[Summary/RFC] (Network script) Simplifying the LFS Bootscripts

Nathan Coulson conathan at gmail.com
Sun Jan 9 23:06:10 PST 2005


I do love Alexander's ideas for handling bootscripts, but it does seem
easier just to tell a user to replace his /etc/rc.d/init.d/network
file.

Networking will be left as is.  [except for the hotplug check, I am
going to take that out (Unless someone here says they actually use
it), as well as moving the ONBOOT check to network].

Kevin tells me that the check to see if a interface exists is bad for
ppp, but I am not sure what to replace that with.  [Could do the check
in whatever service scripts require it]

That'll simplify ifup/down it to something like

FILES=whatever;
for file in $FILES; do
  IFCONFIG=${file} /etc/sysconfig/network-devices/services/${SERVICE} up/down
done


On Sun, 9 Jan 2005 21:56:42 -0700, Archaic <archaic at linuxfromscratch.org> wrote:
> On Mon, Jan 10, 2005 at 12:25:24AM +0000, Ian Molton wrote:
> >
> > I dont follow. what I proposed (and is currently the case) is a script
> > (or pair of scripts) to read and process a set of configuration files
> > (multiple) in a given directory.
> 
> Again, that is what I was saying. script foo has the up/down functions.
> It reads bar{1,2,3,4...} which hold the parameters for IP, prefix,
> device, etc. for each give interface.
> 
> > what is important is that any routing / firewalling be in place *before*
> > interfaces are brought up.
> 
> Routing doesn't matter and firewalling should be fine-grained enough to
> allow for different packets to pass/block depending on interface.
> Therefore, the interfaces must already be up. To avoid a window of
> opportunity, a default deny_all should be set up before bringing up the
> interfaces. But this thread isn't about firewalling, and firewalling
> isn't a subject of LFS, so I'll stop here.
> 
> > ideally, we need the scripts to:
> >
> > 1) Configure interface addresses and parameters.
> > 2) Configure routing / firewalling.
> > 3) bring up all ONBOOT interfaces.
> >
> > In that order.
> 
> See above about the fine-grained control of firewalls. They should be
> after the interface is up.
> 
> > Leading to formerly impossible errors such as a file with one name
> > bringing up an entirely unrelated interface.
> 
> You worry too much about PEBKAC. It has always existed and will always
> exist. :)
> 
> > You do that by centralising common code and breaking it up into neat
> > modules. not by duplicating it abdly in multiple similar files.
> 
> Declaring the same variable name with different values in different
> files is going to be necessary. It *is* modular.
> 
> > If someone cant follow the network bootscripts they shouldnt BE writing
> > bootscripts.
> 
> We aren't asking the readers to write the bootscripts, so this statement
> seems irrelevant.
> 
> --
> Archaic
> 
> The people cannot delegate to government the power to do anything which
> would be unlawful for them to do themselves.
> 
> - John Locke, "A Treatise Concerning Civil Government"
> 
> --
> http://linuxfromscratch.org/mailman/listinfo/lfs-dev
> FAQ: http://www.linuxfromscratch.org/faq/
> Unsubscribe: See the above information page
> 


-- 
Nathan Coulson (conathan)
------
nathan at linuxfromscratch org
conathan at gmail com



More information about the lfs-dev mailing list