Date: Sat, 31 May 2003 15:27:47 -0700 From: "David O'Brien" <dev-null@NUXI.com> To: Peter Jeremy <peterjeremy@optushome.com.au> Cc: arch@FreeBSD.org Subject: Re: Moving some items out of src/sbin to src/usr.sbin Message-ID: <20030531222747.GA23373@dragon.nuxi.com> In-Reply-To: <20030531220957.GA54163@cirb503493.alcatel.com.au> References: <20030531193849.GR87863@roark.gnf.org> <20030531202221.GA22056@dragon.nuxi.com> <20030531220957.GA54163@cirb503493.alcatel.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 01, 2003 at 08:09:57AM +1000, Peter Jeremy wrote: > On Sat, May 31, 2003 at 01:22:21PM -0700, David O'Brien wrote: > >On Sat, May 31, 2003 at 12:38:49PM -0700, Gordon Tetlow wrote: > >> To cut down on the size of a dynamically-linked root, I'd like to > >> repo-copy the following utilities from src/sbin to src/usr.sbin: > >> > >> mount_portalfs > >> mount_nwfs > >> mount_smbfs > >> natd > >> ipnat > >> > >> Does anyone have any objections? > > > >yes to natd. > > David, would you like to go into a bit more detail please. ... > NAT is normally used at boundaries between different privilege zones > (though this isn't its only use) and it would seem unusual to mount > /usr from a different privilege zone to the local system. Normally, > natd is started before ipfw rules are loaded, but I don't believe > there is a requirement for a process to be bound to a divert socket > before diversion rules are added. Not really. Just to say that as a user of natd and one that knows how fragile ipfw & natd are to passing packets I don't want to disturb things. I want to see some people (other than me) experiment with this the natd issue before it is moved. > IMHO, it's reasonable to assume/require that /usr be a 'native' > filesystem - so MS-DOS, NTFS, Netware and SMB are not needed - though ... > If Gordon is looking for programs to move from /sbin to /usr/sbin, > mount_msdos, mount_ntfs, mountd, nfsd and maybe ipfstat all seem > candidates. The first two are covered above. IMHO, there's no point > a machine becomming a NFS server before it has /usr mounted - which > covers the next two. Finally, ipfstat is not needed to configure > IPFilter - just monitor it. Native also covers NFS mounted /usr and UFS /, and Gordon didn't mention that he had carefully looked at /etc/rc.d/* and the implications of moving things. -- -- David (obrien@FreeBSD.org)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030531222747.GA23373>