Sage Weil wrote:
On Mon, 11 May 2009, Joel Becker wrote:
Here's v4 of reflink(). If you have the privileges, you get the
full snapshot. If you don't, you must have read access, and then you
get the entire snapshot (data and extended attributes) except that the
security context is reinitialized. That's it. It fits with most of the
other ops, and it's a clean degradation.
What would a 'cp' without '-p' be expected to do here when it has the
privileges? Call reflink(2), then explicitly clear out any copied
security attributes ensure that any copied attributes are removed, and
otherwise jump through hoops to make the newly created file look like it
should? Should it check whether it has the privileges and act accordingly
(_can_ it even do that reliably/atomically?), or unconditionally verify
the attributes look like a new file's should?
I don't understand what you think is hard about cp doing the
"if not preserve then update attributes". It does not have to check
the reflink() attr result, it just assigns the expected new attributes.
Only the -p snapshot needs atomicity.
To me, a simple 'cp' type operation (assuming it gets wired up the way it
could) seems like at least as common a use case than a 'snapshot'
I don't think changing "cp" is a good idea since users have a
long history that cp means make a data copy, not cow. Adding
a new flag is IMO not be as good as a new utility. Particularly
since we can not do directories.
jim
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
