|
|
Subscribe / Log in / New account

Systemd programming, 30 months later

Systemd programming, 30 months later

Posted Oct 5, 2016 16:15 UTC (Wed) by bfields (subscriber, #19510)
In reply to: Systemd programming, 30 months later by nix
Parent article: Systemd programming, 30 months later

I may have asked before, but I'm kind of curious how you've avoided trying it. Recent distributions have it turned on by default, so it generally takes extra configuration steps to disable it.

to post comments

Systemd programming, 30 months later

Posted Oct 5, 2016 22:57 UTC (Wed) by nix (subscriber, #2304) [Link]

I avoided trying it because I *had* to, because it was misconfiguring the pseudoroot :) and because I had an existing NFS installation that, well, is not terribly amenable to pseudorootification (extensive exports from all over the filesystem). I can't survive without it, because my $HOME is on it and the machine doing the exporting is headless. Without working NFS, I can't log in...

Systemd programming, 30 months later

Posted Oct 5, 2016 22:58 UTC (Wed) by nix (subscriber, #2304) [Link] (2 responses)

As an aside, I'm wondering if the bind-mounting I'm doing is confusing things. If you NFS-export /home/.foo, but then bind-mount copiously from out of /home/.foo/* into /home (and /home is on the same filesystem as /home/.foo), would that confuse the pseudoroot-construction code?

Systemd programming, 30 months later

Posted Oct 7, 2016 0:59 UTC (Fri) by bfields (subscriber, #19510) [Link] (1 responses)

I'm scratching my head, trying to remember how that code works....

I suspect this is something the NFS protocol just isn't well-equipped to handle, and I'm a little surprised you haven't run into any odd behavior with NFSv3 too.

That said, I can't think of an immediate reason why the basics shouldn't work, so there may just be a simple bug somewhere. Might be worth a bug report next time you try it, but I'll admit it might not get priority attention.

Systemd programming, 30 months later

Posted Oct 13, 2016 13:48 UTC (Thu) by nix (subscriber, #2304) [Link]

I'm ignoring subtree-hiding issues here -- /home contains nothing other than NFS mounts, bind-mounts (from the NFS mounts and from the stuff we're exporting) and the stuff we're exporting, so there are no security implications of being able to guess cookies, etc.

So... one would hope it works. It certainly seems to work perfectly with NFSv3.

I'll try again one of these days...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds