User: Password:
Subscribe / Log in / New account



Posted Sep 29, 2005 18:11 UTC (Thu) by tkreagan (subscriber, #4548)
Parent article: securityfs

Can someone explain the necessity of this new filesystem? It seems a little weird to me (and this is probably just my ignorance) that we are adding a filesystem with no built-in implementation, instead with overloaded functions from the modules, but we can't add ReiserFS because it does similar things.

I certainly don't agree with letting ReiserFS add overloaded calls to implement its functionality, but why are we letting the security sub-systems do the same thing? What do they need that isn't already there?


(Log in to post comments)


Posted Sep 29, 2005 20:27 UTC (Thu) by anonymous21 (guest, #30106) [Link]

Securityfs is a pseudo-filesystem where you can only have files and directories _in memory_ to configure those security modules. Securityfs is built on top of the VFS and is only a few lines long.


Posted Sep 30, 2005 6:38 UTC (Fri) by astrand (guest, #4908) [Link]

The kernel patch might just be a few lines long, but every new file system will mean that extra work needs to be done *outside* the kernel: Every distribution needs a new line to /etc/fstab, modifications to rc.sysinit (or similiar). The output from "mount" will be even harder to read, and all users will se *yet* another strange directory when browsing /.

As a side note, I don't really like that the desktop environments are moving away from / as the "root" and introducing concepts like "My Computer" instead, but if / is getting filled up with strange directores...

Can someone explain to me why it's impossible to create a tree with sysfs and securityfs semantics below /proc/sysfs and /proc/securityfs?

/proc was abused

Posted Sep 30, 2005 11:04 UTC (Fri) by alex (subscriber, #1355) [Link]

Its not impossible. However all this stuff was moved out of /proc for a reason. /proc is meant to be about processes, not the innards of how your system works. However it has been historically abused as the dumping ground for any number of random interfaces to kernel behaviour.

/proc was abused

Posted Sep 30, 2005 11:34 UTC (Fri) by astrand (guest, #4908) [Link]

But /proc as a generic kernel interface has worked very good. I've never heard complaints about that /proc contains stuff that's not about processes.

And even if the intention is to move things out of /proc so that it's only about processes, why is it not enough with *one* additional kernel interface?

/proc was abused

Posted Sep 30, 2005 11:54 UTC (Fri) by alex (subscriber, #1355) [Link]

Well you've only really got /proc, /dev and /sys which covers the three different paradigms. Does it really matter how much is in / anyway? After all I spend most of my time in /home/alex which is which I can organise however I want.

/proc was abused

Posted Sep 30, 2005 12:00 UTC (Fri) by astrand (guest, #4908) [Link]

>Does it really matter how much is in / anyway?

Yes. Sometimes you need to browse to /tmp, /media/cdrom, /net/import/mirrors and stuff like that.


Posted Oct 6, 2005 13:33 UTC (Thu) by efexis (guest, #26355) [Link]

All these directories in the root put off the not-so-tech-savvy desktop user. I'd go for creating a /system, and moving /proc, /sys, and yeah, even /dev into it. Whilst I have no problem putting anything anywhere on the filesystem, there's no denying that in it's currently layout, it's incredibly ugly.

Yes I know the work involved, which is why I've not done it :-p


Posted Oct 6, 2005 17:42 UTC (Thu) by peschmae (guest, #32292) [Link]

Then tell me what your not-so-tech-savvy desktop user has lost in /

Well, right, once in a while they get lost - but on their random walk down the file system they might just as well lose themselves in your /system directory as in /


Posted Oct 9, 2005 10:10 UTC (Sun) by nicolas@jungers (subscriber, #7579) [Link]

Then tell me what your not-so-tech-savvy desktop user has lost in /

I think that the lambda user expect to be lost in /system but to clearly understand what's on _his_ computer. The difference is the isolation of the acknowledged unmastered stuffs in one conceptually mastered place. Most l-users I know understand perfectly well the concept of root (everything on _their_ computer) in regard of the concept of home (all my personal stuffs and the personal stuffs of anybody I allow to use my computer).


Posted Oct 11, 2005 4:06 UTC (Tue) by efexis (guest, #26355) [Link]

um... what??? Taking that to the extreme would be to say that whole
cities may as well be built like mazes, without signposts or maps. Sure
people might get lost, but as they are able to wonder into real mazes and
get lost should they decide to, they may as well get lost outside them

As I said, taken to the extreme, to illustrate a point. You could think
of better closer to real-world examples if you put their mind to it.
Maybe the electrics or pipes, and the meters they connect to that run
through office blocks? Electricions/plumbers can get to them if they need
to repair or make modifications to them, they have the knowledge, the
tools. But if you just want to work in the office, and especially to
employ others to, you want the stuff that's not needed out of the way.
It's consciously/subconsciously processed everytime it's seen,
clouding the mind, and creating a greater feeling of unfamiliarity.

How can that possibly be a good thing?

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds