Mon, 05 Jan 2004 @ 21:16 -0500, Steven M. Bellovin said:

> Unfortunately, I don't have any suggestions for how to recover your 
> data.  But maybe we can fix the system so that this doesn't happen to 
> someone else.

> The first and easiest thing to do is to fix /etc/rc.d/cleartmp so that 
> it doesn't clear the directory unless a sentinel file -- something like 
> /tmp/.ThisReallyIsTmp -- exists.  It would also create such a file 
> after clearing out everything else -- but *only* if it did the deletes, 
> i.e., if the file had existed previously.

That's a good idea.

I really wish UNIX had useful media labels.  It would prevent a lot of
problems like this.

> Another solution is local -- get rid of kernel config lines like 
> 
> 	sd*     at scsibus? target ? lun ?
> 
> since they're invitations to disaster if some drive isn't there.  Once 
> you know what your configuration really is, use explicit lines:
> 
> 	sd1	at scsibus0 target 4 lun 0

I have that.

The problem is a generic kernel was booted which did the wrong thing.

The crash caught me halfway between updates.

> But these just a patch to stop the bleeding.  The real solution is to 
> name drives symbolically.  Drives are labeled -- see disklabel(8).  
[snip]
> You see where I'm heading.  You'd mount /tmp on /dev/disk-pack2/tmp or 
> some such.

Yeah.  Old minis and mainframes used labeled media, even tapes.

It's a lot nicer than how UNIX handles it.

One thing that has always bothered me about UNIX is that so many devices
have no permissions system.  Mount a tape and everyone can access it.

Anyway, I definitely agree with the idea of labeled media.

What would be nice is an override flag on the mount command which would
be off by default, so that boots were checked, but you could mount
things anywhere if you needed to.

-- 
UNIX/Perl/C/Pizza____________________s h a n n o n@wido !SPAM maker.com