Subject: Re: /etc/security issues
To: NetBSD Userlevel Technical Discussion List <firstname.lastname@example.org>
From: Greg A. Woods <email@example.com>
Date: 05/03/2001 17:10:31
[ On Thursday, May 3, 2001 at 15:47:36 (-0400), Andrew Brown wrote: ]
> Subject: Re: /etc/security issues
> >> the current /etc/security (along with the current /etc/rc.subr and the
> >> current /etc/defaults/security.conf) already has a mechanism for doign
> >> rcs based file backups.
> >It is useless from the point of view of using the result to help
> >facilitate upgrades. Branches must be used so that changes between
> >released versions can be tracked.
> it's not on a branch yet. it will eventually be on the 1.6 branch
> when that happens. i don't think it will show up on the 1.5 branch.
I'm not talking about OS release branches. I'm talking about checking
in release versions of the files listed in /etc/changelist onto a branch
and local changes onto the trunk (or vice versa) so that changes between
releases can be detected and thus so that an automated merge tool that
works very reliably can be built. Think of it as sort of like
vendor-branch support in CVS, but without using CVS! :-)
> any sysadmin is free to add files to rc.d and as such, they may wish
> to track changes to those scripts. alternately, any sysadmin can also
> add files to changelist if they feel like it, and as such, must not be
> forced to lose if files they add have the same basename as other files
> listed in the changelist.
That's more or less exactly what I said -- I just meant that /etc/rc.d/*
files should NOT be in the distributed version of /etc/changelist, so
therefore they are bad examples to use in this discussion! ;-)
Greg A. Woods
+1 416 218-0098 VE3TCP <firstname.lastname@example.org> <email@example.com>
Planix, Inc. <firstname.lastname@example.org>; Secrets of the Weird <email@example.com>