Date: Tue, 15 Oct 2002 23:54:27 +0800 From: Eugene Grosbein <eugen@grosbein.pp.ru> To: freebsd-stable@FreeBSD.ORG Subject: Re: Ifconfig config of gif tunnels Message-ID: <20021015235427.B381@grosbein.pp.ru> In-Reply-To: <200210151532.g9FFWo2o070440@lurza.secnetix.de>; from olli@secnetix.de on Tue, Oct 15, 2002 at 05:32:50PM %2B0200 References: <200210132154.g9DLsUmc057065@apollo.backplane.com> <200210151532.g9FFWo2o070440@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 15, 2002 at 05:32:50PM +0200, Oliver Fromme wrote: > > (1) It just overwrote system files that users are not supposed to > > change anyway, like files in /etc/defaults and the /etc/rc* > > files. > Additionally, I think it might be a good idea to make those > files schg by default, and teach mergemaster to noschg/schg > them if required. A possibility of running mergemaster in multiuser is essential. Playing with system immutable files when securelevel>0 is trick. Currently temproot cannot be cleaned up after mergemaster due to $temproot/var/empty when securelevel>0 but that's not big deal because it's empty :) However, having configs/scripts marked as system immutable will bring more pain and break POLA, imho. Eugene Grosbein P.S. Yes, I known that running installworld and mergemaster is not supported and is not recommended but this works most of time and this possibility is very, very valuable thinking about downtime. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021015235427.B381>