From owner-cvs-src@FreeBSD.ORG Fri Feb 3 00:54:05 2006 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7BDEE16A420; Fri, 3 Feb 2006 00:54:05 +0000 (GMT) (envelope-from trhodes@FreeBSD.org) Received: from pittgoth.com (ns1.pittgoth.com [216.38.206.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id E11D243D45; Fri, 3 Feb 2006 00:54:04 +0000 (GMT) (envelope-from trhodes@FreeBSD.org) Received: from localhost (net-ix.gw.ai.net [205.134.160.6] (may be forged)) (authenticated bits=0) by pittgoth.com (8.13.4/8.13.4) with ESMTP id k131YYSo066657 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 2 Feb 2006 20:34:35 -0500 (EST) (envelope-from trhodes@FreeBSD.org) Date: Thu, 2 Feb 2006 19:53:57 -0500 From: Tom Rhodes To: Doug Barton Message-Id: <20060202195357.3a997478.trhodes@FreeBSD.org> In-Reply-To: <43E2A089.7020202@FreeBSD.org> References: <200602021002.k12A2u0u067172@repoman.freebsd.org> <43E2A089.7020202@FreeBSD.org> X-Mailer: Sylpheed version 1.0.5 (GTK+ 1.2.10; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, rwatson@FreeBSD.org, cvs-all@FreeBSD.org, trhodes@FreeBSD.org Subject: Re: cvs commit: src/etc/rc.d Makefile auditd X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Feb 2006 00:54:05 -0000 On Thu, 02 Feb 2006 16:15:05 -0800 Doug Barton wrote: > Robert Watson wrote: > > rwatson 2006-02-02 10:02:56 UTC > > > > FreeBSD src repository > > > > Modified files: > > etc/rc.d Makefile > > Added files: > > etc/rc.d auditd > > Log: > > Add auditd rc.d script. > > > > Submitted by: trhodes > > Obtained from: TrustedBSD Project > > > > Revision Changes Path > > 1.64 +1 -1 src/etc/rc.d/Makefile > > 1.1 +34 -0 src/etc/rc.d/auditd (new) > > > > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/Makefile.diff?&r1=1.63&r2=1.64&f=h > > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/auditd > > I have a couple concerns about this. First the more general, I'm not sure > that /etc/security is a reasonable place for your config files. That's a > very general name, and the audit stuff is a very specific project. That > said, I'm not sure that we need yet another directory under /etc, but I'm > curious about what others think about this issue. > > My more specific concern is about some aspects of the rc.d script. First, > it's not clear why you need BEFORE: DAEMON, generally services like this > would REQUIRE: DAEMON instead. Is there a good reason that this has to start > earlier than that? It's also generally a bad thing to use BEFORE when it's > not absolutely necessary. Is there something else that could REQUIRE auditd > that would get you the same or similar ordering? Next, I'm pretty sure you > don't need the test for the pid file in auditd_stop, rc.subr should handle > that for you. Please test that, and if it doesn't work properly let > freebsd-rc@ know about it. You should probably also add the shutdown KEYWORD > so that this gets killed off properly on system shutdown. Finally, I'm > pretty sure that command_args="${auditd_flags}" is not needed. If you find > that it is, that's worth mentioning on freebsd-rc@ as well. I'll test for the PID check. -- Tom Rhodes