Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)

To: debian-devel@lists.debian.org
Subject: Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
From: Vincent Bernat <bernat@debian.org>
Date: Mon, 06 Apr 2009 00:00:08 +0200
Message-id: <[🔎] m3eiw6vk0n.fsf@neo.luffy.cx>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 873acman7n.fsf@windlord.stanford.edu> (Russ Allbery's message of "Sun, 05 Apr 2009 12:56:44 -0700")
References: <[🔎] 49D68269.40703@debian.org> <[🔎] 87hc151hsl.fsf@windlord.stanford.edu> <[🔎] 49D6986B.5090309@debian.org> <[🔎] 49D69B1E.2060605@debian.org> <[🔎] 87hc15tj07.fsf@windlord.stanford.edu> <[🔎] 49D69CC0.6070607@debian.org> <[🔎] 878wmhtie8.fsf@windlord.stanford.edu> <[🔎] 49D6A19F.3050107@debian.org> <[🔎] 874ox5nukz.fsf@windlord.stanford.edu> <[🔎] m3vdpjuzqm.fsf@neo.luffy.cx> <[🔎] 873acman7n.fsf@windlord.stanford.edu>

OoO En  ce début de soirée du  dimanche 05 avril 2009,  vers 21:56, Russ
Allbery <rra@debian.org> disait :

>> I don't  know for proftpd,  but a daemon  can use an empty  directory in
>> /var/run to chroot into it.

> Seems like a good use for /var/lib to me.  There's no reason that I can
> see  to put  such  a directory  on  a file  system  that's defined  as
> transient.

Both   /var/lib  and   /var/run  are   for  files,   not   really  empty
directories. It seems to be more usual to put an empty (or almost empty)
directory into  /var/run than into /var/lib.  Googling a bit,  I did not
find  any  rationale  behind  this.   It  seems  not  advisable  to  use
/var/empty (an hole in an  application could permit to share the exploit
with another for example).

This  is not  an  argument against  having  /var/run in  tmpfs, just  an
information about what  kind of daemon could be run  from inetd and need
something in /var/run.
-- 
I WILL NOT HANG DONUTS ON MY PERSON
I WILL NOT HANG DONUTS ON MY PERSON
I WILL NOT HANG DONUTS ON MY PERSON
-+- Bart Simpson on chalkboard in episode 2F13

Attachment: pgpTQAnOgGpYa.pgp
Description: PGP signature

Reply to:

References:
- Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Michael Biebl <biebl@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Russ Allbery <rra@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Michael Biebl <biebl@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Michael Biebl <biebl@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Russ Allbery <rra@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Michael Biebl <biebl@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Russ Allbery <rra@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Michael Biebl <biebl@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Russ Allbery <rra@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Vincent Bernat <bernat@debian.org>
- Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: New architectures
Next by Date: Re: New architectures
Previous by thread: Re: Why do we have to support tmpfs for /var/run (policy changes in 3.8.1)
Next by thread: Perhaps programs should create the subdirectories they use for their temporary files
Index(es):
- Date
- Thread