From owner-freebsd-current@FreeBSD.ORG  Sun Dec  2 15:43:27 2012
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 274586BD;
 Sun,  2 Dec 2012 15:43:27 +0000 (UTC)
 (envelope-from rwatson@freebsd.org)
Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42])
 by mx1.freebsd.org (Postfix) with ESMTP id C8F3D8FC08;
 Sun,  2 Dec 2012 15:43:26 +0000 (UTC)
Received: from [192.168.2.119]
 (host86-129-88-139.range86-129.btcentralplus.com [86.129.88.139])
 by cyrus.watson.org (Postfix) with ESMTPSA id 3C2BE46B53;
 Sun,  2 Dec 2012 10:43:24 -0500 (EST)
Subject: Re: Distributed audit daemon committed (was: svn commit: r243752 - in
 head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin
 usr.sbin/auditdistd (fwd))
Mime-Version: 1.0 (Apple Message framework v1283)
From: "Robert N. M. Watson" <rwatson@freebsd.org>
In-Reply-To: <CAFMmRNzu==GZ0-EPdB9Wz5MSnu=cvJUtd4_-wsPSxqykxTFySw@mail.gmail.com>
Date: Sun, 2 Dec 2012 15:43:22 +0000
Message-Id: <0857C6CA-31DF-441D-B30E-F7DB2492C213@freebsd.org>
References: <alpine.BSF.2.00.1212011512410.34256@fledge.watson.org>
 <50BA7158.1040302@fgznet.ch>
 <CADLo83-SJMdu7jagH-Ac_Ooc-LahDtL+EF-cRHiWsS9u64sxsA@mail.gmail.com>
 <50BB136F.4040509@zedat.fu-berlin.de>
 <alpine.BSF.2.00.1212021302390.55169@fledge.watson.org>
 <CAFMmRNzu==GZ0-EPdB9Wz5MSnu=cvJUtd4_-wsPSxqykxTFySw@mail.gmail.com>
To: Ryan Stone <rysto32@gmail.com>
X-Mailer: Apple Mail (2.1283)
Content-Type: text/plain;
	charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
Cc: FreeBSD Current <freebsd-current@freebsd.org>,
 "O. Hartmann" <ohartman@zedat.fu-berlin.de>, Brooks Davis <brooks@freebsd.org>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Dec 2012 15:43:27 -0000


On 2 Dec 2012, at 15:34, Ryan Stone wrote:

> On Sun, Dec 2, 2012 at 8:05 AM, Robert Watson <rwatson@freebsd.org> =
wrote:
>=20
> Just to follow up on this thread, since the question has come up a =
number of times.  "mergemaser -p" should be run prior to installworld =
always, but most of the time will do very little.  One of its =
responsibilities is to add any necessary accounts and groups depended on =
by base system components -- e.g., that will be referenced during =
installworld as part of setting file ownership and groups.
>=20
> I often use "make installworld installkernel distribution DESTDIR=3D..."=
 to create bootable images (e.g. for a USB stick).  What's the =
recommendation for that case?  Manually create the auditdistd user on =
the build host?

Yes, that's probably the best short-term bet.

In the longer term, it would be nice of installworld could not only =
generate an mtree on the side rather than directly chmod/chowning the =
files (Brooks Davis has patches for this), but also use UIDs/GIDs from a =
user database directly rather than assuming that the host where you are =
constructing the image has the same notion of users and groups. This is =
especially important if we want to support cross-building embedded =
images from Linux, Mac OS X, etc, in the future.

Robert=