On Wed, Mar 19, 2008 at 09:37:22AM -0700, Henry B. Hotz wrote: > > On Mar 19, 2008, at 9:06 AM, Jan Pechanec wrote: > > > On Wed, 19 Mar 2008, Casper.Dik at Sun.COM wrote: > > > >> Powercycling a system during certain parts of boot is almost > >> guaranteed to cause the next boot to fail with a corrupted registry. > > Wow! I do I even need to say what that implies about SMF? > > This entire thread sounds a lot like the old SysV vs BSD debate. It's > actually amazing that Sun survived the decision to abandon their > (working) BSD for (broken/buggy) SysV. I don't think it was until > about 2.4 that Solaris began to be a decent alternative.
sqlite bugs aside, what you're describing is no different than how your system won't boot if your filesystem has corrupted etc/system, or the kernel binary, or the boot archive, or the extended partition table, or any of a thousand other things. On Linux. Or Windows. Or SVR4. If you want to have a system which survives power-cycling in the middle of arbitrary activity to the root filesystem, then you need either (a) a transactional filesystem like ZFS (which is why we're making ZFS root the default), or (b) a journaled filesystem which always recovers properly and doesn't have any log replay bugs. If you want on top of that the ability to survive complete failure of the system boot disk itself, then on top of (a) or (b) you mirror root. This is supported by ZFS root, and several other options. None of that has anything to do with SMF at all: the use of a database or files for any of that is entirely orthogonal. As for that stuff, I think there's a lot of misunderstanding on this thread on the objectives and so forth, and there is a design note that Stephen and I wrote long ago to explain it and I will dig that up this afternoon and post it later today. -Mike -- Mike Shapiro, Sun Microsystems Fishworks. blogs.sun.com/mws/
