----- Original Message ----- > From: "Chris Murphy" <lists@xxxxxxxxxxxxxxxxx> > To: "Hubert Kario" <hkario@xxxxxxxxxx> > Cc: security@xxxxxxxxxxxxxxxxxxxxxxx > Sent: Thursday, 13 February, 2014 5:58:45 PM > Subject: Re: btrfs snapshots, rollbacks > > > On Feb 13, 2014, at 9:27 AM, Hubert Kario <hkario@xxxxxxxxxx> wrote: > > > >>> The logs are a different matter, we should aim to preserve them. Dunno > >>> where > >>> journald is in this picture (binary log forward and backward > >>> compatibility). > >> > >> If by preserve you mean a single contiguous log location, then that > >> implies > >> needing a subvolume for logs. For example: > >> > >> http://lists.freedesktop.org/archives/systemd-devel/2014-January/016253.html > >> > >> I have implemented this and it appears to work, although probably it > >> should > >> be a log subvolume mounted at /var/log so that all logs can be kept > >> contiguous, not just the journal. > > > > Yes, that's what I was thinking about. > > > > If we're going to support update rollback through snapshots I think that > > /var/log should be kept separate in default install. > > I don't know where Fedora is at with Btrfs by default, let alone how the > Workstation PRD envisions implementing "Better upgrade/rollback control" or > how any other Fedora product considers such functionality should work. There > is this: > > http://fedoraproject.org/wiki/Changes/Rollback > > But that only mentions LVM thin provisioning. Not Btrfs. > > Yet the same concern with logs applies to LVM snapshotting and rollback. So > if /var/log should be kept separate in a default install then it sounds like > you'd support an RFE for anaconda that calls for automatic partitioning > creating a log subvolume/LV to be mounted at /var/log. True? yes > I think the rule would be something like "if rootfs is on Btrfs or a virtual > LV, then automatically create a "log" subvolume/LV and mount it at > /var/log". Ack/nack/patch? Sounds reasonable -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team http://wiki.brq.redhat.com/hkario Email: hkario@xxxxxxxxxx Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
