make the script MI again (same across all archs)

build dynamically the list of compat archsubdirs.

branches: 1.1.2; 1.1.86;
Move /etc/postinstall (and the etc.tgz set) to /usr/sbin/postinstall
(and the base.tgz set).

build dynamically the list of compat archsubdirs.

remove obsolete library files for all the "compat" subdirs not just amd64
and sparc64.

Anchor the egrep search to avoid npf.conf matching pf.conf, but don't
anchor $ so that blacklistd machines blackist.

1. fix /etc/defaults/*.conf files
a. there are more rc.conf.append arch than only for x86, deal with them too.
b. populate new /etc/defaults/rc.conf files
2. merge sed patterns
3. deal with empty exclude lists

handle $SOURCEMODE

Add missing npf.boot.conf

Remove hard-coded lists of rc files and generate them dynamically from the
sets. Fixes issues with automount, npf_boot etc. that were never updated here!

Add smtoff, an rc.d script that disables Simultaneous Multi-Threading. It
parses the output of cpuctl, and executes "cpuctl offline" for each CPU
that has SmtID!=0.

The default is "smtoff=NO", which means that SMT remains enabled.

Do not test contents of non-existing Xresource file (if X11 sets have
not been installed)

remove 30-urw-aliases.conf and add 45-generic.conf and 60-generic.conf.

should fix build issues reported on current-users.

XDM Xresources has been extended and the new values are important for proper
working of newer XDM. Check for the missing values and ask the user to
fix manually.

Stop continuing /var/shm check when var_shm_symlink is in /etc/rc.conf.
OK'd by martin.

rc.d/isdnd is obsolete

add rc.d/dhcpd6

Add support for MAKEDEV living in /etc instead of /dev, this is one of
the supported options when init(8) creates a union mounted tmpfs on /dev.

Remove the userland part of ISDN. The kernel part is untouched for now.
ipppctl was actually an exact copy of pppoectl; there is no functional
change in pppoectl in this commit.

Remove dhclient references.

branches: 1.216.4; 1.216.6;
Add npfd to the list of rc.d scripts to check.

add missing pam items (cron, racoon)

branches: 1.214.4;
If -x (xsrc location) is passed for "check", display it also in the
"how to fix" invocation instructions.

Move dhcpcd lease files to new location.

Move dhcpcd's rdm monotonic file if it exists.

Pluck dhcpcd.conf from dist/src
Move dhcpcd.duid and dhcpcd.secret from /etc to /var/db/dhcpcd/{duid,secret}

Don't use slow file_exists_exact if we don't have to.

file_exists_exact function was introduced in 1.26 for the benefit of
cross-building on OS X case-insensitive file system. It is extremely
slow on diskless machines. That becomes especially noticeable when
you upgrade a system that has a lot of obsolete files, it can take
literally hours.

branches: 1.209.2;
don't try to install rc scripts for programs not installed

add nsd

add rtsold to rc_obsolete_files :-(

rename populate_rc to update_rc and copy if source is newer.

PR toolchain/51457 -- be more posix compat with sort usage, though it
(currently anyway) makes no difference on NetBSD.

PR toolchain/51457 -- use sort correctly

unbound additions

branches: 1.202.2;
Add ip6addrctl

handle blacklistd properly.

PR/50158 - Simon Burge -- postinstall does not know about blacklistd

Whitespace.

Comma of result is (though increasingly common) not formally recognized
grammar[,;] use a semicolon.

Check for an out of date /etc/fonts/fonts.conf and if so, forcibly
update it (it is not intended to be user editable). This is
primarily intended so that pkgsrc fonts installed in the new location
can be found.

PR install/50020: postinstall does not check for mandoc in /etc/man.conf.
Add a check, but ask the user to fix manually (the file could have local
modifications).

Simplify previous, pass awk as TOOL_AWK (that is what the makefile uses),
create an obj dir for make and force it to use that.
This version now works with read-only source again.

Clean up the src/etc/mtree directory after using it to generate the mtree
spec file.
XXX this is fishy, we should find a better way.

Pass AWK to make when invoking emit_dist_file.
Part of fixing PR toolchain/50004.

Terminate the obsole directory walking loop when we hit "/" or "."
(both relative to DESTDIR), I have seen it run into an endless loop with
_path=. when invoked from the top level make with some (valid) args.

Add resize_root

Process /etc/modules.conf (if present) at startup, before securelevel is
raised, to allow module loading on ports without a module aware bootloader.

Add rc script for /sbin/iscsid.

rc_obsolete_vars is a list of pairs, so format it with one pair per line.

add powerpc variants to the list of potentially obsolete modules to check

Fix previous; obsolete vars are pairs.

postinstall(8): Define long item lists as variables to improve future diff-ability.

Handle obsolete xen/pae-xen kernel modules; reported by John D. Baker.

Fix tab/space inconsistency in comment.

Change the order of arguments to check_ids, placing the two file names
adjacent to each other. Also add a comment explaining the "start"
argument and the "SKIP" special value.

Make check_ids take an additional argument (the corresponding source
file) and grep that on error for the missing information, so the user
gets all the info needed how to "FIX MANUALLY".

Remove rtsol(8) and rtsold(8) as their functionality is in dhcpcd(8).
Remove rtsol(8) from rc.d/network.
Add -w seconds command to ifconfig to wait for N seconds for until DAD
has finished on all addresses.
Use ifconfig -w in rc.d/network instead of a forced sleep.

