[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:
> Hi there!
> On Tue, 12 Apr 2011 13:38:03 +0200, Roger Leigh wrote:
> > Josh Triplett suggested that we could use a single tmpfs on /run and
> > have the rest as symlinks into /run, with potentially a separate
> > tmpfs for user-writable filesystems to prevent a user DoS.  This idea
> > does have merit, and we could make it the default.  We currently do
> > this for /var/lock (/run/lock), which can be mounted as a separate
> > tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.
> Do you mean that the meaning of RAMLOCK has completely changed?
> Currently, `man rcS` gives:
> 		Make /var/lock/ available as a ram file system (tmpfs).
> 		Will also  disable cleaning of /var/lock/  during boot.
> 		Set to 'yes'  to enable, to 'no' to  disable.  The size
> 		of  the tmpfs  can be  controlled using  TMPFS_SIZE and
> 		LOCK_SIZE  in  /etc/default/tmpfs.   Because  of  this,
> 		packages  can not  expect directories  in /var/lock  to
> 		exist after  boot.  Packages  expecting this  are buggy
> 		and need to be fixed.
> I consider completely changing it a serious bug, may I suggest
> deprecating it completely and adding a new variable instead?  I guess
> the same should be applied to RAMRUN, i.e. simply deprecate it.

With the patch as it stands at present, RAMRUN is deprecated.  /run
is always a tmpfs; RUN_SIZE will set its size, as before.

RAMLOCK is unchanged, except for the fact that it's mounted on
/run/lock rather than /var/lock.  Likewise, LOCK_SIZE is unchanged
in its meaning.

We could introduce new variables for /run such as RUNLOCK, but given
that it does exactly what it used to do, I don't think it gains us


  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.

Attachment: signature.asc
Description: Digital signature

Reply to: