From owner-freebsd-stable@freebsd.org Mon Aug 8 17:53:33 2016 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B2779BB358C; Mon, 8 Aug 2016 17:53:33 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from c.mail.sonic.net (c.mail.sonic.net [64.142.111.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8CD32199C; Mon, 8 Aug 2016 17:53:33 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from aurora.physics.berkeley.edu (aurora.physics.berkeley.edu [128.32.117.67]) (authenticated bits=0) by c.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id u78HrQ4o030993 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 8 Aug 2016 10:53:27 -0700 Subject: Re: FreeBSD 11.0-BETA4 Now Available To: Lars Engels , Devin Teske , Glen Barber , freebsd-current@FreeBSD.org, freebsd-stable@FreeBSD.org, FreeBSD Release Engineering Team References: <20160806210526.GJ50364@FreeBSD.org> <20160808084830.GP148@e-new.0x20.net> <20160808144405.GD2008@FreeBSD.org> <20160808150207.GA148@e-new.0x20.net> <0DC3A3B2-6915-4203-B9EB-4C46A5809B1C@freebsd.org> <20160808174350.GB148@e-new.0x20.net> From: Nathan Whitehorn Message-ID: <7e621f3a-8659-3cc1-01ac-3360dcb89604@freebsd.org> Date: Mon, 8 Aug 2016 10:53:26 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 MIME-Version: 1.0 In-Reply-To: <20160808174350.GB148@e-new.0x20.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVa3p6svzeROAp0MepS713bHPfAoB0nqgA2BS+hPlzaXOBx3o5fGx2q9tkAgWdp3GraDEJSKJtjwkYCofbErdHYZEUuZNyJGTZY= X-Sonic-ID: C;zqbVAZFd5hGy76Dx2xNB0g== M;FDZGApFd5hGy76Dx2xNB0g== X-Spam-Flag: No X-Sonic-Spam-Details: 0.0/5.0 by cerberusd X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Aug 2016 17:53:33 -0000 On 08/08/16 10:43, Lars Engels wrote: > On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: >>> On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: >>> >>> On Mon, Aug 08, 2016 at 02:44:05PM +0000, Glen Barber wrote: >>>> On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: >>>>> On Sat, Aug 06, 2016 at 09:05:26PM +0000, Glen Barber wrote: >>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>> o The new system hardening options have been fixed to avoid overwriting >>>>>> other options selected during install time. >>>>> Can those options also get added to "bsdconfig"? >>>> You would have to ask the bsdconfig maintainer(s). >>>> >>> Cc'ing dteske. >>> >> What aspects of bsdconfig need updating? > bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig > share a lot of code, so bsdconfig should probably also offer the > "hardening" module. The hardening module should probably just be a part of bsdconfig, actually, and an option to open bsdconfig be an option at the end of the installer. -Nathan