Howard Chu wrote:
What does openldap do on those systems when using back-config? Do you have a symlink from /etc/openldap/config to /var/whatever, so that people looking for some config can find it?Date: Fri, 09 Feb 2007 08:15:11 -0700> From: Richard Megginson <rmeggins@xxxxxxxxxx>Andrew Bartlett wrote:> On Thu, 2007-02-08 at 20:23 -0800, Pete Rowley wrote:> The debian folks (who take FHS seriously) won't buy that. The real testDoes Debian forbid cfengine? webmin? If you do need to occasionally edit a config file, do you have to change the permissions on /etc to read-write, then change it back?> is the ability to have a read only /etc. This sounds like a /var/lib > thing. > > Before you get into pain over this, I suggest finding a FHS expert.>For a lot of secure installs, yes, this is what's done.
> Note that even files such as/etc/fstab can be dynamic as devices/filesystems are dynamically mounted/unmounted.Actually fstab is just a static file. You might be thinking of mtab. Some of these things just get symlinked to /var/run which is writable.
No, on my system /etc/fstab is dynamically updated - so is /etc/mtab.I guess what I'm trying to determine is - who can definitively answer this question?
However, if /etc really is sometimes mounted read-only, then there are a couple of options: 1) Always put our config files under /var/lib/fedora-ds/slapd-instance, and just create a symlink /etc/fedora-ds/slapd-instance that points to /var/lib/fedora-ds/slapd-instance 2) Have the location be distro specific e.g. debian and derived packages will use /var/lib, fedora derived packages will use /etc
At any rate, it should be a configure option.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
