Date: Sat, 31 May 2003 16:16:53 -0700 From: Gordon Tetlow <gordont@gnf.org> To: Peter Jeremy <peterjeremy@optushome.com.au>, arch@FreeBSD.org Subject: Re: Moving some items out of src/sbin to src/usr.sbin Message-ID: <20030531231653.GW87863@roark.gnf.org> In-Reply-To: <20030531222747.GA23373@dragon.nuxi.com> References: <20030531193849.GR87863@roark.gnf.org> <20030531202221.GA22056@dragon.nuxi.com> <20030531220957.GA54163@cirb503493.alcatel.com.au> <20030531222747.GA23373@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--KCLoHzx0Ylaw/v4x Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, May 31, 2003 at 03:27:47PM -0700, David O'Brien wrote: > On Sun, Jun 01, 2003 at 08:09:57AM +1000, Peter Jeremy wrote: > > On Sat, May 31, 2003 at 01:22:21PM -0700, David O'Brien wrote: > > >On Sat, May 31, 2003 at 12:38:49PM -0700, Gordon Tetlow wrote: > > >> To cut down on the size of a dynamically-linked root, I'd like to > > >> repo-copy the following utilities from src/sbin to src/usr.sbin: > > >>=20 > > >> mount_portalfs > > >> mount_nwfs > > >> mount_smbfs > > >> natd > > >> ipnat > > >>=20 > > >> Does anyone have any objections? > > > > > >yes to natd. > >=20 > > David, would you like to go into a bit more detail please. > ... > > NAT is normally used at boundaries between different privilege zones > > (though this isn't its only use) and it would seem unusual to mount > > /usr from a different privilege zone to the local system. Normally, > > natd is started before ipfw rules are loaded, but I don't believe > > there is a requirement for a process to be bound to a divert socket > > before diversion rules are added. >=20 > Not really. Just to say that as a user of natd and one that knows how > fragile ipfw & natd are to passing packets I don't want to disturb things. > I want to see some people (other than me) experiment with this the natd > issue before it is moved. I agree testing needs to take place. I'm doing this sweep from the point of view of wanting to minimize libraries that need to be /lib. libalias (who's only consumer is natd) is only 48k. I can live with it, but I was just trying to clean up some low-hanging fruit. > > IMHO, it's reasonable to assume/require that /usr be a 'native' > > filesystem - so MS-DOS, NTFS, Netware and SMB are not needed - though > ... > > If Gordon is looking for programs to move from /sbin to /usr/sbin, > > mount_msdos, mount_ntfs, mountd, nfsd and maybe ipfstat all seem > > candidates. The first two are covered above. IMHO, there's no point > > a machine becomming a NFS server before it has /usr mounted - which > > covers the next two. Finally, ipfstat is not needed to configure > > IPFilter - just monitor it. >=20 > Native also covers NFS mounted /usr and UFS /, and Gordon didn't mention > that he had carefully looked at /etc/rc.d/* and the implications of > moving things. I didn't look to carefully for natd and ipnat, but I did look at the implications of moving the various mount_* providers. The way the current boot scripts work is they mount local-type filesystems (read not NFS, SMBFS, and PORTALFS (it's a bug that NWFS isn't in this list)) first. Then it mounts NFS filesystems. Finally all other network-type filesystems are mounted. As such, if you have /usr mounted via NFS (and only NFS), your other network filesystems will mount just fine. This is the reason I didn't move things like mount_msdosfs and other local-type filesystems. They will be mounted before any network filesystems (including NFS /usr) has a chance to be mounted. -gordon --KCLoHzx0Ylaw/v4x Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+2TflRu2t9DV9ZfsRAqI/AJ42zB1UpfGbDYjipItNDWVHiVdc2gCgiS5a +A360RjNf3MvUkoyG3l8Fv0= =ZXYi -----END PGP SIGNATURE----- --KCLoHzx0Ylaw/v4x--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030531231653.GW87863>