| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Changes:
- Locale names have been renamed ru_SU* -> ru_RU*, ru_SU* now are symlinks
- Fixed some minor bugs
- Now a new record is added to each accounting file after reconfiguration
- Now ipa(8) and ipastat(8) do not use database locking feature by default
- All manual pages were updated to reflect changes in IPA
- The -u switch was removed from and the -L switch was added to ipastat(8)
- All code of ipa(8) was revised, now ipa(8) tests directories and
files in the database more carefully
- Several bugs and memory leak with the "db_dir" parameter were fixed
- Added new parameter "db_group"
- Parameters "acl", "db_owner", "db_perm" have been removed
Package changes:
- added some HTTP and FTP mirrors;
- removed installation of ${DSTEXAMPLEDIR} directory, because it is
installed from the port's Makefile;
- updated DESCR to reflect current state of IPA.
|
|
|
|
|
|
|
|
- Honor PKG_SYSCONFDIR and use bsd.pkg.install.mk to handle config files
and rc.d scripts.
- Memory access fixes.
- Now '{', '}', '#' and ';' characters are not allowed for naming
rules and limits.
*** SECURITY UPDATE ***
Removed SUID bit from ipastat(8) due to security problems (and don't
even try to set it back). Admins who use the "db_owner" parameter
*and* use some safe user/group, *and* didn't forget to set the same
safe user/group for the ipastat(8) program, as it was said in the
SECURITY NOTE on the ipastat(8) manual page, should not worry a lot.
Admins who ignored that SECURITY NOTE should double check the security
of their systems and change all passwords, secrets keys, etc. if you
think that somebody cracked your systems by ipastat(8).
|
|
|
|
* added NO_PACKAGE as this must be built for each host
Changes since 1.1.6:
- Added new switch to ipastat(8): -x, treat rule names as POSIX
regular expressions
- Added new switch to ipastat(8): -p <time-back>
- Added new switch to ipastat(8): -k, assume that 1k is equal to 1000 bytes
- Now it is possible to use abbreviated month names in -i and -I options
in ipastat(8)
- Now it is possible to run from the ipa(8)'s command line commands from
"reach" and "expire" sections
- Added new section "include" and new parameter "debug_include" to
the configuration file, also two switches "-tt" for ipa(8) have new sense
- bug fixes
|
|
rmdir -> ${RMDIR}
rm -> ${RM} (${RM} added to PLIST_SUBST)
chmod -> ${CHMOD}
chown -> ${CHOWN}
|
|
|
|
Andrey Simonenko in PR/14281.
IPA allows to make IP accounting (network accounting) based on
IP Filter accounting rules on NetBSD, OpenBSD and FreeBSD.
It supports limits for accounting rules and limits events as
"limit is reached", "reached limit is expired", etc. It understands
time intervals like "end of day", "end of week", "end of month", etc.
There is a special viewer for accounting database and access control
lists which allow or disallow one to view accounting information
for rules.
|
