[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Filesystem choice in secure serverinstallation

On Thursday 22 January 2004 18:18, Carl Peto wrote:
> I have definitely had stability problems with a server using ReiserFS.
> This was in SuSE 7.2 so might be better now but it caused a lot of lost
> time and embarassment for me.  Any processes accessing either certain files
> or certain directories - fairly randomly this occurred - would hang and be
> unkillable - going to state "D" in ps (I think this is called
> uninterruptible wait and represent the fact that the process cannot receive
> semaphores or signals and will never be scheduled until the I/O kernel
> operation performed has completed - it never completes - this seems to be a
> classic symptom of a buggy kernel driver).

Be that as it may, I currently have 16 systems all running the exact same Suse 
version, 7.2, and all are equipped with reiserfs (ext2 on /boot, and all of 
/, /var /usr /home are reiserfs). I have never ever had a FS problem and they 
have been running almost 3 years now. All are still in -sometimes heavy- use, 

Apart from that I almost exclusively deploy reiserfs since it was included in 
SuSE, without a glitch.  So, you may have had problems with it, but it is not 
per se reiserfs that is at fault. It may be hardware, or software, or any 
combination thereof.

> Since then my business partner and I have agreed a moritorium on ReiserFS
> on our server(s).

your prerogative, of course.

> I recently upgraded the box to SuSE 8.2 and took the opportunity to move
> the root fs to ext3.  This has one major benefit - if all else fails you
> can mount it as ext2.  That's what I did after a recent server crash caused
> by faulty RAID kernel drivers supplied by the company that made the RAID
> card.

My experiences are the exact opposite of yours. I once built a raid-5 ext3 
fileserver with close to 400GiB diskspace.  We later found out that whenever 
a servercrash occurred, the ext3 FS malfunctioned in such a way that it did 
not replay its journal (as reiser does) but instead started a 'normal' ext2 
full fsck. Now you can imagine how long a 400GiB fsck check takes, so you 
also can imagine we kicked ext3 off of that machine SO fast that its head 
spinned...!   A very bad experience, all in all, and quite frustrating. 
(nothing is more frustrating than having to wait, unable to do anything!)
We tried to fix things with tunefs but to no avail; after booting the ext3 
partition stubbornly insisted it was ext3 and with fully working journaling.
And at boot time it persisted in acting like an ext2 volume.

> Personally, I would definitely recommend ext3 and possibly even ext2
> exclusively for a server environment.

Ext2 ???  You must be joking.  Try sitting watching a lengthy e2fsck run, with 
management staring over your shoulder while you try to explain the downtime.
Ext2 is for <2GB HDDs.  I do trust you're not using disks that old anymore...?

> Regards,
> Carl
> ----- Original Message -----
> From: <suse@xxxxxx>
> To: <suse-security@xxxxxxxx>
> Sent: Wednesday, January 21, 2004 5:48 PM
> Subject: Re: [suse-security] Filesystem choice in secure serverinstallation
> > Quoting Togan Muftuoglu <toganm@xxxxxxxxxxxxxxxxxxxxx>:
> > > I was reading the SLES8_EAL2_SecurityGuide.pdf
> > > http://www.suse.de/de/security/eal2/SLES8_EAL2_SecurityGuide.pdf
> > >
> > > On page 8 it stated to have the "/" partion as ext3. If I remember
> > > correctly SuSE had ReiserFS since 6.4 and and it has been the default
> > > choice of filesystem for quite a time.
> > >
> > > So want I want to understand is what makes "ext3" as a better choice
> > > for the meeting of criteria and what are the reasons reiserfs fails.
> > >
> > > I do not want to start a flame war but I want to understand the facts
> > > in making such a decision.
> >
> > I have no direct knowledge, but I'm guessing it has something to do with
> cutting
> > down the work required to get EAL certification.  EXT3 has the advantage
> of
> > being somewhat simpler than reiser, it's essentially just a journaling
> system
> > tagged onto the venerable ext2.  ext2 had probably been vetted before, so
> > getting ext3 in was easier than getting reiser in.
> >
> > I would be surprised if there was any technical reason; I believe it was
> just a
> > way to streamline the certification.
> >
> > (and I'm someone who only uses ext3, not reiser, out of sheer
> bloody-minded
> > stubborness and an irrational fear that reiser is not entirely stable)
> >
> > --
> > Check the headers for your unsubscription address
> > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > Security-related bug reports go to security@xxxxxxx, not here

Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here