On 04/12/07 12:28, Kris Kennaway wrote: > On Thu, Apr 12, 2007 at 11:42:37AM +0100, Robert Watson wrote: >> On Thu, 12 Apr 2007, Bernd Walter wrote: >> >>> On Wed, Apr 11, 2007 at 08:04:03PM -0400, John Nielsen wrote: >>> >>>> I just moved /usr over to a zpool on my -CURRENT system. Performance and >>>> stability are both excellent so far. (Thanks Pawel!) However I noticed >>>> that setting FS flags on files with chflags is not supported. Would it be >>>> feasible to add support for flags on ZFS, and if so are there plans to do >>>> so? >>>> >>>> If not (and/or in the meantime), are there any places in the base system >>>> where flags are required for normal operation? (/var maybe?) >>> Some binaries have such flags set, but it is not required, otherwise >>> diskless NFS wouldn't work. I often see installworld warnings about beeing >>> unable to set extended flags on ld.so and others on my diskless boxes. >> I'm not a big fan of setting these flags -- I fairly frequently run into >> problems when I installworld an NFS root on the NFS host, then try to work >> with it over NFS from the NFS-booted system, as the flags can't be removed >> via NFS. They don't offer a security benefit as-installed, and perhaps >> offer a benefit with respect to preventing people from shooting themselves >> in the foot (or perhaps not). > > Yeah, historical intentions notwithstanding, the real benefit of schg > flags on critical pieces is anti foot-shooting. e.g. you really don't > want to accidentally delete ld-elf.so.1 or libc.so.7 or init. > You can usually recover from this, but it can mess up your whole day > :) > > Kris Yea, all I have to say is: thank you to <SOMEBODY> for /rescue!!! EricReceived on Thu Apr 12 2007 - 15:30:59 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:08 UTC