lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080306214218.GA886@elte.hu>
Date:	Thu, 6 Mar 2008 22:42:18 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Pavel Machek <pavel@....cz>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	Pawel Plociennik <paplociennik@...il.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2.6.24] chroot= as a new kernel parameter


* Pavel Machek <pavel@....cz> wrote:

> No, that will not work, if you don't have libraries at /. This should
> be exact replacement:
> 
> init=/working_distro/lib/ld-linux.so.2 --library-path 
> /working_distro/lib /working_distro/usr/sbin/chroot /working_distro/ 
> /sbin/init

ouch ...

> ...assuming your chroot uses ld-linux.so.2. I believe above is ugly 
> enough to warrant merge of chroot= option.
> 
> ...heck, how many tries would it take to get that right? Is chroot 
> /usr/sbin or /sbin?
> 
> This really should be in kernel, I should not have to partition my
> disk to get booting to few different distros.

agreed ...

i really find it so disheartening at times that people fight trivial 
usability additions tooth and nail in a _9 million lines of code_ kernel 
with a ... "bloat" argument.

Lets face it: Linux is _still_ hard and a pain to administer, our kernel 
boot parameters are ad-hoc, they dont match up to the .config parameters 
and it is all a total mess. There's absolutely no design behind them 
(look at all the inconsistent parameter forms for turning off smp, acpi, 
hpet, nohz, etc.).

if RAM overhead of a new boot option would really be an issue on smaller 
setups then the right solution is to make a new .config option that 
hardcodes a specific command line and _disable_ all the commandline 
parsing. That would also be a nice security feature for certain setups 
and would save _a lot more_ RAM than another rejected boot parameter. 
Really, all the 'bloat' based objections are totally, utterly silly.

i had a similar experience when i added the relatime boot option:

  http://people.redhat.com/mingo/relatime-patches/improve-relatime.patch

Look back the lkml discussion for all the "bloat" and "use /etc/fstab" 
clowning around that happened when i sent that patch ... and we still 
have no good configuration vectors to turn atime off. I'd rate it good 
comedy that happened around that patch: "Kernel hackers shoot in their 
own foot and are proud of it".

multiple, consistent vectors for configurability are _GOOD_. That was 
the success story behind Apache. Forcing everyone into a "you must use 
an initrd for this" idea is 80's thinking and actively harmful to Linux.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