[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

series of /etc/rc* related patches



Here's my round of submits to straighten out the rc file collection.
It's still not entirely perfect but it's much better than before. In
rc.conf I basically did away with the notion that foo_flags=NO turned
off a service but instead used foo=NO to do the same. That way a user
doesn't have to edit or loose their _flags values in order to turn it
off.

I hope the files come through ok.

(and yes this email addr works)
--- netstart.orig	Fri May  1 09:53:21 1998
+++ netstart	Fri May  1 09:59:26 1998
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: netstart,v 1.37 1998/03/28 00:11:00 deraadt Exp $
+#	$OpenBSD: netstart,v 1.38 1998/05/01 10:01:12 pattonme Exp $
 
 # /etc/myname contains my symbolic name
 #
@@ -24,7 +24,7 @@
 
 # Configure NAT before configuring network interfaces
 #
-if [ "${ipnat}" = "YES" -a "${ipfilter}" = "YES" -a -f "${ipnat_rules}" ]; then
+if [ X"${ipnat}" = X"YES" -a X"${ipfilter}" = X"YES" -a -f "${ipnat_rules}" ]; then
 	echo 'configuring NAT'
 	ipnat -CF -f ${ipnat_rules}
 else
@@ -82,7 +82,7 @@
 	    cmd="ifconfig $1 $af $name "
 	    if [ "${dt}" = "dest" ]; then cmd="$cmd $dtaddr"; fi
 	    if [ -n "$mask" ]; then cmd="$cmd netmask $mask"; fi
-	    if [ -n "$bcaddr" -a "X$bcaddr" != "XNONE" ]; then
+	    if [ -n "$bcaddr" -a X"$bcaddr" != X"NONE" ]; then
 		cmd="$cmd broadcast $bcaddr";
 	    fi
 	    cmd="$cmd $extras"
--- rc.conf.orig	Wed Apr 29 16:40:19 1998
+++ rc.conf	Fri May  1 09:33:51 1998
@@ -1,50 +1,73 @@
 #!/bin/sh -
 #
-#	$OpenBSD: rc.conf,v 1.19 1998/04/07 06:11:54 deraadt Exp $
+#	$OpenBSD: rc.conf,v 1.20 1998/05/01 09:40:54 pattonme Exp $
 
-# set these to "NO" to turn them off.  otherwise, they're used as flags
-routed_flags=NO		# for 'normal' use: routed_flags="-q"
-mrouted_flags=NO	# for 'normal' use: mrouted_flags=""
-rarpd_flags=NO		# for 'normal' use: rarpd_flags="-a"
-bootparamd_flags=NO	# for 'normal' use: bootparamd_flags=""
-rbootd_flags=NO		# for 'normal' use: rbootd_flags=""
-sendmail_flags=NO	# for 'normal' use: sendmail_flags="-bd -q30m"
-smtpfwdd_flags=NO	# for 'normal' use: smtpfwdd_flags="", no -bd above.
-named_flags=NO		# for 'normal' use: named_flags=""
-timed_flags=NO		# for 'normal' use: timed_flags=""
-photurisd_flags=NO	# for 'normal' use: photurisd_flags=""
-mopd_flags=NO		# for 'normal' use: mopd_flags="-a"
-httpd_flags=NO		# for 'normal' use: httpd_flags=""
-
-# On some architectures, you must also disable console getty in /etc/ttys
-xdm_flags=NO		# for 'normal' use: xdm_flags=""
-
-# set the following to "YES" to turn them on
+# set the servers to "YES" to turn them on.
+routed=NO
+routed_flags=""		# for 'normal' use: routed_flags="-q"
+mrouted=NO
+mrouted_flags=""
+rarpd=NO
+rarpd_flags="-a"
+bootparamd=NO
+bootparamd_flags=""
+rbootd=NO
+rbootd_flags=""
+sendmail=NO
+sendmail_flags="-bd -q30m"
+smtpfwdd=NO
+smtpfwdd_flags=""
+smtpd=NO
+smtpd_flags=""		# remove '-bd' from sendmail_flags
+named=NO
+named_flags=""
+timed=NO
+timed_flags=""
+phturisd=NO
+photurisd_flags=""
+mopd=NO
+mopd_flags="-a"
+httpd=NO
+httpd_flags=""
 rwhod=NO
 nfs_server=NO
-nfs_client=NO
+nfsd_flags="-tun 4"		# Crank the 4 for a busy NFS fileserver
 lockd=NO
+nfs_client=NO
+nfsiod_flags="-n 4"		# Crank the 4 for a busy NFS client
 gated=NO
+gated_flags=
 kerberos_server=NO	# kerberos server. run 'info kth-krb' for assistance.
 kerberos_slave=NO	# kerberos slave server.
 amd=NO
+amd_dir=/tmp_mnt		# AMD's mount directory
+amd_master=/etc/amd/master	# AMD 'master' map
 ipfilter=NO
+ipfilter_rules=/etc/ipf.rules	# Rules for IP packet filtering
 ipnat=NO		# for "YES" ipfilter must also be "YES"
+ipnat_rules=/etc/ipnat.rules	# Rules for Network Address Translation
+ipmon=NO		# ipfilter logging
+ipmon_flags="-s"
+cron=YES
 portmap=YES		# almost always needed
 inetd=YES		# almost always needed
 lpd=NO			# printing daemons
 check_quotas=YES	# NO may be desireable in some YP environments
+syslogd_flags=		# add more flags, ie. -u -a /chroot/dev/log
+yp_client=NO
+yp_server=NO
+ypserver_flags=""		# E.g. -1 for YP v1, -d for DNS etc
+yppasswdd_flags=""		# "-d /etc/yp" if passwd files are in /etc/yp
+
+
+# On some architectures, you must also disable console getty in /etc/ttys
+xdm=NO
+xdm_flags=""		# for 'normal' use: xdm_flags=""
+
+# launch directives for rc.local daemons
+sshd=NO
+cfsd=NO
+snmpd=NO
+scon=NO
+scon_flags=""
 
-# miscellaneous other flags
-# only used if the appropriate server is marked YES above
-gated_flags=
-ypserv_flags=			# E.g. -1 for YP v1, -d for DNS etc
-yppasswdd_flags=		# "-d /etc/yp" if passwd files are in /etc/yp
-nfsd_flags="-tun 4"		# Crank the 4 for a busy NFS fileserver
-nfsiod_flags="-n 4"		# Crank the 4 for a busy NFS client
-amd_dir=/tmp_mnt		# AMD's mount directory
-amd_master=/etc/amd/master	# AMD 'master' map
-ipfilter_rules=/etc/ipf.rules	# Rules for IP packet filtering
-ipnat_rules=/etc/ipnat.rules	# Rules for Network Address Translation
-ipmon_flags=-s			# To disable logging, use ipmon_flags=NO
-syslogd_flags=			# add more flags, ie. -u -a /chroot/dev/log
--- rc.orig	Fri May  1 09:16:12 1998
+++ rc	Fri May  1 10:03:45 1998
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.71 1998/04/07 06:11:52 deraadt Exp $
+#	$OpenBSD: rc,v 1.72 1998/04/29 10:05:32 pattonme Exp $
 
 # System startup script run by init on autoboot
 # or after single-user.
@@ -87,10 +87,10 @@
 rm -f /dev/log
 syslogd ${syslogd_flags}
 
-# $named_flags is imported from /etc/rc.conf;
-# if $named_flags != NO, named is run.
-if [ "X${named_flags}" != X"NO" ]; then
-	echo 'starting named';		named $named_flags
+# $named and $named_flags are imported from /etc/rc.conf;
+# if $named = YES, named is run.
+if [ X"${named}" = X"YES" ]; then
+	echo 'starting named';		named ${named_flags}
 fi
 
 # /etc/ifaliases, if it exists, contains the names of additional IP
@@ -109,35 +109,39 @@
 )
 fi
 
-if [ X"${ipfilter}" = X"YES" -a X"${ipmon_flags}" != X"NO" ]; then
+# $ipfilter, $ipmon, and $ipmon_flags are imported from /etc/rc.conf;
+# if $ipfilter and $ipmon = YES, ipmon is run.
+if [ X"${ipfilter}" = X"YES" -a X"${ipmon}" = X"YES" ]; then
 	echo 'starting ipmon';		ipmon ${ipmon_flags}
 fi
 
-# $photurisd_flags is imported from /etc/rc.conf;
-# If $photurisd_flags == NO or /etc/photuris/photuris.conf doesn't exist, then
-# photurisd isn't run.
-if [ "X${photurisd_flags}" != X"NO" -a -e /etc/photuris/photuris.conf ]; then
+# $photurisd and $photurisd_flags is imported from /etc/rc.conf;
+# If $photurisd = YES, then photurisd is run.
+if [ X"${photurisd}" = X"YES" ]; then
 	echo 'starting photurisd';	photurisd ${photurisd_flags}
 fi
 
 echo -n 'starting rpc daemons:'
 
