diff options
Diffstat (limited to 'sys-freebsd')
-rw-r--r-- | sys-freebsd/freebsd-sbin/files/devd.conf | 153 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sbin/files/devd.initd | 47 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sbin/files/devd_queue | 50 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sbin/files/ipfw.confd | 10 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sbin/files/ipfw.initd | 110 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sbin/files/sysctl.initd | 28 |
6 files changed, 0 insertions, 398 deletions
diff --git a/sys-freebsd/freebsd-sbin/files/devd.conf b/sys-freebsd/freebsd-sbin/files/devd.conf deleted file mode 100644 index fd1e0352e5ba..000000000000 --- a/sys-freebsd/freebsd-sbin/files/devd.conf +++ /dev/null @@ -1,153 +0,0 @@ -# Refer to devd.conf(5) and devd(8) man pages for the details on how to -# run and configure devd. -# - -# NB: All regular expressions have an implicit ^$ around them. -# NB: device-name is shorthand for 'match device-name' - -options { - # Each directory directive adds a directory the list of directories - # that we scan for files. Files are read-in in the order that they - # are returned from readdir(3). The rule-sets are combined to - # create a DFA that's used to match events to actions. - directory "/etc/devd"; - directory "/usr/local/etc/devd"; - pid-file "/var/run/devd.pid"; - - # Setup some shorthand for regex that we use later in the file. - #XXX Yes, these are gross -- imp - set scsi-controller-regex - "(aac|adv|adw|aha|ahb|ahc|ahd|aic|amd|amr|asr|bt|ciss|ct|dpt|\ - esp|ida|iir|ips|isp|mlx|mly|mpt|ncr|ncv|nsp|stg|sym|trm|wds)\ - [0-9]+"; -}; - -# Note that the attach/detach with the highest value wins, so that one can -# override these general rules. - -# -# For ethernet like devices start configuring the interface. Due to -# a historical accident, this script is called pccard_ether. -# -attach 0 { - media-type "ethernet"; - action "/etc/devd_queue add env IN_HOTPLUG=1 /etc/init.d/net.$device-name start"; -}; - -detach 0 { - media-type "ethernet"; - action "/etc/devd_queue add env IN_HOTPLUG=1 /etc/init.d/net.$device-name stop"; -}; - -# -# Try to start dhclient on Ethernet like interfaces when the link comes -# up. Only devices that are configured to support DHCP will actually -# run it. No link down rule exists because dhclient automaticly exits -# when the link goes down. -# -notify 0 { - match "system" "IFNET"; - match "type" "LINK_UP"; - media-type "ethernet"; - action "/etc/devd_queue add /etc/init.d/net.$subsystem start"; -}; -notify 0 { - match "system" "IFNET"; - match "type" "LINK_DOWN"; - media-type "ethernet"; - action "/etc/devd_queue add /etc/init.d/net.$subsystem stop"; -}; - -# -# Like Ethernet devices, but separate because -# they have a different media type. We may want -# to exploit this later. -# -#detach 0 { -# media-type "802.11"; -# action "env IN_HOTPLUG=1 /etc/init.d/net.$device-name stop"; -#}; -#attach 0 { -# media-type "802.11"; -# action "env IN_HOTPLUG=1 /etc/init.d/net.$device-name start"; -#}; - -# Not sure how to handle this in Gentoo yet -# When a USB Bluetooth dongle appears activate it -#attach 100 { -# device-name "ubt[0-9]+"; -# action "/etc/rc.d/bluetooth start $device-name"; -#}; -#detach 100 { -# device-name "ubt[0-9]+"; -# action "/etc/rc.d/bluetooth stop $device-name"; -#}; - -# When a USB keyboard arrives, attach it as the console keyboard. -attach 100 { - device-name "ukbd0"; - action "kbdcontrol -k /dev/ukbd0 < /dev/console"; -}; -detach 100 { - device-name "ukbd0"; - action "kbdcontrol -k /dev/kbd0 < /dev/console"; -}; - -# The entry below starts and stops moused when a mouse is plugged in. -attach 100 { - device-name "psm[0-9]+"; - action "/etc/devd_queue add env IN_HOTPLUG=1 /etc/init.d/moused.$device-name start"; -}; -detach 100 { - device-name "psm[0-9]+"; - action "/etc/devd_queue add env IN_HOTPLUG=1 /etc/init.d/moused.$device-name stop"; -}; -attach 100 { - device-name "ums[0-9]+"; - action "/etc/devd_queue add env IN_HOTPLUG=1 /etc/init.d/moused.$device-name start"; -}; -detach 100 { - device-name "ums[0-9]+"; - action "/etc/devd_queue add env IN_HOTPLUG=1 /etc/init.d/moused.