machdep.lidaction=0 # do nothing
machdep.lidaction=1 # suspend
machdep.lidaction=2 # hibernate
lidsuspend is just an alias for lidaction, so if you change one, the
other one will have the same value. The plan is to remove
machdep.lidsuspend eventually when people have upgraded their
/ets/sysctl.conf.
discussed with deraadt, who came up with the new MIB name
no objections mlarkin
ok stsp halex jcs
a single configuration file for the OpenBSD repository location.
The pkg_* tools now use installurl(5) to find the package repository.
NOTE:
/etc/installurl only contains a single URL pointing to a mirror.
Use the PKG_PATH environment variable to specify more than one
package repository.
prodded by and OK deraadt@ aja@
'ypbind_flags=""' when domainname is set and /var/yp/binding exists.
This can lead to inconsistent behavior at startup since /var may not be
mounted yet and /etc/rc's start_daemon() will not start ypbind.
A.K.A. make ypbind startup consistent with all other OpenBSD daemons.
ok deraadt@
/root/.ssh/authorized_keys file with correct permissions (0600 for the
file, 0700 for /root/.ssh dir). Since we encourage administrators to use
public keys only if they want to access root account via ssh, might
aswell make it easier, this will be particularly useful in
managed/provisioned environments (think ansible & others).
Note that administrators might get an e-mail from security(8) if the
file suddenly appears after an update - this is of course expected :)
ok tb@ sthen@ rpe@ ajacoutot@
raising openfiles-cur above the implicit -max value (1024 on at least the
common arch) results in the setting not being applied at all.
Earlier version OK tom@ danj@ ajacoutot@ benno@ krw@ beck@, suggestion about
openfiles= from millert@ - changes in this version are to use 1024 for -max
rather than 512 to avoid changing the existing hard limit, and just use
openfiles= for bgpd/unbound where max and cur are the same value.
the interface pointed to by the default route.
Since the kernel no longer keep routes with dangling address pointer,
netstart(8) has to re-add the default route when the corresponding ifa
has been deleted and re-created.
deraadt@ points out that even if the previous semantic was not necessarily
better, a script like netstart(8) cannot totally fix the default route
problem.
Regression reported by and fix tested by Hrvoje Popovski.
ksh foo checked by halex@
to /usr/src or /usr/xenocara.
Change /usr/{,x}obj to owner build:wobj with mode 770 and install the
systemwide makefiles before starting a build. The root of the noperm fs
containing DESTDIR should also be owned by build:wobj.
Developers will need to add their users to group wobj to be able to write
to /usr/{,x}obj/.
"push forward" deraadt; testing, input & ok rpe
The installer will create these directories during install.
So local setups will not get overwritten during upgrades.
idea from and OK deraadt@
with help from and OK tb@
feedback from and no objections halex@