On Mon, 23 Oct 2000, Manuel Bouyer wrote:

> If you intend to let users to log in, then you'll need a writeable /dev
> too.

Aha.  Is this just for the chown of /dev/tty, or are there other side
effects?

> Here's what I've done for my sparc machines I use as telnet/ssh gateway:
> /, /usr, /netroot and /tripwire are on a R/O filesystem (in my case a scsi
> disk which have the appropriate jumper, but this shouldn't matter).
> /netroot/home, /netroot/dev and /netroot/var are mounted R/W, noexec for all
> and nodev for /netroot/home & /netroot/var (/netroot/dev is writable by
> root ony anyway, and you can play with chflags to limit what can be done).
> As you guessed, inetd & ssh are chrooted to /netroot.
> /netroot has only a limited set of binaries (not mount, for example),
> /netroot/dev a limited set of devices (tty/pty, zero, null, ... no disks of
> course).
> 
> inside /var there are symlinks to /netroot/var for appropriate directories
> (log, acct, run). /netroot/etc is a symlink to /netroot/var/netetc, so that
> passwd, skey & all are writable.

Ahhh... a different approach.  Something makes me shy away from using NFS
and having a local disk, but I will re-examine my motives for such thoughts. 

My current choice would be to make it a standalone entity which boots,
does ipnat and ipf, and resets itself every n minutes/days/etc...

> BTW a local disk is usefull anyway, for logs & accounting.

Yeah, but it's another thing that sometime, someday, somewhere will start
grinding and spitting at me.  Plus, I don't like the idea of having a
mutable entity as my bastion, but again, I will re-examine my motives for
such ideas to make sure they're still practical and obtainable.

Thanks much for the info.

-Jon
 --------------------------------------------------------------------
 "Trout are freshwater fish, and have underwater weapons."
 "Zing, zing zing zing!"
 "Keep away from the trout."
 -- The opinions expressed are not necesarily those of my employer --
 "Who stole my lawn?"