From owner-freebsd-hackers  Fri Jun 30  4:22:48 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from birch.ripe.net (birch.ripe.net [193.0.1.96])
	by hub.freebsd.org (Postfix) with ESMTP id 2868937B97A
	for <freebsd-hackers@freebsd.org>; Fri, 30 Jun 2000 04:22:44 -0700 (PDT)
	(envelope-from fotis@ripe.net)
Received: from x21.ripe.net (x21.ripe.net [193.0.1.21])
	by birch.ripe.net (8.8.8/8.8.8) with ESMTP id NAA02938;
	Fri, 30 Jun 2000 13:22:42 +0200 (CEST)
Received: from localhost (fotis@localhost)
	by x21.ripe.net (8.8.8/8.8.5) with ESMTP id NAA25101;
	Fri, 30 Jun 2000 13:22:42 +0200 (CEST)
Date: Fri, 30 Jun 2000 13:22:42 +0200 (CEST)
From: Fotis Georgatos <fotis@ripe.net>
To: Konstantin Chuguev <Konstantin.Chuguev@dante.org.uk>
Cc: freebsd-hackers@freebsd.org
Subject: Re: Periodic scripts [Was: Re: /etc/security -> /etc/periodic/security
 ?]
In-Reply-To: <395B79A0.AB99EA21@dante.org.uk>
Message-ID: <Pine.BSI.4.05L.10006301309170.24628-100000@x21.ripe.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Hello all,

> > Will we be seeing a move in this direction towards a more configurable
> > security script?  Is anyone planning it?

What about a configuration language?

On Thu, 29 Jun 2000, Konstantin Chuguev wrote:
> IMO, introducing a sort of silent mode to these periodic scripts would help
> sysadmins. The idea is as follows:
[...]

I've been using the tool Cfengine lately,
and I am surprised that it's not more standard in the BSD family (++).

Why bother with complex shell scripts when you can have most
needed functionality in a single C program?
I've found myself replacing 10-20 lines of shell code with a single line.

Remember that shell scripts involve all shorts of small utilities,
and have to fork and play with memory space quite much, many times.

I'd like to hear other people's ideas on this,
because I'm in an effort to replace them anyway...

Please, keep me cc.

cheers,
Fotis

-- The statistician drowned in a lake averaging only 2 feet in depth.
Fotis Georgatos <fotis@ripe.net>, nic-hdl:     FMG21-RIPE



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message