raising openfiles-cur above the implicit -max value (1024 on at least the
common arch) results in the setting not being applied at all.
Earlier version OK tom@ danj@ ajacoutot@ benno@ krw@ beck@, suggestion about
openfiles= from millert@ - changes in this version are to use 1024 for -max
rather than 512 to avoid changing the existing hard limit, and just use
openfiles= for bgpd/unbound where max and cur are the same value.

and pwd_gensalt.c - so remove it from the default /etc/login.conf files as well.
ok millert@

than the daemon class' default of 128.  Reminded by/ok ajacoutot@

ok henning@

ok deraadt millert

initially intended for YubiKey, jmc@ noted that list was out of date.
ok deraadt@, jmc@

already there).
ok sthen@ millert@ gilles@ deraadt@

Use bgpd(8) for this which on a peering router often needs openfiles-cur
to be higher than the default. ok henning@ claudio@ deraadt@

ok deraadt

with new binutils without tweaking datasize. ok deraadt@ millert@

really want this.  secure by default, and as i say, bite me.  millert
and markus and miod ok

o no longer install passwd.conf (but it is used if it exists and the
needed info is not in login.conf)
o added passwordtime and minpasswordlen login.conf variables

setusercontext() in most places where previously we did a setlogin().
Add default login.conf file and put root in the "daemon" login class.