From owner-freebsd-ports@FreeBSD.ORG Tue Feb 17 15:11:33 2004 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9D1C916A4CE for ; Tue, 17 Feb 2004 15:11:33 -0800 (PST) Received: from gray.impulse.net (gray.impulse.net [207.154.64.174]) by mx1.FreeBSD.org (Postfix) with ESMTP id 95DC743D1F for ; Tue, 17 Feb 2004 15:11:33 -0800 (PST) (envelope-from ted@impulse.net) Received: by gray.impulse.net (Postfix, from userid 1000) id 729534C4; Tue, 17 Feb 2004 15:11:33 -0800 (PST) To: "Scot W. Hetzel" References: <20040217193127.5655.qmail@laurel.tmseck.homedns.org> <87vfm5777l.fsf@gray.impulse.net> <20040217212137.GD719@laurel.tmseck.homedns.org> <87znbh4cii.fsf@gray.impulse.net> <020901c3f5aa$10ca1370$cebe7726@westbend.net> From: Ted Cabeen Organization: Impulse Internet Services Date: Tue, 17 Feb 2004 15:11:33 -0800 In-Reply-To: <020901c3f5aa$10ca1370$cebe7726@westbend.net> (Scot W. Hetzel's message of "Tue, 17 Feb 2004 16:31:11 -0600") Message-ID: <877jyl47yy.fsf@gray.impulse.net> User-Agent: Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.4 (Reasonable Discussion, berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-ports@freebsd.org cc: Thomas-Martin Seck Subject: Re: Feature Request: /usr/local/etc/rc.conf support X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2004 23:11:33 -0000 "Scot W. Hetzel" writes: > From: "Ted Cabeen" >> The system securelevel is set in the /etc/rc.conf file. To prevent an >> attacker from changing the securelevel defined there and then >> rebooting the machine, I set the /etc/rc.conf file to be immutable. >> However, I'd like to be able to install new ports and have them start >> automatically without having to boot to single-user to modify rc.conf >> (or any other configuration file equivalent to rc.conf). >> > We don't need a /usr/local/etc/rc.conf file to be used by ports only. > Instead rc.subr has the ability to load a file for each script from > /etc/rc.conf.d. You will need to create the /etc/rc.conf.d directory, and > then create individual files for the script that that you want to change the > settings for. > > These files are named after the $name variable in each script. This looks like it might work for my needs, but I have a few questions. When would these files be loaded in the boot process, right before the service they're named after, or all at once at the beginning? Would they be run in the same process space as the rest of the rc system? If so, how do we unset the environment variables set in each script after the script has been run through? My main concern is having a configuration file that can be used to define environment variables that are used for ports only and which don't leak into the boot sequence environment. -- Ted Cabeen http://www.pobox.com/~secabeen ted@impulse.net Check Website or Keyserver for PGP/GPG Key BA0349D2 secabeen@pobox.com "I have taken all knowledge to be my province." -F. Bacon secabeen@cabeen.org "Human kind cannot bear very much reality."-T.S.Eliot cabeen@netcom.com