Ivan's XO Field Upgrade Proposal
C. Scott Ananian
cscott at cscott.net
Tue Jun 26 13:25:22 EDT 2007
On 6/26/07, Mike C. Fletcher <mcfletch at vrplumber.com> wrote:
> > g) I believe that we can use "plain old" hard links when we do the
> > rsync, instead of requiring any fancy vserver stuff. rsync will break
> > the link appropriately when it needs to modify a file (as long as the
> > --inplace option isn't given). This probably breaks a critical edge
> > during development.
> >
> I'm not actually sure what vserver is beyond a chroot-jail-like
> environment using an overlay file system, but assuming that's the basic
> idea, the rationale here is that we want to allow the COW file system
> overlay to be built by the rsync and only swap it into the root file
> system at some later time. At the *least* after the image has been
> verified!
Yes. In Ivan's full proposal (which he promises to send out RSN) he
wants to vserver-jail the upgrade process to avoid giving the upgrader
more privileges than it needs, which is entirely reasonable. But
since there are few people here who grok vserver (at the present), I
was just suggesting that we prototype the system by running rsync on a
hard-linked copy of the filesystem (trusting its file-modification
process not to modify files through their hard links). This requires
us to trust rsync, but we don't have to trust the received bits: they
are still authenticated before the upgraded image is swapped for the
running one.
Obviously we wouldn't run rsync directly on the running filesystem.
--scott
--
( http://cscott.net/ )
More information about the Devel
mailing list