Subject: Re: Updating /etc...
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
List: current-users
Date: 12/22/1995 07:25:07
>>> But you don't *want* to edit the whole startup process.
>> I _do_ want to edit the whole process at one point: when a new OS
>> arrives. They _always_ need sanitizing, often extensive.
> no they don't... the OSF/1 boxes that i run [...]
Er, my second sentence was a followup to the first, explaining why I
invariably wish to modify the boot process. _You_ may not want to; the
point is that I do.
Looking at the NetBSD etc/rc* "source", here are the things that I
would change, at least as a first pass:
- fsck -p gets a -f added.
- the silly removing of everything in /tmp goes away entirely.
- gated and named clauses get an additional "if" added to run
the local version if available.
- sendmail clause gets changed to run the local version.
- the junk that overwrites the first line of /etc/motd with
kern.version gets completely trashed.
- ldconfig gets additional arguments.
- daemons get added to rc.local.
This is for a "normal" diskful machine. For diskless, or for a diskful
machine running with root read-only, there's a _lot_ more that needs
doing. (I've done most of it, that's how I know.) (And yes, a diskful
machine with RO root is a reasonable thing to do; if the pack with the
boot area and most system binaries is physically RO, it's a _lot_
harder for a cracker to seriously corrupt the machine, even if sie
cracks root - it's a nearly perfect defense against trojan versions of
ps and du and df and such.)
Now, some of these are things that would be just adding or removing a
file under the /etc/init.d scheme. But at least four of the items I
listed above (fsck, gated/named, sendmail, ldconfig) would require
modifying (or replacing) an existing file.
> my NetBSD boxes have _no_ modifications to /etc/rc, from the base
> distribution.
And how much of that base distribution is the way it is because it's
your idea of good? (Okay, cheap shot.)
> I'd say that the majority of the people who use rc-style scripts
> don't modify the system-supplied contents much at all. they may add
> to them, they may tweak a few things, but at least 75% of the
> standard system-provided code remains unchanged. why _make_ them
> look at it, if all they want to do is add the a package that needs a
> startup script?
If that's all they want to do, they don't need to look at anything more
than the last few lines of /etc/rc.local...and they probably know it.
der Mouse
mouse@collatz.mcrcim.mcgill.edu