Simplifying the LFS Bootscripts

Archaic archaic at
Sun Jan 9 20:56:42 PST 2005

On Mon, Jan 10, 2005 at 12:25:24AM +0000, Ian Molton wrote:
> I dont follow. what I proposed (and is currently the case) is a script 
> (or pair of scripts) to read and process a set of configuration files 
> (multiple) in a given directory.

Again, that is what I was saying. script foo has the up/down functions.
It reads bar{1,2,3,4...} which hold the parameters for IP, prefix,
device, etc. for each give interface.

> what is important is that any routing / firewalling be in place *before* 
> interfaces are brought up.

Routing doesn't matter and firewalling should be fine-grained enough to
allow for different packets to pass/block depending on interface.
Therefore, the interfaces must already be up. To avoid a window of
opportunity, a default deny_all should be set up before bringing up the
interfaces. But this thread isn't about firewalling, and firewalling
isn't a subject of LFS, so I'll stop here.

> ideally, we need the scripts to:
> 1) Configure interface addresses and parameters.
> 2) Configure routing / firewalling.
> 3) bring up all ONBOOT interfaces.
> In that order.

See above about the fine-grained control of firewalls. They should be
after the interface is up.

> Leading to formerly impossible errors such as a file with one name 
> bringing up an entirely unrelated interface.

You worry too much about PEBKAC. It has always existed and will always
exist. :)

> You do that by centralising common code and breaking it up into neat 
> modules. not by duplicating it abdly in multiple similar files.

Declaring the same variable name with different values in different
files is going to be necessary. It *is* modular.

> If someone cant follow the network bootscripts they shouldnt BE writing 
> bootscripts.

We aren't asking the readers to write the bootscripts, so this statement
seems irrelevant.


The people cannot delegate to government the power to do anything which
would be unlawful for them to do themselves.

- John Locke, "A Treatise Concerning Civil Government"

More information about the lfs-dev mailing list