Simplifying the LFS Bootscripts

Archaic archaic at linuxfromscratch.org
Sun Jan 9 20:56:42 PST 2005


On Mon, Jan 10, 2005 at 12:25:24AM +0000, Ian Molton wrote:
> 
> I dont follow. what I proposed (and is currently the case) is a script 
> (or pair of scripts) to read and process a set of configuration files 
> (multiple) in a given directory.

Again, that is what I was saying. script foo has the up/down functions.
It reads bar{1,2,3,4...} which hold the parameters for IP, prefix,
device, etc. for each give interface.

> what is important is that any routing / firewalling be in place *before* 
> interfaces are brought up.

Routing doesn't matter and firewalling should be fine-grained enough to
allow for different packets to pass/block depending on interface.
Therefore, the interfaces must already be up. To avoid a window of
opportunity, a default deny_all should be set up before bringing up the
interfaces. But this thread isn't about firewalling, and firewalling
isn't a subject of LFS, so I'll stop here.

> ideally, we need the scripts to:
> 
> 1) Configure interface addresses and parameters.
> 2) Configure routing / firewalling.
> 3) bring up all ONBOOT interfaces.
> 
> In that order.

See above about the fine-grained control of firewalls. They should be
after the interface is up.

> Leading to formerly impossible errors such as a file with one name 
> bringing up an entirely unrelated interface.

You worry too much about PEBKAC. It has always existed and will always
exist. :)

> You do that by centralising common code and breaking it up into neat 
> modules. not by duplicating it abdly in multiple similar files.

Declaring the same variable name with different values in different
files is going to be necessary. It *is* modular.

> If someone cant follow the network bootscripts they shouldnt BE writing 
> bootscripts.

We aren't asking the readers to write the bootscripts, so this statement
seems irrelevant.

-- 
Archaic

The people cannot delegate to government the power to do anything which
would be unlawful for them to do themselves.

- John Locke, "A Treatise Concerning Civil Government"




More information about the lfs-dev mailing list