| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Apr 2008 00:20:21 -0400 From: Theodore Tso <tytso@....edu> To: Eric Sandeen <sandeen@...hat.com> Cc: "Jose R. Santos" <jrs@...ibm.com>, linux-ext4@...r.kernel.org Subject: Re: [PATCH][e2fsprogs] Allow user to disable Undo manager through MKE2FS_SCRATCH_DIR On Sun, Apr 06, 2008 at 08:44:39PM -0500, Eric Sandeen wrote: > Theodore Tso wrote: > > > (This will be merged into the patch "e2fsprogs: Make mke2fs use undo > > I/O manager" before the whole branch gets integrated into the next or > > master branches, using the magic that is git rebase --interactive. > > Also needing fixing is the code to hook into the profile lookup.) > > What is the rationale for turning mke2fs into a nanny for > administrators, anyway? Maybe to complete the transformation we should > just make it a gtk application with a windows-like "Are you sure? [Yes] > [No]" alert dialog box that pops up? > > Seriously, what does this gain us, other than a slowdown of an > already-slow mkfs? I'm sure there are stories of people who mkfs'd the > wrong device but there are a million sad stories out there; rm -rf /, dd > if=/dev/null of=/dev/sda, fdisk the wrong device, you name it. We can't > save them all. :) The plan is to only enable it for uninit_groups, once uninit_groups actually really does what the name implies (i.e., actually not initialize the inode tables). Unfortunately uninit_groups still needs some fix-up work. (As does flex_bg.) That's one of the reasons why I've been holding off on merging the undo manager at all. So the idea is that we can make a reversible mke2fs in such a way that it's way cheaper than it currently is today. Sure, there are many tales of woe out there, but we have made things a bit harder to prevent users from accidentally running mke2fs on half of an MD device, by adding the exclusive open feature in the kernel. The fact that its defaults are bested right now is a problem, and maybe I'll just fix it up so that for now, the MKE2FS_SCRATCH_DIR environment variable must be set for it to save the undo file. > The notion of an (optional) undo IO manager is fine in general, I like > the idea that if I have dicey fsck to do I can in theory recover from it > if it goes badly, though even there I'd personally rather not have it on > by default... (how do I turn it off for fsck?) But mkfs, by default - > really? I don't much like it, and on my boxes I'd like a way to > permanently turn it off, regardless of whether I'm testing or not... > Sure I could put it in my .bashrc or whatnot, but really, what does this > gain us? Ultimately, a line in mke2fs.conf would also turn it off, but again, there's a reason why the patch series has *not* been merged into the "next" or "master" branch. It still has a bunch of rough spots that certainly does make it very annoying in its current state --- completely granted. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists