blocklist: Rename blacklist to blocklist
Follow up upstream rename from blacklist to blocklist. - Old names and rc scripts are still valid, but emitting an ugly warning - Old firewall rules and anchor names should work, but emitting an ugly warning - Old MK_BLACKLIST* knobs are wired to the new ones Although care has been taken not to break current configurations, this is a large patch containing mostly duplicated code. If issues arise, it will be swiftly reverted. Reviewed by: ivy (pkgbase) Approved by: emaste (mentor) MFC after: 2 days Relnotes: yes
This commit is contained in:
@@ -981,7 +981,7 @@ since yesterday's check.
|
||||
Space-separated list of additional anchors whose denied packets log entries to
|
||||
show.
|
||||
The main ruleset (i.e., the empty-string anchor) and any
|
||||
.Xr blacklistd 8
|
||||
.Xr blocklistd 8
|
||||
anchors, if present, are always shown.
|
||||
.It Va security_status_pfdenied_period
|
||||
.Pq Vt str
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
|
||||
.Dd September 25, 2025
|
||||
.Dd October 1, 2025
|
||||
.Dt SRC.CONF 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@@ -226,10 +226,15 @@ options provide "full" Relocation Read-Only (RELRO) support.
|
||||
With full RELRO the entire GOT is made read-only after performing relocation at
|
||||
startup, avoiding GOT overwrite attacks.
|
||||
.It Va WITHOUT_BLACKLIST
|
||||
Set this if you do not want to build
|
||||
.Xr blacklistd 8
|
||||
and
|
||||
.Xr blacklistctl 8 .
|
||||
This option has been renamed to
|
||||
.Va WITHOUT_BLOCKLIST .
|
||||
When set, it enforces these options:
|
||||
.Pp
|
||||
.Bl -item -compact
|
||||
.It
|
||||
.Va WITHOUT_BLOCKLIST
|
||||
.El
|
||||
.Pp
|
||||
When set, these options are also in effect:
|
||||
.Pp
|
||||
.Bl -inset -compact
|
||||
@@ -237,10 +242,36 @@ When set, these options are also in effect:
|
||||
(unless
|
||||
.Va WITH_BLACKLIST_SUPPORT
|
||||
is set explicitly)
|
||||
.It Va WITHOUT_BLOCKLIST_SUPPORT
|
||||
(unless
|
||||
.Va WITH_BLOCKLIST_SUPPORT
|
||||
is set explicitly)
|
||||
.El
|
||||
.It Va WITHOUT_BLACKLIST_SUPPORT
|
||||
This option has been renamed to
|
||||
.Va WITHOUT_BLOCKLIST_SUPPORT .
|
||||
When set, it enforces these options:
|
||||
.Pp
|
||||
.Bl -item -compact
|
||||
.It
|
||||
.Va WITHOUT_BLOCKLIST_SUPPORT
|
||||
.El
|
||||
.It Va WITHOUT_BLOCKLIST
|
||||
Set this if you do not want to build
|
||||
.Xr blocklistd 8
|
||||
and
|
||||
.Xr blocklistctl 8 .
