Re: Support for merged-/usr now in debootstrap; default for stretch?

[Marco d'Itri]

On Sep 14, Felipe Sateler  wrote:

> I agree that merging /usr is a good thing to do. We should default to 
> that, and at some point force the merge somehow (via the usrmerge package?
To be fair, I have implemented this as a switch only because I expected 
that somebody would have complained about the lack of an opt-out 
mechanism.
Since merged-/usr has significant benefits and is the scheme used 
RHEL/Centos/Fedora I think that it should be the default for us as well.

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Re: Support for merged-/usr now in debootstrap; default for stretch?

[Felipe Sateler]

On Wed, 14 Sep 2016 16:50:13 +0200, Pierre Chifflier wrote:

> On Wed, Sep 14, 2016 at 02:38:09PM +, Felipe Sateler wrote:
>> On Tue, 13 Sep 2016 22:36:58 +0200, Ansgar Burchardt wrote:
>> 
>> > Hi,
>> > 
>> > debootstrap in unstable can now install with merged-/usr, that is
>> > with /bin, /sbin, /lib* being symlinks to their counterpart in /usr. 
>> > Run
>> > 
>> >   debootstrap --merged-usr testing .../testing
>> >   http://deb.debian.org/debian
>> > 
>> > to give it a try.
>> > 
>> > It has been previously suggested to make this the default for (at
>> > least)
>> > new installations.  I think Russ' earlier mail[1] explains quite well
>> > why the "split" between / and /usr doesn't really work out for Debian
>> > these days and that trying to maintain it for some configurations
>> > (which are not documented) is mostly busy-work.  There is also a nice
>> > article on LWN[2] summarizing earlier discussions.
>> > 
>> > I found these arguments convincing enough and would like to see the
>> > default switched to merged-/usr for Stretch and later.  Possibly also
>> > switching systems on upgrade to the new scheme (not necessarily
>> > already in the Stretch release cycle).
>> 
>> I agree that merging /usr is a good thing to do. We should default to
>> that, and at some point force the merge somehow (via the usrmerge
>> package?
>> ). Ideally, stretch systems that are fresh-installed should have the
>> same configuration as stretch-upgraded systems, otherwise confusion
>> will ensue.
>> 
>> 
> Hi,
> 
> Except that breaks having different mount points, which is useful to
> enforce different mount options (my /usr is nodev,ro).

You seem to misunderstand. The proposal is to move everything from /bin, /
sbin, /lib{,64,32,...} into /usr/$dir. It does not prevent having /usr in 
a separate partition.

Please see the references in Ansgar's original mail.

> Does this mean this cannot be supported anymore ? It would be a step
> backward, security-speaking, if split /usr does not work at all.

Split /usr is still supported, but it has to be mounted by the initramfs. 
All initramfs providers in debian do so for stretch. Even more, having a 
split /usr that is not mounted by the initramfs is not supported:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830829

-- 
Saludos,
Felipe Sateler

Re: Support for merged-/usr now in debootstrap; default for stretch?

[Felipe Sateler]

On Tue, 13 Sep 2016 22:36:58 +0200, Ansgar Burchardt wrote:

> Hi,
> 
> debootstrap in unstable can now install with merged-/usr, that is with
> /bin, /sbin, /lib* being symlinks to their counterpart in /usr.  Run
> 
>   debootstrap --merged-usr testing .../testing
>   http://deb.debian.org/debian
> 
> to give it a try.
> 
> It has been previously suggested to make this the default for (at least)
> new installations.  I think Russ' earlier mail[1] explains quite well
> why the "split" between / and /usr doesn't really work out for Debian
> these days and that trying to maintain it for some configurations (which
> are not documented) is mostly busy-work.  There is also a nice article
> on LWN[2] summarizing earlier discussions.
> 
> I found these arguments convincing enough and would like to see the
> default switched to merged-/usr for Stretch and later.  Possibly also
> switching systems on upgrade to the new scheme (not necessarily already
> in the Stretch release cycle).

I agree that merging /usr is a good thing to do. We should default to 
that, and at some point force the merge somehow (via the usrmerge package?
). Ideally, stretch systems that are fresh-installed should have the same 
configuration as stretch-upgraded systems, otherwise confusion will ensue.

-- 
Saludos,
Felipe Sateler

Re: Support for merged-/usr now in debootstrap; default for stretch?

[Pierre Chifflier]

On Wed, Sep 14, 2016 at 02:38:09PM +, Felipe Sateler wrote:
> On Tue, 13 Sep 2016 22:36:58 +0200, Ansgar Burchardt wrote:
> 
> > Hi,
> > 
> > debootstrap in unstable can now install with merged-/usr, that is with
> > /bin, /sbin, /lib* being symlinks to their counterpart in /usr.  Run
> > 
> >   debootstrap --merged-usr testing .../testing
> >   http://deb.debian.org/debian
> > 
> > to give it a try.
> > 
> > It has been previously suggested to make this the default for (at least)
> > new installations.  I think Russ' earlier mail[1] explains quite well
> > why the "split" between / and /usr doesn't really work out for Debian
> > these days and that trying to maintain it for some configurations (which
> > are not documented) is mostly busy-work.  There is also a nice article
> > on LWN[2] summarizing earlier discussions.
> > 
> > I found these arguments convincing enough and would like to see the
> > default switched to merged-/usr for Stretch and later.  Possibly also
> > switching systems on upgrade to the new scheme (not necessarily already
> > in the Stretch release cycle).
> 
> I agree that merging /usr is a good thing to do. We should default to 
> that, and at some point force the merge somehow (via the usrmerge package?
> ). Ideally, stretch systems that are fresh-installed should have the same 
> configuration as stretch-upgraded systems, otherwise confusion will ensue.
> 

Hi,

Except that breaks having different mount points, which is useful to
enforce different mount options (my /usr is nodev,ro).
Does this mean this cannot be supported anymore ? It would be a step
backward, security-speaking, if split /usr does not work at all.

Regards,
Pierre