From owner-freebsd-arch@FreeBSD.ORG Mon Oct 3 10:05:01 2005 Return-Path: X-Original-To: freebsd-arch@FreeBSD.org Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8841316A41F for ; Mon, 3 Oct 2005 10:05:01 +0000 (GMT) (envelope-from pjd@garage.freebsd.pl) Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl [83.17.198.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id F2E9943D46 for ; Mon, 3 Oct 2005 10:05:00 +0000 (GMT) (envelope-from pjd@garage.freebsd.pl) Received: by mail.garage.freebsd.pl (Postfix, from userid 65534) id 5B0CA52CFF; Mon, 3 Oct 2005 12:04:59 +0200 (CEST) Received: from localhost (pjd.wheel.pl [10.0.1.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.garage.freebsd.pl (Postfix) with ESMTP id AE4A052CA9; Mon, 3 Oct 2005 12:04:51 +0200 (CEST) Date: Mon, 3 Oct 2005 12:04:41 +0200 From: Pawel Jakub Dawidek To: freebsd-arch@FreeBSD.org Message-ID: <20051003100440.GB3794@garage.freebsd.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l" Content-Disposition: inline X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 7.0-CURRENT i386 User-Agent: mutt-ng devel (FreeBSD) X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on mail.garage.freebsd.pl X-Spam-Level: X-Spam-Status: No, score=-5.9 required=3.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.0.4 Cc: Tomasz =?iso-8859-2?Q?Pi=B3at?= Subject: Moving /usr/sbin/setkey to /sbin/setkey. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2005 10:05:01 -0000 --XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. I'd like to move setkey from /usr/sbin/ to /sbin/. Currently, rc.d/mountcritremote is called before rc.d/ipsec, because someone which want to use setkey(8) can have /usr/ NFS-mounted. Because of this, one cannot protect NFS mounts with IPsec. Moving setkey(8) (like NetBSD did, AFAIK) to /sbin/ and changing the order of rc.d/mountcritremote and rc.d/setkey should solve this chicken-and-egg problem. Any objections? PRs: conf/58832 conf/72135 --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFDQQI4ForvXbEpPzQRAv6TAJ9xtwIOxFAnjIZvoeTTKh/1JA9nmwCdGFEW 29iE9tuA3Ya/YVGOXmQCGv4= =fAT8 -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l--