Bug 80535
| Summary: | Contrary to handbook, filesystem snapshots do not have the schg flag. | ||
|---|---|---|---|
| Product: | Documentation | Reporter: | Bernd Luevelsmeyer <bernd> |
| Component: | Books & Articles | Assignee: | freebsd-doc (Nobody) <doc> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
Patch follows:
--- chapter.sgml.old Wed May 25 14:24:40 2005
+++ chapter.sgml Wed Jun 8 21:55:24 2005
@@ -3141,13 +3141,6 @@
however all the used space may not be acquired because another snapshot will
possibly claim some of the released blocks.</para>
- <para>During initial creation, the <option>schg</option> flag (see the &man.chflags.1; manual page)
- is set to ensure that even <username>root</username> cannot write to the snapshot.
- The &man.unlink.1; command makes an exception for snapshot files
- since it allows them to be removed
- with the <option>schg</option> flag set, so it is not necessary to
- clear the <option>schg</option> flag before removing a snapshot file.</para>
-
<para>Snapshots are created with the &man.mount.8; command. To place
a snapshot of <filename>/var</filename> in the file
<filename>/var/snapshot/snap</filename> use the following
--
Rionda aka Matteo Riondato
G.U.F.I. Staff Member (http://www.gufi.org)
FreeSBIE Developer (http://www.freesbie.org)
State Changed From-To: open->closed The "schg" file flag is not set, but it is specially marked using the "snapshot" file flag. It has similar qualities to the former. I have updated the handbook to mention the correct file flag and how to search for snapshot files on a file system. Thanks! |
The handbook tells: "During initial creation, the schg flag (see the chflags(1) manual page) is set to ensure that even root cannot write to the snapshot." This is not true, the schg flag is not set. Since the schg flag is a security-instrument, I consider this to be a "serious" bug. Fix: Delete the quotet sentence from the handbook. How-To-Repeat: mksnap_ffs /usr /usr/snap find /usr -flags schg | grep snap (the snapshot file is not output)