Bug 489946 - libvirt does not do safe replacement of guest/storage pool/network config files
libvirt does not do safe replacement of guest/storage pool/network config files
Product: Virtualization Tools
Classification: Community
Component: libvirt (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Veillard
Depends On:
  Show dependency treegraph
Reported: 2009-03-12 12:32 EDT by Daniel Berrange
Modified: 2012-03-30 16:53 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-03-30 16:53:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Daniel Berrange 2009-03-12 12:32:41 EDT
Description of problem:
When defining a new guest/storage pool/network config file, libvirt simply opens the config file, truncating existing content and then writes the new one. This is not safe against a wide variety of errors. If the write() or close() step fails, the user is potentially left with a zero length config file. If host crashes, the new config may not have been flushed to disk again leaving a zero length file, or corrupted file. It needs to implement a much more robust method for writing out new config files. 

cf this preso for guide on how to write safely http://www.flamingspork.com/talks/2007/06/eat_my_data.odp

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Bug Zapper 2009-06-09 08:10:47 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
Comment 2 Eric Blake 2012-03-30 16:53:25 EDT
Fixed in 0.9.7 with:
commit 559644ddd2fd7065220331d11197bf54f6484231
Author: Jiri Denemark <jdenemar@redhat.com>
Date:   Thu Oct 13 12:17:12 2011 +0200

    Introduce virFileRewrite for safe file rewrite
    When saving config files we just overwrite old content of the file. In
    case something fails during that process (e.g. disk gets full) we lose
    both old and new content. This patch makes the process more robust by
    writing the new content into a separate file and only if that succeeds
    the original file is atomically replaced with the new one.

Note You need to log in before you can comment on or make changes to this bug.