From: Doug Ledford <dledford@redhat.com>
To: Michael Evans <mjevans1983@gmail.com>
Cc: Bill Davidsen <davidsen@tmr.com>, Neil Brown <neilb@suse.de>,
linux-raid@vger.kernel.org
Subject: Re: [[Patch mdadm] 2/5] Move the files mdmon opens into /dev/ to support handoff after pivotroot
Date: Tue, 02 Feb 2010 13:11:51 -0500 [thread overview]
Message-ID: <4B686AE7.7090806@redhat.com> (raw)
In-Reply-To: <4877c76c1002012008u2e32d6a4y9b4fec721dfe8435@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 4263 bytes --]
On 02/01/2010 11:08 PM, Michael Evans wrote:
> On Mon, Feb 1, 2010 at 2:42 PM, Bill Davidsen <davidsen@tmr.com> wrote:
>> Doug Ledford wrote:
>>>
>>> On 02/01/2010 03:32 PM, Bill Davidsen wrote:
>>>
>>>>
>>>> Doug Ledford wrote:
>>>>
>>>>>
>>>>> On 01/18/2010 05:09 PM, Neil Brown wrote:
>>>>>
>>>>>>
>>>>>> I understand there is a problem here, but I don't like this approach
>>>>>> to a
>>>>>> solution. I'll give it more though when I get home from LCA2010 and
>>>>>> see
>>>>>> what I can come up with.
>>>>>>
>>>>>
>>>>> Feel free to come up with something different. But, if your solution
>>>>> involves maintaining an additional read/write mount area in deference to
>>>>> a long dead unix tradition, I'm just going to shake my head and patch
>>>>> your solution away to something sane.
>>>>>
>>>>>
>>>>
>>>> I don't understand you argument here. Not the one where you say you're
>>>> going to ignore Neil and do what you want because you can, I understand
>>>> that, but the "additional read/write mount area" part, isn't /var/run
>>>> r/w on all systems now? Could you clarify why this is "additional" here?
>>>>
>>>>
>>>
>>> It's not necessarily read/write in the initrd time frame, and putting
>>> the mdadm files there means it would have to be. We didn't make these
>>> changes because we wanted to, we made them because using mdadm raid
>>> arrays for the root filesystem combined with incremental assembly or
>>> with imsm raid devices was broken otherwise.
>>>
>>>
>>
>> Do understand that my disquiet related to this isn't because you put a
>> non-device in /dev, it's that you
>> didn't put a process PID in /var/run. And frankly, once you let (force) one
>> group of threads to be somewhere
>> else, other services will want their PIDs some other place, and anyone
>> maintaining an application
>> which presents information on what's running will need to know where that
>> information.
>>
>> In other words, it's not where you put it, it's where you *didn't* put it,
>> that seems to be an
>> invitation to put stuff just anywhere. Neil argues that they are not
>> devices, I argue that
>> they are PIDs. It's not as though it were a huge effort to move it after
>> pivot root, it's a little code
>> or script and in space which will be released.
>>
>> --
>> Bill Davidsen <davidsen@tmr.com>
>> "We can't solve today's problems by using the same thinking we
>> used in creating them." - Einstein
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-raid" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>
>
> Thank you for stating your concern; I think knowing that a very
> plausible solution is obvious.
>
> # at initrd/initramfs creation time
> ln -s /dev/.run /var/run
>
> #initrd/initramfs script
> mkdir /dev/.run
>
> The usual area becomes a symlink to a memory disk .Most systems have
> ample memory to support a few extra tiny files there. Cleanup on
> reboot is automatic. Any systems that are memory constrained probably
> already either have a drive they could swap this data out to, or would
> rather save the writes from reaching flash media anyway.
It's highly likely that mdmon would need its own directory, so ln -s
/dev/.mdmon /var/run/mdmon would be more suitable. This is due to
SELinux contexts. I know mdadm needed /var/run/mdadm so that in monitor
mode with strong SELinux enabled it could have its own private context
and that context could then be given the permissions it needed (create
dev file, access sendmail, etc., a number of these actions are the very
type of actions that programs do when compromised so part of strong
security is only granting those perms to programs that legitimately need
them). Mdmon may not need the same perms that mdadm did, but I still
wouldn't be surprised if it needs its own context/directory due to the
relative danger of handing out raw disk access.
