Re: net-tools future
On Fri, Mar 20, 2009 at 12:14:53PM +0100, Marco d'Itri wrote:
> On Mar 20, Adam Borowski <kilobyte@angband.pl> wrote:
> > trouble for embedded or limited ones. I don't do embedded personally so I
> > have no idea how udev fares there, but I can tell you that vservers and udev
> > don't go well together. Udev expects a real system where there's none and
> > then gets confused -- vserver is hardly more than a glorified chroot, nearly
> > identical to BSD jails. You want every container to be small and simple.
> This is why you install udev in the host system and bind-mount its /dev
> to the /dev of each context.
Definitely wrong.
Only a tiny sliver of devices are accessible from inside a context, and
making others accessible would be bad. Even root can't create forbidden
devices from inside...
> vserver and openvz are not relevant for the purpose of this discussion.
They have their specific needs, and the last time I checked, udev couldn't
fulfill them. You need just /dev/{null,zero,full,random,urandom,tty,ptmx}
and the links to /proc/. More may be needed, but that depends on the
context's capabilities rather than on modules being present. A vserver may
have /dev/kqemu, /dev/fuse, /dev/net/tun, ...
> On Mar 20, Mike Bird <mgb-debian@yosemite.net> wrote:
>
> > > popcon shows that the number is trivial. Definitely not "many".
> > Perhaps sysadmins that go to the effort of removing udev from
> > some systems are less likely to install popcon on those systems?
> And surely lurkers agree with you in personal emails...
If you insist on popcon being installed on such systems, I may arrange a
bunch. I'm not sure if Debian would be well-served by a slew popcon
submissions of: (minimal+bind), (minimal+apache+mod_perl), (minimal+...),
though.
Rawr?!?
--
1KB // Microsoft corollary to Hanlon's razor:
// Never attribute to stupidity what can be
// adequately explained by malice.
Reply to: