1.38  16-Jan-2003  martti Script to bind a NIS client to a known server.

$ grep yp /etc/rc.conf
ypbind=YES
ypbind_flags="-ypset"
ypset=YES
ypset_flags="myserver"
 1.37  10-Jan-2003  yamt in comment, metion about src/distrib/sets/lists/etc/mi as well.
 1.36  09-Jan-2003  christos add staticroute
 1.35  09-Oct-2002  elric Added cgd rc.d script and put it in the appropriate postinstall and
mtree files.
 1.34  03-Sep-2002  abs Split raidframe parity checking/rebuild out into raidframeparity, which is
called after quota so we don't end up with fsck and raidframe parity rebuild
taking forever after a crash/reboot.
While we are here check for raid[0-9].conf & raid[1-9][0-9].conf not
raid[0-9].conf & raid[0-9][0-9].conf
 1.33  27-Aug-2002  takemura Added touch panel calibration utility.
 1.32  30-Jul-2002  thorpej Add a wdogctl startup/shutdown script.
 1.31  03-Jul-2002  yamt add comment:
"if you're adding new scripts, don't forget to update
src/etc/postinstall and src/etc/mtree/special."
 1.30  29-Jun-2002  grant add wsmoused.
 1.29  02-Jun-2002  jmcneill Add mixerctl script.
 1.28  24-Apr-2002  lukem branches: 1.28.2;
- in <bsd.files.mk>, don't clear FILES after using it, as that prevents
make -V FILES
from being useful (and given that every other variable can be
extracted using make -V, the behaviour was unusually inconsistent
given that the original reason for clearing it doesn't seem to be
relevant anymore)
- use <bsd.prog.mk> instead of directly including <bsd.files.mk>
(and possibly <bsd.man.mk> or <bsd.own.mk>)
- remove obsolete NOPROG
 1.27  11-Feb-2002  lukem don't forget to install ipfs...
 1.26  31-Jan-2002  lukem Rename NETWORK to NETWORKING, to allow rc.d to be on a case insensitive
file system (prevents conflict with 'network'). PROVIDE both NETWORKING
and NETWORK (the latter for compatibility with 3rd party scripts).
 1.25  12-Dec-2001  lukem - set NOPROG before .include <bsd.own.mk>
- reformat FILES= lines for easier future additions
 1.24  10-Dec-2001  martin Add rc.d support for ifwatchd (used to run ip-up/ip-down scripts for
in-kernel pppoe interfaces).
 1.23  29-Oct-2001  augustss Add moused, default off.
 1.22  08-Sep-2001  martin Add downinterfaces. Noticed by Thomas Klausner.
 1.21  23-May-2001  fredette sunndd has been renamed ndbootd.
 1.20  21-May-2001  enami Install the file sunndd.
 1.19  05-Apr-2001  thorpej Add a startup script for altqd(8).
 1.18  05-Apr-2001  wiz Don't install /etc/rc.d/gated any longer, since gated isn't in the
base system.
 1.17  18-Jan-2001  thorpej Startup script for racoon(8). Racoon provides "ike", and requires
"kdc" (since you might want to use IPsec on your Kerberos server,
and might be using GSSAPI to authenticate Phase 1) and "ppp" (since
racoon(8) needs to know about all of your network interfaces).
 1.16  14-Jan-2001  minoura Add /etc/rc.d/poffd, for x68k power management deamon.
 1.15  07-Jan-2001  martin Don't fiddle with any isdn interface if the isdnd variable is set to NO
in rc.conf.

Actually do install the isdnd script.
 1.14  28-Sep-2000  thorpej Always install sshd.
 1.13  21-Sep-2000  ad Provide the option of running newsyslog at boot time; mainly for laptop
people.
 1.12  21-Aug-2000  lukem convert fsck.sh -> fsck (using kill -TERM $$ to stop autoboot).
 1.11  10-Aug-2000  thorpej Need bsd.own.mk
 1.10  06-Aug-2000  thorpej Startup script glue for the Heimdal KDC.
 1.9  31-Jul-2000  jwise An sshd startup script for use with usr.bin/sshd. Installation is conditional
on ${SSHDIST}, as with usr.bin/ssh itself.

