Re: ifupdown writes to /etc... a bug?
Russell Coker <firstname.lastname@example.org> writes:
> On Fri, 28 Mar 2003 01:29, Goswin Brederlow wrote:
> > > smpasswd is more like /etc/passwd.
> > >
> > > It could perhaps be argued that maybe it should go under /var/lib.
> Same goes for /etc/passwd.
> > > In any case, smbpasswd isn't a requirement for using a samba server,
> > > I believe you can use network based authentication...
> True, but we want full functionality.
Want but not require. As long as nothing breaks too much thats fine. I
can live with a static passwd on a router for example. Shouldn't realy
have user accounts and i don't want someone who gained root hange the
If there is some documentation what gets restricted and how one can
circumvent that (e.g. create /mem fs and link /etc/mtab there) that
would be a great help already.
Then when more people use it ideas will come up on how to fix the
remaining things that anoy but don't break the system.
> > > Why does hotplug need to be changed?
> > Does that handle network cards and thus needs to write /etc/resolv.conf?
> If it does then my SE policy for it is incomplete. I have not seen it touch
> /etc/resolv.conf. It writes to /etc/nohotplug at least.
What does that do? Same as /etc/nologin?
> > > /etc/ntp.drift and/or /etc/adjtime might be a problem, I gather not only
> > > to they need to be writable at boot time, but the state needs to be
> > > preserved across boots.
> > A ntpd without network is pretty useless and as soon as network is
> > setup all filesystems can be mounted before ntpd is run. Also a
> I agree. /var is a good place for ntp.drift. adjtime is another issue
> however, don't we want to read that before starting daemons in the case of a
> machine that has been powered down for a while?
/etc/adjtime is used by hwclock upon boot and nothing else (during
/etc/rcS.d/S18hwclockfirst.sh specifically does no write access to /etc
and doesn't use adjtime. If it did it runs after S10checkroot.sh which
would mount /mem.
/etc/rcS.d/S50hwclock.sh uses /etc/adjtime but thats way after all
filesystems have been mounted.
I don't think /etc/adjtime is a problem. hwclock and adjtimex should
be checked that they work with a syxmlink for /etc/adjtime or patched
to use /var directly.
PS: even with a RO / I never had problems with /etc/ajdtime. If it
can't be written the system can drift a little. No big problem, it
does anyway even with a correct /etc/adjtime.