diff options
| author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2014-11-27 19:41:49 -0300 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2015-02-03 15:58:03 +0100 |
| commit | d380dde1d2878bd8f09317081960bfc82b0f420b (patch) | |
| tree | 10e7e29c5fe28be4807954d948cc0f75c38dadd1 /system/skeleton | |
| parent | cb8ce5f0016fa14f5e6971e07416ed465e641ff7 (diff) | |
skeleton: make /run a proper directory/filesystem
Making /var/run and /run symlinks to /tmp is bad since the underlying
tmpfs filesystem is mode 1777 which leads to possible security attack
vectors via badly owned/mask-mode pidfiles and state files residing there.
So make /run a proper directory with /var/run symlinked to it.
Eventually all startup scripts and state info should be pointed to /run
directly as per the linux fhs and good practice.
Add a tmpfs filesystem entry for /run so that busybox inittab, systemv
inittab and systemd automount mounts it there to avoid breaking the
system.
While at it fix inconsistent spacing in /etc/fstab by using tabs and
drop the "static file system information" header whatever that means.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'system/skeleton')
| -rw-r--r-- | system/skeleton/etc/fstab | 17 | ||||
| l--------- | system/skeleton/run | 1 | ||||
| -rw-r--r-- | system/skeleton/run/.empty | 0 | ||||
| l--------- | system/skeleton/var/run | 2 |
4 files changed, 9 insertions, 11 deletions
diff --git a/system/skeleton/etc/fstab b/system/skeleton/etc/fstab index e000aadc3..2b418a0eb 100644 --- a/system/skeleton/etc/fstab +++ b/system/skeleton/etc/fstab @@ -1,9 +1,8 @@ -# /etc/fstab: static file system information. -# -# <file system> <mount pt> <type> <options> <dump> <pass> -/dev/root / ext2 rw,noauto 0 1 -proc /proc proc defaults 0 0 -devpts /dev/pts devpts defaults,gid=5,mode=620 0 0 -tmpfs /dev/shm tmpfs mode=0777 0 0 -tmpfs /tmp tmpfs mode=1777 0 0 -sysfs /sys sysfs defaults 0 0 +# <file system> <mount pt> <type> <options> <dump> <pass> +/dev/root / ext2 rw,noauto 0 1 +proc /proc proc defaults 0 0 +devpts /dev/pts devpts defaults,gid=5,mode=620 0 0 +tmpfs /dev/shm tmpfs mode=0777 0 0 +tmpfs /tmp tmpfs mode=1777 0 0 +tmpfs /run tmpfs mode=0755,nosuid,nodev 0 0 +sysfs /sys sysfs defaults 0 0 diff --git a/system/skeleton/run b/system/skeleton/run deleted file mode 120000 index 1c2f433de..000000000 --- a/system/skeleton/run +++ /dev/null @@ -1 +0,0 @@ -tmp
\ No newline at end of file diff --git a/system/skeleton/run/.empty b/system/skeleton/run/.empty new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/system/skeleton/run/.empty diff --git a/system/skeleton/var/run b/system/skeleton/var/run index 1431b0e43..9ab376ec3 120000 --- a/system/skeleton/var/run +++ b/system/skeleton/var/run @@ -1 +1 @@ -../tmp
\ No newline at end of file +../run |