Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 13 Jan 2012 17:18:59 -0800
From:      Doug Barton <dougb@FreeBSD.org>
To:        obrien@FreeBSD.org
Cc:        freebsd-rc@FreeBSD.org
Subject:   Re: Problem with LOGIN and cron
Message-ID:  <4F10D803.5060706@FreeBSD.org>
In-Reply-To: <20120113193246.GB87287@dragon.NUXI.org>
References:  <20120112234424.GA41056@dragon.NUXI.org> <4F1004DB.2030102@FreeBSD.org> <20120113193246.GB87287@dragon.NUXI.org>

next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------090603040807070704090303
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

On 01/13/2012 11:32, David O'Brien wrote:
> On Fri, Jan 13, 2012 at 02:18:03AM -0800, Doug Barton wrote:
>> I haven't fully processed the implications to your proposed change to
>> rcorder, but a quick meta-note. We should not introduce any new
>> examples of BEFORE in base rc.d scripts. That knob is useful for
>> ports/local stuff, but it makes debugging harder.
> 
> Doug,
> Thanks for the info.  I need to digest the BEFORE vs. LOGIN REQUIRE it a
> little bit more with my local patch.
> 
> 
>> It moves cron and jail from right before LOGIN, to fairly late after it.
>> There are no other changes. On my system specifically:
> 
> With my change, jail was pushed earlier, not later.  I'm pretty sure
> jail should run before changes the secure level -- especially if one
> wants securelevel=3.

Fair enough, attached patch doesn't change jail but moves cron late like
my last patch.


Doug

-- 

	You can observe a lot just by watching.	-- Yogi Berra

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/


--------------090603040807070704090303
Content-Type: text/plain;
 name="rc.d-securelevel.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="rc.d-securelevel.diff"

diff -ur /usr/src/etc/rc.d/LOGIN ./LOGIN
--- /usr/src/etc/rc.d/LOGIN	2012-01-08 14:34:00.000000000 -0800
+++ ./LOGIN	2012-01-13 02:06:23.000000000 -0800
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: LOGIN
-# REQUIRE: DAEMON
+# REQUIRE: DAEMON securelevel
 
 #	This is a dummy dependency to ensure user services such as xdm,
 #	inetd, cron and kerberos are started after everything else, in case
Only in /usr/src/etc/rc.d: Makefile
diff -ur /usr/src/etc/rc.d/cron ./cron
--- /usr/src/etc/rc.d/cron	2012-01-08 14:34:01.000000000 -0800
+++ ./cron	2012-01-13 02:08:04.000000000 -0800
@@ -5,7 +5,6 @@
 
 # PROVIDE: cron
 # REQUIRE: LOGIN cleanvar
-# BEFORE: securelevel
 # KEYWORD: shutdown
 
 . /etc/rc.subr
diff -ur /usr/src/etc/rc.d/jail ./jail
--- /usr/src/etc/rc.d/jail	2012-01-08 14:34:01.000000000 -0800
+++ ./jail	2012-01-13 17:09:44.000000000 -0800
@@ -4,8 +4,7 @@
 #
 
 # PROVIDE: jail
-# REQUIRE: LOGIN cleanvar
-# BEFORE: securelevel
+# REQUIRE: DAEMON cleanvar
 # KEYWORD: nojail shutdown
 
 # WARNING: This script deals with untrusted data (the data and
diff -ur /usr/src/etc/rc.d/securelevel ./securelevel
--- /usr/src/etc/rc.d/securelevel	2012-01-08 14:34:01.000000000 -0800
+++ ./securelevel	2012-01-13 17:14:55.000000000 -0800
@@ -4,6 +4,7 @@
 #
 
 # PROVIDE: securelevel
+# REQUIRE: DAEMON jail
 
 . /etc/rc.subr
 

--------------090603040807070704090303--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F10D803.5060706>