Red Hat Bugzilla – Bug 489946
libvirt does not do safe replacement of guest/storage pool/network config files
Last modified: 2012-03-30 16:53:25 EDT
Description of problem:
When defining a new guest/storage pool/network config file, libvirt simply opens the config file, truncating existing content and then writes the new one. This is not safe against a wide variety of errors. If the write() or close() step fails, the user is potentially left with a zero length config file. If host crashes, the new config may not have been flushed to disk again leaving a zero length file, or corrupted file. It needs to implement a much more robust method for writing out new config files.
cf this preso for guide on how to write safely http://www.flamingspork.com/talks/2007/06/eat_my_data.odp
Version-Release number of selected component (if applicable):
Steps to Reproduce:
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.
More information and reason for this action is here:
Fixed in 0.9.7 with:
Author: Jiri Denemark <firstname.lastname@example.org>
Date: Thu Oct 13 12:17:12 2011 +0200
Introduce virFileRewrite for safe file rewrite
When saving config files we just overwrite old content of the file. In
case something fails during that process (e.g. disk gets full) we lose
both old and new content. This patch makes the process more robust by
writing the new content into a separate file and only if that succeeds
the original file is atomically replaced with the new one.