/etc/rc.d/ipsec starts not in time
Hajimu UMEMOTO
ume at mahoroba.org
Sun Nov 16 00:26:42 PST 2003
Hi,
>>>>> On Sat, 15 Nov 2003 15:21:34 -0800
>>>>> Terry Lambert <tlambert2 at mindspring.com> said:
> It is not sufficient. There is setkey(8) in /usr/sbin. It means that
> we cannot protect NFS exported /usr by IPsec. If there is no
> objection, I wish to move setkey(8) into /sbin like NetBSD did.
tlambert2> This type of order inversion is common.
tlambert2> Can we simply delay exportation until later in the boot process?
tlambert2> Wouldn't this have the same effect?
Oops, I should explain the situation clearly. The client which mounts
/usr by NFS cannot use IPsec due to lack of setkey(8).
Sincerely,
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume at mahoroba.org ume at bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
More information about the freebsd-current
mailing list