From 5aea880f8158945d2cc9390891de6af8ca0a9b28 Mon Sep 17 00:00:00 2001 From: Roy Marples Date: Thu, 10 Jan 2008 20:17:55 +0000 Subject: Move FreeBSD specific files to the new FreeBSD folders. --- conf.d.BSD/syscons | 19 --- conf.d.FreeBSD/Makefile | 5 + conf.d.FreeBSD/syscons | 19 +++ etc.BSD/Makefile | 3 +- etc.BSD/devd.conf | 315 --------------------------------------------- etc.BSD/rc.devd | 52 -------- etc.FreeBSD/Makefile | 6 + etc.FreeBSD/devd.conf | 315 +++++++++++++++++++++++++++++++++++++++++++++ etc.FreeBSD/rc.devd | 52 ++++++++ init.d.BSD/devd | 42 ------ init.d.BSD/dumpon | 45 ------- init.d.BSD/ipfw | 169 ------------------------ init.d.BSD/nscd | 43 ------- init.d.BSD/syscons | 103 --------------- init.d.FreeBSD/Makefile | 5 + init.d.FreeBSD/devd | 42 ++++++ init.d.FreeBSD/dumpon | 45 +++++++ init.d.FreeBSD/ipfw | 169 ++++++++++++++++++++++++ init.d.FreeBSD/nscd | 43 +++++++ init.d.FreeBSD/syscons | 103 +++++++++++++++ runlevels.BSD/Makefile | 4 +- runlevels.FreeBSD/Makefile | 4 + 22 files changed, 811 insertions(+), 792 deletions(-) delete mode 100644 conf.d.BSD/syscons create mode 100644 conf.d.FreeBSD/Makefile create mode 100644 conf.d.FreeBSD/syscons delete mode 100644 etc.BSD/devd.conf delete mode 100644 etc.BSD/rc.devd create mode 100644 etc.FreeBSD/Makefile create mode 100644 etc.FreeBSD/devd.conf create mode 100644 etc.FreeBSD/rc.devd delete mode 100644 init.d.BSD/devd delete mode 100755 init.d.BSD/dumpon delete mode 100644 init.d.BSD/ipfw delete mode 100644 init.d.BSD/nscd delete mode 100644 init.d.BSD/syscons create mode 100644 init.d.FreeBSD/Makefile create mode 100644 init.d.FreeBSD/devd create mode 100644 init.d.FreeBSD/dumpon create mode 100644 init.d.FreeBSD/ipfw create mode 100644 init.d.FreeBSD/nscd create mode 100644 init.d.FreeBSD/syscons create mode 100644 runlevels.FreeBSD/Makefile diff --git a/conf.d.BSD/syscons b/conf.d.BSD/syscons deleted file mode 100644 index cd012df6..00000000 --- a/conf.d.BSD/syscons +++ /dev/null @@ -1,19 +0,0 @@ -# Example syscons config file. This is the place to set things like keymap, etc. - -# Set the video mode - you should check the vidcontrol man page for valid modes -# NOTE:- This will blank the screen after this command is run -# NOTE:- You can get more modes if you load the vesa kernel module, but this -# may require the SC_PIXEL_MODE kernel option -#allscreen_flags="VGA_80x30" - -# Set the keymap to "uk.iso". -#keymap="uk.iso" - -# Set the keyboard rate to 250ms delay, and 34 repeat rate. -#keyrate="250.34" - -# Change the behaviour of F-unction keys (see kbdcontrol(1)). -#keychange="10 'ssh myhost'" - -# See vidcontrol(1) -t -#blanktime="off" diff --git a/conf.d.FreeBSD/Makefile b/conf.d.FreeBSD/Makefile new file mode 100644 index 00000000..c48abbfa --- /dev/null +++ b/conf.d.FreeBSD/Makefile @@ -0,0 +1,5 @@ +DIR= /etc/conf.d +CONF= ${CONTENTS} + +MK= ../mk +include ${MK}/scripts.mk diff --git a/conf.d.FreeBSD/syscons b/conf.d.FreeBSD/syscons new file mode 100644 index 00000000..cd012df6 --- /dev/null +++ b/conf.d.FreeBSD/syscons @@ -0,0 +1,19 @@ +# Example syscons config file. This is the place to set things like keymap, etc. + +# Set the video mode - you should check the vidcontrol man page for valid modes +# NOTE:- This will blank the screen after this command is run +# NOTE:- You can get more modes if you load the vesa kernel module, but this +# may require the SC_PIXEL_MODE kernel option +#allscreen_flags="VGA_80x30" + +# Set the keymap to "uk.iso". +#keymap="uk.iso" + +# Set the keyboard rate to 250ms delay, and 34 repeat rate. +#keyrate="250.34" + +# Change the behaviour of F-unction keys (see kbdcontrol(1)). +#keychange="10 'ssh myhost'" + +# See vidcontrol(1) -t +#blanktime="off" diff --git a/etc.BSD/Makefile b/etc.BSD/Makefile index 639b927c..cb466dc0 100644 --- a/etc.BSD/Makefile +++ b/etc.BSD/Makefile @@ -1,6 +1,5 @@ DIR= /etc -CONF= devd.conf rc rc.shutdown -BIN= rc.devd +CONF= $(CONTENTS) MK= ../mk include ${MK}/scripts.mk diff --git a/etc.BSD/devd.conf b/etc.BSD/devd.conf deleted file mode 100644 index 3cd262cf..00000000 --- a/etc.BSD/devd.conf +++ /dev/null @@ -1,315 +0,0 @@ -# $FreeBSD: src/etc/devd.conf,v 1.38 2007/06/21 22:50:36 njl Exp $ -# -# Refer to devd.conf(5) and devd(8) man pages for the details on how to -# run and configure devd. -# - -# NB: All regular expressions have an implicit ^$ around them. -# NB: device-name is shorthand for 'match device-name' - -options { - # Each directory directive adds a directory the list of directories - # that we scan for files. Files are read-in in the order that they - # are returned from readdir(3). The rule-sets are combined to - # create a DFA that's used to match events to actions. - directory "/etc/devd"; - directory "/usr/local/etc/devd"; - pid-file "/var/run/devd.pid"; - - # Setup some shorthand for regex that we use later in the file. - #XXX Yes, these are gross -- imp - set scsi-controller-regex - "(aac|adv|adw|aha|ahb|ahc|ahd|aic|amd|amr|asr|bt|ciss|ct|dpt|\ - esp|ida|iir|ips|isp|mlx|mly|mpt|ncr|ncv|nsp|stg|sym|trm|wds)\ - [0-9]+"; -}; - -# Note that the attach/detach with the highest value wins, so that one can -# override these general rules. - -# -# Configure the interface on attach. Due to a historical accident, this -# script is called pccard_ether. -# -notify 0 { - match "system" "IFNET"; - match "type" "ATTACH"; - action "/etc/rc.devd net.