Things to remove from /rescue
Paul Schenkeveld
fb-arch at psconsult.nl
Sat Jul 26 06:08:51 PDT 2003
On Thu, Jul 24, 2003 at 11:59:33AM -0700, David O'Brien wrote:
> On Tue, Jul 22, 2003 at 08:25:32PM -0400, Mike Makonnen wrote:
> > > b) want to maintain network security while accessing that resource.
> >
> > What security? There are no network services running in single-user,
> > so what is there to secure?
>
> I'm glad I'm not the only one seeing things this way.
I'm not that familiar with -current (still running -stable) but
will using /etc/rc.d to initialize your network also enable
ipforwarding? In other words, although I'm trying to rescue
my firewall, will it act as an open router if /etc/rc.d/*
enable forwarding and I can only use a sysctl to open up ipfw
so I can reach a remote tape drive?
> > I won't complain if it's kept, but I would prefer just the bare minimum
> > be kept in /rescue. Once you go beyond that and into "well s/he might
> > need..." territory then we might as well throw in everything in the
> > base system. IMO, /rescue should be the absolute essentials _only_.
> > Instead of theorizing reasons why someone might need ipfw and friends,
> > why don't we wait until we get a bug report about a specific situation
> > in which it was needed before we put it back in.
>
> Thank you for expressing this so well. I do think we should wait for
> PR's telling real experiences rather than theorizing so much in the "what
> if"'s.
>
> > Also, while you're at it, David, I think you can get rid of rcorder
> > as well. I don't know why one would need it to fix a hosed root,
> > and besides it's staticaly linked to begin with.
>
> Will do! :-)
Paul Schenkeveld
More information about the freebsd-arch
mailing list