cvs commit: src/etc/rc.d Makefile auditd
Doug Barton
dougb at FreeBSD.org
Thu Feb 2 16:15:12 PST 2006
Robert Watson wrote:
> rwatson 2006-02-02 10:02:56 UTC
>
> FreeBSD src repository
>
> Modified files:
> etc/rc.d Makefile
> Added files:
> etc/rc.d auditd
> Log:
> Add auditd rc.d script.
>
> Submitted by: trhodes
> Obtained from: TrustedBSD Project
>
> Revision Changes Path
> 1.64 +1 -1 src/etc/rc.d/Makefile
> 1.1 +34 -0 src/etc/rc.d/auditd (new)
>
> http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/Makefile.diff?&r1=1.63&r2=1.64&f=h
> http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/auditd
I have a couple concerns about this. First the more general, I'm not sure
that /etc/security is a reasonable place for your config files. That's a
very general name, and the audit stuff is a very specific project. That
said, I'm not sure that we need yet another directory under /etc, but I'm
curious about what others think about this issue.
My more specific concern is about some aspects of the rc.d script. First,
it's not clear why you need BEFORE: DAEMON, generally services like this
would REQUIRE: DAEMON instead. Is there a good reason that this has to start
earlier than that? It's also generally a bad thing to use BEFORE when it's
not absolutely necessary. Is there something else that could REQUIRE auditd
that would get you the same or similar ordering? Next, I'm pretty sure you
don't need the test for the pid file in auditd_stop, rc.subr should handle
that for you. Please test that, and if it doesn't work properly let
freebsd-rc@ know about it. You should probably also add the shutdown KEYWORD
so that this gets killed off properly on system shutdown. Finally, I'm
pretty sure that command_args="${auditd_flags}" is not needed. If you find
that it is, that's worth mentioning on freebsd-rc@ as well.
hth,
Doug
--
This .signature sanitized for your protection
More information about the cvs-src
mailing list