Subject: Re: /etc/security issues
To: NetBSD Userlevel Technical Discussion List <tech-userlevel@netbsd.org>
From: Andrew Brown <atatat@atatdot.net>
List: tech-userlevel
Date: 05/04/2001 16:25:43
>> oh...that.  can you suggest as easy way to do that?
>
>Wll, I know exactly *how* to do it.  It's not necessarily "easy" no
>matter which way you look at it, though the concept is trivial to
>understand for anyone familiar with CVS vendor-branch support.  :-)

then it would be highly manual, not automatable, and whoever was
installing a machine that wanted to take advantage of it would have to
mindfully backup the fresh files before doing *any* customization.
which it's very possible unless it was wedged into sysinst.

>> please note that the rcs backups mechanism doesn't change the tags
>> from the released files, so you could just compare the file you've
>> currently got with the released file of the same number.
>
>Depending on the tags is silly and error prone, and besides it will not
>even work at all for files that cannot have comments (eg. /etc/master.passwd).

it gives me a baseline.  yes, for files that don't have a tag, it
doesn't help...much.

>> okay, so it's a bad example.  gimme a better one.  :P
>
>My canonical example has been when I've got two different web servers
>installed and running (on different ports, of course) but both use the
>same basename for their config file:  httpd.conf.

good.  that problem is solved.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."