Hi.
On 23.09.2015 18:32, Dag-Erling Smørgrav wrote:
"Eugene M. Zheganin" <[email protected]> writes:
I'm trying to understand why the sshd still starts after local daemons,
out-of-the-box, and what it takes to make this extremely vital service
to start before non-system (local) ones. I bet I'm not the first one to
ask, so why isn't this already done ? Seems quite easy for me.
"non-system (local)" services can also be extremely vital: quagga, for
instance.
In practice, it is probably fine to move sshd before LOGIN.
I have spoken with some local FreeBSD gurus and some of the FreeBSD
developers. There's two opinions on that:
- conservative one: no rcorder modification is required, however, LOGIN
target should be splitted in two, for maintaining a working
securitylevel feature, LOGIN1 and LOGIN2. And sshd should require
LOGIN1. And all the non-base services should require LOGIN2. And this
requires modification of all the ports, thus making this way unuseable.
- modern one: rcorder coding is required, to start base system services
befor the non-base. I have spoke with one of the pkgng authors, he's
able to help, but this requires some funding, because he's currently
working on pkg and cannot provide more resources on fee-free basis. So,
the question is, can we fund this from FreeBSD Foundation or some other
sources ? Reading this thread I understand that this question arises
quite often, and it seems like noone is willing to code on his own.
Eugene.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