$subsystem start"; -}; - -notify 0 { - match "system" "IFNET"; - match "type" "DETACH"; - action "/etc/rc.devd net.$subsystem stop"; -}; - -# -# Try to configure the interface when the network comes up and deconfigure -# when it goes down -# -notify 0 { - match "system" "IFNET"; - match "type" "LINK_UP"; - media-type "ethernet"; - action "/etc/rc.devd net.$subsystem start"; -}; - -notify 0 { - match "system" "IFNET"; - match "type" "LINK_DOWN"; - media-type "ethernet"; - action "/etc/rc.devd net.$subsystem stop"; -}; -# -# Like Ethernet devices, but separate because -# they have a different media type. We may want -# to exploit this later. -# -detach 0 { - media-type "802.11"; - action "/etc/rc.devd net.$device-name stop"; -}; -attach 0 { - media-type "802.11"; - action "/etc/rc.devd net.$device-name start"; -}; -notify 0 { - match "system" "IFNET"; - match "type" "LINK_UP"; - media-type "802.11"; - action "/etc/rc.devd net.$subsystem start"; -}; -notify 0 { - match "system" "IFNET"; - match "type" "LINK_DOWN"; - media-type "802.11"; - action "/etc/rc.devd net.$subsystem stop"; -}; - -# An entry like this might be in a different file, but is included here -# as an example of how to override things. Normally 'ed50' would match -# the above attach/detach stuff, but the value of 100 makes it -# hard wired to 1.2.3.4. -attach 100 { - device-name "ed50"; - action "ifconfig $device-name inet 1.2.3.4 netmask 0xffff0000"; -}; -detach 100 { - device-name "ed50"; -}; - -# When a USB Bluetooth dongle appears activate it -attach 100 { - device-name "ubt[0-9]+"; - action "/etc/rc.d/bluetooth start $device-name"; -}; -detach 100 { - device-name "ubt[0-9]+"; - action "/etc/rc.d/bluetooth stop $device-name"; -}; - -# When a USB keyboard arrives, attach it as the console keyboard. -attach 100 { - device-name "ukbd0"; - action "/etc/rc.d/syscons setkeyboard /dev/ukbd0"; -}; -detach 100 { - device-name "ukbd0"; - action "/etc/rc.d/syscons setkeyboard /dev/kbd0"; -}; - -# The entry below starts moused when a mouse is plugged in. Moused -# stops automatically (actually it bombs :) when the device disappears. -attach 100 { - device-name "ums[0-9]+"; - action "/etc/rc.devd moused.$device-name start"; -}; - -# Firmware download into the ActiveWire board. After the firmware download is -# done the device detaches and reappears as something new and shiny -# automatically. -attach 100 { - match "vendor" "0x0854"; - match "product" "0x0100"; - match "release" "0x0000"; - action "/usr/local/bin/ezdownload -f /usr/local/share/usb/firmware/0854.0100.0_01.hex $device-name"; -}; - -# Firmware download for Entrega Serial DB25 adapter. -attach 100 { - match "vendor" "0x1645"; - match "product" "0x8001"; - match "release" "0x0101"; - action "if ! kldstat -n usio > /dev/null 2>&1 ; then kldload usio; fi /usr/sbin/ezdownload -v -f /usr/share/usb/firmware/1645.8001.0101 /dev/$device-name"; -}; - -# This entry starts the ColdSync tool in daemon mode. Make sure you have an up -# to date /usr/local/etc/palms. We override the 'listen' settings for port and -# type in /usr/local/etc/coldsync.conf. -attach 100 { - device-name "ugen[0-9]+"; - match "vendor" "0x082d"; - match "product" "0x0100"; - match "release" "0x0100"; - action "/usr/local/bin/coldsync -md -p /dev/$device-name -t usb"; -}; - -# -# Rescan scsi device-names on attach, but not detach. However, it is -# disabled by default due to reports of problems. -# -attach 0 { - device-name "$scsi-controller-regex"; -// action "camcontrol rescan all"; -}; - -# Don't even try to second guess what to do about drivers that don't -# match here. Instead, pass it off to syslog. Commented out for the -# moment, as the pnpinfo variable isn't set in devd yet. Individual -# variables within the bus supplied pnpinfo are set. -nomatch 0 { -# action "logger Unknown device: $pnpinfo $location $bus"; -}; - -# Various logging of unknown devices. -nomatch 10 { - match "bus" "uhub[0-9]+"; - action "logger Unknown USB device: vendor $vendor product $product \ - bus $bus"; -}; - -# Some PC-CARDs don't offer numerical manufacturer/product IDs, just -# show the CIS info there. -nomatch 20 { - match "bus" "pccard[0-9]+"; - match "manufacturer" "0xffffffff"; - match "product" "0xffffffff"; - action "logger Unknown PCCARD device: CISproduct $cisproduct \ - CIS-vendor $cisvendor bus $bus"; -}; - -nomatch 10 { - match "bus" "pccard[0-9]+"; - action "logger Unknown PCCARD device: manufacturer $manufacturer \ - product $product CISproduct $cisproduct CIS-vendor \ - $cisvendor bus $bus"; -}; - -nomatch 10 { - match "bus" "cardbus[0-9]+"; - action "logger Unknown Cardbus device: device $device class $class \ - vendor $vendor bus $bus"; -}; - -# Switch power profiles when the AC line state changes. -notify 10 { - match "system" "ACPI"; - match "subsystem" "ACAD"; - action "/etc/rc.d/power_profile $notify"; -}; - -# Notify all users before beginning emergency shutdown when we get -# a _CRT or _HOT thermal event and we're going to power down the system -# very soon. -notify 10 { - match "system" "ACPI"; - match "subsystem" "Thermal"; - match "notify" "0xcc"; - action "logger -p kern.emerg 'WARNING: system temperature too high, shutting down soon!'"; -}; - -# Sample ZFS problem reports handling. -notify 10 { - match "system" "ZFS"; - match "type" "zpool"; - action "logger -p kern.err 'ZFS: failed to load zpool $pool'"; -}; - -notify 10 { - match "system" "ZFS"; - match "type" "vdev"; - action "logger -p kern.err 'ZFS: vdev failure, zpool=$pool type=$type'"; -}; - -notify 10 { - match "system" "ZFS"; - match "type" "data"; - action "logger -p kern.warn 'ZFS: zpool I/O failure, zpool=$pool error=$zio_err'"; -}; - -notify 10 { - match "system" "ZFS"; - match "type" "io"; - action "logger -p kern.warn 'ZFS: vdev I/O failure, zpool=$pool path=$vdev_path offset=$zio_offset size=$zio_size error=$zio_err'"; -}; - -notify 10 { - match "system" "ZFS"; - match "type" "checksum"; - action "logger -p kern.warn 'ZFS: checksum mismatch, zpool=$pool path=$vdev_path offset=$zio_offset size=$zio_size'"; -}; - -# User requested suspend, so perform preparation steps and then execute -# the actual suspend process. -notify 10 { - match "system" "ACPI"; - match "subsystem" "Suspend"; - action "/etc/rc.suspend acpi $notify"; -}; -notify 10 { - match "system" "ACPI"; - match "subsystem" "Resume"; - action "/etc/rc.resume acpi $notify"; -}; - -/* EXAMPLES TO END OF FILE - -# The following might be an example of something that a vendor might -# install if you were to add their device. This might reside in -# /usr/local/etc/devd/deqna.conf. A deqna is, in this hypothetical -# example, a pccard ethernet-like device. Students of history may -# know other devices by this name, and will get the in-jokes in this -# entry. -nomatch 10 { - match "bus" "pccard[0-9]+"; - match "manufacturer" "0x1234"; - match "product" "0x2323"; - action "kldload if_deqna"; -}; -attach 10 { - device-name "deqna[0-9]+"; - action "/etc/pccard_ether $device-name start"; -}; -detach 10 { - device-name "deqna[0-9]+"; - action "/etc/pccard_ether $device-name stop"; -}; - -# Examples of notify hooks. A notify is a generic way for a kernel -# subsystem to send event notification to userland. -# -# Here are some examples of ACPI notify handlers. ACPI subsystems that -# generate notifies include the AC adapter, power/sleep buttons, -# control method batteries, lid switch, and thermal zones. -# -# Information returned is not always the same as the ACPI notify -# events. See the ACPI specification for more information about -# notifies. Here is the information returned for each subsystem: -# -# ACAD: AC line state (0 is offline, 1 is online) -# Button: Button pressed (0 for power, 1 for sleep) -# CMBAT: ACPI battery events -# Lid: Lid state (0 is closed, 1 is open) -# Suspend, Resume: Suspend and resume notification -# Thermal: ACPI thermal zone events -# -# This example calls a script when the AC state changes, passing the -# notify value as the first argument. If the state is 0x00, it might -# call some sysctls to implement economy mode. If 0x01, it might set -# the mode to performance. -notify 10 { - match "system" "ACPI"; - match "subsystem" "ACAD"; - action "/etc/acpi_ac $notify"; -}; -*/ diff --git a/etc.BSD/rc.devd b/etc.BSD/rc.devd deleted file mode 100644 index 3073ce5e..00000000 --- a/etc.BSD/rc.devd +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/sh -# Copyright 2007 Roy Marples -# All rights reserved - -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -# Inform RC that we are in the background and hotplugged -export IN_BACKGROUND=yes -export IN_HOTPLUG=yes - -getmedia() { - ifconfig "$1" | while read line; do - case "${line}" in - media:" "*) echo "${line}"; return;; - esac - done -} - -# Try and create an init script for network interfaces -if [ ! -e /etc/init.d/"$1" -a ! -e /usr/local/init.d/"$1" ]; then - base=${1%%.