As discussed on tech-net@

In get_makevar, ask make to recursively expand the variable,
not just print the unexpanded value. This is done by
using make -V '${VAR}' instead of make -V 'VAR'.

Quoting fixes in several eval commands.

Check for and delete ${DEST_DIR}/@RUNDIR@, not /@RUNDIR@.
Also remove an unnecessary eval in do_dhcpcdrundir and
fix a typo in the description.

FONTCONFIG_DIR not existing does not need to be fixed.

branches: 1.175.2;
Synchronise several shell_quote implementations, and:
* Elide some unnecessary pairs of quotation marks, to improve readability.
For example, shell_quote "''" is now \'\' instead of ''\'''\'''.
* Don't add quotes around words that contain only safe characters,
to improve readability.
* LC_COLLATE=C to prevent [a-zA-Z] from matching non-ASCII characters.
* Use ${SED} if defined.

Use extra="${2-/,}" to use $2 if defined, else default to "/,".

Delete trailing slash with "${1%/}", not "${1#/}".

Add a new obsolete_stand target, disabled by default,
to delete old files and subdirectories under /stand/${MACHINE}.

Remove stray quotation mark

In do_sendmail, use unprefix to fix up paths that will be
processed by obsolete_paths.

Clarify wording in a comment for obsolete_paths.

Add bre_quote (copied from etcupdate), and unprefix functions.

Add SORT and SED variables, in case a host environment needs them.

don't apply "ptyfsoldnodes" if /dev/pts does not exist, even if ptyfs
is listed in /etc/fstab. without this, postinstall happily removes
all your ptys leaving you with none at all. return an error if we
have ptyfs in /etc/fstab, but no /dev/pts.

branches: 1.165.2;
Fix wrong variable name, PR bin/48647 from Jim Bernard.

Fix path to atf-run.hooks after import of atf-0.19.

Problem found by martin@. Not spotted by me, I think, because I always use
postinstall on an etc.tgz file and forgot about this code path.

Remove harmful whitespace. Now the /var/shm check can succeed quietly.

Add a check to remove the temporarily (eroneously) created /@RUNDIR@
(PR bin/48529)

Skip varshm check if there is no fstab (like in chroots).

Cosmetics: use "msg" instead of "echo"

Add a "varshm" check/fix to make sure /var/shm is mentioned in /etc/fstab
(and add a default of tmpfs with 25% of available ram limit if not).
To avoid the warning but not mount the tmpfs, just comment out the line
for /var/shm.

Also move "obsolete" to the end of the list again, as it should be run
last.

Add pkgpath.conf to /etc/defaults check.

And add a skip for the deleted _gpio in uid.

Add _rtadvd to uid check as well.

Adding _rtadvd to group check.

don't echo the make command in the output file.

- missing semicolon
- missing SKIPS
- assignment instead of comparison

more thorough passwd/group checks.

implement SOURCEMODE version of "fontconfig".

update do_fontconfig() to update all the conf.avail files. fixes
errors that xkbcomp spews when the X server starts since fontconfig
was updated.

add _gpio to gid check

try to sync lists of rc.d scripts

Make sure that the "to fix, run: ..." instructions actually work cut-and-paste
By default postinstall has mode 644 so /bin/sh or similar needs to be prepended

branches: 1.146.2;
Remove the ability to specify multiple colon-separated fiel names with
a single "-s" option. Multiple "-s" options must now be used instead.
We have been printing a warning about this since 2008-09-14.

Don't rely on stat(1) with format "%SHr" to print the correct names.
That uses devname(3) internally, which doesn't work at all in a cross
build environment, and doesn't do what I thought even in a native
environment.

Instead, parse the device major numbers for the pty master and slave
devices from the output of "MAKEDEV -s pty0" and check those against the
actual device node that we are thinking of removing.

Change do_ptyfsoldnodes to use stat(1) to check whether a file is
a device node of the correct type. We no longer need to get the
major number from searching the MAKEDEV script, because the output
from stat(1) will contain the strings "tty" or "pty" instead of
the numeric major numbers. We also no longer rely on "find -ls".

Use grep -E and grep -F instead of egrep and fgrep. This reduces the
number of tools that may need to be passed in the environment.

Remove the "stat" shell function (stat op format target value).
It has been unused since revision 1.14 dated 2006-05-30.

Cleanup temporary file

Make "fix ptyfsoldnodes" more verbose

Add a ptyfsoldnodes item that checks/removes old /dev/{p,t}ty* nodes
if ptyfs is used.

add ldpd rc.d script here too

add _tss to uid and gid checks

Properly find atf configuration files in the source tree. My previous
change dealt properly with etc.tgz only. Addresses PR bin/45870.

Populate /etc/atf with any missing files. Fixes PR bin/45870.

quote SRC_DIR and DEST_DIR everywhere. Also wrap some long lines.

Fix a call to pwd_mkdb in the case that DEST_DIR is the empty string.

Pass -d option to pwd_mkdb(8) in order to make databases at proper location.

Use msg for indentation.

Add "pwd_mkdb" item, which checks whether /etc/pwd.db is in the
new format, and runs "pwd_mkdb -V 1 /etc/master.passwd" to fix it.

branches: 1.129.2;
Clean up cat pages that are older than the corresponding man pages.
Remove cat page directories that are empty.

