Glenn E. Bailey III
2016-Dec-20 19:20 UTC
[CentOS] Can't delete or move /home on 7.3 install
Yup, verified those options are *not* set in 7.2. For a quick test I simply removed them from /usr/lib/systemd/system/NetworkManager.service, did a systemctl daemon-reload, restarted NetworkManager, logged back in as root, and was able to whack /home (7.3). On Tue, Dec 20, 2016 at 11:07 AM, Matthew Miller <mattdm at mattdm.org> wrote:> On Fri, Dec 16, 2016 at 02:29:28PM -0500, Jonathan Billings wrote: >> The culprit? NetworkManager has /home open. I can't figure out >> *WHY*. > > NetworkManager.service has 'ProtectHome=read-only', which keeps NM from > writing there. I presume namespacing /home in this way counts against > unmounting it. This is a good security protection for everyone running > NM, so I can see it being worth the tradeoff vs. being able to move or > remove /home on a live system. > > (It also has ProtectSystem=true, which mounts /usr and /boot read-only > as well.) > > If you wanted to change this, drop ProtectHome=false into > /etc/systemd/system/NetworkMananger.service.d/override.conf (possibly > by using sudo systemctl edit foo NetworkMananger). > > -- > Matthew Miller > <mattdm at fedoraproject.org> > Fedora Project Leader > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos-- "replicants are like any other machine. They're either a benefit or a hazard. If they're a benefit, it's not my problem."
Jonathan Billings
2016-Dec-20 20:24 UTC
[CentOS] Can't delete or move /home on 7.3 install
On Tue, Dec 20, 2016 at 11:20:57AM -0800, Glenn E. Bailey III wrote:> > Yup, verified those options are *not* set in 7.2. For a quick test I > simply removed them from > /usr/lib/systemd/system/NetworkManager.service, did a systemctl > daemon-reload, restarted NetworkManager, logged back in as root, and > was able to whack /home (7.3).While that is a temporary solution, you should do what Matthew Miller says to do, which is put in an override in /etc/systemd/system/NetworkManger.service.d/. Otherwise, the next time your NM is updated it will be missing it. -- Jonathan Billings <billings at negate.org>
Jonathan Billings
2016-Dec-20 20:24 UTC
[CentOS] Can't delete or move /home on 7.3 install
On Tue, Dec 20, 2016 at 03:24:12PM -0500, Jonathan Billings wrote:> /etc/systemd/system/NetworkManger.service.d/. Otherwise, the nextObviously spell it right when you do it. :/ -- Jonathan Billings <billings at negate.org>