| Age | Commit message (Collapse) | Author |
|---|
|
|
|
interface created by the driver.
|
|
/usr/bin/fusermount is executable.
|
|
|
|
|
|
|
|
The SSH blacklists were committed 5 years ago and the
original contributor does not recall why they were added.
|
|
|
|
|
|
|
|
Use the best local address for the reply to this arp request.
This avoids ARP flux when arp requests for the VIP are received by
the parent interface.
|
|
Use correct path /sbin/xtables-multi
|
|
|
|
Make sure permissions are corrected.
|
|
Bug 8279
Put prefix table in /opt/vyatta/etc/netdevice
|
|
The previous implementation of log rotation used an hourly cron job to
check log file size and possibly perform a rotation. If the logging
rate is high, this interval may allow for root file system space
exhustion.
Utilizing rsyslog's outchannel mechanism enables log rotation to be
initiated as soon as the log file becomes larger than its configured
size.
Fixes Bug 7807.
|
|
|
|
Need to allow netlink applications (like Quagga) to set large receive
buffering. This fixes regression since it was set large back in Glendale.
|
|
default of 1
|
|
File is copied not expanded by shell
|
|
Bug 6916
Rather than editing /etc/sudoers which can lead to package conflicts,
put Vyatta specific changes into a separate file.
|
|
the packet interface so dumpcap needs cap_net_raw and cap_net_admin
|
|
Set capability bit on more rmmod and more capabilities for sysctl
|
|
Bug 7095
Always keep /var/log/auth.log to allow for 'show log authorization'
|
|
Can't do it early in boot because ipv6 module may not be loaded.
|
|
Bug 6681
Default configuration for IPV6 max routes is too small
|
|
Bug 6663
(cherry picked from commit fa7d81f125033b7ed4bd549eb6905918612a6877)
|
|
Previously, log file rotation was checked by cron daily. Some log
file -- such as those generated by PPP -- can grow rapidly. Such
infrequent checking can lead to running out of disk space on systems
with small disk drives or flash storage. This change checks for
rotation hourly.
|
|
This reverts commit c2c15ef2d6a85d40e778a0d84f243d2ae99c56ba.
|
|
If cpufrequtils is installed, then want the default to be full performance.
|
|
Avoid calling vyatta_net_name on vlan's
|
|
|
|
Bug 6379
Just leave vlan and other pseudo-interface names alone.
|
|
Use existing config parser and perl to handle udev device naming.
Do renaming early in udev boot, and fixup config file later.
This avoids rescanning udev devices on boot and adds preliminary
support for hotplug.
|
|
This fixes case where rsyslog finds no targets on boot
|
|
Kernel messages and repeated message option
|
|
Configuration file is /etc/rsyslog.conf and it is supports
directory of include parameters so do not need to edit
rsyslog.conf directly
|
|
Udev rules have moved from /etc/udev to /lib/udev on Debian Squeeze
|
|
Other udev scripts may have configured the device name before
the Vyatta script runs. Use the convention followed by the
standard persistent network name script; only applly name rules
if interface does not already have name assigned.
|
|
* second udev invocation now has ACTION "change" in squeeze.
* DRIVERS no longer available from squeeze udev.
|
|
* as discussed, remove the wireless rule that causes warning
|
|
|
|
For serviceablity put core files in /var/core.
But core file will still not be created unless process is running
with permission to write there, and has ulimit permission.
|
|
Unionfs should copyup the xattr automatically, but it doesn't
so use touch to force a copyup before setting attributes.
|
|
|
|
Not using auditing for command logging.
|
|
Ping is already setuid root.
|
|
|
|
This sets file capability attributes during package
installation (and build) to allow better security models.
|
|
Instead of white-listing special system users, just go with the
Debian policy that all users with uid < 1000 are system accounts
|
