HEADS UP: Audit integration into CVS in progress, some tree
disruption
Tom Rhodes
trhodes at FreeBSD.org
Thu Feb 2 02:14:00 GMT 2006
On Thu, 2 Feb 2006 01:17:47 +0000 (GMT)
Robert Watson <rwatson at FreeBSD.org> wrote:
> On Wed, 1 Feb 2006, Mike Jakubik wrote:
>
> > Kris Kennaway wrote:
> >> On Wed, Feb 01, 2006 at 07:03:31PM -0500, Mike Jakubik wrote:
> >>
> >>> Personally, i would like to see less "experimental" code in 6.1. Perhaps
> >>> it would be better to wait until everyone feels the code is ready?
> >>
> >> Why do you care if code that is not enabled by default is present in the
> >> system? :-)
> >
> > Well... While you, me, and other viewers of this list may be fully aware of
> > the situation, some else who is either new to FreeBSD or missed out on this
> > info may try it and possibly be disappointed. Which would ruin their
> > experience and/or opinion of FreeBSD in general. I guess if it does make it
> > in, it would be a good idea to clearly notify the user that it is still
> > experimental, etc..
>
> In the past, we've marked features as experimental using a man page note,
> e.g., in the mac(4) man page:
>
> NAME
> mac -- Mandatory Access Control
>
> SYNOPSIS
> options MAC
>
> ...
>
> BUGS
> See mac(9) concerning appropriateness for production use. The TrustedBSD
> MAC Framework is considered experimental in FreeBSD.
>
> And as such in the release notes. However, maybe we could add the following
> also:
>
> - Dependence on defining "options EXPERIMENTAL" in the kernel configuration
> file -- if the kernel isn't compiled with the EXPERIMENTAL option, a compile
> error warning that it needs to be defined will be generated.
>
> - When a kernel is configured with an experimental feature, config generates a
> warning, similar to the ones it currently generates about GPL'd components,
> etc.
>
> And we should make sure there is a note in the handbook section as well.
There is, IIRC. I'll double check to make sure.
--
Tom Rhodes
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message
More information about the trustedbsd-audit
mailing list