From owner-freebsd-hackers Wed Oct 4 11:24: 3 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 8FCDF37B503 for ; Wed, 4 Oct 2000 11:23:59 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e94INvM16758; Wed, 4 Oct 2000 12:23:57 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id MAA38586; Wed, 4 Oct 2000 12:23:57 -0600 (MDT) Message-Id: <200010041823.MAA38586@harmony.village.org> To: Jordan Hubbard Subject: Re: Automatic updates (was Re: How long for -stable...) Cc: nate@yogotech.com (Nate Williams), freebsd-hackers@FreeBSD.ORG In-reply-to: Your message of "Wed, 04 Oct 2000 11:14:58 PDT." <92172.970683298@winston.osd.bsdi.com> References: <92172.970683298@winston.osd.bsdi.com> Date: Wed, 04 Oct 2000 12:23:57 -0600 From: Warner Losh Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <92172.970683298@winston.osd.bsdi.com> Jordan Hubbard writes: : > I think that we can do a lot with cvsupd. I've used cvsupd to grab : > binaries on an experimental basis and it seems to work great. I've : : Hmmm. Does cvsupd also move a target out of the way if it already : exists and it's in the process of replacing it? What if the target is : chflag'd but can be unprotected at the current security level? : : What I'm trying to say is that if you have "/sbin/init" and cvsupd is : about to replace it, I would expect the steps to be something like : this: : : Receive new init as /sbin/init.${pid} (or something) : | : |<--------------------------------------------+ : | Yes |Yes : \/ No | No : Mv /sbin/init.${pid} /sbin/init --> chflags noschg /sbin/init --> Fail : | : | Yes : \/ : Done : : If cvsupd does that or can be gimmicked to do that (add : --potentially-hose-me flag? ;) then I'd say it's a serious : contender for being part of a binary update process. I don't know. I seem to recall that jdp told me at the talk I gave last year that it just wipes the flags completely and doesn't honor them. I think it deals well with this, but I've not tried to replace init on a running system. Given that the Pluto upgrade went well, I'd expect the answer is yes, it works. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message