Re: cvs commit: src/etc/rc.d Makefile auditd

To: Doug Barton <dougb@xxxxxxxxxxx>
Subject: Re: cvs commit: src/etc/rc.d Makefile auditd
From: Brooks Davis <brooks@xxxxxxxxxxxxxxxxxx>
Date: Thu, 2 Feb 2006 16:36:34 -0800
Cc: cvs-src@xxxxxxxxxxx, src-committers@xxxxxxxxxxx, Robert Watson <rwatson@xxxxxxxxxxx>, cvs-all@xxxxxxxxxxx, trhodes@xxxxxxxxxxx
Delivered-to: cvs-src@xxxxxxxxxxx
In-reply-to: <43E2A089.7020202@xxxxxxxxxxx>
List-archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-post: <mailto:cvs-src@freebsd.org>
List-subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>, <mailto:cvs-src-request@freebsd.org?subject=subscribe>
List-unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>, <mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
References: <200602021002.k12A2u0u067172@xxxxxxxxxxxxxxxxxxx> <43E2A089.7020202@xxxxxxxxxxx>
User-agent: Mutt/1.4.1i

On Thu, Feb 02, 2006 at 04:15:05PM -0800, Doug Barton wrote:
> Robert Watson wrote:
> > rwatson     2006-02-02 10:02:56 UTC
> > 
> >   FreeBSD src repository
> > 
> >   Modified files:
> >     etc/rc.d             Makefile 
> >   Added files:
> >     etc/rc.d             auditd 
> >   Log:
> >   Add auditd rc.d script.
> >   
> >   Submitted by:   trhodes
> >   Obtained from:  TrustedBSD Project
> >   
> >   Revision  Changes    Path
> >   1.64      +1 -1      src/etc/rc.d/Makefile
> >   1.1       +34 -0     src/etc/rc.d/auditd (new)
> > 
> > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/Makefile.diff?&r1=1.63&r2=1.64&f=h
> > http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.d/auditd
> 
> I have a couple concerns about this. First the more general, I'm not sure
> that /etc/security is a reasonable place for your config files. That's a
> very general name, and the audit stuff is a very specific project. That
> said, I'm not sure that we need yet another directory under /etc, but I'm
> curious about what others think about this issue.
> 
> My more specific concern is about some aspects of the rc.d script. First,
> it's not clear why you need BEFORE:  DAEMON, generally services like this
> would REQUIRE: DAEMON instead. Is there a good reason that this has to start
> earlier than that? It's also generally a bad thing to use BEFORE when it's
> not absolutely necessary. Is there something else that could REQUIRE auditd
> that would get you the same or similar ordering? Next, I'm pretty sure you
> don't need the test for the pid file in auditd_stop, rc.subr should handle
> that for you. Please test that, and if it doesn't work properly let
> freebsd-rc@ know about it. You should probably also add the shutdown KEYWORD
> so that this gets killed off properly on system shutdown. Finally, I'm
> pretty sure that command_args="${auditd_flags}" is not needed. If you find
> that it is, that's worth mentioning on freebsd-rc@ as well.

In this case, I believe the placement of the script is correct.  auditd
is on the order of syslog.  If you're going to run it, you want it early
so you know what your daemons did.

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

Attachment: pgpxhb4dlJdeq.pgp
Description: PGP signature

Follow-Ups:
- Re: cvs commit: src/etc/rc.d Makefile auditd
  - From: Doug Barton

References:
- cvs commit: src/etc/rc.d Makefile auditd
  - From: Robert Watson
- Re: cvs commit: src/etc/rc.d Makefile auditd
  - From: Doug Barton

Prev by Date: cvs commit: src/sys/conf files
Next by Date: Re: cvs commit: src/etc/rc.d Makefile auditd
Previous by thread: Re: cvs commit: src/etc/rc.d Makefile auditd
Next by thread: Re: cvs commit: src/etc/rc.d Makefile auditd
Index(es):
- Date
- Thread