Date: Fri, 13 Jan 2012 07:11:01 +0000 From: Chris Rees <crees@freebsd.org> To: obrien@freebsd.org Cc: freebsd-rc@freebsd.org Subject: Re: Problem with LOGIN and cron Message-ID: <CADLo838ygJPVCdkai-Ui6eRKt4cZ3tX9Xj67KxmRKc10tLcDag@mail.gmail.com> In-Reply-To: <20120112234424.GA41056@dragon.NUXI.org> References: <20120112234424.GA41056@dragon.NUXI.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12 January 2012 23:44, David O'Brien <obrien@freebsd.org> wrote: > 'LOGIN' states: > =A0 =A0 =A0 =A0This is a dummy dependency to ensure user services such as= xdm, > =A0 =A0 =A0 =A0inetd, cron and kerberos are started after everything else= , in > =A0 =A0 =A0 =A0case the administrator has increased the system security l= evel > =A0 =A0 =A0 =A0and wants to delay user logins until the system is (almost= ) fully > =A0 =A0 =A0 =A0operational. > > So based on that, 'securelevel' should have: > +# REQUIRE: sysctl > +# BEFORE: =A0LOGIN > Otherwise a cronjob could act against securelevel=3D1+ for a short peroid > of time. Hm, but what if I have an @reboot line in crontab, that relies on securelevel <1? Can't we change the wording in the docs instead? Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo838ygJPVCdkai-Ui6eRKt4cZ3tX9Xj67KxmRKc10tLcDag>