[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: postinstall wiped out my /etc/rc changes
On Fri, 2 May 2008 11:48:58 -0400
"Greg A. Woods; Planix, Inc." <woods%planix.ca@localhost> wrote:
> On 2-May-08, at 11:37 AM, Steven M. Bellovin wrote:
> > I think it's more complex than that. It isn't obvious -- at least
> > not to me -- which files in /etc are "owned" by the system (and
> > hence are fair game for auto-replacement), and which are owned by
> > the administrator. (I raised similar questions a few months ago
> > about the power management scripts.) We need a clear, clean way to
> > make that distinction, and to make it obvious to the community.
> I've modified the build for my systems such that any and all scripts
> and script fragments in /etc, including especially /etc/rc.d/* are
> considered to be owned by the system, _unless_ they have a name
> matching *.local (and I added /etc/*.local hooks where necessary).
> The primary reason I did that was I had a fair swath of changes
> throughout them all and I was very tired of making the same changes
> on many machines so a very long time ago I decided the authoritative
> version would be the one in my source tree and the preferred method
> for distributing the changes would be installs and upgrades.
> All other configuration or data files (/etc/services, etc., as well
> as all *.conf of course) are considered to be owned by the system
> they live on and they are merged with new changes from the source
> tree (via installs and upgrades) with etcupdate if necessary.
I think that that's a very reasonable approach. (I assume, of course,
that you also special-case passwd and group and all their variants.)
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Main Index |
Thread Index |