Date: Tue, 28 Sep 2004 23:35:37 +0800 From: Xin LI <delphij@frontfree.net> To: Matthias Andree <ma@dt.e-technik.uni-dortmund.de> Cc: current@FreeBSD.org Subject: Re: bin/72138: libc.so.5 isn't installed in a safe way Message-ID: <20040928153537.GA3185@frontfree.net> In-Reply-To: <m31xgmzt34.fsf@merlin.emma.line.org> References: <20040927224353.845381B217@merlin.emma.line.org> <20040928043351.GA2400@frontfree.net> <20040928071758.GB14942@ip.net.ua> <m31xgmzt34.fsf@merlin.emma.line.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 28, 2004 at 10:38:23AM +0200, Matthias Andree wrote: > I must say that although Xin's patch will certainly work well to address > my original PR, I like Ruslan's idea better, because it appears to work Yes, I like it too :-) Ruslan's patch is apparantly better because it also protected other shared libraries. > for all precious libraries, not just libc. But there is more "precious" > stuff, /bin, /sbin, /boot (including kernel), /rescue (I was glad I had > the latter, otherwise my system would have been dead.) > > Using -S for the whole system might be a bit slow without softupdates > (or async, which I do not favor) but would not be a bad idea from a > robustness point of view which I personally prefer. I think it the slowdown would not be too much for this issue. For a filesystem without SoftUpdates enabled, the operations are: - Increase the inode reference count in preparation of referencing it - Add a new entity for the 'canonical' name and reference the inode - Remove the old entry for the 'temporary' name - Decrease the reference count back=20 Of course, with synchnously mounted file system, you will initialize four disk writes, however, the majority of metadata update, say, the file block descriptions (i.e. storage bitmaps, etc) were already written on disk, so this (theorically) won't be a big impact. My only concern of having -S for the whole installation is that when we terminate it (accidentially or intentionally), we may left some file like install.Xb5Q7c or something like it, which is not so easy to cleanup until the next time we have a ``make installworld''. What's more, I think it is easy for any user to use ``make "INSTALL=3Dinstall -CS" installworld'' if they really need the functionality. Without having -S for the whole installation gives more flexiblity, while having -S for shared libraries would protect users from having their system in a horrible state (after all, having a bad rtld-elf.so or libc.so is not something interest :-) So I personally prefer we have -S for the shared libraries (as Ruslan's patch did) - and give our user community the choose of whether to have INSTALL=3Dinstall -S in their make.conf. What do you think about this? Cheers, --=20 Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBWYTJ/cVsHxFZiIoRApd/AKCJMEC9RCvvu9eIlqcP9rsEiO20kwCfWTyj UFt78PKzht8raTKRvCEUOQ4= =/5bL -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040928153537.GA3185>