Date: Thu, 15 Mar 2001 03:22:16 +0100 From: Andrea Campi <andrea@webcom.it> To: Robert Watson <rwatson@freebsd.org> Cc: freebsd-arch@freebsd.org Subject: Re: flags settings for modules Message-ID: <20010315032215.G3277@webcom.it> In-Reply-To: <Pine.NEB.3.96L.1010314211549.87211A-100000@fledge.watson.org>; from rwatson@freebsd.org on Wed, Mar 14, 2001 at 09:18:05PM -0500 References: <20010314111629.A1018@dragon.nuxi.com> <Pine.NEB.3.96L.1010314211549.87211A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 14, 2001 at 09:18:05PM -0500, Robert Watson wrote:
>
> The effects of schg can be mitigated by circumventing securelevels, which
> is trivial in most installs, especially in our default installs. Enabling
> schg in the default install offers little benefit (in fact, it's rather
> inconvenient). There are hardened environments where schg can be useful,
> but ours is not one of them. I'd like schg turned off in the default
> install to unbreak various forms of NFS stuff, and because it's a royal
> pain to keep stripping schg from binaries, libraries, modules, and the
> kernel when I need to manually twiddle as opposed to using the Makefile,
> which happens with surprising frequency as a result of a still-too-small
> root partition relative to the size of (kernel + modules).
Why don't we make it a make(1) variable? Of course this would be in
/etc/defaults/make.conf, or whatever comes out of the discussion...
Bye,
Andrea
--
Loose bits sink chips.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010315032215.G3277>