On Wed, Nov 16 2016, Steve Dickson wrote: > On 11/14/2016 02:05 AM, NeilBrown wrote: >> rpcbind can save state in a file to allow restart without forgetting >> about running services. >> >> The default location is currently "/tmp" which is >> not ideal for system files. It is particularly unpleasant >> to put simple files there rather than creating a directory >> to contain them. >> >> On a modern Linux system it is preferable to use /run, and there it is >> even more consistent with practice to use a subdirectory. >> >> This directory needs to be create one each boot, and while there are >> tools (e.g. systemd-tmpfiles) which can do that it is cleaner to keep >> rpcbind self-contained and have it create the directory. >> >> So change the default location to /tmp/rpcbind, and create that >> directory. If a different user-id is used, we need to create >> and chown the directory before dropping privileges. We do this >> with care so avoid chowning the wrong thing by mistake. >> >> Signed-off-by: NeilBrown <neilb@xxxxxxxx> >> --- >> >> hi, >> I realized that I hadn't allowed for the fact that rpcbind changes >> it's uid, and we need to mkdir and chown before that. >> I've also reverted the move to /run, but moved to /tmp/rpcbind >> instead. A subdirectory is a good idea, even in /tmp. > I'm beginning to think put these files into a directory call /tmp/rpcbind > is not a good idea... Because if something in /tmp is called rpcbind (like a > debugging binary ;-) ) the mkdirs will silently fail which is not good. > > Here is what I would like to do. > > Move the directory into /run then create the /run/rpcbind when it > does not exist... I think that should play nicely in both the > systemd worlds and non-systemd worlds > > Thoughts? /var/run rather than /run seems to be a safer universal default. Linux distros can run ./configure --with-statedir=/run/rcpbind Otherwise, I think we are in agreement. You want I should respin with /tmp/rpcbind -> /var/run/rpcbind ?? Thanks, NeilBrown
Attachment:
signature.asc
Description: PGP signature
