Date: Tue, 19 Jun 2001 12:22:26 -0400 (EDT) From: Igor Roshchin <str@giganda.komkon.org> To: freebsd-security@FreeBSD.ORG Subject: /etc/defaults/rc.conf (Was: IPFW newbie) Message-ID: <200106191622.MAA66100@giganda.komkon.org> In-Reply-To: <0106190918132R.00481@xyberpix.mip.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> From: "Thomas T. Veldhouse" <veldy@veldy.net>
> Subject: Re: IPFW newbie
> Date: Tue, 19 Jun 2001 08:50:00 -0500
>
> You will want to override the rules in /etc/defaults/rc.conf so that your
> firewall is enabled. I then suggest you write your own firewall script (in
> /etc/rc.conf, firewall_script="/etc/my.firewall.script") and setup the rules
> you want. Read through the existing /etc/rc.firewall script and you will
> learn a lot. Then use the manpage for ipfw and you will learn a lot more.
>
<..>
> From: Neil Fryer <neilf@mip.co.za>
> Subject: Re: IPFW newbie
> Date: Tue, 19 Jun 2001 09:15:11 +0200
>
<..>
>
> Alternatively, you could write some rules to allow you to ssh into your box,
> and save them in a script, and then in /etc/defaults/rc.conf, set the file for
> ipfw to read, and then voila!
>
<..>
I am surprised to see that two people in a raw gave an advice, suggesting
to edit /etc/defaults/rc.conf.
IIRC, /etc/defaults was introduced as a nice instrument of having
_default_ settings in one directory, and changes to it in a standard file
in /etc. (Approach used on other systems (e.g. Irix) even earlier)
IMHO, this makes it much easier to do system upgrades.
So, IMHO, the Good Thing is to add lines from the files in /etc/defaults/*
to the corresponding files in /etc/ .
Below are the quotes from the man pages and the handbook recommending
this style.
rc.conf(5) says:
The /etc/rc.conf file is included from the file /etc/defaults/rc.conf,
which specifies the default settings for all the available options. Op-
tions need only be specified in /etc/rc.conf when the system administra-
tor wishes to override these defaults.
Similarly the handbook says about /etc/defaults/make.conf:
19.4.2. Check /etc/make.conf
Examine the files /etc/defaults/make.conf and /etc/make.conf. The
first contains some default defines - most of which are commented out.
To make use of them when you rebuild your system from source, add them
to /etc/make.conf.
Best,
Igor
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106191622.MAA66100>