Re: Gnumeric file went south.



On Wed, 2001-06-13 at 18:10:51, Morten Welinder wrote:

Note: I'm not talking about creating backup file here. I'm talking about
creating _temporary_ file and then renaming it to the original name.
Of course we could create backup files too...

This is quite complicated to get right.

It would be less complicated if we supported this at file format level (we
could easily preserve user/group/hardlinks/anything), but it's not the case
for most existing file formats.

* Missing write permission in the directory.  (Backup goes to home directory
  with a message.)

Saving temporary file in different filesystem doesn't guarantee safety -
we'd have to copy its conent to the original file and it wouldn't be atomic
operation.

* Hard-linked files.

* Writable files owned by other users and/or groups.

You forgot:
 * Concurrent access to the file (many users/gnumeric processes) :-)

We don't have too much choice:

- If the file is owned by the current user/group and st_nlink == 1 and we
  have write access to the directory - we create temporary file in this
  directory and then rename it.

- Otherwise we create temporary file somewhere in $HOME and then copy it
  using sendfile / mmap + write / read + write (depending on the system).
  It doesn't guarantee safety, but minimizes the risk.

Two config options would let the user decide:

- if we should use this feature at all
- if we should copy the file if rename can't be used
  (we write directly to the original file if this option is disabled)

What do you think?


Zbigniew




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]