Re: what are the pros and cons of running in single user?
mailing lists at MacTutor wrote: I have a machine running 4.10-STABLE that will be a dedicated gateway with a router/firewall combo and web server plus mysql server (maybe). What would be the pros and cons of running this system single user? Processes that run under their own uid, would they be able to run? Just curious. Any extra thoughts welcome. er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), not regular operations. Perhaps you meant something else or I just haven't had enough caffeine yet... EB ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
On Thu, 16 Sep 2004, Ed Budd wrote: mailing lists at MacTutor wrote: I have a machine running 4.10-STABLE that will be a dedicated gateway with a router/firewall combo and web server plus mysql server (maybe). What would be the pros and cons of running this system single user? Processes that run under their own uid, would they be able to run? Just curious. Any extra thoughts welcome. er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), not regular operations. Perhaps you meant something else or I just haven't had enough caffeine yet... Single-user mode refers to the point in the boot process prior to running the startup scripts that make multi-user services available: for instance, mounting all drives, turning on swap, configuring network interfaces, starting daemons etc. and potentially most importantly, setting the securelevel. Unlike the sysV init, there is no real magic about single-user mode apart from the fact that you can get init to stop the boot process and drop you directly into a shell in single-user mode. Running shutdown drops you into much the same state - that is, it kills off daemon processes etc. so that the machine can be administered* without unexpected interference from spurious processes. However, there's nothing (in principle) stopping you from kicking off those processes again, providing their environmental needs are satisfied. So to answer the question: you can certainly tune the scripts and services available that launch you into multi-user mode to get a minimum profile on the machine. However if you modify rc to the extent that it turns on everything you need in order to set up bridging, run a few daemons etc then you're effectively duplicating the multiuser startup anyway. jan * modulo securelevel changes which can only be reverted via reboot. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ The Java disclaimer: values of 'anywhere' may vary between regions. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
I have a machine running 4.10-STABLE that will be a dedicated gateway with a router/firewall combo and web server plus mysql server (maybe). What would be the pros and cons of running this system single user? Processes that run under their own uid, would they be able to run? Just curious. Any extra thoughts welcome. I wonder if you have your terminology a little skewed. Single User mode does not just mean that only one user is allowed on the machine. It is probably an inappropriate name for the situation actually. It really means that almost all of system services, utilities and applications are shut down and only very basic kernel stuff is up and running. You have to run that single user from the console (or remote console). This is a little different from SysV Sun kind of single user run setting where you can just kick off all users, but have almost all of the system still up and running. That is kind of a partial shutdown. BSD doesn't really have that, though I suppose you could simulate it by moungin stuff and carefully starting things from its single user mode - create a script that will do what you want, but... You could do other things to prevent any other users to get on the fully running system and only allow yourself. But, I don't think what you want is what is called single user mode for that. jerry Thanks, Alex - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Alexander Sendzimir (owner)802 863 5502 MacTutor: Apple Mac OS X Consulting [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
On 2004-09-16 09:11, Ed Budd [EMAIL PROTECTED] wrote: er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), Well, you can always bring up the network interfaces manually ;-) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
jan, I agree with what you say about tuning the startup scripts. In my relatively limited experience as a system admin., I think this is the 'better' thing to do. Perhaps you would agree. My next step is to understand the kernel security levels and what each one entails. But, that I can, hopefully, look up. thanks, alex On Sep 16, 2004, at 9:56 AM, Jan Grant wrote: On Thu, 16 Sep 2004, Ed Budd wrote: mailing lists at MacTutor wrote: I have a machine running 4.10-STABLE that will be a dedicated gateway with a router/firewall combo and web server plus mysql server (maybe). What would be the pros and cons of running this system single user? Processes that run under their own uid, would they be able to run? Just curious. Any extra thoughts welcome. er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), not regular operations. Perhaps you meant something else or I just haven't had enough caffeine yet... snip So to answer the question: you can certainly tune the scripts and services available that launch you into multi-user mode to get a minimum profile on the machine. However if you modify rc to the extent that it turns on everything you need in order to set up bridging, run a few daemons etc then you're effectively duplicating the multiuser startup anyway. jan * modulo securelevel changes which can only be reverted via reboot. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ The Java disclaimer: values of 'anywhere' may vary between regions. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Alexander Sendzimir (owner)802 863 5502 MacTutor: Apple Mac OS X Consulting [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
On Thu, Sep 16, 2004 at 06:01:13PM +0300, Giorgos Keramidas probably wrote: On 2004-09-16 09:11, Ed Budd [EMAIL PROTECTED] wrote: er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), Well, you can always bring up the network interfaces manually ;-) Actually, that's what /etc/netstart is for. -- DoubleF Carmel, New York, has an ordinance forbidding men to wear coats and trousers that don't match. pgpWZZx2xOpp0.pgp Description: PGP signature
Re: what are the pros and cons of running in single user?
