Date: Thu, 14 Dec 2000 11:35:41 -0800 (PST) From: Gordon Tetlow <gordont@bluemtn.net> To: Darren Henderson <darren@bmv.state.me.us> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: securelevel and /etc/rc in 4.2S Message-ID: <Pine.BSF.4.05.10012141129420.8189-100000@sdmail0.sd.bmarts.com> In-Reply-To: <Pine.A41.4.21.0012141127510.24088-100000@katahdin.bmv.state.me.us>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 14 Dec 2000, Darren Henderson wrote: [snip] > Now my confussion... > > Shouldn't rc.sysctl be using the rc.conf kern_securelevel* settings instead > of waiting to set those at the end of rc? I think I can see where there > might be some conflicts if someone wants to run at 3 (unable to set firewall > rules etc) as the network configuration takes place after rc.sysctl. But > that could be accomedated in rc.sysctl (if 3 wanted then don't set or set to > 2) and rc.firewall (if 3 wanted set it after the rules have been read). I think the idea is that everything in /etc/rc* has free reign over the box (as it should) to configure everything and once the bootup is complete, we lock everything down tight. > Also, wouldn't it make more sense for /etc/defaults/rc.conf to at least set > "YES" and 0? Unless I'm missing something, "YES" and 0 is the same as "NO" and -1. -gordon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10012141129420.8189-100000>