[Fedora-directory-devel] Please review: Bug 227771: FHS: use sysconfdir (/etc) as config file location
Richard Megginson
rmeggins at redhat.com
Fri Feb 9 17:37:19 UTC 2007
Howard Chu wrote:
>> Date: Fri, 09 Feb 2007 08:15:11 -0700
> > From: Richard Megginson <rmeggins at redhat.com>
>
>> Andrew Bartlett wrote:
>>> > On Thu, 2007-02-08 at 20:23 -0800, Pete Rowley wrote:
>
>>> > The debian folks (who take FHS seriously) won't buy that. The
>>> real test
>>> > is the ability to have a read only /etc. This sounds like a /var/lib
>>> > thing. >
>>> > Before you get into pain over this, I suggest finding a FHS expert.
>>> >
>> Does Debian forbid cfengine? webmin? If you do need to occasionally
>> edit a config file, do you have to change the permissions on /etc to
>> read-write, then change it back?
>
> For a lot of secure installs, yes, this is what's done.
What does openldap do on those systems when using back-config? Do you
have a symlink from /etc/openldap/config to /var/whatever, so that
people looking for some config can find it?
>
> > Note that even files such as
>> /etc/fstab can be dynamic as devices/filesystems are dynamically
>> mounted/unmounted.
>
> Actually fstab is just a static file. You might be thinking of mtab.
> Some of these things just get symlinked to /var/run which is writable.
No, on my system /etc/fstab is dynamically updated - so is /etc/mtab.
I guess what I'm trying to determine is - who can definitively answer
this question?
However, if /etc really is sometimes mounted read-only, then there are a
couple of options:
1) Always put our config files under /var/lib/fedora-ds/slapd-instance,
and just create a symlink /etc/fedora-ds/slapd-instance that points to
/var/lib/fedora-ds/slapd-instance
2) Have the location be distro specific e.g. debian and derived packages
will use /var/lib, fedora derived packages will use /etc
At any rate, it should be a configure option.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070209/26ccd74e/attachment.bin>
More information about the Fedora-directory-devel
mailing list