On Oct 09, Russell Coker <[EMAIL PROTECTED]> wrote: > It seems that the best solution would be to have mountvirtfs split into two > parts, one mounts /proc and /sys, the other mounts /dev/pts, /dev/shm (and > anything else that might get added under /dev). This means that > under /etc/rcS.d we might have S02mountprocsys and S04mountptsshm so that > S03udev can be run between them. Agreed. This would also allow me to clean up a bit the udev init script.
> Also the udev script is rather complex. It seems to me that a better option > might be to have the /etc/init.d/udev script call a udev setup script (maybe > named /sbin/setup_udev) and then start the udevd. I tought about this, but I think it's still premature because the udev init script may still be changed a lot in the close future and I am not sure that udevd and /dev management can be cleanly separated anyway. Would it be acceptable for you to discuss this again when we will be closer to the release? > One of the reasons for not wanting complex init.d scripts is that for SE > Linux > we don't want to give ultimate access to such scripts. The udev script does > many things such as creating directories and device nodes under /dev which we > normally want to restrict as much as possible. Can you explain better which threat model you are considering? -- ciao, Marco
signature.asc
Description: Digital signature