From owner-freebsd-security  Wed Oct 14 20:03:09 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA20113
          for freebsd-security-outgoing; Wed, 14 Oct 1998 20:03:09 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from beatrice.rutgers.edu (beatrice.rutgers.edu [165.230.209.143])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA20087
          for <security@FreeBSD.ORG>; Wed, 14 Oct 1998 20:03:02 -0700 (PDT)
          (envelope-from easmith@beatrice.rutgers.edu)
Received: (from easmith@localhost) by beatrice.rutgers.edu (980427.SGI.8.8.8/970903.SGI.AUTOCF) id XAA04749; Wed, 14 Oct 1998 23:02:57 -0400 (EDT)
From: "Allen Smith" <easmith@beatrice.rutgers.edu>
Message-Id: <9810142302.ZM4747@beatrice.rutgers.edu>
Date: Wed, 14 Oct 1998 23:02:57 -0400
In-Reply-To: Don Lewis <Don.Lewis@tsc.tdk.com>       "Re: Booting from NT ?" (Sep 28,  4:41am)
References: <199809280840.BAA03201@salsa.gv.tsc.tdk.com>
X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail)
To: Don Lewis <Don.Lewis@tsc.tdk.com>
Subject: R/O root FS (was Re: Booting from NT ?)
Cc: security@FreeBSD.ORG
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sep 28,  4:41am, Don Lewis (possibly) wrote:
> On Sep 28,  2:20am, "Allen Smith" wrote:
> } Subject: Re: Booting from NT ?
> 
> } Question... what does happen if one has a R/O root filesystem,
> } including /dev, without DEVFS? I'm constructing a firewall computer
> } with a (switchable - a nice facility of some Seagate drives) hard
> } drive for root, a second writeable drive for /var and swap, and a /tmp 
> } MFS. What problems am I likely to run into with /dev? I'd really
> } prefer not to have it as a symlink to /var/dev or some such...
> 
> You won't be able to chown() and chmod() the tty devices when you log in.
> Before /dev/log was made a symlink to /var/run/log, syslogd wouldn't be
> able to create /dev/log.

Ah. Given that login_fbtab.c in both -stable and -current uses chown,
not lchown, and chmod follows symbolic links, then symlinking just the 
/dev/tty*, /dev/console, and /dev/pcaudio* files to /var/dev should
work.

	Thanks,

	-Allen

-- 
Allen Smith				easmith@beatrice.rutgers.edu
	

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message