Re: [Bug-tar] add --ignore-missing to ignore missing input files

[Joerg Schilling]

Nathan Stratton Treadway <address@hidden> wrote:

> > More generally, why use find + tar?  The combination
> > seems inherently unsafe.  An attacker with
> > write access to the file system could cause the combination
> > to archive the "wrong" file, for example.
>
> A few thoughts from the point of view of a "casual observer" after
> reading through this thread:
>
>   * Using "find" is an easy way to generate lots of files to be
>     processed and thus increase the chances that some will be deleted
>     while tar is running... but it seems like it could just as easily
>     happen using shell wildcards directly on the tar command line. (That
>     is, the wildcard could expanded to a number of files and some of them
>     might disappear while tar was processing the earlier files in the
>     argument list.)

This applies to the case when wou run find and *tar separately but not if you 
use the find inside star. In any case, you cannot be 100% sure that a filename
that just has been read from a directory can be opened - regardless how few time
passed since then.

>     So the issue isn't really specific to "find", but applies to any
>     case where you build a list of files-to-process at the start of the
>     tar invocation but some of those files might go away during that tar
>     run.

See above, this also happens when the length of the list is 1.

With a built in find, you however can massively reduce the time between reading 
directory content and trying to open a file.

>   * I think Stefan's point is that in this case he _expects_ ENOENT to
>     happen sometimes, but he doesn't expect those other conditions to
>     occur.  If he wants to ignore all read errors he can already used
>     --ignore-failed-read, but it seems that what he's looking for now is
>     a way to actually be more selective regarding which conditions are
>     converted from "error" to "warning".

UNIX is a timesharing OS and as we have multi processor systems spread widely 
since aprox. 20 years, many things can happen really concurrently. Scheduling 
in addition may delay the tar process and permit other processes to remove 
files just reead from the directory and even create a new file (or whatever) 
under the same name before the tar process has a chance to open the file.

Running a pipe find | *tar definitely causes scheduling/delay for the tar 
process until the file name stream is available in the pipe. If you like to use 
the benefits of the find program, I recommend to use star, as star is able to 
give you these benefits without causing more deleay than you have in a normal 
tar implementation.

Jörg

-- 
 EMail:address@hidden (home) Jörg Schilling D-13353 Berlin
       address@hidden                (uni)  
       address@hidden (work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily