On Mon, Jul 7, 2014, at 10:35 AM, Lennart Poettering wrote: > And of course, it's the most reasonable thing to do really, as in > today's world it's populated dynamically from DHCP more often than not, > and hence more runtime material than static configuration material.
I agree. But... > Humm, well, NM really shouldn't write around in /etc all the time. This is Anaconda, not NM, though its goal is to propagate network configuration from the runtime system to the target which is using NetworkManager and most specifically redhat initscripts ifcfg files. > For > most cases it really should consider /etc read-only. In fact, I wished > it would be written in a style that makes sure ProtectSystem=full can be > used on it, i.e. with write access to /run, but certainly never to /etc. Yes, NM is happy with it being a symbolic link for that reason, but: > I really don't see anything to fix here in systemd. Anaconda should be > fixed. Two things: First, there's the case where resolved is compiled out; right now systemd is unconditionally creating the link. This patch addresses that as well. Now for the Fedora case, we're really talking about quite a number of system creation tools that are not ready for this. This is also reflected in the fact that the systemd unit file is disabled by default. We could carry the patch downstream I guess. Or maybe this gets more into a case where we want parts of tmpfiles.d snippets tied to services being enabled, not just installed. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
