Shadow filesystems [was Re: Pair donates 20,000 to Poul-Henning Kamp??]

Jari Kirma kirma at cs.hut.fi
Fri Apr 16 12:28:32 PDT 2004 

On Fri, 16 Apr 2004, Brad Knowles wrote:

> At 5:43 PM +0300 2004/04/16, Jari Kirma wrote:
>
> >  I played with the idea of "reliable undelete" functionality some time ago.
>
> 	After a catastrophic wipeout when I was a student at the
> University of Oklahoma about 20 years ago (causing me to work 36
> hours straight to re-create all my hard work), I created a set of
> shell script tools to replace the "rm", "mv", "cp", etc... programs
> with something that would use a "~/.Trash" directory and then
> compress the files, etc....  When I first created these scripts, they
> were very popular, and widely used by the student community.  IIRC, I
> posted a fairly final version of those scripts to comp.sources.*.

This is of course the first thing that tends to come to mind. Less so in
modern times of people using graphical file managers and such, though.
OTOH, those tools tend to have windows-ish trashcan logic built in.

> 	ECN staff had a disagreement with me over these tools, thinking
> it unwise for people to get used to the "new" behaviour, which might
> lead them to get seriously screwed when they used "rm" somewhere else
> and it didn't act in the way they expected.  However, it wasn't until
> after I had another massive wipeout (this time using vi to write a
> file into the wrong filename), that I decided that I agreed with them.

This is quite true. It would be sort of better, though, if users would
need to ask for admins to "recover" those files, and admins not telling
how easy it is. That'd keep users from relying on stupid extras and us
sysadmins getting our salary for something. :]

> 	If you really want to make something like this work, you have to
> cover all possible avenues of destruction, not just creat(),
> unlink(), and rename routines.  Introduce a real filesystem
> versioning scheme, and I would gladly welcome your work.

Compability with existing UNIX/POSIX-style software might be quite a
challenge.

> 	But please don't violate POLA, and please don't help to create a
> different set of user expectations that would cause users to get
> seriously hurt if/when they're on another OS.

It's such a pity that folks always find ways to shoot themselves with a
utility if it has more than one moving part, and they probably manage to
injure themselves even if it has only one.

-kirma

More information about the freebsd-chat mailing list