Add an rc.d(8) script for isibootd(8). Taken from ndbootd(8).

Make the rndsave structure public -- the kernel will learn to read it
and sysinst may learn to write it (since, on some systems, most of
the keyboard input they ever get happens to be during install). Fix a
couple of minor problems with the random_seed rc script addition.

branches: 1.126.2;
fix the sendmail, mailerconf and atf checks to use ${DEST_DIR}.
add a note about this to the top of the file.

/etc/defaults/rc.conf can be modified at build time by getting additional
arch-specific hooks appended to its end (currently: i386 and amd64).

Handle this case in postinstall(8) by checking whether we are in
$SOURCEMODE or not, and generate the correct rc.conf file on the fly in
case we have to. Otherwise, postinstall(8) may install the default one
obtained from a source directory that does not have the MD hooks
appended to it.

Problem reported by wiz@. Thanks!

Set $SRC_DIR to its default value at the beginning of main() so that
usage() can print the correct value even when called early.

Check that $TGZMODE is true to deduce that the set is extracted
from a .tgz instead of checking that $SRC_DIR != $SRC_ARG. These variables
can be modified in different places, so it's less error prone.

Check (and fix) that unprivileged-user has been changed from _atf to _tests
in /etc/atf/common.conf. Requested by martin@.

Rename the _atf user to _tests. The _atf name will get obsoleted if/when
we migrate to Kyua (atf v2), so it's better to use a generic name that does
not depend on the specific implementation. Also, this user has not gone
out yet into any stable release, so we can easily rename it.

Suggested by jruoho@.

rcconf_is_set takes a tuple of <script> <variable>, so add
in a couple of missing script names

network ip6forwarding
sysctl defcorename

and remove the trailing "sysctl"

introduce rcvar_is_enabled to test if a rcvar is enabled

use this instead of rcconf_is_set to warn about superseded
rc.d scripts, to silence spurious warnings produced before
/etc/defaults/rc.conf script was updated.

(spurious warnings noted by Martin Husemann)

provide a new 'bluetooth' rc.d script, to handle Bluetooth configuration
in a simpler manner. This replaces btattach, btconfig, bthcid, btdevctl
and sdpd scripts, and also should not require any configuration settings
other than "bluetooth=YES", though the full range of configurations is
still possible.

Invert the chroot/tcpdump/etc test and make it remove the (not needed
anymore) directory.

Add a new check to populate /var/chroot/tcpdump/etc

Fix the usage of the -s option to mention using it multiple times, rather
than the deprecated colon separated syntax.

Install "etc/gpio.conf" if it is missing.

Add "npf" to the list of startup scripts that get checked.

branches: 1.112.2;
Add _tcpdump uid/gid checks.

Adjust obsolete_libs to handle both the libraries (unchanged) and the
corresponding .debug files if exists.

- don't bitch if /usr/X11R6/lib/X11 does not exist, if /usr/X11R6 does not
exist either. We might have never installed X11R6 on this system.
- spell nonexistent

Add _atf to uid/gid checks.

Do not try in postinstall(8) to replicate the code in etc/mtree/Makefile
that assembles /etc/mtree/NetBSD.dist. Instead, use the Makefile's
new target, emit_dist_file, to assemble the correct NetBSD.dist.

Previously, 'postinstall -m amd64 -s $SRC_TOP' would install a
NetBSD.dist that was missing /usr/lib/i386/ et cetera.

running postinstall fix should also say why fontconfig did not work, like
all other postinstall methods.

/usr/X11R7/lib/X11/xkb/symbols/pc used to be a directory, but changed
to a file on 2009-06-12. Fixing this requires removing the directory
(which we can do) and re-extracting the xbase set (which we can't do),
or at least adding that one file (which we may be able to do if X11SRCDIR
is available).

Reviewed by mrg, snj

Multicast DNS ("Bonjour") support, based on Apple's mDNSResponder.

Make do_mtree correctly report failure if either special or
NetBSD.dist checks failed, not only the last one.

install the fontconfig files into /etc/fonts/conf.avail, and symlink
the default ones into /etc/fonts/conf.d, as per default.

reported by jukka marin on netbsd-users.

- do not create X11 subdirs always anymore

- we now only create them when building X11, and only create the ones
we need (X11R6 xor X11R7)

- all these subdirs are now in the xbase set

- move the logic for running mtree into etc/mtree/Makefile

- split NetBSD.dist into 3 files, and have the build and postinstall handle
creating a possibly merged one. we still have a single installed file
called "NetBSD.dist".

Add gpio to rc checks.

Diff from Geoff Wing <gcw@pobox.com>, thanks.

moduli moved with openssh

Switch to building Postfix 2.6.2 via "external/ibm-public/postfix".

Make the makedev step fail if either MAKEDEV or MAKEDEV.local need to
be updated. Patch from njoly@

fetch /etc/dhcpcd.conf from the correct place when building the system

install /etc/rc.d/dhcpcd as well

install /etc/dhcpcd.conf

Split fsck during boot into two phases. Check the root file system
first, mount root and run the various disk providers. Add swap and
check the remaining file systems after that.
This breaks the dependency cycle for lvm, which needs writeable /dev.
Depend on rndctl in cgd.

Now that we use ?= to optionally assing to ddb.onpanic, match that when
testint existing configurations too.

