[ovs-dev] Bug#681880: openvswitch-switch - Automatic changed file in /etc/

Bastian Blank waldi at debian.org
Wed Jul 18 08:00:49 UTC 2012


On Tue, Jul 17, 2012 at 09:31:44AM -0700, Ben Pfaff wrote:
> On Tue, Jul 17, 2012 at 03:20:40PM +0200, Bastian Blank wrote:
> > openvswitch uses a db called /etc/openvswitch/conf.db. This file is
> > programmatic modified and not user editable. This violates §10.7 of the
> > policy.
> Can you be more specific?  10.7.1 defines a configuration file as:
> 
>     A file that affects the operation of a program, or provides site-
>     or host-specific information, or otherwise customizes the behavior
>     of a program.  Typically, configuration files are intended to be
>     modified by the system administrator (if needed or desired) to
>     conform to local policy or to provide more useful site-specific
>     behavior.

This lacks the reference to FHS, which is a normative part of the
policy:

| The /etc hierarchy contains configuration files. A "configuration file"
| is a local file used to control the operation of a program; it must be
| static and cannot be an executable binary.

> /etc/openvswitch/conf.db fits that description.  The first sentence is
> obviously true.

No. It is no configuration file if it is not static.

>                  The second is also true, since the system
> administrator does modify the file.

How does modifying this file with an editor work? How does it survive
read-only /etc?

Bastian

-- 
Klingon phaser attack from front!!!!!
100% Damage to life support!!!!



More information about the dev mailing list