firewalld: fix firewall-cmd dependency

This should be "program" instead of "program start".

.gitignore

@@ -0,0 +1,16 @@
+*.bz2
+
+*.diff
+*.patch
+*.orig
+*.rej
+
+core
+.gdb_history
+.gdbinit
+
+.depend
+*.a
+*.o
+*.So
+lib*.so

FEATURE-REMOVAL-SCHEDULE

@@ -0,0 +1,49 @@
+The following is a list of files and features that are going to be removed in
+the source tree.  Every entry should contain what exactly is going away, why it
+is happening, and who is going to be doing the work.  When the feature is
+removed, it should also be removed from this file.
+
+---------------------------
+
+What: oldnet ADSL rp-pppoe mode
+
+When: undecided
+
+Why: Replaced by the oldnet PPP module
+
+Who:  Robin H. Johnson <robbat2@gentoo.org>
+
+---------------------------
+
+What: oldnet /etc/conf.d/wireless
+
+When: undecided
+
+Why: All configuration moved to /etc/conf.d/net
+
+Who:  Robin H. Johnson <robbat2@gentoo.org>
+
+---------------------------
+
+What: Service pause action
+
+When: Removed already, compatbility warning in place.
+
+Why: ...
+
+Who:
+
+---------------------------
+
+What: Service --startas, --chuid , --oknodo
+
+When: undecided
+
+Why: Obsolete or replaced by other options.
+	 --startas => use --name or --exec
+	 --chuid => use --user
+	 --oknodo => ignore return code instead
+
+Who:
+
+---------------------------

Makefile

@@ -0,0 +1,32 @@
+# OpenRC Makefile
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+include Makefile.inc
+
+SUBDIR=		conf.d doc etc init.d local.d sysctl.d man net scripts sh src
+
+# Build pkgconfig or not
+MKPKGCONFIG?=	yes
+ifeq (${MKPKGCONFIG},yes)
+SUBDIR+=	pkgconfig
+endif
+
+# We need to ensure that runlevels is done last
+SUBDIR+=	runlevels
+
+INSTALLAFTER=	_installafter
+
+MK= 		mk
+include ${MK}/sys.mk
+include ${MK}/os.mk
+include ${MK}/subdir.mk
+include ${MK}/dist.mk
+include ${MK}/git.mk
+
+_installafter:
+ifneq ($(OS),Linux)
+	${INSTALL} -d ${DESTDIR}/${LIBEXECDIR}/init.d
+endif
+	${INSTALL} -d ${DESTDIR}/${LIBEXECDIR}/tmp
+	${ECHO} "${VERSION}${GITVER}" > ${DESTDIR}/${LIBEXECDIR}/version

Makefile.inc

@@ -0,0 +1,3 @@
+NAME=		openrc
+VERSION=	0.10
+PKG=		${NAME}-${VERSION}

README

@@ -0,0 +1,84 @@
+OpenRC README
+
+
+Installation
+------------
+make install
+Yup, that simple. Works with GNU make.
+
+You may wish to tweak the installation with the below arguments
+PROGLDFLAGS=-static
+LIBNAME=lib64
+DESTDIR=/tmp/openrc-image
+MKPAM=pam
+MKPKGCONFIG=no
+MKSELINUX=yes
+MKSTATICLIBS=no
+MKTERMCAP=ncurses
+MKTERMCAP=termcap
+PKG_PREFIX=/usr/pkg
+LOCAL_PREFIX=/usr/local
+PREFIX=/usr/local
+
+We don't support building a static OpenRC with PAM.
+You may need to use PROGLDFLAGS=-Wl,-Bstatic on glibc instead of just -static.
+If you debug memory under valgrind, add -DDEBUG_MEMORY to your CPPFLAGS
+so that all malloc memory should be freed at exit.
+
+You can also brand OpenRC if you so wish like so
+BRANDING=\"Gentoo/$(uname -s)\"
+
+PKG_PREFIX should be set to where packages install to by default.
+LOCAL_PREFIX should be set when to where user maintained packages are.
+Only set LOCAL_PREFIX if different from PKG_PREFIX.
+PREFIX should be set when OpenRC is not installed to /.
+
+If any of the following files exist then we do not overwrite them
+/etc/devd.conf
+/etc/rc
+/etc/rc.shutdown
+/etc/conf.d/*
+
+rc and rc.shutdown are the hooks from the BSD init into OpenRC.
+devd.conf is modified from FreeBSD to call /etc/rc.devd which is a generic
+hook into OpenRC.
+inittab is the same, but for SysVInit as used by most Linux distributions.
+This can be found in the support folder.
+Obviously, if you're installing this onto a system that does not use OpenRC
+by default then you may wish to backup the above listed files, remove them
+and then install so that the OS hooks into OpenRC.
+
+init.d.misc is not installed by default as the scripts will need
+tweaking on a per distro basis. They are also non essential to the operation
+of the system.
+
+
+Reporting Bugs
+--------------
+Since Gentoo Linux is hosting OpenRC development, Bugs should go to
+the Gentoo Bugzilla:
+	http://bugs.gentoo.org/
+They should be filed under the "Gentoo Hosted Projects" product and
+the "openrc" component.
+
+
+History - by Roy Marples
+------------------------
+I became a Gentoo/Linux developer in 2004 and wrote the modular network
+scripts for the Gentoo baselayout package. baselayout is a collection of
+bash scripts to bring up your computer and its services.
+Then towards the end of 2005 I found myself as the primary maintainer
+for baselayout.
+
+At the start of 2007, baselayout-2 is announced to the world, re-writing the
+core of baselayout in C and allowing POSIX sh init scripts instead of
+forcing the use of bash. By Mid 2007 I have re-written everything, including
+init scripts, and alpha and pre baselayout-2 snapshots where put into Gentoo.
+Towards the end of 2007 I retired as a Gentoo developer for reasons I won't
+go into here. baselayout-2 was still in the pre stage, and aside from the
+fbsd users, it was masked everywhere. However, I also desired to keep the
+baselayout-2 project alive, but outside of Gentoo and into other projects
+such as FreeBSD.
+
+As such, the Gentoo Council have allowed the creation of OpenRC under the
+2 clause BSD license, managed by me as an external project.

STYLE

@@ -0,0 +1,85 @@
+This is the openrc style manual.  It governs the coding style of all code
+in this repository.  Follow it.  Contact openrc@gentoo.org for any questions
+or fixes you might notice.
+
+##########
+# C CODE #
+##########
+
+The BSD Kernel Normal Form (KNF) style is used:
+	http://en.wikipedia.org/wiki/Indent_style#BSD_KNF_style
+Basically, it's like K&R/LKML, but wrapped lines that are indented use 4 spaces.
+
+Highlights:
+	- no trailing whitespace
+	- indented code use tabs (not line wrapped)
+	- cuddle the braces (except for functions)
+	- space after native statements and before paren (for/if/while/...)
+	- no space between function and paren
+	- pointer asterisk cuddles the variable, not the type
+
+void foo(int c)
+{
+	int ret = 0;
+
+	if (c > 1000)
+		return;
+
+	while (c--) {
+		bar(c);
+		ret++;
+	}
+
+	return ret;
+}
+
+##################
+# COMMIT MESSAGES #
+##################
+
+The following is an example of a correctly formatted git commit message
+for this repository. Most of this information came from this blog post
+[1], so I would like to thank the author.
+
+### cut here ###
+Capitalized, short (50 chars or less) summary
+
+More detailed explanatory text, if necessary.  Wrap it to about 72
+characters or so.  In some contexts, the first line is treated as the
+subject of an email and the rest of the text as the body.  The blank
+line separating the summary from the body is critical (unless you omit
+the body entirely); tools like rebase can get confused if you run the
+two together.
+
+Write your commit message in the present tense: "Fix bug" and not "Fixed
+bug."  This convention matches up with commit messages generated by
+commands like git merge and git revert.
+
+Further paragraphs come after blank lines.
+
+- Bullet points are okay, too
+
+- Typically a hyphen or asterisk is used for the bullet, preceded by a
+  single space, with blank lines in between, but conventions vary here
+
+- Use a hanging indent
+
+Reported-by: User Name <email>
+X-[Distro]-Bug: BugID
+X-[Distro]-Bug-URL: URL for the bug (on the distribution's web site typically)
+### cut here ###
+
+If you did not write the code and the patch does not include authorship
+information in a format git can use, please use the --author option of the
+git commit command to make the authorship correct.
+
+The Reported-by tag is required if the person who reported the bug is
+different from the author and committer.
+
+  The X-[Distro]-Bug/Bug-URL tags are required if this commit is related
+  to a bug reported to us by a specific distribution   of linux or a
+  *BSD. Also, [Distro] should be replaced with the name of the
+  distribution, e.g. X-Gentoo-Bug.
+
+[1] http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
+

TODO

@@ -0,0 +1,21 @@
+- ensure all forks block, restore and unblock signals. needs review
+
+- add support somehow for optional translations
+
+- oldnet[bridging]: Review setting of bridge configuration on dynamic interface add
+
+- Document rc-depend binary.
+
+- _ifindex is not a reliable means of calculating metrics:
+	_ifindex is used for calculating metrics for new devices but has a major
+	problem: Since it's only the nth entry in /proc/net/dev
+	And devices may be removed from that file, and reordered, you won't always
+	get the same result.
+	If you do:
+	- add eth0 - _ifindex (eth0=0)
+	- add vlan1 - _ifindex (eth0=0,vlan1=1)
+	- add vlan2 - _ifindex (eth0=0,vlan1=1,vlan2=2)
+	- rem vlan1 - _ifindex (eth0=0,vlan2=1)
+	- add vlan3 - _ifindex (eth0=0,vlan2=1,vlan3=2)
+	Now your routing table has entries for both vlan2 and vlan3 with a metric of 2.
+

conf.d/.gitignore

@@ -0,0 +1,2 @@
+network
+staticroute

conf.d/Makefile

@@ -0,0 +1,23 @@
+DIR=	${CONFDIR}
+CONF=	bootmisc fsck hostname localmount network staticroute urandom \
+	${CONF-${OS}}
+
+TARGETS+=	network staticroute
+CLEANFILES+=	network staticroute
+
+MK=	../mk
+include ${MK}/os.mk
+
+CONF-FreeBSD=	ipfw moused powerd rarpd savecore syscons
+
+CONF-Linux=	consolefont dmesg hwclock keymaps killprocs modules
+
+CONF-NetBSD=	moused rarpd savecore
+
+include ${MK}/scripts.mk
+
+network: network.in network${SFX}
+	cat $^ > $@
+
+staticroute: staticroute${SFX}
+	cp $@${SFX} $@

conf.d/adjkerntz

@@ -0,0 +1,10 @@
+# Set CLOCK to "UTC" if your system clock is set to UTC (also known as
+# Greenwich Mean Time).  If your clock is set to the local time, then
+# set CLOCK to "local".  Note that if you dual boot with Windows, then
+# you should set it to "local".
+clock="UTC"
+
+# If you want to set the Hardware Clock to the current System Time
+# during shutdown, then say "YES" here.
+# You normally don't need to do this if you run a ntp daemon.
+clock_systohc="NO"

conf.d/bootmisc

@@ -0,0 +1,10 @@
+# List of /tmp directories we should clean up
+clean_tmp_dirs="/tmp"
+
+# Should we wipe the tmp paths completely or just selectively remove known
+# locks / files / etc... ?
+wipe_tmp="YES"
+
+# Write the initial dmesg log into /var/log/dmesg after boot
+# This may be useful if you need the kernel boot log afterwards
+log_dmesg="YES"

conf.d/consolefont

@@ -0,0 +1,18 @@
+# The consolefont service is not activated by default. If you need to
+# use it, you should run "rc-update add consolefont boot" as root.
+#
+# consolefont specifies the default font that you'd like Linux to use on the
+# console.  You can find a good selection of fonts in /usr/share/consolefonts;
+# you shouldn't specify the trailing ".psf.gz", just the font name below.
+# To use the default console font, comment out the CONSOLEFONT setting below.
+consolefont="default8x16"
+
+# consoletranslation is the charset map file to use.  Leave commented to use
+# the default one.  Have a look in /usr/share/consoletrans for a selection of
+# map files you can use.
+#consoletranslation="8859-1_to_uni"
+
+# unicodemap is the unicode map file to use. Leave commented to use the
+# default one. Have a look in /usr/share/unimaps for a selection of map files
+# you can use.
+#unicodemap="iso01"

conf.d/dmesg

@@ -0,0 +1,3 @@
+# Sets the level at which logging of messages is done to the
+# console.  See dmesg(8) for more info.
+dmesg_level="1"

conf.d/fsck

@@ -0,0 +1,34 @@
+# Pass any arguments to fsck.
+# By default we preen.
+# Linux systems also force -C0 and -T.
+# If fsck_args is not specified then Linux systems also use -A
+# (and -R if / is rw)
+#fsck_args="-p"
+
+# We can also specify the passno in /etc/fstab to check
+# If you multiplex fsck (ie ln -s fsck /etc/init.d/fsck.late) then you can
+# do an fsck outside of the normal scope, say for /home.
+# Here are some exampes:-
+#fsck_passno="=1 =2"
+#fsck_passno=">1"
+#fsck_passno="<2"
+
+# If passno is not enough granularity, you can also specify mountpoints to
+# check. This should NOT be used for the default non-multiplexed fsck, or your
+# system might not be checked. Additionally, it is mutually exclusive with
+# the fsck_passno setting.
+#fsck_mnt=""
+#fsck_mnt="/home"
+
+# Most modern fs's don't require a full fsck on boot, but for those that do
+# it may be advisable to skip this when running on battery.
+# WARNING: Do not turn this off if you have any JFS partitions.
+fsck_on_battery="YES"
+
+# fsck_shutdown causes fsck to trigger during shutdown as well as startup.
+# The end result of this is that if any periodic non-root filesystem checks are
+# scheduled, under normal circumstances the actual check will happen during
+# shutdown rather than at next boot.
+# This is useful when periodic filesystem checks are causing undesirable
+# delays at startup, but such delays at shutdown are acceptable.
+fsck_shutdown="NO"

conf.d/hostname

@@ -0,0 +1,2 @@
+# Set to the hostname of this machine
+hostname="localhost"

conf.d/hwclock

@@ -0,0 +1,20 @@
+# Set CLOCK to "UTC" if your Hardware Clock is set to UTC (also known as
+# Greenwich Mean Time).  If that clock is set to the local time, then
+# set CLOCK to "local".  Note that if you dual boot with Windows, then
+# you should set it to "local".
+clock="UTC"
+
+# If you want the hwclock script to set the system time (software clock)
+# to match the current hardware clock during bootup, leave this
+# commented out.
+# However, you can set this to "NO" ifyou are running a modern kernel
+# with CONFIG_RTC_HCTOSYS set to y and your hardware clock set to UTC.
+#clock_hctosys="YES"
+
+# If you do not want to set the hardware clock to the current system
+# time (software clock) during shutdown, set this to no.
+#clock_systohc="YES"
+
+# If you wish to pass any other arguments to hwclock during bootup,
+# you may do so here. Alpha users may wish to use --arc or --srm here.
+clock_args=""

conf.d/ipfw

@@ -0,0 +1,14 @@
+# ipfw provides a stateful firewall.
+# This means we allow everything out, and if we have a connection we allow it
+# back in. This is very flexable and quite secure.
+
+# For ease of use, we allow auth and ssh ports through as well.
+# To override the list of allowed ports
+#ipfw_ports_in="auth ssh"
+
+# You may want to enable logging of denied connections
+#ipfw_log_deny="YES"
+
+# This ports not logged
+#ipfw_ports_nolog="135-139,445 1026,1027 1433,1434"
+

conf.d/keymaps

@@ -0,0 +1,23 @@
+# Use keymap to specify the default console keymap.  There is a complete tree
+# of keymaps in /usr/share/keymaps to choose from.
+keymap="us"
+
+# Should we first load the 'windowkeys' console keymap?  Most x86 users will
+# say "yes" here.  Note that non-x86 users should leave it as "no".
+# Loading this keymap will enable VT switching (like ALT+Left/Right)
+# using the special windows keys on the linux console.
+windowkeys="NO"
+
+# The maps to load for extended keyboards.  Most users will leave this as is.
+extended_keymaps=""
+#extended_keymaps="backspace keypad euro2"
+
+# Tell dumpkeys(1) to interpret character action codes to be
+# from the specified character set.
+# This only matters if you set unicode="yes" in /etc/rc.conf.
+# For a list of valid sets, run `dumpkeys --help`
+dumpkeys_charset=""
+
+# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro €
+# To fix this, set to "yes"
+fix_euro="NO"

conf.d/killprocs

@@ -0,0 +1,3 @@
+# If you wish to pass any options to killall5 during shutdown,
+# you should do so here.
+killall5_opts=""

conf.d/localmount

@@ -0,0 +1,3 @@
+# Stop the unmounting of certain points.
+# This could be useful for some NFS related work.
+#no_umounts="/dir1:/var/dir2"

conf.d/modules

@@ -0,0 +1,23 @@
+# You can define a list modules for a specific kernel version,
+# a released kernel version, a main kernel version or just a list.
+# The most specific versioned variable will take precedence.
+#modules_2_6_23_gentoo_r5="ieee1394 ohci1394"
+#modules_2_6_23="tun ieee1394"
+#modules_2_6="tun"
+#modules_2="ipv6"
+#modules="ohci1394"
+
+# You can give modules a different name when they load - the new name
+# will also be used to pick arguments below.
+#modules="dummy:dummy1"
+
+# Give the modules some arguments if needed, per version if necessary.
+# Again, the most specific versioned variable will take precedence.
+#module_ieee1394_args="debug"
+#module_ieee1394_args_2_6_23_gentoo_r5="debug2"
+#module_ieee1394_args_2_6_23="debug3"
+#module_ieee1394_args_2_6="debug4"
+#module_ieee1394_args_2="debug5"
+
+# You should consult your kernel documentation and configuration
+# for a list of modules and their options.

conf.d/moused

@@ -0,0 +1,16 @@
+# See the moused man page for available settings.
+
+# Set to your mouse device psm[0-9] for PS/2 ports, ums[0-9] for USB ports
+# Leave blank to try to autodetect it
+#moused_device="/dev/psm0"
+
+# Any additional arguments required for a specific port
+#moused_args_psm0=""
+# or for all mice
+#moused_args=""
+
+# You can also multiplex the init script for each device like so
+#   ln -s moused /etc/init.d/moused.ums0
+# This enables you to have a config file per mouse (forces moused_device
+# to ums0 in this case) and control each mouse.
+# devd can also start and stop these mice, which laptop users will find handy.

conf.d/net

@@ -0,0 +1,4 @@
+# This blank configuration will automatically use DHCP for any net.*
+# scripts in /etc/init.d.  To create a more complete configuration,
+# please review /usr/share/doc/openrc*/net.example* and save your configuration
+# in /etc/conf.d/net (this file :]!).