Make the ddb.onpanic line acceptable even if commented out

Switch the default value (if no options DDB_ONPANIC is defined) for
ddb.onpanic to 1, change it back to 0 in sysctl.conf and make sure
postinstall installs this setting.
This avoids us trying to dump while booting from install CD, but keeps
the default the same once we are far enough through /etc/rc.d. Failing
earlier is unlikely to be recovered by an automatic reboot.
OK: core.

As long as we don't yet have a working TOOL_GREP,
fgrep is more portable than grep -F.

In file_exists_exact(), fix an incorrect test of "1" instead of "$1",
and improve the comment explaining what this function does.

"grep -q" is not portable; use "grep >/dev/null" instead. Also add a
comment saying that postinstal is invoked during a cross build.

Use awk and grep host tools where required. 'build.sh release' now works
on Solaris (but only with HOST_CC=/usr/sfw/bin/gcc for now).

Look for MAKEDEV.local in both ${SRC_DIR}/dev/ and ${SRC_DIR}/etc/,
so that 'postinstall check makedev' works whether the sources told
by the -s argument are a NetBSD source tree, etc.tgz, or a DESTDIR.

do_makedev: look at a correct directory for MAKEDEV.local

branches: 1.84.2;
Added MAKEDEV.local to postinstall's makedev check. Upgraded systems were
not getting an updated MAKEDEV.local file.

Add lvm script to the lists.

Add rndctl to do_rc().
Thanks to Geoff Wing on current-users.

x68k pow(4) now uses MI sysmon_pswitch framework. suggested by tsutsui@.
- Make MD poffd(8) retire, and use MI powerd(8) instead of it.
- Make /dev/pow1 retire, because nobody holds /dev/pow0 any longer.
Use /dev/pow0 for pow(4) ioctl.
- POWIOCSSIGNAL ioctl which is for poffd(8) is also obsoleted.

Import rc.d/httpd script for httpd(8) daemon control.
See rc.conf(5) for options explanation.

- Introduce a function get_makevar that will retrieve the values of a
specific set of user-derived variables, to be used in SOURCEMODE.
- In SOURCEMODE, generate the rc.d scripts xdm and xfs.
- Auto-detect if X11 sets are used (either through the value of MKX11 in
SOURCEMODE, or by finding an xetc-xpecific file in sets mode).
- Ignore X11-specific rc.d scripts if X11 is not used.

Add scan obsolete minor shared libraries in /usr/X11R7/lib.
Also scan in /usr/lib/i386 for amd64, /usr/lib/sparc for sparc64.

lkm1, lkm2 and lkm3 are now obsolete and don't exist in the source tree,
so remove the references to them from postinstall.

branches: 1.76.2;
s/explicitely/explicitly/

apb's latest change introduced a test to make sure an actual etc.tgz (or an
extraction of it) was provided as -s, but SOURCEMODE was not set to true in
the default case, which is to use /usr/src/etc, a source directory.

revert previous; now 'postinstall fix' does not work anymore without having
sets.

use an existing file otherwise the test always fails.

I don't have set.etc!?!? Do you?

In both postinstall and etcupdate, in modes where the -s argument
refers to tgz files or to a directory in which tgz files have already
been extracted, make it an error for the files that should have come
from etc.tgz to be missing. This is intended to prevent users from
accidentally deleting necessary files when they run "postinstall -s
xetc.tgz fix".

Use the absence of .../etc/mtree/set.etc in the extracted directory
as a test for the error case.

Fix 'arith: syntax error: " N_SRC_ARGS + 1 "' error which occurs with
the Debian default shell ("dash").

Now cross-build works again on Ubuntu 7.10.

Fix errors in previous.

Allow "-s tgzfile1:tgzfile2" for backward compatibility. Print a
warning to encourage users to switch to using "-s tgzfile1 -s tgzfile2".

* Allow colons to appear in the names of tgz files, to address PR 39459.
* Remove the ability to specify a colon-separated list of tgz files
using a single "-s" option, because ":" is now a valid character within the
name of a single file. Callers should use multiple "-s" options
instead.

Cleanup shell quoting:

* Almost all shell variables are now quoted, except where they
hold numeric values such as exit status, or where we want
the shell to split on spaces.

* Constructs like

_files="$@"
do_something_with $files

are changed to

#_files="$@"
do_something_with "$@"

* In contexts where we do actually want the args to be concatenated with
space separators, use "$*", not "$@".

Tested by running "postinstall check" with a SCRATCHDIR whose name
contained spaces.

Make sure to update root.cache too.

Correct improper escaping of regular expressions in string constants in
awk code. Noted by Aleksey Cheusov in tech-userlevel.

Install /etc/pf.os with 444 permissions.
Modify postinstall(8) to always upgrade /etc/pf.os.

Suggested by Luke Mewburn in PR/35188.

merge yamt-pf42 branch.
(import newer pf from OpenBSD 4.2)

ok'ed by peter@. requested by core@

branches: 1.61.2;
Try to make it clear that local changes will be overwritten
by "postinstall fix".

Convert TNF licenses to new 2 clause variant

branches: 1.59.2;
some changes to serial bluetooth host controller interfaces

btuartd(8) should be named btattach(8) for consistency
with other parts of NetBSD

make btattach(8) a single-use tool for less complexity

device specicific initialisation (from btuart(4)) is carried
out prior to activating the line discipline (in btattach(8)),
which simplifies the API somewhat and means that the user
tool and the kernel do not need to be kept in sync.

btuart(4) driver is much reduced; naming is made consistent
and all tsleep() and delay() are removed to userland

Avoid error message in "obsolete" check if "/usr/X11R6/lib" doesn't exist.