This script includes a `keygen' target for regenerating RSA and DSA host keys,
and invokes this if these keys are not present when sshd is started up.
 1.8  26-Jul-2000  lukem * add new dummy dependancy `NETWORK' to be REQUIREd by services which need
networking to be operational before starting, and use as appropriate.
NETWORK depends upon network and dhclient.
* move the guts of systemfs into mountcritlocal
* replace the dependancy on systemfs with mountcritremote, and remove the
former.
* SERVERS now also depends upon ppp

Notes:
* dhclient (and others) needs /var to be a $critical_filesystem_beforenet
* dhclient now starts before syslogd (because the latter needs /usr, and
/usr might need dhclient to be mounted)

Should fix PRs:
[install/9853] [bin/10002] [misc/10349] [port-i386/10633] [misc/10641]
 1.7  13-Jun-2000  itojun branches: 1.7.2;
add rc.d/ipsec for ipsec configuration. when enabled, it will inject
/etc/ipsec.conf into "setkey -f". PR 9609.
 1.6  02-Jun-2000  fvdl * Portmap is now called rpcbind.
* Add IPv6 RPC entries to inetd.conf (commented out by default, as the others)
* Add netconfig file, needed for TI-RPC code.
 1.5  03-May-2000  joda branches: 1.5.2;
xntpd -> ntpd
 1.4  26-Apr-2000  thorpej Provide rc.d support for the Postfix mail system. Committed to the
base because there is no support for packages in rc.d, and Postfix
is supposed to become part of the base system anyhow.
 1.3  16-Apr-2000  thorpej nfsiod script is gone.
 1.2  13-Mar-2000  lukem * replace daemon, login, servers with DAEMON, LOGIN, SERVERS
* remove sshd (it was from my private system)
 1.1  10-Mar-2000  lukem branches: 1.1.1;
Initial revision
 1.1.1.1  10-Mar-2000  lukem rc.d scripts derived from /etc/rc
 1.5.2.1  23-Jun-2000  minoura Sync w/ netbsd-1-5-base.
 1.7.2.5  07-Mar-2002  he Pull up revision 1.27 (via patch, requested by seb):
Added ipfs to save state tables. Use -D for ipmon.
 1.7.2.4  29-Sep-2000  thorpej Always install the sshd script.
 1.7.2.3  23-Aug-2000  lukem pull up the following:
etc/rc.d/Makefile 1.12
etc/rc.d/fsck 1.1
etc/rc.d/fsck.sh REMOVE
replace fsck.sh with fsck (using kill -TERM $$ to stop autoboot).

approved: thorpej
 1.7.2.2  09-Aug-2000  lukem pull up revs 1.8-1.9
approved by: thorpej

- add NETWORK, sshd
- remove systemfs
 1.7.2.1  06-Aug-2000  thorpej Update from trunk:
Startup script glue for the Heimdal KDC.
 1.28.2.2  30-Nov-2002  he Pull up revision 1.34 (requested by abs in ticket #772):
Split raidframe parity checking/rebuilding out into
raidframeparity, which is called after quota, so we don't
end up with fsck and raidframe parity rebuild taking forever
after a crash/reboot.
While here, check for raid[0-9].conf and raid[1-9][0-9].conf
and not raid[0-9].conf and raid[0-9][0-9].conf
 1.28.2.1  11-Nov-2002  he Pull up revision 1.32 (via patch, requested by thorpej in ticket #584):
Add a wdogctl startup/shutdown script.
 1.46.2.1  27-Apr-2004  jdc Pull up revision 1.47 (requested by dbj in ticket #185)

