getting the running patch level
jilles at stack.nl
Sun Aug 19 12:33:15 UTC 2012
On Sat, Aug 11, 2012 at 09:05:44PM +0200, Dag-Erling Smørgrav wrote:
> "Simon L. B. Nielsen" <simon at FreeBSD.org> writes:
> > This has been discussed a number of time, but there are no nice and
> > simple solution.
> There is a simple solution that, while not bulletproof, would work well
> enough in most cases: have 'make installworld' create /etc/issue, which
> would look like this:
> FreeBSD 9.0-RELEASE-p4 amd64/amd64
I think the idea of having 'make installworld' create something is good,
but we should not hard-code policy by writing the information into a
file that may be shown to unauthenticated users (such as by getty).
A new file with a name=value format somewhat like /etc/lsb-release on
Linux seems more appropriate. If the admin wants /etc/issue,
/etc/rc.d/motd can create it.
The new file is not a configuration file and tools like mergemaster and
freebsd-update must not bother the admin about it. If all files under
/etc are considered "configuration files", then perhaps a different
location is better.
More information about the freebsd-security