Don't fail the X11 check if "/usr/X11R6/lib" doesn't exist. This is
perfectly valid setup (e.g. no X11 or modular X11 from "pkgsrc").

Update URLs after website reorganization in the motd check; per pavel@'s
request. Closes PR misc/37070.

PR/35238 - tls@ -- add _proxy to uid and gid checks

now when trap 0 is not used, we need to remove the temporary directiry
at the end. PR bin/37223.

Add httpd to the build. Add _httpd to passwd and groups and postinstall.
Add /var/www to mtree, add example line to inetd.conf.

Add a check for obsolete sendmail in /etc/mailer.conf, installs a
fresh copy of the file if invoked as "fix". Not enabled by default.

Return exit status 1 for failed chacks/fixes, 2 for errors. Suggested
by hubertf. Use exit status 3 for internal errors (misuse of internal
functions).

do not use trap 0, it clobbers the exit status. Instead remove the
scratch directory in err(). Use err() instead of exit in one place to
ensure that the temporary directory is removed.

branches: 1.49.4; 1.49.6;
add mention of rc.d/btuartd

Extend do_envsys() and check if the sensor_* files in /etc/powerd/scripts
are installed.

Do not install fixsb anymore, which was removed recently.

fix error message for obsolete_libs

fixsb has done its job.

Add do_envsys() that checks if /etc/envsys.conf exists.

Update for /etc/rc.d/envsys.

Remove the remaining sendmail config files (including everything in
/usr/share/sendmail) from the obsolete list. Instead, remove them in the
"sendmail" postinstall item, which is disabled by default, to prevent
losing sendmail configuration on upgrade. Fixes the rest of
PR install/36180.

Separate postinstall checks in two groups: enabled and disabled by
default. Only the former checks/fixes are done if no items are given
on the command line. The latter must be requested explicitely.

Intended for "fixes" that are dangerous in some way, because they might
remove files that are still in use, for example.

Make the "sendmail" item disabled by default, it removes sendmail
configuration. Partly addresses PR install/36180.

Proposed on tech-userlevel, review and spelling fixes from lukem@.

Add btuartd.conf to bluetooth.

* Make postinstall's -s option accept several tgz files, either by
repeating the -s option, or by using a colon-separated list.
* Update postinstall(8) man page with some of the text used in
etcupdate(8)'s description of the -s option.
* Remove an outdated comment about invoking etc/postinstall from
the directory in which the tgz is extracted.
* Rename orig_SRC_DIR to SRC_ARG and make related changes.

Reviewed by lukem and martti.

For sdpd(8), change default user/group from nobody/nobody to _sdpd/_sdpd

Revert previous. MAKEDEV.subr no longer exists.

Convert the guts of do_makedev() into a loop that checks both MAKEDEV
and MAKEDEV.subr.

Add perusertmp. Pointed out by Geoff Wing, thanks!

Added user and group "_timedc" for timedc.

Crank copyright.
Whitespace & linewrap consistency tweaks.

Fix method to find pf.os so it works with '-s etc.tgz'.
PR 35185 by Valeriy E. Ushakov.

Don't bother to find pf.conf first; the code was a noisy no-op.

branches: 1.31.2;
Check if /etc/pf.conf and /etc/pf.os exist and copy them if they don't.

Suggested by lukem@.

/etc/postfix/post-install needs to be 555 not 444.

PR 34692: wpa_supplicant script.
By Jukka Salmi.

Add a check to aid in the migration of motd contents between development
releases. Suggested by tron@ and approved by silence in tech-userlevel@.

fix problem with file_exists_exact where it was returning false
for dangling symlinks because it was checking them with test -e

fixes for building into case preserving, but case insensitive $DESTDIR
- have checkflist do a second possibly case insensitive check for
files which are missing from DESTDIR
- have postinstall require exact case matches for obsolete files

update to bluetooth device attachment:

remove pseudo-device btdev(4) and inherent limitations

add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.

btdevctl(8) and its cache is updated to handle new semantics

etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf

give a hint on how to fix the 'NOT FIXED' checks -> fix manually

OK'd by lukem@

rename btcontrol(8) as btdevctl(8) to make it fit with the NetBSD naming
scheme for control programs. This fixes pr 34051.

branches: 1.22.2;
Bluetooth fixes by Iain Hibbert:
Create "/etc/rc.d/btcontrol" to attach bluetooth devices at boot.

Bluetooth fixes by Iain Hibbert:
Remove bluetooth.conf(5) and config parsing from libbluetooth(3)
as this is no longer required.

Create and populate "/etc/bluetooth". Based on patch submitted by
Iain Hibbert on "current-users" mailing list.

Initial import of bluetooth stack on behalf of Iain Hibbert. (plunky@,
NetBSD Foundation Membership still pending.) This stack was written by
Iain under sponsorship from Itronix Inc.

The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.

Drivers for both PCMCIA and USB bluetooth controllers are included.

Remove "/var/spool/clientmqueue" and "/var/spool/mqueue" from the list
of obsolete directories and handle them via the "sendmail" item in
postinstall(8), too. These directories are of course necessary on
systems using the "sendmail" package.

