Date: Thu, 11 Jan 2001 15:22:23 -0700 From: Warner Losh <imp@harmony.village.org> To: Jordan Hubbard <jkh@winston.osd.bsdi.com> Cc: Sheldon Hearn <sheldonh@uunet.co.za>, obrien@FreeBSD.org, Doug Barton <dougb@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc crontab rc src/etc/defaults rc.conf src/etc/mtree BSD.root.dist src/libexec Makefile src/libexec/save-entropy Makefile save-entropy.sh Message-ID: <200101112222.f0BMMNs75120@harmony.village.org> In-Reply-To: Your message of "Thu, 11 Jan 2001 12:36:23 PST." <19283.979245383@winston.osd.bsdi.com> References: <19283.979245383@winston.osd.bsdi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19283.979245383@winston.osd.bsdi.com> Jordan Hubbard writes: : > I'm pretty sure that this has all been discussed before, with quite a : > bit of consensus (although some might bitch about the period in the : > directory name '/.entropy'. : : Hmmm, if it was then FreeBSD's diskless boot community never weighed : in during the discussions and that's a pity. You're well aware, one : assumes, of the fact that many of these people habitually use a : read-only root? They're not the only ones either - just about all of : the embedded folks who boot out of flash also run RO root and usr : filesystems. That's one the big reasons for keeping /var a separate : filesystem, at least conceptually, in order that that we might mandate : a writable filesystem as part of the hierarchy standard. I'll admit : that hier(7) is a little vague on that point, but it's certainly been : part of the conventional wisdom for as long as I can remember. : : I also appreciate the arguments for having /var be "too late" in the : boot process, at least as things currently stand, but simply assuming : that root is writable as your work-around isn't a very safe solution : either. I agree. RO / is absoultely *REQUIRED* for our application. we have a small, writable partition that we can use to store the random entropy files. Any attempts to force / to be writable will be met with extreme resistance. Our /var isn't persistant accross boots, btw. It is a mfs file system. Having a requirement that /var contain persistant data would likely lead to problems. I'm still not sure why we can't do something like: date > /dev/random cat /bin/ls > /dev/random fsck mount the file systems read in the entropy file Eg, toss some bone to the random pool. Sure, it will be highly preditable, but for the mount commands it doesn't matter. We fix before anything interesting happens. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101112222.f0BMMNs75120>