Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NAS-124055 / 24.04 / Implement dataset-based filesystem hierarchy #494

Merged
merged 5 commits into from
Sep 13, 2023

Conversation

anodos325
Copy link
Contributor

Create filesystem hierarchy for new boot environments based
on specifications in fhs.py file in truenas_install directory.

This gives us more flexibility regarding which parts of FS to
make readonly, and also identifying precise local changes from
a pristine environment that users have made to system files.

Precise settings detailed in comments in the specification file.
Overall, this gives better posture for STIG compliance regarding
auditability and prevention of unauthorized OS changes.

@anodos325 anodos325 added the jira label Sep 11, 2023
@bugclerk
Copy link
Contributor

@bugclerk bugclerk changed the title Implement dataset-based filesystem hierarchy NAS-124055 / 24.04 / Implement dataset-based filesystem hierarchy Sep 11, 2023
@anodos325
Copy link
Contributor Author

This PR depends on truenas/middleware#12075 (WIP)

@anodos325 anodos325 requested a review from yocalebo September 11, 2023 19:52
Create filesystem hierarchy for new boot environments based
on specifications in fhs.py file in truenas_install directory.

This gives us more flexibility regarding which parts of FS to
make readonly, and also identifying precise local changes from
a pristine environment that users have made to system files.

Precise settings detailed in comments in the specification file.
Overall, this gives better posture for STIG compliance regarding
auditability and prevention of unauthorized OS changes.
truenas_install/fhs.py Outdated Show resolved Hide resolved
truenas_install/__main__.py Show resolved Hide resolved
truenas_install/fhs.py Show resolved Hide resolved
truenas_install/__main__.py Outdated Show resolved Hide resolved
truenas_install/__main__.py Outdated Show resolved Hide resolved
truenas_install/__main__.py Outdated Show resolved Hide resolved
@anodos325 anodos325 merged commit 0785669 into master Sep 13, 2023
@anodos325 anodos325 deleted the fhs-datasets branch September 13, 2023 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants