Created
April 13, 2018 11:41
Star
You must be signed in to star a gist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -ur -x moduli 62/etc/daily 63/etc/daily | |
--- 62/etc/daily 2017-10-04 05:13:09.000000000 +0200 | |
+++ 63/etc/daily 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,5 +1,5 @@ | |
# | |
-# $OpenBSD: daily,v 1.90 2017/07/10 11:18:48 bluhm Exp $ | |
+# $OpenBSD: daily,v 1.91 2018/02/06 19:57:37 tb Exp $ | |
# From: @(#)daily 8.2 (Berkeley) 1/25/94 | |
# | |
# For local additions, create the file /etc/daily.local. | |
@@ -90,7 +90,10 @@ | |
fi | |
rootbak=${rootbak#/dev/} | |
bakdisk=${rootbak%%?(.)[a-p]} | |
- sysctl -n hw.disknames | grep -Fqw $bakdisk || break | |
+ if ! sysctl -n hw.disknames | grep -Fqw $bakdisk; then | |
+ echo "Backup disk '$bakdisk' not present in hw.disknames." | |
+ break | |
+ fi | |
bakpart=${rootbak##$bakdisk?(.)} | |
OLDIFS=$IFS | |
IFS=, | |
diff -ur -x moduli 62/etc/examples/dhclient.conf 63/etc/examples/dhclient.conf | |
--- 62/etc/examples/dhclient.conf 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/examples/dhclient.conf 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,9 +1,8 @@ | |
-# $OpenBSD: dhclient.conf,v 1.1 2014/08/29 18:05:39 ajacoutot Exp $ | |
+# $OpenBSD: dhclient.conf,v 1.2 2017/10/16 23:43:41 krw Exp $ | |
# | |
# DHCP Client Configuration | |
# | |
# See dhclient.conf(5) for possible contents of this file. | |
-# When empty default values are used: | |
# | |
# Example: | |
# | |
diff -ur -x moduli 62/etc/examples/httpd.conf 63/etc/examples/httpd.conf | |
--- 62/etc/examples/httpd.conf 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/examples/httpd.conf 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,81 +1,29 @@ | |
-# $OpenBSD: httpd.conf,v 1.17 2017/04/16 08:50:49 ajacoutot Exp $ | |
+# $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $ | |
-# | |
-# Macros | |
-# | |
-ext_addr="*" | |
- | |
-# | |
-# Global Options | |
-# | |
-# prefork 3 | |
- | |
-# | |
-# Servers | |
-# | |
- | |
-# A minimal default server | |
-server "default" { | |
- listen on $ext_addr port 80 | |
+server "example.com" { | |
+ listen on * port 80 | |
+ listen on :: port 80 | |
+ location "/.well-known/acme-challenge/*" { | |
+ root "/acme" | |
+ root strip 2 | |
+ } | |
+ location * { | |
+ block return 302 "https://$HTTP_HOST$REQUEST_URI" | |
+ } | |
} | |
-# A name-based "virtual" server on the same address | |
-server "www.example.com" { | |
- listen on $ext_addr port 80 | |
- | |
- # Logging is enabled by default, but it can be turned off per server | |
- #no log | |
- | |
+server "example.com" { | |
+ listen on * tls port 443 | |
+ listen on :: tls port 443 | |
+ tls { | |
+ certificate "/etc/ssl/example.com.fullchain.pem" | |
+ key "/etc/ssl/private/example.com.key" | |
+ } | |
location "/pub/*" { | |
directory auto index | |
- log style combined | |
- } | |
- | |
- location "*.php" { | |
- fastcgi socket "/run/php-fpm.sock" | |
} | |
- | |
- location "/cgi-bin/*" { | |
- fastcgi | |
- | |
- # The /cgi-bin directory is outside of the document root | |
- root "/" | |
+ location "/.well-known/acme-challenge/*" { | |
+ root "/acme" | |
+ root strip 2 | |
} | |
- | |
- root "/htdocs/www.example.com" | |
-} | |
- | |
-# An HTTPS server using SSL/TLS | |
-server "secure.example.com" { | |
- listen on 127.0.0.1 tls port 443 | |
- | |
- # TLS certificate and key files created with acme-client(1) | |
- tls certificate "/etc/ssl/example.com.fullchain.pem" | |
- tls key "/etc/ssl/private/example.com.key" | |
- | |
- # Define server-specific log files relative to /logs | |
- log { access "secure-access.log", error "secure-error.log" } | |
- | |
- # Increase connection limits to extend the lifetime | |
- connection { max requests 500, timeout 3600 } | |
- | |
- root "/htdocs/secure.example.com" | |
-} | |
- | |
-# Another server on a different internal IPv4 address | |
-server "intranet.example.com" { | |
- listen on 10.0.0.1 port 80 | |
- directory { auto index, index "default.htm" } | |
- root "/htdocs/intranet.example.com" | |
-} | |
- | |
-# An IPv6-based server on a non-standard port | |
-server "ipv6.example.com" { | |
- listen on 2001:db8::53f6:3eab port 81 | |
- root "/htdocs/ipv6.example.com" | |
-} | |
- | |
-# Include MIME types instead of the built-in ones | |
-types { | |
- include "/usr/share/misc/mime.types" | |
} | |
diff -ur -x moduli 62/etc/examples/ifstated.conf 63/etc/examples/ifstated.conf | |
--- 62/etc/examples/ifstated.conf 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/examples/ifstated.conf 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,72 +1,52 @@ | |
-# $OpenBSD: ifstated.conf,v 1.1 2014/07/11 16:36:35 deraadt Exp $ | |
-# This is a sample config for a pair of firewalls with two interfaces | |
+# $OpenBSD: ifstated.conf,v 1.2 2018/01/20 23:07:58 mpf Exp $ | |
+# This is a sample config for a pair of firewalls with three physical interfaces | |
# | |
-# carp0 and carp1 have ip addresses on 192.168.3.0/24 and 192.168.6.0/24 | |
-# respectively. | |
- | |
-# net.inet.carp.preempt must be enabled (set to 1) for this to work correctly. | |
- | |
-# Uncomment one of the following lines to force primary/backup status. | |
-# init-state primary | |
-# init-state backup | |
- | |
-carp_up = "carp0.link.up && carp1.link.up" | |
-carp_down = "!carp0.link.up && !carp1.link.up" | |
-carp_sync = "carp0.link.up && carp1.link.up || \ | |
- !carp0.link.up && !carp1.link.up" | |
- | |
-# The "net" addresses are other addresses which can be used to determine | |
-# whether we have connectivity. Make sure the hosts are always up, or | |
-# test multiple ip's, 'or'-ing the tests. | |
-net = '( "ping -q -c 1 -w 1 192.168.6.8 > /dev/null" every 10 && \ | |
- "ping -q -c 1 -w 1 192.168.3.8 > /dev/null" every 10)' | |
- | |
-# The peer addresses below are the real ip addresses of the OTHER firewall | |
-peer = '( "ping -q -c 1 -w 1 192.168.6.7 > /dev/null" every 10 && \ | |
- "ping -q -c 1 -w 1 192.168.3.7 > /dev/null" every 10)' | |
- | |
-state auto { | |
- if $carp_up | |
- set-state primary | |
- if $carp_down | |
- set-state backup | |
-} | |
- | |
-state primary { | |
- init { | |
- run "ifconfig carp0 advskew 10" | |
- run "ifconfig carp1 advskew 10" | |
+# The two firefall interfaces are made redundant on each side using | |
+# carp0 and carp1. | |
+# | |
+# A third interface em2 connects each firewall to the DMZ where it can | |
+# reach a syslog server with the IP 192.168.1.10 | |
+# | |
+# This config does two things: | |
+# 1. Monitor the reachability of the syslog server and demote | |