Problem pointed out by Hisashi T Fujinaka on "current-users" mailing list.

Remove the "sendmail" configuration files and startup scripts from the
list of obsolete files. Resurrect the "sendmail" item which now flags
these files as obsolete unless the "sendmail" package is installed.

Sort the obsolete rc.conf(5) variables to check, and only check
sysctl once(!).

Check whether user and group "postfix" exist.

After removal of "sendmail":
- Remove the code dealing with "sendmail" updates.
- Don't check for the existence of user and group "smmsp" any more.
- Remove "/etc/rc.d/smmsp" and "/etc/rc.d/sendmail" because there defaults
have been removed from "/etc/defaults/rc.conf".

Sync rc.d file list with etc/rc.d/Makefile, adding ftpd, hostapd, and
irdaattach.

Add "iscsi" target which install the iSCSI configuration files.
This will stop e.g. "/etc/security" complaining about these files
missing after a sucessful run of "postinstall"

Check for and install "/etc/rc.d/iscsi_target".

Add postinstall item for the rwhod de-preivledging.
Check and correct permissions on /var/rwho files so rwhod
will be able to update them.

Add checks for _rwhod group & user.
Noted by Patrick Welche on current-users.

Fix do_defaults() so that it errors when there's a mismatch.
Noted by Matthias Scheler.

Add "named" item to move /etc/namedb/named.conf to /etc/named.conf.
Per discussion with Matthias Scheler.

Reorganize items so that they're in alphabetical order except that
"obsolete" is moved to the end.
Clean up some comments.

Fix the installation of /etc/defaults/pf.boot.conf so that it works
with -s etc.tgz.

pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.

Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.

No objections on: tech-security

If /etc/ssh/sshd_config contains the following deprecated options,
comment them out:
rhostsauthentication
verifyreversemapping
reversemappingcheck

branches: 1.2.2;
do_postinstall() is now unnecessary; remove it.

If extracting -s etc.tgz to a temporary directory, don't run the
embedded etc/postinstall since it doesn't exist anymore.

Remember the original SRC_DIR passed in (e.g, "-s etc.tgz") and
display that in the suggested "fix" message, rather than a temporary
path to the extracted etc.tgz which won't be correct for the next run.

Move /etc/postinstall (and the etc.tgz set) to /usr/sbin/postinstall
(and the base.tgz set).

postinstall(8); add -?. expand operation usage

Sprinkle a few references to .tar.xz files (as alternative to .tgz files)

branches: 1.19.4; 1.19.6;
Remove workaround for ancient HTML generation code.

Use Nx.

PR/49428: Travis Paul: Document x option.

branches: 1.16.10;
Remove the ability to specify multiple colon-separated fiel names with
a single "-s" option. Multiple "-s" options must now be used instead.
We have been printing a warning about this since 2008-09-14.

branches: 1.15.6;
s/the the/the/

Explicitly request literal mode after .Xr.

In both postinstall and etcupdate, in modes where the -s argument
refers to tgz files or to a directory in which tgz files have already
been extracted, make it an error for the files that should have come
from etc.tgz to be missing. This is intended to prevent users from
accidentally deleting necessary files when they run "postinstall -s
xetc.tgz fix".

Use the absence of .../etc/mtree/set.etc in the extracted directory
as a test for the error case.

Document that "ss tgz1:tgz2" was merely deprecated, not removed.

Document the change in meaning of "-s foo:bar". It now means a single
file or directory named "foo:bar". If you want the old meaning,
use "-s foo -s bar" instead.

branches: 1.10.2;
Try to make it clear that local changes will be overwritten
by "postinstall fix".

Convert TNF licenses to new 2 clause variant

branches: 1.8.6;
Typo fix.

branches: 1.7.4;
Separate postinstall checks in two groups: enabled and disabled by
default. Only the former checks/fixes are done if no items are given
on the command line. The latter must be requested explicitely.

Intended for "fixes" that are dangerous in some way, because they might
remove files that are still in use, for example.

Make the "sendmail" item disabled by default, it removes sendmail
configuration. Partly addresses PR install/36180.

Proposed on tech-userlevel, review and spelling fixes from lukem@.

* Make postinstall's -s option accept several tgz files, either by
repeating the -s option, or by using a colon-separated list.
* Update postinstall(8) man page with some of the text used in
etcupdate(8)'s description of the -s option.
* Remove an outdated comment about invoking etc/postinstall from
the directory in which the tgz is extracted.
* Rename orig_SRC_DIR to SRC_ARG and make related changes.

Reviewed by lukem and martti.

branches: 1.5.2;
Explain that etcupdate(8) may do the job that postinstall(8) can't
do. (Example: fix master.passwd to include _rwhod and whatnot)

OK'd by lukem@

Xref etcupdate from postinstall, and vice versa.

branches: 1.3.2;
not all items can be fixed automatically

branches: 1.2.2;
Update for move to /usr/sbin.
Add a HISTORY.

Move /etc/postinstall (and the etc.tgz set) to /usr/sbin/postinstall
(and the base.tgz set).

all: fix some "internal option -J" warnings from make

PR bin/58476: second half: be more selective with the strings to update
for blacklistd -> blocklistd
issue pointed out and patch supplied by Timo Buhrmester

postinstall: Do not obsolete 10-sub-pixel-rgb.conf

This file revived for fontconfig 2.14.1, and has been recognized
both as valid and obsoleted file at the same time.

