fsck: handle untrusted repos
This commit is contained in:
Joey Hess
parent
b7903eb2d1
commit
ba748a1198
4 changed files with 56 additions and 12 deletions
|
|
@ -16,6 +16,7 @@ module Backend.File (backend, checkKey) where
|
|||
|
||||
import Control.Monad.State
|
||||
import System.Directory
|
||||
import Data.List
|
||||
|
||||
import BackendTypes
|
||||
import LocationLog
|
||||
|
|
@ -27,6 +28,7 @@ import qualified Annex
|
|||
import Types
|
||||
import UUID
|
||||
import Messages
|
||||
import Trust
|
||||
|
||||
backend :: Backend Annex
|
||||
backend = Backend {
|
||||
|
|
@ -150,8 +152,8 @@ getNumCopies Nothing = do
|
|||
config = "annex.numcopies"
|
||||
|
||||
{- This is used to check that numcopies is satisfied for the key on fsck.
|
||||
- This trusts the location log, and so checks all keys, even those with
|
||||
- data not present in the current annex.
|
||||
- This trusts data in the the location log, and so can check all keys, even
|
||||
- those with data not present in the current annex.
|
||||
-
|
||||
- The passed action is first run to allow backends deriving this one
|
||||
- to do their own checks.
|
||||
|
|
@ -167,15 +169,31 @@ checkKeyNumCopies key numcopies = do
|
|||
needed <- getNumCopies numcopies
|
||||
g <- Annex.gitRepo
|
||||
locations <- liftIO $ keyLocations g key
|
||||
let present = length locations
|
||||
untrusted <- trustGet UnTrusted
|
||||
let untrustedlocations = intersect untrusted locations
|
||||
let safelocations = filter (\l -> not $ l `elem` untrusted) locations
|
||||
let present = length safelocations
|
||||
if present < needed
|
||||
then do
|
||||
warning $ note present needed
|
||||
ppuuids <- prettyPrintUUIDs untrustedlocations
|
||||
missingNote present needed ppuuids
|
||||
return False
|
||||
else return True
|
||||
where
|
||||
note 0 _ = "** No known copies of "++show key++" exist!"
|
||||
note present needed =
|
||||
"Only " ++ show present ++ " of " ++ show needed ++
|
||||
" copies of "++show key++" exist. " ++
|
||||
"Back it up with git-annex copy."
|
||||
|
||||
missingNote :: Int -> Int -> String -> Annex ()
|
||||
missingNote 0 _ [] = showLongNote $ "** No known copies of this file exist!"
|
||||
missingNote 0 _ untrusted = do
|
||||
showLongNote $
|
||||
"Only these untrusted locations may have copies of this file!" ++
|
||||
"\n" ++ untrusted ++
|
||||
"Back it up to trusted locations with git-annex copy."
|
||||
missingNote present needed untrusted = do
|
||||
showLongNote $
|
||||
"Only " ++ show present ++ " of " ++ show needed ++
|
||||
" trustworthy copies of this file exist." ++
|
||||
"\nBack it up with git-annex copy."
|
||||
when (not $ null untrusted) $ do
|
||||
showLongNote $
|
||||
"\nThe following untrusted copies may also exist: " ++
|
||||
"\n" ++ untrusted
|
||||
|
|
|
|||
2
debian/changelog
vendored
2
debian/changelog
vendored
|
|
@ -5,7 +5,7 @@ git-annex (0.19) UNRELEASED; urgency=low
|
|||
* There are now three levels of repository trust.
|
||||
* untrust: Now marks the current repository as untrusted.
|
||||
* semitrust: Now restores the default trust level. (What untrust used to do.)
|
||||
* fsck: Warn if content is only in untrusted repositories.
|
||||
* fsck: Take untrusted repositories into account.
|
||||
* bugfix: Files were copied from trusted remotes first even if their
|
||||
annex.cost was higher than other remotes.
|
||||
|
||||
|
|
|
|||
|
|
@ -25,8 +25,7 @@ restores a repository to this default, when it has been overridden.)
|
|||
## untrusted
|
||||
|
||||
An untrusted repository is not trusted to retain data at all. Git-annex
|
||||
will not count data in such a repository as a of the data, and will
|
||||
retain sufficient [[copies]] elsewhere.
|
||||
will retain sufficient [[copies]] of data elsewhere.
|
||||
|
||||
This is a good choice for eg, portable drives that could get lost. Or,
|
||||
if a disk is known to be dying, you can set it to untrusted and let
|
||||
|
|
|
|||
|
|
@ -391,3 +391,30 @@ it so anything put in there is backed up more thoroughly:
|
|||
# echo "* annex.numcopies=3" > important_stuff/.gitattributes
|
||||
|
||||
For more details about the numcopies setting, see [[copies]].
|
||||
|
||||
## untrusted repositories
|
||||
|
||||
Suppose you have a portable USB drive and are using it as a git annex
|
||||
repository. You don't trust the drive, because you could lose it, or
|
||||
just because portable USB drives don't tend to last very long. You can
|
||||
let git-annex know about this, and it will adjust its behavior to avoid
|
||||
relying on that drive's continued availability.
|
||||
|
||||
# cd /media/usb
|
||||
# git annex untrust .
|
||||
untrust . ok
|
||||
|
||||
Now when you do a fsck, you'll be warned appropriately:
|
||||
|
||||
# git annex fsck .
|
||||
fsck my_big_file
|
||||
Only these untrusted locations may have copies of this file!
|
||||
05e296c4-2989-11e0-bf40-bad1535567fe -- portable USB drive
|
||||
Back it up to trusted locations with git-annex copy.
|
||||
failed
|
||||
|
||||
Also, git-annex will refuse to drop a file from elsewhere just because
|
||||
it can see a copy on the untrusted drive.
|
||||
|
||||
It's also possible to tell git-annex that you have an unusually high
|
||||
level of trust for a repository. See [[trust]] for details.
|
||||
|
|
|
|||
Loading…
Reference in a new issue