> On Fri, Jun 22, 2001 at 09:28:05AM -0500, Steve Lord wrote:
> > 1. only allow the nouuid in combination with the ro flag - otherwise you
> > could get two mounts of the same physical media at the same time, you
> > will trash the filesystem very quickly. Enforcing this combination will
> > at least stop people from writing from multiple places, it will still
> > have the potential for a read only and a read/write copy of the same
> > filesystem, the readonly copy will get out of date metadata in its
> > buffers, and possibly crash, so this is definitely a use only if you
> > really know what you are doing feature.
>
> That would defeat the purpose I've done it for completely -- mounting an
> writable snapshot volume and letting it replay the log there. When the user
> specifies nouuid he should know what he is doing.
OK, I just get nervous, we have had so many people work out ways to mount
the same filesystem from two places and walk all over it.
>
> > 2. You also need to skip the call to xfs_uuid_unmount() in xfs_unmountfs(),
> > this will be happily removing the uuid for the original filesystem even
> > while it is still mounted. This would let you get into the same case as
> > above and trash the filesystem later on.
>
> True, will add that. Handling it for the remount case will be slightly
> tricky though.
>
> >
> > This whole thing is based on the theory that recovery does not have to
> > run on the snapshot, which it should not if I got the snapshot code right.
>
> It is assuming that you can run recovery and that the user
> ensured that the snapshot device has some mechanism to deal with that; like
> some block level COW handler. The default without this option is still
> safe of course.
Is recovery running for you? If you use the freeze/thaw code I put into
XFS and the LVM patch to call them from the snapshot creation path then
in theory it should not be running.
>
> -Andi
Steve
|