-
Notifications
You must be signed in to change notification settings - Fork 97
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NAS-124055 / 24.04 / Implement dataset-based filesystem hierarchy #494
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bugclerk
changed the title
Implement dataset-based filesystem hierarchy
NAS-124055 / 24.04 / Implement dataset-based filesystem hierarchy
Sep 11, 2023
This PR depends on truenas/middleware#12075 (WIP) |
Create filesystem hierarchy for new boot environments based on specifications in fhs.py file in truenas_install directory. This gives us more flexibility regarding which parts of FS to make readonly, and also identifying precise local changes from a pristine environment that users have made to system files. Precise settings detailed in comments in the specification file. Overall, this gives better posture for STIG compliance regarding auditability and prevention of unauthorized OS changes.
anodos325
force-pushed
the
fhs-datasets
branch
from
September 11, 2023 20:14
50a72a4
to
5630e46
Compare
sonicaj
reviewed
Sep 12, 2023
sonicaj
reviewed
Sep 12, 2023
themylogin
requested changes
Sep 12, 2023
anodos325
force-pushed
the
fhs-datasets
branch
from
September 13, 2023 15:10
3ec712c
to
f4447fa
Compare
sonicaj
approved these changes
Sep 13, 2023
themylogin
approved these changes
Sep 13, 2023
yocalebo
approved these changes
Sep 13, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Create filesystem hierarchy for new boot environments based
on specifications in fhs.py file in truenas_install directory.
This gives us more flexibility regarding which parts of FS to
make readonly, and also identifying precise local changes from
a pristine environment that users have made to system files.
Precise settings detailed in comments in the specification file.
Overall, this gives better posture for STIG compliance regarding
auditability and prevention of unauthorized OS changes.