[dm-devel] trouble with generic/081
Christoph Hellwig
hch at infradead.org
Fri Dec 16 08:15:23 UTC 2016
On Thu, Dec 15, 2016 at 10:16:23AM +0100, Zdenek Kabelac wrote:
> So let me explain the logic behind this 'amazingly stupid' idea.
And that logic doesn't make any sense at all. invibly unmounting
a file system behind the users back is actively harmful, as it is
contradicting the principle of least surprise, and the xfstests mess
is one simple example for it. Add a callback in-kernel to tell the
fs to shut down but NOT unmount and expose the namespace below it,
which the administrator has probably intentionally hid.
Even worse unmount may trigger further writes and with fses not
handling them the fs might now be stuck after being detached from
the namespace without a way for the admin to detect or recover this.
What XFS did on IRIX was to let the volume manager call into the fs
and shut it down. At this point no further writes are possible,
but we do not expose the namespace under the mount point, and the
admin can fix the situation with all the normal tools.
More information about the dm-devel
mailing list