Date: Thu, 12 Jan 2012 15:44:24 -0800 From: "David O'Brien" <obrien@freebsd.org> To: freebsd-rc@freebsd.org Subject: Problem with LOGIN and cron Message-ID: <20120112234424.GA41056@dragon.NUXI.org>
next in thread | raw e-mail | index | archive | help
'LOGIN' states: This is a dummy dependency to ensure user services such as xdm, inetd, cron and kerberos are started after everything else, in case the administrator has increased the system security level and wants to delay user logins until the system is (almost) fully operational. So based on that, 'securelevel' should have: +# REQUIRE: sysctl +# BEFORE: LOGIN Otherwise a cronjob could act against securelevel=1+ for a short peroid of time. But after adding that one gets rcorder: Circular dependency on provision `LOGIN' in file `cron'. rcorder: Circular dependency on provision `LOGIN' in file `jail'. As 'cron' has "BEFORE: securelevel". Why should that be the case? This comes from r114735 (Move securelevel further back in the boot order) but failed to state any serneios. Thoughts? 'jail' has "REQUIRE: LOGIN" (r113568) and "BEFORE: securelevel". I see the need for "BEFORE: securelevel", but why the need for "REQUIRE: LOGIN"? -- -- David (obrien@FreeBSD.org) P.S. Does this change in ordering look OK? --- /tmp/1 2012-01-12 15:40:27.000000000 -0800 +++ /tmp/2 2012-01-12 15:40:33.000000000 -0800 @@ -126,14 +126,13 @@ sdpd rfcomm_pppd_server rtadvd rwho +jail +localpkg +securelevel LOGIN syscons sshd sendmail -cron -jail -localpkg -securelevel power_profile othermta nfscbd @@ -148,6 +147,7 @@ geli2 ftpd ftp-proxy dhclient +cron bsnmpd bluetooth bgfsck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120112234424.GA41056>