Distributed audit daemon committed (was: svn commit: r243752 - in head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin usr.sbin/auditdistd (fwd))
Robert Watson
rwatson at FreeBSD.org
Sun Dec 2 13:05:51 UTC 2012
On Sun, 2 Dec 2012, O. Hartmann wrote:
>> Does mergemaster -p help?
>
> I had the very same problem and complained about it on current at .
> "mergemaster -p" definitely helped for me and I was given the advise to use
> mergemaster -p prior to every make installworld.
Just to follow up on this thread, since the question has come up a number of
times. "mergemaser -p" should be run prior to installworld always, but most
of the time will do very little. One of its responsibilities is to add any
necessary accounts and groups depended on by base system components -- e.g.,
that will be referenced during installworld as part of setting file ownership
and groups.
One of the primary sources of new users and groups has been chroot/etc
sandboxes -- independent from the role of a daemon as a file owner. My hope
is that this will reduce over time with increasing use Capsicum sandboxes,
which don't require custom UIDs/GIDs. However, there are still cases where
you want a daemon, for reasons of file and group ownership, to run as a
specific user, as is the case with auditdistd, which does support Capsicum
(where enabled).
Robert
More information about the freebsd-current
mailing list