Snapshotting for rollback after updates was[ Re: Drawing lessons from fatal SELinux bug #1054350]

Reindl Harald h.reindl at thelounge.net
Sun Jan 26 00:45:44 UTC 2014 

Am 26.01.2014 01:28, schrieb Chris Murphy:
>> It is basically impossible to find applications that handle the case
>> where you downgrade, in any more graceful way than punting and failing
>> to start in the *good* case. In the bad case they start and trash the
>> database.
>
> But important user data having it's format updated in a way that makes it incompatible
> with the previous minor version (same major version)? I'm snickering at the language that 
> would ensue in the proprietary software world

you do not know what happens in case *of a bug*
you are in the area of undefined behavior

the point is that the snapshot *does not* bring you for
sure back where you came from or if it does you may regret
it because there is a timewindow between 3 steps

* snapshot / update
* continue your normal operations
* recognize there is a problem
* restore the snapshot
_________________________

* if i have /var on a seperate partition *god beware* of the idea
  rollback a snapshot of the remaining rootfs because the system
  is ruined -> /var contains the whole rpm-database

* if i have /home on the same FS as the rootfs -> *god beware* of restore
  a snapshot because all work before "recognize there is a problem" is
  ruined
_________________________

well, people already statet the solution maybe split the OS granulary
and extend the FHS -> that will *not* solve the problem, it only will
create new ones beause at the end of the day nobody except very few
people know what is hwre stored, snapshotted and can be restored with
what exactly impact leading to lose any control

a bug is a bug and in case of undefined bahvior the word *undefined*
is the really important - frankly, what happens if one of the components
used for snapshots is affected?

* nothing
* undefined system state
* all get trashed

solving problems by add more layers of complexity leads to have more
layers prone for bugs themself and the IT after 2010 tends to solve
that by wrap another layer around..... frustrating.....

Linux would not exist if Unix would not have made it a different way and
people coming up with technical complex solutions should consider how
it can be that 30 or 40 years old solutions still working perfect and
all the new ones are replaced every 2-5 years

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140126/3a8ff253/attachment.sig>

More information about the devel mailing list