Re: defaulting `rc_manager=symlink` to creating a symlink?





On Wed, Jul 18, 2018, at 4:20 AM, Thomas Haller wrote:
On Tue, 2018-07-17 at 22:32 -0400, Colin Walters wrote:
See discussion in https://github.com/projectatomic/rpm-ostree/pull/14
64

Is there a reason that the `symlink` mode doesn't default to creating
a symlink?  It'd help for mounting `/etc` read-only.

Hi,

Writing /etc/resolv.conf as symlink, is an action reserved to the
administrator. 

Right, but I want to do it by default for CoreOS/Silverblue.   Remember
here we're talking about the case where the file doesn't exist
at all.  

So we either change NM upstream, change the Fedora package, or do:
https://github.com/projectatomic/rpm-ostree/pull/1464

OK, I just read the linked bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1367551
and I disagree with the rationale but whatever.  No point fighting
to change the default back globally I guess.

Also particularly because at least for single-node systems we
should be using a local caching resolver anyways.

Why is there a problem with "mounting `/etc` read-only"?

Just try it, add `/etc /etc none bind,ro 0 0` into your `/etc/fstab`,
then e.g.:
```
rm /etc/resolv.conf
systemctl stop NetworkManager
mount /etc
systemctl start NetworkManager
```

As expected you won't have an /etc/resolv.conf since NM gets EPERM,
which is what's desired here - /etc should be immutable.

Anyways I'll argue to merge the rpm-ostree patch based on this
discussion - it will create a new distinction between "classic" and "ostree-based"
systems, so if anyone wants to use e.g. networkd on e.g.
CoreOS/Silverblue they'll have to also run `rm` (how painful!).



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]