Date: Sun, 19 Aug 2012 14:33:14 +0200 From: Jilles Tjoelker <jilles@stack.nl> To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no> Cc: freebsd-security@freebsd.org, Roberto <robertot@redix.it>, "Simon L. B. Nielsen" <simon@FreeBSD.org> Subject: Re: getting the running patch level Message-ID: <20120819123313.GA72985@stack.nl> In-Reply-To: <86pq6xs0zb.fsf@ds4.des.no> References: <0B65D7562F9DA04FAC3F15C508BF67136B90E09E1F@ESESSCMS0355.eemea.ericsson.se> <001701cd7648$c2520350$46f609f0$@com> <5024f984.45ca320a.1838.4155SMTPIN_ADDED@mx.google.com> <CAC8HS2FU1hrbh_m4P6h%2BSpUAJREfCeynHPD3QnNx6XuzSb3T-g@mail.gmail.com> <86pq6xs0zb.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Aug 11, 2012 at 09:05:44PM +0200, Dag-Erling Smørgrav wrote: > "Simon L. B. Nielsen" <simon@FreeBSD.org> writes: > > This has been discussed a number of time, but there are no nice and > > simple solution. > There is a simple solution that, while not bulletproof, would work well > enough in most cases: have 'make installworld' create /etc/issue, which > would look like this: > FreeBSD 9.0-RELEASE-p4 amd64/amd64 I think the idea of having 'make installworld' create something is good, but we should not hard-code policy by writing the information into a file that may be shown to unauthenticated users (such as by getty). A new file with a name=value format somewhat like /etc/lsb-release on Linux seems more appropriate. If the admin wants /etc/issue, /etc/rc.d/motd can create it. The new file is not a configuration file and tools like mergemaster and freebsd-update must not bother the admin about it. If all files under /etc are considered "configuration files", then perhaps a different location is better. -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120819123313.GA72985>