Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 19 Dec 2012 23:43:45 +0000
From:      "Robert N. M. Watson" <rwatson@FreeBSD.org>
To:        Bryan Drewery <bryan-lists@shatow.net>
Cc:        stable@FreeBSD.org
Subject:   Re: MFC: Distributed audit daemon committed (was: svn commit: r243752 - in head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin usr.sbin/auditdistd (fwd)) (fwd)
Message-ID:  <5416F71C-303F-4904-B87D-79F538573683@FreeBSD.org>
In-Reply-To: <50D0B813.5030100@shatow.net>
References:  <alpine.BSF.2.00.1212181516250.99201@fledge.watson.org> <50D0B813.5030100@shatow.net>

next in thread | previous in thread | raw e-mail | index | archive | help

On 18 Dec 2012, at 18:38, Bryan Drewery wrote:

>> Just an FYI that the new distributed audit daemon has been MFC'd to
>> 9-STABLE.
>>=20
>> As noted in UPDATING, you will need to run "mergemaster -p" before =
using
>> installkernel or installworld targets in order to add the new
>> "auditdistd" system user.  This should be part of the regular update
>> cycle anyway, but after the experience of adding auditdistd in
>> 10-CURRENT, we've discovered that many people are skipping that step =
in
>> the update cycle, so I figured it best to point out here.
>>=20
>> (Technically, only installworld requires the user, but the user-check
>> guards in the system Makefiles are enforced for both targets.)
>=20
> Have you seen misc/174405? Apparently installkernel is requiring the
> user as well. The documented process in UPDATING does not mention
> running mergemaster -p before [install]kernel.

Hi Bryan:

I was not aware of the PR. However, yes, that was the point I was making =
in my e-mail -- that the Makefile seems to put the user check on =
installkernel and not just installworld. While I did MFC the change to =
add the 'auditdistd' user to the requirements list, I didn't originate =
that change, and agree that it's a "false positive". I hadn't originally =
planned to add an UPDATING entry, or Makefile dependency, as mergemaster =
-p is part of our standard upgrade procedure before installworld; =
however, I got a lot of complaints :-). I did also add an explicit URL =
pointing at the upgrade procedure in the handbook as part of UPDATING as =
a result. It would be useful if someone would make the necessary changes =
to the Makefile infrastructure to allow kernel vs. userspace =
install-time dependencies on users (and groups) separate.

Robert=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5416F71C-303F-4904-B87D-79F538573683>