From owner-freebsd-arch@FreeBSD.ORG Sat May 31 15:28:07 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA87837B401 for ; Sat, 31 May 2003 15:28:07 -0700 (PDT) Received: from dragon.nuxi.com (trang.nuxi.com [66.93.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id E228043F75 for ; Sat, 31 May 2003 15:28:06 -0700 (PDT) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.12.9/8.12.9) with ESMTP id h4VMRpVm023440; Sat, 31 May 2003 15:27:55 -0700 (PDT) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.12.9/8.12.9/Submit) id h4VMRlba023439; Sat, 31 May 2003 15:27:47 -0700 (PDT) Date: Sat, 31 May 2003 15:27:47 -0700 From: "David O'Brien" To: Peter Jeremy Message-ID: <20030531222747.GA23373@dragon.nuxi.com> Mail-Followup-To: David O'Brien , Peter Jeremy , arch@FreeBSD.org References: <20030531193849.GR87863@roark.gnf.org> <20030531202221.GA22056@dragon.nuxi.com> <20030531220957.GA54163@cirb503493.alcatel.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030531220957.GA54163@cirb503493.alcatel.com.au> User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 5.1-BETA Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 cc: arch@FreeBSD.org Subject: Re: Moving some items out of src/sbin to src/usr.sbin X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: arch@FreeBSD.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2003 22:28:08 -0000 On Sun, Jun 01, 2003 at 08:09:57AM +1000, Peter Jeremy wrote: > On Sat, May 31, 2003 at 01:22:21PM -0700, David O'Brien wrote: > >On Sat, May 31, 2003 at 12:38:49PM -0700, Gordon Tetlow wrote: > >> To cut down on the size of a dynamically-linked root, I'd like to > >> repo-copy the following utilities from src/sbin to src/usr.sbin: > >> > >> mount_portalfs > >> mount_nwfs > >> mount_smbfs > >> natd > >> ipnat > >> > >> Does anyone have any objections? > > > >yes to natd. > > David, would you like to go into a bit more detail please. ... > NAT is normally used at boundaries between different privilege zones > (though this isn't its only use) and it would seem unusual to mount > /usr from a different privilege zone to the local system. Normally, > natd is started before ipfw rules are loaded, but I don't believe > there is a requirement for a process to be bound to a divert socket > before diversion rules are added. Not really. Just to say that as a user of natd and one that knows how fragile ipfw & natd are to passing packets I don't want to disturb things. I want to see some people (other than me) experiment with this the natd issue before it is moved. > IMHO, it's reasonable to assume/require that /usr be a 'native' > filesystem - so MS-DOS, NTFS, Netware and SMB are not needed - though ... > If Gordon is looking for programs to move from /sbin to /usr/sbin, > mount_msdos, mount_ntfs, mountd, nfsd and maybe ipfstat all seem > candidates. The first two are covered above. IMHO, there's no point > a machine becomming a NFS server before it has /usr mounted - which > covers the next two. Finally, ipfstat is not needed to configure > IPFilter - just monitor it. Native also covers NFS mounted /usr and UFS /, and Gordon didn't mention that he had carefully looked at /etc/rc.d/* and the implications of moving things. -- -- David (obrien@FreeBSD.org)