Hi Colin and Paul,

>> Forcing a user (in particular if (s)he is new to netbsd) to fiddle
>> with files while in single user mode, without giving any instructions
>> on what to do, is ridiculous. Even the above is incorrect, since it does
>> not include the necessary "fsck -p" (which no doubt will fail too for
>> a lot of people for yet another confusing reason).
>
>Actually, there are some (admittedly brief at the moment) instructions
>regarding setting this up in the latest INSTALL document, although I
>should probably work on this a bit before the 1.3 release.
>Why should the "fsck -p" fail?  Why give a "-p" in this case, anyway?  You
>should be in single-user at this point in all likelihood, go ahead and
>perform a full check and clean up any problems.

I don't have problems with my installation at the moment, but I do foresee
problems with this setup, An "fsck -p" should always be done at boot time
so that all filesystems being mounted automagically are checked. Due to
the installer being unable to unlink, this does not work if one installs
over an older snapshot (the march '97 one or so), since fsck_ffs is no
longer the same as fsck. Several people, including myself, have experienced
this, and nobody seemed to understand what was wrong.
(Colin, your 1.3 install notes were very revealing here! Thanks)

>> IIRC, "RC_CONFIGURED" was introduced to increase security, i.e. to avoid
>> letting the machine boot in multi-user in an insecure setup. The advice
>> given above means "forget it, be as insecure as it used to be". I'm aware
>> that this is NetBSD, not OpenBSD (which is sooo much more secure :-), but
>> we nevertheless should care about security sufficiently.
>
>I believe this is true, but it also serves as a note to new users that
>there is at least 1 file that they need to look at right away.  Otherwise,
>some people might not take note of it.  This way, you have to look at
>/etc/rc.conf in order to have a useful system.

Exactly, but they should not be forced to do this in single user mode, with
a number of actions to be performed first. For example, new users without
much unix experinence quite likely will not understand why they can not save
their edited rc.conf while (what they are not aware of) having / mounted
read-only. That's why it's in the FAQ, I guess ;-)
>
>> An improvement might be:
>> * with RC_CONFIGURED == YES, boot the usual way;
>> * otherwise, boot with a minimal configuration, in particular without any
>>   network setup, and print a nice warning like "/etc/rc.conf is not yet
>>   configured. Edit this file to enable the functions you want. See
>>   man rc.conf(8) for more information". (it should be 8, shouldn't it?)
>
>This error message might be a bit more helpful than the current one... :-)

Not only that. The point is that boot proceeds until the system is in multi
user mode, where the filesystems are clean, mounted rw, etc. That will make
it much easier to realize a proper setup.

Btw, the line above of course should be:
"Edit this file to enable the functions you want and reboot your machine."
                                                ^^^^^^^^^^^^^^^^^^^^^^^^
>I'll forward this to current-users...

Thanks.

          Nico

--
  Dr. N.J.R. van Eikema Hommes     Computer-Chemie-Centrum
  hommes@ccc.uni-erlangen.de       Universitaet Erlangen-Nuernberg
  Phone:    +49-(0)9131-856532     Naegelsbachstr. 25
  FAX:      +49-(0)9131-856566     D-91052 Erlangen, Germany