Date: Tue, 17 Feb 2004 23:28:08 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Ted Cabeen <secabeen@pobox.com> Cc: Thomas-Martin Seck <tmseck-lists@netcologne.de> Subject: Re: Feature Request: /usr/local/etc/rc.conf support Message-ID: <20040217222807.GA771@arthur.nitro.dk> In-Reply-To: <87znbh4cii.fsf@gray.impulse.net> References: <20040217193127.5655.qmail@laurel.tmseck.homedns.org> <87vfm5777l.fsf@gray.impulse.net> <20040217212137.GD719@laurel.tmseck.homedns.org> <87znbh4cii.fsf@gray.impulse.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2004.02.17 13:33:25 -0800, Ted Cabeen wrote: > Thomas-Martin Seck <tmseck-lists@netcologne.de> writes: >=20 > > * Ted Cabeen (secabeen@pobox.com): > > > >> tmseck-lists@netcologne.de (Thomas-Martin Seck) writes: > >>=20 > >> > You can use /etc/rc.conf.local. > >>=20 > >> Yeah, but that's supposedly deprecated. =20 > > > > Maybe, but 5.x still uses it "for historical reasons". Neither rc(8) nor > > rc.conf(5) say "deprecated". Do you mean rc.local? >=20 > Okay. I read "for historical reasons" as "we might get rid of this > someday, so don't use it". While it might be deprecated some day, I don't think so (due to POLA and no big reason that I can see to remove support). Also, if it were to be removed it probably will follow the standard deprication path where it is marked depricated in one major FreeBSD version and then first removed the next major version. In short, I'm rather sure nothing bad will happen if you use it (though I won't make any promises since I don't make that kind of decisions). > The system securelevel is set in the /etc/rc.conf file. To prevent an > attacker from changing the securelevel defined there and then > rebooting the machine, I set the /etc/rc.conf file to be immutable. > However, I'd like to be able to install new ports and have them start > automatically without having to boot to single-user to modify rc.conf > (or any other configuration file equivalent to rc.conf). There is also the option of using the (yet) undocumented in FreeBSD [1] /etc/rc.conf.d/service files. E.g. to enable rsyncd you would have /etc/rc.conf.d/rsyncd with the variable rsyncd_enable=3D"YES" (Note: I haven't tested this, but I'm rather sure I'm reading the source and NetBSD manual page corrrectly). Of course I can still see that /usr/local/etc/rc.conf might be useful, I just want to point out existing possibilities. [1] Yes yes, documenting this is somewhere on my TODO list :-). --=20 Simon L. Nielsen FreeBSD Documentation Team --MGYHOYXEY6WxJCY8 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQFAMpV3h9pcDSc1mlERAnqwAJwKrI8BB8E5E1Mr9ymp5BUwn9yLlwCgvfj8 S54uzrEIOBp+fZ6BT20b6tM= =Zu1Q -----END PGP SIGNATURE----- --MGYHOYXEY6WxJCY8--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040217222807.GA771>