From owner-freebsd-current@FreeBSD.ORG Wed Apr 6 07:51:28 2005 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 26D4516A4CE for ; Wed, 6 Apr 2005 07:51:28 +0000 (GMT) Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6404243D2F for ; Wed, 6 Apr 2005 07:51:27 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.3/8.13.1) with ESMTP id j367pOiW006571; Wed, 6 Apr 2005 09:51:25 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Stephen McKay From: "Poul-Henning Kamp" In-Reply-To: Your message of "Wed, 06 Apr 2005 16:28:32 +1000." <200504060628.j366SWcW008597@dungeon.home> Date: Wed, 06 Apr 2005 09:51:24 +0200 Message-ID: <6570.1112773884@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: current@freebsd.org Subject: Re: Can't change partition table anymore X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Apr 2005 07:51:28 -0000 The default behaviour is here to stay because "Correct behaviour" in FreeBSD is to avoid implementing panic(8). We will not by default allow people, be it novice or selfdescribed wizards, to write to disk sectors which a filesystem is currently in possesion of, without a deliberate disabling of the protection mechanism. Enabling foot-shooting is in the category of open-heart surgery: it is not something we want people to try "just to see if that happens to solve my problem". So the sysctl knob is here to stay, one way or another. We can argue about what the name of the sysctl should be and where it should be documented, and every single one of you are able to sit down and write a patch for your preference and submit it to us. It is far less obvious where the documentation of features like this belong than most people think. This is not something that belongs in the dd(1) or ata(4) manual pages, although they could and probably should cross-reference it. It has been suggested that the kernel issue a printf when this happens, but that is 100% precisely the wrong response: that would introduce an effective DoS against any machine with a serial console. And I hate to say this, but this "horribly undocumented sysctl" is in company of about 200 other equally undocumented sysctls in the system, many of which have equally profound impact on how the system works. So for all I care, this discussion is over until somebody comes up with a patch we can all agree on. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.