On Tue, 23 Apr 2002, David O'Brien wrote:
> On Tue, Apr 23, 2002 at 03:38:59AM -0700, Terry Lambert wrote: > > > > the 'original' solution is to make /etc writable is to mount a MD, then copy > > > > all > > > > /conf/default/etc to it. > > > > > > The very original "solution" was to mount NFS / RW. The move to > > > /conf/default/etc was someone's special needs leaking into the FreeBSD > > > repository. If you want to special case, things be my guest -- add an > > > elif test; but leave RW NFS mounted / alone. > > > > This isn't just about NFS... it's also about Fash devices, which > > are only warranteed for a limited number of writes, which mounting > > R/W would really eat into, and it's for read-only media, like in > > the "ClosedBSD" and "PicoBSD" FreeBSD based firewalls, I think. > > As I said Terry, change the patch to not take away RW /. Add an elif > check, add a `readonly_root' rc.conf knob, etc... But people should > stop assuming everyone wants their special needs and local weirdness. So personally I do use the read/only version, since it improves the scalability (and sanity) of the diskless environment by preventing leakage from workstations onto the server except in specifically supported ways. That said, I'd prefer a simpler "default" setting. A series of rc.conf settings would make the most sense to me-- diskless_root_readonly="NO" # Make it "YES" for readonly diskless_etc_localmd="NO" # Make it "YES" to have the # diskless environment md-mount and replicate /etc from /conf diskless_var_localmd="NO" # Make it "YES" to have the # diskless environment md-mount /var and populate it from skeleton files This would provide full compatibility with the current model for those that want it (and I think it's more people than you think) at the same time as changing the system to provide easy support for the environment you're looking for. If the default settings are changing, it should be a "5.0 feature" not a "4.x feature". Robert N M Watson FreeBSD Core Team, TrustedBSD Project [EMAIL PROTECTED] NAI Labs, Safeport Network Services To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
