Snapshotting for rollback after updates was[ Re: Drawing lessons from fatal SELinux bug #1054350]
Reindl Harald
h.reindl at thelounge.net
Sun Jan 26 20:18:50 UTC 2014
Am 26.01.2014 21:13, schrieb Chris Murphy:
> On Jan 26, 2014, at 11:41 AM, Simo Sorce <simo at redhat.com> wrote:
>
>> I never said it won't work in absolute, it probably will work ok in many
>> cases, just to cause incredible issues in others.
>>
>> It is a fine tool in the hands of an expert that knows how to check
>> whether reverting to a snapshot is safe.
>
> Why is the snapshot case any different from a user who reverts doing a clean install or yum downgrade?
because the snapshot restores *a whole filesystem* and not only the affected application?
* restore a snapshot of /usr and you have fun with /var/lib/rpm
* restore a snapshot of /var/lib/ without /usr and you have fun with the rpmdb and others
* restore a snapshot of /usr without /etc and you *may have* random fun
and there are *hundrets* of such combinations where the last thing you
really would want is restore a snapshot because you have no plan about
the real-world impact in doing so
>> It is not going to be a good solution for non-expert users though
>> *unless* you provide system APIs that *all* applications use to signal
>> when they are doing irreversible changes so that the user can be warned
>> about potential data loss right when he asks the system to revert a
>> snapshot.
>
> Developers should not be sneak attacking non-expert users with file format changes that aren't well
> announced in advance of consequences they probably won't be able to read their data if they downgrade
> the application
the perfect world won't happen, sad but true
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140126/7622c74d/attachment-0001.sig>
More information about the devel
mailing list