Date: Tue, 15 May 2001 10:02:11 +0300 From: Valentin Nechayev <netch@iv.nn.kiev.ua> To: Mike Smith <msmith@FreeBSD.ORG> Cc: Hugh Blandford <hugh@island.net.au>, stable@FreeBSD.ORG Subject: Re: Running Stable on remote production server Message-ID: <20010515100211.B2230@iv.nn.kiev.ua> In-Reply-To: <200105132035.f4DKXtB01042@mass.dis.org>; from msmith@FreeBSD.ORG on Sun, May 13, 2001 at 01:33:55PM -0700 References: <006c01c0dba7$f21a38c0$0bdea8c0@island.net.au> <200105132035.f4DKXtB01042@mass.dis.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sun, May 13, 2001 at 13:33:55, msmith (Mike Smith) wrote about "Re: Running Stable on remote production server": > It's entirely unnecessary to go single-user when updating a machine; just > rebuild the world, optionally run mergemaster, and reboot. > Exceptions to this rule do occur, but they're *extremely* rare. A race condition could be during /usr/bin/install call. install removes old file, writes new and sets permissions. If it is executable, something calling it will fail (I saw one case). If it is data file, something may fail with shortened-and-then-invalid data (I can imagine even root compomise in such case;)). And something may fail after old file was deleted already, but new file was not created yet. With hypothetical install command which first creates new file with both content and rights true and completed and then atomically renames it to old one, probability of such cases can be reduced to 0. /netch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010515100211.B2230>