Fix PR misc/57547 and PR bin/58406.

No release branches are affected.

postinstall: obsolete_libs - update comment

... that mentions a variable name in an AWK script far, far away.

(typo) it used to be /var/db/blacklistd.db not /var/db/blacklist.db

postinstall: get rid of exclude -t

exclude_libs() no longer uses it, so revert exclude() to what it was
before the -t was introduced.

It can probably be further improved, but I'm not sure why it needs
eval and why it wants to anchor at the beginning of the line only
(something to do with e.g. blocklist vs. blocklistd), and I don't have
time to investigate this properly at the moment.

postinstall: simplify exclude_libs

Don't compose a baroque ERE to filter the list of libraries. grep can
match whole lines with -x so that takes care of the anchoring. And
grep can also take multiple patterns, one per line, as a single
argument - which the man page of our rather out of date version
doesn't adequately document.

While here describe the downgrade scenario that it is intended to
handle.

postinstall: exclude_libs - use find/readlink instead of ls/awk

This doesn't only feels right, but also gets rid of a bogus empty line
in the list of targets (for all the files that are not symlinks).

postinstall: clarify/simplify awk script in _obsolete_libs

Add comments and rename variables to better reflect their purpose.
Emit plain filenames, not absolute paths, b/c that's what exclude_libs
expects. While here explain what might trigger the exclude_libs
scenario (downgrades).

PR bin/58697: postinstall(8) removes non-obsolete compat libs

branches: 1.63.2;
remove dup named dir

postinstall: fix parameter order in usage message

postinstall: fix endless loop (since 2024-03-07)

no local in loops, simplify eval (thanks kre)

- fix named.conf (remove dnssec-enable option)
- use proper local variables instead of adding _ or other prefixes.
- centralize rm use
- use grep -q instead of > /dev/null
- reduce constant duplication

postinstall(8): Don't say /etc/openssl/certs.conf already exists.

It's confusing when all the other `postinstall fix' actions are
silent in the event they don't have anything to do.

PR install/57885

postinstall(8): Use /usr/sbin/certctl.

Obviates need to have /usr/sbin in PATH when running this.

XXX pullup-10

postinstall(8): Modify default certs.conf.

When manually configured /etc/openssl/certs is detected, just
uncomment the `#manual' line in the default certs.conf rather than
writing a new one. That way, you can switch to certctl-managed and
still get the default path by just deleting /etc/openssl/certs and
re-commenting the `manual' line.

postinstall(8): Handle various certs.conf scenarios gracefully.

Tested the following scenarios:

1. fresh install
empty /etc/openssl/certs
default /etc/openssl/certs.conf
- opensslcertsconf
[x] check: pass
[x] fix: pass -- nothing
- opensslcertsrehash
[x] check: fail -- needs rehash
[x] fix: pass -- quietly rehash successfully (go to 4)

2. fresh upgrade
empty /etc/openssl/certs
no /etc/openssl/certs.conf
- opensslcertsconf
[x] check: fail -- complain missing /etc/openssl/certs.conf
[x] fix: pass -- install default /etc/openssl/certs.conf (go to 1)
- opensslcertsrehash
[x] check: fail -- complain missing /etc/openssl/certs.conf
- [x] fix: fail -- complain missing /etc/openssl/certs.conf

3. upgrade from certctl, changes to certs
certctl-managed /etc/openssl/certs
default /etc/openssl/certs.conf
- opensslcertsconf
[x] check: pass
[x] fix: pass -- nothing
- opensslcertsrehash
[x] check: fail -- needs rehash
[x] fix: pass -- quietly rehash successfully (go to 4)

4. upgrade from certctl, no changes to certs
certctl-managed /etc/openssl/certs
default /etc/openssl/certs.conf
- opensslcertsconf
[x] check: pass
[x] fix: pass -- nothing
- opensslcertsrehash
[x] check: pass
[x] fix: pass -- quietly rehash successfully (go to 4)

5. upgrade from mozilla-rootcerts
populated /etc/openssl/certs
no /etc/openssl/certs.conf
- opensslcertsconf:
[x] check: fail -- complain missing /etc/openssl/certs.conf
[x] fix: pass -- install manual /etc/openssl/certs.conf (go to 7)
- opensslcertsrehash:
[x] check: fail -- complain missing /etc/openssl/certs.conf
[x] fix: fail -- complain missing /etc/openssl/certs.conf

6. upgrade from mozilla-rootcerts with etcupdate naively
populated /etc/openssl/certs
default /etc/openssl/certs.conf
- opensslcertsconf:
[x] check: pass
[x] fix: pass -- nothing
- opensslcertsrehash:
[x] check: fail -- complain mismatched certs/ and certs.conf
[x] fix: fail -- complain mismatched certs/ and certs.conf

7. upgrade from mozilla-rootcerts with etcupdate manually
populated /etc/openssl/certs
manual /etc/openssl/certs.conf
- opensslcertsconf:
[x] check: pass
[x] fix: pass -- nothing
- opensslcertsrehash:
[x] check: pass
[x] fix: pass -- skip rehash because manual (go to 7)

XXX Someone should draft automatic tests for postinstall. It has a
very good track record, but it sure would be nice to automate this
testing rather than redo it each time I make a tiny change.

postinstall(8): Fail if `certctl rehash' fails.

