[ NB: I read the list. Don't CC replies to me. I pay for my PPP. Thanks ] Steve Greenland: > Maybe some sort of config file is needed here? '/etc/checksecurity.conf'? This might be an appropriate time to start thinking again about /etc/default (under whatever name). If I remember correctly, someone told us that one of the commercial vendors (or SVR4?) has a directory /etc/default, with shell scripts that set certain variables. This is used for configuration. When a program (script) needs the configuration, it sources the script. One of the benefits is that there's a lot of potential small configuration files like this, and it could be a bit neater to put them into the same directory. Examples: /etc/init.d/boot - is hardware clock GMT or local time? - should /etc/motd be updated automatically? httpd: what's the document directory? (if you don't want /home/httpd-data) /etc/init.d/console: name of font and keymap /etc/init.d/network: network configuration The point is that it is often easier to have the configuration and the script using it separate -- you can replace the script, but you don't have to make the user edit the new script to have the old configuration data. However, each script should have some sensible builtin defaults: if test -f /etc/default/checksecurity then . /etc/default/checksecurity else FS_DENY='nfs afs' DIR_DENY='' ... fi At least on my system, /etc/default already exists, and has the file /etc/default/console in it.
Attachment:
pgpEIhkmt1oqU.pgp
Description: PGP signature