noexec on /dev/shm
Lennart Poettering
mzerqung at 0pointer.de
Wed Dec 15 06:10:58 UTC 2010
On Tue, 14.12.10 08:08, Chris Adams (cmadams at hiwaay.net) wrote:
>
> Once upon a time, Tomasz Torcz <tomek at pipebreaker.pl> said:
> > We saw it includes /dev, /dev/shm etc. Is there any *reasonable* need
> > to mount sysfs somewhere else than /sys. Or /dev with mode other than 755?
> > Those all directories are mounted _identically_ on every Linux distribution
> > down here. Why pollute fstab with repeated lines on million machines?
>
> What is the advantage to making some mounts not listed in the file with
> all the other mounts? It isn't like /etc/fstab is a hundred lines or
> anything; it is a standard config file that predates Linux. All mounts
> are listed there until systemd decided to override it (without any
> warning or documentation).
Well, what would be the advantage of listing it? Confusing the admin
with lines that are an implementation detail of the OS? Or giving the
admin the suggestion to maybe change the mount point of procfs to /waldo
and see how everyting breaks?
Also, the list in /etc/fstab never was complete anyway. It never listed
/selinux, neither /sys/fs/cgroup (or its predecessor /cgroup), or
/sys/kernel/security, or /dev/hugepages, or /dev/mqueue, or binfmt_misc,
or /sys/kernel/debug, or the rpc_pipefs, or the fuse connections fs.
(Also, this discussion is premature anyway, since I have not asked the
Anaconda team to drop the default procfs/sysfs lines from fstab, and
won't do so before F16).
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the devel
mailing list