Deorbit the use of security/sudo on the master due to new security

requirements. The text still needs some back-fill; this is WIP.
svn path=/head/; revision=40811
2013-01-30 08:11:09 +00:00 · 2013-01-30 08:11:09 +00:00 · d60eee1484 · 2020-12-08 03:00:23 +00:00
commit d60eee1484
parent eb033565da
1 changed files with 13 additions and 12 deletions
--- a/en_US.ISO8859-1/articles/portbuild/article.xml
+++ b/en_US.ISO8859-1/articles/portbuild/article.xml
@ -1836,7 +1836,6 @@ touch /tmp/.boot_finished</programlisting>
 		<filename>usr/local/etc/sudoers/sudoers.d/portbuild</filename>:</para>

 	      <programlisting># local changes for package building
-%wheel        ALL=(ALL) ALL
 portbuild     ALL=(ALL) NOPASSWD: ALL</programlisting>
 	    </listitem>
 	  </itemizedlist>
@ -2272,13 +2271,13 @@ zfs destroy -r a/snap/src-<replaceable>old-branch</replaceable></screen>
      <title>Steps necessary before <application>qmanager</application> is started</title>

      <note>
-	<para>The initial steps need to be done using
-	  <application>sudo</application>.</para>
+	<para>The initial steps need to be done as
+	  <literal>root</literal>.</para>
      </note>

      <itemizedlist>
 	<listitem>
-	  <para>Create a new
+	  <para>If it has not already been done, create the
 	    <literal>portbuild</literal>
 	    user and group.</para>
 	</listitem>
@ -2397,7 +2396,7 @@ zfs destroy -r a/snap/src-<replaceable>old-branch</replaceable></screen>
      </itemizedlist>

      <note>
-	<para>Once again using <application>sudo</application>:</para>
+	<para>Once again as <literal>root</literal>:</para>
      </note>

      <itemizedlist>
@ -2413,14 +2412,10 @@ zfs destroy -r a/snap/src-<replaceable>old-branch</replaceable></screen>
 	</listitem>
      </itemizedlist>

-      <note>
-	<para>One last time using <application>sudo</application>:</para>
-      </note>
-
      <itemizedlist>
 	<listitem>
 	  <para>Add an appropriate <replaceable>arch</replaceable> entry for
-	    <filename>/var/portbuild/scripts/dologs</filename> to the root
+	    <filename>/var/portbuild/scripts/dologs</filename> to the portbuild
 	    <filename>crontab</filename>.  (This is a hack and should go away.)</para>
 	</listitem>
      </itemizedlist>
@ -2430,7 +2425,7 @@ zfs destroy -r a/snap/src-<replaceable>old-branch</replaceable></screen>
      <title>Steps necessary after <application>qmanager</application> is started</title>

      <note>
-	<para>Again using <application>sudo</application>:</para>
+	<para>Again as <literal>root</literal>:</para>
      </note>

      <itemizedlist>
@ -2598,11 +2593,17 @@ net/isc-dhcp41-server
 ports-mgmt/pkg
 ports-mgmt/portaudit
 ports-mgmt/portmaster
-security/sudo
 shells/bash
 shells/zsh
 sysutils/screen</programlisting>

+	  <note>
+	    <para>The use of <application>sudo</application> on the master,
+	      which was formerly required, is
+	      <emphasis>no longer recommended</emphasis>.
+	    </para>
+	  </note>
+
 	  <para>The following ports (or their latest successors) are handy:</para>

 	  <programlisting>benchmarks/bonnie++