1 |
On Tue, 20 Mar 2012 01:04:04 +0200, Alan McKinnon wrote: |
2 |
|
3 |
> - */bin vs */sbin is one. Nothing to do with security, but */sbin can |
4 |
> go in root's PATH and apps that only makes sense when run as root (eg |
5 |
> mkfs) go there. This avoids cluttering the display with useful crap |
6 |
> from tab-completion. |
7 |
|
8 |
Agreed |
9 |
|
10 |
> - / vs /usr/local. I like this one, everything I build and install |
11 |
> myself without help from the package manager goes here. On FreeBSD it |
12 |
> means I used ports to install the stuff and it's not in world. I do |
13 |
> need this distinction in my world. Perl CPAN too for the same reasons. |
14 |
|
15 |
That too, or you can move all system stuff from /usr to / and put user |
16 |
stuff in a directory with an appropriate name, something that reflects |
17 |
its purpose, maybe something like /usr. |
18 |
|
19 |
> - /opt. Um yeah, OK. So we have these things called proprietary apps |
20 |
> where devs just want to make a directory specially for their app and |
21 |
> dump everything belong it. OK, as a scheme, it works. I don't like |
22 |
> it but I don't have a better idea. |
23 |
|
24 |
Yep. |
25 |
|
26 |
> / vs /usr is the only one I don't need myself, as /usr is not read-only |
27 |
> (a very valid use case) and I don't have thin clients on the network. |
28 |
|
29 |
Separating system and user-compiled/installed software makes sense. |
30 |
Separating root and general programs makes sense. |
31 |
Separating system programs and libraries based on fairly arbitrary, and |
32 |
moveable, criteria does not make sense to me. |
33 |
|
34 |
As for making /usr read-only; it is generally only writeable by root and |
35 |
anyone with the root password could remount rw anyway, so there's not much |
36 |
point there. |
37 |
|
38 |
|
39 |
-- |
40 |
Neil Bothwick |
41 |
|
42 |
Ninety-Ninety Rule Of Project Schedules - The first ninety percent of |
43 |
the task takes ninety percent of the time, and the last ten percent |
44 |
takes the other ninety percent of the time. |