From: deraadt <deraadt@openbsd.org>
Date: Tue, 15 Jul 2014 08:28:43 +0000 (+0000)
Subject: sysctl.conf moves to etc/examples
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=13b617d2434e193eae6fddf9e3d9fb0cf8b809e5;p=openbsd

sysctl.conf moves to etc/examples
---

diff --git a/etc/Makefile b/etc/Makefile
index e21725b58ed..38ca480ef24 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.372 2014/07/14 09:11:27 ajacoutot Exp $
+#	$OpenBSD: Makefile,v 1.373 2014/07/15 08:28:43 deraadt Exp $
 
 TZDIR=		/usr/share/zoneinfo
 LOCALTIME=	Canada/Mountain
@@ -101,10 +101,11 @@ distribution-etc-root-var: distrib-dirs
 	    chown ${BINOWN} ${DESTDIR}/etc/ttys && \
 	    chgrp ${BINGRP} ${DESTDIR}/etc/ttys && \
 	    chmod 644 ${DESTDIR}/etc/ttys
-	cat sysctl.conf etc.${MACHINE}/sysctl.conf > ${DESTDIR}/etc/sysctl.conf && \
-	    chown ${BINOWN} ${DESTDIR}/etc/sysctl.conf && \
-	    chgrp ${BINGRP} ${DESTDIR}/etc/sysctl.conf && \
-	    chmod 644 ${DESTDIR}/etc/sysctl.conf
+	cat sysctl.conf etc.${MACHINE}/sysctl.conf > \
+	    ${DESTDIR}/etc/examples/sysctl.conf && \
+	    chown ${BINOWN} ${DESTDIR}/etc/examples/sysctl.conf && \
+	    chgrp ${BINGRP} ${DESTDIR}/etc/examples/sysctl.conf && \
+	    chmod 644 ${DESTDIR}/etc/examples/sysctl.conf
 	cat fbtab.head etc.${MACHINE}/fbtab fbtab.tail > ${DESTDIR}/etc/fbtab && \
 	    chown ${BINOWN} ${DESTDIR}/etc/fbtab && \
 	    chgrp ${BINGRP} ${DESTDIR}/etc/fbtab && \
diff --git a/etc/changelist b/etc/changelist
index 32330e93ee6..6ecbc9d1511 100644
--- a/etc/changelist
+++ b/etc/changelist
@@ -1,4 +1,4 @@
-#	$OpenBSD: changelist,v 1.93 2014/07/14 09:04:02 deraadt Exp $
+#	$OpenBSD: changelist,v 1.94 2014/07/15 08:28:43 deraadt Exp $
 #
 # List of files which the security script backs up and checks
 # for modifications.
@@ -142,7 +142,7 @@
 /etc/ssl/cert.pem
 /etc/sudoers
 /etc/suid_profile
-/etc/sysctl.conf
++/etc/sysctl.conf
 /etc/syslog.conf
 /etc/sysmerge.ignore
 /etc/ttys
diff --git a/etc/examples/sysctl.conf b/etc/examples/sysctl.conf
new file mode 100644
index 00000000000..ae9c83519b4
--- /dev/null
+++ b/etc/examples/sysctl.conf
@@ -0,0 +1,38 @@
+#	$OpenBSD: sysctl.conf,v 1.1 2014/07/15 08:28:43 deraadt Exp $
+#
+# This file contains a list of sysctl options the user wants set at
+# boot time.  See sysctl(3) and sysctl(8) for more information on
+# the many available variables.
+#
+#net.inet.ip.forwarding=1	# 1=Permit forwarding (routing) of IPv4 packets
+#net.inet.ip.mforwarding=1	# 1=Permit forwarding (routing) of IPv4 multicast packets
+#net.inet.ip.multipath=1	# 1=Enable IP multipath routing
+#net.inet.icmp.rediraccept=1	# 1=Accept ICMP redirects
+#net.inet6.icmp6.rediraccept=1	# 1=Accept IPv6 ICMP redirects (for hosts)
+#net.inet6.ip6.forwarding=1	# 1=Permit forwarding (routing) of IPv6 packets
+#net.inet6.ip6.mforwarding=1	# 1=Permit forwarding (routing) of IPv6 multicast packets
+#net.inet6.ip6.multipath=1	# 1=Enable IPv6 multipath routing
+#net.inet.tcp.always_keepalive=1 # 1=Keepalives for all connections (e.g. hotel/airport NAT)
+#net.inet.tcp.keepidle=100	# 100=send TCP keepalives every 50 seconds
+#net.inet.esp.enable=0		# 0=Disable the ESP IPsec protocol
+#net.inet.ah.enable=0		# 0=Disable the AH IPsec protocol
+#net.inet.esp.udpencap=0	# 0=Disable ESP-in-UDP encapsulation
+#net.inet.ipcomp.enable=1	# 1=Enable the IPCOMP protocol
+#net.inet.etherip.allow=1	# 1=Enable the Ethernet-over-IP protocol
+#net.inet.tcp.ecn=1		# 1=Enable the TCP ECN extension