Fix problems related to superblock upgrade issues which may be
experienced by -current users from 2003.
 1.49.2.2  02-Sep-2005  tron Pull up following revision(s) (requested by peter in ticket #717):
usr.sbin/pf/man/man5/pf.boot.conf.5: revision 1.1
usr.sbin/postinstall/postinstall: revision 1.4
etc/rc.d/pf: revision 1.6
etc/rc.d/pf_boot: revision 1.1
usr.sbin/pf/etc/defaults/pf.boot.conf: revision 1.1
usr.sbin/pf/Makefile: revision 1.7
etc/rc.d/Makefile: revision 1.52
etc/mtree/special: revision 1.89
usr.sbin/pf/man/man5/Makefile: revision 1.5
usr.sbin/pf/etc/defaults/Makefile: revision 1.1
pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
 1.49.2.1  20-Apr-2005  tron Pull up revision 1.50 (requested by lukem in ticket #168):
Tweaks for the move of postinstall from /etc to /usr/sbin
 1.60.2.1  07-Sep-2006  tron Pull up following revision(s) (requested by plunky in ticket #81):
usr.sbin/postinstall/postinstall: revision 1.23
distrib/sets/lists/man/mi: revision 1.919
distrib/sets/lists/etc/mi: revision 1.174
usr.sbin/btdevctl/btdevctl.c: revision 1.1
usr.sbin/btdevctl/hid.c: revision 1.1
usr.sbin/Makefile: revision 1.217
usr.sbin/btdevctl/btdevctl.h: revision 1.1
usr.sbin/btdevctl/btdevctl.8: revision 1.1
etc/rc.d/btcontrol: file removal
distrib/sets/lists/comp/mi: revision 1.910
etc/rc.d/Makefile: revision 1.61
usr.sbin/btdevctl/cfg.c: revision 1.1
usr.sbin/btdevctl/dev.c: revision 1.1
share/man/man4/btkbd.4: revision 1.2
share/man/man4/bthidev.4: revision 1.4
usr.sbin/btcontrol/hid.c: file removal
usr.sbin/btdevctl/Makefile: revision 1.1
share/man/man4/btsco.4: revision 1.3
distrib/sets/lists/base/mi: revision 1.644
share/man/man4/btdev.4: revision 1.3
share/man/man4/btms.4: revision 1.2
etc/mtree/special: revision 1.100
share/man/man5/rc.conf.5: revision 1.105
usr.sbin/btcontrol/cfg.c: file removal
etc/rc.d/btdevctl: revision 1.1
etc/defaults/rc.conf: revision 1.80
usr.sbin/btcontrol/btcontrol.h: file removal
usr.sbin/btcontrol/btcontrol.8: file removal
usr.sbin/btcontrol/dev.c: file removal
usr.sbin/btcontrol/btcontrol.c: file removal
usr.sbin/btcontrol/Makefile: file removal
rename btcontrol(8) as btdevctl(8) to make it fit with the NetBSD naming
scheme for control programs. This fixes pr 34051.
 1.66.12.4  17-Jan-2009  mjf Sync with HEAD.
 1.66.12.3  29-Jun-2008  mjf Sync with HEAD.
 1.66.12.2  02-Jun-2008  mjf Sync with HEAD.
 1.66.12.1  21-Feb-2008  mjf Start where the mjf-devfs branch left off.
 1.66.8.1  18-Feb-2008  mjf Add some devfs code that's been sitting in my local tree for a while.

devfsd(8) is now the first daemon to be started after init(8). It tracks
device insertion (will eventually track removal) and devfs mounts.

Currently, we can mount multiple device file systems and have device
special files pushed into the mounts automatically, though, the device
special files aren't created with the correct major/minor number pairs
yet.

