Plans for after FreeBSD-5.3-RELEASE.
Rainer Duffner
rainer at ultra-secure.de
Thu Sep 23 17:06:12 PDT 2004
Am Fr, den 24.09.2004 schrieb Jose M Rodriguez um 1:38:
> On Thu, 23 Sep 2004 17:51:17 +0200, Benjamin Lutz <benlutz at datacomm.ch>
> wrote:
>
> > Hello,
> >
> >> Our ask is about comments, notes and approvals to:
> >> ...
> >> - patchs against xorg-clients (and sim) to move xinit/xdm config to
> >> /etc/X11
> >
> > Hm... I really like FreeBSD's way of keeping / as clean as possible, only
> > adding 3rd party files to /usr/X11R6 an /usr/local. What about
> > /usr/X11R6/etc? Btw, this is one area where I think it's a bad idea to
> > emulate Linux, most Linux's /etc dirs are a mess.
> >
>
> I must disagree with this.
>
> A port must install from tarball under his ${PREFIX}.
> If it have anything else to do, it must use pkg-install.
> But it may obey config out of ${PREFIX}
> In fact, several ports obey config out of ${PREFIX} via rc-subr.
That's true. I'd also like to know why that was implemented this way.
> The use of ${PREFIX}/etc as the only point of control may get
> you more problems that expected:
>
> - You can't share ${PREFIX} among machines with differents setups.
Indeed you can't.
But last time I did this (admittedly, this was when 3.x was stable...),
you just had to have different configurations on the server and use
different automounter-configs on the client. That way, the client always
got the right configuration, provided the amd-config was right in the
first place.
If you have a *local* XF86Config, you just shift the problem (can't
share) from the server to the client. It becomes a distribution-problem.
> - You get a very sparse config system.
Not really, /etc, /usr/local/etc and /usr/X11R6/etc.
> + Most difficult to secure.
> + Most difficult to automate.
I can't see why. One is more difficult to automate than the other.
cheers,
Rainer
--
===================================================
~ Rainer Duffner - rainer at ultra-secure.de ~
~ Freising - Munich - Germany ~
~ Unix - Linux - BSD - OpenSource - Security ~
~ http://www.ultra-secure.de/~rainer/pubkey.pgp ~
===================================================
More information about the freebsd-current
mailing list