$device-name stop"; -}; - -# Notify all users before beginning emergency shutdown when we get -# a _CRT or _HOT thermal event and we're going to power down the system -# very soon. -notify 10 { - match "system" "ACPI"; - match "subsystem" "Thermal"; - match "notify" "0xcc"; - action "logger -p kern.emerg 'WARNING: system temperature too high, shutting down soon!'"; -}; - -/* EXAMPLES TO END OF FILE - - -# Examples of notify hooks. A notify is a generic way for a kernel -# subsystem to send event notification to userland. -# -# Here are some examples of ACPI notify handlers. ACPI subsystems that -# generate notifies include the AC adapter, power/sleep buttons, -# control method batteries, lid switch, and thermal zones. -# -# Information returned is not always the same as the ACPI notify -# events. See the ACPI specification for more information about -# notifies. Here is the information returned for each subsystem: -# -# ACAD: AC line state (0 is offline, 1 is online) -# Button: Button pressed (0 for power, 1 for sleep) -# CMBAT: ACPI battery events -# Lid: Lid state (0 is closed, 1 is open) -# Thermal: ACPI thermal zone events -# -# This example calls a script when the AC state changes, passing the -# notify value as the first argument. If the state is 0x00, it might -# call some sysctls to implement economy mode. If 0x01, it might set -# the mode to performance. -notify 10 { - match "system" "ACPI"; - match "subsystem" "ACAD"; - action "/etc/acpi_ac $notify"; -}; -*/ diff --git a/sys-freebsd/freebsd-sbin/files/devd.initd b/sys-freebsd/freebsd-sbin/files/devd.initd deleted file mode 100644 index 617125840814..000000000000 --- a/sys-freebsd/freebsd-sbin/files/devd.initd +++ /dev/null @@ -1,47 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -depend() { - need localmount - after bootmisc hostname - before net -} - -start() { - # Services may depend on us, so mark us as inactive - mark_service_inactive "${SVCNAME}" - - # Create a queue so that if things went UP DOWN UP DOWN UP DOWN UP - # We just do an UP - # This is used by /etc/devd_queue - mkdir -p /var/run/devd - - ebegin "Starting the Device State Change Daemon" - sysctl hw.bus.devctl_disable=0 >/dev/null - start-stop-daemon --start --exec /sbin/devd \ - --pidfile /var/run/devd.pid - eend $? "Failed to start devd" \ - || return $? - - ebegin "Waiting for Device State Change Daemon to settle" - LC_ALL=C sleep "${DEVD_WAIT:-2}" - eend $? - - # Now flush the queue - einfo "Flushing Device State Change Daemon queue" - /etc/devd_queue flush - - mark_service_started "${SVCNAME}" - return 0 -} - -stop() { - ebegin "Stopping the Device State Change Daemon" - sysctl hw.bus.devctl_disable=1 >/dev/null - start-stop-daemon --stop --exec /sbin/devd \ - --pidfile /var/run/devd.pid - eend $? "Failed to stop devd" -} - -# vim: ts=4 : diff --git a/sys-freebsd/freebsd-sbin/files/devd_queue b/sys-freebsd/freebsd-sbin/files/devd_queue deleted file mode 100644 index d42cb830c962..000000000000 --- a/sys-freebsd/freebsd-sbin/files/devd_queue +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/sh - -# Notify the rc system that we're in the background -export IN_BACKGROUND=true - -arg1="$1" -if [ -z "$arg1" ] ; then - echo "Command required" > /dev/stderr - exit 1 -fi -shift - -case "$arg1" in - add) - if [ -z "$1" ] ; then - echo "Command missing!" > /dev/stderr - exit 1 - fi - - # If we don't have a queue then just run - if [ ! -d /var/run/devd ] ; then - "$@" - exit $? - fi - - cmd="$1" - args="$*" - if [ "$cmd" = "env" ] ; then - shift - while echo "$1" | grep -q "="; do - shift - [ "$1" = "--" ] && shift && break - done - cmd="$1" - fi - echo "$args" > /var/run/devd/$(basename "$cmd") - ;; - flush) - while ! rmdir /var/run/devd 2>/dev/null ; do - for cmd in $(cd /var/run/devd; ls) ; do - args=$(cat /var/run/devd/$cmd) - rm -f /var/run/devd/$cmd - $args - done - done - ;; - *) - echo "Unknown command $arg1" - ;; -esac diff --git a/sys-freebsd/freebsd-sbin/files/ipfw.confd b/sys-freebsd/freebsd-sbin/files/ipfw.confd deleted file mode 100644 index 687f92da922f..000000000000 --- a/sys-freebsd/freebsd-sbin/files/ipfw.confd +++ /dev/null @@ -1,10 +0,0 @@ -# ipfw provides a stateful firewall. -# This means we allow everything out, and if we have a connection we allow it -# back in. This is very flexable and quite secure. - -# For ease of use, we allow auth and ssh ports through as well. -# To override the list of allowed ports -#PORTS_IN="auth ssh" - -# You may want to enable logging of denied connections -#LOG_DENY="yes" diff --git a/sys-freebsd/freebsd-sbin/files/ipfw.initd b/sys-freebsd/freebsd-sbin/files/ipfw.initd deleted file mode 100644 index 13cdaee68d24..000000000000 --- a/sys-freebsd/freebsd-sbin/files/ipfw.initd +++ /dev/null @@ -1,110 +0,0 @@ -#!