Subject: Re: Patch to disallow mounts of unclean FFS unless forced
To: Robert Elz <kre@munnari.OZ.AU>
From: Jason Thorpe <thorpej@wasabisystems.com>
List: tech-kern
Date: 10/14/2003 14:27:28
On Tuesday, October 14, 2003, at 02:06  PM, Robert Elz wrote:

> But that is root only - users are supposed (with the right sysctl 
> setting)
> to be able to mount too.

So, would everyone feel better if I just took the superuser check out?  
It's basically in there because I expected for people to insist on it 
if there was going to be a "force" option.

> But isn't the right fix to make sure that the kernel correctly checks
> its data before using it?   And isn't NetBSD supposed to be all about
> doing the right fix, not just the expedient one?

Sure.  But the "right fix" is far from obvious, unfortunately.  Several 
NetBSD developers with file system clue discussed this issue privately 
for a while, and while we agreed that better error handling is the 
correct long-term direction, that is a seriously time consuming task, 
and many of the error cases it's not clear how we could reasonably 
recover ... indeed, a crash and subsequent boot-time fsck may be more 
desirable than some other kind of error recovery action.

I can certainly just punt on this and maintain the patch in a local 
tree, as there are some specific "accidents happen" cases that I have 
to deal with in the short term.  If NetBSD-the-Project doesn't find it 
useful, fine.

         -- Jason R. Thorpe <thorpej@wasabisystems.com>