HardenedBSD/sbin/devd/devd.conf
Warner Losh 6f6f0f286b Remove gratuitous use of '' around arguments
There's no need to use ' here, so remove it. This use causes no
problems, but is a bad example.
2020-10-09 15:45:34 +00:00

337 lines
9.7 KiB
Plaintext

# $FreeBSD$
#
# Refer to devd.conf(5) and devd(8) man pages for the details on how to
# run and configure devd.
#
# NB: All regular expressions have an implicit ^$ around them.
# NB: device-name is shorthand for 'match device-name'
options {
# Each "directory" directive adds a directory to the list of
# directories that we scan for files. Files are loaded in the order
# that they are returned from readdir(3). The rule-sets are combined
# to create a DFA that's used to match events to actions.
directory "/etc/devd";
directory "/usr/local/etc/devd";
pid-file "/var/run/devd.pid";
# Setup some shorthand for regex that we use later in the file.
#XXX Yes, these are gross -- imp
set scsi-controller-regex
"(aac|aacraid|ahc|ahd|amr|ciss|\
esp|ida|iir|ips|isp|mlx|mly|mpr|mps|mpt|sym|trm)\
[0-9]+";
set wifi-driver-regex
"(ath|bwi|bwn|ipw|iwi|iwm|iwn|malo|mwl|otus|ral|rsu|rtwn|rum|\
run|uath|upgt|ural|urtw|wi|wpi|wtap|zyd)[0-9]+";
};
# Note that the attach/detach with the highest value wins, so that one can
# override these general rules.
#
# Configure the interface on attach. Due to a historical accident, this
# script is called pccard_ether. We omit the usbus devices because those
# devices are assocaited with the USB Bus and provide an ifnet device to
# allow usb traffic to be captured with usbdump(8).
#
# NB: DETACH events are ignored; the kernel should handle all cleanup
# (routes, arp cache). Beware of races against immediate create
# of a device with the same name; e.g.
# ifconfig bridge0 destroy; ifconfig bridge0 create
#
notify 0 {
match "system" "IFNET";
match "subsystem" "!(usbus|wlan)[0-9]+";
match "type" "ATTACH";
action "/etc/pccard_ether $subsystem start";
};
#
# Try to start dhclient on Ethernet-like interfaces when the link comes
# up. Only devices that are configured to support DHCP will actually
# run it. No link down rule exists because dhclient automatically exits
# when the link goes down.
#
notify 0 {
match "system" "IFNET";
match "type" "LINK_UP";
media-type "ethernet";
action "service dhclient quietstart $subsystem";
};
#
# Like Ethernet devices, but separate because 802.11 require spawning
# wlan(4) interface.
#
attach 0 {
device-name "$wifi-driver-regex";
action "/etc/pccard_ether $device-name startchildren";
};
detach 0 {
device-name "$wifi-driver-regex";
action "/etc/pccard_ether $device-name stopchildren";
};
notify 0 {
match "system" "IFNET";
match "type" "LINK_UP";
media-type "802.11";
action "service dhclient quietstart $subsystem";
};
# An entry like this might be in a different file, but is included here
# as an example of how to override things. Normally 'ed50' would match
# the above attach/detach stuff, but the value of 100 makes it
# hard wired to 1.2.3.4.
attach 100 {
device-name "ed50";
action "ifconfig $device-name inet 1.2.3.4 netmask 0xffff0000";
};
detach 100 {
device-name "ed50";
};
# When a USB Bluetooth dongle appears, activate it
attach 100 {
device-name "ubt[0-9]+";
action "service bluetooth quietstart $device-name";
};
detach 100 {
device-name "ubt[0-9]+";
action "service bluetooth quietstop $device-name";
};
# Firmware downloader for Atheros AR3011 based USB Bluetooth devices
#attach 100 {
# match "vendor" "0x0cf3";
# match "product" "0x3000";
# action "sleep 2 && /usr/sbin/ath3kfw -d $device-name -f /usr/local/etc/ath3k-1.fw";
#};
# When a USB keyboard arrives, attach it as the console keyboard.
attach 100 {
device-name "ukbd0";
action "service syscons setkeyboard /dev/ukbd0";
};
detach 100 {
device-name "ukbd0";
action "service syscons setkeyboard /dev/kbd0";
};
notify 100 {
match "system" "DEVFS";
match "subsystem" "CDEV";
match "type" "CREATE";
match "cdev" "atp[0-9]+";
action "service moused quietstart $cdev";
};
notify 100 {
match "system" "DEVFS";
match "subsystem" "CDEV";
match "type" "CREATE";
match "cdev" "ums[0-9]+";
action "service moused quietstart $cdev";
};
notify 100 {
match "system" "DEVFS";
match "subsystem" "CDEV";
match "type" "CREATE";
match "cdev" "wsp[0-9]+";
action "service moused quietstart $cdev";
};
notify 100 {
match "system" "DEVFS";
match "subsystem" "CDEV";
match "type" "DESTROY";
match "cdev" "ums[0-9]+";
action "service moused stop $cdev";
};
