Date: Thu, 2 Feb 2006 19:53:57 -0500 From: Tom Rhodes <trhodes@FreeBSD.org> To: Doug Barton <dougb@FreeBSD.org> Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, rwatson@FreeBSD.org, cvs-all@FreeBSD.org, trhodes@FreeBSD.org Subject: Re: cvs commit: src/etc/rc.d Makefile auditd Message-ID: <20060202195357.3a997478.trhodes@FreeBSD.org> In-Reply-To: <43E2A089.7020202@FreeBSD.org> References: <200602021002.k12A2u0u067172@repoman.freebsd.org> <43E2A089.7020202@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 02 Feb 2006 16:15:05 -0800 Doug Barton <dougb@freebsd.org> wrote: > Robert Watson wrote: > > rwatson 2006-02-02 10:02:56 UTC > > > > FreeBSD src repository > > > > Modified files: > > etc/rc.d Makefile > > Added files: > > etc/rc.d auditd > > Log: > > Add auditd rc.d script. > > > > Submitted by: trhodes > > Obtained from: TrustedBSD Project > > > > Revision Changes Path > > 1.64 +1 -1 src/etc/rc.d/Makefile > > 1.1 +34 -0 src/etc/rc.d/auditd (new) > > > > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/Makefile.diff?&r1=1.63&r2=1.64&f=h > > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/auditd > > I have a couple concerns about this. First the more general, I'm not sure > that /etc/security is a reasonable place for your config files. That's a > very general name, and the audit stuff is a very specific project. That > said, I'm not sure that we need yet another directory under /etc, but I'm > curious about what others think about this issue. > > My more specific concern is about some aspects of the rc.d script. First, > it's not clear why you need BEFORE: DAEMON, generally services like this > would REQUIRE: DAEMON instead. Is there a good reason that this has to start > earlier than that? It's also generally a bad thing to use BEFORE when it's > not absolutely necessary. Is there something else that could REQUIRE auditd > that would get you the same or similar ordering? Next, I'm pretty sure you > don't need the test for the pid file in auditd_stop, rc.subr should handle > that for you. Please test that, and if it doesn't work properly let > freebsd-rc@ know about it. You should probably also add the shutdown KEYWORD > so that this gets killed off properly on system shutdown. Finally, I'm > pretty sure that command_args="${auditd_flags}" is not needed. If you find > that it is, that's worth mentioning on freebsd-rc@ as well. I'll test for the PID check. -- Tom Rhodes
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060202195357.3a997478.trhodes>