Subject: Re: I need some help adding another mount to nfs_mountroot()....
To: Ignatios Souvatzis <ignatios@theory.cs.uni-bonn.de>
From: Greg A. Woods <woods@weird.com>
List: tech-kern
Date: 10/07/2003 16:43:13
[ On Tuesday, October 7, 2003 at 13:19:49 (+0200), Ignatios Souvatzis wrote: ]
> Subject: Re: I need some help adding another mount to nfs_mountroot()....
>
> are you aware of what I did... e.g. http://eurobsdcon.org/papers/#souvatzis ?
>
> (This is for N identically configured clients.)
Hmmm... yes I was marginally aware of your work.
On re-reading your paper though I realized why I had wanted to go in a
somewhat different direction.
I have somewhat different security requirements than you did for your
work and I really do want to share the actual root filesystem of the
server itself.
This means I need some smarter way to identify a client and get a unique
per-client copy of /etc mounted. I could do it in /etc/rc, or in
something new like /sbin/boot.rc I suppose, and use the fact the kernel
already has a hostname from DHCP or bootparams (along with perhaps the
fact that the root filesystem is on NFS) to know when to do this and
which remote directory to mount.
However I think I'm so close to making the first step of mounting a
client-specific /etc by NFS work in the kernel at boot time that I'd
like to try to continue on the path I'm on for now.
For some reason I had a mind block of some sort preventing me from
thinking about using unionfs mounts on the client system, but luckily
re-reading your paper cleared some of my fog away. I think this is how
I'll handle /var as I have somewhat different security requirements than
you did for your work.
I'm not quite sure how I could make this work for /etc, though perhaps I
can juggle the /etc NFS mount from userland (i.e. from /etc/rc) such
that I can replace it, or overlay it, with a unionfs mount.
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>