conf.d/network.BSD.in

@@ -0,0 +1,4 @@
+
+# You can assign a default route
+#defaultroute="192.168.0.1"
+#defaultroute6="2001:a:b:c"

conf.d/network.Linux.in

@@ -0,0 +1,43 @@
+
+# You can assign a default route
+#defaultroute="gw 192.168.0.1"
+#defaultroute6="gw 2001:a:b:c"
+
+# ifconfig under Linux is not that powerful and doesn't easily handle
+# multiple addresses
+# On the other hand, ip (iproute2) is quite powerful and is also supported
+#ip_eth0="192.168.0.10/24; 192.168.10.10/24"
+
+# You can also use ip to add the default route.
+#defaultiproute="via 192.168.0.1"
+#defaultiproute6="via 2001:a:b:c"
+
+# ip doesn't handle MTU like ifconfig, but we can do it like so
+#ifup_eth0="ip link set \$int mtu 1500"
+
+# Create a bonded interface
+#interfaces="bond0"
+#ifup_bond0="modprobe bonding; ifconfig \$int up; ifenslave \$int bge0"
+#ifconfig_bond0="192.168.0.10 netmask 255.255.255.0"
+#ifdown_bond0="rmmod bonding"
+
+# Create tap interface and a bridge interface.
+# We add the tap to the bridge.
+# An external program, like dhcpcd, will configure the IP on the bridge
+#interfaces="tun0 br0"
+#ifup_tun0="tunctl -t \$int"
+#ifdown_tun0="tunctl -d \$int"
+#ifup_br0="brctl addbr \$int; brctl add \$int eth1; brtctl add \$int eth2"
+#ifdown_br0="ifconfig \$int down; btctl delbr \$int"
+
+# Create VLAN
+#interfaces="eth0_2 eth0_3 eth0_4"
+#ifup_eth0="vconfig add \$int 2; vconfig add \$int 3; vconfig add \$int 4"
+#ifconfig_eth0_2="192.168.2.10 netmask 255.255.255.0"
+#ifconfig_eth0_3="192.168.3.10 netmask 255.255.255.0"
+#ifconfig_eth0_4="192.168.4.10 netmask 255.255.255.0"
+#ifdown_eth0="vconfig rem \$int.2; vconfig rem \$int.3; vconfig rem \$int.4"
+
+# Normally you would use wpa_supplicant to configure wireless, but you can
+# use iwconfig also
+#ifup_wlan0="iwconfig \$int key s:secretkey enc open essid foobar"

conf.d/network.in

@@ -0,0 +1,28 @@
+# Assign static IP addresses and run custom scripts per interface.
+# Seperate commands with ;
+# Prefix with ! to run a shell script.
+# Use \$int to represent the interface
+#ifconfig_eth0="192.168.0.10 netmask 255.255.255.0"
+
+# You also have ifup_eth0 and ifdown_eth0 to run other commands when
+# eth0 is started and stopped.
+# You should note that we don't stop the network at system shutdown by default.
+# If you really need this, then set shutdown_network=YES
+
+# Lastly, the interfaces variable pulls in virtual interfaces that cannot
+# be automatically detected.
+#interfaces="br0 bond0 vlan0"
+
+# You can also use files instead of variables here if you like:
+# /etc/ifconfig.eth0 is equivalent to ifconfig_eth0
+# /etc/ip.eth0 is equivalent to ifconfig_eth0
+# /etc/ifup.eth0 is equivalent to ifup_eth0
+# /etc/ifdown.eth0 is equivalent to ifdown_eth0
+# Any files found will automatically be put into the interfaces variable.
+# You don't need to escape variables in files, so use $int instead of \$int.
+
+# If you require DHCP, you should install dhcpcd and it to the boot or
+# default runlevel.
+
+# NIS users can set the domain name here
+#domainname="foobar"

conf.d/powerd

@@ -0,0 +1,7 @@
+# Mode allowed: maximum, minimum, adaptive
+# Default unless specified is adaptive
+powerd_ac_mode="maximum"
+#powerd_battery_mode="minimum"
+
+# Addiditonal arguments for powerd - see the man page for details
+powerd_args=""

conf.d/rarpd

@@ -0,0 +1,3 @@
+# To start rarpd only for a given interface, set the
+# following variable. Otherwise we listen on all interfaces.
+#rarpd_interface="rl0"

conf.d/savecore

@@ -0,0 +1,25 @@
+# Unless you're a kernel developer or driver writer then this won't
+# be of any interest to you at all.
+# The following options allow to configure the kernel's core dump
+# facilities.
+
+# The dump_device variable is used to specify which device will be
+# used by the kernel to write the dump down. This has to be a swap
+# partition, and has to be at least big enough to contain the whole
+# physical memory (see hw.physmem sysctl(8) variable).
+# When the variable is commented out, no core dump will be enabled for
+# the kernel.
+#dump_device=/dev/ad0s1b
+
+# The dump_dir variable is used to tell savecore(8) utility where
+# to save the kernel core dump once it's restored from the dump
+# device. If unset, /var/crash will be used, as the default of
+# FreeBSD.
+#dump_dir=/var/crash
+
+# The dump_compress variable decide whether to compress with
+# gzip(1) the dump or leave it of its original size (the size of the
+# physical memory present on the system). If set to yes, the -z option
+# will be passed to savecore(8) that will proceed on compressing the
+# dump.
+#dump_compress=NO

conf.d/staticroute.BSD.in

@@ -0,0 +1,6 @@
+# Separate multiple routes using ; or new lines.
+# /etc/route.conf(5) takes precedence over this configuration.
+
+# Example static routes. See route(8) for syntax.
+#staticroute="net 192.168.0.0 -netmask 255.255.255.0 10.73.1.1
+#net 192.168.1.0 -netmask 255.255.255.0 10.73.1.1"

conf.d/staticroute.Linux.in

@@ -0,0 +1,8 @@
+# Separate multiple routes using ; or new lines.
+
+# Example static routes. See route(8) for syntax.
+#staticroute="net 192.168.0.0 netmask 255.255.255.0 gw 10.73.1.1
+#net 192.168.1.0 netmask 255.255.255.0 gw 10.73.1.1"
+
+# Example static routes using iproute2. See ip(8) for syntax.
+#staticiproute="192.168.0.0/24 via 10.73.1.1; 192.168.1.0/24 via 10.73.1.1"

conf.d/syscons

@@ -0,0 +1,19 @@
+# Example syscons config file. This is the place to set things like keymap, etc.
+
+# Set the video mode - you should check the vidcontrol man page for valid modes
+# NOTE:- This will blank the screen after this command is run
+# NOTE:- You can get more modes if you load the vesa kernel module, but this
+# may require the SC_PIXEL_MODE kernel option
+#allscreen_flags="VGA_80x30"
+
+# Set the keymap to "uk.iso".
+#keymap="uk.iso"
+
+# Set the keyboard rate to 250ms delay, and 34 repeat rate.
+#keyrate="250.34"
+
+# Change the behaviour of F-unction keys (see kbdcontrol(1)).
+#keychange="10 'ssh myhost'"
+
+# See vidcontrol(1) -t
+#blanktime="off"

conf.d/urandom

@@ -0,0 +1,5 @@
+# Sometimes you want to have urandom start before "localmount"
+# (say for crypt swap), so you will need to customize this
+# behavior.  If you have /var on a separate partition, then
+# make sure this path lives on your root device somewhere.
+urandom_seed="/var/lib/misc/random-seed"

doc/.gitignore

@@ -0,0 +1 @@
+net.example

doc/Makefile

@@ -0,0 +1,11 @@
+DIR=	${DOCDIR}/openrc
+SRCS=	net.example.in
+INC=	net.example
+
+MK=	../mk
+include ${MK}/os.mk
+
+%.example.in: %.example${SFX}
+	${CP} $< $@
+
+include ${MK}/scripts.mk

doc/net.example.BSD.in

@@ -0,0 +1,442 @@
+##############################################################################
+# QUICK-START
+#
+# The quickest start is if you want to use DHCP.
+# In that case, everything should work out of the box, no configuration
+# necessary, though the startup script will warn you that you haven't
+# specified anything.
+
+# WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6
+# (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have
+# the relevant kernel option enabled. So if you don't have an IPv6 enabled
+# kernel then remove the IPv6 address from your config.
+
+# If you want to use a static address or use DHCP explicitly, jump
+# down to the section labeled INTERFACE HANDLERS.
+#
+# If you want to do anything more fancy, you should take the time to
+# read through the rest of this file.
+
+##############################################################################
+# MODULES
+#
+# We now support modular networking scripts which means we can easily
+# add support for new interface types and modules while keeping
+# compatibility with existing ones.
+#
+# Modules load by default if the package they need is installed.  If
+# you specify a module here that doesn't have its package installed
+# then you get an error stating which package you need to install.
+# Ideally, you only use the modules setting when you have two or more
+# packages installed that supply the same service.
+#
+# In other words, you probably should DO NOTHING HERE...
+
+##############################################################################
+# INTERFACE HANDLERS
+
+# For a static configuration, use something like this
+#config_eth0="192.168.0.2/24"
+
+# If you need more than one address, you can use something like this
+# NOTE: ifconfig creates an aliased device for each extra IPv4 address
+#       (eth0:1, eth0:2, etc)
+#       iproute2 does not do this as there is no need to
+#config_eth0="192.168.0.2/24 192.168.0.3/24 192.168.0.4/24"
+
+# You can also use IPv6 addresses
+# (you should always specify a prefix length with IPv6 here)
+#config_eth0="192.168.0.2/24 4321:0:1:2:3:4:567:89ab/64 4321:0:1:2:3:4:567:89ac/64"
+
+# If you wish to keep existing addresses + routing and the interface is up,
+# you can specify a noop (no operation). If the interface is down or there
+# are no addresses assigned, then we move onto the next step (default dhcp)
+# This is useful when configuring your interface with a kernel command line
+# or similar
+#config_eth0="noop 192.168.0.2/24"
+
+# If you don't want ANY address (only useful when calling for advanced stuff)
+#config_eth0="null"
+
+# Here's how to do routing if you need it
+# We add an IPv4 default route, IPv4 subnet route and an IPv6 unicast route
+#routes_eth0="default via 192.168.0.1
+#10.0.0.0/8 via 192.168.0.1
+#::/0"
+
+# If a specified module fails (like dhcp - see below), you can specify a
+# fallback like so
+#fallback_eth0="192.168.0.2 netmask 255.255.255.0"
+#fallback_routes_eth0="default via 192.168.0.1"
+
+# NOTE: fallback entry must match the entry location in config_eth0
+# As such you can only have one fallback route.
+# Also, if you do not set a fallback_routes entry for an interface, the
+# routes entry will be used if that is set.
+
+# Some users may need to alter the MTU - here's how
+#mtu_eth0="1500"
+
+# Most drivers that report carrier status function correctly, but some do not
+# One of these faulty drivers is for the Intel e1000 network card, but only
+# at boot time. To get around this you may alter the carrier_timeout value for
+# the interface. -1 is disable, 0 is infinite and any other number of seconds
+# is how long we wait for carrier. The current default is 3 seconds
+#carrier_timeout_eth0=-1
+
+# You may wish to disable the interface being brought down when stopping.
+# This is only of use for WakeOnLan.
+#ifdown_eth0="NO"
+
+##############################################################################
+# OPTIONAL MODULES
+
+#-----------------------------------------------------------------------------
+# WIRELESS (802.11 support)
+# Wireless can be provided by BSDs ifconfig (iwconfig) or wpa_supplicant
+# wpa_supplicant is preferred, use the modules directive to prefer iwconfig.
+#modules="iwconfig"
+
+# ifconfig (iwconig) support is a one shot script - wpa_supplicant is daemon
+# that scans, associates and re-configures if association is lost.
+# We call it iwconfig to separate the wireless setup from ifconfig.
+####################################
+# HINTS
+#
+# Most users will just need to set the following options
+# key_SSID1="s:yourkeyhere enc open" # s: means a text key
+# key_SSID2="aaaa-bbbb-cccc-dd"      # no s: means a hex key
+# preferred_aps="SSID1 SSID2"
+#
+# Clear? Good. Now configure your wireless network below
+
+####################################
+# SETTINGS
+# Hard code an SSID to an interface - leave this unset if you wish the driver
+# to scan for available Access Points
+# I would only set this as a last resort really - use the preferred_aps
+# setting at the bottom of this file
+#essid_eth0='foo'
+
+# Some drivers/hardware don't scan all that well. We have no control over this
+# but we can say how many scans we want to do to try and get a better sweep of
+# the area. The default is 1.
+#scans_eth0="1"
+
+#Channel can be set (1-14), but defaults to 3 if not set.
+#
+# The below is taken verbatim from the BSD wavelan documentation found at
+# http://www.netbsd.org/Documentation/network/wavelan.html
+# There are 14 channels possible; We are told that channels 1-11 are legal for
+# North America, channels 1-13 for most of Europe, channels 10-13 for France,
+# and only channel 14 for Japan. If in doubt, please refer to the documentation
+# that came with your card or access point. Make sure that the channel you
+# select is the same channel your access point (or the other card in an ad-hoc
+# network) is on. The default for cards sold in North America and most of Europe
+# is 3; the default for cards sold in France is 11, and the default for cards
+# sold in Japan is 14.
+#channel_eth0="3"
+
+# Setup any other config commands. This is basically the ifconfig argument
+# without the ifconfig $iface.
+#ifconfig_eth0=""
+# You can do the same per SSID too.
+#ifconfig_SSID=""
+
+# Seconds to wait until associated. The default is to wait 10 seconds.
+# 0 means wait indefinitely. WARNING: this can cause an infinite delay when
+# booting.
+#associate_timeout_eth0="5"
+
+# Define a WEP key per SSID or MAC address (of the AP, not your card)
+# The encryption type (open or restricted) must match the
+# encryption type on the Access Point.
+# To set a hex key, prefix with 0x
+#key_SSID="0x12341234123412341234123456"
+# or you can use strings. Passphrase IS NOT supported
+#key_SSID="foobar"
+#key_SSID="foobar"
+
+# WEP key for the AP with MAC address 001122334455
+#mac_key_001122334455="foobar"
+
+# You can also override the interface settings found in /etc/conf.d/net
+# per SSID - which is very handy if you use different networks a lot
+#config_SSID="dhcp"
+#routes_SSID=
+#fallback_SSID=
+
+# Setting name/domain server causes /etc/resolv.conf to be overwritten
+# Note that if DHCP is used, and you want this to take precedence then
+# please put -R in your dhcpcd options
+#dns_servers_SSID="192.168.0.1 192.168.0.2"
+#dns_domain_SSID="some.domain"
+#dns_search_SSID="search.this.domain search.that.domain"
+# Please check the man page for resolv.conf for more information
+# as domain and search (searchdomains) are mutually exclusive and
+# searchdomains takes precedence
+
+# You can also set any of the /etc/conf.d/net variables per MAC address
+# incase you use Access Points with the same SSID but need different
+# networking configs. Below is an example - of course you use the same
+# method with other variables
+#config_001122334455="dhcp"
+#dns_servers_001122334455="192.168.0.1 192.168.0.2"
+
+# Map a MAC address to an SSID
+# This is used when the Access Point is not broadcasting its SSID
+# WARNING: This will override the SSID being broadcast due to some
+# Access Points sending an SSID even when they have been configured
+# not to!
+# Change 001122334455 to the MAC address and SSID to the SSID
+# it should map to
+#mac_essid_001122334455="SSID"
+
+# This lists the preferred SSIDs to connect to in order
+# SSID's can contain any characters here as they must match the broadcast
+# SSID exactly.
+# Surround each SSID with the " character and separate them with a space
+# If the first SSID isn't found then it moves onto the next
+# If this isn't defined then it connects to the first one found
+#preferred_aps="SSID1 SSID2"
+
+# You can also define a preferred_aps list per interface
+#preferred_aps_eth0="SSID3 SSID4"
+
+# You can also say whether we only connect to preferred APs or not
+# Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly"
+# and "forceany"
+# "any" means it will connect to visible APs in the preferred list and then
+# any other available AP
+# "preferredonly" means it will only connect to visible APs in the preferred
+# list
+# "forcepreferred" means it will forcibly connect to APs in order if it does
+# not find them in a scan
+# "forcepreferredonly" means it forcibly connects to the APs in order and
+# does not bother to scan
+# "forceany" does the same as forcepreferred + connects to any other
+# available AP
+# Default is "any"
+#associate_order="any"
+#associate_order_eth0="any"
+
+# You can define blacklisted Access Points in the same way
+#blacklist_aps="SSID1 SSID2"
+#blacklist_aps_eth0="SSID3 SSID4"
+
+# If you have more than one wireless card, you can say if you want
+# to allow each card to associate with the same Access Point or not
+# Values are "yes" and "no"
+# Default is "yes"
+#unique_ap="yes"
+#unique_ap_eth0="yes"
+
+# IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when
+# essid_eth0 is not set and your card is capable of scanning
+
+# NOTE: preferred_aps  list ignores blacklisted_aps - so if you have
+# the same SSID in both, well, you're a bit silly :p
+
+##################################################
+# wpa_supplicant
+# emerge net-wireless/wpa_supplicant
+# Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf
+# Consult the wpa_supplicant.conf.example that is installed in
+# /usr/share/doc/wpa_supplicant
+
+# By default we don't wait for wpa_supplicant to associate and authenticate.
+# If you would like to, so can specify how long in seconds
+#associate_timeout_eth0=60
+# A value of 0 means wait forever.
+
+# You can also override any settings found here per SSID - which is very
+# handy if you use different networks a lot. See below for using the SSID
+# in our variables
+#config_SSID="dhcp"
+# See the System module below for setting dns/nis/ntp per SSID
+
+# You can also override any settings found here per MAC address of the AP
+# in case you use Access Points with the same SSID but need different
+# networking configs. Below is an example - of course you use the same
+# method with other variables
+#mac_config_001122334455="dhcp"
+#mac_dns_servers_001122334455="192.168.0.1 192.168.0.2"
+
+# When an interface has been associated with an Access Point, a global
+# variable called SSID is set to the Access Point's SSID for use in the
+# pre/post user functions below (although it's not available in preup as you
+# won't have associated then)
+
+# If you're using anything else to configure wireless on your interface AND
+# you have installed wpa_supplicant, you need to disable wpa_supplicant
+#modules="!iwconfig !wpa_supplicant"
+#or
+#modules="!wireless"
+
+##############################################################################
+# WIRELESS SSID IN VARIABLES
+##############################################################################
+# Remember to change SSID to your SSID.
+# Say that your SSID is My NET - the line
+#      #key_SSID="s:passkey"
+# becomes
+#      #key_My_NET="s:passkey"
+# Notice that the space has changed to an underscore - do the same with all
+# characters not in a-z A-Z (English alphabet) 0-9. This only applies to
+# variables and not values.
+#
+# Any SSID's in values like essid_eth0="My NET" may need to be escaped
+# This means placing the character \ before the character
+# \" need to be escaped for example
+# So if your SSID is
+#      My "\ NET
+# it becomes
+#      My \"\\ NET
+# for example
+#      #essid_eth0="My\"\\NET"
+#
+# So using the above we can use
+#      #dns_domain_My____NET="My\"\\NET"
+# which is an invalid dns domain, but shows the how to use the variable
+# structure
+#########################################################
+
+#-----------------------------------------------------------------------------
+# DHCP
+# DHCP can be provided by dhclient.
+#
+# dhcpcd:   emerge net-misc/dhcpcd
+# dhclient: emerge net-misc/dhcp
+
+# Regardless of which DHCP client you prefer, you configure them the
+# same way using one of following depending on which interface modules
+# you're using.
+#config_eth0="dhcp"
+
+# For passing custom options to dhcpcd use something like the following.  This
+# example reduces the timeout for retrieving an address from 60 seconds (the
+# default) to 10 seconds.
+#dhcpcd_eth0="-t 10"
+
+# GENERIC DHCP OPTIONS
+# Set generic DHCP options like so
+#dhcp_eth0="release nodns nontp nonis nogateway nosendhost"
+
+# This tells the dhcp client to release its lease when it stops, not to
+# overwrite dns, ntp and nis settings, not to set a default route and not to
+# send the current hostname to the dhcp server and when it starts.
+# You can use any combination of the above options - the default is not to
+# use any of them.
+
+
+#-----------------------------------------------------------------------------
+# System
+# For configuring system specifics such as domain, dns, ntp and nis servers
+# It's rare that you would need todo this, but you can anyway.
+# This is most benefit to wireless users who don't use DHCP so they can change
+# their configs based on SSID.
+
+# If you omit the _eth0 suffix, then it applies to all interfaces unless
+# overridden by the interface suffix.
+#dns_domain_eth0="your.domain"
+#dns_servers_eth0="192.168.0.2 192.168.0.3"
+#dns_search_eth0="this.domain that.domain"
+#dns_options_eth0="timeout:1 rotate"
+#dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0"
+# See the man page for resolv.conf for details about the options and sortlist
+# directives
+
+#ntp_servers_eth0="192.168.0.2 192.168.0.3"
+
+#nis_domain_eth0="domain"
+#nis_servers_eth0="192.168.0.2 192.168.0.3"
+
+# NOTE: Setting any of these will stamp on the files in question. So if you
+# don't specify dns_servers but you do specify dns_domain then no nameservers
+# will be listed in /etc/resolv.conf even if there were any there to start
+# with.
+# If this is an issue for you then maybe you should look into a resolv.conf
+# manager like resolvconf-gentoo to manage this file for you. All packages
+# that baselayout supports use resolvconf-gentoo if installed.
+
+#-----------------------------------------------------------------------------
+# Cable in/out detection
+# Sometimes the cable is in, others it's out. Obviously you don't want to
+# restart net.eth0 every time when you plug it in either.
+# BSD has the Device State Change Daemon - or devd for short
+# To enable this,  simple add devd to the boot runlevel
+#rc-update add devd boot
+#rc
+
+##############################################################################
+# ADVANCED CONFIGURATION
+#
+# Four functions can be defined which will be called surrounding the
+# start/stop operations.  The functions are called with the interface
+# name first so that one function can control multiple adapters. An extra two
+# functions can be defined when an interface fails to start or stop.
+#
+# The return values for the preup and predown functions should be 0
+# (success) to indicate that configuration or deconfiguration of the
+# interface can continue.  If preup returns a non-zero value, then
+# interface configuration will be aborted.  If predown returns a
+# non-zero value, then the interface will not be allowed to continue
+# deconfiguration.
+#
+# The return values for the postup, postdown, failup and faildown functions are
+# ignored since there's nothing to do if they indicate failure.
+#
+# ${IFACE} is set to the interface being brought up/down
+# ${IFVAR} is ${IFACE} converted to variable name bash allows
+#
+# For historical and compatibility reasons, preup is actually normally called
+# in the following sequence: up ; preup ; up.
+# The first up causes the kernel to initialize the device, so
+# that it is available for use in the preup function.  However, for some
+# hardware, e.g. CAN devices, some configuration is needed before trying to up
+# the interface will actually work. For such hardware, the
+# up_before_preup variables will allow skipping the first up call if set
+# to yes.
+#up_before_preup_IFVAR="NO"
+#up_before_preup="NO"
+
+#preup() {
+#	# Remember to return 0 on success
+#	return 0
+#}
+
+#predown() {
+#	# The default in the script is to test for NFS root and disallow
+#	# downing interfaces in that case.  Note that if you specify a
+#	# predown() function you will override that logic.  Here it is, in
+#	# case you still want it...
+#	if is_net_fs /; then
+#		eerror "root filesystem is network mounted -- can't stop ${IFACE}"
+#		return 1
+#	fi
+#
+#	# Remember to return 0 on success
+#	return 0
+#}
+
+#postup() {
+#	# This function could be used, for example, to register with a
+#	# dynamic DNS service.  Another possibility would be to
+#	# send/receive mail once the interface is brought up.
+
+#}
+
+#postdown() {
+#	# Return 0 always
+#	return 0
+#}
+
+#failup() {
+#       # This function is mostly here for completeness... I haven't
+#       # thought of anything nifty to do with it yet ;-)
+#}
+
+#faildown() {
+#       # This function is mostly here for completeness... I haven't
+#       # thought of anything nifty to do with it yet ;-)
+#}

etc/.gitignore

@@ -0,0 +1,3 @@
+rc.conf
+rc
+rc.shutdown

etc/Makefile

@@ -0,0 +1,28 @@
+DIR=	${SYSCONFDIR}
+SRCS=	rc.conf.in rc.in rc.shutdown.in
+BIN=	${BIN-${OS}}
+CONF=	rc.conf ${BIN-${OS}}
+
+CLEANFILES+=	rc.conf
+
+MK=	../mk
+include ${MK}/os.mk
+
+SED_EXTRA-FreeBSD=	-e 's:@TERM@:cons25:g'
+BIN-FreeBSD=		rc rc.shutdown rc.devd
+CONF-FreeBSD=		devd.conf
+
+SED_EXTRA-Linux=	-e 's:@TERM@:wsvt25:g'
+BIN-Linux=
+CONF-Linux=
+
+SED_EXTRA-NetBSD=	-e 's:@TERM@:wsvt25:g'
+BIN-NetBSD=		rc rc.shutdown
+CONF-NetBSD=
+
+SED_EXTRA=	${SED_EXTRA-${OS}}
+
+include ${MK}/scripts.mk
+
+rc.conf: rc.conf.in rc.conf.${OS}
+	${SED} ${SED_REPLACE} ${SED_EXTRA} $^ > $@

etc/devd.conf

@@ -0,0 +1,315 @@
+# $FreeBSD: src/etc/devd.conf,v 1.38 2007/06/21 22:50:36 njl Exp $
+#
+# Refer to devd.conf(5) and devd(8) man pages for the details on how to
+# run and configure devd.
+#
+
+# NB: All regular expressions have an implicit ^$ around them.
+# NB: device-name is shorthand for 'match device-name'
+
+options {
+	# Each directory directive adds a directory the list of directories
+	# that we scan for files.  Files are read-in in the order that they
+	# are returned from readdir(3).  The rule-sets are combined to
+	# create a DFA that's used to match events to actions.
+	directory "/etc/devd";
+	directory "/usr/local/etc/devd";
+	pid-file "/var/run/devd.pid";
+
+	# Setup some shorthand for regex that we use later in the file.
+	#XXX Yes, these are gross -- imp
+	set scsi-controller-regex
+		"(aac|adv|adw|aha|ahb|ahc|ahd|aic|amd|amr|asr|bt|ciss|ct|dpt|\
+		esp|ida|iir|ips|isp|mlx|mly|mpt|ncr|ncv|nsp|stg|sym|trm|wds)\
+		[0-9]+";
+};
+
+# Note that the attach/detach with the highest value wins, so that one can
+# override these general rules.
+
+#
+# Configure the interface on attach.  Due to a historical accident, this
+# script is called pccard_ether.
+#
+notify 0 {
+	match "system"		"IFNET";
+	match "type"		"ATTACH";
+	action "/etc/rc.devd net.$subsystem start";
+};
+
+notify 0 {
+	match "system"		"IFNET";
+	match "type"		"DETACH";
+	action "/etc/rc.devd net.$subsystem stop";
+};
+
+#
+# Try to configure the interface when the network comes up and deconfigure
+# when it goes down
+#
+notify 0 {
+	match "system"		"IFNET";
+	match "type"		"LINK_UP";
+	media-type		"ethernet";
+	action "/etc/rc.devd net.$subsystem start";
+};
+
+notify 0 {
+	match "system"		"IFNET";
+	match "type"		"LINK_DOWN";
+	media-type		"ethernet";
+	action "/etc/rc.devd net.$subsystem stop";
+};
+#
+# Like Ethernet devices, but separate because
+# they have a different media type.  We may want
+# to exploit this later.
+#
+detach 0 {
+	media-type "802.11";
+	action "/etc/rc.devd net.$device-name stop";
+};
+attach 0 {
+	media-type "802.11";
+	action "/etc/rc.devd net.$device-name start";
+};
+notify 0 {
+	match "system"		"IFNET";
+	match "type"		"LINK_UP";
+	media-type		"802.11";
+	action "/etc/rc.devd net.$subsystem start";
+};
+notify 0 {
+	match "system"		"IFNET";
+	match "type"		"LINK_DOWN";
+	media-type		"802.11";
+	action "/etc/rc.devd net.$subsystem stop";
+};
+
+# An entry like this might be in a different file, but is included here
+# as an example of how to override things.  Normally 'ed50' would match
+# the above attach/detach stuff, but the value of 100 makes it
+# hard wired to 1.2.3.4.
+attach 100 {
+	device-name "ed50";
+	action "ifconfig $device-name inet 1.2.3.4 netmask 0xffff0000";
+};
+detach 100 {
+	device-name "ed50";
+};
+
+# When a USB Bluetooth dongle appears activate it
+attach 100 {
+	device-name "ubt[0-9]+";
+	action "/etc/rc.d/bluetooth start $device-name";
+};
+detach 100 {
+	device-name "ubt[0-9]+";
+	action "/etc/rc.d/bluetooth stop $device-name";
+};
+
+# When a USB keyboard arrives, attach it as the console keyboard.
+attach 100 {
+	device-name "ukbd0";
+	action "/etc/rc.d/syscons setkeyboard /dev/ukbd0";
+};
+detach 100 {
+	device-name "ukbd0";
+	action "/etc/rc.d/syscons setkeyboard /dev/kbd0";
+};
+
+# The entry below starts moused when a mouse is plugged in. Moused
+# stops automatically (actually it bombs :) when the device disappears.
+attach 100 {
+	device-name "ums[0-9]+";
+	action "/etc/rc.devd moused.$device-name start";
+};
+
+# Firmware download into the ActiveWire board. After the firmware download is
+# done the device detaches and reappears as something new and shiny
+# automatically.
+attach 100 {
+	match "vendor"	"0x0854";
+	match "product"	"0x0100";
+	match "release"	"0x0000";
+	action "/usr/local/bin/ezdownload -f /usr/local/share/usb/firmware/0854.0100.0_01.hex $device-name";
+};
+
+# Firmware download for Entrega Serial DB25 adapter.
+attach 100 {
+	match "vendor"	"0x1645";
+	match "product"	"0x8001";
+	match "release"	"0x0101";
+	action "if ! kldstat -n usio > /dev/null 2>&1 ; then kldload usio; fi /usr/sbin/ezdownload -v -f /usr/share/usb/firmware/1645.8001.0101 /dev/$device-name";
+};
+
+# This entry starts the ColdSync tool in daemon mode. Make sure you have an up
+# to date /usr/local/etc/palms. We override the 'listen' settings for port and
+# type in /usr/local/etc/coldsync.conf.
+attach 100 {
+	device-name "ugen[0-9]+";
+	match "vendor" "0x082d";
+	match "product" "0x0100";
+	match "release" "0x0100";
+	action "/usr/local/bin/coldsync -md -p /dev/$device-name -t usb";
+};
+
+#
+# Rescan scsi device-names on attach, but not detach.  However, it is
+# disabled by default due to reports of problems.
+#
+attach 0 {
+	device-name "$scsi-controller-regex";
+//	action "camcontrol rescan all";
+};
+
+# Don't even try to second guess what to do about drivers that don't
+# match here.  Instead, pass it off to syslog.  Commented out for the
+# moment, as the pnpinfo variable isn't set in devd yet.  Individual
+# variables within the bus supplied pnpinfo are set.
+nomatch 0 {
+#	action "logger Unknown device: $pnpinfo $location $bus";
+};
+
+# Various logging of unknown devices.
+nomatch 10 {
+	match "bus" "uhub[0-9]+";
+	action "logger Unknown USB device: vendor $vendor product $product \
+		bus $bus";
+};
+
+# Some PC-CARDs don't offer numerical manufacturer/product IDs, just
+# show the CIS info there.
+nomatch 20 {
+	match "bus" "pccard[0-9]+";
+	match "manufacturer" "0xffffffff";
+	match "product" "0xffffffff";
+	action "logger Unknown PCCARD device: CISproduct $cisproduct \
+		CIS-vendor $cisvendor bus $bus";
+};
+
+nomatch 10 {
+	match "bus" "pccard[0-9]+";
+	action "logger Unknown PCCARD device: manufacturer $manufacturer \
+		product $product CISproduct $cisproduct CIS-vendor \
+		$cisvendor bus $bus";
+};
+
+nomatch 10 {
+	match "bus" "cardbus[0-9]+";
+	action "logger Unknown Cardbus device: device $device class $class \
+		vendor $vendor bus $bus";
+};
+
+# Switch power profiles when the AC line state changes.
+notify 10 {
+	match "system"		"ACPI";
+	match "subsystem"	"ACAD";
+	action "/etc/rc.d/power_profile $notify";
+};
+
+# Notify all users before beginning emergency shutdown when we get
+# a _CRT or _HOT thermal event and we're going to power down the system
+# very soon.
+notify 10 {
+	match "system"		"ACPI";
+	match "subsystem"	"Thermal";
+	match "notify"		"0xcc";
+	action "logger -p kern.emerg 'WARNING: system temperature too high, shutting down soon!'";
+};
+
+# Sample ZFS problem reports handling.
+notify 10 {
+	match "system"		"ZFS";
+	match "type"		"zpool";
+	action "logger -p kern.err 'ZFS: failed to load zpool $pool'";
+};
+
+notify 10 {
+	match "system"		"ZFS";
+	match "type"		"vdev";
+	action "logger -p kern.err 'ZFS: vdev failure, zpool=$pool type=$type'";
+};
+
+notify 10 {
+	match "system"		"ZFS";
+	match "type"		"data";
+	action "logger -p kern.warn 'ZFS: zpool I/O failure, zpool=$pool error=$zio_err'";
+};
+
+notify 10 {
+	match "system"		"ZFS";
+	match "type"		"io";
+	action "logger -p kern.warn 'ZFS: vdev I/O failure, zpool=$pool path=$vdev_path offset=$zio_offset size=$zio_size error=$zio_err'";
+};
+
+notify 10 {
+	match "system"		"ZFS";
+	match "type"		"checksum";
+	action "logger -p kern.warn 'ZFS: checksum mismatch, zpool=$pool path=$vdev_path offset=$zio_offset size=$zio_size'";
+};
+
+# User requested suspend, so perform preparation steps and then execute
+# the actual suspend process.
+notify 10 {
+	match "system"		"ACPI";
+	match "subsystem"	"Suspend";
+	action "/etc/rc.suspend acpi $notify";
+};
+notify 10 {
+	match "system"		"ACPI";
+	match "subsystem"	"Resume";
+	action "/etc/rc.resume acpi $notify";
+};
+
+/* EXAMPLES TO END OF FILE
+
+# The following might be an example of something that a vendor might
+# install if you were to add their device.  This might reside in
+# /usr/local/etc/devd/deqna.conf.  A deqna is, in this hypothetical
+# example, a pccard ethernet-like device.  Students of history may
+# know other devices by this name, and will get the in-jokes in this
+# entry.
+nomatch 10 {
+	match "bus" "pccard[0-9]+";
+	match "manufacturer" "0x1234";
+	match "product" "0x2323";
+	action "kldload if_deqna";
+};
+attach 10 {
+	device-name "deqna[0-9]+";
+	action "/etc/pccard_ether $device-name start";
+};
+detach 10 {
+	device-name "deqna[0-9]+";
+	action "/etc/pccard_ether $device-name stop";
+};
+
+# Examples of notify hooks.  A notify is a generic way for a kernel
+# subsystem to send event notification to userland.
+#
+# Here are some examples of ACPI notify handlers.  ACPI subsystems that
+# generate notifies include the AC adapter, power/sleep buttons,
+# control method batteries, lid switch, and thermal zones.
+#
+# Information returned is not always the same as the ACPI notify
+# events.  See the ACPI specification for more information about
+# notifies.  Here is the information returned for each subsystem:
+#
+# ACAD:		AC line state (0 is offline, 1 is online)
+# Button:	Button pressed (0 for power, 1 for sleep)
+# CMBAT:	ACPI battery events
+# Lid:		Lid state (0 is closed, 1 is open)
+# Suspend, Resume: Suspend and resume notification
+# Thermal:	ACPI thermal zone events
+#
+# This example calls a script when the AC state changes, passing the
+# notify value as the first argument.  If the state is 0x00, it might
+# call some sysctls to implement economy mode.  If 0x01, it might set
+# the mode to performance.
+notify 10 {
+	match "system"		"ACPI";
+	match "subsystem"	"ACAD";
+	action			"/etc/acpi_ac $notify";
+};
+*/

etc/rc.conf.FreeBSD

@@ -0,0 +1,12 @@
+##############################################################################
+# FreeBSD SPECIFIC OPTIONS
+
+# This is the subsystem type. Valid options on FreeBSD:
+# ""        - nothing special
+# "jail"    - FreeBSD jails
+# If this is commented out, automatic detection will be used.
+#
+# This should be set to the value representing the environment this file is
+# PRESENTLY in, not the virtualization the environment is capable of.
+#rc_sys=""
+

etc/rc.conf.Linux

@@ -0,0 +1,20 @@
+##############################################################################
+# LINUX SPECIFIC OPTIONS
+
+# This is the subsystem type. Valid options on Linux:
+# ""        - nothing special
+# "lxc"     - Linux Containers
+# "openvz"  - Linux OpenVZ
+# "uml"     - Usermode Linux
+# "vserver" - Linux vserver
+# "xen0"    - Xen0 Domain
+# "xenU"    - XenU Domain
+# If this is commented out, automatic detection will be used.
+#
+# This should be set to the value representing the environment this file is
+# PRESENTLY in, not the virtualization the environment is capable of.
+#rc_sys=""
+
+# This is the number of tty's used in most of the rc-scripts (like
+# consolefont, numlock, etc ...)
+rc_tty_number=12

etc/rc.conf.NetBSD

@@ -0,0 +1,13 @@
+##############################################################################
+# NetBSD SPECIFIC OPTIONS
+
+# This is the subsystem type. Valid options on NetBSD:
+# ""        - nothing special
+# "xen0"    - Xen0 Domain
+# "xenU"    - XenU Domain
+# If this is commented out, automatic detection will be used.
+#
+# This should be set to the value representing the environment this file is
+# PRESENTLY in, not the virtualization the environment is capable of.
+#rc_sys=""
+

etc/rc.conf.in

@@ -0,0 +1,122 @@
+# Global OpenRC configuration settings
+
+# Set to "YES" if you want the rc system to try and start services
+# in parallel for a slight speed improvement. When running in parallel we
+# prefix the service output with its name as the output will get
+# jumbled up.
+# WARNING: whilst we have improved parallel, it can still potentially lock
+# the boot process. Don't file bugs about this unless you can supply
+# patches that fix it without breaking other things!
+#rc_parallel="NO"
+
+# Set rc_interactive to "YES" and you'll be able to press the I key during
+# boot so you can choose to start specific services. Set to "NO" to disable
+# this feature. This feature is automatically disabled if rc_parallel is
+# set to YES.
+#rc_interactive="YES"
+
+# If we need to drop to a shell, you can specify it here.
+# If not specified we use $SHELL, otherwise the one specified in /etc/passwd,
+# otherwise /bin/sh
+# Linux users could specify /sbin/sulogin
+#rc_shell=/bin/sh
+
+# Do we allow any started service in the runlevel to satisfy the dependency
+# or do we want all of them regardless of state? For example, if net.eth0
+# and net.eth1 are in the default runlevel then with rc_depend_strict="NO"
+# both will be started, but services that depend on 'net' will work if either
+# one comes up. With rc_depend_strict="YES" we would require them both to
+# come up.
+#rc_depend_strict="YES"
+
+# rc_hotplug is a list of services that we allow to be hotplugged.
+# By default we do not allow hotplugging.
+# A hotplugged service is one started by a dynamic dev manager when a matching
+# hardware device is found.
+# This service is intrinsically included in the boot runlevel.
+# To disable services, prefix with a !
+# Example - rc_hotplug="net.wlan !net.*"
+# This allows net.wlan and any service not matching net.* to be plugged.
+# Example - rc_hotplug="*"
+# This allows all services to be hotplugged
+#rc_hotplug="*"
+
+# rc_logger launches a logging daemon to log the entire rc process to
+# /var/log/rc.log
+# NOTE: Linux systems require the devfs service to be started before
+# logging can take place and as such cannot log the sysinit runlevel.
+#rc_logger="YES"
+
+# Through rc_log_path you can specify a custom log file.
+# The default value is: /var/log/rc.log
+#rc_log_path="/var/log/rc.log"
+
+# By default we filter the environment for our running scripts. To allow other
+# variables through, add them here. Use a * to allow all variables through.
+#rc_env_allow="VAR1 VAR2"
+
+# By default we assume that all daemons will start correctly.
+# However, some do not - a classic example is that they fork and return 0 AND
+# then child barfs on a configuration error. Or the daemon has a bug and the
+# child crashes. You can set the number of milliseconds start-stop-daemon
+# waits to check that the daemon is still running after starting here.
+# The default is 0 - no checking.
+#rc_start_wait=100
+
+# rc_nostop is a list of services which will not stop when changing runlevels.
+# This still allows the service itself to be stopped when called directly.
+#rc_nostop=""
+
+# rc will attempt to start crashed services by default.
+# However, it will not stop them by default as that could bring down other
+# critical services.
+#rc_crashed_stop=NO
+#rc_crashed_start=YES
+
+##############################################################################
+# MISC CONFIGURATION VARIABLES
+# There variables are shared between many init scripts
+
+# Set unicode to YES to turn on unicode support for keyboards and screens.
+#unicode="NO"
+
+# Below is the default list of network fstypes.
+#
+# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
+# nfs nfs4 ocfs2 shfs smbfs
+#
+# If you would like to add to this list, you can do so by adding your
+# own fstypes to the following variable.
+#extra_net_fs_list=""
+
+##############################################################################
+# SERVICE CONFIGURATION VARIABLES
+# These variables are documented here, but should be configured in
+# /etc/conf.d/foo for service foo and NOT enabled here unless you
+# really want them to work on a global basis.
+
+# Some daemons are started and stopped via start-stop-daemon.
+# We can set some things on a per service basis, like the nicelevel.
+#export SSD_NICELEVEL="-19"
+
+# Pass ulimit parameters
+#rc_ulimit="-u 30"
+
+# It's possible to define extra dependencies for services like so
+#rc_config="/etc/foo"
+#rc_need="openvpn"
+#rc_use="net.eth0"
+#rc_after="clock"
+#rc_before="local"
+#rc_provide="!net"
+
+# You can also enable the above commands here for each service. Below is an
+# example for service foo.
+#rc_foo_config="/etc/foo"
+#rc_foo_need="openvpn"
+#rc_foo_after="clock"
+
+# You can also remove dependencies.
+# This is mainly used for saying which servies do NOT provide net.
+#rc_net_tap0_provide="!net"
+

etc/rc.devd

@@ -0,0 +1,31 @@
+#!/bin/sh
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+# Inform RC that we are in the background and hotplugged
+export IN_BACKGROUND=yes
+export IN_HOTPLUG=yes
+
+getmedia() {
+	ifconfig "$1" | while read line; do
+		case "${line}" in
+			media:" "*) echo "${line}"; return;;
+		esac
+	done
+}
+
+# Try and create an init script for network interfaces
+if [ ! -e /etc/init.d/"$1" -a ! -e /usr/local/init.d/"$1" ]; then
+	base=${1%%.*}
+	if [ "${base}" = "net" ]; then
+		# We only create links for pyhsical interfaces
+		[ -n "$(getmedia ${1#*.})" ] || exit 1
+		base="net.lo0"
+	fi
+	if [ -e /etc/init.d/"${base}" -a "${base}" != "$1" ]; then
+		ln -s "${base}" /etc/init.d/"$1"
+	fi
+fi
+
+# Run the init script
+exec /etc/init.d/"$1" "$2"

etc/rc.in

@@ -0,0 +1,19 @@
+#!@SHELL@
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+# If $TERM is not set then assume default of @TERM@
+# This gives us a nice colour boot :)
+[ -z "$TERM" -o "$TERM" = "dumb" ] && export TERM="@TERM@"
+
+# Handle interrupts
+trap : SIGINT
+trap "echo 'Boot interrupted'; exit 1" SIGQUIT
+
+/sbin/rc sysinit || exit 1
+/sbin/rc boot || exit 1
+/sbin/rc default
+
+# We don't actually care if rc default worked or not, we should exit 0
+# to allow logins
+exit 0

etc/rc.shutdown.in

@@ -0,0 +1,17 @@
+#!@SHELL@
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+# Handle interrupts
+trap : SIGINT SIGQUIT
+
+# Try and use stuff in /lib over anywhere else so we can shutdown
+# local mounts correctly.
+export LD_LIBRARY_PATH="/lib${LD_LIBRARY_PATH:+:}${LDLIBRARY_PATH}"
+
+# If $TERM is not set then assume default of @TERM@
+# This gives us a nice colour boot :)
+[ -z "$TERM" -o "$TERM" = "dumb" ] && export TERM="@TERM@"
+
+action=${1:-shutdown}
+exec /sbin/rc "${action}"

index.html

@@ -1,4 +0,0 @@
-<p>
-This site is under construction. There will be much more information
-posted here soon, so come back often.
-</p>

init.d.misc/.gitignore

@@ -0,0 +1,11 @@
+avahi-dnsconfd
+avahid
+dhcpcd
+dbus
+hald
+named
+ntpd
+openvpn
+polkitd
+sshd
+wpa_supplicant

init.d.misc/Makefile

@@ -0,0 +1,11 @@
+DIR=	${INITDIR}
+SRCS=	avahi-dnsconfd.in avahid.in dhcpcd.in dbus.in \
+	hald.in named.in ntpd.in \
+	openvpn.in polkitd.in sshd.in wpa_supplicant.in
+
+MK=	../mk
+
+SED_EXTRA+= -e 's:@VARBASE@:/var:g'
+
+include ${MK}/os.mk
+include ${MK}/scripts.mk

init.d.misc/avahi-dnsconfd.in

@@ -0,0 +1,15 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=@PKG_PREFIX@/sbin/avahi-dnsconfd
+command_args="$avahi_dnsconfd_args -D"
+pidfile=@VARBASE@/run/avahi-dnsconfd.pid
+name="Avahi DNS Configuration Daemon"
+
+depend()
+{
+	use dns
+	need localmount dbus
+	after bootmisc
+}

init.d.misc/avahid.in

@@ -0,0 +1,15 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=@PKG_PREFIX@/sbin/avahi-daemon
+command_args="$avahid_args -D"
+pidfile=@VARBASE@/run/avahi-daemon/pid
+name="Avahi Service Advertisement Daemon"
+
+depend()
+{
+	use dns
+	need localmount dbus
+	after bootmisc
+}

init.d.misc/dbus.in

@@ -0,0 +1,19 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=@PKG_PREFIX@/bin/dbus-daemon
+pidfile=@VARBASE@/run/dbus/pid
+command_args="${dbusd_args---system}"
+name="Message Bus Daemon"
+
+depend()
+{
+	need localmount net
+	after bootmisc
+}
+
+start_pre()
+{
+	mkdir -p $(dirname $pidfile)
+}

init.d.misc/dhcpcd.in

@@ -0,0 +1,27 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/sbin/dhcpcd
+pidfile=/var/run/dhcpcd.pid
+command_args=-q
+name="DHCP Client Daemon"
+
+depend()
+{
+	provide net
+	need localmount
+	use logger
+	after bootmisc modules
+	before dns
+}
+
+stop_pre()
+{
+	# When shutting down, kill dhcpcd but preserve network
+	# We do this as /var/run/dhcpcd could be cleaned out when we
+	# return to multiuser.
+	if yesno $RC_GOINGDOWN; then
+		: ${stopsig:=SIGKILL}
+	fi
+}

init.d.misc/dnsmasq.in

@@ -0,0 +1,24 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=@PKG_PREFIX@/sbin/dnsmasq
+command_args=$dnsmasq_args
+pidfile=@VARBASE@/run/dnsmasq.pid
+required_files=/etc/dnsmasq.conf
+
+extra_started_commands="reload"
+
+depend()
+{
+	provide dns
+	need localmount net
+	after bootmisc
+}
+
+reload()
+{
+	ebegin "Reloading $RC_SVCNAME"
+	start-stop-daemon --signal SIGHUP --pidfile "$pidfile"
+	eend $?
+}

init.d.misc/hald.in

@@ -0,0 +1,13 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=@PKG_PREFIX@/sbin/hald
+pidfile=@VARBASE@/run/hald/hald.pid
+command_args=$hald_args
+name="Hardware Abstraction Layer Daemon"
+
+depend()
+{
+	need dbus
+}

init.d.misc/named.in

@@ -0,0 +1,112 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/named
+command_args=$named_args
+pidfile=@VARBASE@/run/named.pid
+name="Domain Name server"
+extra_started_commands="reload"
+
+namedb=/etc/namedb
+uid=named
+case "$RC_UNAME" in
+	FreeBSD)
+		uid=bind
+		pidfile=@VARBASE@/run/named/pid
+		;;
+	Linux)
+		uid=bind
+		;;
+esac
+: ${named_uid:=${uid}}
+
+depend()
+{
+	provide dns
+	need localmount
+	after bootmisc
+}
+
+start_pre()
+{
+	if [ -n "$named_chroot" ]; then
+		# Create (or update) the chroot directory structure
+		if [ -r /etc/mtree/BIND.chroot.dist ]; then
+			mtree -deU -f /etc/mtree/BIND.chroot.dist -p "$named_chroot"
+		else
+			ewarn "/etc/mtree/BIND.chroot.dist missing,"
+			ewarn "chroot directory structure not updated"
+		fi
+
+		if [ ! -d "$named_chroot"/. ]; then
+			eerror "chroot directory $named_chroot missing"
+			exit 1
+		fi
+
+		# Create /etc/namedb symlink
+		if [ ! -L "$namedb" ]; then
+			if [ -d "$namedb" ]; then
+				ewarn "named chroot: $namedb is a directory!"
+			elif [ -e "$namedb" ]; then
+				ewarn "named chroot: $namedb exists!"
+			else
+				ln -s "$named_chroot$namedb" "$namedb"
+			fi
+		else
+			# Make sure it points to the right place.
+			ln -shf "$named_chroot$namedb" "$namedb"
+		fi
+
+		case "$RC_UNAME" in
+			*BSD|DragonFly)
+				# Mount a devfs in the chroot directory if needed
+				umount "$named_chroot"/dev 2>/dev/null
+				mount -t devfs dev "$named_chroot"/dev
+				devfs -m "$named_chroot"/dev \
+					ruleset devfsrules_hide_all
+				devfs -m "$named_chroot"/dev \
+					rule apply path null unhide
+				devfs -m "$named_chroot"/dev \
+					rule apply path random unhide
+				;;
+		esac
+
+		# Copy local timezone information if it is not up to date.
+		if [ -r /etc/localtime ]; then
+			cmp -s /etc/localtime "$named_chroot/etc/localtime" ||
+			cp -p /etc/localtime "$named_chroot/etc/localtime"
+		fi
+
+		command_args="$command_args -t $named_chroot"
+
+		ln -fs "$named_chroot$pidfile" "$pidfile"
+	fi
+
+	if [ ! -s "$named_chroot$namedb/rndc.conf" ]; then
+		local confgen="${command%/named}/rndc-confgen -a -b256 -u $named_uid \
+			-c $named_chrootdir/etc/namedb/rndc.key"
+		if [ -s "$named_chroot$namedb/rndc.key" ]; then
+			local getuser="stat -f%Su"
+			[ "$RC_UNAME" = Linux ] && getuser="stat -c%U"
+			case $(${getuser} "$named_chroot$namedb"/rndc.key) in
+				root|"$named_uid");;
+				*) $confgen;;
+			esac
+		else
+			$confgen
+		fi
+	fi
+}
+
+reload()
+{
+	rndc reload
+}
+
+stop_post()
+{
+	if [ -n "$named_chroot" -a -c "$named_chroot"/dev/null ]; then
+		umount "$named_chroot"/dev 2>/dev/null || true
+	fi
+}

init.d.misc/ntpd.in

@@ -0,0 +1,37 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+: ${ntpd_config:=/etc/ntp.conf}
+: ${ntpd_drift:=/var/db/ntpd.drift}
+
+command=/usr/sbin/ntpd
+required_files=$ntpd_config
+pidfile=/var/run/ntpd.pid
+command_args="$ntpd_args -c $ntpd_config -f $ntpd_drift -p $pidfile"
+name="Network Time Protocol Daemon"
+
+depend()
+{
+	use dns
+	need localmount
+	after bootmisc ntp-client
+}
+
+start_pre()
+{
+	if [ -n "$ntpd_chroot" ]; then
+		case "$RC_UNAME" in
+			*BSD|DragonFly)
+				if [ ! -c "$ntpd_chroot/dev/clockctl" ]; then
+					rm -f "$ntpd_chroot/dev/clockctl"
+					(cd /dev; /bin/pax -rw -pe clockctl \
+					 "$ntpd_chroot/dev")
+				fi
+				;;
+		esac
+		ln -fs "$ntpd_chroot$ntpd_drift" "$ntpd_drift"
+
+		command_args="$command_args -u ntpd:ntpd -i $ntpd_chroot"
+	fi
+}

init.d.misc/openvpn.in

@@ -0,0 +1,67 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+vpn=${RC_SVCNAME#*.}
+name="OpenVPN"
+[ "$vpn" != openvpn ] && name="$name ($vpn)"
+command=@PKG_PREFIX@/sbin/openvpn
+
+pidfile=@VARBASE@/run/"$RC_SVCNAME".pid
+: ${openvpn_dir:=@PKG_PREFIX@/etc/openvpn}
+: ${openvpn_config:=$openvpn_dir/$vpn.conf}
+command_args="$openvpn_args --daemon --config $openvpn_config"
+command_args="$command_args --writepid $pidfile"
+required_dirs=$openvpn_dir
+required_files=$openvpn_config
+
+# If we're an openvpn client, then supply a nice default config
+# You can find sample up/down scripts in the OpenRC support/openvpn dir
+if yesno $openvpn_client; then
+	: ${openvpn_up:=${openvpn_dir}/up.sh}
+	: ${openvpn_down:=${openvpn_dir}/down.sh}
+	command_args="$command_args --nobind --up-delay --up-restart --down-pre"
+	command_args="$command_args --up $openvpn_up"
+	command_args="$command_args --down $openvpn_down"
+	required_files="$required_files $openvpn_up $openvpn_down"
+
+	in_background_fake="start stop"
+	start_inactive=YES
+fi
+
+depend()
+{
+	need localmount net
+	use dns
+	after bootmisc
+}
+
+start_pre()
+{
+	# Linux has good dynamic tun/tap creation
+	if [ "$RC_UNAME" = Linux ]; then
+		if [ ! -e /dev/net/tun ]; then
+			if ! modprobe tun; then
+				eerror "TUN/TAP support is not available in this kernel"
+				return 1
+			fi
+		fi
+		if [ -h /dev/net/tun -a -c /dev/misc/net/tun ]; then
+			ebegin "Detected broken /dev/net/tun symlink, fixing..."
+			rm -f /dev/net/tun
+			ln -s /dev/misc/net/tun /dev/net/tun
+			eend $?
+		fi
+	else
+		if type kldload >/dev/null 2>&1; then
+			# Hammer the modules home by default
+			sysctl -a | grep -q '\.tun\.' || kldload if_tun
+			sysctl -a | grep -q '\.tap\.' || kldload if_tap
+		fi
+	fi
+
+	# If the config file does not specify the cd option, we do
+	if ! grep -q "^[ \t]*cd[ \t].*" "$openvpn_config"; then
+		command_args="$command_args --cd $openvpn_dir"
+	fi
+}

init.d.misc/polkitd.in

@@ -0,0 +1,13 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=@PKG_PREFIX@/sbin/polkitd
+pidfile=@VARBASE@/run/polkitd/polkitd.pid
+command_args="$polkitd_args"
+name="PolicyKit Daemon"
+
+depend()
+{
+	need dbus
+}

init.d.misc/sshd.in

@@ -0,0 +1,35 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/sshd
+command_args=$sshd_args
+pidfile=@VARBASE@/run/sshd.pid
+required_files=/etc/ssh/sshd_config
+
+depend()
+{
+	use logger dns
+	need net
+}
+
+start_pre()
+{
+	if [ ! -e /etc/ssh/ssh_host_key ]; then
+		ebegin "Generating Hostkey"
+		ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
+		eend $? || return 1
+	fi
+	if [ ! -e /etc/ssh/ssh_host_dsa_key ]; then
+		ebegin "Generating DSA Hostkey"
+		ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N ''
+		eend $? || return 1
+	fi
+	if [ ! -e /etc/ssh/ssh_host_rsa_key ]; then
+		ebegin "Generating RSA Hostkey"
+		ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
+		eend $? || return 1
+	fi
+
+	$command -t
+}

init.d.misc/wpa_supplicant.in

@@ -0,0 +1,70 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/wpa_supplicant
+: ${wpa_supplicant_conf:=/etc/wpa_supplicant.conf}
+wpa_supplicant_if=${wpa_supplicant_if:+-i}$wpa_supplicant_if
+command_args="$wpa_supplicant_args -B -c$wpa_supplicant_conf $wpa_supplicant_if"
+name="WPA Supplicant Daemon"
+
+depend()
+{
+	need localmount
+	use logger
+	after bootmisc modules
+	before dns dhcpcd net
+	keyword -shutdown
+}
+
+find_wireless()
+{
+	local iface=
+
+	case "$RC_UNAME" in
+	Linux)
+		for iface in /sys/class/net/*; do
+			if [ -e "$iface"/wireless -o \
+				-e "$iface"/phy80211 ]
+			then
+				echo "${iface##*/}"
+				return 0
+			fi
+		done
+		;;
+	*)
+		for iface in /dev/net/* $(ifconfig -l 2>/dev/null); do
+			if ifconfig "${iface##*/}" 2>/dev/null | \
+				grep -q "[ ]*ssid "
+			then
+				echo "${iface##*/}"
+				return 0
+			fi
+		done
+		;;
+	esac
+
+	return 1
+}
+
+append_wireless()
+{
+	local iface= i=
+
+	iface=$(find_wireless)
+	if [ -n "$iface" ]; then
+		for i in $iface; do
+			command_args="$command_args -i$i"
+		done
+	else
+		eerror "Could not find a wireless interface"
+	fi
+}
+
+start_pre()
+{
+	case " $command_args" in
+	*" -i"*) ;;
+	*) append_wireless;;
+	esac
+}

init.d/.gitignore

@@ -0,0 +1,43 @@
+bootmisc
+fsck
+hostname
+local
+localmount
+moused
+net.lo
+net.lo0
+netmount
+network
+root
+savecache
+swap
+swapfiles
+sysctl
+urandom
+devfs
+dmesg
+hwclock
+consolefont
+keymaps
+killprocs
+modules
+mount-ro
+mtab
+numlock
+procfs
+staticroute
+sysfs
+devdb
+hostid
+newsyslog
+pf
+rarpd
+rc-enabled
+rpcbind
+savecore
+swap-blk
+swclock
+syslogd
+termencoding
+ttys
+wscons

init.d/Makefile

@@ -0,0 +1,42 @@
+DIR=	${INITDIR}
+SRCS=	bootmisc.in fsck.in hostname.in local.in localmount.in netmount.in \
+	network.in root.in savecache.in staticroute.in swap.in swapfiles.in \
+	swclock.in sysctl.in urandom.in ${SRCS-${OS}}
+BIN=	${OBJS}
+
+INSTALLAFTER=	_installafter_net.lo
+CLEANFILES+=	net.lo
+TARGETS+=	net.lo
+
+MK=	../mk
+include ${MK}/os.mk
+
+NET_LO-FreeBSD=	net.lo0
+# Generic BSD scripts
+SRCS-FreeBSD=	hostid.in moused.in newsyslog.in pf.in rarpd.in rc-enabled.in \
+		rpcbind.in savecore.in syslogd.in
+# These are FreeBSD specific
+SRCS-FreeBSD+=	adjkerntz.in devd.in dumpon.in ipfw.in mixer.in nscd.in \
+		powerd.in syscons.in
+
+NET_LO-Linux=	net.lo
+SRCS-Linux=	devfs.in dmesg.in hwclock.in consolefont.in keymaps.in \
+		killprocs.in modules.in mount-ro.in mtab.in numlock.in \
+		procfs.in sysfs.in termencoding.in
+
+NET_LO-NetBSD=	net.lo0
+# Generic BSD scripts
+SRCS-NetBSD=	hostid.in moused.in newsyslog.in pf.in rarpd.in rc-enabled.in \
+		rpcbind.in savecore.in syslogd.in
+# These are NetBSD specific
+SRCS-NetBSD+=	devdb.in swap-blk.in ttys.in wscons.in
+
+%.in: %${SFX}
+	sed ${SED_REPLACE} ${SED_EXTRA} $< > $@
+
+include ${MK}/scripts.mk
+
+_installafter_: realinstall
+
+_installafter_net.lo: realinstall
+	${INSTALL} -m ${BINMODE} net.lo ${DESTDIR}/${INITDIR}/${NET_LO-${OS}}

init.d/adjkerntz.in

@@ -0,0 +1,62 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+extra_commands="save"
+
+description="Sets the local clock to UTC or Local Time."
+description_save="Saves the current time in the BIOS."
+
+: ${clock:=${CLOCK:-UTC}}
+if [ "$clock" = "UTC" ]; then
+	utc="UTC"
+else
+	utc="Local Time"
+fi
+
+depend()
+{
+	provide clock
+	# BSD adjkerntz needs to be able to write to /etc
+	if [ "$clock" = "UTC" -a -e /etc/wall_cmos_clock ] ||
+	   [ "$clock" != "UTC" -a ! -e /etc/wall_cmos_clock ]; then
+		need root
+	fi
+	keyword -jail
+}
+
+start()
+{
+	ebegin "Starting the System Clock Adjuster [${utc}]"
+	if [ "$clock" != "UTC" ]; then
+		echo >/etc/wall_cmos_clock
+		start-stop-daemon --start --exec /sbin/adjkerntz -- -i
+	else
+		rm -f /etc/wall_cmos_clock
+		/sbin/adjkerntz -i
+	fi
+	eend $?
+}
+
+save()
+{
+	ebegin "Setting hardware clock using the system clock [${utc}]"
+	adjkerntz -a
+	eend $?
+}
+
+stop()
+{
+	# Don't tweak the hardware clock on LiveCD halt.
+	if yesno "${clock_systohc:-$CLOCK_SYSTOHC}"; then
+	   [ -z "$CDBOOT" ] && save
+	fi
+
+	ebegin "Stopping the System Clock Adjuster"
+	if start-stop-daemon --test --quiet --stop --exec /sbin/adjkerntz; then
+		start-stop-daemon --stop --exec /sbin/adjkerntz
+		eend $?
+	else
+		eend 0
+	fi
+}

init.d/bootmisc.in

@@ -0,0 +1,198 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+depend()
+{
+	need localmount
+	before logger
+	after clock sysctl
+	keyword -timeout
+}
+
+: ${wipe_tmp:=${WIPE_TMP:-yes}}
+: ${log_dmesg:=${LOG_DMESG:-yes}}
+
+cleanup_tmp_dir()
+{
+	local dir="$1"
+
+	if ! [ -d "$dir" ]; then
+		mkdir -p "$dir" || return $?
+	fi
+	checkpath -W "$dir" || return 1
+	chmod a+rwt "$dir" 2> /dev/null
+	cd "$dir" || return 1
+	if yesno $wipe_tmp; then
+		ebegin "Wiping $dir directory"
+
+		# Faster than raw find
+		if ! rm -rf -- [^ajlq\.]* 2>/dev/null ; then
+			# Blah, too many files
+			find . -maxdepth 1 -name '[^ajlq\.]*' -exec rm -rf -- {} +
+		fi
+
+		# pam_mktemp creates a .private directory within which
+		# each user gets a private directory with immutable
+		# bit set; remove the immutable bit before trying to
+		# remove it.
+		[ -d /tmp/.private ] && chattr -R -a /tmp/.private 2> /dev/null
+
+		# Prune the paths that are left
+		find . -maxdepth 1 \
+			! -name . \
+			! -name lost+found \
+			! -name quota.user \
+			! -name aquota.user \
+			! -name quota.group \
+			! -name aquota.group \
+			! -name journal \
+			-exec rm -rf -- {} +
+		eend 0
+	else
+		ebegin "Cleaning $dir directory"
+		rm -rf -- .X*-lock esrv* kio* \
+			jpsock.* .fam* .esd* \
+			orbit-* ssh-* ksocket-* \
+			.*-unix
+		eend 0
+	fi
+}
+
+mkutmp()
+{
+	: >"$1"
+	# Not all systems have the utmp group
+	chgrp utmp "$1" 2>/dev/null
+	chmod 0664 "$1"
+}
+
+migrate_to_run()
+{
+	src="$1"
+	dst="$2"
+ 	if [ -L $src -a "$(readlink -f $src)" != $dst ]; then
+ 		ewarn "$src does not point to $dst."
+ 		ewarn "Setting $src to point to $dst."
+ 		rm $src
+ 	elif [ ! -L $src -a -d $src ]; then
+ 		ebegin "Migrating $src to $dst"
+ 		cp -a $src/* $dst/
+ 		rm -rf $src
+ 		eend $?
+ 	fi
+ 	# If $src doesn't exist at all, just run this
+ 	if [ ! -e $src ]; then
+ 		ln -s $dst $src
+ 	fi
+}
+
+start()
+{
+	# Remove any added console dirs
+	rm -rf "$RC_LIBEXECDIR"/console/*
+
+	local logw=false runw=false extra=
+	# Ensure that our basic dirs exist
+	if [ "$RC_UNAME" = Linux ]; then
+		# Satisfy Linux FHS
+		extra=/var/lib/misc
+		if [ ! -d /run ]; then
+			extra="/var/run $extra"
+		fi
+	else
+		extra=/var/run
+	fi
+	for x in /var/log /tmp $extra; do
+		if ! [ -d $x ]; then
+			if ! mkdir -p $x; then
+				eend 1 "failed to create needed directory $x"
+				return 1
+			fi
+		fi
+	done
+
+	if [ "$RC_UNAME" = Linux -a -d /run ] && false; then
+		migrate_to_run	/var/lock /run/lock
+		migrate_to_run	/var/run /run
+	fi
+
+	if checkpath -W /var/run; then
+		ebegin "Creating user login records"
+		local xtra=
+		[ "$RC_UNAME" = NetBSD ] && xtra=x
+		for x in "" $xtra; do
+			mkutmp /var/run/utmp$x
+		done
+		[ -e /var/log/wtmp ] || mkutmp /var/log/wtmp
+		eend 0
+
+		ebegin "Cleaning /var/run"
+		for x in $(find /var/run ! -type d ! -name utmp \
+			! -name random-seed ! -name dev.db \
+			! -name ld-elf.so.hints ! -name ld.so.hints);
+		do
+			# Clean stale sockets
+			if [ -S "$x" ]; then
+				if type fuser >/dev/null 2>&1; then
+					fuser "$x" >/dev/null 2>&1 || rm -- "$x"
+				else
+					rm -- "$x"
+				fi
+			fi
+			[ ! -f "$x" ] && continue
+			# Do not remove pidfiles of already running daemons
+			case "$x" in
+				*.pid)
+					start-stop-daemon --test --quiet \
+					--stop --pidfile "$x" && continue
+				;;
+			esac
+			rm -f -- "$x"
+		done
+		eend 0
+	fi
+
+	# Clean up /tmp directories
+	local tmp=
+	for tmp in ${clean_tmp_dirs:-${wipe_tmp_dirs-/tmp}}; do
+		cleanup_tmp_dir "$tmp"
+	done
+
+	if checkpath -W /tmp; then
+		# Make sure our X11 stuff have the correct permissions
+		# Omit the chown as bootmisc is run before network is up
+		# and users may be using lame LDAP auth #139411
+		rm -rf /tmp/.ICE-unix /tmp/.X11-unix
+		mkdir -p /tmp/.ICE-unix /tmp/.X11-unix
+		chmod 1777 /tmp/.ICE-unix /tmp/.X11-unix
+		if [ -x /sbin/restorecon ]; then
+			restorecon /tmp/.ICE-unix /tmp/.X11-unix
+		fi
+	fi
+
+	if yesno $log_dmesg; then
+		if $logw || checkpath -W /var/log; then
+			# Create an 'after-boot' dmesg log
+			if [ "$RC_SYS" != VSERVER -a "$RC_SYS" != OPENVZ ]; then
+				dmesg > /var/log/dmesg
+				chmod 640 /var/log/dmesg
+			fi
+		fi
+	fi
+
+	return 0
+}
+
+stop()
+{
+	# Write a halt record if we're shutting down
+	if [ "$RC_RUNLEVEL" = shutdown ]; then
+		[ "$RC_UNAME" = Linux ] && halt -w
+		if [ "$RC_SYS" = OPENVZ ]; then
+			yesno $RC_REBOOT && printf "" >/reboot
+		fi
+	fi
+
+	return 0
+}