+# the carp interface group to provoke a failover if the syslog server | |
+# is not reachable. We do that by using ping(1) and checking | |
+# the link state of em2. | |
+# 2. Log carp failovers | |
+ | |
+ | |
+dmz_if_up = 'em2.link.up' | |
+dmz_if_down = 'em2.link.down' | |
+ | |
+syslog_ok = '"ping -q -c 1 -w 1 192.168.1.10 >/dev/null 2>&1" every 10' | |
+ | |
+# ifstated starts up with the first defined state | |
+state neutral { | |
+ if $dmz_if_down { | |
+ run "logger -st ifstated 'interface to syslog server em2 is down'" | |
+ set-state demoted | |
} | |
- if ! $net | |
+ if ! $syslog_ok { | |
+ run "logger -st ifstated 'could not reach syslog server'" | |
set-state demoted | |
+ } | |
} | |
state demoted { | |
init { | |
- run "ifconfig carp0 advskew 254" | |
- run "ifconfig carp1 advskew 254" | |
+ run "ifconfig -g carp carpdemote" | |
} | |
- if $net | |
- set-state primary | |
-} | |
- | |
-state promoted { | |
- init { | |
- run "ifconfig carp0 advskew 0" | |
- run "ifconfig carp1 advskew 0" | |
+ if $dmz_if_up && $syslog_ok { | |
+ run "logger -st ifstated 'syslog server is ok again'" | |
+ # remove our carp demotion | |
+ run "ifconfig -g carp -carpdemote" | |
+ set-state neutral | |
} | |
- if $peer || ! $net | |
- set-state backup | |
} | |
-state backup { | |
- init { | |
- run "ifconfig carp0 advskew 100" | |
- run "ifconfig carp1 advskew 100" | |
- } | |
- # The "sleep 5" below is a hack to dampen the $carp_sync when we come | |
- # out of promoted state. Thinking about the correct fix... | |
- if ! $carp_sync && $net && "sleep 5" every 10 | |
- if ! $carp_sync && $net | |
- set-state promoted | |
-} | |
+# commands in the global scope are always run | |
+if carp0.link.up | |
+ run "logger -st ifstated 'carp0 is master'" | |
+if carp0.link.down | |
+ run "logger -st ifstated 'carp0 is backup'" | |
+ | |
diff -ur -x moduli 62/etc/examples/pf.conf 63/etc/examples/pf.conf | |
--- 62/etc/examples/pf.conf 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/examples/pf.conf 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,4 +1,4 @@ | |
-# $OpenBSD: pf.conf,v 1.2 2015/05/18 16:04:21 reyk Exp $ | |
+# $OpenBSD: pf.conf,v 1.3 2017/11/29 00:15:34 mlarkin Exp $ | |
# | |
# See pf.conf(5) for syntax and examples. | |
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 | |
@@ -31,5 +31,10 @@ | |
#block in quick from urpf-failed to any # use with care | |
+# rules for vmd(8) - NAT and DNS forwarding for VMs (100.64.0.0/10 default) | |
+#pass out on egress from 100.64.0.0/10 to any nat-to (egress) | |
+#pass in proto udp from 100.64.0.0/10 to any port domain \ | |
+# rdr-to $dns_server port domain | |
+ | |
# By default, do not permit remote connections to X11 | |
block return in on ! lo0 proto tcp to port 6000:6010 | |
diff -ur -x moduli 62/etc/examples/relayd.conf 63/etc/examples/relayd.conf | |
--- 62/etc/examples/relayd.conf 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/examples/relayd.conf 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,4 +1,4 @@ | |
-# $OpenBSD: relayd.conf,v 1.3 2014/12/12 10:05:09 reyk Exp $ | |
+# $OpenBSD: relayd.conf,v 1.4 2018/03/23 09:55:06 claudio Exp $ | |
# | |
# Macros | |
# | |
@@ -46,7 +46,7 @@ | |
tcp { nodelay, sack, socket buffer 65536, backlog 128 } | |
# tls { no tlsv1.0, ciphers HIGH } | |
-# tls session cache disable | |
+# tls no session tickets | |
} | |
relay wwwtls { | |
diff -ur -x moduli 62/etc/examples/vm.conf 63/etc/examples/vm.conf | |
--- 62/etc/examples/vm.conf 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/examples/vm.conf 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,4 +1,4 @@ | |
-# $OpenBSD: vm.conf,v 1.7 2017/03/25 16:28:25 reyk Exp $ | |
+# $OpenBSD: vm.conf,v 1.8 2017/11/11 02:50:07 mlarkin Exp $ | |
# | |
# Macros | |
@@ -10,15 +10,14 @@ | |
# | |
switch "uplink" { | |
- # This interface will default to bridge0, but switch(4) is supported | |
+ # This switch will use bridge0, defined by /etc/hostname.bridge0, as | |
+ # the underlying interface. switch(4) is also supported | |
#interface switch0 | |
- | |
- # Add additional members | |
- add em0 | |
+ interface bridge0 | |
} | |
switch "local" { | |
- add vether0 | |
+ interface bridge1 | |
down | |
} | |
diff -ur -x moduli 62/etc/mtree/4.4BSD.dist 63/etc/mtree/4.4BSD.dist | |
--- 62/etc/mtree/4.4BSD.dist 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/mtree/4.4BSD.dist 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,4 +1,4 @@ | |
-# $OpenBSD: 4.4BSD.dist,v 1.299 2017/08/21 20:52:06 rpe Exp $ | |
+# $OpenBSD: 4.4BSD.dist,v 1.301 2017/11/05 10:29:24 rpe Exp $ | |
/set type=dir uname=root gname=wheel mode=0755 | |
@@ -414,10 +414,6 @@ | |
calendar | |
.. | |
- # ./usr/share/compile | |
- compile | |
- .. | |
- | |
# ./usr/share/dict | |
dict | |
papers | |
@@ -475,6 +471,8 @@ | |
man3 | |
loongson | |
.. | |
+ octeon | |
+ .. | |
sgi | |
.. | |
.. | |
@@ -563,6 +561,14 @@ | |
.. | |
mk | |
.. | |
+ | |
+ # ./usr/share/relink | |
+ relink | |
+ | |
+ # ./usr/share/relink/kernel | |
+ kernel | |
+ .. | |
+ .. | |
snmp | |
mibs | |
.. | |
diff -ur -x moduli 62/etc/mtree/special 63/etc/mtree/special | |
--- 62/etc/mtree/special 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/mtree/special 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,4 +1,4 @@ | |
-# $OpenBSD: special,v 1.124 2017/05/03 11:55:36 gsoares Exp $ | |
+# $OpenBSD: special,v 1.125 2018/02/10 05:56:47 florian Exp $ | |
# | |
# Hand-crafted mtree specification for the dangerous files. | |
# | |
@@ -94,6 +94,7 @@ | |
skey type=dir mode=01730 uname=root gname=auth optional | |
.. #skey | |
snmpd.conf type=file mode=0600 uname=root gname=wheel optional | |
+soii.key type=file mode=0600 uname=root gname=wheel optional | |
spwd.db type=file mode=0640 uname=root gname=_shadow | |
ssh type=dir mode=0755 uname=root gname=wheel optional | |
ssh_config type=file mode=0644 uname=root gname=wheel | |
diff -ur -x moduli 62/etc/netstart 63/etc/netstart | |
--- 62/etc/netstart 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/netstart 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
#!/bin/sh - | |
# | |
-# $OpenBSD: netstart,v 1.186 2017/07/25 21:17:11 rpe Exp $ | |
+# $OpenBSD: netstart,v 1.197 2018/03/04 10:12:26 jmc Exp $ | |
# Turn off Strict Bourne shell mode. | |
set +o sh | |
@@ -72,10 +72,35 @@ | |
set +o noglob | |
} | |
+# Create interface $1 if it does not yet exist. | |
+# Usage: ifcreate if1 | |
+ifcreate() { | |
+ local _if=$1 | |
+ | |
+ { ifconfig $_if || ifconfig $_if create; } >/dev/null 2>&1 | |
+} | |
+ | |
+# Create interfaces for network pseudo-devices referred to by hostname.if files. | |
+# Usage: vifscreate | |
+vifscreate() { | |
+ local _vif _hn _if | |
+ | |
+ for _vif in $(ifconfig -C); do | |
+ for _hn in /etc/hostname.${_vif}+([[:digit:]]); do | |
+ [[ -f $_hn ]] || continue | |
+ _if=${_hn#/etc/hostname.} | |
+ | |
+ if ! ifcreate $_if; then | |
+ print -u2 "${0##*/}: create for '$_if' failed." | |
+ fi | |
+ done | |
+ done | |
+} | |
+ | |
# Start a single interface. | |
# Usage: ifstart if1 | |
ifstart() { | |
- local _if=$1 _hn=$HN_DIR/hostname.$1 _cmds _i=0 _line _stat | |
+ local _if=$1 _hn=/etc/hostname.$1 _cmds _i=0 _line _stat | |
set -A _cmds | |
# Interface names must be alphanumeric only. We check to avoid | |
@@ -83,22 +108,21 @@ | |
[[ $_if != +([[:alpha:]])+([[:digit:]]) ]] && return | |
if [[ ! -f $_hn ]]; then | |
- echo "${0##*/}: $_hn: No such file or directory" | |
+ print -u2 "${0##*/}: $_hn: No such file or directory." | |
return | |
fi | |
# Not using stat(1), we can't rely on having /usr yet. | |
set -A _stat -- $(ls -nL $_hn) | |
if [[ "${_stat[0]}${_stat[2]}${_stat[3]}" != *---00 ]]; then | |
- echo "WARNING: $_hn is insecure, fixing permissions" | |
+ print -u2 "WARNING: $_hn is insecure, fixing permissions." | |
chmod -LR o-rwx $_hn | |
chown -LR root:wheel $_hn | |
fi | |
# Check for ifconfig'able interface, except if -n option is specified. | |
if ! $PRINT_ONLY; then | |
- (ifconfig $_if || ifconfig $_if create) >/dev/null 2>&1 || | |
- return | |
+ ifcreate $_if || return | |
fi | |
# Parse the hostname.if(5) file and fill _cmds array with interface | |
@@ -129,9 +153,9 @@ | |
local _sifs=$1 _xifs=$2 _hn _if _sif _xif | |
for _sif in ${_sifs:-ALL}; do | |
- for _hn in /etc/hostname.*; do | |
+ for _hn in /etc/hostname.+([[:alpha:]])+([[:digit:]]); do | |
+ [[ -f $_hn ]] || continue | |
_if=${_hn#/etc/hostname.} | |
- [[ $_if == '*' ]] && continue | |
# Skip unwanted ifs. | |
for _xif in $_xifs; do | |
@@ -144,18 +168,30 @@ | |
done | |
} | |
-# Parse /etc/mygate and add default routes for IPv4 and IPv6 | |
+# Parse /etc/mygate and add default routes for IPv4 and IPv6. | |
# Usage: defaultroute | |
defaultroute() { | |
+ local _cmd; | |
+ | |
! $V4_DHCPCONF && stripcom /etc/mygate | | |
while read gw; do | |
[[ $gw == @(*:*) ]] && continue | |
- route -qn add -host default $gw && break | |
+ _cmd="route -qn add -host default $gw" | |
+ if $PRINT_ONLY; then | |
+ print -r -- "$_cmd" && break | |
+ else | |
+ $_cmd && break | |
+ fi | |
done | |
! $V6_AUTOCONF && stripcom /etc/mygate | | |
while read gw; do | |
[[ $gw == !(*:*) ]] && continue | |
- route -qn add -host -inet6 default $gw && break | |
+ _cmd="route -qn add -host -inet6 default $gw" | |
+ if $PRINT_ONLY; then | |
+ print -r -- "$_cmd" && break | |
+ else | |
+ $_cmd && break | |
+ fi | |
done | |
} | |
@@ -163,9 +199,8 @@ | |
FUNCS_ONLY=1 . /etc/rc.d/rc.subr | |
_rc_parse_conf | |
-HN_DIR=${HN_DIR:-/etc} | |
PRINT_ONLY=false | |
-USAGE="USAGE: ${0##*/} [-n] [interface ...]" | |
+USAGE="usage: ${0##*/} [[-n] interface ...]" | |
V4_DHCPCONF=false | |
V6_AUTOCONF=false | |
@@ -179,10 +214,15 @@ | |
# Option -n is only supported if interface names are specified as parameters. | |
if $PRINT_ONLY && (($# == 0)); then | |
- print -u2 "Missing parameters.\n$USAGE" | |
+ print -u2 "$USAGE" | |
exit 1 | |
fi | |
+# Load key material for the generation of IPv6 Semantically Opaque Interface | |
+# Identifiers (SOII) used for link local and SLAAC addresses. | |
+$PRINT_ONLY || [[ ! -f /etc/soii.key ]] || | |
+ sysctl -q "net.inet6.ip6.soiikey=$(</etc/soii.key)" | |
+ | |
# If we were invoked with a list of interface names, just reconfigure these | |
# interfaces (or bridges), add default routes and return. | |
if (($# > 0)); then | |
@@ -200,8 +240,8 @@ | |
# automatically invokes the IPv6 address ::1. | |
ifconfig lo0 inet 127.0.0.1/8 | |
+# IPv6 configuration. | |
if ifconfig lo0 inet6 >/dev/null 2>&1; then | |
- # IPv6 configurations. | |
ip6kernel=YES | |
# Disallow link-local unicast dest without outgoing scope identifiers. | |
@@ -216,12 +256,6 @@ | |
# Disallow "internal" addresses to appear on the wire. | |
route -qn add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject >/dev/null | |
- # Disallow packets to malicious IPv4 compatible prefix. | |
- route -qn add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject >/dev/null | |
- route -qn add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject >/dev/null | |
- route -qn add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject >/dev/null | |
- route -qn add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject >/dev/null | |
- | |
# Disallow packets to malicious 6to4 prefix. | |
route -qn add -inet6 2002:e000:: -prefixlen 20 ::1 -reject >/dev/null | |
route -qn add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject >/dev/null | |
@@ -252,17 +286,19 @@ | |
ip6kernel=NO | |
fi | |
+# Create all the pseudo interfaces up front. | |
+vifscreate | |
# Configure all the non-loopback interfaces which we know about, but | |
# do not start interfaces which must be delayed. Refer to hostname.if(5) | |
-ifmstart "" "trunk svlan vlan carp gif gre pfsync pppoe tun bridge switch pflow" | |
+ifmstart "" "trunk svlan vlan carp pppoe tun tap gif etherip gre egre mobileip pflow" | |
# The trunk interfaces need to come up first in this list. | |
# The (s)vlan interfaces need to come up after trunk. | |
# Configure all the carp interfaces which we know about before default route. | |
-ifmstart "trunk svlan vlan carp" | |
+ifmstart "trunk svlan vlan carp pppoe" | |
-# Look for default routes in /etc/mygate. | |
+# Set default routes for IPv4 and IPv6. | |
defaultroute | |
# Multicast routing. | |
@@ -271,17 +307,14 @@ | |
route -qn add -net 224.0.0.0/4 -interface 127.0.0.1 -reject >/dev/null | |
fi | |
-# Configure PPPoE, GIF, GRE, TUN and PFLOW interfaces, delayed because they | |
-# require routes to be set. TUN might depend on PPPoE, and GIF or GRE may | |
-# depend on either of them. PFLOW might bind to ip addresses configured | |
-# on either of them. | |
-ifmstart "pppoe tun gif gre bridge switch pflow" | |
- | |
# Reject 127/8 other than 127.0.0.1. | |
route -qn add -net 127 127.0.0.1 -reject >/dev/null | |
+# Configure interfaces that rely on routing | |
+ifmstart "tun tap gif etherip gre egre mobileip pflow" | |
+ | |
if [[ $ip6kernel == YES ]]; then | |
- # This is to make sure DAD is completed before going further. | |
+ # Ensure IPv6 Duplicate Address Detection (DAD) is completed. | |
count=0 | |
while ((count++ < 10 && $(sysctl -n net.inet6.ip6.dad_pending) != 0)); do | |
sleep 1 | |
diff -ur -x moduli 62/etc/rc 63/etc/rc | |
--- 62/etc/rc 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,4 +1,4 @@ | |
-# $OpenBSD: rc,v 1.517 2017/08/29 16:56:13 rpe Exp $ | |
+# $OpenBSD: rc,v 1.525 2018/02/18 18:52:02 rpe Exp $ | |
# System startup script run by init on autoboot or after single-user. | |
# Output and error are redirected to console by init, and the console is the | |
@@ -49,16 +49,20 @@ | |
# Apply sysctl.conf(5) settings. | |
sysctl_conf() { | |
- stripcom /etc/sysctl.conf | | |
- while read _line; do | |
- sysctl "$_line" | |
+ # do not use a pipe as limits would only be applied to the subshell | |
+ set -- $(stripcom /etc/sysctl.conf) | |
+ while [[ $# > 0 ]] ; do | |
+ sysctl "$1" | |
- case $_line in | |
+ case "$1" in | |
kern.maxproc=*) | |
- update_limit -p maxproc;; | |
+ update_limit -p maxproc | |
+ ;; | |
kern.maxfiles=*) | |
- update_limit -n openfiles;; | |
+ update_limit -n openfiles | |
+ ;; | |
esac | |
+ shift | |
done | |
} | |
@@ -154,45 +158,57 @@ | |
fi | |
ssh-keygen -A | |
+ | |
+ if [[ ! -f /etc/soii.key ]]; then | |
+ openssl rand -hex 16 > /etc/soii.key && | |
+ chmod 600 /etc/soii.key && sysctl -q \ | |
+ "net.inet6.ip6.soiikey=$(</etc/soii.key)" | |
+ fi | |
} | |
# Re-link libraries, placing the objects in a random order. | |
reorder_libs() { | |
- local _dkdev _liba _libas _mp _tmpdir _remount=false _error=false | |
+ local _error=false _dkdev _liba _libas _mp _ro_list _tmpdir | |
+ local _relink=/usr/share/relink | |
[[ $library_aslr == NO ]] && return | |
- _dkdev=$(df /usr/lib | sed '1d;s/ .*//') | |
- _mp=$(mount | grep "^$_dkdev") | |
- | |
- # Skip if /usr/lib is on a nfs mounted filesystem. | |
- [[ $_mp == *' type nfs '* ]] && return | |
+ # Skip if /usr/lib, /usr/libexec or /usr/share/relink are on nfs mounted | |
+ # filesystems, otherwise record which ones are mounted read-only. | |
+ for _d in /usr/{lib,libexec,share/relink}; do | |
+ _dkdev=$(df $_d | sed '1d;s/ .*//') | |
+ _mp=$(mount | grep "^$_dkdev") | |
+ [[ $_mp == *" type nfs "* ]] && return | |
+ if [[ $_mp == *" type ffs "*"read-only"* && | |
+ $_ro_list != *${_mp%% *}* ]]; then | |
+ _ro_list="$_ro_list ${_mp%% *}" | |
+ fi | |
+ done | |
echo -n 'reordering libraries:' | |
- # Remount read-write, if /usr/lib is on a read-only ffs filesystem. | |
- if [[ $_mp == *' type ffs '*'read-only'* ]]; then | |
- if mount -u -w $_dkdev; then | |
- _remount=true | |
- else | |
+ # Remount the (read-only) filessystems in _ro_list as read-write. | |
+ for _mp in $_ro_list; do | |
+ if ! mount -u -w $_mp; then | |
echo ' failed.' | |
return | |
fi | |
- fi | |
+ done | |
# Only choose the latest version of the libraries. | |
- for _liba in /usr/lib/lib{c,crypto}; do | |
+ for _liba in $_relink/usr/lib/lib{c,crypto}; do | |
_libas="$_libas $(ls $_liba.so.+([0-9.]).a | sort -rV | head -1)" | |
done | |
- _libas=${_libas# } | |
- for _liba in /usr/libdata/ld.so.a $_libas; do | |
- _tmpdir=$(mktemp -dq /tmp/_librebuild.XXXXXXXXXXXX) && | |
+ for _liba in $_relink/usr/libexec/ld.so.a $_libas; do | |
+ _tmpdir=$(mktemp -dq $_relink/_rebuild.XXXXXXXXXXXX) && | |
( | |
set -o errexit | |
_install='install -F -S -o root -g bin -m 0444' | |
_lib=${_liba##*/} | |
_lib=${_lib%.a} | |
+ _lib_dir=${_liba#$_relink} | |
+ _lib_dir=${_lib_dir%/*} | |
cd $_tmpdir | |
ar x $_liba | |
if [[ $_lib == ld.so ]]; then | |
@@ -202,24 +218,24 @@ | |
chmod u+x test-ld.so | |
[[ $(./test-ld.so ok) == './test-ld.so: ok!' ]] | |
$_install /usr/libexec/ld.so /usr/libexec/ld.so.save | |
- $_install ld.so.test /usr/libexec/ld.so | |
+ $_install ld.so.test $_lib_dir/ld.so | |
else | |
cc -shared -o $_lib $(ls *.so | sort -R) $(cat .ldadd) | |
[[ -s $_lib ]] && file $_lib | fgrep -q 'shared object' | |
LD_BIND_NOW=1 LD_LIBRARY_PATH=$_tmpdir awk 'BEGIN {exit 0}' | |
LD_BIND_NOW=1 LD_LIBRARY_PATH=$_tmpdir openssl \ | |
x509 -in /etc/ssl/cert.pem -out /dev/null | |
- $_install $_lib ${_liba%/*}/$_lib | |
+ $_install $_lib $_lib_dir/$_lib | |
fi | |
) || { _error=true; break; } | |
done | |
- rm -rf /tmp/_librebuild.* | |
+ rm -rf $_relink/_rebuild.* | |
# Restore previous mount state if it was changed. | |
- if $_remount; then | |
- mount -u -r $_dkdev || _error=true | |
- fi | |
+ for _mp in $_ro_list; do | |
+ mount -u -r $_mp || _error=true | |
+ done | |
if $_error; then | |
echo ' failed.' | |
@@ -299,7 +315,7 @@ | |
# - execute the rc.d scripts specified by $pkg_scripts in reverse order | |
# - bring carp interfaces down gracefully | |
if [[ $1 == shutdown ]]; then | |
- if echo 2>/dev/null >>/var/db/host.random || \ | |
+ if echo 2>/dev/null >>/var/db/host.random || | |
echo 2>/dev/null >>/etc/random.seed; then | |
random_seed | |
else | |
diff -ur -x moduli 62/etc/rc.d/amd 63/etc/rc.d/amd | |
--- 62/etc/rc.d/amd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/amd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: amd,v 1.7 2015/07/15 13:50:54 ajacoutot Exp $ | |
+# $OpenBSD: amd,v 1.9 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/amd" | |
@@ -11,7 +11,7 @@ | |
rc_stop=NO | |
rc_pre() { | |
- [ -e ${amd_master} ] || return 1 | |
+ [[ -e ${amd_master} ]] || return 1 | |
daemon_flags="${daemon_flags} $(print -rn -- $(< ${amd_master}))" | |
} | |
diff -ur -x moduli 62/etc/rc.d/apmd 63/etc/rc.d/apmd | |
--- 62/etc/rc.d/apmd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/apmd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: apmd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: apmd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/apmd" | |
diff -ur -x moduli 62/etc/rc.d/bgpd 63/etc/rc.d/bgpd | |
--- 62/etc/rc.d/bgpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/bgpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: bgpd,v 1.3 2016/02/07 20:56:48 sthen Exp $ | |
+# $OpenBSD: bgpd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/bgpd" | |
diff -ur -x moduli 62/etc/rc.d/bootparamd 63/etc/rc.d/bootparamd | |
--- 62/etc/rc.d/bootparamd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/bootparamd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: bootparamd,v 1.2 2011/07/08 02:15:34 robert Exp $ | |
+# $OpenBSD: bootparamd,v 1.4 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/rpc.bootparamd" | |
@@ -9,7 +9,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ -s /etc/bootparams ] | |
+ [[ -s /etc/bootparams ]] | |
} | |
rc_cmd $1 | |
diff -ur -x moduli 62/etc/rc.d/cron 63/etc/rc.d/cron | |
--- 62/etc/rc.d/cron 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/cron 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: cron,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: cron,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/cron" | |
diff -ur -x moduli 62/etc/rc.d/dhcpd 63/etc/rc.d/dhcpd | |
--- 62/etc/rc.d/dhcpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/dhcpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: dhcpd,v 1.2 2011/07/08 04:29:54 ajacoutot Exp $ | |
+# $OpenBSD: dhcpd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/dhcpd" | |
diff -ur -x moduli 62/etc/rc.d/dhcrelay 63/etc/rc.d/dhcrelay | |
--- 62/etc/rc.d/dhcrelay 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/dhcrelay 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: dhcrelay,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: dhcrelay,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/dhcrelay" | |
diff -ur -x moduli 62/etc/rc.d/dhcrelay6 63/etc/rc.d/dhcrelay6 | |
--- 62/etc/rc.d/dhcrelay6 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/dhcrelay6 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: dhcrelay6,v 1.1 2017/03/17 17:57:40 rzalamena Exp $ | |
+# $OpenBSD: dhcrelay6,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/dhcrelay6" | |
diff -ur -x moduli 62/etc/rc.d/dvmrpd 63/etc/rc.d/dvmrpd | |
--- 62/etc/rc.d/dvmrpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/dvmrpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: dvmrpd,v 1.3 2016/02/07 21:00:16 sthen Exp $ | |
+# $OpenBSD: dvmrpd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/dvmrpd" | |
diff -ur -x moduli 62/etc/rc.d/eigrpd 63/etc/rc.d/eigrpd | |
--- 62/etc/rc.d/eigrpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/eigrpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: eigrpd,v 1.3 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: eigrpd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/eigrpd" | |
diff -ur -x moduli 62/etc/rc.d/ftpd 63/etc/rc.d/ftpd | |
--- 62/etc/rc.d/ftpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ftpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ftpd,v 1.3 2011/12/21 09:26:29 ajacoutot Exp $ | |
+# $OpenBSD: ftpd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/libexec/ftpd -D" | |
diff -ur -x moduli 62/etc/rc.d/ftpproxy 63/etc/rc.d/ftpproxy | |
--- 62/etc/rc.d/ftpproxy 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ftpproxy 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ftpproxy,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: ftpproxy,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ftp-proxy" | |
diff -ur -x moduli 62/etc/rc.d/ftpproxy6 63/etc/rc.d/ftpproxy6 | |
--- 62/etc/rc.d/ftpproxy6 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ftpproxy6 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ftpproxy6,v 1.1 2015/09/12 14:48:06 sthen Exp $ | |
+# $OpenBSD: ftpproxy6,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ftp-proxy -6" | |
diff -ur -x moduli 62/etc/rc.d/hostapd 63/etc/rc.d/hostapd | |
--- 62/etc/rc.d/hostapd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/hostapd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: hostapd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: hostapd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/hostapd" | |
diff -ur -x moduli 62/etc/rc.d/hotplugd 63/etc/rc.d/hotplugd | |
--- 62/etc/rc.d/hotplugd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/hotplugd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: hotplugd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: hotplugd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/hotplugd" | |
diff -ur -x moduli 62/etc/rc.d/httpd 63/etc/rc.d/httpd | |
--- 62/etc/rc.d/httpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/httpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: httpd,v 1.5 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: httpd,v 1.6 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/httpd" | |
diff -ur -x moduli 62/etc/rc.d/identd 63/etc/rc.d/identd | |
--- 62/etc/rc.d/identd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/identd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: identd,v 1.7 2013/12/11 16:25:48 jca Exp $ | |
+# $OpenBSD: identd,v 1.8 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/identd" | |
daemon_flags="-e" | |
diff -ur -x moduli 62/etc/rc.d/ifstated 63/etc/rc.d/ifstated | |
--- 62/etc/rc.d/ifstated 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ifstated 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ifstated,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: ifstated,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ifstated" | |
diff -ur -x moduli 62/etc/rc.d/iked 63/etc/rc.d/iked | |
--- 62/etc/rc.d/iked 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/iked 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: iked,v 1.3 2015/12/19 13:45:12 ajacoutot Exp $ | |
+# $OpenBSD: iked,v 1.6 2018/01/11 22:44:44 rpe Exp $ | |
daemon="/sbin/iked" | |
@@ -8,11 +8,11 @@ | |
pexp="iked: parent.*" | |
+# Child will not return a config parsing error to the parent. | |
rc_pre() { | |
- [ X"${sasyncd_flags}" != X"NO" ] && \ | |
+ [[ ${sasyncd_flags} != NO ]] && | |
daemon_flags="-S ${daemon_flags}" | |
- #return 0 | |
- # child will not return a config parsing error to the parent | |
+ | |
${daemon} -n ${daemon_flags} | |
} | |
diff -ur -x moduli 62/etc/rc.d/inetd 63/etc/rc.d/inetd | |
--- 62/etc/rc.d/inetd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/inetd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: inetd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: inetd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/inetd" | |
diff -ur -x moduli 62/etc/rc.d/isakmpd 63/etc/rc.d/isakmpd | |
--- 62/etc/rc.d/isakmpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/isakmpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: isakmpd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: isakmpd,v 1.3 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/sbin/isakmpd" | |
@@ -9,7 +9,7 @@ | |
pexp="isakmpd: monitor \[priv\]" | |
rc_pre() { | |
- [ X"${sasyncd_flags}" != X"NO" ] && \ | |
+ [[ ${sasyncd_flags} != NO ]] && | |
daemon_flags="-S ${daemon_flags}" | |
return 0 | |
} | |
diff -ur -x moduli 62/etc/rc.d/iscsid 63/etc/rc.d/iscsid | |
--- 62/etc/rc.d/iscsid 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/iscsid 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: iscsid,v 1.1 2014/07/13 12:07:11 claudio Exp $ | |
+# $OpenBSD: iscsid,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/iscsid" | |
control="/usr/sbin/iscsictl" | |
diff -ur -x moduli 62/etc/rc.d/ldapd 63/etc/rc.d/ldapd | |
--- 62/etc/rc.d/ldapd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ldapd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ldapd,v 1.2 2011/09/16 10:13:24 robert Exp $ | |
+# $OpenBSD: ldapd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ldapd" | |
diff -ur -x moduli 62/etc/rc.d/ldattach 63/etc/rc.d/ldattach | |
--- 62/etc/rc.d/ldattach 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ldattach 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ldattach,v 1.2 2011/07/08 02:15:34 robert Exp $ | |
+# $OpenBSD: ldattach,v 1.4 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/sbin/ldattach" | |
@@ -9,7 +9,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ -n "${ldattach_flags}" ] | |
+ [[ -n ${ldattach_flags} ]] | |
} | |
rc_cmd $1 | |
diff -ur -x moduli 62/etc/rc.d/ldomd 63/etc/rc.d/ldomd | |
--- 62/etc/rc.d/ldomd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ldomd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ldomd,v 1.1 2012/11/04 17:12:36 kettenis Exp $ | |
+# $OpenBSD: ldomd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ldomd" | |
diff -ur -x moduli 62/etc/rc.d/ldpd 63/etc/rc.d/ldpd | |
--- 62/etc/rc.d/ldpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ldpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ldpd,v 1.2 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: ldpd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ldpd" | |
diff -ur -x moduli 62/etc/rc.d/lockd 63/etc/rc.d/lockd | |
--- 62/etc/rc.d/lockd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/lockd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: lockd,v 1.1 2011/07/08 00:54:04 ajacoutot Exp $ | |
+# $OpenBSD: lockd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/rpc.lockd" | |
diff -ur -x moduli 62/etc/rc.d/lpd 63/etc/rc.d/lpd | |
--- 62/etc/rc.d/lpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/lpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: lpd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: lpd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/lpd" | |
diff -ur -x moduli 62/etc/rc.d/mopd 63/etc/rc.d/mopd | |
--- 62/etc/rc.d/mopd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/mopd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: mopd,v 1.3 2011/09/19 20:42:24 ajacoutot Exp $ | |
+# $OpenBSD: mopd,v 1.5 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/mopd" | |
daemon_flags="-a" | |
@@ -10,7 +10,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ -d /tftpboot/mop ] | |
+ [[ -d /tftpboot/mop ]] | |
} | |
rc_cmd $1 | |
diff -ur -x moduli 62/etc/rc.d/mountd 63/etc/rc.d/mountd | |
--- 62/etc/rc.d/mountd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/mountd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: mountd,v 1.6 2015/12/26 09:55:15 ajacoutot Exp $ | |
+# $OpenBSD: mountd,v 1.8 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/sbin/mountd" | |
@@ -10,8 +10,8 @@ | |
rc_stop=NO | |
rc_pre() { | |
- [ -s /etc/exports ] && grep -qv '^#' /etc/exports && \ | |
- rm -f /var/db/mountdtab && \ | |
+ [[ -s /etc/exports ]] && grep -qv '^#' /etc/exports && | |
+ rm -f /var/db/mountdtab && | |
echo -n > /var/db/mountdtab | |
} | |
diff -ur -x moduli 62/etc/rc.d/mrouted 63/etc/rc.d/mrouted | |
--- 62/etc/rc.d/mrouted 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/mrouted 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: mrouted,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: mrouted,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/mrouted" | |
diff -ur -x moduli 62/etc/rc.d/nfsd 63/etc/rc.d/nfsd | |
--- 62/etc/rc.d/nfsd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/nfsd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: nfsd,v 1.6 2014/08/22 08:10:38 jsg Exp $ | |
+# $OpenBSD: nfsd,v 1.8 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/sbin/nfsd" | |
daemon_flags="-tun 4" | |
@@ -12,7 +12,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ -s /etc/exports ] && grep -qv '^#' /etc/exports | |
+ [[ -s /etc/exports ]] && grep -qv '^#' /etc/exports | |
} | |
rc_cmd $1 | |
diff -ur -x moduli 62/etc/rc.d/npppd 63/etc/rc.d/npppd | |
--- 62/etc/rc.d/npppd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/npppd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: npppd,v 1.2 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: npppd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/npppd" | |
diff -ur -x moduli 62/etc/rc.d/nsd 63/etc/rc.d/nsd | |
--- 62/etc/rc.d/nsd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/nsd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: nsd,v 1.9 2014/12/29 11:17:05 ajacoutot Exp $ | |
+# $OpenBSD: nsd,v 1.10 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/nsd-control" | |
daemon_flags="-c /var/nsd/etc/nsd.conf" | |
diff -ur -x moduli 62/etc/rc.d/ntpd 63/etc/rc.d/ntpd | |
--- 62/etc/rc.d/ntpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ntpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ntpd,v 1.3 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: ntpd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ntpd" | |
diff -ur -x moduli 62/etc/rc.d/ospf6d 63/etc/rc.d/ospf6d | |
--- 62/etc/rc.d/ospf6d 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ospf6d 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ospf6d,v 1.2 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: ospf6d,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ospf6d" | |
diff -ur -x moduli 62/etc/rc.d/ospfd 63/etc/rc.d/ospfd | |
--- 62/etc/rc.d/ospfd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ospfd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ospfd,v 1.2 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: ospfd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ospfd" | |
diff -ur -x moduli 62/etc/rc.d/pflogd 63/etc/rc.d/pflogd | |
--- 62/etc/rc.d/pflogd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/pflogd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: pflogd,v 1.2 2011/07/08 21:42:52 robert Exp $ | |
+# $OpenBSD: pflogd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/sbin/pflogd" | |
diff -ur -x moduli 62/etc/rc.d/portmap 63/etc/rc.d/portmap | |
--- 62/etc/rc.d/portmap 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/portmap 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: portmap,v 1.2 2011/07/07 05:20:38 ajacoutot Exp $ | |
+# $OpenBSD: portmap,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/portmap" | |
diff -ur -x moduli 62/etc/rc.d/radiusd 63/etc/rc.d/radiusd | |
--- 62/etc/rc.d/radiusd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/radiusd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: radiusd,v 1.1 2015/08/03 04:19:25 yasuoka Exp $ | |