|
||||
When set, these options are also in effect:
|
||||
.Pp
|
||||
.Bl -inset -compact
|
||||
.It Va WITHOUT_BLOCKLIST_SUPPORT
|
||||
(unless
|
||||
.Va WITH_BLOCKLIST_SUPPORT
|
||||
is set explicitly)
|
||||
.El
|
||||
.It Va WITHOUT_BLOCKLIST_SUPPORT
|
||||
Build some programs without
|
||||
.Xr libblacklist 3
|
||||
.Xr libblocklist 3
|
||||
support, like
|
||||
.Xr fingerd 8
|
||||
and
|
||||
|
||||
@@ -27,6 +27,7 @@ LIBAVL?= ${LIBDESTDIR}${LIBDIR_BASE}/libavl.a
|
||||
LIBBE?= ${LIBDESTDIR}${LIBDIR_BASE}/libbe.a
|
||||
LIBBEGEMOT?= ${LIBDESTDIR}${LIBDIR_BASE}/libbegemot.a
|
||||
LIBBLACKLIST?= ${LIBDESTDIR}${LIBDIR_BASE}/libblacklist.a
|
||||
LIBBLOCKLIST?= ${LIBDESTDIR}${LIBDIR_BASE}/libblocklist.a
|
||||
LIBBLOCKSRUNTIME?= ${LIBDESTDIR}${LIBDIR_BASE}/libBlocksRuntime.a
|
||||
LIBBLUETOOTH?= ${LIBDESTDIR}${LIBDIR_BASE}/libbluetooth.a
|
||||
LIBBSDXML?= ${LIBDESTDIR}${LIBDIR_BASE}/libbsdxml.a
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
# avoid duplication
|
||||
DIRDEPS.AUDIT.yes= lib/libbsm
|
||||
DIRDEPS.BLACKLIST_SUPPORT.yes+= lib/libblacklist
|
||||
DIRDEPS.BLOCKLIST_SUPPORT.yes+= lib/libblocklist
|
||||
DIRDEPS.CASPER.yes+= lib/libcasper/libcasper
|
||||
DIRDEPS.GSSAPI.yes+= lib/libgssapi
|
||||
DIRDEPS.JAIL.yes+= lib/libjail
|
||||
|
||||
@@ -264,8 +264,12 @@ _LIBRARIES+= \
|
||||
|
||||
.if ${MK_BLACKLIST} != "no"
|
||||
_LIBRARIES+= \
|
||||
blacklist \
|
||||
blacklist
|
||||
.endif
|
||||
|
||||
.if ${MK_BLOCKLIST} != "no"
|
||||
_LIBRARIES+= \
|
||||
blocklist
|
||||
.endif
|
||||
|
||||
.if ${MK_OFED} != "no"
|
||||
@@ -319,6 +323,9 @@ _DP_zstd= pthread
|
||||
.if ${MK_BLACKLIST} != "no"
|
||||
_DP_blacklist+= pthread
|
||||
.endif
|
||||
.if ${MK_BLOCKLIST} != "no"
|
||||
_DP_blocklist+= pthread
|
||||
.endif
|
||||
_DP_crypto= pthread
|
||||
# See comment by _DP_archive above
|
||||
.if ${.MAKE.OS} == "FreeBSD" || !defined(BOOTSTRAPPING)
|
||||
@@ -865,6 +872,7 @@ LIBGTESTDIR= ${_LIB_OBJTOP}/lib/googletest/gtest
|
||||
LIBGTEST_MAINDIR= ${_LIB_OBJTOP}/lib/googletest/gtest_main
|
||||
LIBALIASDIR= ${_LIB_OBJTOP}/lib/libalias/libalias
|
||||
LIBBLACKLISTDIR= ${_LIB_OBJTOP}/lib/libblacklist
|
||||
LIBBLOCKLISTDIR= ${_LIB_OBJTOP}/lib/libblocklist
|
||||
LIBBLOCKSRUNTIMEDIR= ${_LIB_OBJTOP}/lib/libblocksruntime
|
||||
LIBBSNMPDIR= ${_LIB_OBJTOP}/lib/libbsnmp/libbsnmp
|
||||
LIBCASPERDIR= ${_LIB_OBJTOP}/lib/libcasper/libcasper
|
||||
|
||||
@@ -66,6 +66,7 @@ __DEFAULT_YES_OPTIONS = \
|
||||
AUTOFS \
|
||||
BHYVE \
|
||||
BLACKLIST \
|
||||
BLOCKLIST \
|
||||
BLUETOOTH \
|
||||
BOOT \
|
||||
BOOTPARAMD \
|
||||
@@ -242,6 +243,7 @@ __LIBC_MALLOC_DEFAULT= jemalloc
|
||||
#
|
||||
.for var in \
|
||||
BLACKLIST \
|
||||
BLOCKLIST \
|
||||
BZIP2 \
|
||||
INET \
|
||||
INET6 \
|
||||
@@ -391,6 +393,14 @@ MK_SOURCELESS_HOST:= no
|
||||
MK_SOURCELESS_UCODE:= no
|
||||
.endif
|
||||
|
||||
.if ${MK_BLACKLIST} == "no"
|
||||
MK_BLOCKLIST:= no
|
||||
.endif
|
||||
|
||||
.if ${MK_BLACKLIST_SUPPORT} == "no"
|
||||
MK_BLOCKLIST_SUPPORT:= no
|
||||
.endif
|
||||
|
||||
.if ${MK_CDDL} == "no"
|
||||
MK_CTF:= no
|
||||
MK_DTRACE:= no
|
||||
|
||||
Reference in New Issue
Block a user