# This entry starts the ColdSync tool in daemon mode. Make sure you have an up
# to date /usr/local/etc/palms. We override the 'listen' settings for port and
# type in /usr/local/etc/coldsync.conf.
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x082d";
match "product" "0x0100";
match "release" "0x0100";
action "/usr/local/bin/coldsync -md -p /dev/$cdev -t usb";
};
#
# Rescan SCSI device-names on attach, but not detach. However, it is
# disabled by default due to reports of problems.
#
attach 0 {
device-name "$scsi-controller-regex";
// action "camcontrol rescan all";
};
# Don't even try to second guess what to do about drivers that don't
# match here. Instead, pass it off to syslog. Commented out for the
# moment, as the pnpinfo variable isn't set in devd yet. Individual
# variables within the bus supplied pnpinfo are set.
nomatch 0 {
# action "logger Unknown device: $pnpinfo $location $bus";
};
# Various logging of unknown devices.
nomatch 10 {
match "bus" "uhub[0-9]+";
action "logger Unknown USB device: vendor $vendor product $product \
bus $bus";
};
# Some PC-CARDs don't offer numerical manufacturer/product IDs, just
# show the CIS info there.
nomatch 20 {
match "bus" "pccard[0-9]+";
match "manufacturer" "0xffffffff";
match "product" "0xffffffff";
action "logger Unknown PCCARD device: CISproduct $cisproduct \
CIS-vendor $cisvendor bus $bus";
};
nomatch 10 {
match "bus" "pccard[0-9]+";
action "logger Unknown PCCARD device: manufacturer $manufacturer \
product $product CISproduct $cisproduct CIS-vendor \
$cisvendor bus $bus";
};
nomatch 10 {
match "bus" "cardbus[0-9]+";
action "logger Unknown Cardbus device: device $device class $class \
vendor $vendor bus $bus";
};
# Switch power profiles when the AC line state changes.
notify 10 {
match "system" "ACPI";
match "subsystem" "ACAD";
action "service power_profile $notify";
};
# Notify all users before beginning emergency shutdown when we get
# a _CRT or _HOT thermal event and we're going to power down the system
# very soon.
notify 10 {
match "system" "ACPI";
match "subsystem" "Thermal";
match "notify" "0xcc";
action "logger -p kern.emerg WARNING: system temperature too high, shutting down soon!";
};
# User requested suspend, so perform preparation steps and then execute
# the actual suspend process.
notify 10 {
match "system" "ACPI";
match "subsystem" "Suspend";
action "/etc/rc.suspend acpi $notify";
};
notify 10 {
match "system" "ACPI";
match "subsystem" "Resume";
action "/etc/rc.resume acpi $notify";
};
/* EXAMPLES TO END OF FILE
# An example of something that a vendor might install if you were to
# add their device. This might reside in /usr/local/etc/devd/deqna.conf.
# A deqna is, in this hypothetical example, a pccard ethernet-like device.
# Students of history may know other devices by this name, and will get
# the in-jokes in this entry.
nomatch 10 {
match "bus" "pccard[0-9]+";
match "manufacturer" "0x1234";
match "product" "0x2323";
action "kldload -n if_deqna";
};
attach 10 {
device-name "deqna[0-9]+";
action "/etc/pccard_ether $device-name start";
};
detach 10 {
device-name "deqna[0-9]+";
action "/etc/pccard_ether $device-name stop";
};
# Examples of notify hooks. A notify is a generic way for a kernel
# subsystem to send event notification to userland.
# Here are some examples of ACPI notify handlers. ACPI subsystems that
# generate notifies include the AC adapter, power/sleep buttons,
# control method batteries, lid switch, and thermal zones.
#
# Information returned is not always the same as the ACPI notify
# events. See the ACPI specification for more information about
# notifies. Here is the information returned for each subsystem:
#
# ACAD: AC line state (0 is offline, 1 is online)
# Button: Button pressed (0 for power, 1 for sleep)
# CMBAT: ACPI battery events
# Lid: Lid state (0 is closed, 1 is open)
# Suspend, Resume: Suspend and resume notification
# Thermal: ACPI thermal zone events
#
# This example calls a script when the AC state changes, passing the
# notify value as the first argument. If the state is 0x00, it might
# call some sysctls to implement economy mode. If 0x01, it might set
# the mode to performance.
notify 10 {
match "system" "ACPI";
match "subsystem" "ACAD";
action "/etc/acpi_ac $notify";
};
# This example works around a memory leak in PostgreSQL, restarting
# it when the "user:postgres:swap:devctl=1G" rctl(8) rule gets triggered.
notify 0 {
match "system" "RCTL";
match "rule" "user:770:swap:.*";
action "service postgresql restart";
};
# Discard autofs caches, useful for the -media special map.
notify 100 {
match "system" "GEOM";
match "subsystem" "DEV";
action "/usr/sbin/automount -c";
};
# Handle userland coredumps.
# This commented out handler makes it possible to run an
# automated debugging session after the core dump is generated.
# Replace action with a proper coredump handler, but be aware that
# it will run with elevated privileges.
notify 10 {
match "system" "kernel";
match "subsystem" "signal";
match "type" "coredump";
action "logger $comm $core";
};
# Let the init(8) know there's a new USB serial interface it might
# want to run getty(8) for. This includes device-side tty created
# by usb_template(4).
notify 100 {
match "system" "DEVFS";
match "subsystem" "CDEV";
match "type" "CREATE";
match "cdev" "ttyU[0-9]+";
action "/sbin/init q";
};
*/