Subject: Re: Patch to disallow mounts of unclean FFS unless forced
To: Charles M. Hannum <abuse@spamalicious.com>
From: Greywolf <greywolf@starwolf.com>
List: tech-kern
Date: 10/14/2003 09:00:43
Thus spake Charles M. Hannum ("CMH> ") sometime Today...

CMH> On Monday 13 October 2003 06:09 pm, Jason Thorpe wrote:
CMH> > The following patch changes the FFS code to disallow mounts of unclean
CMH> > file systems unless the mount is forced.  Mounts can be forced by root
CMH> > using the -f flag to mount(8).  Non-root users are not allowed to force
CMH> > mounts (this is enforced by sys_mount()).  The initial mount of the
CMH> > root file system is always forced.
CMH>
CMH> So, exactly what problem are you attempting to solve here?  This is one of the
CMH> most irritating misfeatures of FreeBSD.

Not to seem to "jump on a bandwagon", but I have similar concerns (forget
that I'm not as technically advanced as Prof. Hannum).

If we're disallowing all mounts, including read-only, we must be doing
this for a reason, i.e., some read must cause a panic or other inconsistent
internal state.

I could see disallowing rw mounts, because rw is where you end up with
your ialloc: dup//ifree: freeing free inode//bfree: freeing free frag/block
problems, but ro?  Yeah, it's inconsistent.  I know we have to start the
system *some*how, but wouldn't the same problems potentially exist on the
root filesystem, even ro?

I always thought a warning when mounting ro/refusal to mount rw before fsck
would have been fine instead of refusal or warning in both cases...

What we (well, you Kernel/FS-Savvy Guys) are working around eludes me
a bit, I guess.  Apologies in advance if I'm asking really stupid (to you)
questions; if I knew the answers, I wouldn't ask.

				--*greywolf;
--
NetBSD: better for your uptime than Viagra.