469fd606 | 16-May-2020 |
Aaron LI <aly@aaronly.me> |
installer: Fix process killing issue in installer.sh
The original way of obtaining PIDs is actually wrong, becuase it would get the user of processes instead of the process ID.
Directly use killall
installer: Fix process killing issue in installer.sh
The original way of obtaining PIDs is actually wrong, becuase it would get the user of processes instead of the process ID.
Directly use killall(1) to fix the issue as well as clean the code.
show more ...
|
df29799b | 10-May-2020 |
Aaron LI <aly@aaronly.me> |
installer: Allow special characters in passwords
Store the password in an environment variable and pass it to the pw(8) command. This way of passing passwords allows special characters in the passw
installer: Allow special characters in passwords
Store the password in an environment variable and pass it to the pw(8) command. This way of passing passwords allows special characters in the password. Actually, adduser(8) uses the same method to deal with the password. So this closes the old bug #3027.
In addition, this prevents the plaintext password from appearing on the command line or in the installation log file. Although the installer will print every executed command to the install.log (located at '/var/log/install.log' with mode 0600 though), the root password setting and new user creation steps belong to the 'configuration' stage rather than the 'installation', so currently the plaintext passwords won't go to the install.log.
Credit to pikrzyszt (Krzysztof Piecuch) for submitting the initial patch in bug #3027.
show more ...
|
d749dd6e | 08-May-2020 |
Aaron LI <aly@aaronly.me> |
adduser(8): Honor uidstart in adduser.conf when showing in the prompt
When using 'uidstart' in /etc/adduser.conf, get the next available user ID and show it in the 'Uid [xxx]' prompt.
Obtained-from
adduser(8): Honor uidstart in adduser.conf when showing in the prompt
When using 'uidstart' in /etc/adduser.conf, get the next available user ID and show it in the 'Uid [xxx]' prompt.
Obtained-from: FreeBSD (revision 232146)
show more ...
|
72764df0 | 08-May-2020 |
Aaron LI <aly@aaronly.me> |
adduser(8): Allow standard IFS characters in passwords
Notably, the default IFS contains space/tab, thus any leading/trailing whitespace characters tend to be removed.
Set IFS= for just the read li
adduser(8): Allow standard IFS characters in passwords
Notably, the default IFS contains space/tab, thus any leading/trailing whitespace characters tend to be removed.
Set IFS= for just the read lines to mitigate this, allowing the user to be less surprised when their leading/trailing spaces weren't actually captured in the password as they are with other means of setting a user's password.
Obtained-from: FreeBSD (revision 359642)
show more ...
|
2ea2781e | 24-Feb-2020 |
Matthew Dillon <dillon@apollo.backplane.com> |
jail - add jail.defaults.allow_listen_override
* Add jail.defaults.allow_listen_override (also per-jail settable). This feature is disabled by default.
When enabled, this feature allows both wi
jail - add jail.defaults.allow_listen_override
* Add jail.defaults.allow_listen_override (also per-jail settable). This feature is disabled by default.
When enabled, this feature allows both wildcard and non-wildcard listen sockets in the jail to override wildcard listen sockets on the host. These sockets will be masked by the jail's IP list, meaning that a wildcard socket in the jail effectively covers just the jail's IP list.
Non-wildcard listen sockets on the host are not overriden.
Use of this feature allows the host to operate normally, without having to make its services jail-friendly. Only those services which bind to specific IPs that might conflict with the jail IPs will need modification, and only if the jail needs to have that service as well.
* In order to use the feature safely each jail should be given its own unique IPs for both localhost and its externally routable IP. For example:
jail -u root / tr3990xJ 127.0.0.2,10.0.0.139 /bin/csh
ifconfig can be used on the host to create multiple 127.0.0.X aliases on lo0 and to assign additional routable IPs to the machine for use in its jails. For example:
ifconfig lo0 inet 127.0.0.2 alias ifconfig lo0 inet 127.0.0.3 alias ifconfig lo0 inet6 ::2 alias ifconfig lo0 inet6 ::3 alias ifconfig em0 inet 10.0.0.139 netmask 255.255.0.0 alias ifconfig em0 inet 10.0.0.140 netmask 255.255.0.0 alias ...
* Within a jail, use of localhost (127.0.0.1 or ::1) will automatically be converted to the jail's localhost IP (such as 127.0.0.2). Also, accept(), getsockname(), and getpeername() will translate the jail's localhost IP back to 127.0.0.1 or ::1. Most services within the jail can thus use localhost without being the wiser.
* Listen address/port pairs within a jail can now be overloaded with the same address/port pairs on the host, or overloaded verses other jails without generating an error. However, accessibility to these ports is governed by the 'jail.deafults.allow_listen_override' sysctl setting for the jail (or the jail-specific version of the same sysctl).
Any jail-to-jail overloading of identical address/port pairs is allowed, but operationally undefined. Only one jail will receive connections.
It is best to supply each jail with its own unique local and routable IPs.
* IPV6 is now fully supported using the same mechanisms. You can supply a mix of IPV4 and IPV6 addresses in the jail command if desired. The overloading feature works the same.
show more ...
|
4728ea88 | 18-Jan-2020 |
Sascha Wildner <saw@online.de> |
rrenumd(8): Clean up the Makefile a bit wrt yacc(1) handling.
* Remove -d because it is default.
* Remove a target and CLEANFILES handling for y.tab.h, it is all done in bsd.dep.mk.
* Add y.outp
rrenumd(8): Clean up the Makefile a bit wrt yacc(1) handling.
* Remove -d because it is default.
* Remove a target and CLEANFILES handling for y.tab.h, it is all done in bsd.dep.mk.
* Add y.output to CLEANFILES when YACCDEBUG is specified.
show more ...
|
34ca1b1c | 17-Jan-2020 |
Matthew Dillon <dillon@apollo.backplane.com> |
installer - Change default /build size
* /build was previously configured to use 1/3 of the drive, but was capped at roughly 20GB. The cap doesn't really scale well on modern systems, particula
installer - Change default /build size
* /build was previously configured to use 1/3 of the drive, but was capped at roughly 20GB. The cap doesn't really scale well on modern systems, particularly since /usr/obj and /var/crash are put on the /build partition.
* Remove the cap and change the configuration to use 1/4 of the drive instead of 1/3.
* Also make a number of other minor adjustments to ensure that space is not wasted in situations where swap and/or build would be too small for auto-configuration.
show more ...
|