--
Doug Ledford <dledford@redhat.com>
GPG KeyID: CFBFF194
http://people.redhat.com/dledford
Infiniband specific RPMs available at
http://people.redhat.com/dledford/Infiniband
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2010-02-02 18:11 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-11 20:38 Minor mdadm fixes Doug Ledford
2010-01-11 20:38 ` [[Patch mdadm] 1/5] Make the IMSM_DEVNAME_AS_SERIAL option work when creating containers. This allows a person to testing using loopback devices that don't support serial number queries Doug Ledford
2010-01-18 22:01 ` Neil Brown
2010-01-18 22:13 ` Dan Williams
2010-01-19 1:55 ` Doug Ledford
2010-01-19 4:42 ` Dan Williams
2010-01-19 5:31 ` Doug Ledford
2010-01-19 5:47 ` Dan Williams
2010-01-11 20:38 ` [[Patch mdadm] 2/5] Move the files mdmon opens into /dev/ to support handoff after pivotroot Doug Ledford
2010-01-18 22:09 ` Neil Brown
2010-01-19 7:21 ` Luca Berra
2010-01-19 17:51 ` Doug Ledford
2010-02-01 20:32 ` Bill Davidsen
2010-02-01 21:32 ` Doug Ledford
2010-02-01 22:42 ` Bill Davidsen
2010-02-02 4:08 ` Michael Evans
2010-02-02 7:17 ` Luca Berra
2010-02-02 15:42 ` Bill Davidsen
2010-02-02 18:19 ` Doug Ledford
2010-02-04 13:50 ` Bernd Schubert
2010-02-04 15:03 ` Bernd Schubert
2010-02-04 15:48 ` Doug Ledford
2010-02-04 16:40 ` Bernd Schubert
2010-02-04 17:35 ` Doug Ledford
2010-02-02 18:11 ` Doug Ledford [this message]
2010-02-02 18:07 ` Doug Ledford
2010-02-02 18:18 ` Bill Davidsen
2010-02-04 6:40 ` Neil Brown
2010-02-04 18:45 ` Doug Ledford
[not found] ` <4B6B15B3.8030205-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-02-04 23:04 ` Dan Williams
[not found] ` <e9c3a7c21002041504w17565653m5a8b8cd90543cf1e-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2010-02-05 0:21 ` Bill Davidsen
2010-02-05 12:14 ` Luca Berra
2010-02-06 17:51 ` Doug Ledford
[not found] ` <4B6DAC06.6060909-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-02-06 21:07 ` Dan Williams
[not found] ` <e9c3a7c21002061307le6f5d56ked4fa3711bdd2367-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2010-02-06 21:46 ` martin f krafft
2010-02-06 22:06 ` Michael Evans
2010-02-08 15:32 ` Doug Ledford
2010-02-08 21:38 ` Neil Brown
2010-02-09 0:20 ` Michael Evans
[not found] ` <20100209083838.6568cac0-wvvUuzkyo1EYVZTmpyfIwg@public.gmane.org>
2010-02-09 2:19 ` martin f krafft
[not found] ` <20100209021949.GB11780-0owbi4v4jRjYceiJAzDLgeTW4wlIGRCZ@public.gmane.org>
2010-02-09 20:34 ` Doug Ledford
[not found] ` <4B71C6CA.3010407-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-02-10 0:58 ` Mr. James W. Laferriere
[not found] ` <alpine.LNX.2.01.1002091553580.10004-pIN9qAC4yfKseEBmXaVrNB5FPEiCeG3sAL8bYrjMMd8@public.gmane.org>
2010-02-10 1:33 ` Neil Brown
2010-02-10 9:46 ` Harald Hoyer
[not found] ` <20100210123321.324e5de6-wvvUuzkyo1EYVZTmpyfIwg@public.gmane.org>
2010-02-10 15:49 ` Dan Williams
2010-02-10 16:06 ` Michael Evans
[not found] ` <4877c76c1002100806w66e504deg767f6ecc8cc7fa8a-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2010-02-11 2:30 ` Doug Ledford
2010-02-09 20:30 ` Doug Ledford
2010-02-08 4:23 ` Neil Brown
2010-02-07 22:13 ` Hans de Goede
2010-02-07 23:06 ` Neil Brown
2010-02-08 3:45 ` Neil Brown
2010-02-08 16:56 ` Bill Nottingham
2010-01-11 20:38 ` [[Patch mdadm] 3/5] We don't like %02d as a metadata format specifier, it confuses us when we read the output back later Doug Ledford
2010-01-18 22:02 ` Neil Brown
2010-01-11 20:38 ` [[Patch mdadm] 4/5] When using -D --export the UUID is helpful, so print it out Doug Ledford
2010-01-18 22:03 ` Neil Brown
2010-01-11 20:38 ` [[Patch mdadm] 5/5] Fix segfault when the AUTO keyword is used in the config file Doug Ledford
2010-01-18 22:03 ` Neil Brown
2010-01-12 0:49 ` Minor mdadm fixes Mr. James W. Laferriere
2010-01-12 3:10 ` Andre Noll
2010-01-12 3:36 ` Doug Ledford
2010-01-12 4:39 ` Andre Noll
2010-01-12 4:46 ` Doug Ledford
2010-01-12 5:21 ` Andre Noll
2010-01-18 22:05 ` Neil Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B686AE7.7090806@redhat.com \
--to=dledford@redhat.com \
--cc=davidsen@tmr.com \
--cc=linux-raid@vger.kernel.org \
--cc=mjevans1983@gmail.com \
--cc=neilb@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).