CVS commit: src/etc/rc.d
Module Name:src Committed By: christos Date: Wed Jul 10 07:27:10 UTC 2024 Modified Files: src/etc/rc.d: named Log Message: account for filter-.so rename and move To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 src/etc/rc.d/named Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: christos
Date: Wed Jul 10 07:27:10 UTC 2024
Modified Files:
src/etc/rc.d: named
Log Message:
account for filter-.so rename and move
To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 src/etc/rc.d/named
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/named
diff -u src/etc/rc.d/named:1.28 src/etc/rc.d/named:1.29
--- src/etc/rc.d/named:1.28 Mon Dec 25 03:35:07 2023
+++ src/etc/rc.d/named Wed Jul 10 03:27:10 2024
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: named,v 1.28 2023/12/25 08:35:07 kre Exp $
+# $NetBSD: named,v 1.29 2024/07/10 07:27:10 christos Exp $
#
# PROVIDE: named
@@ -97,12 +97,12 @@ named_precmd()
#
case "$($command -v)" in
BIND*) # 9 no group, named-xfer, or ndc
- named_plugindir="/usr/libexec/named"
+ named_plugindir="/usr/lib/named"
if ! [ -d "${named_chrootdir}${named_plugindir}" ]; then
mkdir -p -m 755 "${named_chrootdir}${named_plugindir}"
chown root:wheel "${named_chrootdir}${named_plugindir}"
fi
- for p in filter-.so; do
+ for p in filter-.so.0; do
copy_if_newer "${named_chrootdir}" \
"${named_plugindir}" "$p"
done
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:38:32 UTC 2023
Modified Files:
src/etc/rc.d: sysdb
Log Message:
Stop using the obsolete test(1) -o operator, use sh || instead.
Prefer sh ! over test's ! (though that one is not completely obsolete).
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 src/etc/rc.d/sysdb
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sysdb
diff -u src/etc/rc.d/sysdb:1.25 src/etc/rc.d/sysdb:1.26
--- src/etc/rc.d/sysdb:1.25 Sat Apr 23 21:24:31 2016
+++ src/etc/rc.d/sysdb Mon Dec 25 08:38:32 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sysdb,v 1.25 2016/04/23 21:24:31 dholland Exp $
+# $NetBSD: sysdb,v 1.26 2023/12/25 08:38:32 kre Exp $
#
# PROVIDE: sysdb
@@ -40,10 +40,10 @@ check_file()
local db="$2"
shift 2
- if [ ! -e "$src" ]; then
+ if ! [ -e "$src" ]; then
return
fi
- if [ \( ! -f "$db" \) -o \( "$src" -nt "$db" \) ]; then
+ if ! [ -f "$db" ] || [ "$src" -nt "$db" ]; then
$echo -n "$comma${src##*/}"
comma=", "
"$@"
@@ -81,7 +81,7 @@ build_utmp()
#
local i
for i in "" x; do
- if [ ! -f /var/run/utmp$i ]; then
+ if ! [ -f /var/run/utmp$i ]; then
$echo -n "${comma}utmp$i"
comma=", "
install -c -m 664 -g utmp /dev/null /var/run/utmp$i
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 08:38:32 UTC 2023 Modified Files: src/etc/rc.d: sysdb Log Message: Stop using the obsolete test(1) -o operator, use sh || instead. Prefer sh ! over test's ! (though that one is not completely obsolete). To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/etc/rc.d/sysdb Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:37:09 UTC 2023
Modified Files:
src/etc/rc.d: postfix
Log Message:
Do away with the obsolete text(1) -a operator, use sh && instead.
Prefer sh ! operator over test's ! (less question what it means).
A few minor formatting changes.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 src/etc/rc.d/postfix
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/postfix
diff -u src/etc/rc.d/postfix:1.19 src/etc/rc.d/postfix:1.20
--- src/etc/rc.d/postfix:1.19 Fri Aug 9 10:05:44 2019
+++ src/etc/rc.d/postfix Mon Dec 25 08:37:08 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: postfix,v 1.19 2019/08/09 10:05:44 rin Exp $
+# $NetBSD: postfix,v 1.20 2023/12/25 08:37:08 kre Exp $
#
# PROVIDE: mail
@@ -53,7 +53,7 @@ postfix_precmd()
case "$1" in
hash)
if [ -f "$2.db" ]; then
-if [ ! "$2" -ot "$2.db" ]; then
+if ! [ "$2" -ot "$2.db" ]; then
_rebuild "$2" "out of date"
fi
else
@@ -85,8 +85,8 @@ check_use_postfix()
echo YES
else
echo "WARNING: default postfix not used as not selected in mailer.conf" >&2
- if [ "${_mta_path}" = "${_sendmail_path}" -a \
- ! -x "${_mta_path}" ]; then
+ if [ "${_mta_path}" = "${_sendmail_path}" ] &&
+ ! [ -x "${_mta_path}" ]; then
echo "WARNING: mailer.conf points to the removed sendmail" >&2
echo "update /etc/mailer.conf to get a working mailer configuration" >&2
fi
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 08:37:09 UTC 2023 Modified Files: src/etc/rc.d: postfix Log Message: Do away with the obsolete text(1) -a operator, use sh && instead. Prefer sh ! operator over test's ! (less question what it means). A few minor formatting changes. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/etc/rc.d/postfix Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:35:07 UTC 2023
Modified Files:
src/etc/rc.d: named
Log Message:
Clean up obsolete test(1) usage - use sh's || instead of test's obsolete -o,
and sh's && instead of test's obsolete -a.
Minor formatting cleanups, including removing unneeded \ line continuations.
The somewhat bizarre way that named_migrate() was made to work in a
subshell (which of itself is fine, and looks needed) has been made more
rational. Because of that, the need to use local vars is no longer there,
(subshells can't affect the parent) and "local" in that func could be deleted
(but hasn't been).
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/etc/rc.d/named
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/named
diff -u src/etc/rc.d/named:1.27 src/etc/rc.d/named:1.28
--- src/etc/rc.d/named:1.27 Wed Mar 31 04:57:25 2021
+++ src/etc/rc.d/named Mon Dec 25 08:35:07 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: named,v 1.27 2021/03/31 04:57:25 christos Exp $
+# $NetBSD: named,v 1.28 2023/12/25 08:35:07 kre Exp $
#
# PROVIDE: named
@@ -19,11 +19,10 @@ extra_commands="reload"
required_dirs="$named_chrootdir" # if it is set, it must exist
named_migrate()
-{
+(
local src="$1"
local dst="$2$1"
echo "Migrating $src to $dst"
-(
diff=false
cd "$src"
mkdir -p "$dst"
@@ -59,15 +58,14 @@ named_migrate()
ln -s "$dst" "$src"
fi
)
-}
copy_if_newer()
{
local chrootdir="$1"
local dir="$2"
local file="$3"
- if [ ! -x "${chrootdir}${dir}/${file}" -o \
- "${chrootdir}${dir}/${file}" -ot "${dir}/${file}" ]; then
+ if ! [ -x "${chrootdir}${dir}/${file}" ] ||
+ [ "${chrootdir}${dir}/${file}" -ot "${dir}/${file}" ]; then
rm -f "${chrootdir}${dir}/${file}"
cp -p "${dir}/${file}" "${chrootdir}${dir}/${file}"
fi
@@ -75,13 +73,13 @@ copy_if_newer()
named_precmd()
{
- if [ ! -e "/etc/rndc.key" ]; then
+ if ! [ -e "/etc/rndc.key" ]; then
echo "Generating rndc.key"
/usr/sbin/rndc-confgen -a
fi
if [ -z "$named_chrootdir" ]; then
- if [ ! -d "/etc/namedb/keys" ]; then
+ if ! [ -d "/etc/namedb/keys" ]; then
mkdir -m 775 "/etc/namedb/keys"
chown named:named "/etc/namedb/keys"
fi
@@ -100,7 +98,7 @@ named_precmd()
case "$($command -v)" in
BIND*) # 9 no group, named-xfer, or ndc
named_plugindir="/usr/libexec/named"
- if [ ! -d "${named_chrootdir}${named_plugindir}" ]; then
+ if ! [ -d "${named_chrootdir}${named_plugindir}" ]; then
mkdir -p -m 755 "${named_chrootdir}${named_plugindir}"
chown root:wheel "${named_chrootdir}${named_plugindir}"
fi
@@ -117,32 +115,34 @@ named_precmd()
esac
for i in null random urandom; do
- if [ ! -c "${named_chrootdir}/dev/$i" ]; then
+ if ! [ -c "${named_chrootdir}/dev/$i" ]; then
rm -f "${named_chrootdir}/dev/$i"
- (cd /dev &&
- /bin/pax -rw -pe "$i" "${named_chrootdir}/dev")
+ ( cd /dev &&
+ /bin/pax -rw -pe "$i" "${named_chrootdir}/dev" )
fi
done
- if [ ! -h /etc/namedb ]; then
- named_migrate /etc/namedb ${named_chrootdir}
+ if ! [ -h /etc/namedb ]; then
+ named_migrate /etc/namedb "${named_chrootdir}"
fi
for i in named.conf rndc.key; do
- if [ \( -r "/etc/$i" \) -a \( ! -h "/etc/$i" \) -a \
- \( ! -r "${named_chrootdir}/etc/$i" \) ]; then
+ if [ -r "/etc/$i" ] && ! [ -h "/etc/$i" ] &&
+ ! [ -r "${named_chrootdir}/etc/$i" ]
+ then
mv "/etc/$i" "${named_chrootdir}/etc/$i"
ln -s "${named_chrootdir}/etc/$i" "/etc/$i"
fi
done
- if [ \( ! -r ${named_chrootdir}/etc/named.conf \) -a \
- \( -r ${named_chrootdir}/etc/namedb/named.conf \) ]; then
- ln -s namedb/named.conf ${named_chrootdir}/etc
+ if ! [ -r ${named_chrootdir}/etc/named.conf ] &&
+ [ -r ${named_chrootdir}/etc/namedb/named.conf ]
+ then
+ ln -s namedb/named.conf "${named_chrootdir}/etc"
fi
if [ -f /etc/localtime ]; then
- cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || \
+ cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" ||
cp -p /etc/localtime "${named_chrootdir}/etc/localtime"
fi
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 08:35:07 UTC 2023 Modified Files: src/etc/rc.d: named Log Message: Clean up obsolete test(1) usage - use sh's || instead of test's obsolete -o, and sh's && instead of test's obsolete -a. Minor formatting cleanups, including removing unneeded \ line continuations. The somewhat bizarre way that named_migrate() was made to work in a subshell (which of itself is fine, and looks needed) has been made more rational. Because of that, the need to use local vars is no longer there, (subshells can't affect the parent) and "local" in that func could be deleted (but hasn't been). To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/etc/rc.d/named Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:29:05 UTC 2023
Modified Files:
src/etc/rc.d: iscsid_volumes
Log Message:
Clean up obsolere test(1) -a option/operator - use sh && instead.
Take the opportunity to do a little sh formatting cleanups, the \
line continuation can ususually be avoided by placing sh operators at
the appropriate places.
Note the [ x"$var" = x"$other" ] usage no longer needs the 'x',
avoiding that kind of nonsense is partly why test was much more
precisely specified, and a lot of the unnecessary stuff made obsolete.
Those however I did not remove (they're harmless).
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/iscsid_volumes
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/iscsid_volumes
diff -u src/etc/rc.d/iscsid_volumes:1.4 src/etc/rc.d/iscsid_volumes:1.5
--- src/etc/rc.d/iscsid_volumes:1.4 Sat Jul 22 10:31:35 2023
+++ src/etc/rc.d/iscsid_volumes Mon Dec 25 08:29:05 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: iscsid_volumes,v 1.4 2023/07/22 10:31:35 mlelstv Exp $
+# $NetBSD: iscsid_volumes,v 1.5 2023/12/25 08:29:05 kre Exp $
#
# PROVIDE: iscsid_volumes
@@ -98,17 +98,19 @@ iscsid_volumes_stop()
*)
echo "Remove target ${alias:-$target}"
- /sbin/iscsictl list_sessions \
- | while read key1 num key2 sesstarget; do
-if [ x"$key1" = x"Session" -a \
- x"$key2" = x"Target" -a \
- x"$sesstarget" = x"$target" ]; then
- /sbin/iscsictl logout -I "$num" | grep -v '^OK$'
+ /sbin/iscsictl list_sessions |
+ while read key1 num key2 sesstarget; do
+if [ x"$key1" = x"Session" ] &&
+ [ x"$key2" = x"Target" ] &&
+ [ x"$sesstarget" = x"$target" ]
+then
+ /sbin/iscsictl logout -I "$num" |
+ grep -v '^OK$'
fi
done
- /sbin/iscsictl list_targets \
- | while read num talias ttarget; do
+ /sbin/iscsictl list_targets |
+ while read num talias ttarget; do
if [ x"$ttarget" = x"$target" ]; then
/sbin/iscsictl remove_target -I "$num"
fi
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 08:29:05 UTC 2023 Modified Files: src/etc/rc.d: iscsid_volumes Log Message: Clean up obsolere test(1) -a option/operator - use sh && instead. Take the opportunity to do a little sh formatting cleanups, the \ line continuation can ususually be avoided by placing sh operators at the appropriate places. Note the [ x"$var" = x"$other" ] usage no longer needs the 'x', avoiding that kind of nonsense is partly why test was much more precisely specified, and a lot of the unnecessary stuff made obsolete. Those however I did not remove (they're harmless). To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/iscsid_volumes Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:24:58 UTC 2023
Modified Files:
src/etc/rc.d: ipfs
Log Message:
Clean up obsolete test(1) usage, use sh && rather than test's old -a
(and while here prefer sh's ! operator over test's - it simplifies
things for test).
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/ipfs
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/ipfs
diff -u src/etc/rc.d/ipfs:1.8 src/etc/rc.d/ipfs:1.9
--- src/etc/rc.d/ipfs:1.8 Sun Sep 23 07:24:19 2018
+++ src/etc/rc.d/ipfs Mon Dec 25 08:24:58 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: ipfs,v 1.8 2018/09/23 07:24:19 maxv Exp $
+# $NetBSD: ipfs,v 1.9 2023/12/25 08:24:58 kre Exp $
#
# PROVIDE: ipfs
@@ -17,7 +17,8 @@ stop_cmd="ipfs_stop"
ipfs_start()
{
- if [ -r /var/db/ipf/ipstate.ipf -a -r /var/db/ipf/ipnat.ipf ]; then
+ if [ -r /var/db/ipf/ipstate.ipf ] && [ -r /var/db/ipf/ipnat.ipf ]
+ then
/usr/sbin/ipfs -R ${rc_flags}
rm -f /var/db/ipf/ipstate.ipf /var/db/ipf/ipnat.ipf
fi
@@ -25,7 +26,7 @@ ipfs_start()
ipfs_stop()
{
- if [ ! -d /var/db/ipf ]; then
+ if ! [ -d /var/db/ipf ]; then
mkdir /var/db/ipf
chmod 700 /var/db/ipf
chown root:wheel /var/db/ipf
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 08:24:58 UTC 2023 Modified Files: src/etc/rc.d: ipfs Log Message: Clean up obsolete test(1) usage, use sh && rather than test's old -a (and while here prefer sh's ! operator over test's - it simplifies things for test). To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/ipfs Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:23:36 UTC 2023
Modified Files:
src/etc/rc.d: bluetooth
Log Message:
Clean up obsolete test(1) usage - don't use -o, use sh || instead.
This one was particularly bad:
if [ -z ${dev} -o ${junk} ]; then
was supposed to be validating an entry read from a config file,
dev should be not empty, and junk should be empty (ie: correct
number of fields present). If that test succeeds, the line is
bad, and we error out.
But if dev was empty, and junk was also empty, that turned into
if [ -z -o ]; then
which tests if "-o" is the empty string, which it isn't, so instead
of succeeding, and considering the entry invalid (no dev specified)
the code would just carry on as if all was good.
Because of this, a bunch of quoting fixes were also made (there might
perhaps be more needed).
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/bluetooth
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 08:23:36 UTC 2023
Modified Files:
src/etc/rc.d: bluetooth
Log Message:
Clean up obsolete test(1) usage - don't use -o, use sh || instead.
This one was particularly bad:
if [ -z ${dev} -o ${junk} ]; then
was supposed to be validating an entry read from a config file,
dev should be not empty, and junk should be empty (ie: correct
number of fields present). If that test succeeds, the line is
bad, and we error out.
But if dev was empty, and junk was also empty, that turned into
if [ -z -o ]; then
which tests if "-o" is the empty string, which it isn't, so instead
of succeeding, and considering the entry invalid (no dev specified)
the code would just carry on as if all was good.
Because of this, a bunch of quoting fixes were also made (there might
perhaps be more needed).
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/bluetooth
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/bluetooth
diff -u src/etc/rc.d/bluetooth:1.2 src/etc/rc.d/bluetooth:1.3
--- src/etc/rc.d/bluetooth:1.2 Fri Nov 26 12:51:24 2021
+++ src/etc/rc.d/bluetooth Mon Dec 25 08:23:35 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: bluetooth,v 1.2 2021/11/26 12:51:24 sborrill Exp $
+# $NetBSD: bluetooth,v 1.3 2023/12/25 08:23:35 kre Exp $
#
# PROVIDE: bluetooth
@@ -85,13 +85,13 @@ bluetooth_start()
;;
esac
- if [ -z ${dev} -o ${junk} ]; then
+ if [ -z "${dev}" ] || [ -n "${junk}" ]; then
echo "${name}: invalid entry"
return 1
fi
echo "attaching Bluetooth ${service} service from \"${addr}\""
- ${btdevctl_cmd} -A -a ${addr} -d ${dev} -s ${service}
+ ${btdevctl_cmd} -A -a "${addr}" -d "${dev}" -s "${service}"
done < ${btdevctl_conf}
#
@@ -111,7 +111,7 @@ bluetooth_stop()
echo -n "disabling Bluetooth controllers:"
for dev in ${btconfig_devices:-$(${btconfig_cmd} -l)}; do
echo -n " ${dev}"
- ${btconfig_cmd} ${dev} disable
+ ${btconfig_cmd} "${dev}" disable
done
echo "."
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 07:49:22 UTC 2023 Modified Files: src/etc/rc.d: ip6addrctl Log Message: Don't use obsolete test(1) -a option/operator - use sh && instead. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/ip6addrctl Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 07:49:22 UTC 2023
Modified Files:
src/etc/rc.d: ip6addrctl
Log Message:
Don't use obsolete test(1) -a option/operator - use sh && instead.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/ip6addrctl
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/ip6addrctl
diff -u src/etc/rc.d/ip6addrctl:1.7 src/etc/rc.d/ip6addrctl:1.8
--- src/etc/rc.d/ip6addrctl:1.7 Tue Sep 8 12:52:18 2020
+++ src/etc/rc.d/ip6addrctl Mon Dec 25 07:49:22 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: ip6addrctl,v 1.7 2020/09/08 12:52:18 martin Exp $
+# $NetBSD: ip6addrctl,v 1.8 2023/12/25 07:49:22 kre Exp $
# FreeBSD: head/etc/rc.d/ip6addrctl 270836 2014-08-30 07:08:10Z hrs
#
@@ -58,7 +58,7 @@ ip6addrctl_start()
# install the policy of the address selection algorithm.
case "${ip6addrctl_policy}" in
[Aa][Uu][Tt][Oo])
- if [ -r "${config_file}" -a -s "${config_file}" ]; then
+ if [ -r "${config_file}" ] && [ -s "${config_file}" ]; then
${IP6ADDRCTL_CMD} flush >/dev/null 2>&1
${IP6ADDRCTL_CMD} install "${config_file}"
else
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 07:46:12 UTC 2023
Modified Files:
src/etc/rc.d: certctl_init
Log Message:
Whitespace: 8 spaces -> tab
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/certctl_init
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/certctl_init
diff -u src/etc/rc.d/certctl_init:1.2 src/etc/rc.d/certctl_init:1.3
--- src/etc/rc.d/certctl_init:1.2 Mon Dec 25 07:43:03 2023
+++ src/etc/rc.d/certctl_init Mon Dec 25 07:46:12 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: certctl_init,v 1.2 2023/12/25 07:43:03 kre Exp $
+# $NetBSD: certctl_init,v 1.3 2023/12/25 07:46:12 kre Exp $
#
# PROVIDE: certctl_init
# REQUIRE: mountcritremote
@@ -39,7 +39,7 @@ certctl_init()
{ [ -e "$certsdir" ] && ! [ -d "$certsdir" ] ; } ||
( [ -d "$certsdir" ] &&
find -f "$certsdir" -- -maxdepth 0 -type d -empty -exit 1 )
-then
+ then
return
fi
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 07:46:12 UTC 2023 Modified Files: src/etc/rc.d: certctl_init Log Message: Whitespace: 8 spaces -> tab To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/certctl_init Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 07:43:03 UTC 2023
Modified Files:
src/etc/rc.d: certctl_init
Log Message:
No longer use obsolete test(1) -a option/operator, use sh && instead.
While here a couple of minor formatting improvements - in general it
is always a good idea to surround sh operator chars (like '>' '(' ...)
with white space, to guard against thet possibility that some other (or
later enhanced) sh might have additional operators which happen to be
the character string used.
I don't understand while the final part of the condition for not doing
anything needs to run in a subshell, but that can stay for now.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/certctl_init
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/certctl_init
diff -u src/etc/rc.d/certctl_init:1.1 src/etc/rc.d/certctl_init:1.2
--- src/etc/rc.d/certctl_init:1.1 Wed Sep 27 00:24:13 2023
+++ src/etc/rc.d/certctl_init Mon Dec 25 07:43:03 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: certctl_init,v 1.1 2023/09/27 00:24:13 riastradh Exp $
+# $NetBSD: certctl_init,v 1.2 2023/12/25 07:43:03 kre Exp $
#
# PROVIDE: certctl_init
# REQUIRE: mountcritremote
@@ -36,10 +36,9 @@ certctl_init()
# directory, or is a directory but is nonempty, then we're not
# in the first boot's initial configuration. So do nothing.
if [ -h "$certsdir" ] ||
- [ -e "$certsdir" -a ! -d "$certsdir" ] ||
- ([ -d "$certsdir" ] &&
- find -f "$certsdir" -- \
- -maxdepth 0 -type d -empty -exit 1)
+ { [ -e "$certsdir" ] && ! [ -d "$certsdir" ] ; } ||
+ ( [ -d "$certsdir" ] &&
+ find -f "$certsdir" -- -maxdepth 0 -type d -empty -exit 1 )
then
return
fi
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Mon Dec 25 07:43:03 UTC 2023
Modified Files:
src/etc/rc.d: certctl_init
Log Message:
No longer use obsolete test(1) -a option/operator, use sh && instead.
While here a couple of minor formatting improvements - in general it
is always a good idea to surround sh operator chars (like '>' '(' ...)
with white space, to guard against thet possibility that some other (or
later enhanced) sh might have additional operators which happen to be
the character string used.
I don't understand while the final part of the condition for not doing
anything needs to run in a subshell, but that can stay for now.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/certctl_init
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 07:39:59 UTC 2023 Modified Files: src/etc/rc.d: securelevel Log Message: No longer use obsolete test "-a" option - use sh && instead. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/securelevel Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/securelevel diff -u src/etc/rc.d/securelevel:1.8 src/etc/rc.d/securelevel:1.9 --- src/etc/rc.d/securelevel:1.8 Tue Dec 29 17:06:10 2009 +++ src/etc/rc.d/securelevel Mon Dec 25 07:39:59 2023 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: securelevel,v 1.8 2009/12/29 17:06:10 elad Exp $ +# $NetBSD: securelevel,v 1.9 2023/12/25 07:39:59 kre Exp $ # # PROVIDE: securelevel @@ -25,7 +25,7 @@ securelevel_start() exit 1 fi - if [ -n "$securelevel" -a "$securelevel" != "$osecurelevel" ]; then + if [ -n "$securelevel" ] && [ "$securelevel" != "$osecurelevel" ]; then if [ "$securelevel" -lt "$osecurelevel" ]; then echo "Can't lower securelevel." exit 1
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Mon Dec 25 07:39:59 UTC 2023 Modified Files: src/etc/rc.d: securelevel Log Message: No longer use obsolete test "-a" option - use sh && instead. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/securelevel Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: gutteridge Date: Wed Oct 4 00:04:42 UTC 2023 Modified Files: src/etc/rc.d: resize_root Log Message: resize_root: quote $rootdev consistently in resize_ffs(8) calls To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/rc.d/resize_root Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: gutteridge Date: Wed Oct 4 00:04:42 UTC 2023 Modified Files: src/etc/rc.d: resize_root Log Message: resize_root: quote $rootdev consistently in resize_ffs(8) calls To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/rc.d/resize_root Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/resize_root diff -u src/etc/rc.d/resize_root:1.5 src/etc/rc.d/resize_root:1.6 --- src/etc/rc.d/resize_root:1.5 Sun May 24 14:43:19 2020 +++ src/etc/rc.d/resize_root Wed Oct 4 00:04:42 2023 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: resize_root,v 1.5 2020/05/24 14:43:19 jmcneill Exp $ +# $NetBSD: resize_root,v 1.6 2023/10/04 00:04:42 gutteridge Exp $ # # PROVIDE: resize_root @@ -83,7 +83,7 @@ resize_root_start() if resize_ffs -c "$rootdev"; then echo "Resizing $rootmp ($rootdev)" - if ! resize_ffs -y $resize_root_flags $rootdev; then + if ! resize_ffs -y $resize_root_flags "$rootdev"; then echo "Error resizing root." stop_boot fi
CVS commit: src/etc/rc.d
Module Name:src
Committed By: mlelstv
Date: Sat Jul 22 10:31:35 UTC 2023
Modified Files:
src/etc/rc.d: iscsid_volumes
Log Message:
Don't specify a volume alias if none is given instead of using a default
name. Otherwise iscsictl fails for using non-unique names if more than
one volume is used.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/etc/rc.d/iscsid_volumes
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/iscsid_volumes
diff -u src/etc/rc.d/iscsid_volumes:1.3 src/etc/rc.d/iscsid_volumes:1.4
--- src/etc/rc.d/iscsid_volumes:1.3 Sat Feb 18 07:51:52 2023
+++ src/etc/rc.d/iscsid_volumes Sat Jul 22 10:31:35 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: iscsid_volumes,v 1.3 2023/02/18 07:51:52 mlelstv Exp $
+# $NetBSD: iscsid_volumes,v 1.4 2023/07/22 10:31:35 mlelstv Exp $
#
# PROVIDE: iscsid_volumes
@@ -35,6 +35,16 @@ iscsid_volumes_start()
if [ -f /etc/iscsi/auths ]; then
while read entry dummy; do
+
+ case $entry in
+ *:chap:*|\
+ *:CHAP:*|\
+ *:none:*)
+ dummy=${entry#*:}
+ entry=${entry%%:*}:${dummy#*:}
+ ;;
+ esac
+
case $entry in
\#*|"") ;;
"$user":*) pass=${entry#*:} ;;
@@ -63,7 +73,7 @@ iscsid_volumes_start()
-u "$user" \
-s "$pass" \
-S "$mpass" \
--N "${alias:--}")
+${alias:+-N} ${alias:+"$alias"})
echo "$out"
case $out in
CVS commit: src/etc/rc.d
Module Name:src Committed By: mlelstv Date: Sat Jul 22 10:31:35 UTC 2023 Modified Files: src/etc/rc.d: iscsid_volumes Log Message: Don't specify a volume alias if none is given instead of using a default name. Otherwise iscsictl fails for using non-unique names if more than one volume is used. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/etc/rc.d/iscsid_volumes Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: kim Date: Sat Jul 22 08:51:28 UTC 2023 Modified Files: src/etc/rc.d: sshd Log Message: Remove backwards compat. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kim
Date: Sat Jul 22 08:51:28 UTC 2023
Modified Files:
src/etc/rc.d: sshd
Log Message:
Remove backwards compat.
To generate a diff of this commit:
cvs rdiff -u -r1.36 -r1.37 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.36 src/etc/rc.d/sshd:1.37
--- src/etc/rc.d/sshd:1.36 Sat Jun 10 04:02:39 2023
+++ src/etc/rc.d/sshd Sat Jul 22 08:51:28 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.36 2023/06/10 04:02:39 kim Exp $
+# $NetBSD: sshd,v 1.37 2023/07/22 08:51:28 kim Exp $
#
# PROVIDE: sshd
@@ -66,7 +66,7 @@ ed25519 -1 ssh_host_ed25519_key
rsa 0 ssh_host_rsa_key
_EOF
if "${new_key_created}"; then
- sysctl -q kern.entropy.needed && sshd_motd_unsafe_keys_warning
+ sshd_motd_unsafe_keys_warning
fi
)
}
Re: CVS commit: src/etc/rc.d
On Sun, Jun 11, 2023 at 11:23:23AM +0300, Kimmo Suominen wrote: > My thinking here is that it makes it simpler to keep the script in > sync between branches. (I have not checked, but I guess the sysctl > does not depend on kernel configuration then.) In this special case I think this would not be a good idea as the entropy changes between current and 10 vs. -9 are fundamental and heavily disputed. Keeping things minimal, clean and consistent is IMO preferable here. Martin
Re: CVS commit: src/etc/rc.d
On Sat, 10 Jun 2023 at 20:08, Martin Husemann wrote: > I don't like this commit, it mixes: > > - several text improvements (good!) > - one unrelated cosmetic change (rely on all rc.d scripts being installed >with x bit, so drop the "sh" from the manual invocation) Calling the rc.d script directly is how we teach people to do it in the NetBSD Guide: https://www.netbsd.org/docs/guide/en/chap-rc.html#chap-rc-scripts The usage message that rc.d scripts produce also shows executing them directly: # service sshd check /etc/rc.d/sshd: unknown directive 'check'. Usage: /etc/rc.d/sshd [fast|force|one](start stop restart rcvar keygen reload status poll) I think adopting a single convention across the board would be least confusing for users. Personally I like calling rc.d scripts using service(8) as it makes an effort to run the rc.d script as close as possible to how it is run from rc(8). I find setting the current working directory to / is especially prudent and noteworthy. However, it would appear that service(8) has a bug where it also relies on executing the rc.d script directly. In practise it would be rare to run into it, though, as we do seem to install rc.d scripts with all the execute bits set. The error service(8) outputs when no execute bits are set is "sshd does not exist in /etc/rc.d," which can be perplexing when /etc/rc.d/sshd clearly does exist. > - one unrelated and IMO unneded change (check if kern.entropy.needed >exists, only usefull for older branches) My thinking here is that it makes it simpler to keep the script in sync between branches. (I have not checked, but I guess the sysctl does not depend on kernel configuration then.) Kind regards, + Kimmo
Re: CVS commit: src/etc/rc.d
On Sat, Jun 10, 2023 at 04:02:39AM +, Kimmo Suominen wrote: > Module Name: src > Committed By: kim > Date: Sat Jun 10 04:02:39 UTC 2023 > > Modified Files: > src/etc/rc.d: sshd > > Log Message: > Add some backwards compat. Adjust grammar. > > > To generate a diff of this commit: > cvs rdiff -u -r1.35 -r1.36 src/etc/rc.d/sshd I don't like this commit, it mixes: - several text improvements (good!) - one unrelated cosmetic change (rely on all rc.d scripts being installed with x bit, so drop the "sh" from the manual invocation) - one unrelated and IMO unneded change (check if kern.entropy.needed exists, only usefull for older branches) Martin
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kim
Date: Sat Jun 10 04:02:39 UTC 2023
Modified Files:
src/etc/rc.d: sshd
Log Message:
Add some backwards compat. Adjust grammar.
To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.35 src/etc/rc.d/sshd:1.36
--- src/etc/rc.d/sshd:1.35 Mon Jun 5 11:59:12 2023
+++ src/etc/rc.d/sshd Sat Jun 10 04:02:39 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.35 2023/06/05 11:59:12 riastradh Exp $
+# $NetBSD: sshd,v 1.36 2023/06/10 04:02:39 kim Exp $
#
# PROVIDE: sshd
@@ -26,13 +26,13 @@ sshd_motd_unsafe_keys_warning()
-- UNSAFE KEYS WARNING:
The ssh host keys on this machine have been generated with
- not enough entropy configured, so may be predictable.
+ not enough entropy configured, so they may be predictable.
To fix, follow the "Adding entropy" section in the entropy(7)
- man page and after this machine has enough entropy, re-generate
+ man page. After this machine has enough entropy, re-generate
the ssh host keys by running:
- sh /etc/rc.d/sshd keyregen
+ /etc/rc.d/sshd keyregen
_EOF
fi
cmp -s $T /etc/motd || cp $T /etc/motd
@@ -66,7 +66,7 @@ ed25519 -1 ssh_host_ed25519_key
rsa 0 ssh_host_rsa_key
_EOF
if "${new_key_created}"; then
- sshd_motd_unsafe_keys_warning
+ sysctl -q kern.entropy.needed && sshd_motd_unsafe_keys_warning
fi
)
}
CVS commit: src/etc/rc.d
Module Name:src Committed By: kim Date: Sat Jun 10 04:02:39 UTC 2023 Modified Files: src/etc/rc.d: sshd Log Message: Add some backwards compat. Adjust grammar. To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: riastradh Date: Mon Jun 5 11:59:13 UTC 2023 Modified Files: src/etc/rc.d: sshd Log Message: /etc/rc.d/sshd: Use default curve for ECDSA keygen, not NIST P-521. The default is NIST P-256, which: (a) has plenty of cryptanalytic security, (b) performs better on essentially all platforms (smaller enough that even the advantage of the Mersenne prime structure of P-521 can't compete), and (c) likely gets more scrutiny on implementations than P-521 since it's more widespread. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: riastradh
Date: Mon Jun 5 11:59:13 UTC 2023
Modified Files:
src/etc/rc.d: sshd
Log Message:
/etc/rc.d/sshd: Use default curve for ECDSA keygen, not NIST P-521.
The default is NIST P-256, which:
(a) has plenty of cryptanalytic security,
(b) performs better on essentially all platforms (smaller enough that
even the advantage of the Mersenne prime structure of P-521 can't
compete), and
(c) likely gets more scrutiny on implementations than P-521 since it's
more widespread.
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.34 src/etc/rc.d/sshd:1.35
--- src/etc/rc.d/sshd:1.34 Mon Jun 5 11:51:19 2023
+++ src/etc/rc.d/sshd Mon Jun 5 11:59:12 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.34 2023/06/05 11:51:19 riastradh Exp $
+# $NetBSD: sshd,v 1.35 2023/06/05 11:59:12 riastradh Exp $
#
# PROVIDE: sshd
@@ -61,7 +61,7 @@ sshd_keygen()
printf "ssh-keygen: " && "${keygen}" -f "${f}" -l
new_key_created=true
done << _EOF
-ecdsa 521 ssh_host_ecdsa_key
+ecdsa -1 ssh_host_ecdsa_key
ed25519 -1 ssh_host_ed25519_key
rsa 0 ssh_host_rsa_key
_EOF
CVS commit: src/etc/rc.d
Module Name:src
Committed By: riastradh
Date: Mon Jun 5 11:51:20 UTC 2023
Modified Files:
src/etc/rc.d: sshd
Log Message:
/etc/rc.d/sshd: Stop generating DSA host keys by default.
If you want them you can generate them yourself, but in this day and
age (Monday and 2023, specifically) there's no reason to be using DSA
except for compatibility with ancient legacy software.
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.33 src/etc/rc.d/sshd:1.34
--- src/etc/rc.d/sshd:1.33 Fri May 26 10:44:59 2023
+++ src/etc/rc.d/sshd Mon Jun 5 11:51:19 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.33 2023/05/26 10:44:59 riastradh Exp $
+# $NetBSD: sshd,v 1.34 2023/06/05 11:51:19 riastradh Exp $
#
# PROVIDE: sshd
@@ -61,7 +61,6 @@ sshd_keygen()
printf "ssh-keygen: " && "${keygen}" -f "${f}" -l
new_key_created=true
done << _EOF
-dsa 1024 ssh_host_dsa_key
ecdsa 521 ssh_host_ecdsa_key
ed25519 -1 ssh_host_ed25519_key
rsa 0 ssh_host_rsa_key
CVS commit: src/etc/rc.d
Module Name:src Committed By: riastradh Date: Mon Jun 5 11:51:20 UTC 2023 Modified Files: src/etc/rc.d: sshd Log Message: /etc/rc.d/sshd: Stop generating DSA host keys by default. If you want them you can generate them yourself, but in this day and age (Monday and 2023, specifically) there's no reason to be using DSA except for compatibility with ancient legacy software. To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: riastradh Date: Fri May 26 10:44:59 UTC 2023 Modified Files: src/etc/rc.d: sshd Log Message: /etc/rc.d/sshd: New check cmd and reload precmd. - check cmd: run `sshd -t' to check sshd_config file - reload precmd: run check cmd before reloading so we don't nuke sshd if there's an error in the sshd_config file (It is still possible to effectively nuke sshd by changing the configuration tosomething that won't work on your network, but at least we avoid making sshd just exit on reload when you make a typo in a config option.) XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: riastradh
Date: Fri May 26 10:44:59 UTC 2023
Modified Files:
src/etc/rc.d: sshd
Log Message:
/etc/rc.d/sshd: New check cmd and reload precmd.
- check cmd: run `sshd -t' to check sshd_config file
- reload precmd: run check cmd before reloading so we don't nuke sshd
if there's an error in the sshd_config file
(It is still possible to effectively nuke sshd by changing the
configuration tosomething that won't work on your network, but at
least we avoid making sshd just exit on reload when you make a typo
in a config option.)
XXX pullup-9
XXX pullup-10
To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.32 src/etc/rc.d/sshd:1.33
--- src/etc/rc.d/sshd:1.32 Sun May 15 11:47:42 2022
+++ src/etc/rc.d/sshd Fri May 26 10:44:59 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.32 2022/05/15 11:47:42 martin Exp $
+# $NetBSD: sshd,v 1.33 2023/05/26 10:44:59 riastradh Exp $
#
# PROVIDE: sshd
@@ -13,7 +13,7 @@ rcvar=$name
command="/usr/sbin/${name}"
pidfile="/var/run/${name}.pid"
required_files="/etc/ssh/sshd_config"
-extra_commands="keygen keyregen reload"
+extra_commands="check keygen keyregen reload"
sshd_motd_unsafe_keys_warning()
{
@@ -77,8 +77,20 @@ sshd_precmd()
run_rc_command keygen
}
+sshd_check()
+{
+ sshd -t
+}
+
+sshd_reload_precmd()
+{
+ run_rc_command check
+}
+
+check_cmd=sshd_check
keygen_cmd=sshd_keygen
keyregen_cmd="sshd_keygen force"
+reload_precmd=sshd_reload_precmd
start_precmd=sshd_precmd
load_rc_config $name
CVS commit: src/etc/rc.d
Module Name:src Committed By: mlelstv Date: Sat Feb 18 07:51:52 UTC 2023 Modified Files: src/etc/rc.d: iscsid_volumes Log Message: Handle missing auth file. Skip empty lines. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/iscsid_volumes Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: mlelstv
Date: Sat Feb 18 07:51:52 UTC 2023
Modified Files:
src/etc/rc.d: iscsid_volumes
Log Message:
Handle missing auth file.
Skip empty lines.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/iscsid_volumes
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/iscsid_volumes
diff -u src/etc/rc.d/iscsid_volumes:1.2 src/etc/rc.d/iscsid_volumes:1.3
--- src/etc/rc.d/iscsid_volumes:1.2 Mon Feb 6 11:53:03 2023
+++ src/etc/rc.d/iscsid_volumes Sat Feb 18 07:51:52 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: iscsid_volumes,v 1.2 2023/02/06 11:53:03 martin Exp $
+# $NetBSD: iscsid_volumes,v 1.3 2023/02/18 07:51:52 mlelstv Exp $
#
# PROVIDE: iscsid_volumes
@@ -20,7 +20,7 @@ iscsid_volumes_start()
while read host target digest auth user alias; do
case $host in
- \#*) ;;
+ \#*|"") ;;
*)
topts=''
case $digest in
@@ -33,13 +33,15 @@ iscsid_volumes_start()
pass="-"
mpass="-"
- while read entry dummy; do
-case $entry in
-\#*) ;;
-"$user":*) pass=${entry#*:} ;;
-"$target":*) mpass=${entry#*:} ;;
-esac
- done < /etc/iscsi/auths
+ if [ -f /etc/iscsi/auths ]; then
+while read entry dummy; do
+ case $entry in
+ \#*|"") ;;
+ "$user":*) pass=${entry#*:} ;;
+ "$target":*) mpass=${entry#*:} ;;
+ esac
+done < /etc/iscsi/auths
+ fi
case $host in
*:*)
@@ -82,7 +84,7 @@ iscsid_volumes_stop()
while read host target digest auth user alias; do
case $host in
- \#*) ;;
+ \#*|"") ;;
*)
echo "Remove target ${alias:-$target}"
CVS commit: src/etc/rc.d
Module Name:src
Committed By: martin
Date: Mon Feb 6 11:53:04 UTC 2023
Modified Files:
src/etc/rc.d: iscsid_volumes
Log Message:
If /etc/iscsi/volumes does not exist, explicitly exit with 0 status
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/iscsid_volumes
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/iscsid_volumes
diff -u src/etc/rc.d/iscsid_volumes:1.1 src/etc/rc.d/iscsid_volumes:1.2
--- src/etc/rc.d/iscsid_volumes:1.1 Fri Feb 3 13:53:40 2023
+++ src/etc/rc.d/iscsid_volumes Mon Feb 6 11:53:03 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: iscsid_volumes,v 1.1 2023/02/03 13:53:40 mlelstv Exp $
+# $NetBSD: iscsid_volumes,v 1.2 2023/02/06 11:53:03 martin Exp $
#
# PROVIDE: iscsid_volumes
@@ -16,7 +16,7 @@ stop_cmd="iscsid_volumes_stop"
iscsid_volumes_start()
{
- test -f /etc/iscsi/volumes || return
+ test -f /etc/iscsi/volumes || return 0
while read host target digest auth user alias; do
case $host in
@@ -78,7 +78,7 @@ iscsid_volumes_start()
iscsid_volumes_stop()
{
- test -f /etc/iscsi/volumes || return
+ test -f /etc/iscsi/volumes || return 0
while read host target digest auth user alias; do
case $host in
CVS commit: src/etc/rc.d
Module Name:src Committed By: martin Date: Mon Feb 6 11:53:04 UTC 2023 Modified Files: src/etc/rc.d: iscsid_volumes Log Message: If /etc/iscsi/volumes does not exist, explicitly exit with 0 status To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/iscsid_volumes Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc/rc.d
On 22-08-24 20:39, Robert Elz wrote: | Date:Wed, 24 Aug 2022 20:37:54 +1000 | From:Luke Mewburn | Message-ID: | | | I think it would be more consistent with existing convention | | (in both NetBSD and on other systems) to add /etc/raid.d | | I certainly won't be doing that, I detest the ".d" convention | as a general thing. I personally prefer /etc/conf for config | files (I use it for all kinds of things) which then don't need | redundant ".conf" noise in their names (I have never much liked | the concept of filename extensions at all). So you've changed the system for your personal preference versus existing conventions. Are we going to see lots of other local changes to the system for this /etc/conf directory, without at least some discussion and consensus? | Note I didn't add the directory, for most people (who don't just | use raid autoconfig - at the minute I have reasons for not doing | that) can keep using the files that have always been used. To | use /etc/conf/raid you have to go manually set it up for yourself. That's a silver lining I suppose :) | If you want to add some other place where the files could be put, | by all means, go ahead. Well, if I was to, I'd be suggesting /etc/raid.d/*.conf just to follow existing practice within the system. | kre | | ps: that all happened over a month ago... That doesn't invalidate my feedback; not all of us can keep up with every change in real time.
Re: CVS commit: src/etc/rc.d
Date:Wed, 24 Aug 2022 20:37:54 +1000 From:Luke Mewburn Message-ID: | I think it would be more consistent with existing convention | (in both NetBSD and on other systems) to add /etc/raid.d I certainly won't be doing that, I detest the ".d" convention as a general thing. I personally prefer /etc/conf for config files (I use it for all kinds of things) which then don't need redundant ".conf" noise in their names (I have never much liked the concept of filename extensions at all). Note I didn't add the directory, for most people (who don't just use raid autoconfig - at the minute I have reasons for not doing that) can keep using the files that have always been used. To use /etc/conf/raid you have to go manually set it up for yourself. If you want to add some other place where the files could be put, by all means, go ahead. kre ps: that all happened over a month ago...
Re: CVS commit: src/etc/rc.d
On 22-07-21 07:49, Robert Elz wrote: | Module Name:src | Committed By: kre | Date: Thu Jul 21 07:49:36 UTC 2022 | | Modified Files: | src/etc/rc.d: raidframe | | Log Message: | Make this better ... Allow config file for raidN to be found | in /etc/conf/raid/raidN (as well as in /etc/raidN.conf) (less | clutter in /etc). I think it would be more consistent with existing convention (in both NetBSD and on other systems) to add /etc/raid.d and use /etc/raid.d/raidN or even /etc/raid.d/raidN.conf instead of adding a new /etc/conf/ directory and using /etc/conf/raid/raidN | To generate a diff of this commit: | cvs rdiff -u -r1.11 -r1.12 src/etc/rc.d/raidframe Luke.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Thu Jul 21 07:49:36 UTC 2022
Modified Files:
src/etc/rc.d: raidframe
Log Message:
Make this better ... Allow config file for raidN to be found
in /etc/conf/raid/raidN (as well as in /etc/raidN.conf) (less
clutter in /etc).
Allow config files to exist for raids that are autoconfigured (just
skip anything autoconfigured) - this allows a (simplistic) recovery
mechanism if autoconf fails, and makes it simpler to enable/disable
autoconf at will, while keeping the raid working.
While here, add sh quoting where it is needed, and remove it from
where it is pointless.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/etc/rc.d/raidframe
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/raidframe
diff -u src/etc/rc.d/raidframe:1.11 src/etc/rc.d/raidframe:1.12
--- src/etc/rc.d/raidframe:1.11 Tue Aug 3 05:15:20 2021
+++ src/etc/rc.d/raidframe Thu Jul 21 07:49:36 2022
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: raidframe,v 1.11 2021/08/03 05:15:20 mlelstv Exp $
+# $NetBSD: raidframe,v 1.12 2022/07/21 07:49:36 kre Exp $
#
# PROVIDE: raidframe
@@ -9,21 +9,43 @@
$_rc_subr_loaded . /etc/rc.subr
-name="raidframe"
+name=raidframe
rcvar=$name
-start_cmd="raidframe_start"
-stop_cmd=":"
+start_cmd=raidframe_start
+stop_cmd=:
raidframe_start()
{
# Configure non-auto-configured raid devices.
- # Ensure order by globbing raid[0-9].conf before raid[1-9][0-9].conf.
- #
- for cfg in /etc/raid[0-9].conf /etc/raid[1-9][0-9].conf ; do
- [ ! -f $cfg ] && continue
+ # Ensure order by globbing raid[0-9] before raid[1-9][0-9].
+ # Assume no mixing of /etc/conf/raid/* and /etc/raid*.conf styles
+
+ devices=$(sysctl -n hw.disknames)
+ for cfg in \
+ /etc/conf/raid/raid[0-9] \
+ /etc/conf/raid/raid[1-9][0-9] \
+ /etc/conf/raid/raid[1-9][0-9][0-9] \
+ /etc/raid[0-9].conf \
+ /etc/raid[1-9][0-9].conf \
+ ; do
+ [ -f "$cfg" ] && [ -s "$cfg" ] || continue
+
dev=${cfg##*/}
- dev=${dev%%.conf}
- raidctl -c $cfg $dev
+ dev=${dev%.conf}
+
+ # This test should never fail with the possible
+ # config file patterns included, but for safety
+ case "${dev}" in
+ raid[0-9]|raid[1-9][0-9]|raid[1-9][0-9][0-9]) ;;
+ *) : "$dev not raidNN"; continue;;
+ esac
+
+ case " ${devices} " in
+ *" ${dev} "*) : "$dev configured already"; continue;;
+ esac
+
+ raidctl -c "$cfg" "$dev" &&
+ devices="${devices} ${dev}"
done
}
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Thu Jul 21 07:49:36 UTC 2022 Modified Files: src/etc/rc.d: raidframe Log Message: Make this better ... Allow config file for raidN to be found in /etc/conf/raid/raidN (as well as in /etc/raidN.conf) (less clutter in /etc). Allow config files to exist for raids that are autoconfigured (just skip anything autoconfigured) - this allows a (simplistic) recovery mechanism if autoconf fails, and makes it simpler to enable/disable autoconf at will, while keeping the raid working. While here, add sh quoting where it is needed, and remove it from where it is pointless. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/etc/rc.d/raidframe Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: martin Date: Sun May 15 11:47:42 UTC 2022 Modified Files: src/etc/rc.d: sshd Log Message: PR 56835: fix sshd startup script to only whine about bogus keys it created if it actualy did create keys (one should thing that a function called sshd_keygen() only is called to create keys, but the "precmd" magic makes it run every time sshd is started or stopped). Patch from Tom Lane, with modifications suggested by kre and a minor additional cosemtic change. To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: martin
Date: Sun May 15 11:47:42 UTC 2022
Modified Files:
src/etc/rc.d: sshd
Log Message:
PR 56835: fix sshd startup script to only whine about bogus keys it
created if it actualy did create keys (one should thing that a
function called sshd_keygen() only is called to create keys, but
the "precmd" magic makes it run every time sshd is started or stopped).
Patch from Tom Lane, with modifications suggested by kre and a minor
additional cosemtic change.
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.31 src/etc/rc.d/sshd:1.32
--- src/etc/rc.d/sshd:1.31 Sun Sep 26 10:53:20 2021
+++ src/etc/rc.d/sshd Sun May 15 11:47:42 2022
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.31 2021/09/26 10:53:20 martin Exp $
+# $NetBSD: sshd,v 1.32 2022/05/15 11:47:42 martin Exp $
#
# PROVIDE: sshd
@@ -45,6 +45,7 @@ sshd_keygen()
(
keygen="/usr/bin/ssh-keygen"
umask 022
+ new_key_created=false
while read type bits filename; do
f="/etc/ssh/$filename"
if [ "$1" != "force" ] && [ -f "$f" ]; then
@@ -58,14 +59,17 @@ sshd_keygen()
esac
"${keygen}" -t "${type}" ${bitarg} -f "${f}" -N '' -q && \
printf "ssh-keygen: " && "${keygen}" -f "${f}" -l
+ new_key_created=true
done << _EOF
dsa 1024 ssh_host_dsa_key
ecdsa 521 ssh_host_ecdsa_key
ed25519 -1 ssh_host_ed25519_key
rsa 0 ssh_host_rsa_key
_EOF
+ if "${new_key_created}"; then
+ sshd_motd_unsafe_keys_warning
+ fi
)
- sshd_motd_unsafe_keys_warning
}
sshd_precmd()
CVS commit: src/etc/rc.d
Module Name:src Committed By: gutteridge Date: Wed Mar 2 01:55:19 UTC 2022 Modified Files: src/etc/rc.d: LOGIN Log Message: LOGIN: fix typo in description To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/LOGIN Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/LOGIN diff -u src/etc/rc.d/LOGIN:1.7 src/etc/rc.d/LOGIN:1.8 --- src/etc/rc.d/LOGIN:1.7 Fri Mar 22 04:33:57 2002 +++ src/etc/rc.d/LOGIN Wed Mar 2 01:55:18 2022 @@ -1,13 +1,13 @@ #!/bin/sh # -# $NetBSD: LOGIN,v 1.7 2002/03/22 04:33:57 thorpej Exp $ +# $NetBSD: LOGIN,v 1.8 2022/03/02 01:55:18 gutteridge Exp $ # # PROVIDE: LOGIN # REQUIRE: DAEMON # This is a dummy dependency to ensure user services such as xdm, -# inetd, cron and kerberos are started after everything else, incase +# inetd, cron and kerberos are started after everything else, in case # the administrator has increased the system security level and # wants to delay user logins until the system is (almost) fully # operational.
CVS commit: src/etc/rc.d
Module Name:src Committed By: gutteridge Date: Wed Mar 2 01:55:19 UTC 2022 Modified Files: src/etc/rc.d: LOGIN Log Message: LOGIN: fix typo in description To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/LOGIN Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: sborrill Date: Tue Nov 30 11:00:29 UTC 2021 Modified Files: src/etc/rc.d: npf_boot pf_boot Log Message: Revert previous. Explicitly load the value of npf or pf To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/rc.d/npf_boot cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/pf_boot Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/npf_boot diff -u src/etc/rc.d/npf_boot:1.5 src/etc/rc.d/npf_boot:1.6 --- src/etc/rc.d/npf_boot:1.5 Fri Nov 26 13:11:36 2021 +++ src/etc/rc.d/npf_boot Tue Nov 30 11:00:29 2021 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: npf_boot,v 1.5 2021/11/26 13:11:36 sborrill Exp $ +# $NetBSD: npf_boot,v 1.6 2021/11/30 11:00:29 sborrill Exp $ # # PROVIDE: npf_boot @@ -29,5 +29,6 @@ npf_boot_start() /sbin/npfctl start } -load_rc_config $rcvar +load_rc_config $name +load_rc_config_var npf npf run_rc_command "$1" Index: src/etc/rc.d/pf_boot diff -u src/etc/rc.d/pf_boot:1.8 src/etc/rc.d/pf_boot:1.9 --- src/etc/rc.d/pf_boot:1.8 Fri Nov 26 13:11:36 2021 +++ src/etc/rc.d/pf_boot Tue Nov 30 11:00:29 2021 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: pf_boot,v 1.8 2021/11/26 13:11:36 sborrill Exp $ +# $NetBSD: pf_boot,v 1.9 2021/11/30 11:00:29 sborrill Exp $ # # PROVIDE: pf_boot @@ -29,5 +29,6 @@ pf_boot_start() /sbin/pfctl -q -e } -load_rc_config $rcvar +load_rc_config $name +load_rc_config_var pf pf run_rc_command "$1"
CVS commit: src/etc/rc.d
Module Name:src Committed By: sborrill Date: Tue Nov 30 11:00:29 UTC 2021 Modified Files: src/etc/rc.d: npf_boot pf_boot Log Message: Revert previous. Explicitly load the value of npf or pf To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/etc/rc.d/npf_boot cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/pf_boot Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc/rc.d
On Tue, Nov 30, 2021 at 10:11:36AM +, Stephen Borrill wrote: > In our products, we have a standard rc.conf and then a series of build > scripts that configure and enable/disable services as required. We can > switch between npf and ipfilter with a one-line change in a settings file, > for example. We heavily rely on rc.conf.d functionality for this. We may put > flags in there too. You could achive that too by including "local" files from your generic /etc/rc.conf (like: ". /etc/conf/firewall", maybe even guarded by tests for existance). > I don't think putting name=YES into /etc/rc.conf.d/name is wrong or working > by luck in general even if it is working by implication. If we want to support that, we should document it and have tests for it. Currently I would not guess this could work after reading the manual, and would not think about such usage when extending/modifying anything in /etc/rc*. > I think the "load_rc_config_var npf npf" line I've proposed in npf_boot is a > neat solution (and similar for pf_boot). It basically says get the value of > npf from wherever you may find it. It also avoids potential contamination of > the environment compared to my original fix. Yes, and I am not objecting that detail. > The split of /etc/rc.d/npf into two stages is analogous to swap1 and swap2. > In that case, those scripts explicitly load_rc_config swap and do not take > name into account. We should ammend the documentation Robert cited to say something like "in general $name, but in exceptional cases a well known service name is used instead (like: swap, npf, ...)". Martin
Re: CVS commit: src/etc/rc.d
On 30/11/2021 09:43, Martin Husemann wrote: On Tue, Nov 30, 2021 at 09:10:35AM +, Stephen Borrill wrote: In rc.conf, npf=YES is sufficient, but you are advocating the setting needs to be duplicated if put into rc.conf.d. I think the confusion starts with the idea of enabling NPF by just putting the NPF=yes into scripts in /etc/rc.conf.d. It might have worked by pure luck in older releases, but it was wrong there too. I would argue that to enable it you should have NPF=yes in /etc/rc.conf, and to override special stuff in the $name script (which I can't think of reasonable uses for this case) you would put that overrides into /etc/rc.conf.d/$name. In our products, we have a standard rc.conf and then a series of build scripts that configure and enable/disable services as required. We can switch between npf and ipfilter with a one-line change in a settings file, for example. We heavily rely on rc.conf.d functionality for this. We may put flags in there too. I don't think putting name=YES into /etc/rc.conf.d/name is wrong or working by luck in general even if it is working by implication. I think the "load_rc_config_var npf npf" line I've proposed in npf_boot is a neat solution (and similar for pf_boot). It basically says get the value of npf from wherever you may find it. It also avoids potential contamination of the environment compared to my original fix. The split of /etc/rc.d/npf into two stages is analogous to swap1 and swap2. In that case, those scripts explicitly load_rc_config swap and do not take name into account. -- Stephen
Re: CVS commit: src/etc/rc.d
On Tue, Nov 30, 2021 at 09:10:35AM +, Stephen Borrill wrote: > In rc.conf, npf=YES is sufficient, but you are advocating the setting needs > to be duplicated if put into rc.conf.d. I think the confusion starts with the idea of enabling NPF by just putting the NPF=yes into scripts in /etc/rc.conf.d. It might have worked by pure luck in older releases, but it was wrong there too. I would argue that to enable it you should have NPF=yes in /etc/rc.conf, and to override special stuff in the $name script (which I can't think of reasonable uses for this case) you would put that overrides into /etc/rc.conf.d/$name. Martin
Re: CVS commit: src/etc/rc.d
On 26/11/2021 17:52, Robert Elz wrote: Date:Fri, 26 Nov 2021 13:11:36 + From:"Stephen Borrill" Message-ID: <20211126131136.63fabf...@cvs.netbsd.org> | Load rc configuration based on rcvar, not name, so that correct settings | in /etc/rc.conf.d are loaded. This looks wrong to me (and a pullup request so soon after making a change, before it has had any time for testing in HEAD is a *really* bad idea). | Usually this does not matter as rcvar and name are set to the same value. | For pf_boot and npf_boot, rcvar is set to pf and npf respectively. | | Prior to the change, if: | rc.conf contains npf=YES | rc.conf.d/npf does not exist Nor should it, that's not the file that is supposed to be used. In rc.conf(5): rc.d(8) scripts that use load_rc_config from rc.subr(8) also support sourcing an optional end-user provided per-script override file /etc/rc.conf.d/service, (where service is the contents of the name variable in the rc.d(8) script). That is, what should happen to make this work... | If: | rc.conf contains npf=NO (or is not set) | rc.conf.d/npf contains npf=YES is that rc.conf.d/npf_boot should contain npf=YES The rc.conf.d files have the same names as the rc.d/script files in general, for good reason, as while they often only contain this rcvar setting, they can contain overrides to anything in the script. Further, if there is more than one rcvar in a script (which I think has happened once or twice) the settings for both of them would go in the same file, not one file for each of them. | This means that in the latter case, at boot time the npfctl start command | is never run and the firewall is not operational. Because of user error. Please revert this change, and request the pullup be undone as well. I don't think it is as simple as this in the case of npf and pf. What has happened here is that the functionality of /etc/rc.d/npf has effectively been split into two parts (one to run early, the other late). It does not make sense to run one without the other. It's not like nfs which is a stack of mountd, rpcbind, nfsd, etc. which may well want different flags for each. In rc.conf, npf=YES is sufficient, but you are advocating the setting needs to be duplicated if put into rc.conf.d. When upgrading from 8 to 9, this is a breaking change. I propose an alternative fix which is to change /etc/rc.d/npf_boot to read: load_rc_config $name load_rc_config_var npf npf -- Stephen
Re: CVS commit: src/etc/rc.d
Date:Fri, 26 Nov 2021 13:11:36 + From:"Stephen Borrill" Message-ID: <20211126131136.63fabf...@cvs.netbsd.org> | Load rc configuration based on rcvar, not name, so that correct settings | in /etc/rc.conf.d are loaded. This looks wrong to me (and a pullup request so soon after making a change, before it has had any time for testing in HEAD is a *really* bad idea). | Usually this does not matter as rcvar and name are set to the same value. | For pf_boot and npf_boot, rcvar is set to pf and npf respectively. | | Prior to the change, if: | rc.conf contains nfp=YES [ignoring the typo there] | rc.conf.d/npf does not exist Nor should it, that's not the file that is supposed to be used. In rc.conf(5): rc.d(8) scripts that use load_rc_config from rc.subr(8) also support sourcing an optional end-user provided per-script override file /etc/rc.conf.d/service, (where service is the contents of the name variable in the rc.d(8) script). That is, what should happen to make this work... | If: | rc.conf contains npf=NO (or is not set) | rc.conf.d/npf contains npf=YES is that rc.conf.d/npf_boot should contain npf=YES The rc.conf.d files have the same names as the rc.d/script files in general, for good reason, as while they often only contain this rcvar setting, they can contain overrides to anything in the script. Further, if there is more than one rcvar in a script (which I think has happened once or twice) the settings for both of them would go in the same file, not one file for each of them. | This means that in the latter case, at boot time the npfctl start command | is never run and the firewall is not operational. Because of user error. Please revert this change, and request the pullup be undone as well. kre
CVS commit: src/etc/rc.d
Module Name:src Committed By: sborrill Date: Fri Nov 26 13:11:36 UTC 2021 Modified Files: src/etc/rc.d: npf_boot pf_boot Log Message: Load rc configuration based on rcvar, not name, so that correct settings in /etc/rc.conf.d are loaded. Usually this does not matter as rcvar and name are set to the same value. For pf_boot and npf_boot, rcvar is set to pf and npf respectively. Prior to the change, if: rc.conf contains nfp=YES rc.conf.d/npf does not exist Then: /etc/rc.d/npf_boot rcvar outputs: # npf_boot $npf=YES If: rc.conf contains npf=NO (or is not set) rc.conf.d/npf contains npf=YES Then: /etc/rc.d/npf_boot rcvar outputs: # npf_boot $npf=NO This means that in the latter case, at boot time the npfctl start command is never run and the firewall is not operational. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/npf_boot cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/pf_boot Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/npf_boot diff -u src/etc/rc.d/npf_boot:1.4 src/etc/rc.d/npf_boot:1.5 --- src/etc/rc.d/npf_boot:1.4 Tue Sep 8 12:52:18 2020 +++ src/etc/rc.d/npf_boot Fri Nov 26 13:11:36 2021 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: npf_boot,v 1.4 2020/09/08 12:52:18 martin Exp $ +# $NetBSD: npf_boot,v 1.5 2021/11/26 13:11:36 sborrill Exp $ # # PROVIDE: npf_boot @@ -29,5 +29,5 @@ npf_boot_start() /sbin/npfctl start } -load_rc_config $name +load_rc_config $rcvar run_rc_command "$1" Index: src/etc/rc.d/pf_boot diff -u src/etc/rc.d/pf_boot:1.7 src/etc/rc.d/pf_boot:1.8 --- src/etc/rc.d/pf_boot:1.7 Tue Sep 8 12:52:18 2020 +++ src/etc/rc.d/pf_boot Fri Nov 26 13:11:36 2021 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: pf_boot,v 1.7 2020/09/08 12:52:18 martin Exp $ +# $NetBSD: pf_boot,v 1.8 2021/11/26 13:11:36 sborrill Exp $ # # PROVIDE: pf_boot @@ -29,5 +29,5 @@ pf_boot_start() /sbin/pfctl -q -e } -load_rc_config $name +load_rc_config $rcvar run_rc_command "$1"
CVS commit: src/etc/rc.d
Module Name:src Committed By: sborrill Date: Fri Nov 26 13:11:36 UTC 2021 Modified Files: src/etc/rc.d: npf_boot pf_boot Log Message: Load rc configuration based on rcvar, not name, so that correct settings in /etc/rc.conf.d are loaded. Usually this does not matter as rcvar and name are set to the same value. For pf_boot and npf_boot, rcvar is set to pf and npf respectively. Prior to the change, if: rc.conf contains nfp=YES rc.conf.d/npf does not exist Then: /etc/rc.d/npf_boot rcvar outputs: # npf_boot $npf=YES If: rc.conf contains npf=NO (or is not set) rc.conf.d/npf contains npf=YES Then: /etc/rc.d/npf_boot rcvar outputs: # npf_boot $npf=NO This means that in the latter case, at boot time the npfctl start command is never run and the firewall is not operational. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/npf_boot cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/pf_boot Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: sborrill
Date: Fri Nov 26 12:51:24 UTC 2021
Modified Files:
src/etc/rc.d: bluetooth envsys fccache.in ldconfig quota
Log Message:
Use rcvar=$name syntax consistently in rc.d scripts which makes it easier to
search for rc.d scripts where rcvar differs from name. No functional change.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/bluetooth
cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/envsys src/etc/rc.d/fccache.in
cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/ldconfig
cvs rdiff -u -r1.5 -r1.6 src/etc/rc.d/quota
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/bluetooth
diff -u src/etc/rc.d/bluetooth:1.1 src/etc/rc.d/bluetooth:1.2
--- src/etc/rc.d/bluetooth:1.1 Fri May 27 09:28:42 2011
+++ src/etc/rc.d/bluetooth Fri Nov 26 12:51:24 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: bluetooth,v 1.1 2011/05/27 09:28:42 plunky Exp $
+# $NetBSD: bluetooth,v 1.2 2021/11/26 12:51:24 sborrill Exp $
#
# PROVIDE: bluetooth
@@ -10,7 +10,7 @@
$_rc_subr_loaded . /etc/rc.subr
name="bluetooth"
-rcvar=${name}
+rcvar=$name
start_cmd="bluetooth_start"
stop_cmd="bluetooth_stop"
Index: src/etc/rc.d/envsys
diff -u src/etc/rc.d/envsys:1.4 src/etc/rc.d/envsys:1.5
--- src/etc/rc.d/envsys:1.4 Sun Oct 7 05:30:56 2007
+++ src/etc/rc.d/envsys Fri Nov 26 12:51:24 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: envsys,v 1.4 2007/10/07 05:30:56 xtraeme Exp $
+# $NetBSD: envsys,v 1.5 2021/11/26 12:51:24 sborrill Exp $
#
# PROVIDE: envsys
@@ -9,7 +9,7 @@
$_rc_subr_loaded . /etc/rc.subr
name="envsys"
-rcvar=${name}
+rcvar=$name
command="/usr/sbin/envstat"
required_files="/etc/envsys.conf"
start_cmd="do_start"
Index: src/etc/rc.d/fccache.in
diff -u src/etc/rc.d/fccache.in:1.4 src/etc/rc.d/fccache.in:1.5
--- src/etc/rc.d/fccache.in:1.4 Sat Jul 4 06:24:53 2020
+++ src/etc/rc.d/fccache.in Fri Nov 26 12:51:24 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: fccache.in,v 1.4 2020/07/04 06:24:53 skrll Exp $
+# $NetBSD: fccache.in,v 1.5 2021/11/26 12:51:24 sborrill Exp $
#
# PROVIDE: fccache
@@ -10,7 +10,7 @@
$_rc_subr_loaded . /etc/rc.subr
name="fccache"
-rcvar=${name}
+rcvar=$name
command="@X11ROOTDIR@/bin/fc-cache"
start_cmd="fccache_start"
stop_cmd=":"
Index: src/etc/rc.d/ldconfig
diff -u src/etc/rc.d/ldconfig:1.8 src/etc/rc.d/ldconfig:1.9
--- src/etc/rc.d/ldconfig:1.8 Fri Aug 13 18:08:03 2004
+++ src/etc/rc.d/ldconfig Fri Nov 26 12:51:24 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: ldconfig,v 1.8 2004/08/13 18:08:03 mycroft Exp $
+# $NetBSD: ldconfig,v 1.9 2021/11/26 12:51:24 sborrill Exp $
#
# PROVIDE: ldconfig
@@ -10,7 +10,7 @@
$_rc_subr_loaded . /etc/rc.subr
name="ldconfig"
-rcvar="ldconfig"
+rcvar=$name
ldconfig_command="/sbin/ldconfig"
start_cmd="ldconfig_start"
stop_cmd=":"
Index: src/etc/rc.d/quota
diff -u src/etc/rc.d/quota:1.5 src/etc/rc.d/quota:1.6
--- src/etc/rc.d/quota:1.5 Fri Aug 13 18:08:03 2004
+++ src/etc/rc.d/quota Fri Nov 26 12:51:24 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: quota,v 1.5 2004/08/13 18:08:03 mycroft Exp $
+# $NetBSD: quota,v 1.6 2021/11/26 12:51:24 sborrill Exp $
#
# PROVIDE: quota
@@ -10,7 +10,7 @@
$_rc_subr_loaded . /etc/rc.subr
name="quota"
-rcvar="quota"
+rcvar=$name
start_cmd="quota_start"
stop_cmd="/usr/sbin/quotaoff -a"
CVS commit: src/etc/rc.d
Module Name:src Committed By: sborrill Date: Fri Nov 26 12:51:24 UTC 2021 Modified Files: src/etc/rc.d: bluetooth envsys fccache.in ldconfig quota Log Message: Use rcvar=$name syntax consistently in rc.d scripts which makes it easier to search for rc.d scripts where rcvar differs from name. No functional change. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/bluetooth cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/envsys src/etc/rc.d/fccache.in cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/ldconfig cvs rdiff -u -r1.5 -r1.6 src/etc/rc.d/quota Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: martin
Date: Sun Sep 26 10:53:20 UTC 2021
Modified Files:
src/etc/rc.d: sshd
Log Message:
If key generation happens with not enough entropy in the system, add
a warning to motd pointing at entropy(7) and give instructions how to
re-generate the (weak) keys after fixing up entropy.
Add a "keyregen" command, which forces regeneration of all host keys
to simplify the replacement of weak keys.
To generate a diff of this commit:
cvs rdiff -u -r1.30 -r1.31 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.30 src/etc/rc.d/sshd:1.31
--- src/etc/rc.d/sshd:1.30 Wed Oct 23 14:45:38 2019
+++ src/etc/rc.d/sshd Sun Sep 26 10:53:20 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.30 2019/10/23 14:45:38 christos Exp $
+# $NetBSD: sshd,v 1.31 2021/09/26 10:53:20 martin Exp $
#
# PROVIDE: sshd
@@ -13,7 +13,32 @@ rcvar=$name
command="/usr/sbin/${name}"
pidfile="/var/run/${name}.pid"
required_files="/etc/ssh/sshd_config"
-extra_commands="keygen reload"
+extra_commands="keygen keyregen reload"
+
+sshd_motd_unsafe_keys_warning()
+{
+(
+ umask 022
+ T=/etc/_motd
+ sed -E '/^-- UNSAFE KEYS WARNING:/,$d' < /etc/motd > $T
+ if [ $( sysctl -n kern.entropy.needed ) -ne 0 ]; then
+ cat >> $T << _EOF
+-- UNSAFE KEYS WARNING:
+
+ The ssh host keys on this machine have been generated with
+ not enough entropy configured, so may be predictable.
+
+ To fix, follow the "Adding entropy" section in the entropy(7)
+ man page and after this machine has enough entropy, re-generate
+ the ssh host keys by running:
+
+ sh /etc/rc.d/sshd keyregen
+_EOF
+ fi
+ cmp -s $T /etc/motd || cp $T /etc/motd
+ rm -f $T
+)
+}
sshd_keygen()
{
@@ -22,9 +47,10 @@ sshd_keygen()
umask 022
while read type bits filename; do
f="/etc/ssh/$filename"
- if [ -f "$f" ]; then
+ if [ "$1" != "force" ] && [ -f "$f" ]; then
continue
fi
+ rm -f "$f"
case "${bits}" in
-1) bitarg=;;
0) bitarg="${ssh_keygen_flags}";;
@@ -39,6 +65,7 @@ ed25519 -1 ssh_host_ed25519_key
rsa 0 ssh_host_rsa_key
_EOF
)
+ sshd_motd_unsafe_keys_warning
}
sshd_precmd()
@@ -47,6 +74,7 @@ sshd_precmd()
}
keygen_cmd=sshd_keygen
+keyregen_cmd="sshd_keygen force"
start_precmd=sshd_precmd
load_rc_config $name
CVS commit: src/etc/rc.d
Module Name:src Committed By: martin Date: Sun Sep 26 10:53:20 UTC 2021 Modified Files: src/etc/rc.d: sshd Log Message: If key generation happens with not enough entropy in the system, add a warning to motd pointing at entropy(7) and give instructions how to re-generate the (weak) keys after fixing up entropy. Add a "keyregen" command, which forces regeneration of all host keys to simplify the replacement of weak keys. To generate a diff of this commit: cvs rdiff -u -r1.30 -r1.31 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc/rc.d
Date:Mon, 2 Aug 2021 20:02:28 +0900 From:Rin Okuyama Message-ID: <21dae7de-f153-2e53-4e66-cc61c8241...@gmail.com> quoting Michael van Elst: | > If you insist on a separate barrier, one name would be USERDEVICEPATHS | > or short UDEV. UDEV (or UDEVS) sounds good to me. WEDGENAMES (or WNAMES) would work as well. | I think it is simplest to install zfs unconditionally It would be, if we knew that the only thing that will ever need it is zfs - but we don't, with wedge names becoming more and more used more users are likely to find things that need names for them, rather than dkN's. Modifying everything to support NAME= would be one way (that could be done for zfs I assume) but might be lots of work. Making sure things depend upon devpubd (or perhaps some alternative scheme someone comes up with someday) sounds like a better long term plan to me. kre
Re: CVS commit: src/etc/rc.d
On 2021/08/02 19:15, Michael van Elst wrote: On Mon, Aug 02, 2021 at 11:27:22AM +0200, Michael van Elst wrote: On Mon, Aug 02, 2021 at 11:54:27AM +0900, Rin Okuyama wrote: Hi, this commit causes: rcorder: file `/etc/rc.d/devpubd' is before unknown provision `zfs' for systems with MKZFS=no. Install /etc/rc.d/zfs for everyone? This should be harmless; the script properly checks existence of /sbin/zfs, i.e., MKZFS=yes. Alternatively, autogen /etc/rc.d/devpubd? I'd prefer installing /etc/rc.d/zfs for everyone. Michael van Elst The alternative is to change the direction of the dependency. I don't think you need a separate BARRIER script for this unless you have some plan to add more than devpubd as a requirement. For this add an additional "REQUIRE: devpubd" to zfs, ccd, cgd, lvm, and raidframe and drop "BEFORE: zfs ccd cgd lvm raidframe" from devpubd. If you insist on a separate barrier, one name would be USERDEVICEPATHS or short UDEV. I think it is simplest to install zfs unconditionally, but I don't have strong opinions. Thanks, rin
Re: CVS commit: src/etc/rc.d
On Mon, Aug 02, 2021 at 11:27:22AM +0200, Michael van Elst wrote: > On Mon, Aug 02, 2021 at 11:54:27AM +0900, Rin Okuyama wrote: > > Hi, > > > > this commit causes: > > > > rcorder: file `/etc/rc.d/devpubd' is before unknown provision `zfs' > > > > for systems with MKZFS=no. > > > > Install /etc/rc.d/zfs for everyone? This should be harmless; the script > > properly checks existence of /sbin/zfs, i.e., MKZFS=yes. > > > > Alternatively, autogen /etc/rc.d/devpubd? > > > I'd prefer installing /etc/rc.d/zfs for everyone. > > Michael van Elst The alternative is to change the direction of the dependency. I don't think you need a separate BARRIER script for this unless you have some plan to add more than devpubd as a requirement. For this add an additional "REQUIRE: devpubd" to zfs, ccd, cgd, lvm, and raidframe and drop "BEFORE: zfs ccd cgd lvm raidframe" from devpubd. If you insist on a separate barrier, one name would be USERDEVICEPATHS or short UDEV. Greetings, -- Michael van Elst Internet: mlel...@serpens.de "A potential Snark may lurk in every tree."
Re: CVS commit: src/etc/rc.d
On Mon, Aug 02, 2021 at 11:54:27AM +0900, Rin Okuyama wrote: > Hi, > > this commit causes: > > rcorder: file `/etc/rc.d/devpubd' is before unknown provision `zfs' > > for systems with MKZFS=no. > > Install /etc/rc.d/zfs for everyone? This should be harmless; the script > properly checks existence of /sbin/zfs, i.e., MKZFS=yes. > > Alternatively, autogen /etc/rc.d/devpubd? I'd prefer installing /etc/rc.d/zfs for everyone. Michael van Elst > > Thanks, > rin > > On 2021/07/31 23:47, Michael van Elst wrote: > > Module Name:src > > Committed By: mlelstv > > Date: Sat Jul 31 14:47:04 UTC 2021 > > > > Modified Files: > > src/etc/rc.d: devpubd > > > > Log Message: > > Run devpubd before volume managers and pseudo disks. > > > > > > To generate a diff of this commit: > > cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/devpubd > > > > Please note that diffs are not public domain; they are subject to the > > copyright notices on the relevant files. -- Michael van Elst Internet: mlel...@serpens.de "A potential Snark may lurk in every tree."
Re: CVS commit: src/etc/rc.d
On Mon, Aug 02, 2021 at 12:44:01PM +0700, Robert Elz wrote: > Date:Mon, 2 Aug 2021 11:54:27 +0900 > From:Rin Okuyama > Message-ID: > > | Install /etc/rc.d/zfs for everyone? > > Add a new dummy rc.d script (like LOGIN or DISKS) > have devpubd come before that, and everything > which should come later require it. > > That's cleaner. We should probably have a > few more of them for the startup stages, even > if they're not really needed yet, and far > fewer real scripts depending on each other > except where there is a genuine relationship. Seconded, like what I did with /etc/rc.d/CRITLOCALMOUNTED recently (which also shows the hardest part of the game: find a proper name, and beware of case-insensitive-but-case-preserving source filesystems that we still support cross builds from). Martin
Re: CVS commit: src/etc/rc.d
Date:Mon, 2 Aug 2021 11:54:27 +0900 From:Rin Okuyama Message-ID: | Install /etc/rc.d/zfs for everyone? Add a new dummy rc.d script (like LOGIN or DISKS) have devpubd come before that, and everything which should come later require it. That's cleaner. We should probably have a few more of them for the startup stages, even if they're not really needed yet, and far fewer real scripts depending on each other except where there is a genuine relationship. kre
Re: CVS commit: src/etc/rc.d
Hi, this commit causes: rcorder: file `/etc/rc.d/devpubd' is before unknown provision `zfs' for systems with MKZFS=no. Install /etc/rc.d/zfs for everyone? This should be harmless; the script properly checks existence of /sbin/zfs, i.e., MKZFS=yes. Alternatively, autogen /etc/rc.d/devpubd? Thanks, rin On 2021/07/31 23:47, Michael van Elst wrote: Module Name:src Committed By: mlelstv Date: Sat Jul 31 14:47:04 UTC 2021 Modified Files: src/etc/rc.d: devpubd Log Message: Run devpubd before volume managers and pseudo disks. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/devpubd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: christos
Date: Wed Oct 23 14:45:38 UTC 2019
Modified Files:
src/etc/rc.d: sshd
Log Message:
simplify more (from rudolf)
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 src/etc/rc.d/sshd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/sshd
diff -u src/etc/rc.d/sshd:1.29 src/etc/rc.d/sshd:1.30
--- src/etc/rc.d/sshd:1.29 Sat May 26 15:18:11 2018
+++ src/etc/rc.d/sshd Wed Oct 23 10:45:38 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: sshd,v 1.29 2018/05/26 19:18:11 riastradh Exp $
+# $NetBSD: sshd,v 1.30 2019/10/23 14:45:38 christos Exp $
#
# PROVIDE: sshd
@@ -20,7 +20,7 @@ sshd_keygen()
(
keygen="/usr/bin/ssh-keygen"
umask 022
- while read type bits filename version name; do
+ while read type bits filename; do
f="/etc/ssh/$filename"
if [ -f "$f" ]; then
continue
@@ -33,10 +33,10 @@ sshd_keygen()
"${keygen}" -t "${type}" ${bitarg} -f "${f}" -N '' -q && \
printf "ssh-keygen: " && "${keygen}" -f "${f}" -l
done << _EOF
-dsa 1024 ssh_host_dsa_key 2 DSA
-ecdsa 521 ssh_host_ecdsa_key 1 ECDSA
-ed25519 -1 ssh_host_ed25519_key 1 ED25519
-rsa 0 ssh_host_rsa_key 2 RSA
+dsa 1024 ssh_host_dsa_key
+ecdsa 521 ssh_host_ecdsa_key
+ed25519 -1 ssh_host_ed25519_key
+rsa 0 ssh_host_rsa_key
_EOF
)
}
CVS commit: src/etc/rc.d
Module Name:src Committed By: christos Date: Wed Oct 23 14:45:38 UTC 2019 Modified Files: src/etc/rc.d: sshd Log Message: simplify more (from rudolf) To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/etc/rc.d/sshd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc/rc.d
Christos Zoulas wrote:
Module Name:src
Committed By: christos
Date: Mon Apr 9 15:02:39 UTC 2018
Modified Files:
src/etc/rc.d: sshd
Log Message:
Simplify so we don't have to hard-code the key filenames in two places.
There are some leftovers in the script after the simplification, the
"version" and "name" input arguments are unused now. Please see the
attached diff.
Kind regards,
r.
diff --git a/etc/rc.d/sshd b/etc/rc.d/sshd
index 038f817ebe43..dfc4d0b91077 100755
--- a/etc/rc.d/sshd
+++ b/etc/rc.d/sshd
@@ -20,7 +20,7 @@ sshd_keygen()
(
keygen="/usr/bin/ssh-keygen"
umask 022
- while read type bits filename version name; do
+ while read type bits filename; do
f="/etc/ssh/$filename"
if [ -f "$f" ]; then
continue
@@ -33,10 +33,10 @@ sshd_keygen()
"${keygen}" -t "${type}" ${bitarg} -f "${f}" -N '' -q && \
printf "ssh-keygen: " && "${keygen}" -f "${f}" -l
done << _EOF
-dsa 1024 ssh_host_dsa_key 2 DSA
-ecdsa 521 ssh_host_ecdsa_key 1 ECDSA
-ed25519 -1 ssh_host_ed25519_key 1 ED25519
-rsa 0 ssh_host_rsa_key 2 RSA
+dsa 1024 ssh_host_dsa_key
+ecdsa 521 ssh_host_ecdsa_key
+ed25519 -1 ssh_host_ed25519_key
+rsa 0 ssh_host_rsa_key
_EOF
)
}
CVS commit: src/etc/rc.d
Module Name:src
Committed By: sevan
Date: Sat Oct 5 22:21:29 UTC 2019
Modified Files:
src/etc/rc.d: npf_boot pf_boot
Log Message:
No need to empose the script to be runnable during boot time, it prevents the
script from wroking if the system is booted into single user mode & then
moved onto multi-user mode.
Reported by for NPF but the issue is there in PF too.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/npf_boot
cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/pf_boot
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/npf_boot
diff -u src/etc/rc.d/npf_boot:1.1 src/etc/rc.d/npf_boot:1.2
--- src/etc/rc.d/npf_boot:1.1 Tue Apr 2 01:50:32 2019
+++ src/etc/rc.d/npf_boot Sat Oct 5 22:21:29 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: npf_boot,v 1.1 2019/04/02 01:50:32 sevan Exp $
+# $NetBSD: npf_boot,v 1.2 2019/10/05 22:21:29 sevan Exp $
#
# PROVIDE: npf_boot
@@ -16,10 +16,6 @@ stop_cmd=":"
npf_boot_start()
{
- if [ "$autoboot" != "yes" ]; then
- err 1 "This script should only be executed at boot time."
