From d60eee1484c599a8a82e222daa3914c895a44d94 Mon Sep 17 00:00:00 2001 From: Mark Linimon Date: Wed, 30 Jan 2013 08:11:09 +0000 Subject: [PATCH] Deorbit the use of security/sudo on the master due to new security requirements. The text still needs some back-fill; this is WIP. --- .../articles/portbuild/article.xml | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/en_US.ISO8859-1/articles/portbuild/article.xml b/en_US.ISO8859-1/articles/portbuild/article.xml index 07117e1912..1a5d36489f 100644 --- a/en_US.ISO8859-1/articles/portbuild/article.xml +++ b/en_US.ISO8859-1/articles/portbuild/article.xml @@ -1836,7 +1836,6 @@ touch /tmp/.boot_finished usr/local/etc/sudoers/sudoers.d/portbuild: # local changes for package building -%wheel ALL=(ALL) ALL portbuild ALL=(ALL) NOPASSWD: ALL @@ -2272,13 +2271,13 @@ zfs destroy -r a/snap/src-old-branch Steps necessary before <application>qmanager</application> is started - The initial steps need to be done using - sudo. + The initial steps need to be done as + root. - Create a new + If it has not already been done, create the portbuild user and group. @@ -2397,7 +2396,7 @@ zfs destroy -r a/snap/src-old-branch - Once again using sudo: + Once again as root: @@ -2413,14 +2412,10 @@ zfs destroy -r a/snap/src-old-branch - - One last time using sudo: - - Add an appropriate arch entry for - /var/portbuild/scripts/dologs to the root + /var/portbuild/scripts/dologs to the portbuild crontab. (This is a hack and should go away.) @@ -2430,7 +2425,7 @@ zfs destroy -r a/snap/src-old-branch Steps necessary after <application>qmanager</application> is started - Again using sudo: + Again as root: @@ -2598,11 +2593,17 @@ net/isc-dhcp41-server ports-mgmt/pkg ports-mgmt/portaudit ports-mgmt/portmaster -security/sudo shells/bash shells/zsh sysutils/screen + + The use of sudo on the master, + which was formerly required, is + no longer recommended. + + + The following ports (or their latest successors) are handy: benchmarks/bonnie++