On Mon, 10 Apr 2017, Lennart Poettering wrote:
On Sun, 09.04.17 10:11, Michael Chapman (m...@very.puzzling.org) wrote:
Don't forget, they've provided an interface for software to use if it needs
more than the guarantees provided by sync. Informally speaking, the FIFREEZE
ioctl is intended to place a filesystem into a "fully consistent" state, not
just a "fully recoverable" state. (Formally it's all a bit hazy: POSIX
really doesn't guarantee anything with sync.)
FIFREEZE does considerably more than what you suggest: it also pauses
all further changes until FITHAW is called. And that's semantics we
really cannot have.
If systemd is just about to call reboot(2), why does it matter?
I do think we should attempt to remount readonly before doing the
FIFREEZE. I thought systemd did that, but it appears that it does not. A
readonly remount will do what we want so long as no remaining processes
have any files opened for writing on the filesystem. The FIFREEZE would
only be necessary when the remount fails.
Remember, all of this is because there *is* software that does the wrong
thing, and it *is* possible for software to hang and be unkillable. It
would be good for systemd to do the right thing even in the presence of
that kind of software.
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
