[Gluster-infra] An attempt to thwart G_LOG corruption
Emmanuel Dreyfus
manu at netbsd.org
Sat Aug 22 17:16:31 UTC 2015
Hello
We have a rogue test that appends log data to an incorrect open file
descriptors, clobebring various system and library files with logs. That
quickly renders regression slaves unusable.
I tried an exepriment to thwart that threat: NetBSD FFS filesystem
features an immutable flag, which tells even root cannot modify the
file. I applied it on nbslave7[1-j] for the following files and
directories (and their children)
/.cshrc /.profile /altroot /bin /boot /boot.cfg /etc /grub /lib /libdata
/libexec /netbsd /netbsd7-XEN3PAE_DOMU /opt /rescue /root /sbin /stand
/usr
Let me know if it is too wide and causes trouble. If anyone wants to
experiment:
Recursively (-R) installs the flag in /usr:
chflags -R uchg /usr
Recursively remove it:
chflags -R nouchg /usr
We also have schg/noschg, which can be set at any time but can only be
removed by root in a single-user shell. I ruled out this because I am
not sure rackspace console access lets us use single user mode.
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu at netbsd.org
More information about the Gluster-infra
mailing list