More work to come soon.
 1.67.4.1  23-Jun-2008  wrstuden Sync w/ -current. 34 merge conflicts to follow.
 1.67.2.1  14-Jun-2008  peter add ftp proxy rc.d script.
 1.68.2.4  10-May-2009  snj Pull up following revision(s) (requested by roy in ticket #534):
etc/defaults/rc.conf: revision 1.103
etc/rc.d/Makefile: revision 1.78 via patch
etc/rc.d/dhcpcd: revision 1.1
Add an rc.d script for dhcpcd(8)
 1.68.2.3  06-Feb-2009  snj branches: 1.68.2.3.4;
Pull up following revision(s) (requested by apb in ticket #406):
etc/defaults/rc.conf: revision 1.99
etc/rc.d/Makefile: revision 1.73
etc/rc.d/rndctl: revision 1.1
share/man/man5/rc.conf.5: revision 1.127
* Add etc/rc.d/rndctl script, based on work by Brian A. Seklecki. This
allows you to invoke rndctl(8) during the boot.
* Add rndctl=NO and rndctl_flags="" to /etc/defaults/rc.conf.
* Document rndctl and rndctl_flags variables in rc.conf(5).
 1.68.2.2  22-Jan-2009  snj Pull up following revision(s) (requested by rafal in ticket #297):
distrib/sets/lists/etc/mi: revision 1.203
doc/CHANGES: revision 1.1151 via patch
etc/defaults/rc.conf: revision 1.97
etc/mtree/special: revision 1.123
etc/rc.d/Makefile: revision 1.71
etc/rc.d/httpd: revision 1.1
share/man/man5/rc.conf.5: revision 1.123
usr.sbin/postinstall/postinstall: revision 1.80
Import rc.d/httpd script for httpd(8) daemon control.
See rc.conf(5) for options explanation.
 1.68.2.1  06-Dec-2008  snj Pull up following revision(s) (requested by cube in ticket #168):
etc/rc.d/Makefile: revision 1.70
etc/rc.d/xdm: file removal
etc/rc.d/xfs: file removal
etc/rc.d/xfs.in: revision 1.1
etc/rc.d/xdm.in: revision 1.1
- Generate xdm and xfs depending on the value of X11FLAVOUR
- Only generate and install them for MKX11 builds
 1.68.2.3.4.1  21-Apr-2010  matt sync to netbsd-5
 1.75.2.1  13-May-2009  jym Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
 1.81.2.2  05-Mar-2011  bouyer Sync with HEAD
 1.81.2.1  08-Feb-2011  bouyer Sync with HEAD
 1.85.2.2  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.85.2.1  17-Apr-2012  yamt sync with head
 1.88.6.1  23-Jun-2013  tls resync from head
 1.89.6.2  06-Aug-2015  snj Pull up following revision(s) (requested by skrll in ticket #909):
distrib/sets/lists/etc/mi: revision 1.237
distrib/sets/lists/tests/mi: revision 1.613
distrib/utils/embedded/conf/armv7.conf: revisions 1.1, 1.2
distrib/utils/embedded/conf/beagleboard.conf: delete
distrib/utils/embedded/conf/evbarm.conf: revisions 1.21, 1.22
distrib/utils/embedded/conf/rpi.conf: revisions 1.28, 1.29
distrib/utils/embedded/conf/rpi_inst.conf: revisions 1.7, 1.8
distrib/utils/embedded/conf/usermode.conf: revision 1.5
distrib/utils/embedded/conf/x86.conf: revision 1.5
distrib/utils/embedded/files/resize_disklabel: revision 1.1
distrib/utils/embedded/mkimage: revisions 1.49, 1.55-1.59
etc/defaults/rc.conf: revision 1.133
etc/etc.evbarm/Makefile.inc: revisions 1.72, 1.76
etc/rc.d/Makefile: revision 1.93 via patch
etc/rc.d/resize_root: revisions 1.1-1.3
etc/rc.d/root: revision 1.5
sbin/resize_ffs/Makefile: revision 1.5
sbin/resize_ffs/resize_ffs.8: revisions 1.14-1.16
sbin/resize_ffs/resize_ffs.c: revisions 1.39-1.44
share/man/man5/rc.conf.5: revision 1.158, 1.159
tests/sbin/resize_ffs/Makefile: revision 1.4
tests/sbin/resize_ffs/common.sh: revision 1.14
tests/sbin/resize_ffs/t_check.sh: revision 1.1
tests/sbin/resize_ffs/t_grow.sh: revision 1.9
tests/sbin/resize_ffs/t_grow_swapped.sh: revision 1.3
tests/sbin/resize_ffs/t_shrink.sh: revision 1.8
tests/sbin/resize_ffs/t_shrink_swapped.sh: revision 1.2
fix image building:
- round up the total size of the disk image
- fix fdisk offset for netbsd ffs images
--
Make get_dev_size work on regular files too.
--
Use `!= -1' instead of `== 0' out of paranoia.
--
- Add -c to check to see if grow/shrink is required
- Divide by DEV_BSIZE when returning size of file.
- Update manpage
--
New sentence, new line. Sort option descriptions.
--
Add resize_root boot operation. If resize_root=YES in rc.conf then
the system attempts to resize the root file system to fill it's
partition prior to mounting read-write. Useful for things like AMI
file system images. May eventually be used by arm images after
coming up with similar solution for increasing the parition size.
--
- Add new tests for -c check flag in resize_ffs
--
Bump date for previous.
it's -> its
--
Handle case in grow() where last cylinder group is too small for ufs2.
Align with code in shrink().
--
factor out geometry calculation and use this also in CheckOnly mode.
be a bit more verbose in Verbose mode.
--
Add support for auto-growing the root partition. Enable it for rpi.img.
--
initialize resize before pulling in board config
--
add KEYWORD: interactive, honour resize_root_flags and
resize_root_postcmd rc vars
--
if the -p flag is specified, display a progress bar while growing the
file-system
--
show resize_ffs progress bar when resizing root partition
--
fix typo in previous; pass -y unconditionally to resize_ffs, not -p
--
Rename beagleboard.img to armv7.img. The new image includes the same
kernels as beagleboard.img plus support for Raspberry Pi 2, ODROID-C1,
Cubieboard2, Cubietruck, Hummingbird A31, and Banana Pi.
--
Properly spell X' name. From X(7):
The X.Org Foundation requests that the following names be
used when
referring to this software:
X
X Window System
X Version 11
X Window System, Version 11
X11
--
Add some documentation:
Tell what this does, and what it expects from conf files
--
Cleanup: make_filesystems is not used any longer, purge remains
--
More cleanup:
Instead of first overwriting the *_evbarm functions with own code,
and then calling them from the regular functions, directly put the
code into the regular functions.
No more functions from evbarm.conf are used now.
Some variables are still used!
--
define TOOL_MKUBOOTIMAGE for mkimage
--
fix mkubootimage
 1.89.6.1  26-Mar-2015  martin Pull up following revision(s) (requested by jmcneill in ticket #635):
etc/rc.d/Makefile: revision 1.92
distrib/sets/lists/man/mi: revision 1.1497
share/man/man5/Makefile: revision 1.71
etc/defaults/rc.conf: revision 1.132
etc/rc.d/modules: revision 1.1
usr.sbin/postinstall/postinstall: revision 1.190
distrib/sets/lists/etc/mi: revision 1.236
etc/mtree/special: revision 1.152
share/man/man5/modules.conf.5: revision 1.1
Process /etc/modules.conf (if present) at startup, before securelevel is
raised, to allow module loading on ports without a module aware bootloader.
 1.94.2.1  07-Jan-2017  pgoyette Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
 1.95.6.1  14-May-2019  martin Pull up following revision(s) (requested by maxv in ticket #1265):
etc/rc.d/smtoff: revision 1.1
etc/rc.d/smtoff: revision 1.2
distrib/sets/lists/etc/mi: revision 1.258
etc/rc.d/smtoff: revision 1.3
etc/rc.d/smtoff: revision 1.4
etc/defaults/rc.conf: revision 1.148
etc/rc.d/Makefile: revision 1.103
usr.sbin/postinstall/postinstall: revision 1.226
etc/rc.d/Makefile: revision 1.104
etc/mtree/special: revision 1.167
share/man/man5/rc.conf.5: revision 1.180

