From owner-freebsd-arch@FreeBSD.ORG Tue Jul 22 17:25:54 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E541237B401 for ; Tue, 22 Jul 2003 17:25:54 -0700 (PDT) Received: from pool-151-200-10-97.res.east.verizon.net (pool-141-156-222-108.res.east.verizon.net [141.156.222.108]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18B9943F3F for ; Tue, 22 Jul 2003 17:25:46 -0700 (PDT) (envelope-from mtm@identd.net) Received: from kokeb.ambesa.net (grlzmhs21tko6swt@localhost [127.0.0.1]) id h6N0PY49044660 for ; Tue, 22 Jul 2003 20:25:34 -0400 (EDT) (envelope-from mtm@identd.net) Received: (from mtm@localhost) by kokeb.ambesa.net (8.12.9/8.12.9/Submit) id h6N0PWxK044659 for freebsd-arch@FreeBSD.org; Tue, 22 Jul 2003 20:25:32 -0400 (EDT) (envelope-from mtm@identd.net) X-Authentication-Warning: kokeb.ambesa.net: mtm set sender to mtm@identd.net using -f Date: Tue, 22 Jul 2003 20:25:32 -0400 From: Mike Makonnen To: freebsd-arch@FreeBSD.org Message-ID: <20030723002531.GA44452@kokeb.ambesa.net> References: <20030719171138.GA86442@dragon.nuxi.com> <20030721202314.GC21068@dragon.nuxi.com> <20030722151138.GB72888@dragon.nuxi.com> <20030722153056.GM863@starjuice.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030722153056.GM863@starjuice.net> User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD/5.1-CURRENT (i386) Subject: Re: Things to remove from /rescue X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2003 00:25:55 -0000 > So let me restate DES case without examples. > > It may be that someone wishing to recover a hosed box will both > > a) want access to some network-hosted resource, and >From what I can see the only network resource one could access is an nfs mount, since it seems unlikely you could rely on anything outside /rescue (such as ftp or ssh) being available. > b) want to maintain network security while accessing that resource. What security? There are no network services running in single-user, so what is there to secure? > I don't see this as an unreasonable requirement, and I can't see what > great cost it incurs that would motivate us to remove support for it. > > And remember, this is just one aspect of your "trimming down /rescue". > Nobody's insisting that we keep the bath water. :-) I won't complain if it's kept, but I would prefer just the bare minimum be kept in /rescue. Once you go beyond that and into "well s/he might need..." territory then we might as well throw in everything in the base system. IMO, /rescue should be the absolute essentials _only_. Instead of theorizing reasons why someone might need ipfw and friends, why don't we wait until we get a bug report about a specific situation in which it was needed before we put it back in. Also, while you're at it, David, I think you can get rid of rcorder as well. I don't know why one would need it to fix a hosed root, and besides it's staticaly linked to begin with. Cheers. -- Mike Makonnen | GPG-KEY: http://www.identd.net/~mtm/mtm.asc mtm@identd.net | D228 1A6F C64E 120A A1C9 A3AA DAE1 E2AF DBCC 68B9 mtm@FreeBSD.Org| FreeBSD - Unleash the Daemon!