On Feb 13, 2014, at 5:11 AM, Hubert Kario <hkario(a)redhat.com> wrote:
As long as the old /bin and /usr/bin are not part of PATH, I'd
say we've
done our job. We can't protect the user from shooting himself in the foot
in all cases.
The snapshots aren't in PATH. However, the yum plugin would put them at
/yum_<datetime>/bin /yum_<datetime>/usr/bin
Snapper puts them in
/.snapshots/<#>/snapshot/bin /.snapshots/<#>/snapshot/usr/bin
I'm not sure what you mean by the user shooting himself - these locations aren't
up to the user with these tools. And installer behavior can limit user choice as to where
the snapshots can be placed.
So, is the ability to hide snapshots in an unmounted portion of the (on-disk) file system
valuable from a security perspective? Or it it trivial?
The logs are a different matter, we should aim to preserve them.
Dunno where
journald is in this picture (binary log forward and backward compatibility).
If by preserve you mean a single contiguous log location, then that implies needing a
subvolume for logs. For example:
http://lists.freedesktop.org/archives/systemd-devel/2014-January/016253.html
I have implemented this and it appears to work, although probably it should be a log
subvolume mounted at /var/log so that all logs can be kept contiguous, not just the
journal.
Chris Murphy