Add smtoff, an rc.d script that disables Simultaneous Multi-Threading. It
parses the output of cpuctl, and executes "cpuctl offline" for each CPU
that has SmtID!=0.

The default is "smtoff=NO", which means that SMT remains enabled.
Restructure code a little.

Use quoting everywhere possibly useful (always the right way, except
in the few cases where it is wrong...)

Avoid using cut & grep (from /usr/bin) so script could run before /usr
is mounted (pity cpuctl is in /usr/sbin ...).

Use sysctl -n rather than attempting to parse its output.
install rc.d

No change... Previous log message should have said:
Install rc.d/smtoff

I should know better! Don't rely upon the way the shell implements
pipes. Skip the "error" printf from GetSmtId() as there is no easy
portable way to avoid it occurring (there are complicated ways) - but
we don't need it, there is no logical difference between "error" and ""
so just use the latter (if we get an ID, good, if there is nothing, then
there is none - saying 'error' does not mean anything.)

Remove comment, since there is no parsing anymore.
 1.97.4.2  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.97.4.1  10-Jun-2019  christos Sync with HEAD
 1.97.2.2  30-Sep-2018  pgoyette Ssync with HEAD
 1.97.2.1  28-Jul-2018  pgoyette Sync with HEAD
 1.104.2.1  27-Sep-2019  martin Pull up following revision(s) (requested by brad in ticket #250):

external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.2
external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.3
external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.4
external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.5
distrib/sets/lists/man/mi: revision 1.1652
distrib/sets/lists/man/mi: revision 1.1653
distrib/sets/lists/etc/mi: revision 1.259
etc/rc.d/mountall: revision 1.11
external/cddl/osnet/sbin/zfs/Makefile: revision 1.5
external/cddl/osnet/dist/cmd/zfs/zfs_main.c: revision 1.7
etc/rc.d/Makefile: revision 1.105
distrib/sets/lists/base/mi: revision 1.1217
etc/rc.d/Makefile: revision 1.106
etc/rc.d/zfs: revision 1.1
etc/defaults/rc.conf: revision 1.152
external/cddl/osnet/sbin/zfs/mount_zfs.8: revision 1.1

Add support for legacy ZFS filesystems, specified by mountpoint=legacy
in the ZFS properties of the dataset and a simple man page for
mount_zfs. With this, it is possible to put ZFS filesystems in
/etc/fstab as file system type zfs.

Add a rc.d script that kicks the module ZFS load mostly before
mountall runs simular to what LVM does. This allows for any legacy
mounts to be specified in critical_local_filesystems and allows for
ZFS pools on top of cgd (probably among other things). Introduce a
rc.conf variable called zfs which needs to be set to YES, in the usual
manor of things, to get zvols and ZFS dataset support rather then just
assume that 'zfs mount' does that in mountall. Fix a problem in
mountall if ZFS is not compiled into the system.
mount_zfs.8: add xref to fstab(5)

Use more markup.

Include mount_zfs man pages only for MKZFS builds.

Moved zfs out of MKX11 block.

Fix build failure without X11.

Add a copyright to the man page and a bit of history.
Use Pa macro for path
new sentence, new line
 1.116.2.1  02-Oct-2023  martin Pull up following revision(s) (requested by riastradh in ticket #381):

distrib/utils/embedded/conf/evbarm.conf: revision 1.42
distrib/sets/lists/etc/mi: revision 1.273
etc/rc.d/Makefile: revision 1.118
distrib/utils/embedded/conf/usermode.conf: revision 1.7
etc/rc.d/certctl_init: revision 1.1
distrib/evbarm/liveimage/armimage/rc.conf.armimage: revision 1.2
etc/defaults/rc.conf: revision 1.166
distrib/amd64/liveimage/emuimage/rc.conf.emuimage: revision 1.3
distrib/utils/embedded/conf/x86.conf: revision 1.11
distrib/utils/embedded/conf/evbmips.conf: revision 1.4

/etc/rc.d/cerctl_init: New script for certctl rehash in live images.

This is very limited -- it does not supplant postinstall to rehash
certificates on upgrade; it only runs certctl rehash if
/etc/openssl/certs is an empty directory, as you get in live images
not created with sysinst.

We could also have a more general-purpose way to run postinstall(8)
on first boot of an image, but that has a lot more moving parts to
think about, so let's start with this limited-scope low-risk
approach.

PR install/57629

/etc/rc.d/certctl_init: Default off.
Otherwise in systems without certctl_init=YES, such as systems
installed with sysinst(8) where it's unnecessary because the rehash
has already happened at install time, you'll get spurious warnings.

RSS XML Feed