Feature Request: /usr/local/etc/rc.conf support

Simon L. Nielsen simon at FreeBSD.org
Tue Feb 17 14:28:10 PST 2004 

On 2004.02.17 13:33:25 -0800, Ted Cabeen wrote:
> Thomas-Martin Seck <tmseck-lists at netcologne.de> writes:
> 
> > * Ted Cabeen (secabeen at pobox.com):
> >
> >> tmseck-lists at netcologne.de (Thomas-Martin Seck) writes:
> >> 
> >> > You can use /etc/rc.conf.local.
> >> 
> >> Yeah, but that's supposedly deprecated.  
> >
> > Maybe, but 5.x still uses it "for historical reasons". Neither rc(8) nor
> > rc.conf(5) say "deprecated". Do you mean rc.local?
> 
> Okay.  I read "for historical reasons" as "we might get rid of this
> someday, so don't use it".

While it might be deprecated some day, I don't think so (due to POLA and
no big reason that I can see to remove support).

Also, if it were to be removed it probably will follow the standard
deprication path where it is marked depricated in one major FreeBSD
version and then first removed the next major version.  In short, I'm
rather sure nothing bad will happen if you use it (though I won't make
any promises since I don't make that kind of decisions).

> The system securelevel is set in the /etc/rc.conf file.  To prevent an
> attacker from changing the securelevel defined there and then
> rebooting the machine, I set the /etc/rc.conf file to be immutable.
> However, I'd like to be able to install new ports and have them start
> automatically without having to boot to single-user to modify rc.conf
> (or any other configuration file equivalent to rc.conf).

There is also the option of using the (yet) undocumented in FreeBSD [1]
/etc/rc.conf.d/service files.  E.g. to enable rsyncd you would have
/etc/rc.conf.d/rsyncd with the variable rsyncd_enable="YES" (Note: I
haven't tested this, but I'm rather sure I'm reading the source and
NetBSD manual page corrrectly).

Of course I can still see that /usr/local/etc/rc.conf might be useful, I
just want to point out existing possibilities.

[1] Yes yes, documenting this is somewhere on my TODO list :-).

-- 
Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20040217/eae5b602/attachment.bin

More information about the freebsd-ports mailing list