Subject: Re: Getting rid of /dev/veriexec
To: Pavel Cahyna <firstname.lastname@example.org>
From: Garrett D'Amore <email@example.com>
Date: 12/03/2005 18:54:29
Pavel Cahyna wrote:
>On Sat, Dec 03, 2005 at 01:24:48PM -0500, Thor Lancelot Simon wrote:
>>On Sat, Dec 03, 2005 at 09:38:40AM +0000, Rui Paulo wrote:
>>>On 2005.12.02 11:06:24 -0500, der Mouse wrote:
>>>| It is. sysctl is. I've often considered building a sysctlfs, which
>>>| would present the sysctl hierarchy and data in a filesystem form.
>>>I suppose we had the same idea :-)
>>I agree that it is a good idea to keep this stuff within the filesystem
>>namespace. I do not, however, think that we should use normal filesystem
>>system calls to access the data.
>>I have some painful experience with coherency issues between the kernel,
>>userspace, and multiple processes in kernfs on Linux and I do *not* want
>>to go there again. (...)
>You mean the (in)famous Linux method: echo 1 > /proc/sys/kernel/foo ?
>This is really hateful.
>Or "echo scsi add-single-device ... > /proc/scsi/scsi" [*]
>which is even "better".
>[*] I actually had to do
>"echo scsi add-single-device ... | dd of=/proc/scsi/scsi" instead, don't ask
Actually, as "hateful" as this method is, I recall recently doing the
same thing on Solaris. The reason for this was that I needed some
generic access to kernel tunables that had to be done before /usr was
mounted -- therefore I couldn't use a "safe" binary (static binaries are
"not supported" in Solaris, at least no binary compatibility guarantees.)
Garrett D'Amore http://www.tadpolecomputer.com/
Sr. Staff Engineer Extending the Power of 64-bit UNIX Computing
Tadpole Computer, Inc. Phone: (951) 325-2134