Snapshotting for rollback after updates was[ Re: Drawing lessons from fatal SELinux bug #1054350]

Chris Murphy lists at
Sun Jan 26 23:26:07 UTC 2014

On Jan 26, 2014, at 1:18 PM, Reindl Harald <h.reindl at> wrote:

> Am 26.01.2014 21:13, schrieb Chris Murphy:
>> On Jan 26, 2014, at 11:41 AM, Simo Sorce <simo at> wrote:
>>> I never said it won't work in absolute, it probably will work ok in many
>>> cases, just to cause incredible issues in others.
>>> It is a fine tool in the hands of an expert that knows how to check
>>> whether reverting to a snapshot is safe.
>> Why is the snapshot case any different from a user who reverts doing a clean install or yum downgrade?
> because the snapshot restores *a whole filesystem* and not only the affected application?

If I knew the problem was with a particular affected application, why would I be using a snapshot rollback approach or clean install rather than a yum downgrade <app> approach?
> * restore a snapshot of /usr and you have fun with /var/lib/rpm
> * restore a snapshot of /var/lib/ without /usr and you have fun with the rpmdb and others
> * restore a snapshot of /usr without /etc and you *may have* random fun
> and there are *hundrets* of such combinations where the last thing you
> really would want is restore a snapshot because you have no plan about
> the real-world impact in doing so

Well what sort of moron would do rollbacks like this? You're saying if someone puts a stick of dynamite in their mouth then ZOMG! going to die!, but not accounting for why they would put dynamite in their mouth in the first place. This is simply not how rollbacks are done. Yes there are hundreds of mindnumbingly stupid ways a user could break their system. No one is recommending rollbacks that work the way you describe.

Chris Murphy

More information about the devel mailing list