Now might be a good time for me to point out that I'm learning some subtle and useful things about system startup that is helping me think about how I might customize system start up if I go that route. Thanks to everyone who's responding. alex On Sep 16, 2004, at 1:31 PM, Sergey Zaharchenko wrote: On Thu, Sep 16, 2004 at 06:01:13PM +0300, Giorgos Keramidas probably wrote: On 2004-09-16 09:11, Ed Budd [EMAIL PROTECTED] wrote: er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), Well, you can always bring up the network interfaces manually ;-) Actually, that's what /etc/netstart is for. -- DoubleF Carmel, New York, has an ordinance forbidding men to wear coats and trousers that don't match. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Alexander Sendzimir (owner)802 863 5502 MacTutor: Apple Mac OS X Consulting [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
On 2004-09-16 13:39, mailing lists at MacTutor [EMAIL PROTECTED] wrote: On Sep 16, 2004, at 1:31 PM, Sergey Zaharchenko wrote: On Thu, Sep 16, 2004 at 06:01:13PM +0300, Giorgos Keramidas probably wrote: On 2004-09-16 09:11, Ed Budd [EMAIL PROTECTED] wrote: er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), Well, you can always bring up the network interfaces manually ;-) Actually, that's what /etc/netstart is for. Now might be a good time for me to point out that I'm learning some subtle and useful things about system startup that is helping me think about how I might customize system start up if I go that route. Hmmm. Don't get me wrong, but you shouldn't go that route. Other than purely educational and system recovery reasons there's no real gain in getting your system up in single user mode and manually doing what the startup scripts will do automagically for you when properly configured. Regards, Giorgos ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
On Thu, Sep 16, 2004 at 08:53:03PM +0300, Giorgos Keramidas probably wrote: On 2004-09-16 13:39, mailing lists at MacTutor [EMAIL PROTECTED] wrote: On Sep 16, 2004, at 1:31 PM, Sergey Zaharchenko wrote: On Thu, Sep 16, 2004 at 06:01:13PM +0300, Giorgos Keramidas probably wrote: On 2004-09-16 09:11, Ed Budd [EMAIL PROTECTED] wrote: er...doesn't single user mode mean no networking? My understanding is that this is really only for maintenance (ie. make installworld, etc.), Well, you can always bring up the network interfaces manually ;-) Actually, that's what /etc/netstart is for. Now might be a good time for me to point out that I'm learning some subtle and useful things about system startup that is helping me think about how I might customize system start up if I go that route. Hmmm. Don't get me wrong, but you shouldn't go that route. Other than I thought `that route' == `customize system start up' according to the scoping rules:) purely educational and system recovery reasons there's no real gain in getting your system up in single user mode and manually doing what the startup scripts will do automagically for you when properly configured. True, single-user mode is not intended to be the normal way of booting up a system. It's a bit like having to start up your heart, lungs, etc. when you get up --- if you forget something, things would go wrong:). Any security gained from single user mode can be achieved in multi-user mode with proper configuration. Still, stuff learnt for purely education reasons sometimes helps. Regards, Giorgos -- DoubleF Any sufficiently advanced bug is indistinguishable from a feature. -- Rich Kulawiec pgpDuDEB6kn16.pgp Description: PGP signature
Re: what are the pros and cons of running in single user?
On 2004-09-16 22:13, Sergey Zaharchenko [EMAIL PROTECTED] wrote: On Thu, Sep 16, 2004 at 08:53:03PM +0300, Giorgos Keramidas wrote: Hmmm. Don't get me wrong, but you shouldn't go that route. I thought `that route' == `customize system start up' according to the scoping rules:) Actually (and perhaps this was a misunderstanding on my part) what I meant by that route was to boot single user and then bring up the system piece by piece, starting only the parts that are deemed absolutely necessary (for some definition of ansolutely and necessary). Other than purely educational and system recovery reasons there's no real gain in getting your system up in single user mode and manually doing what the startup scripts will do automagically for you when properly configured. [...] Still, stuff learnt for purely education reasons sometimes helps. Heh, yeah. I still remember fondly the day I rewrote all the rc scripts of my Slackware system from scratch to give them a colourful look and feel, much like the way Redhat would do things back then. I've grown out of my childish behavior of adding colours everywhere now, but the amount of learning I gained from this was immense ;-) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
what are the pros and cons of running in single user?
I have a machine running 4.10-STABLE that will be a dedicated gateway with a router/firewall combo and web server plus mysql server (maybe). What would be the pros and cons of running this system single user? Processes that run under their own uid, would they be able to run? Just curious. Any extra thoughts welcome. Thanks, Alex - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Alexander Sendzimir (owner)802 863 5502 MacTutor: Apple Mac OS X Consulting [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what are the pros and cons of running in single user?
On Wed, 15 Sep 2004 21:44:44 -0400 mailing lists at MacTutor [EMAIL PROTECTED] wrote: I have a machine running 4.10-STABLE that will be a dedicated gateway with a router/firewall combo and web server plus mysql server (maybe). What would be the pros and cons of running this system single user? Processes that run under their own uid, would they be able to run? Just curious. Any extra thoughts welcome. Huh? There are benefits to booting into single user other fixing stuff? The major problem, besides some things are not setup for you, is the lack of security. Yeah, that process should be able to change users afaik. Just requires that user be in the passwd file. BTW any one know a appropriate section in the manual for refrencing for stuff like this. Can't think of any off hand to point some one towards that contains info and ect on this. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
