Comment 11 for bug 1913421
Revision history for this message
| Christian Ehrhardt (paelzer) wrote | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
79ea94a
(Get the code!)
LOL+ I had to major breakthroughs on this:
1. I found the right way in d/rules to get the .mount unit started
2. I had a great discussion about "the other POV" on this [1] and I must say that I agree.
As much as this can be a comfort function it can also be
a) less reasons to finally restart into upgraded code
b) leave security vulnerable code around
For that I think we really want to make this available, but also NOT enabled by default.
As an opt-in that makes sense.
Current plan - I'll prep changes along this one here that does:
- install the .mount but NOT start/enable it (the admin has to opt in)
The admin also can pick any other way he prefers to make /run/qemu not have noexec
- define a /etc/.. place to enable this feature, and otherwise have the postrm not even
copy the old bits.
[1]: