tag 340608 + patch
thanks
Scribit Michael Tautschnig dies 26/11/2005 hora 15:19:
Are the files created by fai-setup/make-fai-nfsroot really to be
considered installed files, or does the policy rather talk about
files installed by dpkg?
I think it is a reasonable expecting that the behaviour
Scribit Steve Langasek dies 25/11/2005 hora 18:42:
I certainly agree that it's desirable to never have anything written
to /usr except by the package management system and to be able to keep
it read-only otherwise, but I don't find that the FHS mandates this.
I found, indeed:
``/usr is
On Sat, Nov 26, 2005 at 12:41:10PM +0100, Pierre THIERRY wrote:
Scribit Steve Langasek dies 25/11/2005 hora 18:42:
I certainly agree that it's desirable to never have anything written
to /usr except by the package management system and to be able to keep
it read-only otherwise, but I don't
Scribit Steve Langasek dies 26/11/2005 hora 03:47:
No, because this data *is* both shareable and read-only; it is written
to only by certain admin operations.
I don't see how you can still consider data that is sometimes modified
by priviledged users read-only... Data only modified by the core
Hi,
I have some remarks to this bug. First, I think it can be merged with #309554,
which severity should be raised at least to important...
(But) #309554 deals with both the FAI_CONFIGDIR (currently defaults
to /usr/local/share/fai) and NFSROOT (defaults to /usr/lib/fai/nfsroot) -
both
Scribit Steve Langasek dies 26/11/2005 hora 03:47:
No, because this data *is* both shareable and read-only; it is written
to only by certain admin operations.
I don't see how you can still consider data that is sometimes modified
by priviledged users read-only... Data only modified by the
On Sat, Nov 26, 2005 at 02:48:12PM +0100, Holger Levsen wrote:
As I've said in #309554 I strongly believe /srv/ should be used for both. I
like to add now, that IMO - if /srv is a policy violation at the moment
(vorlon, what is your statement/guess regarding FHS 2.3 and etch ?)
FHS 2.3 for
On Thu, Nov 24, 2005 at 03:19:08PM +0100, Pierre THIERRY wrote:
Package: fai
Version: 2.8.4
Severity: serious
Justification: FHS
According to the FHS, ``/usr is shareable, read-only data''. So FAI
should not by default try to write anything in /usr and place it's
nfsroot there. See
On Fri, 25 Nov 2005 00:56:17 -0800, Steve Langasek [EMAIL PROTECTED]
said:
Could you elaborate on why you believe this is an FHS violation? Is the
fai
nfsroot not shareable, or is it not read-only? (I would expect an nfsroot
image to be both...)
The FAI nfsroot IS shareable
Scribit Steve Langasek dies 25/11/2005 hora 00:56:
According to the FHS, ``/usr is shareable, read-only data''. So FAI
should not by default try to write anything in /usr and place it's
nfsroot there. See #309554.
Could you elaborate on why you believe this is an FHS violation?
My /usr is
On Fri, 25 Nov 2005 13:41:18 +0100, Pierre THIERRY [EMAIL PROTECTED]
said:
read-write object the user can modify and update... It belongs either to
/var or /srv (the latter I prefer, as it is clearly data for a service
exposed by the system).
My future plans are to move it to
This one time, at band camp, Thomas Lange said:
On Fri, 25 Nov 2005 13:41:18 +0100, Pierre THIERRY [EMAIL PROTECTED]
said:
read-write object the user can modify and update... It belongs either to
/var or /srv (the latter I prefer, as it is clearly data for a service
Scribit Thomas Lange dies 25/11/2005 hora 15:34:
My future plans are to move it to /srv, but the question is, if it's
really a FHS violation.
nfsroot can be updated, regenerated, modified to fit the user's needs,
and so on. I don't see how it can really be seen read-only. So it can't
be in
Scribit Stephen Gran dies 25/11/2005 hora 15:19:
My understanding is that while /srv is the right place for this kind
of data, it would be incorrect for Debian packages to dump stuff
there. /srv is the domain of the local admin.
This is precisely why it should be put there by fai-setup.
This one time, at band camp, Pierre THIERRY said:
Scribit Stephen Gran dies 25/11/2005 hora 15:19:
My understanding is that while /srv is the right place for this kind
of data, it would be incorrect for Debian packages to dump stuff
there. /srv is the domain of the local admin.
This is
On Fri, 25 Nov 2005 16:13:24 +0100, Pierre THIERRY [EMAIL PROTECTED]
said:
The problem is, strictly speaking, using /srv would not be policy
compliant, I think, because there is no mention of /srv in the currently
included FHS. Maybe you should just usr /var/lib/fai and just be
Scribit Thomas Lange dies 25/11/2005 hora 17:35:
I like to skip the move to /var/lib/fai, and wait until I can finally
move to /srv.
But this is still a bug, and a policy violation. Users applying Debian
security guidelines will still encounter this bug with the default
configuration...
severity 340608 important
thanks
On Fri, Nov 25, 2005 at 01:41:18PM +0100, Pierre THIERRY wrote:
Scribit Steve Langasek dies 25/11/2005 hora 00:56:
According to the FHS, ``/usr is shareable, read-only data''. So FAI
should not by default try to write anything in /usr and place it's
Package: fai
Version: 2.8.4
Severity: serious
Justification: FHS
According to the FHS, ``/usr is shareable, read-only data''. So FAI
should not by default try to write anything in /usr and place it's
nfsroot there. See #309554.
-- System Information:
Debian Release: testing/unstable
APT
19 matches
Mail list logo
