On Thu, Aug 30, 2012 at 12:11:44AM +0100, Roger Leigh wrote:
> > > [Russ Allbery]
> > >> All PAM modules are installed under /lib, because that's the path
> > >> used by libpam to load them. However, I don't think the vast
> > >> majority of PAM modules could be considered critical for early boot
> > >> or need to be usable without /usr mounted
> > > It seems pam already looks in both /lib/security and /lib/{triplet}/security.
> > > Why not add /usr/lib/{triplet}/security to the mix?
> > Imho moving pam modules around is just wasted (maintainer) time.
> > A much more sensible approach is to just lift the /-vs-/usr restriction.
> > The obvious way is to not use a separate /usr anymore or simply mount
> > /usr via the initramfs.
> > Wasn't there a patch for initramfs-tools floating around doing that?
> I started looking into it while doing the /run-in-initramfs stuff
> last year, but didn't get anything working at the time--initramfs-
> tools needs refactoring to remove the assumption that only one
> filesystem will be mounted, before we can mount /usr as well
> (and also maybe /etc).
Supporting /etc on a separate filesystem from / violates half a dozen
invariants that the Fedora design lets us retain. We should absolutely not
do this.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
Attachment:
signature.asc
Description: Digital signature