Moving some items out of src/sbin to src/usr.sbin
Gordon Tetlow
gordont at gnf.org
Sat May 31 16:16:56 PDT 2003
On Sat, May 31, 2003 at 03:27:47PM -0700, David O'Brien wrote:
> On Sun, Jun 01, 2003 at 08:09:57AM +1000, Peter Jeremy wrote:
> > On Sat, May 31, 2003 at 01:22:21PM -0700, David O'Brien wrote:
> > >On Sat, May 31, 2003 at 12:38:49PM -0700, Gordon Tetlow wrote:
> > >> To cut down on the size of a dynamically-linked root, I'd like to
> > >> repo-copy the following utilities from src/sbin to src/usr.sbin:
> > >>
> > >> mount_portalfs
> > >> mount_nwfs
> > >> mount_smbfs
> > >> natd
> > >> ipnat
> > >>
> > >> Does anyone have any objections?
> > >
> > >yes to natd.
> >
> > David, would you like to go into a bit more detail please.
> ...
> > NAT is normally used at boundaries between different privilege zones
> > (though this isn't its only use) and it would seem unusual to mount
> > /usr from a different privilege zone to the local system. Normally,
> > natd is started before ipfw rules are loaded, but I don't believe
> > there is a requirement for a process to be bound to a divert socket
> > before diversion rules are added.
>
> Not really. Just to say that as a user of natd and one that knows how
> fragile ipfw & natd are to passing packets I don't want to disturb things.
> I want to see some people (other than me) experiment with this the natd
> issue before it is moved.
I agree testing needs to take place. I'm doing this sweep from the point
of view of wanting to minimize libraries that need to be /lib. libalias
(who's only consumer is natd) is only 48k. I can live with it, but I was
just trying to clean up some low-hanging fruit.
> > IMHO, it's reasonable to assume/require that /usr be a 'native'
> > filesystem - so MS-DOS, NTFS, Netware and SMB are not needed - though
> ...
> > If Gordon is looking for programs to move from /sbin to /usr/sbin,
> > mount_msdos, mount_ntfs, mountd, nfsd and maybe ipfstat all seem
> > candidates. The first two are covered above. IMHO, there's no point
> > a machine becomming a NFS server before it has /usr mounted - which
> > covers the next two. Finally, ipfstat is not needed to configure
> > IPFilter - just monitor it.
>
> Native also covers NFS mounted /usr and UFS /, and Gordon didn't mention
> that he had carefully looked at /etc/rc.d/* and the implications of
> moving things.
I didn't look to carefully for natd and ipnat, but I did look at the
implications of moving the various mount_* providers. The way the current
boot scripts work is they mount local-type filesystems (read not NFS,
SMBFS, and PORTALFS (it's a bug that NWFS isn't in this list)) first.
Then it mounts NFS filesystems. Finally all other network-type filesystems
are mounted. As such, if you have /usr mounted via NFS (and only NFS),
your other network filesystems will mount just fine.
This is the reason I didn't move things like mount_msdosfs and other
local-type filesystems. They will be mounted before any network
filesystems (including NFS /usr) has a chance to be mounted.
-gordon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20030531/d06fe133/attachment.bin
More information about the freebsd-arch
mailing list