Wednesday, 13 January 2016

RFC on Cloud Images: Make /tmp a tmpfs

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWlkJlAAoJEETWil5UBqhmfRkP/0cWeEXg3MSQ/vopxZ/9lShO
N7x7GKqxucEfsGNJg445bY4FzMIVX/4HlscXs8Wq0bKj3jgqPgFwNkHr7tK83/lT
mftB7n+JoEi1vp06PrWBkhze4PheX1Z7kpn+wP+bWYq+3qDOPrsIpl4g0B/0EH0d
nCqAQ4R50nGI/hgjLm/HyxclJZR2HRa/aW9BxIqcshRZwvlCoU86dlMxVREwfBXK
KJk9irQ6wvkSV0+DH9MSNDFvfyq50HIWdGTlX2dplevSpEHsJFUFPm6huNOIhBZ3
I1C8vFsuQSWDbM9ASNovEwbeVBEwSyZTAcZX25xKIliQ+RkwQlmAcJ1RAFrnI4jb
YuiT4h/2Y+o6Qyd9falktKVqE9/7vamqdWFtoGXz7kQbAxAZXlvuwCV6n3qgpx1o
jKcT9VmITm077WagXJoBqYElfuPjKafuNzWLBrQtz9QqUKlHUP/PPaNx3h+9XGmw
yP+eKasyzl7AKbVi/DEfU6I6JpoPszy/k5uiC83PBYigzpM1HpDWGwyF3tnCKotW
9V1eHtsryLcdmEXcQthMeM8LnLlk512v1mFNDNBjsOCQBi8dCxXpe+4zVs3KAZLV
nBlQeo2UzBDmq7hQU0fZbfHA0J9JRJsmgxbmUGJuWu8WTAL8dQlhWNOsAZ+CPbIt
RpagG5/ByWjtUKKv8TJH
=7jXm
-----END PGP SIGNATURE-----
All,

On the Ubuntu Cloud Images, we have a request to make /tmp a tmpfs. The
rationale, from the bug:
* Performance - much faster read/write access to data in /tmp
* Security - sensitive data would be cleared from memory on boot,
rather than written (leaked) to disk -- important for encryption
scenarios

Since the Ubuntu Cloud Images are used by a wide number of users, I
wanted to gather feedback and gather consensus on whether or not we
should make this change.

Please see Bug 1553639 [1] for the conversation.

Thanks,
Ben

[1] https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1533639

P.S. Starting with 16.04, we are building cloud images in buildds using
livecd-rootfs; for bug regarding _how_ cloud images are built, please
file the bugs against livecd-rootfs

--


Ben Howard
[email protected]
Canonical
GPG ID 0x5406A866