+#net.inet.carp.preempt=1	# 1=Enable carp(4) preemption
+#net.inet.carp.log=3		# log level of carp(4) info, default 2
+#net.pipex.enable=1		# 1=Enable pipex(4) for npppd(8)
+#ddb.panic=0			# 0=Do not drop into ddb on a kernel panic
+#ddb.console=1			# 1=Permit entry of ddb from the console
+#fs.posix.setuid=0		# 0=Traditional BSD chown() semantics
+#vm.swapencrypt.enable=0	# 0=Do not encrypt pages that go to swap
+#vfs.nfs.iothreads=4		# Number of nfsio kernel threads
+#net.inet.ip.mtudisc=0		# 0=Disable tcp mtu discovery
+#kern.usercrypto=1		# 1=Enable userland use of /dev/crypto
+#kern.userasymcrypto=1		# 1=Permit userland to do asymmetric crypto
+#kern.splassert=2		# 2=Enable with verbose error messages
+#kern.nosuidcoredump=3		# 3=Put suid coredumps in /var/crash/progname
+#kern.watchdog.period=32	# >0=Enable hardware watchdog(4) timer if available
+#kern.watchdog.auto=0		# 0=Disable automatic watchdog(4) retriggering
+#hw.allowpowerdown=0		# 0=Disable power button shutdown
diff --git a/etc/sysctl.conf b/etc/sysctl.conf
deleted file mode 100644
index c297506d424..00000000000
--- a/etc/sysctl.conf
+++ /dev/null
@@ -1,38 +0,0 @@
-#	$OpenBSD: sysctl.conf,v 1.58 2014/07/11 16:43:07 henning Exp $
-#
-# This file contains a list of sysctl options the user wants set at
-# boot time.  See sysctl(3) and sysctl(8) for more information on
-# the many available variables.
-#
-#net.inet.ip.forwarding=1	# 1=Permit forwarding (routing) of IPv4 packets
-#net.inet.ip.mforwarding=1	# 1=Permit forwarding (routing) of IPv4 multicast packets
-#net.inet.ip.multipath=1	# 1=Enable IP multipath routing
-#net.inet.icmp.rediraccept=1	# 1=Accept ICMP redirects
-#net.inet6.icmp6.rediraccept=1	# 1=Accept IPv6 ICMP redirects (for hosts)
-#net.inet6.ip6.forwarding=1	# 1=Permit forwarding (routing) of IPv6 packets
-#net.inet6.ip6.mforwarding=1	# 1=Permit forwarding (routing) of IPv6 multicast packets
-#net.inet6.ip6.multipath=1	# 1=Enable IPv6 multipath routing
-#net.inet.tcp.always_keepalive=1 # 1=Keepalives for all connections (e.g. hotel/airport NAT)
-#net.inet.tcp.keepidle=100	# 100=send TCP keepalives every 50 seconds
-#net.inet.esp.enable=0		# 0=Disable the ESP IPsec protocol
-#net.inet.ah.enable=0		# 0=Disable the AH IPsec protocol
-#net.inet.esp.udpencap=0	# 0=Disable ESP-in-UDP encapsulation
-#net.inet.ipcomp.enable=1	# 1=Enable the IPCOMP protocol
-#net.inet.etherip.allow=1	# 1=Enable the Ethernet-over-IP protocol
-#net.inet.tcp.ecn=1		# 1=Enable the TCP ECN extension
-#net.inet.carp.preempt=1	# 1=Enable carp(4) preemption
-#net.inet.carp.log=3		# log level of carp(4) info, default 2
-#net.pipex.enable=1		# 1=Enable pipex(4) for npppd(8)
-#ddb.panic=0			# 0=Do not drop into ddb on a kernel panic
-#ddb.console=1			# 1=Permit entry of ddb from the console
-#fs.posix.setuid=0		# 0=Traditional BSD chown() semantics
-#vm.swapencrypt.enable=0	# 0=Do not encrypt pages that go to swap
-#vfs.nfs.iothreads=4		# Number of nfsio kernel threads
-#net.inet.ip.mtudisc=0		# 0=Disable tcp mtu discovery
-#kern.usercrypto=1		# 1=Enable userland use of /dev/crypto
-#kern.userasymcrypto=1		# 1=Permit userland to do asymmetric crypto
-#kern.splassert=2		# 2=Enable with verbose error messages
-#kern.nosuidcoredump=3		# 3=Put suid coredumps in /var/crash/progname
-#kern.watchdog.period=32	# >0=Enable hardware watchdog(4) timer if available
-#kern.watchdog.auto=0		# 0=Disable automatic watchdog(4) retriggering
-#hw.allowpowerdown=0		# 0=Disable power button shutdown