Re: bin/59990: /etc/security: first run mails megabytes of output

[Taylor R Campbell <riastradh%NetBSD.org@localhost>]

> Date: Sun, 15 Feb 2026 14:55:28 +0300
> From: Valery Ushakov <uwe%stderr.spb.ru@localhost>
> 
> On Sat, Feb 14, 2026 at 08:25:02 +0000, Martin Husemann via gnats wrote:
> 
> >  This doesn't help typical image installs (often used for virtual
> >  machines), where we just resize the filesystem and continue running
> >  the install medium.
> 
> But we can just prepopulate /var/backups on such images when creating
> them.

We could try that, but it's not easy.

We'd have to either duplicate all the logic in /etc/security or factor
it out into a common place, and make it operate relative to a destdir.
And we'd have to model the listing of devices and suid/sgid files via
mtree(8) -- and find some way to model the disklabels and MBRs too
(and GPTs if we did that).

So perhaps a simpler approach -- and what I'm trying right now for the
present purpose -- is an rc script that just does:

	# Make sure /etc/security has saved a backup of everything.
	if ! [ -s /var/backups/etc/master.passwd.current ]; then
		/etc/security >/dev/null
	fi

(master.passwd is the one file that is unconditionally always backed
up, hard-coded in /etc/security.)