Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Prevention of Detrimental System Modification through Version Control

IP.com Disclosure Number: IPCOM000244842D
Publication Date: 2016-Jan-21
Document File: 4 page(s) / 35K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method to enable operating systems to monitor in real time the changes a user makes to the system in order to prevent developers from making detrimental changes to the operating environment. When the process detects potentially detrimental changes, the system alerts the users to the potentially harm.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 32% of the total text.

Page 01 of 4

Prevention of Detrimental System Modification through Version Control

As computer operating systems become increasingly complicated, more people must interact with and configure the systems. A single system can now host many servers or instances of virtual machines creating notable loads upon the memory, processors, disks, and networks that serve that system. Changes to system configuration now have the potential to impact many users and systems.

An example of the problem is a project with a single service node that served the purpose of managing and configuring tens of thousands of compute nodes. Small changes to the service node can have large impacts on the overall performance of the system. Such a project can also have more than 50 developers simultaneously working on that system. All the developers require root access to the system to be able to update packages and try different system configuration options. Unfortunately, some developers might not understand the possible impacts of the changes to the system. As a result, a user might make a change that causes issues for the entire system. Much time is then required on the part of a system administrator to determine what changed and how to fix the problem.

The novel contribution is a method to enable operating systems to monitor in real time the changes a user makes to the system in order to prevent developers from making detrimental changes to the operating environment. When the process detects potentially detrimental changes, the system alerts the users to the potentially harm. If the user (i.e. developer) proceeds with said change, then the system tracks the change so that it can be later reverted if necessary.

The core novel features of the method are:


 A system to monitor, in real-time, the changes being made to the configuration of a system


 A mechanism to warn users who are about to implement a change(s) that is likely detrimental to the state of the system


 A method to track and then easily roll back and detrimental changes (if the user proceeds with implementation after receiving an alert)

The method adds version control to the operating system's filesystem, enabling the system to track each change that happens to the system's files. The system administrator configures which files to monitor. Directories such as /etc and /var/lib are important to monitor, while changes to /var/log do not require tracking. By default, the system saves each change made to tracked parts of the filesystem as dedicated commits. For systems that are more active, this process is configurable to commit the differences after a certain threshold of modification is made or after a given period, in the event that changes happened during that period.

By default, this method is configured to monitor a reasonable number of files on the system to avoid impacting system performance when monitoring is enabled. The default setting includes files under /etc and and /opt/local. The administrato...