[OpenAFS-devel] Solaris afs.rc file damage

[Derrick J Brashear]

On Wed, 11 Apr 2007, Dean Anderson wrote:

> I just talked to some people, who suggested that it was the loadable
> syscalls that 'a group within sun' wasn't committed to.  I recall the
> certain linux folks also argue that loadable system calls are a bad
> thing. I'm not sure why they argue that, but it perhaps merits some more
> investigation into what their reasons are.

Because in theory it makes an insidious rootkit easier. Not possible. Just 
easier.

> Syscalls are nothing more than an ancient form of shared library which
> once had implicit locking.  I think the same behavior can usually be
> obtained by a driver with only ioctls.  I suppose the advantage is that

Linux now uses an ioctl on a special file.

> So, I suspect the question should be: Could the afs kernel module be
> turned into a driver with an ioctl?  There's a lot in there, and if
> anything breaks the general premise that a system call can be cast as an
> ioctl, this would probably be it...

Yes.

> It rarely necessary to reboot 'now'. It _may_ be necessary to reboot
> before using the software, if the software can't run until a reboot.

package might do something like change your shared libraries out from 
under you. we used it at cmu to roll machines from solaris 7 to solaris 8 
for instance, or 4.1.3 to 2.4, or on one rare occasion from 2.4 to 4.1.3

> If the installer is going to make changes that will abruptly make the
> system unrunnable (changing libc.so, for example) the script should

The installer isn't. package might. The installer doesn't run package. 
package is a local disk management tool which AFS (used to) provide.

>> use the 'Q' flag.
>
> What Q flag?  You've lost me.  The reboot wasn't triggered by a pkg or
> rpm installer. It was in the init/rc startup script. There is no 'Q'
> flag.

Yes, he's talking about "package(8)" not the AFS installable package (the 
rpm)