btrfs snapshots, rollbacks
Hubert Kario
hkario at redhat.com
Thu Feb 13 17:11:25 UTC 2014
----- Original Message -----
> From: "Chris Murphy" <lists at colorremedies.com>
> To: "Hubert Kario" <hkario at redhat.com>
> Cc: security at lists.fedoraproject.org
> Sent: Thursday, 13 February, 2014 5:58:45 PM
> Subject: Re: btrfs snapshots, rollbacks
>
>
> On Feb 13, 2014, at 9:27 AM, Hubert Kario <hkario at redhat.com> wrote:
> >
> >>> The logs are a different matter, we should aim to preserve them. Dunno
> >>> where
> >>> journald is in this picture (binary log forward and backward
> >>> compatibility).
> >>
> >> If by preserve you mean a single contiguous log location, then that
> >> implies
> >> needing a subvolume for logs. For example:
> >>
> >> http://lists.freedesktop.org/archives/systemd-devel/2014-January/016253.html
> >>
> >> I have implemented this and it appears to work, although probably it
> >> should
> >> be a log subvolume mounted at /var/log so that all logs can be kept
> >> contiguous, not just the journal.
> >
> > Yes, that's what I was thinking about.
> >
> > If we're going to support update rollback through snapshots I think that
> > /var/log should be kept separate in default install.
>
> I don't know where Fedora is at with Btrfs by default, let alone how the
> Workstation PRD envisions implementing "Better upgrade/rollback control" or
> how any other Fedora product considers such functionality should work. There
> is this:
>
> http://fedoraproject.org/wiki/Changes/Rollback
>
> But that only mentions LVM thin provisioning. Not Btrfs.
>
> Yet the same concern with logs applies to LVM snapshotting and rollback. So
> if /var/log should be kept separate in a default install then it sounds like
> you'd support an RFE for anaconda that calls for automatic partitioning
> creating a log subvolume/LV to be mounted at /var/log. True?
yes
> I think the rule would be something like "if rootfs is on Btrfs or a virtual
> LV, then automatically create a "log" subvolume/LV and mount it at
> /var/log". Ack/nack/patch?
Sounds reasonable
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
http://wiki.brq.redhat.com/hkario
Email: hkario at redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
More information about the security
mailing list