From: Kirill A. Korinsky <kirill@korins.ky>
Subject: Re: changlist: add apmd(8) hooks
To: Klemens Nanni <kn@openbsd.org>
Cc: tech@openbsd.org, Tobias Heider <tobhe@openbsd.org>
Date: Sat, 24 May 2025 11:58:32 +0200

On Sat, 24 May 2025 05:15:24 +0200,
Klemens Nanni <kn@openbsd.org> wrote:
> 
> 27.04.2023 14:16, Klemens Nanni пишет:
> > On Thu, Apr 27, 2023 at 10:53:03AM +0000, Klemens Nanni wrote:
> >> Would be nice to record changes to critical scripts run on state changes
> >> and have modifications recorded through security(8).
> >>
> >> Feedback? Objection? OK?
> > 
> > This gets ugly if you use binary files instead of scripts, so we'd either
> > want their hashes or not handle them at all.
> 
> Still in my tree, now there's /etc/apm/warnlow, too.
> 
> These run as root and need no further config, so placing new files in /etc/apm/
> is all you need;  better track changes.
> 
> Feedback? OK?
>

Are you sure that + here is worth it?

> Index: changelist
> ===================================================================
> RCS file: /cvs/src/etc/changelist,v
> diff -u -p -r1.141 changelist
> --- changelist	13 Apr 2025 20:04:02 -0000	1.141
> +++ changelist	22 May 2025 05:48:40 -0000
> @@ -11,6 +11,13 @@
>  /etc/acme-client.conf
>  /etc/adduser.conf
>  /etc/adduser.message
> ++/etc/apm/hibernate
> ++/etc/apm/powerdown
> ++/etc/apm/powerup
> ++/etc/apm/resume
> ++/etc/apm/standby
> ++/etc/apm/suspend
> ++/etc/apm/warnlow
>  /etc/bgpd.conf
>  /etc/boot.conf
>  /etc/bootparams
> 
> 
> 

-- 
wbr, Kirill