1 |
On 08/04/16 14:55, Rich Freeman wrote: |
2 |
> The purpose of a /usr merge is to get all the stateless stuff into one place. |
3 |
|
4 |
beside what you have in /etc ... |
5 |
|
6 |
usr-merge, in practice just moves early-boot/core tools where the rest |
7 |
of the userspace lives. |
8 |
|
9 |
> Some of the ultimate goals include: |
10 |
> 1. A read-only /usr |
11 |
|
12 |
And mixing early-boot tools with post-boot userspace would help how? |
13 |
|
14 |
> 2. Having /usr signature-verified at boot |
15 |
|
16 |
Because /etc is totally unimportant. |
17 |
|
18 |
> 3. Having everything that runs signature-checked before it is run |
19 |
|
20 |
Because obviously you do not need to signature-check per executable. |
21 |
|
22 |
> 4. Having /usr shared across many containers/etc. |
23 |
|
24 |
Because obviously it is the early-boot userspace spoiling this. |
25 |
|
26 |
> 5. Stateless systems - boot with a /usr and it creates the rest |
27 |
> dynamically, and they're lost when the container is shut down. |
28 |
|
29 |
Sounds backwards in many different ways. |
30 |
|
31 |
> Put it this way, if you were designing a new OS from scratch today, |
32 |
> would it make more sense to put all the distro-supplied |
33 |
> binaries/libraries under a single path off the root, or off of many |
34 |
> paths from the root? |
35 |
|
36 |
You mean /usr/local ? |
37 |
|
38 |
The whole thing ceases to be important once you have bind-mount and PATH |
39 |
imho. |
40 |
|
41 |
There is the specific need to have all the tools needed to boot in a |
42 |
single place that can be accessed with ease. |
43 |
|
44 |
It being /bin or initramfs or /boot/bin is completely cosmetic. |
45 |
|
46 |
But you need a easy and reliable way to get it. |
47 |
|
48 |
The idea of having / just holding the mount points and then have all the |
49 |
other paths mounted by the early boot is fun only on paper I'm afraid. |
50 |
(and we aren't even getting there since I bet /etc will stay in the root |
51 |
partition for ages). |
52 |
|
53 |
lu |