rc.d: add a service jails config to all base system services

This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
servic

rc.d: add a service jails config to all base system services

This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
service jail.

The sshd patch is important for the sshd-related functionality as
described in the man-page in the service jails part.

The location of the added env vars is supposed to allow overriding them
in rc.conf, and to hard-disable the use of svcj for some parts where it
doesn't make sense or will not work.

Only a subset of all of the services are fully tested (I'm running this
since more than a year with various services started as service jails).
The untested parts should be most of the time ok, in some edge-cases
more permissions are needed inside the service jail.
Differential Revision: https://reviews.freebsd.org/D40371

show more ...

Remove $FreeBSD$: one-line sh pattern

Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

growfs script: fix config-dependent errors

- awk sometimes formatted swapbase as floating point, which gpart
does not accept; force int.

- Fix typo in code for checking vm.max_swap_pages.

- Whil

growfs script: fix config-dependent errors

- awk sometimes formatted swapbase as floating point, which gpart
does not accept; force int.

- Fix typo in code for checking vm.max_swap_pages.

- While here, do not set kernel env if "gpart add" fails.

- Add "gpart show" before modification to verbose output.

Reported by: marklmi at yahoo dot com
Tested by: marklmi at yahoo dot com

show more ...

growfs script: fixes

Cannot use single quote in comment in awk script;
add growfs_fstab to Makefile

Fixes: 4a30d7bb373c,d670a8f7c596

growfs script: add swap partition as well as growing root

Add the ability to create a swap partition in the course of growing
the root file system on first boot, enabling by default. The default
ru

growfs script: add swap partition as well as growing root

Add the ability to create a swap partition in the course of growing
the root file system on first boot, enabling by default. The default
rules are: add swap if the disk is at least 15 GB (decimal), and the
existing root is less than 40% of the disk. The default size is 10%
of the disk, but is limited by the memory size. The limit is twice
memory size up to 4 GB, 8 GB up to 8 GB memory, and memory size over
8 GB memory. Swap size is clamped at vm.swap_maxpages/2 as well.
The new swap partition is labeled as "growfs_swap".

The default behavior can be overridden by setting growfs_swap_size in
/etc/rc.conf or in the kernel environment, with kenv taking priority.
A value of 0 inhibits the addition of swap, an empty value specifies
the default, and other values indicate a swap size in bytes.

By default, addition of swap is inhibited if a swap partition is found
in the output of the sysctl kern.geom.conftxt before the current root
partition, usually meaning that there is another disk present.
Swap space is not added if one is already present in /etc/fstab.

The root partition is read-only when growfs runs, so /etc/fstab can
not be modified. That step is handled by a new growfs_fstab script,
added in a separate commit. Set the value "growfs_swap_pdev" in kenv
to indicate that this should be done, as well as for internal use.

There is optional verbose output meant for debugging; it can only be
enabled by modifying the script (in two places, for sh and awk).
This should be removed before release, after testing on -current.

Discussed with: cperciva
Reviewed by: imp (previous version)
Differential Revision: https://reviews.freebsd.org/D37462

show more ...

- Fix the growfs rc script to cope with diskid labels.
- Fix a warning in growfs. gpart commit is supposed to be called on disk
device.
- Silence a gpart commit warning in growfs.

Submitted by: lo

- Fix the growfs rc script to cope with diskid labels.
- Fix a warning in growfs. gpart commit is supposed to be called on disk
device.
- Silence a gpart commit warning in growfs.

Submitted by: loos
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D31587
Sponsored by: Rubicon Communications, LLC ("Netgate")

show more ...

rc: improve dependencies for growfs

Previously it depended on sysctl, which itself has no dependencies,
so rcorder(8) had a bit too much flexibility when choosing when to run
it. Make sure it runs

rc: improve dependencies for growfs

Previously it depended on sysctl, which itself has no dependencies,
so rcorder(8) had a bit too much flexibility when choosing when to run
it. Make sure it runs just between 'fsck' and 'root'.

Reviewed By: jmg, imp
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D29748

show more ...

Merge ^/head r352319 through r352435.

fix the article to be correct...

MFHead@r345275

MFhead@r345025

Remove an unneeded 'tail -n 1' from a pipeline

When piping to awk, it's almost always an anti-pattern to use 'grep'
first.

When not in a pipeline, sometimes it is faster to use tail, as awk
must pr

Remove an unneeded 'tail -n 1' from a pipeline

When piping to awk, it's almost always an anti-pattern to use 'grep'
first.

When not in a pipeline, sometimes it is faster to use tail, as awk
must process all the lines in the input stream, and won't 'seek'.
In a pipeline, both grep and awk must process all lines, so we might
as well skip the extra process creation for tail and just use awk
for all the processing.

Reviewed by: jilles
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19441

show more ...

Merge ^/head r343807 through r343955.

Teach /etc/rc.d/growfs how to handle systems running ZFS.

There are many cases which this code does not handle (e.g. ZFS mirrors)
but the code can handle the single-disk case -- so it's enough to ta

Teach /etc/rc.d/growfs how to handle systems running ZFS.

There are many cases which this code does not handle (e.g. ZFS mirrors)
but the code can handle the single-disk case -- so it's enough to take
care of the "disk image which gets booted into a VM with a larger than
expected disk" case for which this firstboot script was created.

MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D19095

show more ...

Merge ^/head r339015 through r339669.

Move the rc framework out of sbin/init into libexec/rc.

The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update bec

Move the rc framework out of sbin/init into libexec/rc.

The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update because an rc script was touched.
(a follow-up commit will make init its own package)
* having rc in its own place will allow more easy replacement
of the rc framework with alternatives, such as openrc.

Discussed with: brd (during BSDCam), kmoore
Requested by: cem, bz
PR: 231522
Approved by: re (gjb)

show more ...