Date: Tue, 17 Feb 2004 14:34:35 -0800 From: Ted Cabeen <secabeen@pobox.com> To: "Simon L. Nielsen" <simon@FreeBSD.org> Cc: Thomas-Martin Seck <tmseck-lists@netcologne.de> Subject: Re: Feature Request: /usr/local/etc/rc.conf support Message-ID: <87r7wt49ok.fsf@gray.impulse.net> In-Reply-To: <20040217222807.GA771@arthur.nitro.dk> (Simon L. Nielsen's message of "Tue, 17 Feb 2004 23:28:08 %2B0100") References: <20040217193127.5655.qmail@laurel.tmseck.homedns.org> <87vfm5777l.fsf@gray.impulse.net> <20040217212137.GD719@laurel.tmseck.homedns.org> <87znbh4cii.fsf@gray.impulse.net> <20040217222807.GA771@arthur.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
"Simon L. Nielsen" <simon@FreeBSD.org> writes: > On 2004.02.17 13:33:25 -0800, Ted Cabeen wrote: >> The system securelevel is set in the /etc/rc.conf file. To prevent an >> attacker from changing the securelevel defined there and then >> rebooting the machine, I set the /etc/rc.conf file to be immutable. >> However, I'd like to be able to install new ports and have them start >> automatically without having to boot to single-user to modify rc.conf >> (or any other configuration file equivalent to rc.conf). > > There is also the option of using the (yet) undocumented in FreeBSD [1] > /etc/rc.conf.d/service files. E.g. to enable rsyncd you would have > /etc/rc.conf.d/rsyncd with the variable rsyncd_enable="YES" (Note: I > haven't tested this, but I'm rather sure I'm reading the source and > NetBSD manual page corrrectly). Would that file only be parsed when starting a service with that name, or would it be parsed at the beginning of the rc run? -- Ted Cabeen http://www.pobox.com/~secabeen ted@impulse.net Check Website or Keyserver for PGP/GPG Key BA0349D2 secabeen@pobox.com "I have taken all knowledge to be my province." -F. Bacon secabeen@cabeen.org "Human kind cannot bear very much reality."-T.S.Eliot cabeen@netcom.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87r7wt49ok.fsf>