On Sun, Jan 23, 2011 at 12:05 AM, Gordon Messmer yinyang@eburg.com wrote:
On 01/22/2011 08:28 PM, Nico Kadel-Garcia wrote:
Unfortunately, this is not sufficiently reliable. Some idiot may re-run it
Re-enabling NetworkManager requires the root password. If someone can turn it back on with 'chkconfig' or another service management tool, they can also re-install it.
I often have to hand off as-stable-as-possible systems to developers, and have done so in different professional roles. Turning it off at chkconfig is like taking the bullets out, but locking them in the same cabinet as the gun.
Ripping out NetworkManager (for RHEL 5/CentOS 5) is like taking away all the bullets. Putting in the NM_CONTROLLED="no" setting allows a bit more refinement: it can be disabled on a port by port basis.
You may feel that it is worth the effort to remove NetworkManager entirely, but I think most people will agree that there's no need to do so.
It's really painful for RHEL 6
The key to *keeping* it off in RHEL 6, and I assume in CentOS 6, is the setting NM_CONTROLLED="no" in the /etc/sysconfig/network-scripts/ifcfg-* files. This is a new setting in RHEL 6, and I'm having difficulty finding documentation for it
File a bug with the "initscripts" component. That setting *should* be documented in /usr/share/doc/initscripts-*/sysconfig.txt, but isn't.
Good point. Next week, with my service contracts in hand.