On Wed, Jul 18, 2018, at 4:20 AM, Thomas Haller wrote:
> On Tue, 2018-07-17 at 22:32 -0400, Colin Walters wrote:
> > See discussion in https://github.com/projectatomic/rpm-ostree/pull/14
> > 64
> >
> > Is there a reason that the `symlink` mode doesn't default to creating
> > a symlink? It'd help for mounting `/etc` read-only.
>
> Hi,
>
> Writing /etc/resolv.conf as symlink, is an action reserved to the
> administrator.
Right, but I want to do it by default for CoreOS/Silverblue. Remember
here we're talking about the case where the file doesn't exist
at all.
So we either change NM upstream, change the Fedora package, or do:
https://github.com/projectatomic/rpm-ostree/pull/1464
OK, I just read the linked bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1367551
and I disagree with the rationale but whatever. No point fighting
to change the default back globally I guess.
Also particularly because at least for single-node systems we
should be using a local caching resolver anyways.
> Why is there a problem with "mounting `/etc` read-only"?
Just try it, add `/etc /etc none bind,ro 0 0` into your `/etc/fstab`,
then e.g.:
```
rm /etc/resolv.conf
systemctl stop NetworkManager
mount /etc
systemctl start NetworkManager
```
As expected you won't have an /etc/resolv.conf since NM gets EPERM,
which is what's desired here - /etc should be immutable.
Anyways I'll argue to merge the rpm-ostree patch based on this
discussion - it will create a new distinction between "classic" and
"ostree-based"
systems, so if anyone wants to use e.g. networkd on e.g.
CoreOS/Silverblue they'll have to also run `rm` (how painful!).
_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list