Expectations we had to remember:
- you are always running mostly other people's code, so you have no idea what they are doing (weirdly, or otherwise)
- multiple users (hackers included) could be using same machine/containers/hololib/shared disk
- multiple processes will be running on same binaries (if hardlinked, copies otherwise)
- since every different file in hololib exist just once, avoid corrupting those while others are using them (they can do anything, if you hand them copies, not originals)
- MacOS behaves weirdly (with their security of things and file ownerships and syncinc)
- Windows behaves weirdly (with antivirus/firewalls injected by kernel)
- modern antivirus/firewall software works weirdly (and yanks executables even when application is already running [on suspicious activity])
These are @vjmp notes/memories from hardlinks and their use in rcc:
- technically hardlinks would be very beneficial to reduce time (and diskspace) usage of environment creation and cleanup
- we tried first use hardlinks in rcc environments, but there were some challenges
- we had to back down to give each running robot their own files (to mess around with; you never know what weird stuff foreign code does inside with their filehandles)
- one challenge is security, so allowing hardlinking between two different (maybe when at least one long-running code/robot is involved) environments opens up an attack vector from one environment to a next (if multiple people or containers have [write] access to same concrete file), and this is problem in SaaS like services using rcc
- files that have relocations in them cannot be hardlinked from one environment to next, or some code will end up running/accessing/modifying things on wrong environment/directory (because they are referring other files based on "hardcoded" location information inside them); we saw robots (stacktraces) jumping from one environment to next
- if processes are using locks on hardlinked files, it is not clear (to me) how other processes see those locks (when they actually should not have any knowledge of them)
- if some process is using file, same inode should not be written at (like .pyc/.pyo files) by other processes (or they sweep feets under from other processes expecting those files do not change
Note: I might add to this list, if I remember other things.
Expectations we had to remember:
These are @vjmp notes/memories from hardlinks and their use in rcc:
Note: I might add to this list, if I remember other things.