From owner-freebsd-stable@freebsd.org Mon Aug 8 18:22:31 2016 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 71A79BB27F9; Mon, 8 Aug 2016 18:22:31 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from c.mail.sonic.net (c.mail.sonic.net [64.142.111.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5C1D01636; Mon, 8 Aug 2016 18:22:31 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from zeppelin.tachypleus.net (airbears2-136-152-142-124.airbears2.berkeley.edu [136.152.142.124]) (authenticated bits=0) by c.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id u78IMRah029154 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 8 Aug 2016 11:22:27 -0700 Subject: Re: FreeBSD 11.0-BETA4 Now Available To: Glen Barber References: <20160806210526.GJ50364@FreeBSD.org> <20160808084830.GP148@e-new.0x20.net> <20160808144405.GD2008@FreeBSD.org> <20160808150207.GA148@e-new.0x20.net> <0DC3A3B2-6915-4203-B9EB-4C46A5809B1C@freebsd.org> <20160808174350.GB148@e-new.0x20.net> <7e621f3a-8659-3cc1-01ac-3360dcb89604@freebsd.org> <20160808175632.GJ2008@FreeBSD.org> Cc: Lars Engels , Devin Teske , freebsd-current@FreeBSD.org, freebsd-stable@FreeBSD.org, FreeBSD Release Engineering Team From: Nathan Whitehorn Message-ID: Date: Mon, 8 Aug 2016 11:22:27 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 MIME-Version: 1.0 In-Reply-To: <20160808175632.GJ2008@FreeBSD.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVYzG+Bq415z9lY25fH7W2YRz4XbDc43pXR5BJDsZhNjAvtQXQ2iA3gGZdf+fVUyc5ZaqS74onxoHL+9oUCTQzndcygchjmm8eU= X-Sonic-ID: C;VJh+D5Vd5hGCGKDx2xNB0g== M;hji2D5Vd5hGCGKDx2xNB0g== X-Spam-Flag: No X-Sonic-Spam-Details: 0.0/5.0 by cerberusd X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Aug 2016 18:22:31 -0000 On 08/08/16 10:56, Glen Barber wrote: > On Mon, Aug 08, 2016 at 10:53:26AM -0700, Nathan Whitehorn wrote: >> >> On 08/08/16 10:43, Lars Engels wrote: >>> On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: >>>>> On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: >>>>> >>>>> On Mon, Aug 08, 2016 at 02:44:05PM +0000, Glen Barber wrote: >>>>>> On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: >>>>>>> On Sat, Aug 06, 2016 at 09:05:26PM +0000, Glen Barber wrote: >>>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>>> o The new system hardening options have been fixed to avoid overwriting >>>>>>>> other options selected during install time. >>>>>>> Can those options also get added to "bsdconfig"? >>>>>> You would have to ask the bsdconfig maintainer(s). >>>>>> >>>>> Cc'ing dteske. >>>>> >>>> What aspects of bsdconfig need updating? >>> bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig >>> share a lot of code, so bsdconfig should probably also offer the >>> "hardening" module. >> The hardening module should probably just be a part of bsdconfig, actually, >> and an option to open bsdconfig be an option at the end of the installer. >> > In order for that to be an option, I'd strongly suggest updating > bsdconfig to properly detect packages on the DVD (which it has not since > 10.0-RELEASE), as it makes too many incorrect assumptions. > > Glen > It's way too late for this for 11.0. I was just making a general statement. I think things are fine as they are for the upcoming release. -Nathan