*} - if [ "${base}" = "net" ]; then - # We only create links for pyhsical interfaces - [ -n "$(getmedia ${1#*.})" ] || exit 1 - base="net.lo0" - fi - if [ -e /etc/init.d/"${base}" -a "${base}" != "$1" ]; then - ln -s "${base}" /etc/init.d/"$1" - fi -fi - -# Run the init script -exec /etc/init.d/"$1" "$2" diff --git a/etc.FreeBSD/Makefile b/etc.FreeBSD/Makefile new file mode 100644 index 00000000..b4e8b069 --- /dev/null +++ b/etc.FreeBSD/Makefile @@ -0,0 +1,6 @@ +DIR= /etc +CONF= devd.conf +BIN= rc.devd + +MK= ../mk +include ${MK}/scripts.mk diff --git a/etc.FreeBSD/devd.conf b/etc.FreeBSD/devd.conf new file mode 100644 index 00000000..3cd262cf --- /dev/null +++ b/etc.FreeBSD/devd.conf @@ -0,0 +1,315 @@ +# $FreeBSD: src/etc/devd.conf,v 1.38 2007/06/21 22:50:36 njl Exp $ +# +# Refer to devd.conf(5) and devd(8) man pages for the details on how to +# run and configure devd. +# + +# NB: All regular expressions have an implicit ^$ around them. +# NB: device-name is shorthand for 'match device-name' + +options { + # Each directory directive adds a directory the list of directories + # that we scan for files. Files are read-in in the order that they + # are returned from readdir(3). The rule-sets are combined to + # create a DFA that's used to match events to actions. + directory "/etc/devd"; + directory "/usr/local/etc/devd"; + pid-file "/var/run/devd.pid"; + + # Setup some shorthand for regex that we use later in the file. + #XXX Yes, these are gross -- imp + set scsi-controller-regex + "(aac|adv|adw|aha|ahb|ahc|ahd|aic|amd|amr|asr|bt|ciss|ct|dpt|\ + esp|ida|iir|ips|isp|mlx|mly|mpt|ncr|ncv|nsp|stg|sym|trm|wds)\ + [0-9]+"; +}; + +# Note that the attach/detach with the highest value wins, so that one can +# override these general rules. + +# +# Configure the interface on attach. Due to a historical accident, this +# script is called pccard_ether. +# +notify 0 { + match "system" "IFNET"; + match "type" "ATTACH"; + action "/etc/rc.devd net.$subsystem start"; +}; + +notify 0 { + match "system" "IFNET"; + match "type" "DETACH"; + action "/etc/rc.devd net.$subsystem stop"; +}; + +# +# Try to configure the interface when the network comes up and deconfigure +# when it goes down +# +notify 0 { + match "system" "IFNET"; + match "type" "LINK_UP"; + media-type "ethernet"; + action "/etc/rc.devd net.$subsystem start"; +}; + +notify 0 { + match "system" "IFNET"; + match "type" "LINK_DOWN"; + media-type "ethernet"; + action "/etc/rc.devd net.$subsystem stop"; +}; +# +# Like Ethernet devices, but separate because +# they have a different media type. We may want +# to exploit this later. +# +detach 0 { + media-type "802.11"; + action "/etc/rc.devd net.$device-name stop"; +}; +attach 0 { + media-type "802.11"; + action "/etc/rc.devd net.$device-name start"; +}; +notify 0 { + match "system" "IFNET"; + match "type" "LINK_UP"; + media-type "802.11"; + action "/etc/rc.devd net.$subsystem start"; +}; +notify 0 { + match "system" "IFNET"; + match "type" "LINK_DOWN"; + media-type "802.11"; + action "/etc/rc.devd net.$subsystem stop"; +}; + +# An entry like this might be in a different file, but is included here +# as an example of how to override things. Normally 'ed50' would match +# the above attach/detach stuff, but the value of 100 makes it +# hard wired to 1.2.3.4. +attach 100 { + device-name "ed50"; + action "ifconfig $device-name inet 1.2.3.4 netmask 0xffff0000"; +}; +detach 100 { + device-name "ed50"; +}; + +# When a USB Bluetooth dongle appears activate it +attach 100 { + device-name "ubt[0-9]+"; + action "/etc/rc.d/bluetooth start $device-name"; +}; +detach 100 { + device-name "ubt[0-9]+"; + action "/etc/rc.d/bluetooth stop $device-name"; +}; + +# When a USB keyboard arrives, attach it as the console keyboard. +attach 100 { + device-name "ukbd0"; + action "/etc/rc.d/syscons setkeyboard /dev/ukbd0"; +}; +detach 100 { + device-name "ukbd0"; + action "/etc/rc.d/syscons setkeyboard /dev/kbd0"; +}; + +# The entry below starts moused when a mouse is plugged in. Moused +# stops automatically (actually it bombs :) when the device disappears. +attach 100 { + device-name "ums[0-9]+"; + action "/etc/rc.devd moused.