[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /usr vs. root was: /etc /usr/etc

On Sat, 5 Jul 1997, Vincent Renardias wrote:

> On Sat, 5 Jul 1997, Vadim Vygonets wrote:
> > On Sat, 5 Jul 1997, Vincent Renardias wrote:
> > 
> > > > I just checked and my /etc takes about 2MB. Is that 1MB you want to
> > > > move to /usr and therefore make root partition smaller we are talking
> > > > about???
> > > 
> > > $ du -sk /etc
> > > 1226    /etc
> > > 
> > > => only 1.2 MB on my machine (which also happen to be nfs/appletalk/samba
> > > server + ISDN gateway)
> > > 
> > > (As comparison, /lib contains 5.7 MB, /bin contains 4 MB, ...)
> > 
> > /lib and /bin can't be reduced.  Ok, let's put it like this.  Things
> > that belong to root partition are programs, conffiles, libraries etc
> > that must be machine-local (hostname, passwd, exports, XF86Config), or
> > are essential at boot time (init, /etc/init.d, libs, /bin/{u,}mount),
> > or are essential for maintainance, when you boot in single-user mode,
> > before you mount /usr (shells, /bin/ls, /bin/ed, and, actually,
> > everything you may fine in /bin...  Huh, what does vlock do there?).
> > Things that belong to /usr partition are programs, conffiles, libs etc
> > which are site-wide and not essential for boot or maintainance.
> This is only a minor problem. More important is that your suggestion
> relies on either:
> 1/ a 'yet to be written' librarie function.

Is it hard to write it?  Let's see:

#include <sys/param.h>
#include <stdio.h>
#include <string.h>

FILE *confopen(const char *path)
	static char file[MAXPATHLEN];
	const char *fn;
	FILE *f;

	if((fn = strrchr(path, '/')) == NULL) {
		fn = path;
	} else {
	strcpy(file, "/etc/");
	strcat(file, fn);
	if((f = fopen(file, "r")) != NULL)
		return f;
	strcpy(file, "/usr/etc");
	strcat(file, fn);
	return fopen(file, "r");

A little ugly and not optimized enough, but compiled cleanly.

> or
> 2/ a still unofficial kernel patch.

No.  That's not the choise.

> Not to mention the security implications of such a setup. Can you guaranty
> that such a setup does not open security problems?

Can you guarrantee that when you mount /usr from remote machine, it's
secure and nobody put there a setuid root Bourne shell, which he can
exploit later and crack into your machine?  Remote conffiles is a
thing that exists in Unix for many years.  The function above doesn't
make this approach less secure.

> IMHO, this thread is off-topic on the Debian mailing-list and should be
> redirected on the FHS-discuss mailing list.

Maybe.  But Debian people have their own brain, and we are here tp
make Debian better.  So I personally will contribute my ideas, code
and time, and I hope the poeple here will appreciate it, as I
appreciate their contribution, and I will get some understanding.
Sometimes FSSTND's solutions are dirty.


Vadim Vygonets * vadik@cs.huji.ac.il * vadik@debian.org * Unix admin
The fish doesn't think, because the fish knows...  everything.
	-- Arizona Dream

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: