| 1 |
On Thu, Apr 7, 2016 at 10:44 PM, M. J. Everitt <m.j.everitt@×××.org> wrote: |
| 2 |
> 2) "Today, a separate /usr partition already must be mounted by the |
| 3 |
> initramfs during early boot, thus making the justification for a |
| 4 |
> split-off moot." - no, not all gentoo users have an initramfs and |
| 5 |
> need/want one .. so this is a false assumption. |
| 6 |
|
| 7 |
You only need an initramfs (or some other mechanism to mount /usr |
| 8 |
during early boot) if /usr is on a different filesystem than /. |
| 9 |
|
| 10 |
If /usr is a separate filesystem, then Gentoo does require that it be |
| 11 |
mounted during early boot, at least as a supported configuration. |
| 12 |
While it is true today that with some configurations you can probably |
| 13 |
get away with not mounting it during early boot, there is no |
| 14 |
requirement that package maintainers support this. That includes |
| 15 |
system packages. |
| 16 |
|
| 17 |
So, #2 applies to Gentoo as much as to any other distro. That was a |
| 18 |
topic of some debate a few years ago now. |
| 19 |
|
| 20 |
> 3) I still believe there is merit in distinguishing between binaries |
| 21 |
> that can/should be run as root, and those that can/should not. Those |
| 22 |
> that run as root 100% of the time, or use VMs, don't really 'use' linux |
| 23 |
> in the original sense of the OS .. |
| 24 |
|
| 25 |
Duncan already explained much of this, but if you're relying on a |
| 26 |
user's PATH setting to prevent security issues you're doing it wrong. |
| 27 |
There are a number of binaries in /sbin which are completely |
| 28 |
appropriate for a non-privileged user to execute. Besides |
| 29 |
non-privileged operations of binaries like btrfs or rpcinfo, there are |
| 30 |
a bunch of misc binaries in there like usleep or zdump. |
| 31 |
|
| 32 |
Really though the main point of merging these paths into /usr is to |
| 33 |
get all the static content of a distro into a single path, which can |
| 34 |
then be maintained as a read-only filesystem, mounted across multiple |
| 35 |
systems, protected using tripwire or signature checking, and so on. |
| 36 |
As has been pointed out the rolling release nature of Gentoo reduces |
| 37 |
some of these benefits somewhat. To truly get these benefits we would |
| 38 |
also need to rethink how post-install configuration gets managed as |
| 39 |
was already pointed out. |
| 40 |
|
| 41 |
However, the principle is still a potentially useful one even if we |
| 42 |
never follow-up with some of the things Fedora/etc are doing. After a |
| 43 |
merge the package manager has free rein over /usr, full config |
| 44 |
management is the policy in /etc, and /var is a place for persistent |
| 45 |
state that generally belongs to the applications themselves (but |
| 46 |
management of this is a bit of a mix still with stuff like /var/www |
| 47 |
and /var/bind alongside mail spools and mysql database files). |
| 48 |
|
| 49 |
-- |
| 50 |
Rich |
Archives