$device-name start"; +}; + +# Firmware download into the ActiveWire board. After the firmware download is +# done the device detaches and reappears as something new and shiny +# automatically. +attach 100 { + match "vendor" "0x0854"; + match "product" "0x0100"; + match "release" "0x0000"; + action "/usr/local/bin/ezdownload -f /usr/local/share/usb/firmware/0854.0100.0_01.hex $device-name"; +}; + +# Firmware download for Entrega Serial DB25 adapter. +attach 100 { + match "vendor" "0x1645"; + match "product" "0x8001"; + match "release" "0x0101"; + action "if ! kldstat -n usio > /dev/null 2>&1 ; then kldload usio; fi /usr/sbin/ezdownload -v -f /usr/share/usb/firmware/1645.8001.0101 /dev/$device-name"; +}; + +# This entry starts the ColdSync tool in daemon mode. Make sure you have an up +# to date /usr/local/etc/palms. We override the 'listen' settings for port and +# type in /usr/local/etc/coldsync.conf. +attach 100 { + device-name "ugen[0-9]+"; + match "vendor" "0x082d"; + match "product" "0x0100"; + match "release" "0x0100"; + action "/usr/local/bin/coldsync -md -p /dev/$device-name -t usb"; +}; + +# +# Rescan scsi device-names on attach, but not detach. However, it is +# disabled by default due to reports of problems. +# +attach 0 { + device-name "$scsi-controller-regex"; +// action "camcontrol rescan all"; +}; + +# Don't even try to second guess what to do about drivers that don't +# match here. Instead, pass it off to syslog. Commented out for the +# moment, as the pnpinfo variable isn't set in devd yet. Individual +# variables within the bus supplied pnpinfo are set. +nomatch 0 { +# action "logger Unknown device: $pnpinfo $location $bus"; +}; + +# Various logging of unknown devices. +nomatch 10 { + match "bus" "uhub[0-9]+"; + action "logger Unknown USB device: vendor $vendor product $product \ + bus $bus"; +}; + +# Some PC-CARDs don't offer numerical manufacturer/product IDs, just +# show the CIS info there. +nomatch 20 { + match "bus" "pccard[0-9]+"; + match "manufacturer" "0xffffffff"; + match "product" "0xffffffff"; + action "logger Unknown PCCARD device: CISproduct $cisproduct \ + CIS-vendor $cisvendor bus $bus"; +}; + +nomatch 10 { + match "bus" "pccard[0-9]+"; + action "logger Unknown PCCARD device: manufacturer $manufacturer \ + product $product CISproduct $cisproduct CIS-vendor \ + $cisvendor bus $bus"; +}; + +nomatch 10 { + match "bus" "cardbus[0-9]+"; + action "logger Unknown Cardbus device: device $device class $class \ + vendor $vendor bus $bus"; +}; + +# Switch power profiles when the AC line state changes. +notify 10 { + match "system" "ACPI"; + match "subsystem" "ACAD"; + action "/etc/rc.d/power_profile $notify"; +}; + +# Notify all users before beginning emergency shutdown when we get +# a _CRT or _HOT thermal event and we're going to power down the system +# very soon. +notify 10 { + match "system" "ACPI"; + match "subsystem" "Thermal"; + match "notify" "0xcc"; + action "logger -p kern.emerg 'WARNING: system temperature too high, shutting down soon!'"; +}; + +# Sample ZFS problem reports handling. +notify 10 { + match "system" "ZFS"; + match "type" "zpool"; + action "logger -p kern.err 'ZFS: failed to load zpool $pool'"; +}; + +notify 10 { + match "system" "ZFS"; + match "type" "vdev"; + action "logger -p kern.err 'ZFS: vdev failure, zpool=$pool type=$type'"; +}; + +notify 10 { + match "system" "ZFS"; + match "type" "data"; + action "logger -p kern.warn 'ZFS: zpool I/O failure, zpool=$pool error=$zio_err'"; +}; + +notify 10 { + match "system" "ZFS"; + match "type" "io"; + action "logger -p kern.warn 'ZFS: vdev I/O failure, zpool=$pool path=$vdev_path offset=$zio_offset size=$zio_size error=$zio_err'"; +}; + +notify 10 { + match "system" "ZFS"; + match "type" "checksum"; + action "logger -p kern.warn 'ZFS: checksum mismatch, zpool=$pool path=$vdev_path offset=$zio_offset size=$zio_size'"; +}; + +# User requested suspend, so perform preparation steps and then execute +# the actual suspend process. +notify 10 { + match "system" "ACPI"; + match "subsystem" "Suspend"; + action "/etc/rc.suspend acpi $notify"; +}; +notify 10 { + match "system" "ACPI"; + match "subsystem" "Resume"; + action "/etc/rc.resume acpi $notify"; +}; + +/* EXAMPLES TO END OF FILE + +# The following might be an example of something that a vendor might +# install if you were to add their device. This might reside in +# /usr/local/etc/devd/deqna.conf. A deqna is, in this hypothetical +# example, a pccard ethernet-like device. Students of history may +# know other devices by this name, and will get the in-jokes in this +# entry. +nomatch 10 { + match "bus" "pccard[0-9]+"; + match "manufacturer" "0x1234"; + match "product" "0x2323"; + action "kldload if_deqna"; +}; +attach 10 { + device-name "deqna[0-9]+"; + action "/etc/pccard_ether $device-name start"; +}; +detach 10 { + device-name "deqna[0-9]+"; + action "/etc/pccard_ether $device-name stop"; +}; + +# Examples of notify hooks. A notify is a generic way for a kernel +# subsystem to send event notification to userland. +# +# Here are some examples of ACPI notify handlers. ACPI subsystems that +# generate notifies include the AC adapter, power/sleep buttons, +# control method batteries, lid switch, and thermal zones. +# +# Information returned is not always the same as the ACPI notify +# events. See the ACPI specification for more information about +# notifies. Here is the information returned for each