noexec on /dev/shm

Miloslav Trmač mitr at volny.cz
Tue Dec 14 14:25:08 UTC 2010 

Marcela Mašláňová píše v Út 14. 12. 2010 v 14:55 +0100:
> On 12/14/2010 02:24 PM, Tomasz Torcz wrote:
> > On Tue, Dec 14, 2010 at 01:53:37PM +0100, Miloslav Trmač wrote:
> >> Changing the semantics of /etc/fstab without any consultation with
> >> fedora-devel or even notification of Fedora that something so
> >> long-standing is changing is hardly constructive either.
> >>
> >> I can happily live with "systemd is a new, better init system" without
> >> knowing the details.  I consider "systemd replaces 15% of /etc and
> >> changes semantics of another 5%" without discussing the details in
> >> advance unacceptable for the distribution as a whole, although this
> >> decision is of course FESCo's.
> >> 	Mirek
> >   Let's keep discussion calm and technical.  
> >  “Systemd contains native implementations of various tasks that need to
> >  be executed as part of the boot process. For example, it sets the host name 
> > or configures the loopback network device. It also sets up and
> >        mounts various API file systems, such as /sys or /proc.”
> >
> >   We saw it includes /dev, /dev/shm etc.  Is there any *reasonable* need
> > to mount sysfs somewhere else than /sys. Or /dev with mode other than 755?
> > Those all directories are mounted _identically_ on every Linux distribution
> > down here.  Why pollute fstab with repeated lines on million machines?
> >
> >   I can see that it may look like taking power from admin, but has
> > anyone ever changed how devpts is mounted?  Really?  Being able
> > to change for the sake of ability is not always sane.  There are
> > things which we can change, and some things which shouldn't be touched
> > by admin.  And I'm not proposing dumbing down admin.  Back when
> > I run Slackware I rewrote part of the initscripts to suit me.
> > But really, admin should worry about important things, better
> > leave boring (and identical across distros) parts to someone else.
> >
> >   Original problem could be solved by configuring some scratch
> > tmpfs in /mnt/scratch or somewhere else.
> >
> The problem is not the technical solution. Problem is that changes of
> such important thing like /etc/fstab are decided without Fedora developers.
> Usually such change would be discussed before on list and it would be
> feature for new Fedora. It's not even mentioned on Systemd Feature page.
+1

This is (was?) UNIX.  No single person knows about all the creative and
important ways that users have configured the system to suit their
needs.  Dropping system-wide features should be a conscious decision,
not something we accidentally discover several months later when user
complaints start to come in.
	Mirek

More information about the devel mailing list