Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-2394

As a user I would like to recovery from filesystem corruption on my active part

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Open
    • Priority: (None)
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:

      Description

      This is on the verge of being out of scope for Mender, but as we do allocate two partitions for the root filesystems there are some possibilities to support a roll-back in case of a failure even if there is no update in progress.

      Today there are no guarantees that the inactive partition is valid or functional as you might have "old interrupted deployments" on there, one possibility here is to try and make sure that it is valid meaning in a roll-back scenario you would recover the inactive part to something functional which make you tolerant to corruption on the active partition, at least to some degree.

      NOTE! That this has some security implications as well and opens up an attack vector, meaning that if I can corrupt your active system I might be able to force a roll-back to something that know has security vulnerabilities that I can exploit.

      This might be a good fit for the rootfs-v2 update module

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mirzak Mirza Krak
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:

                Summary Panel