 # $portmap is imported from /etc/rc.conf;
-# if $portmap == YES, the portmapper is started.
+# if $portmap = YES, the portmapper is started.
 if [ X"${portmap}" = X"YES" ]; then
 	echo -n ' portmap';		portmap
 fi
 
-if [ -d /var/yp/binding ]; then
-	if [ -d /var/yp/`domainname` ]; then
+# $yp_client, $yp_server, $ypserver_flags, $yppasswdd_flags are
+# imported from /etc/rc.conf;
+# if $yp_client = YES, the yellowpages system is started.
+if [ X"${yp_client}" = X"YES" -a -d /var/yp/binding ]; then
+	if [ X"${yp_server}" = X"YES" -a -d /var/yp/`domainname` ]; then
 		# yp server capabilities needed...
-		echo -n ' ypserv';		ypserv ${ypserv_flags}
+		echo -n ' ypserv';		ypserv ${ypserver_flags}
 		#echo -n ' ypxfrd';		ypxfrd
 	fi
 
 	echo -n ' ypbind';		ypbind
 
-	if [ -d /var/yp/`domainname` ]; then
+	if [ X"${yp_server}" = X"YES" -a -d /var/yp/`domainname` ]; then
 		# if we are the master server, run rpc.yppasswdd
 		_host1=`ypwhich -m passwd 2> /dev/null`
 		_host2=`hostname`
@@ -157,35 +161,39 @@
 	fi
 fi
 
-# $nfs_server is imported from /etc/rc.conf;
-# if $nfs_server == YES, the machine is setup for being an nfs server
-if [ X${nfs_server} = X"YES" -a -s /etc/exports -a \
+# $nfs_server, $nfsd_flags, $lockd are imported from /etc/rc.conf;
+# if $nfs_server = YES and /etc/exports has valid entires,
+# the machine is configured as an nfs server.
+# if $lockd = YES, start that as well.
+if [ X"${nfs_server}" = X"YES" -a -f /etc/exports -a \
     `cat /etc/exports | sed -e '/^#/d' | wc -l` -ne 0 ]; then
-	rm -f /var/db/mountdtab
+	rm -f /var/db/mountdtab	
 	echo -n > /var/db/mountdtab
 	echo -n ' mountd';		mountd
 	echo -n ' nfsd';		nfsd ${nfsd_flags}
-	if [ X${lockd} = X"YES" ]; then
+	if [ X"${lockd}" = X"YES" ]; then
 		echo -n ' rpc.lockd';	rpc.lockd
 	fi
 fi
 
-# $nfs_client is imported from /etc/rc.conf;
-# if $nfs_client == YES, the machine is setup for being an nfs client
-if [ X${nfs_client} = X"YES" ]; then
+# $nfs_client and $nfsiod_flags are imported from /etc/rc.conf;
+# if $nfs_client = YES, the machine is setup for being an nfs client
+if [ X"${nfs_client}" = X"YES" ]; then
 	echo -n ' nfsiod';		nfsiod ${nfsiod_flags}
 fi
 
-if [ X${amd} = X"YES" -a -d ${amd_dir} -a -e ${amd_master} ]; then
+# $amd, $amd_dir and $amd_master are imported from /etc/rc.conf;
+# if $amd = YES and the configuration files exist, amd is started.
+if [ X"${amd}" = X"YES" -a -d ${amd_dir} -a -f ${amd_master} ]; then
 	echo -n ' amd'
 	amd -l syslog -x error,noinfo,nostats -p \
 	    -a ${amd_dir} `cat ${amd_master}` > /var/run/amd.pid
 fi
 
-# $timed_flags is imported from /etc/rc.conf;
-# if $timed_flags == NO, timed isn't run.
-if [ "X${timed_flags}" != X"NO" ]; then
-	echo -n ' timed'; timed $timed_flags
+# $timed and $timed_flags are imported from /etc/rc.conf;
+# if $timed = YES, timed is run.
+if [ X"${timed}" = X"YES" ]; then
+	echo -n ' timed'; 		timed ${timed_flags}
 fi
 echo '.'
 
@@ -194,10 +202,11 @@
 # /var/crash should be a directory or a symbolic link
 # to the crash directory if core dumps are to be saved.
 if [ -d /var/crash ]; then
+	echo checking for core dump...
 	savecore /var/crash
 fi
 
-if [ "X${check_quotas}" = X"YES" ]; then
+if [ X"${check_quotas}" = X"YES" ]; then
 	echo -n 'checking quotas:'
 	quotacheck -a
 	echo ' done.'
@@ -225,6 +234,7 @@
     find . ! -name . ! -name lost+found ! -name quota.user \
 	! -name quota.group -exec rm -rf -- {} \; -type d -prune)
 
+# read in sysctl directives to modify system behavior
 if [ -f /etc/sysctl.conf ]; then
 (
 	# delete comments and blank lines
@@ -233,11 +243,12 @@
 		sysctl -w $1
 		shift 1
 	done
-)
+)	
 fi
 
+# start picky daemons before altering kernal security level
 test -f /etc/rc.securelevel && . /etc/rc.securelevel
-if [ X${securelevel} != X"" ]; then
+if [ X"${securelevel}" != X"" ]; then
 	echo -n 'setting kernel security level: '
 	sysctl -w kern.securelevel=${securelevel}
 fi
@@ -294,99 +305,115 @@
 fi
 
 echo -n standard daemons:
-echo -n ' cron';		cron
+
+# $cron is imported from /etc/rc.conf. If $cron = YES then run it.
+if [ X"${cron}" = X"YES" ]; then
+	echo -n ' cron';		cron
+fi
+
 echo '.'
 
 echo -n starting network daemons:
 
-# $gated and $routed_flags are imported from /etc/rc.conf.
-# If $gated == YES, gated is used; otherwise routed.
-# If $routed_flags == NO, routed isn't run.
-if [ X${gated} = X"YES" -a -e /etc/gated.conf ]; then
-	echo -n ' gated';		gated $gated_flags
-elif [ "X${routed_flags}" != X"NO" ]; then
-	echo -n ' routed';		routed $routed_flags
+# $gated, gated_flags, $routed, and $routed_flags are imported
+# from /etc/rc.conf.
+# If $gated = YES, gated is used; otherwise routed if $routed = YES.
+if [ X"${gated}" = X"YES" -a -f /etc/gated.conf ]; then
+	echo -n ' gated';		gated ${gated_flags}
+elif [ X"${routed}" = X"YES" ]; then
+	echo -n ' routed';		routed ${routed_flags}
 fi
 
-# $mrouted_flags is imported from /etc/rc.conf;
-# If $mrouted_flags == NO, then mrouted isn't run.
-if [ "X${mrouted_flags}" != X"NO" ]; then
-	echo -n ' mrouted';		mrouted $mrouted_flags
+# $mrouted and $mrouted_flags are imported from /etc/rc.conf;
+# If $mrouted = YES, then mrouted is run.
+if [ X"${mrouted}" = X"YES" ]; then
+	echo -n ' mrouted';		mrouted ${mrouted_flags}
 fi
 
 # $rwhod is imported from /etc/rc.conf;
-# if $rwhod == YES, rwhod is run.
-if [ X${rwhod} = X"YES" ]; then
+# if $rwhod = YES, rwhod is run.
+if [ X"${rwhod}" = X"YES" ]; then
 	echo -n ' rwhod';		rwhod
 fi
 
-
-if [ X${lpd} = X"YES" ]; then
+# $lpd is imported from /etc/rc.conf;
+# if $lpd = YES, lpd is run.
+if [ X"${lpd}" = X"YES" ]; then
 	echo -n ' printer';		lpd
 fi
 
-# $sendmail_flags is imported from /etc/rc.conf;
-# If $sendmail_flags == NO or /etc/sendmail.cf doesn't exist, then
-# sendmail isn't run.  We call sendmail with a full path so that
-# SIGHUP works.
-if [ "X${sendmail_flags}" != X"NO" -a -s /etc/sendmail.cf ]; then
-	echo -n ' sendmail';		/usr/sbin/sendmail ${sendmail_flags}
+# $httpd and $httpd_flags are imported from /etc/rc.conf;
+# if $httpd = YES, httpd is run.
+if [ "X${httpd}" = X"YES"  ]; then
+	echo -n ' httpd';		/usr/sbin/httpd ${httpd_flags}
 fi
 
-if [ "X${httpd_flags}" != X"NO"  ]; then
-	echo -n ' httpd';		/usr/sbin/httpd ${httpd_flags}
+# $sendmail and $sendmail_flags are imported from /etc/rc.conf;
+# If $sendmail = YES and /etc/sendmail.cf exists, then
+# sendmail is run.  We call sendmail with a full path so that
+# SIGHUP works.
+if [ X"${sendmail}" = X"YES" -a -f /etc/sendmail.cf ]; then
+	echo -n ' sendmail';		/usr/sbin/sendmail ${sendmail_flags}
 fi
 
-# $smtpfwdd_flags is imported from /etc/rc.conf;
-# If $smtpfwdd_flags == NO, smtpfwdd isn't run.
-if [ "X${smtpfwdd_flags}" != X"NO" ]; then
+# $smtpfwdd and $smtpfwdd_flags are imported from /etc/rc.conf;
+# If $smtpfwdd = YES, smtpfwdd is run.
+if [ X"${smtpfwdd}" = X"YES" ]; then
 	echo -n ' smtpfwdd';	/usr/libexec/smtpfwdd ${smtpfwdd_flags}
 fi
 
-
-if [ X${inetd} = X"YES" ]; then
+# $smtpd and $smtpd_flags are imported from /etc/rc.conf;
+# if $smtpd = YES, smtpd is run. Note the flags must contain "-D" for
+# deamon mode or else invoke via inetd.
+if [ X"${smtpd}" = X"YES" ]; then
+	echo -n ' smtpd';	/usr/libexec/smtpd ${smtpd_flags}
+
+# $inetd is imported from /etc/rc.conf;
+# if $inetd = YES then inetd is run.
+if [ X"${inetd}" = X"YES" ]; then
 	echo -n ' inetd';		inetd
 fi
 
-# $rarpd_flags is imported from /etc/rc.conf;
-# If $rarpd_flags == NO or /etc/ethers doesn't exist, then
-# rarpd isn't run.
-if [ "X${rarpd_flags}" != X"NO" -a -s /etc/ethers ]; then
+# $rarpd and $rarpd_flags are imported from /etc/rc.conf;
+# If $rarpd = YES and /etc/ethers exists, then rarpd is run.
+if [ X"${rarpd}" = X"YES" -a -f /etc/ethers ]; then
 	echo -n ' rarpd';		rarpd ${rarpd_flags}
 fi
 
-# $bootparamd_flags is imported from /etc/rc.conf;
-# If $bootparamd_flags == NO or /etc/bootparams doesn't exist, then
-# bootparamd isn't run.
-if [ "X${bootparamd_flags}" != X"NO" -a -s /etc/bootparams ]; then
+# $bootparamd and $bootparamd_flags are imported from /etc/rc.conf;
+# If $bootparamd = YES and /etc/bootparams exists, then
+# bootparamd is run.
+if [ X"${bootparamd}" = X"YES" -a -f /etc/bootparams ]; then
 	echo -n ' rpc.bootparamd';	rpc.bootparamd ${bootparamd_flags}
 fi
 
-# $rbootd_flags is imported from /etc/rc.conf;
-# If $rbootd_flags == NO or /etc/rbootd.conf doesn't exist, then
-# rbootd isn't run.
-if [ "X${rbootd_flags}" != X"NO" -a -s /etc/rbootd.conf ]; then
+# $rbootd and $rbootd_flags are imported from /etc/rc.conf;
+# If $rbootd = YES and /etc/rbootd.conf exists, then rbootd is run.
+if [ X"${rbootd}" = X"YES" -a -f /etc/rbootd.conf ]; then
 	echo -n ' rbootd';		rbootd ${rbootd_flags}
 fi
 
-# $mopd_flags is imported from /etc/rc.conf;
-# If $mopd_flags == NO or /tftpboot/mop doesn't exist, then
-# mopd isn't run.
-if [ "X${mopd_flags}" != X"NO" -a -d /tftpboot/mop ]; then
+# $mopd and $mopd_flags are imported from /etc/rc.conf;
+# If $mopd_flags = YES and /tftpboot/mop exists, then mopd is run.
+if [ X"${mopd}" = X"YES" -a -d /tftpboot/mop ]; then
 	echo -n ' mopd';		mopd ${mopd_flags}
 fi
 
+echo '.'
+
+echo -n setting up environment:
+
 if [ -x /usr/sbin/screenblank ]; then
-	echo -n ' screenblank';	/usr/sbin/screenblank
+	echo -n ' screenblank';		/usr/sbin/screenblank
 fi
 
-echo '.'
-
 if [ -f /sbin/kbd -a -f /etc/kbdtype ]; then
-	kbd `cat /etc/kbdtype`
+	echo ' keyboard'		kbd `cat /etc/kbdtype`
 fi
 
-if [ -f /sbin/ldconfig ]; then
+echo '.'
+
+if [ -x /sbin/ldconfig ]; then
 	echo 'creating runtime link editor directory cache.'
 	_LIBS=
 	if [ -d /usr/local/lib ]; then
@@ -400,16 +427,16 @@
 
 # Kerberos runs ONLY on the Kerberos servers
 # Kadmin is runs only on the main server
-if [ X${kerberos_server} = X"YES" ]; then
+if [ X"${kerberos_server}" = X"YES" ]; then
 	echo 'kerberos server'
-	/usr/libexec/kerberos >> /var/log/kerberos.log &
-	/usr/libexec/kadmind -n >> /var/log/kadmind.log &
+	/usr/libexec/kerberos >> /var/log/kerberos &
+	/usr/libexec/kadmind -n >> /var/log/kadmind &
 fi
 
 # Kpropd runs only on Kerberos slave servers
-if [ X${kerberos_slave} = X"YES" ]; then
+if [ X"${kerberos_slave}" = X"YES" ]; then
 	echo 'kerberos slave server'
-	/usr/libexec/kerberos -s >> /var/log/kerberos.log &
+	/usr/libexec/kerberos -s >> /var/log/kerberos &
 	/usr/libexec/kpropd -i &
 fi
 
@@ -418,8 +445,8 @@
 date
 
 # Alternatively, on some architectures, xdm may be started in /etc/ttys.
-if [ "X${xdm_flags}" != X"NO" ]; then
-	echo 'starting xdm...';		/usr/X11R6/bin/xdm
+if [ "X${xdm}" = X"YES" ]; then
+	echo 'starting xdm...';		/usr/X11R6/bin/xdm ${xdm_flags}
 fi
 
 exit 0
--- rc.local.orig	Fri May  1 09:16:23 1998
+++ rc.local	Fri May  1 09:50:57 1998
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc.local,v 1.22 1998/04/07 16:32:55 deraadt Exp $
+#	$OpenBSD: rc.local,v 1.23 1998/04/28 17:00:00 pattonme Exp $
 
 # site-specific startup actions, daemons, and other things which
 # can be done AFTER your system goes into securemode.  For actions
@@ -10,12 +10,16 @@
 
 echo -n 'starting local daemons:'
 
-if [ -x /usr/local/sbin/sshd ]; then
+# $sshd is imported from /etc/rc.conf;
+# if $sshd = YES, sshd is run.
+if [ X"${sshd}" = X"YES" -x /usr/local/sbin/sshd ]; then
 	echo -n ' sshd';	/usr/local/sbin/sshd
 	#echo -n ' sshd2022';	/usr/local/sbin/sshd -p 2022
 fi
 
-if [ -x /usr/local/sbin/cfsd ]; then
+# $cfsd is imported from /etc/rc.conf;
+# if $cfsd = YES, cfsd is run.
+if [ X"${cfsd}" = X"YES" -a -x /usr/local/sbin/cfsd ]; then
 	if ps auxc | grep -q '^ *root .* mountd$'; then
 		echo -n ' cfsd';        /usr/local/sbin/cfsd
 		mount -o port=3049,nfsv2,intr localhost:/null /crypt
@@ -24,13 +28,17 @@
 	fi
 fi
 
-if [ -x /usr/local/sbin/snmpd ]; then
+# $snmpd is imported from /etc/rc.conf;
+# if $snmpd = YES, snmpd is run.
+if [ X"${snmpd}" = X"YES" -x /usr/local/sbin/snmpd ]; then
 	echo -n ' snmpd';	/usr/local/sbin/snmpd
 fi
 
+# $scon and $scon_flags are imported from /etc/rc.conf;
+# if $scon = YES, scon is run.
 # set pcvt screen saver time to 5min (see scon(1) for more options)
-#if test -x /usr/sbin/ispcvt -a -x /usr/sbin/scon && /usr/sbin/ispcvt; then
-#	echo -n ' scon';	/usr/sbin/scon -t 300
-#fi
+if [ X"${scon}" = X"YES" -a -x /usr/sbin/ispcvt && /usr/sbin/scon ]; then
+	echo -n ' scon';	/usr/sbin/scon ${scon_flags}
+fi
 
 echo '.'