From owner-freebsd-arch@FreeBSD.ORG Sat May 31 15:10:14 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1EDE037B404 for ; Sat, 31 May 2003 15:10:14 -0700 (PDT) Received: from cirb503493.alcatel.com.au (c18609.belrs1.nsw.optusnet.com.au [210.49.80.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id DEB0543F75 for ; Sat, 31 May 2003 15:10:12 -0700 (PDT) (envelope-from peterjeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1])h4VMAAp9054301; Sun, 1 Jun 2003 08:10:10 +1000 (EST) (envelope-from jeremyp@cirb503493.alcatel.com.au) Received: (from jeremyp@localhost) by cirb503493.alcatel.com.au (8.12.8/8.12.8/Submit) id h4VM9wL2054297; Sun, 1 Jun 2003 08:09:58 +1000 (EST) Date: Sun, 1 Jun 2003 08:09:57 +1000 From: Peter Jeremy To: "David O'Brien" , Gordon Tetlow , arch@FreeBSD.org Message-ID: <20030531220957.GA54163@cirb503493.alcatel.com.au> References: <20030531193849.GR87863@roark.gnf.org> <20030531202221.GA22056@dragon.nuxi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030531202221.GA22056@dragon.nuxi.com> User-Agent: Mutt/1.4.1i Subject: Re: Moving some items out of src/sbin to src/usr.sbin X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2003 22:10:14 -0000 On Sat, May 31, 2003 at 01:22:21PM -0700, David O'Brien wrote: >On Sat, May 31, 2003 at 12:38:49PM -0700, Gordon Tetlow wrote: >> To cut down on the size of a dynamically-linked root, I'd like to >> repo-copy the following utilities from src/sbin to src/usr.sbin: >> >> mount_portalfs >> mount_nwfs >> mount_smbfs >> natd >> ipnat >> >> Does anyone have any objections? > >yes to natd. David, would you like to go into a bit more detail please. The traditional justification for an object to be in the root partition is that it is required to either allow the system to boot to the point where /usr is mounted, or to restore the remaining filesystems (including /usr) from a backup. IMHO, it's reasonable to assume/require that /usr be a 'native' filesystem - so MS-DOS, NTFS, Netware and SMB are not needed - though a case could be made for requiring Netware and/or SMB to allow for a situation where backups are made to a Netware or SMB server. I can't foresee any requirement for portals before /usr is mounted. NAT is normally used at boundaries between different privilege zones (though this isn't its only use) and it would seem unusual to mount /usr from a different privilege zone to the local system. Normally, natd is started before ipfw rules are loaded, but I don't believe there is a requirement for a process to be bound to a divert socket before diversion rules are added. If Gordon is looking for programs to move from /sbin to /usr/sbin, mount_msdos, mount_ntfs, mountd, nfsd and maybe ipfstat all seem candidates. The first two are covered above. IMHO, there's no point a machine becomming a NFS server before it has /usr mounted - which covers the next two. Finally, ipfstat is not needed to configure IPFilter - just monitor it. Peter