:${foo_enable:=NO} in rc.d script
Doug Barton
dougb at FreeBSD.org
Thu Aug 5 05:34:47 UTC 2010
On 08/04/10 20:25, Hiroki Sato wrote:
> Hi,
>
> This may be discussed already but I could not find which was correct,
> so please point out it if we already have a consensus...
>
> Well, I am wondering if an rc.d script installed by a port must have
> ": ${foo_enable:=NO}" line.
That particular style is not mandated, but the policy is that all ports
should ship with a default setting of _enable=no. The default is a
security issue, in that an affirmative step by the user should be
required to enable newly installed services. This also mirrors policy
for almost everything in the base. Although in the last few years more
services in the base have defaulted to on, of the 20 or so things in
/etc/defaults/rc.conf that are enabled by default there are only 3 that
are actual services; devd, sendmail_submit, and cron. Most of the rest
are either boot-time things (like cleanvar_) or configuration elements
of services that are themselves disabled by default (like
named_chroot_autoupdate and named_symlink_enable). Requiring the
explicit setting of _enable to no (rather than letting it error out)
also mirrors the practice in the base of having /etc/defaults/rc.conf
which explicitly disables everything.
I find it impossible to believe that at this stage in the game there are
still users who are confused by how to enable services, and if they are
the example in the porter's handbook provides sample text for the
comments of the rc.d script to explain what to do. There are also a
non-zero number of ports that include instructions in their pkg-message
files.
> Since most of ports I am maintaining do not have this line, I need to
> fix them if setting the variable as NO consistently is preferable.
I believe the examples in
http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/rc-scripts.html
are fairly thorough, and relatively well documented. If you have any
questions about the text please don't hesitate to bring them up, I am
always looking for ways to improve it.
hth,
Doug
--
Improve the effectiveness of your Internet presence with
a domain name makeover! http://SupersetSolutions.com/
Computers are useless. They can only give you answers.
-- Pablo Picasso
More information about the freebsd-ports
mailing list