+# $OpenBSD: radiusd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/radiusd" | |
diff -ur -x moduli 62/etc/rc.d/rarpd 63/etc/rc.d/rarpd | |
--- 62/etc/rc.d/rarpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/rarpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: rarpd,v 1.3 2011/09/19 20:42:24 ajacoutot Exp $ | |
+# $OpenBSD: rarpd,v 1.5 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/rarpd" | |
daemon_flags="-a" | |
@@ -10,7 +10,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ -s /etc/ethers ] | |
+ [[ -s /etc/ethers ]] | |
} | |
rc_cmd $1 | |
diff -ur -x moduli 62/etc/rc.d/rbootd 63/etc/rc.d/rbootd | |
--- 62/etc/rc.d/rbootd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/rbootd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: rbootd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: rbootd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/rbootd" | |
diff -ur -x moduli 62/etc/rc.d/rebound 63/etc/rc.d/rebound | |
--- 62/etc/rc.d/rebound 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/rebound 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: rebound,v 1.1 2015/11/30 23:35:30 jturner Exp $ | |
+# $OpenBSD: rebound,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/rebound" | |
diff -ur -x moduli 62/etc/rc.d/relayd 63/etc/rc.d/relayd | |
--- 62/etc/rc.d/relayd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/relayd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,12 +1,12 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: relayd,v 1.3 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: relayd,v 1.5 2018/01/11 22:44:44 rpe Exp $ | |
daemon="/usr/sbin/relayd" | |
. /etc/rc.d/rc.subr | |
-# child will not return a config parsing error to the parent | |
+# Child will not return a config parsing error to the parent. | |
rc_pre() { | |
${daemon} -n ${daemon_flags} | |
} | |
diff -ur -x moduli 62/etc/rc.d/ripd 63/etc/rc.d/ripd | |
--- 62/etc/rc.d/ripd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ripd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ripd,v 1.2 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: ripd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ripd" | |
diff -ur -x moduli 62/etc/rc.d/route6d 63/etc/rc.d/route6d | |
--- 62/etc/rc.d/route6d 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/route6d 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: route6d,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: route6d,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/route6d" | |
diff -ur -x moduli 62/etc/rc.d/rtadvd 63/etc/rc.d/rtadvd | |
--- 62/etc/rc.d/rtadvd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/rtadvd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: rtadvd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: rtadvd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/rtadvd" | |
diff -ur -x moduli 62/etc/rc.d/sasyncd 63/etc/rc.d/sasyncd | |
--- 62/etc/rc.d/sasyncd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/sasyncd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: sasyncd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: sasyncd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/sasyncd" | |
diff -ur -x moduli 62/etc/rc.d/sensorsd 63/etc/rc.d/sensorsd | |
--- 62/etc/rc.d/sensorsd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/sensorsd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: sensorsd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: sensorsd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/sensorsd" | |
diff -ur -x moduli 62/etc/rc.d/slaacd 63/etc/rc.d/slaacd | |
--- 62/etc/rc.d/slaacd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/slaacd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: slaacd,v 1.2 2017/06/03 10:00:29 florian Exp $ | |
+# $OpenBSD: slaacd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/sbin/slaacd" | |
diff -ur -x moduli 62/etc/rc.d/slowcgi 63/etc/rc.d/slowcgi | |
--- 62/etc/rc.d/slowcgi 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/slowcgi 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: slowcgi,v 1.1 2013/06/01 14:06:20 naddy Exp $ | |
+# $OpenBSD: slowcgi,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/slowcgi" | |
diff -ur -x moduli 62/etc/rc.d/smtpd 63/etc/rc.d/smtpd | |
--- 62/etc/rc.d/smtpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/smtpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: smtpd,v 1.6 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: smtpd,v 1.7 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/smtpd" | |
diff -ur -x moduli 62/etc/rc.d/sndiod 63/etc/rc.d/sndiod | |
--- 62/etc/rc.d/sndiod 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/sndiod 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: sndiod,v 1.4 2016/04/28 09:15:16 ajacoutot Exp $ | |
+# $OpenBSD: sndiod,v 1.5 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/bin/sndiod" | |
diff -ur -x moduli 62/etc/rc.d/snmpd 63/etc/rc.d/snmpd | |
--- 62/etc/rc.d/snmpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/snmpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: snmpd,v 1.3 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: snmpd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/snmpd" | |
diff -ur -x moduli 62/etc/rc.d/spamd 63/etc/rc.d/spamd | |
--- 62/etc/rc.d/spamd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/spamd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: spamd,v 1.8 2017/03/23 10:10:54 ajacoutot Exp $ | |
+# $OpenBSD: spamd,v 1.10 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/libexec/spamd" | |
@@ -10,7 +10,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- if [ X"${spamd_black}" != X"NO" ]; then | |
+ if [[ ${spamd_black} != NO ]]; then | |
daemon_flags="-b ${daemon_flags}" | |
spamd_setup_flags="-b" | |
fi | |
diff -ur -x moduli 62/etc/rc.d/spamlogd 63/etc/rc.d/spamlogd | |
--- 62/etc/rc.d/spamlogd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/spamlogd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: spamlogd,v 1.2 2011/08/08 17:13:31 robert Exp $ | |
+# $OpenBSD: spamlogd,v 1.4 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/libexec/spamlogd" | |
@@ -9,7 +9,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ X"${spamd_flags}" != X"NO" -a X"${spamd_black}" = X"NO" ] | |
+ [[ ${spamd_flags} != NO && ${spamd_black} == NO ]] | |
if pfctl -si | grep -q Enabled; then | |
ifconfig pflog0 create | |
if ifconfig pflog0; then | |
diff -ur -x moduli 62/etc/rc.d/sshd 63/etc/rc.d/sshd | |
--- 62/etc/rc.d/sshd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/sshd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: sshd,v 1.3 2015/07/15 13:50:54 ajacoutot Exp $ | |
