Re: Moving rc.d scripts to base.tgz

[Julio Merino <jmmv%julipedia.org@localhost>]

On Thu, Apr 14, 2011 at 5:25 PM, Thor Lancelot Simon <tls%panix.com@localhost> 
wrote:
> On Thu, Apr 14, 2011 at 01:40:39PM +0100, Julio Merino wrote:
>> Hello,
>>
>> Every time I run etcupdate and notice differences in the rc.d scripts,
>> I can't stop wondering why these binaries are part of etc.tgz (other
>> than them being in /etc/).
>
> I have confronted this issue myself repeatedly while trying to build
> secure systems whose configuration can be updated.  The presence of all
> this interpreter input in /etc means one can't safely leave /etc
> mounted read-write ("configuration data" can be written) while leaving
> the rest of the system mounted read-only ("binaries" can't).
>
> I know it will raise a storm of protest but I would actually like to
> see all the shell input in /etc move to a different directory to make
> it easier to build systems secured in this way without resorting to
> much more complicated solutions such as veriexec.

I actually explicitly avoided mentioning moving the files, but it was
in my mind :-)  That said, your goal is different than mine (don't get
me wrong; I think it's a worthy goal as well).

I presume moving the files and installing some compatibility symlinks
(for one or two releases) would please some protesters.  That said...
you can move rc out of /etc, but what do you do with rc.conf?  It is
just a shell script...

Also, somewhat related: as mentioned in my previous email... maybe the
only way to achieve my proposal without causing upgrade problems to
people that already have custom modifications to their files is to,
actually, move the files to a different place out of /etc.

-- 
Julio Merino / @jmmv