[OpenAFS] Re: Proposed changes for server log rotation
Chas Williams (CONTRACTOR)
chas@cmf.nrl.navy.mil
Sun, 05 Dec 2010 19:27:58 -0500
In message <20101205153716.d3fc0661.adeason@sinenomine.net>,Andrew Deason writes:
>On Sun, 05 Dec 2010 10:05:20 -0500
>"Chas Williams (CONTRACTOR)" <chas@cmf.nrl.navy.mil> wrote:
>
>> >Perhaps we should ship with it disabled by default?
>>
>> probably. especially since this is one of those lesser known features.
>> i.e. it should be opt in, not "oh yeah, and you get this for free by
>> installing".
>
>We only just agreed to turn on by default the configure flag that lets
>you turn on restricted mode at all, for 1.6. I'd hope we'd wait another
>stable release cycle or two before making it the default (maybe 2.0?).
i doubt many people use this 'feature' of afs given all the comments i
have seen so far. reversing the default mode for this feature isnt
likely to affect many people. anyone it does bother would understand
how to reverse it (assuming you mention it in the release notes --
i sort of doubt the release notes mention afs installing a backdoor
by default unless you turn it off during the install).
in disabled mode, you could make bos getlog return a message about
this feature being disabled and you need to enable it. probably
not possible for bos exec though. i dont think it returned output.
even if getlog is enabled, should it be able to read *any* file on
the system?