From owner-freebsd-questions@FreeBSD.ORG Thu Oct 9 20:20:26 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74AAF16A4B3 for ; Thu, 9 Oct 2003 20:20:26 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-107-253.dsl.lsan03.pacbell.net [64.169.107.253]) by mx1.FreeBSD.org (Postfix) with ESMTP id CDB9043FBF for ; Thu, 9 Oct 2003 20:19:15 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id C646D66D97; Thu, 9 Oct 2003 20:19:10 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 9B8ACB62; Thu, 9 Oct 2003 20:19:10 -0700 (PDT) Date: Thu, 9 Oct 2003 20:19:10 -0700 From: Kris Kennaway To: "Marc G. Fournier" Message-ID: <20031010031910.GA11148@rot13.obsecurity.org> References: <20030803200948.GA10712@lewiz.org> <200310091700.09658.kennyf@pchg.net> <20031010011640.GE10682@rot13.obsecurity.org> <20031009223612.J28590@ganymede.hub.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5vNYLRcllDrimb99" Content-Disposition: inline In-Reply-To: <20031009223612.J28590@ganymede.hub.org> User-Agent: Mutt/1.4.1i cc: Kenny Freeman cc: FreeBSD-questions cc: Lewis Thompson cc: Kris Kennaway Subject: Re: Jail FS questions. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Oct 2003 03:20:26 -0000 --5vNYLRcllDrimb99 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 09, 2003 at 10:55:26PM -0300, Marc G. Fournier wrote: >=20 >=20 > On Thu, 9 Oct 2003, Kris Kennaway wrote: >=20 > > On Thu, Oct 09, 2003 at 05:00:02PM -0400, Kenny Freeman wrote: > > > > > > I've been reading about unionfs and nullfs (well, more skim readi= ng > > > > really; I'm not FS guru, which is why I'm asking here) and one of t= hese > > > > sounds like it could be the idea solution. At first glance I'd say= that > > > > unionfs would be the way to go. > > > > Both unionfs and nullfs are documented to be broken. Seriously, those > > big scary warnings in the manpages are there for a reason! > > > > Having said that, some people have reported success in certain limited > > situations. If you insist on using them, then you're on your own > > if/when it breaks. > > > > This means: do not complain to us when your system crashes and you > > lose a filesystem. >=20 > Wow, what a way to encourage ppl to report bugs ... glad there are ppl > like Tor and David Schultz out there that are interested in fixing bugs > and not ignoring them ... It's not a matter of ignoring bug reports, it's a matter of not encouraging users to do something that is likely to blow their foot off. Most users probably aren't willing to knowingly do something this risky on their production machines. Yes, it's a good thing that some developers are finally working on fixing some of the problems, but the fact remains that nullfs/unionfs *are not known to work in all situations* (indeed, I was able to trigger unionfs bugs within a few minutes of testing last time I tried on 5.x, over the summer). It's wonderful that unionfs works for you in your particular situation, but that does not change the fact that these filesystems have been full of bugs for years and many problems likely still persist; that's precisely why the warnings are still there in the manual pages. Until someone intimately familiar with the filesystem expresses confidence that everything is in working order (this has not yet happened), that's how it will stay. Therefore, unless you can cope with panics and possible data loss when you run into a new bug (if you haven't seen data loss, you've been lucky - I have), don't use it. On the other hand, if there are developers working on unionfs who have run out of known bugs to fix (I'd be sceptical about this since I don't remember any unionfs-related commits over the past 6 months or so, although there might be some work-in-progress patches floating around), and you're willing to sacrifice your machines in the name of testing, then you should talk to those developers. Kris --5vNYLRcllDrimb99 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/hiUuWry0BWjoQKURApoUAJ9zzhVEV/AajZ//HYogyPEwSImRzgCdH351 iRNELQ3ukGzVV9GtXlIH8QA= =IGs2 -----END PGP SIGNATURE----- --5vNYLRcllDrimb99--