getting the running patch level

Jilles Tjoelker jilles at
Sun Aug 19 12:33:15 UTC 2012

On Sat, Aug 11, 2012 at 09:05:44PM +0200, Dag-Erling Smørgrav wrote:
> "Simon L. B. Nielsen" <simon at> writes:
> > This has been discussed a number of time, but there are no nice and
> > simple solution.

> There is a simple solution that, while not bulletproof, would work well
> enough in most cases: have 'make installworld' create /etc/issue, which
> would look like this:

>   FreeBSD 9.0-RELEASE-p4 amd64/amd64

I think the idea of having 'make installworld' create something is good,
but we should not hard-code policy by writing the information into a
file that may be shown to unauthenticated users (such as by getty).

A new file with a name=value format somewhat like /etc/lsb-release on
Linux seems more appropriate. If the admin wants /etc/issue,
/etc/rc.d/motd can create it.

The new file is not a configuration file and tools like mergemaster and
freebsd-update must not bother the admin about it. If all files under
/etc are considered "configuration files", then perhaps a different
location is better.

Jilles Tjoelker

More information about the freebsd-security mailing list