HEADS UP: Audit integration into CVS in progress, some tree disruption

Tom Rhodes trhodes at FreeBSD.org
Thu Feb 2 02:14:00 GMT 2006


On Thu, 2 Feb 2006 01:17:47 +0000 (GMT)
Robert Watson <rwatson at FreeBSD.org> wrote:

> On Wed, 1 Feb 2006, Mike Jakubik wrote:
> 
> > Kris Kennaway wrote:
> >> On Wed, Feb 01, 2006 at 07:03:31PM -0500, Mike Jakubik wrote:
> >> 
> >>> Personally, i would like to see less "experimental" code in 6.1. Perhaps 
> >>> it would be better to wait until everyone feels the code is ready?
> >> 
> >> Why do you care if code that is not enabled by default is present in the 
> >> system? :-)
> >
> > Well... While you, me, and other viewers of this list may be fully aware of 
> > the situation, some else who is either new to FreeBSD or missed out on this 
> > info may try it and possibly be disappointed. Which would ruin their 
> > experience and/or opinion of FreeBSD in general. I guess if it does make it 
> > in, it would be a good idea to clearly notify the user that it is still 
> > experimental, etc..
> 
> In the past, we've marked features as experimental using a man page note, 
> e.g., in the mac(4) man page:
> 
> NAME
>       mac -- Mandatory Access Control
> 
> SYNOPSIS
>       options MAC
> 
> ...
> 
> BUGS
>       See mac(9) concerning appropriateness for production use.  The TrustedBSD
>       MAC Framework is considered experimental in FreeBSD.
> 
> And as such in the release notes.  However, maybe we could add the following 
> also:
> 
> - Dependence on defining "options EXPERIMENTAL" in the kernel configuration
>    file -- if the kernel isn't compiled with the EXPERIMENTAL option, a compile
>    error warning that it needs to be defined will be generated.
> 
> - When a kernel is configured with an experimental feature, config generates a
>    warning, similar to the ones it currently generates about GPL'd components,
>    etc.
> 
> And we should make sure there is a note in the handbook section as well.

There is, IIRC.  I'll double check to make sure.

-- 
Tom Rhodes
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message



More information about the trustedbsd-audit mailing list