Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!rochester!rutgers!husc6!cmcl2!brl-adm!adm!bzs@bu-cs.bu.EDU
From: bzs@bu-cs.bu.EDU (Barry Shein)
Newsgroups: comp.unix.wizards
Subject: stupidity in directory management?
Message-ID: <8414@brl-adm.ARPA>
Date: Wed, 22-Jul-87 16:12:26 EDT
Article-I.D.: brl-adm.8414
Posted: Wed Jul 22 16:12:26 1987
Date-Received: Fri, 24-Jul-87 06:11:39 EDT
Sender: news@brl-adm.ARPA
Lines: 39


Yes, I don't think anything that's a hack (eg. scrounging around for
the blocks) is at all acceptable (except perhaps as an emergency
utility for sysmanglers, in a similar spirit to clri, even that is of
almost no utility unless the system is halted the moment a file is
accidently deleted, it borders on institutionalized lunacy for a
time-sharing system [eg. how many files will be lost when you halt?].)

It really has to be something like mark the file name so it becomes
invisible on 'rm' and unmark it on 'unrm', the "file" (ie. inode and
blocks) is really, really still there, it's just the name which has
become invisible (oops, invisible files is a whole different but
related topic :-) as far as the user is concerned. It shouldn't even
be wholly invisible, I would certainly want to be able to ask 'ls' to
list all undelete-able file names. Sometimes it takes some user
interface magic to make this correctly accepted in the user's mind
(oh, like the 'ls -D' command refusing to list anything but
undelete-able files, clearly segmenting them visually.)

There's really a lot of thought that's needed.

Here's another...do you back up deleted files? But what if the system
goes down just as they were about to legally undelete and you would
have had it on the backup that finished ten minutes ago? Assume your
goal in life is not to save mag tape or punish users for their foibles
but to provide a reliable system.

In fact, even in a "real" implementation your point still stands.
People do expect that the ability to undelete means whatever is most
convenient for them no matter what you tell them (I ran the TWENEX
system here.) They'll delete and delete, discover they're over file
quota limit because of the deleted file space, expunge to free the
space, work some more, then try to undelete. If you're *lucky* they'll
admit they expunged, most will stand there dumbly on the assumption
that if you think the system did it to them you'll work a little
harder to get them their file back (unfortunately that's often true,
we're only human also.)

	-B