Date: Fri, 09 Feb 2007 08:15:11 -0700
> From: Richard Megginson <rmeggins@xxxxxxxxxx>
Andrew Bartlett wrote:
> On Thu, 2007-02-08 at 20:23 -0800, Pete Rowley wrote:
> The debian folks (who take FHS seriously) won't buy that. The real test
> is the ability to have a read only /etc. This sounds like a /var/lib
> thing.
>
> Before you get into pain over this, I suggest finding a FHS expert.
>
Does Debian forbid cfengine? webmin? If you do need to occasionally
edit a config file, do you have to change the permissions on /etc to
read-write, then change it back?
For a lot of secure installs, yes, this is what's done.
> Note that even files such as
/etc/fstab can be dynamic as devices/filesystems are dynamically
mounted/unmounted.
Actually fstab is just a static file. You might be thinking of mtab. Some of
these things just get symlinked to /var/run which is writable.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
Chief Architect, OpenLDAP http://www.openldap.org/project/
--
Fedora-directory-devel mailing list
Fedora-directory-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