- fi
-
if [ -f /etc/npf.boot.conf ]; then
/sbin/npfctl reload /etc/npf.boot.conf
elif [ -f /etc/defaults/npf.boot.conf ]; then
Index: src/etc/rc.d/pf_boot
diff -u src/etc/rc.d/pf_boot:1.4 src/etc/rc.d/pf_boot:1.5
--- src/etc/rc.d/pf_boot:1.4 Sat Nov 22 20:23:33 2008
+++ src/etc/rc.d/pf_boot Sat Oct 5 22:21:29 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: pf_boot,v 1.4 2008/11/22 20:23:33 tsutsui Exp $
+# $NetBSD: pf_boot,v 1.5 2019/10/05 22:21:29 sevan Exp $
#
# PROVIDE: pf_boot
@@ -16,10 +16,6 @@ stop_cmd=":"
pf_boot_start()
{
- if [ "$autoboot" != "yes" ]; then
- err 1 "This script should only be executed at boot time."
- fi
-
if [ -f /etc/pf.boot.conf ]; then
/sbin/pfctl -q -f /etc/pf.boot.conf
elif [ -f /etc/defaults/pf.boot.conf ]; then
CVS commit: src/etc/rc.d
Module Name:src Committed By: sevan Date: Sat Oct 5 22:21:29 UTC 2019 Modified Files: src/etc/rc.d: npf_boot pf_boot Log Message: No need to empose the script to be runnable during boot time, it prevents the script from wroking if the system is booted into single user mode & then moved onto multi-user mode. Reported by for NPF but the issue is there in PF too. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/npf_boot cvs rdiff -u -r1.4 -r1.5 src/etc/rc.d/pf_boot Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: nonaka Date: Wed Sep 18 05:16:15 UTC 2019 Modified Files: src/etc/rc.d: Makefile Log Message: Moved zfs out of MKX11 block. Fix build failure without X11. To generate a diff of this commit: cvs rdiff -u -r1.105 -r1.106 src/etc/rc.d/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: nonaka
Date: Wed Sep 18 05:16:15 UTC 2019
Modified Files:
src/etc/rc.d: Makefile
Log Message:
Moved zfs out of MKX11 block.
Fix build failure without X11.
To generate a diff of this commit:
cvs rdiff -u -r1.105 -r1.106 src/etc/rc.d/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/Makefile
diff -u src/etc/rc.d/Makefile:1.105 src/etc/rc.d/Makefile:1.106
--- src/etc/rc.d/Makefile:1.105 Sun Sep 15 19:38:09 2019
+++ src/etc/rc.d/Makefile Wed Sep 18 05:16:15 2019
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.105 2019/09/15 19:38:09 brad Exp $
+# $NetBSD: Makefile,v 1.106 2019/09/18 05:16:15 nonaka Exp $
.include
@@ -54,14 +54,14 @@ FILESBUILD_xdm= yes
FILESBUILD_xfs= yes
FILESBUILD_fccache= yes
-.if ${MKZFS} != "no"
-CONFIGFILES+= zfs
-.endif
-
.SUFFIXES: .in
.in:
${_MKTARGET_CREATE}
${TOOL_SED} -e 's,@X11ROOTDIR@,${X11ROOTDIR},g' < ${.IMPSRC} > ${.TARGET}
.endif
+.if ${MKZFS} != "no"
+CONFIGFILES+= zfs
+.endif
+
.include
CVS commit: src/etc/rc.d
Module Name:src Committed By: rin Date: Fri Aug 9 10:05:44 UTC 2019 Modified Files: src/etc/rc.d: postfix Log Message: little bit verbose for slow machines To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/etc/rc.d/postfix Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: rin
Date: Fri Aug 9 10:05:44 UTC 2019
Modified Files:
src/etc/rc.d: postfix
Log Message:
little bit verbose for slow machines
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/etc/rc.d/postfix
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/postfix
diff -u src/etc/rc.d/postfix:1.18 src/etc/rc.d/postfix:1.19
--- src/etc/rc.d/postfix:1.18 Sun Oct 30 15:47:06 2016
+++ src/etc/rc.d/postfix Fri Aug 9 10:05:44 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: postfix,v 1.18 2016/10/30 15:47:06 riastradh Exp $
+# $NetBSD: postfix,v 1.19 2019/08/09 10:05:44 rin Exp $
#
# PROVIDE: mail
@@ -64,6 +64,8 @@ postfix_precmd()
;;
esac
done
+
+ echo "Starting ${name}."
}
postfix_op()
CVS commit: src/etc/rc.d
Module Name:src Committed By: nakayama Date: Wed Aug 7 19:30:00 UTC 2019 Modified Files: src/etc/rc.d: automount automountd autounmountd ip6addrctl Log Message: Add $_rc_subr_loaded before ". /etc/rc.subr" for speedup and consistency. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/automount src/etc/rc.d/automountd \ src/etc/rc.d/autounmountd cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/ip6addrctl Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: nakayama Date: Wed Aug 7 19:30:00 UTC 2019 Modified Files: src/etc/rc.d: automount automountd autounmountd ip6addrctl Log Message: Add $_rc_subr_loaded before ". /etc/rc.subr" for speedup and consistency. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/automount src/etc/rc.d/automountd \ src/etc/rc.d/autounmountd cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/ip6addrctl Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/automount diff -u src/etc/rc.d/automount:1.1 src/etc/rc.d/automount:1.2 --- src/etc/rc.d/automount:1.1 Tue Jan 9 03:31:14 2018 +++ src/etc/rc.d/automount Wed Aug 7 19:30:00 2019 @@ -1,13 +1,13 @@ #!/bin/sh # -# $NetBSD: automount,v 1.1 2018/01/09 03:31:14 christos Exp $ +# $NetBSD: automount,v 1.2 2019/08/07 19:30:00 nakayama Exp $ # # PROVIDE: automount # REQUIRE: automountd # KEYWORD: nojail shutdown -. /etc/rc.subr +$_rc_subr_loaded . /etc/rc.subr name="automount" rcvar="autofs" Index: src/etc/rc.d/automountd diff -u src/etc/rc.d/automountd:1.1 src/etc/rc.d/automountd:1.2 --- src/etc/rc.d/automountd:1.1 Tue Jan 9 03:31:14 2018 +++ src/etc/rc.d/automountd Wed Aug 7 19:30:00 2019 @@ -1,13 +1,13 @@ #!/bin/sh # -# $NetBSD: automountd,v 1.1 2018/01/09 03:31:14 christos Exp $ +# $NetBSD: automountd,v 1.2 2019/08/07 19:30:00 nakayama Exp $ # # PROVIDE: automountd # REQUIRE: DAEMON # KEYWORD: nojail -. /etc/rc.subr +$_rc_subr_loaded . /etc/rc.subr name="automountd" rcvar="autofs" Index: src/etc/rc.d/autounmountd diff -u src/etc/rc.d/autounmountd:1.1 src/etc/rc.d/autounmountd:1.2 --- src/etc/rc.d/autounmountd:1.1 Tue Jan 9 03:31:14 2018 +++ src/etc/rc.d/autounmountd Wed Aug 7 19:30:00 2019 @@ -7,7 +7,7 @@ # REQUIRE: DAEMON # KEYWORD: nojail -. /etc/rc.subr +$_rc_subr_loaded . /etc/rc.subr name="autounmountd" rcvar="autofs" Index: src/etc/rc.d/ip6addrctl diff -u src/etc/rc.d/ip6addrctl:1.2 src/etc/rc.d/ip6addrctl:1.3 --- src/etc/rc.d/ip6addrctl:1.2 Wed Dec 23 04:38:00 2015 +++ src/etc/rc.d/ip6addrctl Wed Aug 7 19:30:00 2019 @@ -6,7 +6,7 @@ # PROVIDE: ip6addrctl # REQUIRE: root bootconf mountcritlocal tty -. /etc/rc.subr +$_rc_subr_loaded . /etc/rc.subr name="ip6addrctl" rcvar="ip6addrctl"
CVS commit: src/etc/rc.d
Module Name:src
Committed By: maxv
Date: Mon May 13 18:53:10 UTC 2019
Modified Files:
src/etc/rc.d: smtoff
Log Message:
Remove comment, since there is no parsing anymore.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/etc/rc.d/smtoff
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/smtoff
diff -u src/etc/rc.d/smtoff:1.3 src/etc/rc.d/smtoff:1.4
--- src/etc/rc.d/smtoff:1.3 Sun May 12 11:55:47 2019
+++ src/etc/rc.d/smtoff Mon May 13 18:53:10 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: smtoff,v 1.3 2019/05/12 11:55:47 kre Exp $
+# $NetBSD: smtoff,v 1.4 2019/05/13 18:53:10 maxv Exp $
#
# Public Domain.
#
@@ -46,15 +46,6 @@ GetSmtId() {
done
}
-#
-# The format of the output (without -n) would be:
-#
-# hw.ncpu = 80
-#
-# so use -n to make life easy
-#
-# Return the value.
-#
CountCPUs() {
sysctl -n hw.ncpu
}
CVS commit: src/etc/rc.d
Module Name:src Committed By: maxv Date: Mon May 13 18:53:10 UTC 2019 Modified Files: src/etc/rc.d: smtoff Log Message: Remove comment, since there is no parsing anymore. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/etc/rc.d/smtoff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Sun May 12 11:55:47 UTC 2019 Modified Files: src/etc/rc.d: smtoff Log Message: I should know better! Don't rely upon the way the shell implements pipes. Skip the "error" printf from GetSmtId() as there is no easy portable way to avoid it occurring (there are complicated ways) - but we don't need it, there is no logical difference between "error" and "" so just use the latter (if we get an ID, good, if there is nothing, then there is none - saying 'error' does not mean anything.) To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/smtoff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Sun May 12 11:55:47 UTC 2019
Modified Files:
src/etc/rc.d: smtoff
Log Message:
I should know better! Don't rely upon the way the shell implements
pipes. Skip the "error" printf from GetSmtId() as there is no easy
portable way to avoid it occurring (there are complicated ways) - but
we don't need it, there is no logical difference between "error" and ""
so just use the latter (if we get an ID, good, if there is nothing, then
there is none - saying 'error' does not mean anything.)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/etc/rc.d/smtoff
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/smtoff
diff -u src/etc/rc.d/smtoff:1.2 src/etc/rc.d/smtoff:1.3
--- src/etc/rc.d/smtoff:1.2 Sun May 12 00:24:03 2019
+++ src/etc/rc.d/smtoff Sun May 12 11:55:47 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: smtoff,v 1.2 2019/05/12 00:24:03 kre Exp $
+# $NetBSD: smtoff,v 1.3 2019/05/12 11:55:47 kre Exp $
#
# Public Domain.
#
@@ -44,7 +44,6 @@ GetSmtId() {
;;
esac
done
- printf "error"
}
#
@@ -75,7 +74,7 @@ smtoff_start()
smtid=$(GetSmtId "$i" 2>/dev/null)
case "$smtid" in
- error) # Didn't get the ID? Then maybe no SMT.
+ '') # Didn't get the ID? Then maybe no SMT.
;;
0) # The first thread is never disabled.
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Sun May 12 01:50:14 UTC 2019 Modified Files: src/etc/rc.d: Makefile Log Message: No change... Previous log message should have said: Install rc.d/smtoff To generate a diff of this commit: cvs rdiff -u -r1.103 -r1.104 src/etc/rc.d/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/rc.d/Makefile diff -u src/etc/rc.d/Makefile:1.103 src/etc/rc.d/Makefile:1.104 --- src/etc/rc.d/Makefile:1.103 Sun May 12 01:33:47 2019 +++ src/etc/rc.d/Makefile Sun May 12 01:50:14 2019 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.103 2019/05/12 01:33:47 kre Exp $ +# $NetBSD: Makefile,v 1.104 2019/05/12 01:50:14 kre Exp $ .include
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Sun May 12 01:50:14 UTC 2019 Modified Files: src/etc/rc.d: Makefile Log Message: No change... Previous log message should have said: Install rc.d/smtoff To generate a diff of this commit: cvs rdiff -u -r1.103 -r1.104 src/etc/rc.d/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/etc/rc.d
Module Name:src
Committed By: kre
Date: Sun May 12 00:24:03 UTC 2019
Modified Files:
src/etc/rc.d: smtoff
Log Message:
Restructure code a little.
Use quoting everywhere possibly useful (always the right way, except
in the few cases where it is wrong...)
Avoid using cut & grep (from /usr/bin) so script could run before /usr
is mounted (pity cpuctl is in /usr/sbin ...).
Use sysctl -n rather than attempting to parse its output.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/smtoff
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/smtoff
diff -u src/etc/rc.d/smtoff:1.1 src/etc/rc.d/smtoff:1.2
--- src/etc/rc.d/smtoff:1.1 Sat May 11 19:31:03 2019
+++ src/etc/rc.d/smtoff Sun May 12 00:24:03 2019
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: smtoff,v 1.1 2019/05/11 19:31:03 maxv Exp $
+# $NetBSD: smtoff,v 1.2 2019/05/12 00:24:03 kre Exp $
#
# Public Domain.
#
@@ -28,25 +28,36 @@ stop_cmd="smtoff_stop"
# Return the value.
#
GetSmtId() {
- smtid=$(cpuctl identify $1 | grep "SMT ID" | cut -d " " -f 4)
- case $smtid in
- [0-9]*)
- echo "$smtid" ;;
- *)
- echo "error" ;;
- esac
+ cpuctl identify "$1" |
+ while read cpuN smt id N junk
+ do
+ test -n "$junk" && continue
+
+ case "${smt} ${id}" in
+ 'SMT ID')
+ case "$N" in
+ [0-9]|[1-9][0-9]|[1-9][0-9]*[0-9])
+printf %s "$N"
+return
+;;
+ esac
+ ;;
+ esac
+ done
+ printf "error"
}
#
-# The format of the output is:
+# The format of the output (without -n) would be:
#
# hw.ncpu = 80
#
+# so use -n to make life easy
+#
# Return the value.
#
CountCPUs() {
- ncpus=$(sysctl hw.ncpu | cut -d " " -f 3)
- echo "$ncpus"
+ sysctl -n hw.ncpu
}
# --
@@ -59,24 +70,22 @@ smtoff_start()
ncpus=$(CountCPUs)
i=1
- while [ $i -lt $ncpus ]
+ while [ "$i" -lt "$ncpus" ]
do
- smtid=$(GetSmtId "$i")
+ smtid=$(GetSmtId "$i" 2>/dev/null)
+
+ case "$smtid" in
+ error) # Didn't get the ID? Then maybe no SMT.
+ ;;
- # Didn't get the ID? Then maybe no SMT.
- if [ "$smtid" = "error" ]; then
- i=$(($i+1))
- continue
- fi
-
- # The first thread is never disabled.
- if [ $smtid -eq 0 ]; then
- i=$(($i+1))
- continue
- fi
+ 0) # The first thread is never disabled.
+ ;;
+
+ *)
+ cpuctl offline "$i"
+ ;;
+ esac
- cmd="cpuctl offline $i"
- $cmd
i=$(($i+1))
done
}
@@ -89,10 +98,9 @@ smtoff_stop()
ncpus=$(CountCPUs)
i=1
- while [ $i -lt $ncpus ]
+ while [ "$i" -lt "$ncpus" ]
do
- cmd="cpuctl online $i"
- $cmd
+ cpuctl online "$i"
i=$(($i+1))
done
}
CVS commit: src/etc/rc.d
Module Name:src Committed By: kre Date: Sun May 12 00:24:03 UTC 2019 Modified Files: src/etc/rc.d: smtoff Log Message: Restructure code a little. Use quoting everywhere possibly useful (always the right way, except in the few cases where it is wrong...) Avoid using cut & grep (from /usr/bin) so script could run before /usr is mounted (pity cpuctl is in /usr/sbin ...). Use sysctl -n rather than attempting to parse its output. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/etc/rc.d/smtoff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc/rc.d
> Module Name:src > Committed By: christos > Date: Sat Apr 7 00:41:16 UTC 2018 > > Modified Files: > src/etc/rc.d: sshd > > Log Message: > support xmss keys I advise against generating XMSS host keys by default. The XMSS signature scheme is stateful, so managing XMSS keys is qualitatively different for an administrator from all the other signature schemes supported here: roll back the state (e.g., from disk backup or VM snapshot) and you shoot yourself in the foot. There's no benefit right now to post-quantum signature because practical quantum computers are still a long way out. Future quantum computers pose no _retroactive_ danger for online authentication: if quantum computers ever do become practical, you can replace the host keys and all _subsequent_ sessions will be fine. (The story is different for confidentiality; post-quantum public-key key agreement and encryption are more important to deploy now because of the possibility of retroactive decryption.)
Re: CVS commit: src/etc/rc.d
On Wed, Dec 06, 2017 at 08:25:08AM +0700, Robert Elz wrote: > It isn't the precedence of the operators that is at issue, but > deciding what is an operator - oh right, I'm pretty sure I knew about that at one point and blocked it out for the sake of my sanity :-) -- David A. Holland dholl...@netbsd.org
Re: CVS commit: src/etc/rc.d
Date:Tue, 5 Dec 2017 16:00:25 +
From:David Holland
Message-ID: <20171205160025.ga22...@netbsd.org>
| Test -o isn't well specified? Or is the issue the precedence of ! vs. -o?
-o is a "to be deprecated one day" option, but that is not really the
problem (our test will continue to support it anyway.)
It isn't the precedence of the operators that is at issue, but deciding what is
an operator - all of the args to test are merely strings, and the strings
that are to be operands can have values like "!" or "-o" (or "-f" "=" or "(")
as easily as those intended to be operators (or syntax.)
That makes it very difficult to work out which args are operators and
which are operands (there is no notion of quoting in test arg strings.)
To handle this, there are a set of rules that specify exactly how to parse
a test expression that has 0 to 4 args (though even there there are undefined
cases) and any expression with more than 4 args is simply undefined (the
trailing ']' when test is called as '[' does not count as an arg for this
purpose.)
The expression in rc.d/sshd would not have caused any problems, but it
sets a bad example - and as it is always trivial to convert a long test
expression (with an obvious intent) into a series of shorter defined
cases connected by sh operators, I do that whenever I see an undefined
use - whether it will work as written or not.
The change from
test ! -f filename
to
! test -f filename
(or really the [ form that is/was there) is not strictly necessary right now
- but it would be if some later revision to test were to add a new binary
operator "-f" to accompany the current unary "-f" operator - which might be
unlikely but is not impossible, so, as the change is trivial, it might as
well be done too.
In general, if you are using any of ! ( ) -o -a as test args, and they
are not intended to be simple strings to be operated upon, it is best to
rewrite the command, using sh operators and syntax to combine sub-expressions.
Just remember when doing it that in test, -a is (was) higher precedence than -o
but in sh && and || are equal precedence, and associate L to R, so sometimes
extra { } need to be added.
kre
Re: CVS commit: src/etc/rc.d
On Mon, Dec 04, 2017 at 02:50:33PM +, Robert Elz wrote: > Modified Files: > src/etc/rc.d: sshd > > Log Message: > Do away with (not well specified, even if it happens to work) absurd > 15 arg test ([ ]) expression, and replace it with several well defined > 2 arg tests, combined with (also well defined) sh syntax. Test -o isn't well specified? Or is the issue the precedence of ! vs. -o? -- David A. Holland dholl...@netbsd.org
Re: CVS commit: src/etc/rc.d
On Fri, Dec 14, 2012 at 06:42:26PM +, Alan Barrett wrote:
> Module Name: src
> Committed By: apb
> Date: Fri Dec 14 18:42:25 UTC 2012
>
> Modified Files:
> src/etc/rc.d: random_seed
>
> Log Message:
> Avoid using programs from /usr/bin. This should fix PR 47326.
>
> - no need for "dirname", because "df -G" can take a file name directly.
> - replace use of "awk" with a shell while read loop.
> - replace use of "stat -s" with "ls -ldn".
> - no need for "tail" now that the use of "stat" has changed.
>
> While here, also add some shell quotes and improve the grammar in a comment.
With this change, i do still see a bootstrap problem when
${random_file} doesn't exists ...
njoly@lynche [~]# ls -l /var/db/entropy-file
ls: /var/db/entropy-file: No such file or directory
root@lynche [~]# /etc/rc.d/random_seed stop
df: /var/db/entropy-file: No such file or directory
Actually, if the file does not exists it will fail to create one.
random_save()
{
oum=$(umask)
umask 077
rm -Pf "${random_file}"
if ! fs_safe "${random_file}"; then
return 1
fi
if rndctl -S "${random_file}"; then
echo "Saved entropy to disk."
fi
}
First, rm(1) is called before fs_safe() check which will always
fail. Even with the rm call commented or better moved just before
rndctl, the fs_safe call will fail in df(1) if file does not already
exists. Chicken or Egg ...
--
Nicolas Joly
Biology IT Center
Institut Pasteur, Paris.
Re: CVS commit: src/etc/rc.d
On Tue, 4 Dec 2012 17:39:42 +0100
Marc Balmer wrote:
>
> Am 04.12.2012 um 17:38 schrieb "Patrick Welche" :
>
> > Module Name:src
> > Committed By: prlw1
> > Date: Tue Dec 4 16:38:40 UTC 2012
> >
> > Modified Files:
> > src/etc/rc.d: ntpd ppp
> >
> > Log Message:
> > Make sure that ntpd creates a pid file for the rc machinery to work.
> > http://mail-index.netbsd.org/current-users/2012/11/19/msg021518.html
>
> How is that related to ppp? Was that an accidental commit?
I don't know, but I think an entry for ppp should be added to
etc/defaults/rc.conf.
kind regards
dieter
>
> >
> > Please note that diffs are not public domain; they are subject to the
> > copyright notices on the relevant files.
> >
> >
> > Index: src/etc/rc.d/ppp
> > diff -u src/etc/rc.d/ppp:1.8 src/etc/rc.d/ppp:1.9
> > --- src/etc/rc.d/ppp:1.8Mon Oct 11 15:00:51 2004
> > +++ src/etc/rc.d/pppTue Dec 4 16:38:40 2012
> > @@ -1,6 +1,6 @@
> > #!/bin/sh
> > #
> > -# $NetBSD: ppp,v 1.8 2004/10/11 15:00:51 christos Exp $
> > +# $NetBSD: ppp,v 1.9 2012/12/04 16:38:40 prlw1 Exp $
> > #
> >
> > # PROVIDE: ppp
> > @@ -14,6 +14,7 @@
> > $_rc_subr_loaded . /etc/rc.subr
> >
> > name="ppp"
> > +rcvar=$name
> > start_cmd="ppp_start"
> > stop_cmd="ppp_stop"
> > sig_stop="-INT"
> > @@ -40,6 +41,8 @@ ppp_start()
> > fi
> > done
> > echo "."
> > + else
> > + warn "\${ppp_peers} is not set - pppd was not started."
> > fi
> > }
> >
> >
>
Re: CVS commit: src/etc/rc.d
Am 04.12.2012 um 17:38 schrieb "Patrick Welche" :
> Module Name: src
> Committed By: prlw1
> Date: Tue Dec 4 16:38:40 UTC 2012
>
> Modified Files:
> src/etc/rc.d: ntpd ppp
>
> Log Message:
> Make sure that ntpd creates a pid file for the rc machinery to work.
> http://mail-index.netbsd.org/current-users/2012/11/19/msg021518.html
How is that related to ppp? Was that an accidental commit?
>
>
> To generate a diff of this commit:
> cvs rdiff -u -r1.13 -r1.14 src/etc/rc.d/ntpd
> cvs rdiff -u -r1.8 -r1.9 src/etc/rc.d/ppp
>
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.
>
> Modified files:
>
> Index: src/etc/rc.d/ntpd
> diff -u src/etc/rc.d/ntpd:1.13 src/etc/rc.d/ntpd:1.14
> --- src/etc/rc.d/ntpd:1.13Fri Aug 13 18:08:03 2004
> +++ src/etc/rc.d/ntpd Tue Dec 4 16:38:40 2012
> @@ -1,6 +1,6 @@
> #!/bin/sh
> #
> -# $NetBSD: ntpd,v 1.13 2004/08/13 18:08:03 mycroft Exp $
> +# $NetBSD: ntpd,v 1.14 2012/12/04 16:38:40 prlw1 Exp $
> #
>
> # PROVIDE: ntpd
> @@ -19,6 +19,7 @@ required_files="/etc/ntp.conf"
>
> ntpd_precmd()
> {
> + rc_flags="-p ${pidfile} $rc_flags"
> if [ -z "$ntpd_chrootdir" ]; then
> return 0;
> fi
>
> Index: src/etc/rc.d/ppp
> diff -u src/etc/rc.d/ppp:1.8 src/etc/rc.d/ppp:1.9
> --- src/etc/rc.d/ppp:1.8 Mon Oct 11 15:00:51 2004
> +++ src/etc/rc.d/ppp Tue Dec 4 16:38:40 2012
> @@ -1,6 +1,6 @@
> #!/bin/sh
> #
> -# $NetBSD: ppp,v 1.8 2004/10/11 15:00:51 christos Exp $
> +# $NetBSD: ppp,v 1.9 2012/12/04 16:38:40 prlw1 Exp $
> #
>
> # PROVIDE: ppp
> @@ -14,6 +14,7 @@
> $_rc_subr_loaded . /etc/rc.subr
>
> name="ppp"
> +rcvar=$name
> start_cmd="ppp_start"
> stop_cmd="ppp_stop"
> sig_stop="-INT"
> @@ -40,6 +41,8 @@ ppp_start()
> fi
> done
> echo "."
> + else
> + warn "\${ppp_peers} is not set - pppd was not started."
> fi
> }
>
>
Freundliche GrĂ¼sse,
micro systems
Marc Balmer
--
Marc Balmer
micro systems, Wiesendamm 2a, Postfach, 4019 Basel
fon +41 61 383 05 10, fax +41 61 383 05 12, http://www.msys.ch/
Re: CVS commit: src/etc/rc.d
At Sat, 16 Jun 2012 04:17:47 +0200,
Joerg Sonnenberger wrote:
> > > > > Ah, you mean it's enough to add
> > > > > >> rcvar=${name}
> > > > > line into rc.d/makemandb instead of checkyesno?
> > > >
> > > > Exactly.
> > >
> > > Is it true?
> > > I could not disable it with this patch (diff from rev1.1):
> > > Please show the precise patch which you suggest.
> >
> > I am sorry, I confirmed that it works.
> >
> > Then, May I revert my rev 1.2 (to a state of rev 1.1) and
> > re-commit it (as rev 1.4) to simplify pulling up?
> > or commit it (as rev 1.3) and pull up 1.2 and 1.3?
>
> Just requestion pullup of 1.2 and 1.3 at the same time.
> Thanks for looking at this in detail.
Thank you.
I've commited it and I'll pull up 1.2-1.3.
---
Tetsuya Isaki
Re: CVS commit: src/etc/rc.d
On Sat, Jun 16, 2012 at 10:50:08AM +0900, Tetsuya Isaki wrote:
> At Wed, 13 Jun 2012 11:35:37 +0900,
> Tetsuya Isaki wrote:
> > > > > The rcvar assignment was missing, but shouldn't the normal logic
> > > > > skip calling the start command if the rcvar is not YES?
> > > >
> > > > Ah, you mean it's enough to add
> > > > >> rcvar=${name}
> > > > line into rc.d/makemandb instead of checkyesno?
> > >
> > > Exactly.
> >
> > Is it true?
> > I could not disable it with this patch (diff from rev1.1):
> > Please show the precise patch which you suggest.
>
> I am sorry, I confirmed that it works.
>
> Then, May I revert my rev 1.2 (to a state of rev 1.1) and
> re-commit it (as rev 1.4) to simplify pulling up?
> or commit it (as rev 1.3) and pull up 1.2 and 1.3?
Just requestion pullup of 1.2 and 1.3 at the same time.
Thanks for looking at this in detail.
Joerg