Not using `set -e' here, evidently (maybe we should), so the separate
return 0 suppressed the error.

postinstall(8): Add opensslcerts item to regen /etc/openssl/certs.

Works only with destdir /, since it relies on running openssl(1),
which is not available as a tool or required in the cross-build
environment.

adjust for new fontconfig files.

branches: 1.51.2;
fix various typos in comments and log messages.

postinstall: improve -s usage

Reword -s SRC_ARG to be a bit clearer as to the variations, and sync
more with postinstall(8).

postinstall: tweak -a and -m usage

postinstall: add -? to usage

postinstall: add -?. improve option errors

Support -? to show help.
Implemented using getopts "leading colon optstring" feature.
Improve error messages for unknown options and missing arguments.

postinstall: usage improvements

Show options alphabetically.
Use UPPER_CASE instead of lowercase as the convention for argument names.
Provide per-OPERATION argument usage.
Implement options alphabetically.

postinstall: improve validation and help

Validate the operation and items before extracting any etc.tgz,
so that help or errors are displayed quicker, for a better user
experience.

Style:
- Rename todo to ITEMS.
- Order processing of list after check.
- Ensure DIFF_OPT is initialised, for consistency.

postinstall: style tweaks

Fix ... in comments and internal errors.
Sort variables declared at top of main(), for easier review.

postinstall: help to stdout. usage tweaks

When invoked as "help" or "usage", send the usage to stdout
instead of stderr, so that it's easier to pipe to a pager.

Explicitly warn that the operation is missing.

Tweak the usage; "operation" instead of "op", no need for [] around ...

postinstall: fix x11 migration of /usr/X11R6/lib/X11

Fix the x11 check if /usr/X11R6/lib/X11/* needs to migrate to /etc/X11/*
by ensuring that the former actually is detected.

Avoids false migration errors for paths such as /fs if /usr/X11R6
doesn't exist, such as:
x11 check:
Migrate /fs to /etc/X11/fs

The original implemention handled this correctly, but the bug
crept in postinstall 1.110 on 2010/11/21.

s/accidentaly/accidentally/

s/helt/held+s/eroneously/erroneously/+s/splitted/split/+s/recommented/recommended/

Don't overwrite changed autofs config files.

postinstall: re-align list output

postinstall: sort the items. keep obsolete* last

Consistency and quality of life improvements to postinstall:

Order all of the items (including disabled) alphabetically.
Consistent comment style before each item block.
Move other functions used by do_*() before rather than after do_*().

postinstall: comment and usage style

Use NOTE: for comments to be aware of.
Remove double space before "fix|check" in some items.

postinstall: ensure SRC_DIR and DEST_DIR are quoted

postinstall: use correct DEST_DIR in obsolete_stand

missing quote

Restrict npf.conf fixes to "blacklistd" -> "blocklistd"

Sort missing IDs (users and groups) by the numeric ID.

Nix trailing whitespace.

Fix do_blocklist:
- Respect destination directory specified by -d option.
- Accept check and fix options. For the former, do not modify anything as
users normally expect.

Nix trailing whitespace.

handle /etc/blacklistd.conf

correct blocklist script
- removal of rc file is handled by obsolete
- use grep to find if we need more changes
- fix rc population

fix reversed mv, pointed out by wiz@

deal with blacklist -> blocklist

Ensure the dhcpcd log socket is removed.

postinstall: Move files out of dhcpcd chroot

Add a function to remove the debug bits of the stand files.

postinstall: ensure contents_owner fix fails on find errors

The issue is that find won't pass anything to xargs and that returns 0.
So replace the usage of xargs with -exec.

branches: 1.19.2;
Fix dhcpcd $DEST_DIR support

postinstall: fix contents_owner to return an error on error

find returning nothing via stdout but does return an error is an error.
Fixes the case where dhcpcd chroot db directory isn't owned by _dhcpcd.

postinstall: add checks for _dhcpcd to do_uid and do_gid

Thanks to jmcneill@

postinstall: move dhcpcd files to the chroot

Fix the fixup script to follow the URL change in /etc/motd (http->https).

PR install/54990, pullup-9

change the autofs file to be user writable.

populate autofs files

Make sure rc, rc.subr, and rc.shutdown are properly updated.

Currently there is no info which rc* files should be updated
or not on upgrade (at least rc.conf and rc.local shouldn't),
so put back an explicit list in the postinstall script.
"Go for it" by christos@ in PR/54741.

Should be pulled up to netbsd-9.

PR/54730: Izumi Tsutsui: obsolete etc files are not being cleaned up on
an upgrade build.

PR/54730: Izumi Tsutsui: Use /var/db/obsolete/<set> to remove obsolete rc.d
files when not in $SOURCEMODE.

remove debugging.

Add nvmm group.

Add ${DEST_DIR} prefix to check target directory not host directory.

exclude_libs - redirect ls 2> /dev/null so that the user is not
spammed with errors for directories without any libraries; the most
common case in the wild would be empty /usr/libdata/debug. Add -d to
ls for good measure while here.

branches: 1.5.2;
exclude shared libraries that are currently in use from removal.

cleanup obsolete file selection from sets and refactor font synchronization.
The font config files are not in sets, so they are still hard-coded.

select the powerd scripts from the sets

make the script MI again (same across all archs)

build dynamically the list of compat archsubdirs.