On Sat, May 10, 2008 at 09:59:09AM +0200, Sven Joachim wrote:
> The filesystem has to be written to after the inodes are freed, i.e.
> the offending process that kept them open has exited. You would end
> up with inodes that have a link count of 0, i.e. lost space on the
> device, if the system would not do that.
Turns out you're right on the money:
http://lists.debian.org/debian-devel/2001/11/threads.html#00212
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
so I decided to go with this:
Dpkg::Pre-Invoke {
"/bin/mount -o remount,rw /usr";
"/bin/mount -o remount,rw /boot";
"/bin/mount -o remount,exec /tmp";
};
Dpkg::Post-Invoke {
"/bin/mount -o remount,ro /usr || echo 'Warning: /usr is busy: try
killing X'";
"/bin/mount -o remount,ro /boot";
"/bin/mount -o remount,noexec /tmp";
};
At least now it attempts to remount ro, and gives a sensible error if it
can't without causing apt to stop processing.
--
"Oh, look: rocks!"
-- Doctor Who, "Destiny of the Daleks"
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
