On Sun, May 29, 2011 at 12:25:18AM +0100, Roger Leigh wrote: > Hi, > > I have attached the full patch against current policy.git. This is > identical to the previous patches, with the addition of a single > sentence to the footnote: > > "Additionally, the subdirectory <file>/run/shm</file> is a replacement > for <file>/dev/shm</file>." > > This is to update the previous draft with the current set of mounts > on /run established by initscripts at boot time (/run, /run/lock and > /run/shm). I have put this sentence after the comment about the > FHS because TTBOMK this is not currently in the initial FHS proposal, > though I will bring it up on the FHS list as an optional feature (this > subdirectory has not yet been adopted more widely). If this addition > is not useful (it's not a top-level dir), I can remove it. Hello Cyril and Michael, Are you willing to resecond this as the final version ? > diff --git a/policy.sgml b/policy.sgml > index 7377752..c03f646 100644 > --- a/policy.sgml > +++ b/policy.sgml > @@ -6245,10 +6245,24 @@ install -m644 debian/shlibs.<var>package</var> debian/<var>package</var>/DEBIAN/ > <item> > <p> > The following directories in the root filesystem are > - additionally allowed: <file>/sys</file> and > - <file>/selinux</file>. <footnote>These directories > - are used as mount points to mount virtual filesystems > - to get access to kernel information.</footnote> > + additionally allowed: <file>/run</file>, > + <file>/sys</file> and <file>/selinux</file>. > + <footnote>The <file>/run</file> directory is a > + replacement for <file>/var/run</file>, and its > + subdirectory <file>/run/lock</file> is a replacement for > + <file>/var/lock</file>. These changes have been > + adopted by most distributions and have been proposed > + for inclusion in a future revision of the FHS. > + Additionally, the subdirectory <file>/run/shm</file> > + is a replacement for <file>/dev/shm</file>. Files > + and directories residing in <file>/run</file> should > + be stored on a temporary filesystem, the purpose of > + which is storage of ephemeral system state which > + should not be persistent across a reboot. > + The <file>/sys</file> and <file>/selinux</file> > + directories are used as mount points to mount > + virtual filesystems to get access to kernel > + information.</footnote> > </p> > </item> > <item> > @@ -6759,14 +6773,19 @@ test -f <var>program-executed-later-in-script</var> || exit 0 > </p> > > <p> > - <file>/var/run</file> and <file>/var/lock</file> may be mounted > - as temporary filesystems<footnote> > - For example, using the <tt>RAMRUN</tt> and <tt>RAMLOCK</tt> > - options in <file>/etc/default/rcS</file>. > - </footnote>, so the <file>init.d</file> scripts must handle this > - correctly. This will typically amount to creating any required > - subdirectories dynamically when the <file>init.d</file> script > - is run, rather than including them in the package and relying on > + <file>/var/run</file> and <file>/var/lock</file> should be > + symlinks to <file>/run</file> and <file>/run/lock</file>, > + respectively. This arrangement may also be satisfied > + through equivalent means, for example bind or nullfs > + mounts. Files and directories residing > + in <file>/run</file> should be stored on a temporary > + filesystem and not be persistent across a reboot, and > + hence the presence of files or directories in any of these > + directories is not guaranteed and <file>init.d</file> > + scripts must handle this correctly. This will typically > + amount to creating any required subdirectories dynamically > + when the <file>init.d</file> script is run, rather than > + including them in the package and relying on > <prgn>dpkg</prgn> to create them. > </p> > </sect1> Cheers, -- Bill. <ballombe@debian.org> Imagine a large red swirl here.
Attachment:
signature.asc
Description: Digital signature