From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RuWFi-0007d2-0J for garchives@archives.gentoo.org; Mon, 06 Feb 2012 21:37:34 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 03FECE0778; Mon, 6 Feb 2012 21:37:20 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id E573DE077A for ; Mon, 6 Feb 2012 21:36:41 +0000 (UTC) Received: from [192.168.26.5] (ip98-164-193-252.oc.oc.cox.net [98.164.193.252]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: zmedico) by smtp.gentoo.org (Postfix) with ESMTPSA id 63B721B4016 for ; Mon, 6 Feb 2012 21:36:41 +0000 (UTC) Message-ID: <4F3047E8.3000807@gentoo.org> Date: Mon, 06 Feb 2012 13:36:40 -0800 From: Zac Medico User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:9.0) Gecko/20120124 Thunderbird/9.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo development Subject: Re: [gentoo-dev] rfc: only the loopback interface should provide net References: <20120206210451.GA1940@linux1> In-Reply-To: <20120206210451.GA1940@linux1> X-Enigmail-Version: 1.3.4 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: fac1177f-6f1c-4096-9438-95a96f380335 X-Archives-Hash: 2e403eb588f12a1071e5db75d6ebaef6 On 02/06/2012 01:04 PM, William Hubbs wrote: > All, > > I've been pondering for a while why All of OpenRC's network interfaces > provide net. > > My understanding of the "net" service is that it is there to signal that > a generic network connection is active. > > What I would like to do in OpenRC is change the network scripts so that > only the loopback interface provides net. > > The down side of this approach will be that if a daemon uses a specific > ip address in its configuration, or if it binds to a specific address, > the user will have to set up the appropriate configuration options in > /etc/conf.d. For example, if I setup sshd to use 192.168.10.1 and eth0 has > this address, I have to put the following line in /etc/conf.d/sshd: > > rc_need="net.eth0" That makes perfect sense. I suspect that the most common case is to have sshd bind to all interfaces, and if that's true then special configuration will not be needed in the most common cases. -- Thanks, Zac