init.d/consolefont.in

@@ -0,0 +1,67 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Sets a font for the consoles."
+
+depend()
+{
+	need localmount termencoding
+	after hotplug bootmisc
+	keyword -openvz -uml -vserver -xenu -lxc
+}
+
+start()
+{
+	ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
+	consolefont=${consolefont:-${CONSOLEFONT}}
+	unicodemap=${unicodemap:-${UNICODEMAP}}
+	consoletranslation=${consoletranslation:-${CONSOLETRANSLATION}}
+
+	if [ -z "$consolefont" ]; then
+		ebegin "Using the default console font"
+		eend 0
+		return 0
+	fi
+
+	if [ "$ttyn" = 0 ]; then
+		ebegin "Skipping font setup (rc_tty_number == 0)"
+		eend 0
+		return 0
+	fi
+
+	local x= param= sf_param= retval=0 ttydev=/dev/tty
+
+	# Get additional parameters
+	if [ -n "$consoletranslation" ]; then
+		param="$param -m $consoletranslation"
+	fi
+	if [ -n "${unicodemap}" ]; then
+		param="$param -u $unicodemap"
+	fi
+
+	# Set the console font
+	ebegin "Setting console font [$consolefont]"
+	[ -d /dev/vc ] && ttydev=/dev/vc/
+	x=1
+	while [ $x -le $ttyn ]; do
+		if ! setfont $consolefont $param -C $ttydev$x >/dev/null; then
+			retval=1
+			break
+		fi
+		: $(( x += 1 ))
+	done
+	eend $retval
+
+	# Store the last font so we can use it ASAP on boot
+	if [ $retval -eq 0 ] && checkpath -W "$RC_LIBEXECDIR"; then
+		mkdir -p "$RC_LIBEXECDIR"/console
+		for font in /usr/share/consolefonts/"$consolefont".*; do
+			:
+		done
+		cp "$font" "$RC_LIBEXECDIR"/console
+		echo "${font##*/}" >"$RC_LIBEXECDIR"/console/font
+	fi
+
+	return $retval
+}

init.d/devd.in

@@ -0,0 +1,22 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/sbin/devd
+command_args=$devd_args
+name="Device State Change Daemon"
+
+depend() {
+	need localmount
+	after bootmisc
+	before net.lo0
+	keyword -jail
+}
+
+start_pre() {
+	sysctl hw.bus.devctl_disable=0 >/dev/null
+}
+
+stop_post() {
+	sysctl hw.bus.devctl_disable=1 >/dev/null
+}

init.d/devdb.in

@@ -0,0 +1,21 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Creates the dev database"
+
+depend()
+{
+	need localmount
+}
+
+start()
+{
+	ebegin "Building the dev database"
+	if [ /var/run/dev.db -nt /dev ]; then
+		:
+	else
+		dev_mkdb
+	fi
+	eend $?
+}

init.d/devfs.in

@@ -0,0 +1,36 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Mount system critical filesystems in /dev."
+
+depend() {
+	use dev
+	keyword -vserver
+}
+
+start() {
+	# Mount required stuff as user may not have then in /etc/fstab
+	for x in \
+		"devpts /dev/pts 0755 ,gid=5,mode=0620 devpts" \
+		"tmpfs /dev/shm 1777 ,nodev shm" \
+	; do
+		set -- $x
+		grep -Eq "[[:space:]]+$1$" /proc/filesystems || continue
+		mountinfo -q $2 && continue
+
+		if [ ! -d $2 ]; then
+			mkdir -m $3 -p $2 >/dev/null 2>&1 || \
+				ewarn "Could not create $2!"
+		fi
+
+		if [ -d $2 ]; then
+			ebegin "Mounting $2"
+			if ! fstabinfo --mount $2; then
+				mount -n -t $1 -o noexec,nosuid$4 $5 $2
+			fi
+			eend $?
+		fi
+	done
+	return 0
+}

init.d/dmesg.in

@@ -0,0 +1,18 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Set the dmesg level for a cleaner boot"
+
+depend()
+{
+	before dev modules
+	keyword -vserver
+}
+
+start()
+{
+	if [ -n "$dmesg_level" ]; then
+		dmesg -n$dmesg_level
+	fi
+}

init.d/dumpon.in

@@ -0,0 +1,25 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Configures a specific kernel dump device."
+
+depend() {
+	need swap
+	keyword -jail
+}
+
+start() {
+	# Setup any user requested dump device
+	if [ -n "$dump_device" ]; then
+		ebegin "Activating kernel core dump device ($dump_device)"
+		dumpon ${dump_device}
+		eend $?
+	fi
+}
+
+stop() {
+	ebegin "Deactivating kernel core dump device"
+	dumpon off
+	eend $?
+}

init.d/fsck.in

@@ -0,0 +1,125 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Check and repair filesystems according to /etc/fstab"
+_IFS="
+"
+
+depend()
+{
+	use dev clock modules
+	keyword -jail -openvz -timeout -vserver -lxc
+}
+
+_abort() {
+	rc-abort
+	return 1
+}
+
+# We should only reboot when first booting
+_reboot() {
+	if [ "$RC_RUNLEVEL" = "$RC_BOOTLEVEL" ]; then
+		reboot "$@"
+		_abort || return 1
+	fi
+}
+
+_forcefsck()
+{
+	[ -e /forcefsck ] || get_bootparam forcefsck
+}
+
+start()
+{
+	local fsck_opts= p= check_extra=
+
+	if [ -e /fastboot ]; then
+		ewarn "Skipping fsck due to /fastboot"
+		return 0
+	fi
+	if _forcefsck; then
+		fsck_opts="$fsck_opts -f"
+		check_extra="(check forced)"
+	elif ! yesno ${fsck_on_battery:-YES} && ! on_ac_power; then
+		ewarn "Skipping fsck due to not being on AC power"
+		return 0
+	fi
+
+	if [ -n "$fsck_passno" ]; then
+		check_extra="[passno $fsck_passno] $check_extra"
+		if [ -n "$fsck_mnt" ]; then
+			eerror "Only 1 of fsck_passno and fsck_mnt must be set!"
+			return 1
+		fi
+	fi
+	ebegin "Checking local filesystems $check_extra"
+	# Append passno mounts
+	for p in $fsck_passno; do
+		local IFS="$_IFS"
+		case "$p" in
+			[0-9]*) p="=$p";;
+		esac
+		set -- "$@" $(fstabinfo --passno "$p")
+		unset IFS
+	done
+	# Append custom mounts
+	for m in $fsck_mnt ; do
+		local IFS="$_IFS"
+		set -- "$@" "$m"
+		unset IFS
+	done
+
+	if [ "$RC_UNAME" = Linux ]; then
+		local skiptypes x
+		for x in $net_fs_list $extra_net_fs_list; do
+			skiptypes="${skiptypes}no${x},"
+		done
+		skiptypes="${skiptypes}noopts=_netdev"
+		fsck_opts="$fsck_opts -C0 -T -t $skiptypes"
+		if [ -z "$fsck_passno" -a -z "$fsck_mnt" ]; then
+			fsck_args=${fsck_args--A -p}
+			if echo 2>/dev/null >/.test.$$; then
+				rm -f /.test.$$
+				fsck_opts="$fsck_opts -R"
+			fi
+		fi
+	fi
+
+	trap : INT QUIT
+	fsck ${fsck_args--p} $fsck_opts "$@"
+	case $? in
+	0)	eend 0; return 0;;
+	1)	ewend 1 "Filesystems repaired"; return 0;;
+	2|3)	if [ "$RC_UNAME" = Linux ]; then
+		 	ewend 1 "Filesystems repaired, but reboot needed"
+	         	_reboot -f
+		else
+			ewend 1 "Filesystems still have errors;" \
+				"manual fsck required"
+			_abort
+		fi;;
+	4)	if [ "$RC_UNAME" = Linux ]; then
+			ewend 1 "Fileystem errors left uncorrected, aborting"
+			_abort
+		else
+		 	ewend 1 "Filesystems repaired, but reboot needed"
+			_reboot
+		fi;;
+	8)	ewend 1 "Operational error"; return 0;;
+	12)	ewend 1 "fsck interrupted";;
+	*)	eend 2 "Filesystems couldn't be fixed";;
+	esac
+	_abort || return 1
+}
+
+stop()
+{
+	# Fake function so we always shutdown correctly.
+	_abort() { return 0; }
+	_reboot() { return 0; }
+	_forcefsck() { return 1; }
+
+	yesno $fsck_shutdown && start
+	return 0
+}

init.d/hostid.in

@@ -0,0 +1,80 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+extra_commands="reset"
+: ${hostid_file:=/etc/hostid}
+
+depend()
+{
+	use root
+	before devd net
+	keyword -jail
+}
+
+_set()
+{
+	local id=0
+
+	if [ -n "$1" ]; then
+		id=$(echo "$1" | md5)
+		id="0x${id%????????????????????????}"
+	fi
+	ebegin "Setting Host ID: $id"
+	sysctl -w kern.hostid="$id" >/dev/null
+	eend $? || return 1
+
+	if sysctl -n kern.hostuuid >/dev/null 2>&1; then
+		[ -n "$1" ] && id=$1
+		ebegin "Setting Host UUID: $id"
+		sysctl kern.hostuuid="$id" >/dev/null
+		eend $? || return 1
+	fi
+
+}
+
+# First we check to see if there is a system UUID
+# If so then we use that and erase the hostid file,
+# otherwise we generate a random UUID.
+reset()
+{
+	local uuid= x="[0-9a-f]" y="$x$x$x$x"
+
+	if type kenv >/dev/null 2>&1; then
+		uuid=$(kenv smbios.system.uuid 2>/dev/null)
+	fi
+	case "$uuid" in
+		$y$y-$y-$y-$y-$y$y$y);;
+		*) uuid=;;
+	esac
+
+	if [ -n "$uuid" ]; then
+		rm -f "$hostid_file"
+	else
+		uuid=$(uuidgen)
+		if [ -z "$uuid" ]; then
+			eerror "Unable to generate a UUID"
+			return 1
+		fi
+		if ! echo "$uuid" >"$hostid_file"; then
+			eerror "Failed to store UUID in \`$hostid_file'"
+			return 1
+		fi
+	fi
+
+	_set "$uuid"
+}
+
+start()
+{
+	if [ -r "$hostid_file" ]; then
+		_set $(cat "$hostid_file")
+	else
+		reset
+	fi
+}
+
+stop()
+{
+	_set
+}

init.d/hostname.in

@@ -0,0 +1,43 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Sets the hostname of the machine."
+
+depend() {
+	need root
+}
+
+start()
+{
+	hostname=${hostname-${HOSTNAME-localhost}}
+	out=$hostname
+	short=${hostname%%.*}
+	if [ "$short" != "$hostname" ]; then
+		out="$out $short"
+	fi
+	if [ "$nisdomainname" != "" ]; then
+		ebegin "Setting NIS domain name to $nisdomainname"
+		nisdomainname $nisdomainname
+		eend $? "Failed to set the NIS domain name"
+	fi
+	if [ "$short" != "localhost" ]; then
+		out="$out localhost"
+	fi
+	if [ "$hostname" != "localhost.localdomain" ]; then
+		out="$out localhost.localdomain"
+	fi
+	[ -n "$aliases" ] && out="$out $aliases"
+	ebegin "Configuring /etc/hosts"
+	[ -e /etc/hosts ] && sed -i -e '/[[:space:]]*127.0.0.1[[:space:]]/d' -e '/[[:space:]]*::1[[:space:]]/d' /etc/hosts
+	cat <<END >> /etc/hosts
+127.0.0.1	$out
+::1		$out
+END
+	chmod 0644 /etc/hosts
+	eend $?
+	[ "$RC_SYS" = "LXC" ] && return 0
+	ebegin "Setting hostname to $hostname"
+	hostname "$hostname"
+	eend $? "Failed to set the hostname"
+}

init.d/hwclock.in

@@ -0,0 +1,146 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+extra_commands="save show"
+
+description="Sets the local clock to UTC or Local Time."
+description_save="Saves the current time in the BIOS."
+description_show="Displays the current time in the BIOS."
+
+: ${clock_adjfile:=${CLOCK_ADJFILE}}
+: ${clock_args:=${CLOCK_OPTS}}
+: ${clock_systohc:=${CLOCK_SYSTOHC}}
+: ${clock:=${CLOCK:-UTC}}
+if [ "$clock" = "UTC" ]; then
+	utc="UTC"
+	utc_cmd="--utc"
+else
+	utc="Local Time"
+	utc_cmd="--localtime"
+fi
+
+depend()
+{
+	provide clock
+	if yesno $clock_adjfile; then
+		use root
+	else
+		before *
+	fi
+	keyword -openvz -uml -vserver -xenu -lxc
+}
+
+setupopts()
+{
+	case "$(uname -m)" in
+		s390*)
+			utc="s390"
+			;;
+		*)
+			if [ -e /proc/devices ] && \
+				grep -q " cobd$" /proc/devices
+			then
+				utc="coLinux"
+			fi
+			;;
+	esac
+
+	case "$utc" in
+		UTC|Local" "Time);;
+		*) unset utc_cmd;;
+	esac
+}
+
+# hwclock doesn't always return non zero on error
+_hwclock()
+{
+	local err="$(hwclock "$@" 2>&1 >/dev/null)"
+
+	[ -z "$err" ] && return 0
+	echo "${err}" >&2
+	return 1
+}
+
+start()
+{
+	local retval=0 errstr=""
+	setupopts
+
+	if [ -z "$utc_cmd" ]; then
+		ewarn "Not setting clock for $utc system"
+		return 0
+	fi
+
+	ebegin "Setting system clock using the hardware clock [$utc]"
+	if [ -e /proc/modules ]; then
+		local rtc=
+		for rtc in /dev/rtc /dev/rtc[0-9]*; do
+			[ -e "$rtc" ] && break
+		done
+		if [ ! -e "${rtc}" ]; then
+			modprobe -q rtc-cmos || modprobe -q rtc || modprobe -q genrtc
+		fi
+	fi
+
+	if [ -e /etc/adjtime ] && yesno $clock_adjfile; then
+		_hwclock --adjust $utc_cmd
+		: $(( retval += $? ))
+	fi
+
+	# If setting UTC, don't bother to run hwclock when first booting
+	# as that's the default
+	if [ "$PREVLEVEL" != N -o \
+		"$utc_cmd" != --utc -o \
+		-n "$clock_args" ];
+	then
+		if yesno ${clock_hctosys:-YES}; then
+			_hwclock --hctosys $utc_cmd $clock_args
+		else
+			_hwclock --systz $utc_cmd $clock_args
+		fi
+		: $(( retval += $? ))
+	fi
+
+	eend $retval "Failed to set the system clock"
+
+	return 0
+}
+
+stop()
+{
+	# Don't tweak the hardware clock on LiveCD halt.
+	[ -n "$CDBOOT" ] && return 0
+	yesno ${clock_systohc:-YES} || return 0
+
+	local retval=0 errstr=""
+	setupopts
+
+	[ -z "$utc_cmd" ] && return 0
+
+	ebegin "Setting hardware clock using the system clock" "[$utc]"
+
+	if ! yesno $clock_adjfile; then
+		# Some implementations don't handle adjustments
+		if LC_ALL=C hwclock --help 2>&1 | grep -q "\-\-noadjfile"; then
+			utc_cmd="$utc_cmd --noadjfile"
+		fi
+	fi
+
+	_hwclock --systohc $utc_cmd $clock_args
+	retval=$?
+
+	eend $retval "Failed to sync clocks"
+}
+
+save()
+{
+	clock_systohc=yes
+	stop
+}
+
+show()
+{
+	setupopts
+	hwclock --show "$utc_cmd" $clock_args
+}

init.d/ipfw.in

@@ -0,0 +1,159 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+# This is based on /etc/rc.firewall and /etc/rc.firewall6 from FreeBSD
+
+ipfw_ip_in=${ipfw_ip_in-any}
+ipfw_ports_in=${ipfw_ports_in-auth ssh}
+ipfw_ports_nolog=${ipfw_ports_nolog-135-139,445 1026,1027 1433,1434}
+
+opts="panic showstatus"
+
+depend() {
+	before net
+	provide firewall
+	keyword -jail
+}
+
+ipfw() {
+	/sbin/ipfw -f -q "$@"
+}
+
+have_ip6() {
+	sysctl net.ipv6 2>/dev/null
+}
+
+init() {
+	# Load the kernel module
+	if ! sysctl net.inet.ip.fw.enable=1 >/dev/null 2>&1; then
+		if ! kldload ipfw; then
+			eend 1 "Unable to load firewall module"
+			return 1
+		fi
+	fi
+
+	# Now all rules and give a good base
+	ipfw flush
+
+	ipfw add pass all from any to any via lo0
+	ipfw add deny all from any to 127.0.0.0/8
+	ipfw add deny ip from 127.0.0.0/8 to any
+
+	if have_ip6; then
+		ipfw add pass ip6 from any to any via lo0
+		ipfw add deny ip6 from any to ::1
+		ipfw add deny ip6 from ::1 to any
+
+		ipfw add pass ip6 from :: to ff02::/16 proto ipv6-icmp
+		ipfw add pass ip6 from fe80::/10 to fe80::/10 proto ipv6-icmp
+		ipfw add pass ip6 from fe80::/10 to ff02::/16 proto ipv6-icmp
+	fi
+}
+
+start() {
+	local i= p= log=
+	ebegin "Starting firewall rules"
+	if ! init; then
+		eend 1 "Failed to flush firewall ruleset"
+		return 1
+	fi
+
+	# Use a stateful firewall
+	ipfw add check-state
+	ipfw add pass tcp from me to any established
+
+	# Allow any connection out, adding state for each.
+	ipfw add pass tcp  from me  to any setup keep-state
+	ipfw add pass udp  from me  to any       keep-state
+	ipfw add pass icmp from me  to any       keep-state
+
+	if have_ip6; then
+		ipfw add pass tcp  from me6 to any setup keep-state
+		ipfw add pass udp  from me6 to any       keep-state
+		ipfw add pass icmp from me6 to any       keep-state
+	fi
+
+	# Allow DHCP.
+	ipfw add pass udp  from 0.0.0.0 68 to 255.255.255.255 67 out
+	ipfw add pass udp  from any 67     to me 68 in
+	ipfw add pass udp  from any 67     to 255.255.255.255 68 in
+	# Some servers will ping the IP while trying to decide if it's
+	# still in use.
+	ipfw add pass icmp from any to any icmptype 8
+
+	# Allow "mandatory" ICMP in.
+	ipfw add pass icmp from any to any icmptype 3,4,11
+
+	if have_ip6; then
+		# Allow ICMPv6 destination unreach
+		ipfw add pass ip6 from any to any icmp6types 1 proto ipv6-icmp
+
+		# Allow NS/NA/toobig (don't filter it out)
+		ipfw add pass ip6 from any to any icmp6types 2,135,136 proto ipv6-icmp
+	fi
+
+	# Add permits for this workstations published services below
+	# Only IPs and nets in firewall_allowservices is allowed in.
+	for i in $ipfw_ip_in; do
+		for p in $ipfw_ports_in; do
+			ipfw add pass tcp from $i to me $p
+		done
+	done
+
+	# Allow all connections from trusted IPs.
+	# Playing with the content of firewall_trusted could seriously
+	# degrade the level of protection provided by the firewall.
+	for i in $ipfw_ip_trust; do
+		ipfw add pass ip from $i to me
+	done
+
+	ipfw add 65000 count ip from any to any
+
+	# Drop packets to ports where we don't want logging
+	for p in $ipfw_ports_nolog; do
+		ipfw add deny { tcp or udp } from any to any $p in
+	done
+
+	# Broadcasts and muticasts
+	ipfw add deny ip from any to 255.255.255.255
+	ipfw add deny ip from any to 224.0.0.0/24
+
+	# Noise from routers
+	ipfw add deny udp from any to any 520 in
+
+	# Noise from webbrowsing.
+	# The stateful filter is a bit aggressive, and will cause some
+	# connection teardowns to be logged.
+	ipfw add deny tcp from any 80,443 to any 1024-65535 in
+
+	# Deny and (if wanted) log the rest unconditionally.
+	if yesno ${ipfw_log_deny:-no}; then
+		log=log
+		sysctl net.inet.ip.fw.verbose=1 >/dev/null
+	fi
+	ipfw add deny $log ip from any to any
+
+	eend 0
+}
+
+stop() {
+	ebegin "Stopping firewall rules"
+	# We don't unload the kernel module as that action
+	# can cause memory leaks as of FreeBSD 6.x
+	sysctl net.inet.ip.fw.enable=0 >/dev/null
+	eend $?
+}
+
+panic() {
+	ebegin "Stopping firewall rules - hard"
+	if ! init; then
+		eend 1 "Failed to flush firewall ruleset"
+		return 1
+	fi
+	eend 0
+}
+
+showstatus() {
+	ipfw show
+}

init.d/keymaps.in

@@ -0,0 +1,70 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Applies a keymap for the consoles."
+
+depend()
+{
+	need localmount termencoding
+	after bootmisc
+	keyword -openvz -uml -vserver -xenu -lxc
+}
+
+start()
+{
+	ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
+	: ${unicode:=$UNICODE}
+	: ${keymap:=$KEYMAP}
+	: ${extended_keymaps:=$EXTENDED_KEYMAPS}
+	: ${windowkeys:=$SET_WINDOWSKEYS}
+	: ${fix_euro:=$FIX_EURO}
+	: ${dumpkeys_charset:=${DUMPKEYS_CHARSET}}
+
+	if [ -z "$keymap" ]; then
+		eerror "You need to setup keymap in /etc/conf.d/keymaps first"
+		return 1
+	fi
+
+	local ttydev=/dev/tty n=
+	[ -d /dev/vc ] && ttydev=/dev/vc/
+
+	# Force linux keycodes for PPC.
+	if [ -f /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes ]; then
+		echo 1 > /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes
+	fi
+
+	local wkeys= kmode="-a" msg="ASCII"
+	if yesno $unicode; then
+		kmode="-u"
+		msg="UTF-8"
+	fi
+	yesno $windowkeys && wkeys="windowkeys"
+
+	# Set terminal encoding to either ASCII or UNICODE.
+	# See utf-8(7) for more information.
+	ebegin "Setting keyboard mode [$msg]"
+	n=1
+	while [ $n -le $ttyn ]; do
+		kbd_mode $kmode -C $ttydev$n
+		: $(( n += 1 ))
+	done
+	eend 0
+
+	ebegin "Loading key mappings [$keymap]"
+	loadkeys -q $wkeys $keymap $extended_keymaps
+	eend $? "Error loading key mappings" || return $?
+
+	if yesno $fix_euro; then
+		ebegin "Fixing font for euro symbol"
+		# Fix some fonts displaying the Euro, #173528.
+		echo "altgr keycode 18 = U+20AC" | loadkeys -q
+		eend $?
+	fi
+
+	# Save the keymapping for use immediately at boot
+	if checkpath -W "$RC_LIBEXECDIR"; then
+		mkdir -p "$RC_LIBEXECDIR"/console
+		dumpkeys >"$RC_LIBEXECDIR"/console/keymap
+	fi
+}

init.d/killprocs.in

@@ -0,0 +1,17 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Kill all processes so we can unmount disks cleanly."
+
+start()
+{
+	ebegin "Terminating remaining processes"
+	killall5 -15 ${killall5_opts}
+	sleep 1
+	eend 0
+	ebegin "Killing remaining processes"
+	killall5 -9 ${killall5_opts}
+	sleep 1
+	eend 0
+}

init.d/local.in

@@ -0,0 +1,51 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Executes user programs in @SYSCONFDIR@/local.d"
+
+depend()
+{
+	after *
+	keyword -timeout
+}
+
+start()
+{
+	einfo "Starting local"
+
+	local file
+	for file in @SYSCONFDIR@/local.d/*.start ; do
+		[ -x "$file" ] && "$file"
+	done
+
+	if type local_start >/dev/null 2>&1; then
+		ewarn "@SYSCONFDIR@/conf.d/local should be removed."
+		ewarn "Please move the code from the local_start function"
+		ewarn "to scripts with an .start extension"
+		ewarn "in @SYSCONFDIR@/local.d"
+		local_start
+	fi
+
+	eend 0
+}
+
+stop()
+{
+	einfo "Stopping local"
+
+	local file
+	for file in @SYSCONFDIR@/local.d/*.stop; do
+		[ -x "$file" ] && "$file"
+	done
+
+	if type local_start >/dev/null 2>&1; then
+		ewarn "@SYSCONFDIR@/conf.d/local should be removed."
+		ewarn "Please move the code from the local_stop function"
+		ewarn "to scripts with an .stop extension"
+		ewarn "in @SYSCONFDIR@/local.d"
+		local_stop
+	fi
+
+	eend 0
+}

init.d/localmount.in

@@ -0,0 +1,81 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Mounts disks and swap according to /etc/fstab."
+
+depend()
+{
+	need fsck
+	use lvm modules mtab
+	after lvm modules
+	keyword -jail -vserver -lxc
+}
+
+start()
+{
+	# Mount local filesystems in /etc/fstab.
+	local types="noproc" x= no_netdev=
+	for x in $net_fs_list $extra_net_fs_list; do
+		types="${types},${x}"
+	done
+
+	if [ "$RC_UNAME" = Linux ]; then
+		no_netdev="-O no_netdev"
+	fi
+	ebegin "Mounting local filesystems"
+	mount -at "$types" $no_netdev
+	eend $? "Some local filesystem failed to mount"
+
+	# Always return 0 - some local mounts may not be critical for boot
+	return 0
+}
+
+stop()
+{
+	yesno $RC_GOINGDOWN || return 0
+	# We never unmount / or /dev or $RC_SVCDIR
+
+	# Bug 381783
+	local rc_svcdir=$(echo $RC_SVCDIR | sed 's:/lib\(32\|64\)\?/:/lib(32|64)?/:g')
+
+	local x= no_umounts_r="/|/dev|/dev/.*|${rc_svcdir}"
+	no_umounts_r="${no_umounts_r}|/bin|/sbin|/lib(32|64)?|/libexec"
+	# RC_NO_UMOUNTS is an env var that can be set by plugins
+	local IFS="$IFS:"
+	for x in $no_umounts $RC_NO_UMOUNTS; do
+		no_umounts_r="$no_umounts_r|$x"
+	done
+
+	if [ "$RC_UNAME" = Linux ]; then
+		no_umounts_r="$no_umounts_r|/proc|/proc/.*|/run|/sys|/sys/.*|/usr"
+	fi
+	no_umounts_r="^($no_umounts_r)$"
+
+	# Flush all pending disk writes now
+	sync; sync
+
+	. "$RC_LIBEXECDIR"/sh/rc-mount.sh
+
+	# Umount loop devices
+	einfo "Unmounting loop devices"
+	eindent
+	do_unmount "umount -d" --skip-point-regex "$no_umounts_r" \
+		--node-regex "^/dev/loop"
+	eoutdent
+
+	# Now everything else, except network filesystems as the
+	# network should be down by this point.
+	einfo "Unmounting filesystems"
+	eindent
+	local fs=
+	for x in $net_fs_list $extra_net_fs_list; do
+		fs="$fs${fs:+|}$x"
+	done
+	[ -n "$fs" ] && fs="^($fs)$"
+	do_unmount umount --skip-point-regex "$no_umounts_r" \
+		"${fs:+--skip-fstype-regex}" $fs --nonetdev
+	eoutdent
+
+	return 0
+}

init.d/mixer.in

@@ -0,0 +1,47 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+extra_commands="restore"
+
+depend()
+{
+	need localmount
+	keyword -jail
+}
+
+restore()
+{
+	local mixer= retval=0
+	ebegin "Restoring mixer settings"
+	eindent
+	for mixer in /dev/mixer*; do
+		if [ -r "/var/db/${mixer#/dev/}-state" ]; then
+			vebegin "$mixer"
+			mixer -f "$mixer" \
+			$(cat "/var/db/${mixer#/dev/}-state") >/dev/null
+			veend $?
+			: $(( retval += $? ))
+		fi
+	done
+}
+
+start()
+{
+	restore
+}
+
+stop()
+{
+	local mixer= retval=0
+	ebegin "Saving mixer settings"
+	eindent
+	for mixer in /dev/mixer*; do
+		vebegin "$mixer"
+		mixer -f "$mixer" -s >/var/db/"${mixer#/dev/}"-state
+		veend $?
+		: $(( retval += $? ))
+	done
+	eoutdent
+	eend $retval
+}

init.d/modules.in

@@ -0,0 +1,63 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Loads a user defined list of kernel modules."
+
+depend()
+{
+	use isapnp
+	keyword -openvz -vserver -lxc
+}
+
+start()
+{
+	# Should not fail if kernel do not have module
+	# support compiled in ...
+	[ ! -f /proc/modules ] && return 0
+
+	local KV x y kv_variant_list
+	KV=$(uname -r)
+	# full $KV
+	kv_variant_list="${KV}"
+	# remove any KV_EXTRA options to just get the full version
+	x=${KV%%-*}
+	# now slowly strip them
+	while [ -n "$x" ] && [ "$x" != "$y" ]; do
+		kv_variant_list="${kv_variant_list} $x"
+		y=$x
+		x=${x%.*}
+	done
+
+	local list= x= xx= y= args= mpargs= cnt=0 a=
+	for x in $kv_variant_list ; do
+		eval list=\$modules_$(shell_var "$x")
+		[ -n "$list" ] && break
+	done
+	[ -z "$list" ] && list=$modules
+
+	for x in $list; do
+		a=${x#*:}
+		if [ "$a" = "$x" ]; then
+			unset mpargs
+			ebegin "Loading module $x"
+		else
+			x=${x%%:*}
+			mpargs="-o $a"
+			ebegin "Loading module $x as $a"
+		fi
+		aa=$(shell_var "$a")
+		xx=$(shell_var "$x")
+		for y in $kv_variant_list ; do
+			eval args=\$module_${aa}_args_$(shell_var "$y")
+			[ -n "${args}" ] && break
+			eval args=\$module_${xx}_args_$(shell_var "$y")
+			[ -n "${args}" ] && break
+		done
+		[ -z "$args" ] && eval args=\$module_${aa}_args
+		[ -z "$args" ] && eval args=\$module_${xx}_args
+		eval modprobe -q "$mpargs" "$x" "$args"
+		eend $? "Failed to load $x" && : $(( cnt += 1 ))
+	done
+	einfo "Autoloaded $cnt module(s)"
+}

init.d/mount-ro.in

@@ -0,0 +1,44 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Re-mount filesytems read-only for a clean reboot."
+
+depend()
+{
+	need killprocs savecache
+	keyword -openvz -vserver -lxc
+}
+
+start()
+{
+	# Flush all pending disk writes now
+	sync; sync
+
+	ebegin "Remounting remaining filesystems read-only"
+	# We need the do_unmount function
+	. "$RC_LIBEXECDIR"/sh/rc-mount.sh
+	eindent
+
+	# Bug 381783
+	local rc_svcdir=$(echo $RC_SVCDIR | sed 's:/lib\(32\|64\)\?/:/lib(32|64)?/:g')
+
+	local m="/dev|/dev/.*|/proc|/proc.*|/sys|/sys/.*|/run|${rc_svcdir}" x= fs=
+	m="$m|/bin|/sbin|/lib(32|64)?|/libexec"
+	# RC_NO_UMOUNTS is an env var that can be set by plugins
+	local IFS="$IFS:"
+	for x in $no_umounts $RC_NO_UMOUNTS; do
+		m="$m|$x"
+	done
+	m="^($m)$"
+	fs=
+	for x in $net_fs_list $extra_net_fs_list; do
+		fs="$fs${fs:+|}$x"
+	done
+	[ -n "$fs" ] && fs="^($fs)$"
+	do_unmount "umount -r" \
+		--skip-point-regex "$m" \
+		"${fs:+--skip-fstype-regex}" $fs --nonetdev
+	eoutdent
+	eend $?
+}

init.d/moused.in

@@ -0,0 +1,62 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+mouse=${RC_SVCNAME##*.}
+if [ -n "$mouse" -a "$mouse" != "moused" ]; then
+	moused_device=/dev/"$mouse"
+	pidfile=/var/run/moused-"$mouse".pid
+else
+	pidfile=/var/run/moused.pid
+fi
+name="Console Mouse Daemon"
+[ -n "$moused_device" ] && name="$name ($moused_device)"
+
+depend()
+{
+	need localmount
+	after bootmisc
+	keyword -jail
+}
+
+start()
+{
+	ebegin "Starting $name"
+
+	if [ -z "$moused_device" ]; then
+		local dev=
+		for dev in /dev/psm[0-9]* /dev/ums[0-9]*; do
+			[ -c "$dev" ] || continue
+			[ -e /var/run/moused-"${dev##*/}".pid ] && continue
+			moused_device=$dev
+			eindent
+			einfo "Using mouse on $moused_device"
+			eoutdent
+			break
+		done
+	fi
+
+	if [ -z "$moused_device" ]; then
+		eend 1 "No mouse device found"
+		return 1
+	fi
+
+	local args=
+	eval args=\$moused_args_${moused_device##*/}
+	[ -z "$args" ] && args=$moused_args
+
+	start-stop-daemon --start --exec /usr/sbin/moused \
+		--pidfile "$pidfile" \
+		-- $args -p "$moused_device" -I "$pidfile"
+	local retval=$?
+
+	if [ $retval = 0 ]; then
+		local ttyv=
+		for ttyv in /dev/ttyv*; do
+			vidcontrol < "$ttyv" -m on
+			: $(( retval += $? ))
+		done
+	fi
+
+	eend $retval "Failed to start moused"
+}

init.d/mtab.in

@@ -0,0 +1,35 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Update /etc/mtab to match what the kernel knows about"
+
+depend()
+{
+	need root
+}
+
+start()
+{
+	if [ -L /etc/mtab ]
+	then
+		einfo "Skipping mtab update (mtab is a symbolic link)"
+		return 0
+	fi
+
+	ebegin "Updating /etc/mtab"
+	if ! echo 2>/dev/null >/etc/mtab; then
+		ewend 1 "/etc/mtab is not updateable"
+		return 0
+	fi
+
+	# With / as tmpfs we cannot umount -at tmpfs in localmount as that
+	# makes / readonly and dismounts all tmpfs even if in use which is
+	# not good. Luckily, umount uses /etc/mtab instead of /proc/mounts
+	# which allows this hack to work.
+	grep -v "^[^ ]* / tmpfs " /proc/mounts > /etc/mtab
+
+	# Remove stale backups
+	rm -f /etc/mtab~ /etc/mtab~~
+	eend 0
+}

init.d/net.lo.in

@@ -0,0 +1,772 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+MODULESDIR="${RC_LIBEXECDIR}/net"
+MODULESLIST="${RC_SVCDIR}/nettree"
+_config_vars="config routes"
+
+[ -z "${IN_BACKGROUND}" ] && IN_BACKGROUND="NO"
+
+description="Configures network interfaces."
+
+# Handy var so we don't have to embed new lines everywhere for array splitting
+__IFS="
+"
+depend()
+{
+	local IFACE=${RC_SVCNAME#*.}
+	local IFVAR=$(shell_var "${IFACE}")
+
+	need localmount
+	if [ "$RC_UNAME" = Linux ]; then
+		need sysfs
+	fi
+	after bootmisc
+	keyword -jail -vserver
+
+	case "${IFACE}" in
+		lo|lo0) provide lo;;
+		*)
+			after net.lo net.lo0 dbus
+			provide net
+			;;
+	esac
+
+	if [ "$(command -v "depend_${IFVAR}")" = "depend_${IFVAR}" ]; then
+		depend_${IFVAR}
+	fi
+
+	local dep= prov=
+	for dep in need use before after provide keyword; do
+		eval prov=\$rc_${dep}_${IFVAR}
+		if [ -n "${prov}" ]; then
+			${dep} ${prov}
+			ewarn "rc_${dep}_${IFVAR} is deprecated."
+			ewarn "Please use rc_net_${IFVAR}_${dep} instead."
+		fi
+	done
+}
+
+# Support bash arrays - sigh
+_array_helper()
+{
+	local _a=
+
+	eval _a=\$$1
+	_a=$(echo "${_a}" | sed -e 's:^[[:space:]]*::' -e 's:[[:space:]]*$::' -e '/^$/d' -e 's:[[:space:]]\{1,\}: :g')
+
+	[ -n "${_a}" ] && printf "%s\n" "${_a}"
+}
+
+_get_array()
+{
+	local _a=
+	if [ -n "${BASH}" ]; then
+		case "$(declare -p "$1" 2>/dev/null)" in
+			"declare -a "*)
+				ewarn "You are using a bash array for $1."
+				ewarn "This feature will be removed in the future."
+				ewarn "Please see net.example for the correct format for $1."
+				eval "set -- \"\${$1[@]}\""
+				for _a; do
+					printf "%s\n" "${_a}"
+				done
+				return 0
+				;;
+		esac
+	fi
+
+	_array_helper $1
+}
+
+# Flatten bash arrays to simple strings
+_flatten_array()
+{
+	if [ -n "${BASH}" ]; then
+		case "$(declare -p "$1" 2>/dev/null)" in
+			"declare -a "*)
+				ewarn "You are using a bash array for $1."
+				ewarn "This feature will be removed in the future."
+				ewarn "Please see net.example for the correct format for $1."
+				eval "set -- \"\${$1[@]}\""
+				for x; do
+					printf "'%s' " "$(printf "$x" | sed "s:':'\\\'':g")"
+				done
+				return 0
+				;;
+		esac
+	fi
+
+	_array_helper $1
+}
+
+_wait_for_carrier()
+{
+	local timeout= efunc=einfon
+
+	_has_carrier  && return 0
+
+	eval timeout=\$carrier_timeout_${IFVAR}
+	timeout=${timeout:-${carrier_timeout:-5}}
+
+	# Incase users don't want this nice feature ...
+	[ ${timeout} -le 0 ] && return 0
+
+	yesno ${RC_PARALLEL} && efunc=einfo
+	${efunc} "Waiting for carrier (${timeout} seconds) "
+	while [ ${timeout} -gt 0 ]; do
+		sleep 1
+		if _has_carrier; then
+			[ "${efunc}" = "einfon" ] && echo
+			eend 0
+			return 0
+		fi
+		: $(( timeout -= 1 ))
+		[ "${efunc}" = "einfon" ] && printf "."
+	done
+
+	[ "${efunc}" = "einfon" ] && echo
+	eend 1
+	return 1
+}
+
+_netmask2cidr()
+{
+	# Some shells cannot handle hex arithmetic, so we massage it slightly
+	# Buggy shells include FreeBSD sh, dash and busybox.
+	# bash and NetBSD sh don't need this.
+	case $1 in
+		0x*)
+		local hex=${1#0x*} quad=
+		while [ -n "${hex}" ]; do
+			local lastbut2=${hex#??*}
+			quad=${quad}${quad:+.}0x${hex%${lastbut2}*}
+			hex=${lastbut2}
+		done
+		set -- ${quad}
+		;;
+	esac
+
+	local i= len=
+	local IFS=.
+	for i in $1; do
+		while [ ${i} -ne 0 ]; do
+			: $(( len += i % 2 ))
+			: $(( i >>= 1 ))
+		done
+	done
+
+	echo "${len}"
+}
+
+_configure_variables()
+{
+	local var= v= t=
+
+	for var in ${_config_vars}; do
+		local v=
+		for t; do
+			eval v=\$${var}_${t}
+			if [ -n "${v}" ]; then
+				eval ${var}_${IFVAR}=\$${var}_${t}
+				continue 2
+			fi
+		done
+	done
+}
+
+_which()
+{
+	local i OIFS
+	# Empty
+	[ -z "$1" ] && return
+	# check paths
+	OIFS="$IFS"
+	IFS=:
+	for i in $PATH ; do
+		[ -x $i/$1 ] && echo $i/$1 && break
+	done
+	IFS=$OIFS
+}
+
+# Like _which, but also consider shell builtins, and multiple alternatives
+_program_available()
+{
+	[ -z "$1" ] && return 0
+	local x=
+	for x; do
+		case "${x}" in
+			/*) [ -x "${x}" ] && break;;
+			*) type "${x}" >/dev/null 2>&1 && break;;
+		esac
+		unset x
+	done
+	[ -n "${x}" ] && echo $x && return 0
+	return 1
+}
+
+_show_address()
+{
+	einfo "received address $(_get_inet_address "${IFACE}")"
+}
+
+# Basically sorts our modules into order and saves the list
+_gen_module_list()
+{
+	local x= f= force=$1
+	if ! ${force} && [ -s "${MODULESLIST}" -a "${MODULESLIST}" -nt "${MODULESDIR}" ]; then
+		local update=false
+		for x in "${MODULESDIR}"/*.sh; do
+			[ -e "${x}" ] || continue
+			if [ "${x}" -nt "${MODULESLIST}" ]; then
+				update=true
+				break
+			fi
+		done
+		${update} || return 0
+	fi
+
+	einfo "Caching network module dependencies"
+	# Run in a subshell to protect the main script
+	(
+	after() {
+		eval ${MODULE}_after="\"\${${MODULE}_after}\${${MODULE}_after:+ }$*\""
+	}
+
+	before() {
+		local mod=${MODULE}
+		local MODULE=
+		for MODULE; do
+			after "${mod}"
+		done
+	}
+
+	program() {
+		if [ "$1" = "start" -o "$1" = "stop" ]; then
+			local s="$1"
+			shift
+			eval ${MODULE}_program_${s}="\"\${${MODULE}_program_${s}}\${${MODULE}_program_${s}:+ }$*\""
+		else
+			eval ${MODULE}_program="\"\${${MODULE}_program}\${${MODULE}_program:+ }$*\""
+		fi
+	}
+
+	provide() {
+		eval ${MODULE}_provide="\"\${${MODULE}_provide}\${${MODULE}_provide:+ }$*\""
+		local x
+		for x in $*; do
+			eval ${x}_providedby="\"\${${MODULE}_providedby}\${${MODULE}_providedby:+ }${MODULE}\""
+		done
+	}
+
+	for MODULE in "${MODULESDIR}"/*.sh; do
+		sh -n "${MODULE}" || continue
+		. "${MODULE}" || continue
+		MODULE=${MODULE#${MODULESDIR}/}
+		MODULE=${MODULE%.sh}
+		eval ${MODULE}_depend
+		MODULES="${MODULES} ${MODULE}"
+	done
+
+	VISITED=
+	SORTED=
+	visit() {
+		case " ${VISITED} " in
+			*" $1 "*) return;;
+		esac
+		VISITED="${VISITED} $1"
+
+		eval AFTER=\$${1}_after
+		for MODULE in ${AFTER}; do
+			eval PROVIDEDBY=\$${MODULE}_providedby
+			if [ -n "${PROVIDEDBY}" ]; then
+				for MODULE in ${PROVIDEDBY}; do
+					visit "${MODULE}"
+				done
+			else
+				visit "${MODULE}"
+			fi
+		done
+
+		eval PROVIDE=\$${1}_provide
+		for MODULE in ${PROVIDE}; do
+			visit "${MODULE}"
+		done
+
+		eval PROVIDEDBY=\$${1}_providedby
+		[ -z "${PROVIDEDBY}" ] && SORTED="${SORTED} $1"
+	}
+
+	for MODULE in ${MODULES}; do
+		visit "${MODULE}"
+	done
+
+	printf "" > "${MODULESLIST}"
+	i=0
+	for MODULE in ${SORTED}; do
+		eval PROGRAM=\$${MODULE}_program
+		eval PROGRAM_START=\$${MODULE}_program_start
+		eval PROGRAM_STOP=\$${MODULE}_program_stop
+		eval PROVIDE=\$${MODULE}_provide
+		echo "module_${i}='${MODULE}'" >> "${MODULESLIST}"
+		echo "module_${i}_program='${PROGRAM}'" >> "${MODULESLIST}"
+		echo "module_${i}_program_start='${PROGRAM_START}'" >> "${MODULESLIST}"
+		echo "module_${i}_program_stop='${PROGRAM_STOP}'" >> "${MODULESLIST}"
+		echo "module_${i}_provide='${PROVIDE}'" >> "${MODULESLIST}"
+		: $(( i += 1 ))
+	done
+	echo "module_${i}=" >> "${MODULESLIST}"
+	)
+
+	return 0
+}
+
+_load_modules()
+{
+	local starting=$1 mymods=
+
+	# Ensure our list is up to date
+	_gen_module_list false
+	if ! . "${MODULESLIST}"; then
+		_gen_module_list true
+		. "${MODULESLIST}"
+	fi
+
+	MODULES=
+	if [ "${IFACE}" != "lo" -a "${IFACE}" != "lo0" ]; then
+		eval mymods=\$modules_${IFVAR}
+		[ -z "${mymods}" ] && mymods=${modules}
+	fi
+
+	local i=-1 x= mod= f= provides=
+	while true; do
+		: $(( i += 1 ))
+		eval mod=\$module_${i}
+		[ -z "${mod}" ] && break
+		[ -e "${MODULESDIR}/${mod}.sh" ] || continue
+
+		eval set -- \$module_${i}_program
+		if [ -n "$1" ]; then
+			if ! _program_available "$@" >/dev/null; then
+				vewarn "Skipping module $mod due to missing program: $@"
+				continue
+			fi
+		fi
+		if ${starting}; then
+			eval set -- \$module_${i}_program_start
+		else
+			eval set -- \$module_${i}_program_stop
+		fi
+		if [ -n "$1" ]; then
+			if ! _program_available "$@" >/dev/null; then
+				vewarn "Skipping module $mod due to missing program: $@"
+				continue
+			fi
+		fi
+
+		eval provides=\$module_${i}_provide
+		if ${starting}; then
+			case " ${mymods} " in
+				*" !${mod} "*) continue;;
+				*" !${provides} "*) [ -n "${provides}" ] && continue;;
+			esac
+		fi
+		MODULES="${MODULES}${MODULES:+ }${mod}"
+
+		# Now load and wrap our functions
+		if ! . "${MODULESDIR}/${mod}.sh"; then
+			eend 1 "${RC_SVCNAME}: error loading module \`${mod}'"
+			exit 1
+		fi
+
+		[ -z "${provides}" ] && continue
+
+		# Wrap our provides
+		local f=
+		for f in pre_start start post_start; do
+			eval "${provides}_${f}() { [ "$(command -v "${mod}_${f}")" = "${mod}_${f}" ] || return 0; ${mod}_${f} \"\$@\"; }"
+		done
+
+		eval module_${mod}_provides="${provides}"
+		eval module_${provides}_providedby="${mod}"
+	done
+
+	# Wrap our preferred modules
+	for mod in ${mymods}; do
+		case " ${MODULES} " in
+			*" ${mod} "*)
+			eval x=\$module_${mod}_provides
+			[ -z "${x}" ] && continue
+			for f in pre_start start post_start; do
+				eval "${x}_${f}() { [ "$(command -v "${mod}_${f}")" = "${mod}_${f}" ] || return 0; ${mod}_${f} \"\$@\"; }"
+			done
+			eval module_${x}_providedby="${mod}"
+			;;
+		esac
+	done
+
+	# Finally remove any duplicated provides from our list if we're starting
+	# Otherwise reverse the list
+	local LIST="${MODULES}" p=
+	MODULES=
+	if ${starting}; then
+		for mod in ${LIST}; do
+			eval x=\$module_${mod}_provides
+			if [ -n "${x}" ]; then
+				eval p=\$module_${x}_providedby
+				[ "${mod}" != "${p}" ] && continue
+			fi
+			MODULES="${MODULES}${MODULES:+ }${mod}"
+		done
+	else
+		for mod in ${LIST}; do
+			MODULES="${mod}${MODULES:+ }${MODULES}"
+		done
+	fi
+
+	veinfo "Loaded modules: ${MODULES}"
+}
+
+_load_config()
+{
+	local config="$(_get_array "config_${IFVAR}")"
+	local fallback="$(_get_array fallback_${IFVAR})"
+
+	config_index=0
+	local IFS="$__IFS"
+	set -- ${config}
+
+	# We should support a space separated array for cidr configs
+	# But only as long as they do not contain other parameters for the address
+	if [ $# = 1 ]; then
+		unset IFS
+		set -- ${config}
+		# Of course, we may have a single address added old style.
+		# If the NEXT argument is a v4 or v6 address, it's the next config.
+		# Otherwise, it's arguments to the first config...
+		if [ "${2#*.*}" = "${2}" -a "${2#*:*}" = "${2}" ]; then
+			# Not an IPv4/IPv6
+			local IFS="$__IFS"
+			set -- ${config}
+		fi
+	fi
+
+	# Ensure that loopback has the correct address
+	if [ "${IFACE}" = "lo" -o "${IFACE}" = "lo0" ]; then
+		if [ "$1" != "null" ]; then
+		   	config_0="127.0.0.1/8"
+			config_index=1
+		fi
+	else
+		if [ -z "$1" ]; then
+			ewarn "No configuration specified; defaulting to DHCP"
+			config_0="dhcp"
+			config_index=1
+		fi
+	fi
+
+
+	# We store our config in an array like vars
+	# so modules can influence it
+	for cmd; do
+		eval config_${config_index}="'${cmd}'"
+		: $(( config_index += 1 ))
+	done
+	# Terminate the list
+	eval config_${config_index}=
+
+	config_index=0
+	for cmd in ${fallback}; do
+		eval fallback_${config_index}="'${cmd}'"
+		: $(( config_index += 1 ))
+	done
+	# Terminate the list
+	eval fallback_${config_index}=
+
+	# Don't set to zero, so any net modules don't have to do anything extra
+	config_index=-1
+}
+
+# Support functions
+_run_if()
+{
+	local cmd=$1 iface=$2 ifr=${IFACE} ifv=${IFVAR}
+	# Ensure that we don't stamp on real values
+	local IFACE= IFVAR=
+	shift
+	if [ -n "${iface}" ]; then
+		IFACE="${iface}"
+		[ "${iface}" != "${ifr}" ] && IFVAR=$(shell_var "${IFACE}")
+	else
+		IFACE=${ifr}
+		IFVAR=${ifv}
+	fi
+	${cmd}
+}
+interface_exists()
+{
+	_run_if _exists "$@"
+}
+interface_up()
+{
+	_run_if _up "$@"
+}
+interface_down()
+{
+	_run_if _down "$@"
+}
+
+start()
+{
+	local IFACE=${RC_SVCNAME#*.} oneworked=false fallback=false module=
+	local IFVAR=$(shell_var "${IFACE}") cmd= our_metric=
+	local metric=0 _up_before_preup
+	eval _up_before_preup="\$up_before_preup_${IFVAR}"
+	[ -z "${_up_before_preup}" ] && _up_before_preup=$up_before_preup
+
+	einfo "Bringing up interface ${IFACE}"
+	eindent
+
+	if [ -z "${MODULES}" ]; then
+		local MODULES=
+		_load_modules true
+	fi
+
+	# We up the iface twice if we have a preup to ensure it's up if
+	# available in preup and afterwards incase the user inadvertently
+	# brings it down
+	if [ "$(command -v preup)" = "preup" ]; then
+		yesno "${_up_before_preup:-yes}" && _up 2>/dev/null
+		ebegin "Running preup"
+		eindent
+		preup || return 1
+		eoutdent
+	fi
+
+	_up 2>/dev/null
+
+	for module in ${MODULES}; do
+		if [ "$(command -v "${module}_pre_start")" = "${module}_pre_start" ]; then
+			${module}_pre_start || exit $?
+		fi
+	done
+
+	if ! _exists; then
+		eerror "ERROR: interface ${IFACE} does not exist"
+		eerror "Ensure that you have loaded the correct kernel module for your hardware"
+		return 1
+	fi
+
+	if ! _wait_for_carrier; then
+		if service_started devd; then
+			ewarn "no carrier, but devd will start us when we have one"
+			mark_service_inactive "${RC_SVCNAME}"
+		else
+			eerror "no carrier"
+		fi
+		return 1
+	fi
+
+	local config= config_index=
+	_load_config
+	config_index=0
+
+	eval our_metric=\$metric_${IFVAR}
+	if [ -n "${our_metric}" ]; then
+		metric=${our_metric}
+	elif [ "${IFACE}" != "lo" -a "${IFACE}" != "lo0" ]; then
+		: $(( metric += $(_ifindex) ))
+	fi
+
+	while true; do
+		eval config=\$config_${config_index}
+		[ -z "${config}" ] && break
+
+		set -- ${config}
+		if [ "$1" != "null" -a "$1" != "noop" ]; then
+			ebegin "$1"
+		fi
+		eindent
+		case "$1" in
+			noop)
+				if [ -n "$(_get_inet_address)" ]; then
+					oneworked=true
+					break
+				fi
+				;;
+			null) :;;
+			[0-9]*|*:*) _add_address ${config};;
+			*)
+				if [ "$(command -v "${config}_start")" = "${config}_start" ]; then
+					"${config}"_start
+				else
+					eerror "nothing provides \`${config}'"
+				fi
+				;;
+		esac
+		if eend $?; then
+			oneworked=true
+		else
+			eval config=\$fallback_${config_index}
+			if [ -n "${config}" ]; then
+				fallback=true
+				eoutdent
+				ewarn "Trying fallback configuration ${config}"
+				eindent
+				eval config_${config_index}=\$config
+				unset fallback_${config_index}
+				: $(( config_index -= 1 ))
+			fi
+		fi
+		eoutdent
+		: $(( config_index += 1 ))
+	done
+
+	if ! ${oneworked}; then
+		if [ "$(command -v failup)" = "failup" ]; then
+			ebegin "Running failup"
+			eindent
+			failup
+			eoutdent
+		fi
+		return 1
+	fi
+
+	local hidefirstroute=false first=true routes=
+	if ${fallback}; then
+		routes="$(_get_array "fallback_routes_${IFVAR}")"
+	fi
+	if [ -z "${routes}" ]; then
+		routes="$(_get_array "routes_${IFVAR}")"
+	fi
+	if [ "${IFACE}" = "lo" -o "${IFACE}" = "lo0" ]; then
+		if [ "${config_0}" != "null" ]; then
+			routes="127.0.0.0/8 via 127.0.0.1
+${routes}"
+			hidefirstroute=true
+		fi
+	fi
+
+	local OIFS="${IFS}" SIFS="${IFS-y}"
+	local IFS="$__IFS"
+	for cmd in ${routes}; do
+		unset IFS
+		if ${first}; then
+			first=false
+			einfo "Adding routes"
+		fi
+		eindent
+		ebegin ${cmd}
+		# Work out if we're a host or a net if not told
+		case ${cmd} in
+			-net" "*|-host" "*);;
+			*" "netmask" "*)                   cmd="-net ${cmd}";;
+			*.*.*.*/32*)                       cmd="-host ${cmd}";;
+			*.*.*.*/*|0.0.0.0|0.0.0.0" "*)     cmd="-net ${cmd}";;
+			default|default" "*)               cmd="-net ${cmd}";;
+			*)                                 cmd="-host ${cmd}";;
+		esac
+		if ${hidefirstroute}; then
+			_add_route ${cmd} >/dev/null 2>&1
+			hidefirstroute=false
+		else
+			_add_route ${cmd} >/dev/null
+		fi
+		eend $?
+		eoutdent
+	done
+	if [ "${SIFS}" = "y" ]; then
+		unset IFS
+	else
+		IFS="${OIFS}"
+	fi
+
+	for module in ${MODULES}; do
+		if [ "$(command -v "${module}_post_start")" = "${module}_post_start" ]; then
+			${module}_post_start || exit $?
+		fi
+	done
+
+	if [ "$(command -v postup)" = "postup" ]; then
+		ebegin "Running postup"
+		eindent
+		postup
+		eoutdent
+	fi
+
+	return 0
+}
+
+stop()
+{
+	local IFACE=${RC_SVCNAME#*.} module=
+	local IFVAR=$(shell_var "${IFACE}") opts=
+
+	einfo "Bringing down interface ${IFACE}"
+	eindent
+
+	if [ -z "${MODULES}" ]; then
+		local MODULES=
+		_load_modules false
+	fi
+
+	if [ "$(command -v predown)" = "predown" ]; then
+		ebegin "Running predown"
+		eindent
+		predown || return 1
+		eoutdent
+	else
+		if is_net_fs /; then
+			eerror "root filesystem is network mounted -- can't stop ${IFACE}"
+			return 1
+		fi
+	fi
+
+	for module in ${MODULES}; do
+		if [ "$(command -v "${module}_pre_stop")" = "${module}_pre_stop" ]; then
+			${module}_pre_stop || exit $?
+		fi
+	done
+
+	for module in ${MODULES}; do
+		if [ "$(command -v "${module}_stop")" = "${module}_stop" ]; then
+			${module}_stop
+		fi
+	done
+
+	# Only delete addresses for interfaces that exist
+	if _exists; then
+		# PPP can manage it's own addresses when IN_BACKGROUND
+		# Important in case "demand" set on the ppp link
+		if ! (yesno ${IN_BACKGROUND} && is_ppp) ; then
+			_delete_addresses "${IFACE}"
+		fi
+	fi
+
+	for module in ${MODULES}; do
+		if [ "$(command -v "${module}_post_stop")" = "${module}_post_stop" ]; then
+			${module}_post_stop
+		fi
+	done
+
+	# If not in background, and not loopback then bring the interface down
+	# unless overridden.
+	if ! yesno ${IN_BACKGROUND} && \
+	[ "${IFACE}" != "lo" -a "${IFACE}" != "lo0" ]; then
+		eval module=\$ifdown_${IFVAR}
+		module=${module:-${ifdown:-YES}}
+		yesno ${module} && _down 2>/dev/null
+	fi
+
+	type resolvconf >/dev/null 2>&1 && resolvconf -d "${IFACE}" 2>/dev/null
+
+	if [ "$(command -v "postdown")" = "postdown" ]; then
+		ebegin "Running postdown"
+		eindent
+		postdown
+		eoutdent
+	fi
+
+	return 0
+}

init.d/netmount.in

@@ -0,0 +1,106 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Mounts network shares according to /etc/fstab."
+
+need_portmap()
+{
+	local opts=
+	local IFS="
+"
+	set -- $(fstabinfo --options --fstype nfs,nfs4)
+	for opts; do
+		case ,$opts, in
+			*,noauto,*|*,nolock,*);;
+			*) return 0;;
+		esac
+	done
+	return 1
+}
+
+depend()
+{
+	# Only have portmap as a dependency if there is a nfs mount in fstab
+	# that is set to mount at boot
+	local pmap=
+	if need_portmap; then
+		pmap="rpc.statd"
+		[ -x @SYSCONFDIR@/init.d/rpcbind ] \
+			&& pmap="$pmap rpcbind" \
+			|| pmap="$pmap portmap"
+	fi
+
+	config /etc/fstab
+	need net $pmap
+	use afc-client amd autofs openvpn
+	use dns nfs nfsmount portmap rpcbind rpc.statd rpc.lockd
+	keyword -jail -vserver
+}
+
+start()
+{
+	local myneed= myuse= pmap="portmap" nfsmounts=
+	[ -x @SYSCONFDIR@/init.d/rpcbind ] && pmap="rpcbind"
+
+	local x= fs= rc=
+	for x in $net_fs_list $extra_net_fs_list; do
+		case "$x" in
+			nfs|nfs4)
+			# If the nfsmount script took care of the nfs
+			# filesystems, then there's no point in trying
+			# them twice
+			service_started nfsmount && continue
+
+			# Only try to mount NFS filesystems if portmap was
+			# started. This is to fix "hang" problems for new
+			# users who do not add portmap to the default runlevel.
+			if need_portmap && ! service_started "$pmap"; then
+				continue
+			fi
+			;;
+		esac
+		fs="$fs${fs:+,}$x"
+	done
+
+	ebegin "Mounting network filesystems"
+	mount -at $fs
+	rc=$?
+	if [ "$RC_UNAME" = Linux ]; then
+		mount -a -O _netdev
+		rc=$?
+	fi
+	ewend $rc "Could not mount all network filesystems"
+	return 0
+}
+
+stop()
+{
+	local x= fs=
+
+	ebegin "Unmounting network filesystems"
+	. "$RC_LIBEXECDIR"/sh/rc-mount.sh
+
+	for x in $net_fs_list $extra_net_fs_list; do
+		fs="$fs${fs:+,}$x"
+	done
+	if [ -n "$fs" ]; then
+		umount -at $fs || eerror "Failed to simply unmount filesystems"
+	fi
+
+	eindent
+	fs=
+	for x in $net_fs_list $extra_net_fs_list; do
+		fs="$fs${fs:+|}$x"
+	done
+	[ -n "$fs" ] && fs="^($fs)$"
+	do_unmount umount ${fs:+--fstype-regex} $fs --netdev
+	retval=$?
+
+	eoutdent
+	if [ "$RC_UNAME" = Linux ]; then
+		umount -a -O _netdev
+		retval=$?
+	fi
+	eend $retval "Failed to unmount network filesystems"
+}

init.d/network.in

@@ -0,0 +1,358 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+# This script was inspired by the equivalent rc.d network from NetBSD.
+
+description="Configures network interfaces."
+__nl="
+"
+
+depend()
+{
+	need localmount
+	after bootmisc
+	provide net
+	keyword -jail -vserver
+}
+
+uniqify()
+{
+	local result= i=
+	for i; do
+		case " $result " in
+		*" $i "*);;
+		*) result="$result $i";;
+		esac
+	done
+	echo "${result# *}"
+}
+
+reverse()
+{
+	local result= i=
+	for i; do
+		result="$i $result"
+	done
+	echo "${result# *}"
+}
+
+sys_interfaces()
+{
+	case "$RC_UNAME" in
+	Linux)
+		local w= rest= i= cmd=$1
+		while read w rest; do
+			i=${w%%:*}
+			[ "$i" != "$w" ] || continue
+			if [ "$cmd" = u ]; then
+				ifconfig "$i" | grep -q "[ ]*UP" || continue
+			fi
+			printf "%s " "$i"
+		done </proc/net/dev
+		;;
+	*)
+		ifconfig -l$1
+		;;
+	esac
+}
+
+tentative()
+{
+	local inet= address= rest=
+
+	case "$RC_UNAME" in
+	Linux)
+		[ -x /sbin/ip ] || [ -x /bin/ip ] || return 1
+		[ -n "$(ip -f inet6 addr show tentative)" ]
+		;;
+	*)
+		local inet= address= rest=
+		LC_ALL=C ifconfig -a | while read inet address rest; do
+	 		case "${inet}" in
+			inet6)
+				case "${rest}" in
+				*" "tentative*) return 2;;
+				esac
+				;;
+			esac
+		done
+		[ $? = 2 ]
+		;;
+	esac
+}
+
+
+auto_interfaces()
+{
+	local ifs= c= f=
+
+	case "$RC_UNAME" in
+	NetBSD)
+		for c in $(ifconfig -C 2>/dev/null); do
+			for f in /etc/ifconfig.${c}[0-9]*; do
+				[ -f "$f" ] && printf "%s" "$f{##*.} "
+			done
+		done
+		;;
+	*)
+		for f in /etc/ifconfig.*; do
+			[ -f "$f" ] && printf "%s" "${f##*.} "
+		done
+		for f in /etc/ip.*; do
+			[ -f "$f" ] && printf "%s" "${f##*.} "
+		done
+		;;
+	esac
+	echo
+}
+
+interfaces()
+{
+	uniqify $(sys_interfaces "$@") $interfaces $(auto_interfaces)
+}
+
+dumpargs()
+{
+	local f="$1"
+
+	shift
+	case "$@" in
+	'')		[ -f "$f" ] && cat "$f";;
+	*"$__nl"*)	echo "$@";;
+	*)
+		(
+		 	set -o noglob
+			IFS=';'; set -- $@
+			IFS="$__nl"; echo "$*"
+		);;
+	esac
+}
+
+intup=false
+runip()
+{
+	local int="$1" err=
+	shift
+
+	# Ensure we have a valid broadcast address
+	case "$@" in
+	*" broadcast "*|*" brd "*) ;;
+	*:*) ;; # Ignore IPv6
+	*) set -- "$@" brd +;;
+	esac
+
+	err=$(LC_ALL=C ip address add "$@" dev "$int" 2>&1)
+	if [ -z "$err" ]; then
+		# ip does not bring up the interface when adding addresses
+		if ! $intup; then
+			ip link set "$int" up
+			intup=true
+		fi
+		return 0
+	fi
+	if [ "$err" = "RTNETLINK answers: File exists" ]; then
+		ip address del "$@" dev "$int" 2>/dev/null
+	fi
+	# Localise the error
+	ip address add "$@" dev "$int"
+}
+
+routeflush()
+{
+	if [ "$RC_UNAME" = Linux ]; then
+		if [ -x /sbin/ip ] || [ -x /bin/ip ]; then
+			ip route flush scope global
+			ip route delete default 2>/dev/null
+		else
+			# Sadly we also delete some link routes, but
+			# this cannot be helped
+			local dest= gate= net= flags= rest=
+			route -n | while read dest gate net flags rest; do
+				[ -z "$net" ] && continue
+				case "$dest" in
+				[0-9]*)	;;
+				*)	continue;;
+				esac
+				local xtra= netmask="netmask $net"
+				case "$flags" in
+				U)	continue;;
+				*H*)	flags=-host; netmask=;;
+				*!*)	flags=-net; xtra=reject;;
+				*)	flags=-net;;
+				esac
+				route del $flags $dest $netmask $xtra
+			done
+			# Erase any default dev eth0 routes
+			route del default 2>/dev/null
+		fi
+	else
+		route -qn flush
+	fi
+}
+
+runargs()
+{
+	dumpargs "$@" | while read -r args; do
+		case "$args" in
+		''|"#"*)	;;
+		*)
+				(
+				 	eval vebegin "${args#*!}"
+					eval "${args#*!}"
+					veend $?
+				);;
+		esac
+	done
+}
+
+start()
+{
+	local cr=0 r= int= intv= cmd= args= upcmd=
+
+	if [ -z "$domainname" -a -s /etc/defaultdomain ]; then
+		domainname=$(cat /etc/defaultdomain)
+	fi
+	if [ -n "$domainname" ]; then
+		ebegin "Setting NIS domainname: $domainname"
+		domainname "$domainname"
+		eend $?
+	fi
+
+	ewarn
+	ewarn "The $RC_SVCNAME script is deprecated and will be"
+	ewarn "removed in the future."
+	ewarn "Please use the net.* scripts to manage your network interfaces."
+	ewarn
+
+	einfo "Starting network"
+	routeflush
+	if [ "$RC_UNAME" = "Linux" ]; then
+		ifconfig lo 127.0.0.1 netmask 255.0.0.0 || cr=1
+		route add -net 127.0.0.0 netmask 255.0.0.0 \
+			gw 127.0.0.1 reject 2>/dev/null
+	else
+		ifconfig lo0 127.0.0.1 netmask 255.0.0.0 || cr=1
+		route -q add -inet 127.0.0.0 -netmask 255.0.0.0 \
+			127.0.0.1 -reject || cr=1
+	fi
+	eindent
+	for int in $(interfaces); do
+		local func= cf=
+		intv=$(shell_var "$int")
+		eval upcmd=\$ifup_$intv
+		for func in ip ifconfig; do
+			eval cmd=\$${func}_$intv
+			if [ -n "$cmd" -o -f /etc/"$func.$int" ]; then
+				cf=/etc/"$func.$int"
+				break
+			fi
+		done
+		[ -n "$cf" -o -n "$upcmd" -o \
+			-f /etc/ifup."$int" -o -f "$cf" ] || continue
+		veinfo "$int"
+		case "$func" in
+		ip)	func=runip; intup=false;;
+		esac
+		eindent
+		runargs /etc/ifup."$int" "$upcmd"
+		r=0
+		dumpargs "$cf" "$cmd" | while read -r args; do
+			case "$args" in
+			''|"#"*)	;;
+			"!"*)
+					(
+					 	eval vebegin "${args#*!}"
+						eval "${args#*!}"
+						veend $?
+					);;
+			*)
+					(
+					 	set -o noglob
+						eval set -- "$args"
+						vebegin "$@"
+						$func "$int" "$@"
+						veend $?
+					);;
+			esac
+		done
+		eoutdent
+	done
+	eoutdent
+	eend $cr
+
+	# Wait for any inet6 tentative addresses
+	r=5
+	while [ $r -gt 0 ]; do
+		tentative || break
+		[ $r = 5 ] && vebegin "Waiting for tentative addresses"
+		sleep 1
+		: $(( r -= 1 ))
+	done
+	if [ $r != 5 ]; then
+		[ $r != 0 ]
+		veend $?
+	fi
+
+	if [ -n "$defaultroute" ]; then
+		ebegin "Setting default route $defaultroute"
+		route add default $defaultroute
+		eend $?
+	elif [ -n "$defaultiproute" ]; then
+		ebegin "Setting default route $defaultiproute"
+		ip route add default $defaultiproute
+		eend $?
+	fi
+
+	if [ -n "$defaultroute6" ]; then
+		ebegin "Setting default route $defaultroute6"
+		if [ "$RC_UNAME" = Linux ]; then
+			routecmd="route -A inet6 add"
+		else
+			routecmd="route -inet6 add"
+		fi
+		$routecmd default $defaultroute6
+		eend $?
+	elif [ -n "$defaultiproute6" ]; then
+		ebegin "Setting default route $defaultiproute6"
+		ip -f inet6 route add default $defaultiproute6
+		eend $?
+	fi
+
+	return 0
+}
+
+stop()
+{
+	# Don't stop the network at shutdown.
+ 	# We don't use the noshutdown keyword so that we are started again
+	# correctly if we go back to multiuser.
+	yesno ${shutdown_network:-YES} && yesno $RC_GOINGDOWN && return 0
+
+	local int= intv= cmd= downcmd= r=
+	einfo "Stopping network"
+	routeflush
+	eindent
+	for int in $(reverse $(interfaces u)); do
+		intv=$(shell_var "$int")
+		eval downcmd=\$ifdown_$intv
+		eval cmd=\$ip_$intv
+		[ -z "$cmd" ] && eval cmd=\$ifconfig_$intv
+		if [ -n "$cmd" -o -f /etc/ip."$int" -o \
+			-f /etc/ifconfig."$int" -o \
+			-n "$downcmd" -o -f /etc/ifdown."$int" ];
+		then
+			veinfo "$int"
+			runargs /etc/ifdown."$int" "$downcmd"
+			if [ -x /sbin/ip ] || [ -x /bin/ip ]; then
+				# We need to do this, otherwise we may
+				# fail to add things correctly on restart
+				ip address flush dev "$int" 2>/dev/null
+			fi
+			ifconfig "$int" down 2>/dev/null
+			ifconfig "$int" destroy 2>/dev/null
+		fi
+	done
+	eoutdent
+	eend 0
+}

init.d/newsyslog.in

@@ -0,0 +1,17 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+required_files="/etc/newsyslog.conf"
+
+depend()
+{
+	need localmount
+}
+
+start()
+{
+	ebegin "Creating and/or trimming log files"
+	newsyslog -s $newsyslog_args
+	eend $?
+}

init.d/nscd.in

@@ -0,0 +1,22 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/nscd
+command_args=$nscd_args
+pidfile=/var/run/nscd.pid
+name="Name Service Cache Daemon"
+
+extra_started_commands="flush"
+
+depend() {
+	need localmount
+	use net dns ldap ypbind
+	after bootmisc
+}
+
+flush() {
+	ebegin "Flushing $name"
+	nscd -I all >/dev/null
+	eend $?
+}

init.d/numlock.in

@@ -0,0 +1,42 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Turns numlock on for the consoles."
+
+ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
+
+depend()
+{
+	need localmount
+	keyword -openvz -vserver -lxc
+}
+
+_setleds()
+{
+	[ -z "$1" ] && return 1
+
+	local dev=/dev/tty t= i=1 retval=0
+	[ -d /dev/vc ] && dev=/dev/vc/
+
+	while [ $i -le $ttyn ]; do
+		setleds -D "$1"num < $dev$i || retval=1
+		: $(( i += 1 ))
+	done
+
+	return $retval
+}
+
+start()
+{
+	ebegin "Enabling numlock on ttys"
+	_setleds +
+	eend $? "Failed to enable numlock"
+}
+
+stop()
+{
+	ebegin "Disabling numlock on ttys"
+	_setleds -
+	eend $? "Failed to disable numlock"
+}

init.d/pf.in

@@ -0,0 +1,59 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+name="Packet Filter"
+: ${pf_conf:=${pf_rules:-/etc/pf.conf}}
+required_files=$pf_conf
+
+extra_commands="checkconfig showstatus"
+extra_started_commands="reload"
+
+depend() {
+	need localmount
+	keyword -jail
+}
+
+start()
+{
+	ebegin "Starting $name"
+	if type kldload >/dev/null 2>&1; then
+		kldload pf 2>/dev/null
+	fi
+	pfctl -q -F all
+	pfctl -q -f "$pf_conf" $pf_args
+	pfctl -q -e
+	eend $?
+}
+
+stop()
+{
+	ebegin "Stopping $name"
+	pfctl -q -d
+	eend $?
+}
+
+checkconfig()
+{
+	ebegin "Checking $name configuration"
+	pfctl -n -f "$pf_conf"
+	eend $?
+}
+
+reload()
+{
+	ebegin "Reloading $name rules."
+	pfctl -q -n -f "$pf_conf" && \
+	{
+		# Flush everything but existing state entries that way when
+		# rules are read in, it doesn't break established connections.
+		pfctl -q -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp
+		pfctl -q -f "$pf_conf" $pf_args
+	}
+	eend $?
+}
+
+showstatus()
+{
+	pfctl -s info
+}

init.d/powerd.in

@@ -0,0 +1,35 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/powerd
+command_args=$powerd_args
+pidfile=/var/run/powerd.pid
+name="Power Control Daemon"
+
+depend()
+{
+	need localmount
+	use logger
+	after bootmisc
+	keyword -jail
+}
+
+start_pre()
+{
+	if [ -n "$powerd_battery_mode" ]; then
+		command_args="$command_args -b $powerd_battery_mode"
+	fi
+	if [ -n "${powerd_ac_mode}" ]; then
+		command_args="$command_args -a $powerd_ac_mode"
+	fi
+}
+
+stop_post()
+{
+	local level=$(sysctl -n dev.cpu.0.freq_levels |
+	    sed -e 's:/.*::')
+	if [ -n "$level" ]; then
+		sysctl dev.cpu.0.freq="$level" >/dev/null
+	fi
+}

init.d/procfs.in

@@ -0,0 +1,73 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Mounts misc filesystems in /proc."
+
+depend()
+{
+	use modules devfs
+	need localmount
+	keyword -openvz -vserver -lxc
+}
+
+start()
+{
+	# Make sure we insert usbcore if it's a module
+	if [ -f /proc/modules -a ! -d /sys/module/usbcore -a ! -d /proc/bus/usb ]; then
+		modprobe -q usbcore
+	fi
+
+	[ -e /proc/filesystems ] || return 0
+
+	# Setup Kernel Support for miscellaneous Binary Formats
+	if [ -d /proc/sys/fs/binfmt_misc -a ! -e /proc/sys/fs/binfmt_misc/register ]; then
+		if grep -qs binfmt_misc /proc/filesystems; then
+			ebegin "Mounting misc binary format filesystem"
+			mount -t binfmt_misc -o nodev,noexec,nosuid \
+				binfmt_misc /proc/sys/fs/binfmt_misc
+			if eend $? ; then
+				local fmts
+				ebegin "Loading custom binary format handlers"
+				fmts=$(grep -hsv -e '^[#;]' -e '^[[:space:]]*$' \
+					/run/binfmt.d/*.conf \
+					@SYSCONFDIR@/binfmt.d/*.conf \
+					""/usr/lib/binfmt.d/*.conf)
+				if [ -n "${fmts}" ]; then
+					echo "${fmts}" > /proc/sys/fs/binfmt_misc/register
+				fi
+				eend $?
+			fi
+		fi
+	fi
+
+	[ "$RC_SYS" = "OPENVZ" ] && return 0
+
+	# Check what USB fs the kernel support.  Currently
+	# 2.5+ kernels, and later 2.4 kernels have 'usbfs',
+	# while older kernels have 'usbdevfs'.
+	if [ -d /proc/bus/usb -a ! -e /proc/bus/usb/devices ]; then
+		local usbfs=$(grep -Fow usbfs /proc/filesystems ||
+			grep -Fow usbdevfs /proc/filesystems)
+		if [ -n "$usbfs" ]; then
+			ebegin "Mounting USB device filesystem [$usbfs]"
+			local usbgid="$(getent group usb | \
+				sed -e 's/.*:.*:\(.*\):.*/\1/')"
+			mount -t $usbfs \
+				-o ${usbgid:+devmode=0664,devgid=$usbgid,}noexec,nosuid \
+				usbfs /proc/bus/usb
+			eend $?
+		fi
+	fi
+
+	# Setup Kernel Support for SELinux
+	if [ -d /selinux ] && ! mountinfo -q /selinux; then
+		if grep -qs selinuxfs /proc/filesystems; then
+			ebegin "Mounting SELinux filesystem"
+			mount -t selinuxfs selinuxfs /selinux
+			eend $?
+		fi
+	fi
+
+	return 0
+}

init.d/rarpd.in

@@ -0,0 +1,23 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/rarpd
+command_args="-f $rarpd_args"
+pidfile=/var/run/rarpd.pid
+name="Reverse ARP Daemon"
+required_files=/etc/ethers
+
+if [ -z "$rarpd_interface" ]; then
+	command_args="$command_args -a"
+else
+	command_args="$command_args $rarpd_interface"
+fi
+command_background=YES
+
+depend()
+{
+	need localmount
+	after bootmisc
+	need net
+}

init.d/rc-enabled.in

@@ -0,0 +1,52 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+depend()
+{
+	need localmount net
+	after *
+	before local
+}
+
+start()
+{
+	ebegin "Starting local rc services"
+	local svc= enabled= retval=0 service= pkgdir=
+	[ -n "@PKG_PREFIX@" ] && pkgdir="@PKG_PREFIX@/etc/rc.d/*"
+	for svc in $(rcorder /etc/rc.d/* $pkgdir 2>/dev/null); do
+		[ -x "$svc" ] || continue
+		service=${svc##*/}
+
+		# Skip these services
+		for s in cleartmp moused; do
+			[ "$s" = "$service" ] && continue 2
+		done
+
+		# If we have an init script for this service, continue
+		rc-service --exists "$service" && continue
+
+		# Ensure that the users rc.conf will start us
+		eval enabled=\$${svc##*/}_enable
+		yesno $enabled || yesno ${svc##*/} || continue
+
+		# Good to go!
+		"$svc" start && started="$started $svc"
+		: $(( retval += $? ))
+	done
+	service_set_value started "$started"
+	eend $retval "Some local rc services failed to start"
+	return 0
+}
+
+stop()
+{
+	ebegin "Stopping local rc services"
+	local svc= retval=0
+	for svc in $(rcorder $(service_get_value started) 2>/dev/null | sort -r); do
+		"$svc" stop
+		: $(( retval += $? ))
+	done
+	eend $retval "Some local rc services failed to stop"
+	return 0
+}

init.d/root.in

@@ -0,0 +1,53 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Mount the root fs read/write"
+
+depend()
+{
+	need fsck
+	keyword -jail -openvz -vserver -lxc
+}
+
+start()
+{
+	case ",$(fstabinfo -o /)," in
+		*,ro,*)
+		;;
+		*)
+			# Check if the rootfs isn't already writable.
+			if checkpath -W /; then
+				rm -f /fastboot /forcefsck
+			else
+				ebegin "Remounting root filesystem read/write"
+				case "$RC_UNAME" in
+					Linux)
+						mount -n -o remount,rw /
+					;;
+					*)
+						mount -u -o rw /
+					;;
+				esac
+				eend $? "Root filesystem could not be mounted read/write"
+				if [ $?  -eq 0 ]; then
+					rm -f /fastboot /forcefsck
+				fi
+			fi
+		;;
+	esac
+
+	ebegin "Remounting filesystems"
+	local mountpoint
+	for mountpoint in $(fstabinfo); do
+		case "${mountpoint}" in
+			/)
+			;;
+			/*)
+				mountinfo -q "${mountpoint}" && \
+					fstabinfo --remount "${mountpoint}"
+			;;
+		esac
+	done
+	eend 0
+}

init.d/rpcbind.in

@@ -0,0 +1,21 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+command=/usr/sbin/rpcbind
+command_args=$rpcbind_args
+name="RPC program number mapper"
+
+depend()
+{
+	provide rpc
+	need localmount
+	use net logger dns
+	before inetd xinetd ntpd ntp-client
+}
+
+stop_post()
+{
+	# rpcbind returns too fast, so sleep for a second
+	sleep 1
+}

init.d/savecache.in

@@ -0,0 +1,41 @@
+#!@PREFIX@/sbin/runscript
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+description="Saves the caches OpenRC uses to non volatile storage"
+
+start()
+{
+	if [ -e "$RC_SVCDIR"/clock-skewed ]; then
+		ewarn "WARNING: clock skew detected!"
+		if ! yesno "${RC_GOINGDOWN}"; then
+			eerror "Not saving deptree cache"
+			return 1
+		fi
+	fi
+	ebegin "Saving dependency cache"
+	local rc=
+	if [ ! -d "$RC_LIBEXECDIR"/cache ]; then
+		rm -rf "$RC_LIBEXECDIR"/cache
+		if ! mkdir "$RC_LIBEXECDIR"/cache; then
+			rc=$?
+			if yesno "${RC_GOINGDOWN}"; then
+				rc=0
+			fi
+			eend $rc
+			return $rc
+		fi
+	fi
+	local save=
+	for x in deptree depconfig shutdowntime softlevel nettree rc.log; do
+		[ -e "$RC_SVCDIR/$x" ] && save="$save $RC_SVCDIR/$x"
+	done
+	if [ -n "$save" ]; then
+		cp -p $save "$RC_LIBEXECDIR"/cache 2>/dev/null
+	fi
+	rc=$?
+	if yesno "${RC_GOINGDOWN}"; then
+		rc=0
+	fi
+	eend $rc
+}