Shutdown Scripts (was wiser ifdown-eth0 script is needed)

DJ Lucas dj_me at swbell.net
Mon Oct 14 09:39:53 PDT 2002


DJ Lucas wrote:

> I would not even consider recomending a change in lfs-bootscripts until
> BLFS has reached a 1.0 release, and we have a seperate devel vs
> stable base to work with.

Been thinking more and more about this particular point.  People are using
the current cvs in various ways.  Some are testing/editing/rewriting, while
some are using it in only bits and pieces, and still others are using it as
THE definative step by step guide.  If this change waited untill BLFS
reached a stable release of 1.0 (coinciding with LFS 4.0)...when LFS hits
4.1 with the changes that are currently suggested nothing will be broken as
it stands now.

K80network --> K50network
K50sendsignals --> K55sendsignals

The thing that did strike me, is that the way LFS is now, things look nice
and clean with everything in multiples of ten.  In which case, LFS might
better like the following:

K40sysklogd
K50network
K60sendsignals
K70mountfs
K80swap
K90localnet
K99halt/K99reboot


Does this break the firewall stop script or create a security vulnerability?
Obviously the firewall has to be stopped before mountfs is run at 70,
(before the disks are not writable), but does it need to be run after
sendsignals for security reasons?  I'd think not as the network is already
down.  But I seem to remember this being mentioned somewhere on blfs.dev not
too long ago.
Perhaps if one of the stop scripts failed to execute correctly, then this
would leave a security vulnerability for a few brief seconds (1~5/100ths of
a second??).  IIRC that was the jist of the discussion I had seen.

DJ Lucas


-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-dev' in the subject header of the message



More information about the blfs-dev mailing list