Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Feb 2006 16:36:34 -0800
From:      Brooks Davis <brooks@one-eyed-alien.net>
To:        Doug Barton <dougb@FreeBSD.org>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, Robert Watson <rwatson@FreeBSD.org>, cvs-all@FreeBSD.org, trhodes@FreeBSD.org
Subject:   Re: cvs commit: src/etc/rc.d Makefile auditd
Message-ID:  <20060203003634.GA10492@odin.ac.hmc.edu>
In-Reply-To: <43E2A089.7020202@FreeBSD.org>
References:  <200602021002.k12A2u0u067172@repoman.freebsd.org> <43E2A089.7020202@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--OXfL5xGRrasGEqWY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Feb 02, 2006 at 04:15:05PM -0800, Doug Barton wrote:
> Robert Watson wrote:
> > rwatson     2006-02-02 10:02:56 UTC
> >=20
> >   FreeBSD src repository
> >=20
> >   Modified files:
> >     etc/rc.d             Makefile=20
> >   Added files:
> >     etc/rc.d             auditd=20
> >   Log:
> >   Add auditd rc.d script.
> >  =20
> >   Submitted by:   trhodes
> >   Obtained from:  TrustedBSD Project
> >  =20
> >   Revision  Changes    Path
> >   1.64      +1 -1      src/etc/rc.d/Makefile
> >   1.1       +34 -0     src/etc/rc.d/auditd (new)
> >=20
> > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/Makefile.diff?&r1=3D=
1.63&r2=3D1.64&f=3Dh
> > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/auditd
>=20
> I have a couple concerns about this. First the more general, I'm not sure
> that /etc/security is a reasonable place for your config files. That's a
> very general name, and the audit stuff is a very specific project. That
> said, I'm not sure that we need yet another directory under /etc, but I'm
> curious about what others think about this issue.
>=20
> My more specific concern is about some aspects of the rc.d script. First,
> it's not clear why you need BEFORE:  DAEMON, generally services like this
> would REQUIRE: DAEMON instead. Is there a good reason that this has to st=
art
> earlier than that? It's also generally a bad thing to use BEFORE when it's
> not absolutely necessary. Is there something else that could REQUIRE audi=
td
> that would get you the same or similar ordering? Next, I'm pretty sure you
> don't need the test for the pid file in auditd_stop, rc.subr should handle
> that for you. Please test that, and if it doesn't work properly let
> freebsd-rc@ know about it. You should probably also add the shutdown KEYW=
ORD
> so that this gets killed off properly on system shutdown. Finally, I'm
> pretty sure that command_args=3D"${auditd_flags}" is not needed. If you f=
ind
> that it is, that's worth mentioning on freebsd-rc@ as well.

In this case, I believe the placement of the script is correct.  auditd
is on the order of syslog.  If you're going to run it, you want it early
so you know what your daemons did.

-- Brooks

--=20
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

--OXfL5xGRrasGEqWY
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFD4qWQXY6L6fI4GtQRAhSBAJ0TtD3ajgEBZYpkHi8l7YCnhUZh0ACg0odJ
9ssdRt45JrwYSUMvNP7OAS0=
=aFEd
-----END PGP SIGNATURE-----

--OXfL5xGRrasGEqWY--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060203003634.GA10492>