On Fri, 2007-02-09 at 12:40 -0600, Dennis Gilmore wrote: > On Friday 09 February 2007 11:37, Richard Megginson wrote: > > Howard Chu wrote: > > >> Date: Fri, 09 Feb 2007 08:15:11 -0700 > > >> > > > > From: Richard Megginson <rmeggins@xxxxxxxxxx> > > >> > > >> Andrew Bartlett wrote: > > >>> > On Thu, 2007-02-08 at 20:23 -0800, Pete Rowley wrote: > > >>> > > > >>> > The debian folks (who take FHS seriously) won't buy that. The > > >>> > > >>> real test > > >>> > > >>> > is the ability to have a read only /etc. This sounds like a /var/lib > > >>> > thing. > > > >>> > Before you get into pain over this, I suggest finding a FHS expert. > > >> > > >> Does Debian forbid cfengine? webmin? If you do need to occasionally > > >> edit a config file, do you have to change the permissions on /etc to > > >> read-write, then change it back? > > > > > > For a lot of secure installs, yes, this is what's done. > > > > What does openldap do on those systems when using back-config? Do you > > have a symlink from /etc/openldap/config to /var/whatever, so that > > people looking for some config can find it? > > > > > > Note that even files such as > > >> > > >> /etc/fstab can be dynamic as devices/filesystems are dynamically > > >> mounted/unmounted. > > > > > > Actually fstab is just a static file. You might be thinking of mtab. > > > Some of these things just get symlinked to /var/run which is writable. > > > > No, on my system /etc/fstab is dynamically updated - so is /etc/mtab. > hal dynamically adjusts fstab now when you hot plug devices that can be > mounted. This is changing. Later systems (like FC5) don't change the fstab any more. > > I guess what I'm trying to determine is - who can definitively answer > > this question? > > > > However, if /etc really is sometimes mounted read-only, then there are a > > couple of options: > 1) your on crack > 2) you are on some embeded something funky and most of your filesystem is read > only you need to create funky symlinks. openwrt comes to mind. and you > know how to deal with it . It's more than that. NFS root systems are typically like this too, when setup using the 'stateless Linux' toolchain. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com
Attachment:
signature.asc
Description: This is a digitally signed message part
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