+# $OpenBSD: sshd,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/sshd" | |
diff -ur -x moduli 62/etc/rc.d/statd 63/etc/rc.d/statd | |
--- 62/etc/rc.d/statd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/statd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: statd,v 1.1 2011/07/08 00:54:04 ajacoutot Exp $ | |
+# $OpenBSD: statd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/rpc.statd" | |
diff -ur -x moduli 62/etc/rc.d/switchd 63/etc/rc.d/switchd | |
--- 62/etc/rc.d/switchd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/switchd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,12 +1,12 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: switchd,v 1.1 2016/10/06 20:20:41 reyk Exp $ | |
+# $OpenBSD: switchd,v 1.3 2018/01/11 22:44:44 rpe Exp $ | |
daemon="/usr/sbin/switchd" | |
. /etc/rc.d/rc.subr | |
-# child will not return a config loading error to the parent | |
+# Child will not return a config loading error to the parent. | |
rc_pre() { | |
${daemon} -n ${daemon_flags} | |
} | |
diff -ur -x moduli 62/etc/rc.d/syslogd 63/etc/rc.d/syslogd | |
--- 62/etc/rc.d/syslogd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/syslogd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: syslogd,v 1.4 2014/07/18 18:20:42 deraadt Exp $ | |
+# $OpenBSD: syslogd,v 1.5 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/syslogd" | |
diff -ur -x moduli 62/etc/rc.d/tftpd 63/etc/rc.d/tftpd | |
--- 62/etc/rc.d/tftpd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/tftpd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: tftpd,v 1.2 2012/07/07 09:35:36 ajacoutot Exp $ | |
+# $OpenBSD: tftpd,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/tftpd" | |
daemon_flags="/tftpboot" | |
diff -ur -x moduli 62/etc/rc.d/tftpproxy 63/etc/rc.d/tftpproxy | |
--- 62/etc/rc.d/tftpproxy 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/tftpproxy 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: tftpproxy,v 1.2 2015/07/15 13:50:54 ajacoutot Exp $ | |
+# $OpenBSD: tftpproxy,v 1.3 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/tftp-proxy" | |
diff -ur -x moduli 62/etc/rc.d/unbound 63/etc/rc.d/unbound | |
--- 62/etc/rc.d/unbound 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/unbound 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: unbound,v 1.3 2015/07/19 17:31:21 sthen Exp $ | |
+# $OpenBSD: unbound,v 1.5 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/unbound" | |
daemon_flags="-c /var/unbound/etc/unbound.conf" | |
@@ -17,7 +17,7 @@ | |
} | |
rc_start() { | |
- /usr/sbin/unbound-checkconf > /dev/null && \ | |
+ /usr/sbin/unbound-checkconf > /dev/null && | |
${rcexec} "unbound ${daemon_flags}" | |
} | |
diff -ur -x moduli 62/etc/rc.d/vmd 63/etc/rc.d/vmd | |
--- 62/etc/rc.d/vmd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/vmd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,14 +1,29 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: vmd,v 1.4 2016/02/02 17:51:11 sthen Exp $ | |
+# $OpenBSD: vmd,v 1.7 2018/02/20 10:12:14 sthen Exp $ | |
daemon="/usr/sbin/vmd" | |
. /etc/rc.d/rc.subr | |
-# child will not return a config parsing error to the parent | |
+# Child will not return a config parsing error to the parent. | |
rc_pre() { | |
${daemon} -n ${daemon_flags} | |
} | |
+list_running() { | |
+ vmctl status | awk '$2 ~ "[0-9]" {print $8}' | |
+} | |
+ | |
+rc_stop() { | |
+ for vm in $(list_running); do | |
+ _rc_do vmctl stop "$vm" | |
+ while list_running | fgrep -wq "$vm"; do | |
+ sleep .1 | |
+ done | |
+ done | |
+ | |
+ pkill -T "${daemon_rtable}" -xf "${pexp}" | |
+} | |
+ | |
rc_cmd $1 | |
diff -ur -x moduli 62/etc/rc.d/watchdogd 63/etc/rc.d/watchdogd | |
--- 62/etc/rc.d/watchdogd 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/watchdogd 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: watchdogd,v 1.1 2011/07/06 18:55:36 robert Exp $ | |
+# $OpenBSD: watchdogd,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/watchdogd" | |
diff -ur -x moduli 62/etc/rc.d/wsmoused 63/etc/rc.d/wsmoused | |
--- 62/etc/rc.d/wsmoused 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/wsmoused 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: wsmoused,v 1.1 2011/07/07 22:23:56 robert Exp $ | |
+# $OpenBSD: wsmoused,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/wsmoused" | |
diff -ur -x moduli 62/etc/rc.d/xenodm 63/etc/rc.d/xenodm | |
--- 62/etc/rc.d/xenodm 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/xenodm 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: xenodm,v 1.1 2017/02/26 16:51:18 matthieu Exp $ | |
+# $OpenBSD: xenodm,v 1.2 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/X11R6/bin/xenodm" | |
diff -ur -x moduli 62/etc/rc.d/ypbind 63/etc/rc.d/ypbind | |
--- 62/etc/rc.d/ypbind 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ypbind 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ypbind,v 1.7 2017/05/27 19:55:48 ajacoutot Exp $ | |
+# $OpenBSD: ypbind,v 1.9 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/ypbind" | |
@@ -10,7 +10,7 @@ | |
rc_reload=NO | |
rc_pre() { | |
- [ X"`domainname`" != X"" ] | |
+ [[ -n $(domainname) ]] | |
} | |
rc_post() { | |
diff -ur -x moduli 62/etc/rc.d/ypldap 63/etc/rc.d/ypldap | |
--- 62/etc/rc.d/ypldap 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ypldap 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,6 +1,6 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ypldap,v 1.3 2015/07/15 13:50:54 ajacoutot Exp $ | |
+# $OpenBSD: ypldap,v 1.4 2018/01/11 19:52:12 rpe Exp $ | |
daemon="/usr/sbin/ypldap" | |
diff -ur -x moduli 62/etc/rc.d/ypserv 63/etc/rc.d/ypserv | |
--- 62/etc/rc.d/ypserv 2017-10-04 05:13:10.000000000 +0200 | |
+++ 63/etc/rc.d/ypserv 2018-03-24 21:12:24.000000000 +0100 | |
@@ -1,13 +1,13 @@ | |
-#!/bin/sh | |
+#!/bin/ksh | |
# | |
-# $OpenBSD: ypserv,v 1.4 2011/10/06 06:47:50 ajacoutot Exp $ | |
+# $OpenBSD: ypserv,v 1.6 2018/01/11 21:09:26 rpe Exp $ | |
daemon="/usr/sbin/ypserv" | |
. /etc/rc.d/rc.subr | |
rc_pre() { | |
- [ X"`domainname`" != X"" -a -d /var/yp/`domainname` ] | |
+ [[ -n $(domainname) && -d /var/yp/$(domainname) ]] | |
} | |
rc_cmd $1 | |
Tylko w 62/etc/signify: openbsd-60-base.pub | |
Tylko w 62/etc/signify: openbsd-60-fw.pub | |
Tylko w 62/etc/signify: openbsd-60-pkg.pub | |
Tylko w 63/etc/signify: openbsd-63-syspatch.pub | |
Tylko w 63/etc/signify: openbsd-64-base.pub | |
Tylko w 63/etc/signify: openbsd-64-fw.pub | |
Tylko w 63/etc/signify: openbsd-64-pkg.pub | |
Tylko w 63/etc/signify: openbsd-64-syspatch.pub |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment