As you probably know, when you use "mdadm -C" to create an array, it will check if the devices appear to contain a filesystem or similar already and will complain if they do - requiring you do say "yes" or use "--run" to avoid the warning. However if you use "--add" to add a device to an existing array no such checks are done. So it isn't too hard to destroy all those cat photos you have saved on a USB drive (because device names change every time you boot and you got confused). I could easily change "--add" to be more cautious, but that might break existing scripts, which I would rather not do. Or I could add a "policy" line to mdadm.conf which would indicate the policy for "--add" - either "spare" or "force-spare". But then I would need to decide on a default. The default should probably be safe otherwise people probably won't change it until they get burned. So people with scripts would still experience breakage, but could now fix it easily with a "policy" line. Or maybe "--add" should be deprecated so people have to choose between "--re-add" or a new "--spare" with --spare requiring "--force" to destroy data. Then "--add" would generate a deprecation message which scripts could ignore but people might learn from. I don't think there is an obviously-correct answer here so I'm open to suggestions. What do people think? NeilBrown
Attachment:
signature.asc
Description: PGP signature