subsystem: +# +# ACAD: AC line state (0 is offline, 1 is online) +# Button: Button pressed (0 for power, 1 for sleep) +# CMBAT: ACPI battery events +# Lid: Lid state (0 is closed, 1 is open) +# Suspend, Resume: Suspend and resume notification +# Thermal: ACPI thermal zone events +# +# This example calls a script when the AC state changes, passing the +# notify value as the first argument. If the state is 0x00, it might +# call some sysctls to implement economy mode. If 0x01, it might set +# the mode to performance. +notify 10 { + match "system" "ACPI"; + match "subsystem" "ACAD"; + action "/etc/acpi_ac $notify"; +}; +*/ diff --git a/etc.FreeBSD/rc.devd b/etc.FreeBSD/rc.devd new file mode 100644 index 00000000..3073ce5e --- /dev/null +++ b/etc.FreeBSD/rc.devd @@ -0,0 +1,52 @@ +#!/bin/sh +# Copyright 2007 Roy Marples +# All rights reserved + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +# Inform RC that we are in the background and hotplugged +export IN_BACKGROUND=yes +export IN_HOTPLUG=yes + +getmedia() { + ifconfig "$1" | while read line; do + case "${line}" in + media:" "*) echo "${line}"; return;; + esac + done +} + +# Try and create an init script for network interfaces +if [ ! -e /etc/init.d/"$1" -a ! -e /usr/local/init.d/"$1" ]; then + base=${1%%.*} + if [ "${base}" = "net" ]; then + # We only create links for pyhsical interfaces + [ -n "$(getmedia ${1#*.})" ] || exit 1 + base="net.lo0" + fi + if [ -e /etc/init.d/"${base}" -a "${base}" != "$1" ]; then + ln -s "${base}" /etc/init.d/"$1" + fi +fi + +# Run the init script +exec /etc/init.d/"$1" "$2" diff --git a/init.d.BSD/devd b/init.d.BSD/devd deleted file mode 100644 index 78ce9256..00000000 --- a/init.d.BSD/devd +++ /dev/null @@ -1,42 +0,0 @@ -#!/sbin/runscript -# Copyright 2007 Roy Marples -# All rights reserved - -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -command=/sbin/devd -command_args=${devd_args} -name="Device State Change Daemon" - -depend() { - need localmount - after bootmisc - before net.lo0 -} - -start_pre() { - sysctl hw.bus.devctl_disable=0 >/dev/null -} - -stop_post() { - sysctl hw.bus.devctl_disable=1 >/dev/null -} diff --git a/init.d.BSD/dumpon b/init.d.BSD/dumpon deleted file mode 100755 index 65d901f3..00000000 --- a/init.d.BSD/dumpon +++ /dev/null @@ -1,45 +0,0 @@ -#!/sbin/runscript -# Copyright 2007 Roy Marples -# All rights reserved - -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -description="Configures a specific kernel dump device." - -depend() { - need swap -} - -start() { - # Setup any user requested dump device - if [ -n "${dump_device}" ]; then - ebegin "Activating kernel core dump device (${dump_device})" - dumpon ${dump_device} - eend $? - fi -} - -stop() { - ebegin "Deactiving kernel core dump device" - dumpon off - eend $? -} diff --git a/init.d.BSD/ipfw b/init.d.BSD/ipfw deleted file mode 100644 index 9dca799b..00000000 --- a/init.d.BSD/ipfw +++ /dev/null @@ -1,169 +0,0 @@ -#!/sbin/runscript -# Copyright 2007 Roy Marples -# All rights reserved - -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -# This is based on /etc/rc.firewall and /etc/rc.firewall6 from FreeBSD - -ipfw_ip_in=${ipfw_ip_in-any} -ipfw_ports_in=${ipfw_ports_in-auth ssh} -ipfw_ports_nolog=${ipfw_ports_nolog-135-139,445 1026,1027 1433,1434} - -opts="panic showstatus" - -depend() { - before net - provide firewall -} - -ipfw() { - /sbin/ipfw -f -q "$@" -} - -init() { - # Load the kernel module - if ! sysctl net.inet.ip.fw.enable=1 >/dev/null 2>&1; then - if ! kldload ipfw; then - eend 1 "Unable to load firewall module" - return 1 - fi - fi - - # Now all rules and give a good base - ipfw flush - - ipfw add pass all from any to any via lo0 - ipfw add deny all from any to 127.0.0.0/8 - ipfw add deny ip from 127.0.0.0/8 to any - - ipfw add pass ip6 from any to any via lo0 - ipfw add deny ip6 from any to ::1 - ipfw add deny ip6 from ::1 to any - - ipfw add pass ip6 from :: to ff02::/16 proto ipv6-icmp - ipfw add pass ip6 from fe80::/10 to fe80::/10 proto ipv6-icmp - ipfw add pass ip6 from fe80::/10 to ff02::/16 proto ipv6-icmp -} - -start() { - local i= p= log= - ebegin "Starting firewall rules" - if ! init; then - eend 1 "Failed to flush firewall ruleset" - return 1 - fi - - # Use a statefull firewall - ipfw add check-state - ipfw add pass tcp from me to any established - - # Allow any connection out, adding state for each. - ipfw add pass tcp from me to any setup keep-state - ipfw add pass udp from me to any keep-state - ipfw add pass icmp from me to any keep-state - - ipfw add pass tcp from me6 to any setup keep-state - ipfw add pass udp from me6 to any keep-state - ipfw add pass icmp from me6 to any keep-state - - # Allow DHCP. - ipfw add pass udp from 0.0.0.0 68 to 255.255.255.255 67 out - ipfw add pass udp from any 67 to me 68 in - ipfw add pass udp from any 67 to 255.255.255.255 68 in - # Some servers will ping the IP while trying to decide if it's - # still in use. - ipfw add pass icmp from any to any icmptype 8 - - # Allow "mandatory" ICMP in. - ipfw add pass icmp from any to any icmptype 3,4,11 - - # Allow ICMPv6 destination unreach - ipfw add pass ip6 from any to any icmp6types 1 proto ipv6-icmp - - # Allow NS/NA/toobig (don't filter it out) - ipfw add pass ip6 from any to any icmp6types 2,135,136 proto ipv6-icmp - - # Add permits for this workstations published services below - # Only IPs and nets in firewall_allowservices is allowed in. - for i in ${ipfw_ip_in}; do - for p in ${ipfw_ports_in}; do - ipfw add pass tcp from ${i} to me ${p} - done - done - - # Allow all connections from trusted IPs. - # Playing with the content of firewall_trusted could seriously - # degrade the level of protection provided by the firewall. - for i in ${ipfw_ip_trust}; do - ipfw add pass ip from ${i} to me - done - - ipfw add 65000 count ip from any to any - - # Drop packets to ports where we don't want logging - for p in ${ipfw_ports_nolog}; do - ipfw add deny { tcp or udp } from any to any ${p} in - done - - # Broadcasts and muticasts - ipfw add deny ip from any to 255.255.255.255 - ipfw add deny ip from any to 224.0.0.0/24 - - # Noise from routers - ipfw add deny udp from any to any 520 in - - # Noise from webbrowsing. - # The statefull filter is a bit agressive, and will cause some - # connection teardowns to be logged. - ipfw add deny tcp from any 80,443 to any 1024-65535 in - - # Deny and (if wanted) log the rest unconditionally. - if yesno ${ipfw_log_deny:-no}; then - log="log" - sysctl net.inet.ip.fw.verbose=1 >/dev/null - fi - ipfw add deny ${log} ip from any to any - - eend 0 -} - -stop() { - ebegin "Stopping firewall rules" - # We don't unload the kernel module as that action - # can cause memory leaks as of FreeBSD 6.x - sysctl net.inet.ip.fw.enable=0 >/dev/null - eend $? -} - -panic() { - ebegin "Stopping firewall rules - hard" - if ! init; then - eend 1 "Failed to flush firewall ruleset" - return 1 - fi - eend 0 -} - -showstatus() { - ipfw show -} diff --git a/init.d.BSD/nscd b/init.d.BSD/nscd deleted file mode 100644 index 4dbeacc4..00000000 --- a/init.d.BSD/nscd +++ /dev/null @@ -1,43 +0,0 @@ -#!/sbin/runscript -# Copyright 2007 Roy Marples -# All rights reserved - -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -command=/usr/sbin/nscd -command_args="${nscd_args}" -pidfile=/var/run/nscd.pid -name="Name Service Cache Daemon" - -extra_started_commands="flush" - -depend() { - need localmount - use net dns ldap ypbind - after bootmisc -} - -flush() { - ebegin "Flushing ${name}" - nscd -I all >/dev/null - eend $? -} diff --git a/init.d.BSD/syscons b/init.d.BSD/syscons deleted file mode 100644 index c04ccff1..00000000 --- a/init.d.BSD/syscons +++ /dev/null @@ -1,103 +0,0 @@ -#!/sbin/runscript -# Copyright 2007 Roy Marples -# All rights reserved - -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -depend() { - need localmount -} - -start() { - if [ -n "${allscreen_flags}" ]; then - ebegin "Setting mode to ${allscreen_flags} for all screens" - for v in /dev/ttyv*; do - vidcontrol ${allscreen_flags} <"${v}" - done - eend $? - fi - - if [ -n "${keymap}" ]; then - ebegin "Setting keymap to ${keymap}" - kbdcontrol -l ${keymap} \`$2'" - kbdcontrol -f "$1" "$2" /dev/null +} + +stop_post() { + sysctl hw.bus.devctl_disable=1 >/dev/null +} diff --git a/init.d.FreeBSD/dumpon b/init.d.FreeBSD/dumpon new file mode 100644 index 00000000..65d901f3 --- /dev/null +++ b/init.d.FreeBSD/dumpon @@ -0,0 +1,45 @@ +#!/sbin/runscript +# Copyright 2007 Roy Marples +# All rights reserved + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +description="Configures a specific kernel dump device." + +depend() { + need swap +} + +start() { + # Setup any user requested dump device + if [ -n "${dump_device}" ]; then + ebegin "Activating kernel core dump device (${dump_device})" + dumpon ${dump_device} + eend $? + fi +} + +stop() { + ebegin "Deactiving kernel core dump device" + dumpon off + eend $? +} diff --git a/init.d.FreeBSD/ipfw b/init.d.FreeBSD/ipfw new file mode 100644 index 00000000..9dca799b --- /dev/null +++ b/init.d.FreeBSD/ipfw @@ -0,0 +1,169 @@ +#!/sbin/runscript +# Copyright 2007 Roy Marples +# All rights reserved + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +# This is based on /etc/rc.firewall and /etc/rc.firewall6 from FreeBSD + +ipfw_ip_in=${ipfw_ip_in-any} +ipfw_ports_in=${ipfw_ports_in-auth ssh} +ipfw_ports_nolog=${ipfw_ports_nolog-135-139,445 1026,1027 1433,1434} + +opts="panic showstatus" + +depend() { + before net + provide firewall +} + +ipfw() { + /sbin/ipfw -f -q "$@" +} + +init() { + # Load the kernel module + if ! sysctl net.inet.ip.fw.enable=1 >/dev/null 2>&1; then + if ! kldload ipfw; then + eend 1 "Unable to load firewall module" + return 1 + fi + fi + + # Now all rules and give a good base + ipfw flush + + ipfw add pass all from any to any via lo0 + ipfw add deny all from any to 127.0.0.0/8 + ipfw add deny ip from 127.0.0.0/8 to any + + ipfw add pass ip6 from any to any via lo0 + ipfw add deny ip6 from any to ::1 + ipfw add deny ip6 from ::1 to any + + ipfw add pass ip6 from :: to ff02::/16 proto ipv6-icmp + ipfw add pass ip6 from fe80::/10 to fe80::/10 proto ipv6-icmp + ipfw add pass ip6 from fe80::/10 to ff02::/16 proto ipv6-icmp +} + +start() { + local i= p= log= + ebegin "Starting firewall rules" + if ! init; then + eend 1 "Failed to flush firewall ruleset" + return 1 + fi + + # Use a statefull firewall + ipfw add check-state + ipfw add pass tcp from me to any established + + # Allow any connection out, adding state for each. + ipfw add pass tcp from me to any setup keep-state + ipfw add pass udp from me to any keep-state + ipfw add pass icmp from me to any keep-state + + ipfw add pass tcp from me6 to any setup keep-state + ipfw add pass udp from me6 to any keep-state + ipfw add pass icmp from me6 to any keep-state + + # Allow DHCP. + ipfw add pass udp from 0.0.0.0 68 to 255.255.255.255 67 out + ipfw add pass udp from any 67 to me 68 in + ipfw add pass udp from any 67 to 255.255.255.255 68 in + # Some servers will ping the IP while trying to decide if it's + # still in use. + ipfw add pass icmp from any to any icmptype 8 + + # Allow "mandatory" ICMP in. + ipfw add pass icmp from any to any icmptype 3,4,11 + + # Allow ICMPv6 destination unreach + ipfw add pass ip6 from any to any icmp6types 1 proto ipv6-icmp + + # Allow NS/NA/toobig (don't filter it out) + ipfw add pass ip6 from any to any icmp6types 2,135,136 proto ipv6-icmp + + # Add permits for this workstations published services below + # Only IPs and nets in firewall_allowservices is allowed in. + for i in ${ipfw_ip_in}; do + for p in ${ipfw_ports_in}; do + ipfw add pass tcp from ${i} to me ${p} + done + done + + # Allow all connections from trusted IPs. + # Playing with the content of firewall_trusted could seriously + # degrade the level of protection provided by the firewall. + for i in ${ipfw_ip_trust}; do + ipfw add pass ip from ${i} to me + done + + ipfw add 65000 count ip from any to any + + # Drop packets to ports where we don't want logging + for p in ${ipfw_ports_nolog}; do + ipfw add deny { tcp or udp } from any to any ${p} in + done + + # Broadcasts and muticasts + ipfw add deny ip from any to 255.255.255.255 + ipfw add deny ip from any to 224.0.0.0/24 + + # Noise from routers + ipfw add deny udp from any to any 520 in + + # Noise from webbrowsing. + # The statefull filter is a bit agressive, and will cause some + # connection teardowns to be logged. + ipfw add deny tcp from any 80,443 to any 1024-65535 in + + # Deny and (if wanted) log the rest unconditionally. + if yesno ${ipfw_log_deny:-no}; then + log="log" + sysctl net.inet.ip.fw.verbose=1 >/dev/null + fi + ipfw add deny ${log} ip from any to any + + eend 0 +} + +stop() { + ebegin "Stopping firewall rules" + # We don't unload the kernel module as that action + # can cause memory leaks as of FreeBSD 6.x + sysctl net.inet.ip.fw.enable=0 >/dev/null + eend $? +} + +panic() { + ebegin "Stopping firewall rules - hard" + if ! init; then + eend 1 "Failed to flush firewall ruleset" + return 1 + fi + eend 0 +} + +showstatus() { + ipfw show +} diff --git a/init.d.FreeBSD/nscd b/init.d.FreeBSD/nscd new file mode 100644 index 00000000..4dbeacc4 --- /dev/null +++ b/init.d.FreeBSD/nscd @@ -0,0 +1,43 @@ +#!/sbin/runscript +# Copyright 2007 Roy Marples +# All rights reserved + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +command=/usr/sbin/nscd +command_args="${nscd_args}" +pidfile=/var/run/nscd.pid +name="Name Service Cache Daemon" + +extra_started_commands="flush" + +depend() { + need localmount + use net dns ldap ypbind + after bootmisc +} + +flush() { + ebegin "Flushing ${name}" + nscd -I all >/dev/null + eend $? +} diff --git a/init.d.FreeBSD/syscons b/init.d.FreeBSD/syscons new file mode 100644 index 00000000..c04ccff1 --- /dev/null +++ b/init.d.FreeBSD/syscons @@ -0,0 +1,103 @@ +#!/sbin/runscript +# Copyright 2007 Roy Marples +# All rights reserved + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +depend() { + need localmount +} + +start() { + if [ -n "${allscreen_flags}" ]; then + ebegin "Setting mode to ${allscreen_flags} for all screens" + for v in /dev/ttyv*; do + vidcontrol ${allscreen_flags} <"${v}" + done + eend $? + fi + + if [ -n "${keymap}" ]; then + ebegin "Setting keymap to ${keymap}" + kbdcontrol -l ${keymap} \`$2'" + kbdcontrol -f "$1" "$2"