diff -rU2 -I[$]OpenBSD ./etc/changelist ../43/etc/changelist --- etc/changelist Tue Aug 28 11:59:47 2007 +++ ../43/etc/changelist Wed Mar 12 12:28:00 2008 @@ -40,5 +40,5 @@ /etc/group /etc/hostapd.conf -/etc/hoststated.conf +/etc/relayd.conf /etc/hosts /etc/hosts.allow @@ -48,5 +48,5 @@ /etc/ifstated.conf /etc/inetd.conf -/etc/ipsec.conf ++/etc/ipsec.conf +/etc/isakmpd/private/local.key /etc/isakmpd/local.pub @@ -90,4 +90,5 @@ /etc/ntpd.conf /etc/ospfd.conf +/etc/ospf6d.conf /etc/passwd /etc/pf.conf @@ -119,4 +120,5 @@ /etc/slip.hosts /etc/slip.login +/etc/snmpd.conf /etc/ssh/ssh_config +/etc/ssh/ssh_host_dsa_key diff -rU2 -I[$]OpenBSD ./etc/chio.conf ../43/etc/chio.conf --- etc/chio.conf Tue Aug 28 11:59:49 2007 +++ ../43/etc/chio.conf Wed Mar 12 12:28:02 2008 @@ -1,7 +1,7 @@ -# $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ -# Configuration file for chio(8). +# $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ +# Configuration file for chio(1). # Each stanza configures a changer, to enumerate the st(4) devices # corresponding to each ch(4) drive. This file is only required -# if you need a non-default behavior. See chio(8) for details. +# if you need a non-default behavior. See chio(1) for details. # # Example: tell chio that drive 0 corresponds to rst3 and drive 1 to rst2 diff -rU2 -I[$]OpenBSD ./etc/ftpusers ../43/etc/ftpusers --- etc/ftpusers Tue Aug 28 11:59:47 2007 +++ ../43/etc/ftpusers Wed Mar 12 12:28:00 2008 @@ -41,3 +41,5 @@ _dvmrpd _ripd -_hoststated +_relayd +_ospf6d +_snmpd diff -rU2 -I[$]OpenBSD ./etc/mail/aliases ../43/etc/mail/aliases --- etc/mail/aliases Tue Aug 28 12:00:16 2007 +++ ../43/etc/mail/aliases Wed Mar 12 12:28:25 2008 @@ -29,5 +29,4 @@ _ftp: /dev/null _hostapd: /dev/null -_hoststated: /dev/null _identd: /dev/null _isakmpd: /dev/null @@ -37,11 +36,14 @@ _ntp: /dev/null _ospfd: /dev/null +_ospf6d: /dev/null _pflogd: /dev/null _portmap: /dev/null _ppp: /dev/null _rbootd: /dev/null +_relayd: /dev/null _ripd: /dev/null _rstatd: /dev/null _rusersd: /dev/null +_snmpd: /dev/null _spamd: /dev/null _syslogd: /dev/null diff -rU2 -I[$]OpenBSD ./etc/ssh/sshd_config ../43/etc/ssh/sshd_config --- etc/ssh/sshd_config Tue Aug 28 11:59:52 2007 +++ ../43/etc/ssh/sshd_config Wed Mar 12 12:28:08 2008 @@ -90,7 +90,8 @@ #MaxStartups 10 #PermitTunnel no +#ChrootDirectory none # no default banner path -#Banner /some/path +#Banner none # override default of no subsystems diff -rU2 -I[$]OpenBSD ./etc/sudoers ../43/etc/sudoers --- etc/sudoers Tue Aug 28 12:00:18 2007 +++ ../43/etc/sudoers Wed Mar 12 12:28:26 2008 @@ -4,4 +4,6 @@ # # This file MUST be edited with the 'visudo' command as root. +# Failure to use 'visudo' may result in syntax or file permission errors +# that prevent sudo from running. # # See the sudoers man page for the details on how to write a sudoers file. @@ -15,5 +17,8 @@ # Defaults specification -Defaults env_keep +="DESTDIR FETCH_CMD FLAVOR FTPMODE MAKE MULTI_PACKAGES OKAY_FILES PKG_DBDIR PKG_DESTDIR PKG_CACHE PKG_PATH PKG_TMPDIR PORTSDIR RELEASEDIR SUBPACKAGE" +Defaults env_keep +="DESTDIR FETCH_CMD FLAVOR FTPMODE GROUP MAKE MULTI_PACKAGES" +Defaults env_keep +="OKAY_FILES OWNER PKG_DBDIR PKG_DESTDIR PKG_CACHE PKG_PATH" +Defaults env_keep +="PKG_TMPDIR PORTSDIR RELEASEDIR SUBPACKAGE WRKOBJDIR" +Defaults env_keep +="SSH_AUTH_SOCK EDITOR VISUAL" # Uncomment to preserve the environment for users in group wheel diff -rU2 -I[$]OpenBSD ./etc/sysctl.conf ../43/etc/sysctl.conf --- etc/sysctl.conf Tue Aug 28 11:59:48 2007 +++ ../43/etc/sysctl.conf Wed Mar 12 12:28:01 2008 @@ -26,9 +26,11 @@ #fs.posix.setuid=0 # 0=Traditional BSD chown() semantics #vm.swapencrypt.enable=0 # 0=Do not encrypt pages that go to swap -#vfs.nfs.iothreads=4 # number of nfsio kernel threads -#net.inet.ip.mtudisc=0 # 0=disable tcp mtu discovery -#kern.usercrypto=0 # 0=disable userland use of /dev/crypto -#kern.splassert=2 # 2=enable with verbose error messages -#kern.nosuidcoredump=2 # 2=put suid coredumps in /var/crash +#vfs.nfs.iothreads=4 # Number of nfsio kernel threads +#net.inet.ip.mtudisc=0 # 0=Disable tcp mtu discovery +#kern.usercrypto=0 # 0=Disable userland use of /dev/crypto +#kern.splassert=2 # 2=Enable with verbose error messages +#kern.nosuidcoredump=2 # 2=Put suid coredumps in /var/crash +#kern.watchdog.period=32 # >0=Enable hardware watchdog(4) timer if available +#kern.watchdog.auto=0 # 0=Disable automatic watchdog(4) retriggering #machdep.allowaperture=2 # See xf86(4) #machdep.apmwarn=10 # battery % when apm status messages enabled diff -rU2 var/named/etc/named-dual.conf ../43/var/named/etc/named-dual.conf --- var/named/etc/named-dual.conf Tue Aug 28 11:59:51 2007 +++ ../43/var/named/etc/named-dual.conf Wed Mar 12 12:28:03 2008 @@ -1,3 +1,3 @@ -// $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ +// $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ // // Example file for a named configuration with dual views, @@ -21,4 +21,6 @@ listen-on { any; }; listen-on-v6 { any; }; + + empty-zones-enable yes; }; @@ -30,10 +32,9 @@ match-clients { clients; }; match-recursive-only yes; + allow-recursion { clients; }; - // Standard zones - // zone "." { type hint; - file "standard/root.hint"; + file "etc/root.hint"; }; diff -rU2 var/named/etc/named-simple.conf ../43/var/named/etc/named-simple.conf --- var/named/etc/named-simple.conf Tue Aug 28 11:59:51 2007 +++ ../43/var/named/etc/named-simple.conf Wed Mar 12 12:28:03 2008 @@ -1,3 +1,3 @@ -// $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ +// $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ // // Example file for a simple named configuration, processing both @@ -21,4 +21,6 @@ listen-on-v6 { any; }; + empty-zones-enable yes; + allow-recursion { clients; }; }; @@ -32,5 +34,5 @@ zone "." { type hint; - file "standard/root.hint"; + file "etc/root.hint"; }; diff -rU2 var/named/etc/named.conf ../43/var/named/etc/named.conf --- var/named/etc/named.conf Tue Aug 28 11:59:51 2007 +++ ../43/var/named/etc/named.conf Wed Mar 12 12:28:03 2008 @@ -1,3 +1,3 @@ -// $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ +// $OpenBSD: upgrade43.patch,v 1.1 2008/03/30 16:52:34 nick Exp $ // // Example file for a simple named configuration, processing both @@ -21,4 +21,6 @@ listen-on-v6 { any; }; + empty-zones-enable yes; + allow-recursion { clients; }; }; @@ -32,5 +34,5 @@ zone "." { type hint; - file "standard/root.hint"; + file "etc/root.hint"; }; diff -rU2 -I[$]OpenBSD ./var/www/conf/httpd.conf ../43/var/www/conf/httpd.conf --- var/www/conf/httpd.conf Tue Aug 28 11:59:53 2007 +++ ../43/var/www/conf/httpd.conf Wed Mar 12 12:28:08 2008 @@ -274,4 +274,9 @@ # +# Include extra module configuration files +# +Include /var/www/conf/modules/*.conf + +# # ExtendedStatus controls whether Apache will generate "full" status # information (ExtendedStatus On) or just basic information (ExtendedStatus @@ -533,5 +538,8 @@ # logged here. If you *do* define an error logfile for a # container, that host's errors will be logged there and not here. +# Either a filename or the text "syslog:" followed by a facility +# name may be specified here. # +#ErrorLog syslog:daemon ErrorLog logs/error_log @@ -1107,3 +1115,2 @@ - diff -rU2 -I[$]OpenBSD ./var/www/conf/mime.types ../43/var/www/conf/mime.types --- var/www/conf/mime.types Tue Aug 28 11:59:53 2007 +++ ../43/var/www/conf/mime.types Wed Mar 12 12:28:08 2008 @@ -346,4 +346,5 @@ application/wordperfect5.1 application/x-bcpio bcpio +application/x-bittorrent torrent application/x-cdlink vcd application/x-chess-pgn pgn diff -rU2 -I[$]OpenBSD ./var/www/htdocs/manual/mod/core.html ../43/var/www/htdocs/manual/mod/core.html --- var/www/htdocs/manual/mod/core.html Tue Aug 28 12:00:01 2007 +++ ../43/var/www/htdocs/manual/mod/core.html Wed Mar 12 12:28:14 2008 @@ -165,4 +165,6 @@
  • RLimitNPROC
    • +
  • RLimitNOFILE
    • +
  • Satisfy
    • @@ -3383,4 +3385,45 @@

    See also RLimitMEM or RLimitCPU.

    +
    + +

    RLimitNOFILE + directive

    + + Syntax: RLimitNOFILE + number|max [number|max]
    + Default: Unset; uses + operating system defaults
    + Context: server config, virtual + host
    + Status: core
    + Compatibility: RLimitNOFILE is + only available in Apache 1.2 and later + +

    Takes 1 or 2 parameters. The first parameter sets the soft + resource limit for all processes and the second parameter sets + the maximum resource limit. Either parameter can be a number, + or max to indicate to the server that the limit + should be set to the maximum allowed by the operating system + configuration. Raising the maximum resource limit requires that + the server is running as root, or in the initial startup + phase.

    + +

    This applies to processes forked off from Apache children + servicing requests, not the Apache children themselves. This + includes CGI scripts and SSI exec commands, but not any + processes forked off from the Apache parent such as piped + logs.

    + +

    Process limits control the number of open files per user.

    + +

    Note: If CGI processes are not running + under userids other than the web server userid, this directive + will limit the number of files that the server itself can + open.

    diff -rU2 -I[$]OpenBSD ./var/www/htdocs/manual/server-wide.html ../43/var/www/htdocs/manual/server-wide.html --- var/www/htdocs/manual/server-wide.html Tue Aug 28 11:59:58 2007 +++ ../43/var/www/htdocs/manual/server-wide.html Wed Mar 12 12:28:12 2008 @@ -263,4 +263,5 @@ RLimitMEM
    RLimitNPROC
    + RLimitNOFILE
    ThreadStackSize