NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Definition of NetBSD users

At Tue, 23 Mar 2010 13:49:08 -0400, matthew sporleder 
<> wrote:
Subject: Re: Definition of NetBSD users
> I don't really understand how hot-swap became a desktop-only feature.
> Adding resources on-the-fly has been a server feature for years and
> years.  I personally allocate a lot more additional disks to servers
> than plug in thumb drives to my laptop.

Hmmm... well, there are several issues here.

First off I should say that I don't do hot-swap on servers -- I design
and build them, then they run for years without any hardware changes,
sometimes even without ever rebooting.

However there are times when it would be nice to be able to add or
change devices on a high-availability server without any downtime.  :-)

That said though the kind of devices I wish were hot-swap for servers
usually are not capable of such manipulation (safely, even with
administrative controls to allow temporary freezing of bus activity).

Modern laptops and desktops, having been designed as handy personal
devices, often have far more hardware interfaces that support
(relatively) safe hot-swap operation.  Modern servers do often support
some of these "personal" device interfaces as well, but they're usually
not highly utilised as they are not really suited to handling
server-sized loads and performance.

I guess the main issue though is a difference in security models for
controlling hot-swappable devices and media.

On a server, even if it's in a physically secure area, you still don't
want any unauthorised user to be able to change the hardware, so if your
hardware can do hot-swap then your highly-skilled systems manager can
usually wrangle things to make it work and use it within the limits of
the device drivers.  We've had rescan capability in NetBSD's SCSI bus
drivers for what, nearly a decade now?

However on a desktop, and especially on a laptop, the same devices that
might be highly restricted on a server must be made easily usable to an
"unprivileged" user, yet at the same time provide access to these
devices in a manner which will be secure to the system.  On top of that
you need to automate the management of these devices so that the user
can just use them transparently of any systems-level manipulation.

I haven't really thought through how this should be designed and
implemented, but I have been quite interested in these issues ever since
I first encountered Unix when I used a PDP-11/60 running V7 which had a
floppy drive that was mounted in a hole in the machine room wall and
which students could allocate through a setuid program to use to archive
assignments and code on convenient 8-inch removable media.  :-)

                                                Greg A. Woods
                                                Planix, Inc.

<>       +1 416 218 0099

Attachment: pgp1luX2_rPpN.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index