From owner-freebsd-bugs@FreeBSD.ORG Sat May 2 15:11:57 2015 Return-Path: Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CA6CE2C0 for ; Sat, 2 May 2015 15:11:57 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9CBA11251 for ; Sat, 2 May 2015 15:11:57 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id t42FBvT2016977 for ; Sat, 2 May 2015 15:11:57 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 199864] bsdinstall(8): zfsboot script should create /var/audit dataset Date: Sat, 02 May 2015 15:11:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: conf X-Bugzilla-Version: 10.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jason.unovitch@gmail.com X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 May 2015 15:11:57 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199864 Bug ID: 199864 Summary: bsdinstall(8): zfsboot script should create /var/audit dataset Product: Base System Version: 10.1-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: conf Assignee: freebsd-bugs@FreeBSD.org Reporter: jason.unovitch@gmail.com Created attachment 156238 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=156238&action=edit add /var/audit dataset to usr.sbin/bsdinstall/scripts/zfsboot config usr.sbin/bsdinstall/scripts/zfsboot currently creates datasets for /var/log but not /var/audit. While anyone using auditing would likely make adjustments, the default could be better. There's no good reason to potentially lose audit logs by keeping them as part of the boot environment instead of on a dedicated dataset. Additionally, treating logs under /var/log different than audit logs under /var/audit is not an intuitive default configuration. Attached patch enables configuring /var/audit by default. Other Implementation References: PCBSD creates /var/audit by default with just compression, which is already enabled at the pool level on FreeBSD since r266108 on HEAD and r267056 on stable/10. https://github.com/pcbsd/pcbsd/commit/b1a3938d275d5c283e0fdd2f5a5c1eafe94ea55f Oracle Solaris 11 does things differently with a symlink of /var/audit to /var/share/audit to accomplish the same goal of keeping audit logs outside of the boot environment: https://docs.oracle.com/cd/E26502_01/html/E21383/glyzj.html -- You are receiving this mail because: You are the assignee for the bug.