Date: Wed, 30 Jan 2013 08:11:09 +0000 (UTC) From: Mark Linimon <linimon@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r40811 - head/en_US.ISO8859-1/articles/portbuild Message-ID: <201301300811.r0U8B9gl052822@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: linimon Date: Wed Jan 30 08:11:09 2013 New Revision: 40811 URL: http://svnweb.freebsd.org/changeset/doc/40811 Log: Deorbit the use of security/sudo on the master due to new security requirements. The text still needs some back-fill; this is WIP. Modified: head/en_US.ISO8859-1/articles/portbuild/article.xml Modified: head/en_US.ISO8859-1/articles/portbuild/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/portbuild/article.xml Wed Jan 30 07:54:08 2013 (r40810) +++ head/en_US.ISO8859-1/articles/portbuild/article.xml Wed Jan 30 08:11:09 2013 (r40811) @@ -1836,7 +1836,6 @@ touch /tmp/.boot_finished</programlistin <filename>usr/local/etc/sudoers/sudoers.d/portbuild</filename>:</para> <programlisting># local changes for package building -%wheel ALL=(ALL) ALL portbuild ALL=(ALL) NOPASSWD: ALL</programlisting> </listitem> </itemizedlist> @@ -2272,13 +2271,13 @@ zfs destroy -r a/snap/src-<replaceable>o <title>Steps necessary before <application>qmanager</application> is started</title> <note> - <para>The initial steps need to be done using - <application>sudo</application>.</para> + <para>The initial steps need to be done as + <literal>root</literal>.</para> </note> <itemizedlist> <listitem> - <para>Create a new + <para>If it has not already been done, create the <literal>portbuild</literal> user and group.</para> </listitem> @@ -2397,7 +2396,7 @@ zfs destroy -r a/snap/src-<replaceable>o </itemizedlist> <note> - <para>Once again using <application>sudo</application>:</para> + <para>Once again as <literal>root</literal>:</para> </note> <itemizedlist> @@ -2413,14 +2412,10 @@ zfs destroy -r a/snap/src-<replaceable>o </listitem> </itemizedlist> - <note> - <para>One last time using <application>sudo</application>:</para> - </note> - <itemizedlist> <listitem> <para>Add an appropriate <replaceable>arch</replaceable> entry for - <filename>/var/portbuild/scripts/dologs</filename> to the root + <filename>/var/portbuild/scripts/dologs</filename> to the portbuild <filename>crontab</filename>. (This is a hack and should go away.)</para> </listitem> </itemizedlist> @@ -2430,7 +2425,7 @@ zfs destroy -r a/snap/src-<replaceable>o <title>Steps necessary after <application>qmanager</application> is started</title> <note> - <para>Again using <application>sudo</application>:</para> + <para>Again as <literal>root</literal>:</para> </note> <itemizedlist> @@ -2598,11 +2593,17 @@ net/isc-dhcp41-server ports-mgmt/pkg ports-mgmt/portaudit ports-mgmt/portmaster -security/sudo shells/bash shells/zsh sysutils/screen</programlisting> + <note> + <para>The use of <application>sudo</application> on the master, + which was formerly required, is + <emphasis>no longer recommended</emphasis>. + </para> + </note> + <para>The following ports (or their latest successors) are handy:</para> <programlisting>benchmarks/bonnie++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301300811.r0U8B9gl052822>