/sbin/openrc-run -# Copyright 2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# This is a nice client firewall script which should suit most desktop users. -# We allow auth and ssh in by default. - -PORTS_IN=${PORTS_IN-auth ssh} - -opts="panic showstatus" - -depend() { - before net - provide firewall -} - -ipfw() { - /sbin/ipfw -f -q "$@" -} - -init() { - # Load the kernel module - if ! sysctl net.inet.ip.fw.enable=1 >/dev/null 2>/dev/null ; then - if ! kldload ipfw ; then - eend 1 "Unable to load firewall module" - return 1 - fi - fi - - ipfw flush - - ipfw add allow all from any to any via lo0 - ipfw add allow all from any to 127.0.0.0/8 - ipfw add deny ip from 127.0.0.0/8 to any - - ipfw add allow ipv6-icmp from :: to ff02::/16 - ipfw add allow ipv6-icmp from fe80::/10 to fe80::/10 - ipfw add allow ipv6-icmp from fe80::/10 to ff02::/16 -} - -start() { - local x= log= - ebegin "Starting firewall rules" - if ! init ; then - eend 1 "Failed to flush firewall ruleset" - return 1 - fi - - [ "${LOG_DENY}" = "yes" ] && log="log" - - # Use a statefull firewall - ipfw add check-state - - # Open our configured ports - if [ -n "${PORTS_IN}" ] ; then - local pin= - for x in ${PORTS_IN} ; do - pin="${pin}${pin:+,}${x}" - done - ipfw add allow tcp from any to me ${pin} established keep-state - ipfw add allow tcp from any to me6 ${pin} established keep-state - ipfw add allow tcp from any to me ${pin} setup keep-state - ipfw add allow tcp from any to me6 ${pin} setup keep-state - ipfw add allow udp from any to me ${pin} established - ipfw add allow udp from any to me ${pin} keep-state - ipfw add allow udp from any to me6 ${pin} established - ipfw add allow udp from any to me6 ${pin} keep-state - fi - - # Nice flexable rules that disallow incoming except for stuff we - # have asked for, and allow all outgoing. - ipfw add allow tcp from me to any established keep-state - ipfw add allow tcp from me to any setup keep-state - ipfw add allow tcp from me6 to any established keep-state - ipfw add allow tcp from me6 to any setup keep-state - ipfw add deny ${log} tcp from any to any - ipfw add allow udp from me to any established - ipfw add allow udp from me to any keep-state - ipfw add allow udp from me6 to any established - ipfw add allow udp from me6 to any keep-state - ipfw add deny ${log} udp from any to any - - # Be a good firewall and allow some ICMP traffic. - # Remove 8 if you really want to disallow ping. - ipfw add allow icmp from any to any icmptypes 0,3,8,11,12 - ipfw add allow ip6 from any to any proto ipv6-icmp - - eend 0 -} - -stop() { - ebegin "Stopping firewall rules" - # We don't unload the kernel module as that action - # can cause memory leaks as of FreeBSD 6.x - sysctl net.inet.ip.fw.enable=0 >/dev/null - eend $? -} - -panic() { - ebegin "Stopping firewall rules - hard" - if ! init ; then - eend 1 "Failed to flush firewall ruleset" - return 1 - fi - eend 0 -} - -showstatus() { - ipfw show -} diff --git a/sys-freebsd/freebsd-sbin/files/sysctl.initd b/sys-freebsd/freebsd-sbin/files/sysctl.initd deleted file mode 100644 index 9b8aaf8e9b32..000000000000 --- a/sys-freebsd/freebsd-sbin/files/sysctl.initd +++ /dev/null @@ -1,28 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -depend() { - after checkroot root -} - -start() { - ebegin "Configuring kernel parameters" - - if [ ! -f /etc/sysctl.conf ]; then - eend 1 "/etc/sysctl.conf" "not found" - return 1 - fi - - local retval=0 var= comments= - while read var comments ; do - case "${var}" in - ""|"#"*) continue;; - esac - sysctl "${var}" >/dev/null || retval=1 - done < /etc/sysctl.conf - eend ${retval} "Some errors were encountered" -} - -# vim: set ts=4 : |