mirror of
https://github.com/mabam/CAP.git
synced 2024-06-10 09:29:27 +00:00
161 lines
8.0 KiB
Plaintext
161 lines
8.0 KiB
Plaintext
afpidsrvr
|
|
---------
|
|
|
|
This provides aufs with permanent external directory and file id's.
|
|
|
|
Rather than remembering pathnames, Mac's often store a number for
|
|
the directory and the name of the file. These id's must be mapped
|
|
by aufs onto the Unix file system - thus the term "external id's".
|
|
External id's are used extensively by the alias manager, and also
|
|
affect QuickTime. aufs's problem is that it forgets the id's after
|
|
each session. This causes many problems, the greatest being that
|
|
aliases do not work properly.
|
|
|
|
The previous, and still default, version created external id's as
|
|
required in a linear manner. These are mapped onto pointers -
|
|
internally aufs holds the directory picture as a tree. An array of
|
|
these pointers, indexed by the external id, was used to perform the
|
|
external to internal mapping. The reverse mapping was achieved
|
|
primarily by a field in the internal directory records.
|
|
|
|
This new version uses a central database to hold the external id's.
|
|
Various schemes were examined, including the use of inode numbers.
|
|
Most were rejected on the realisation that a single scheme had to
|
|
cover the whole file system: you cannot assign numbers by volumes.
|
|
The database is single-writer/multi-reader. aufs processes read
|
|
id/path pairs from the database, but if they want to add entries they
|
|
send a request to the 'afpidsrvr'. The use of a server at least
|
|
ensures consistency is maintained, gets around the basic problem of
|
|
the lack of locks, and preserves some security. So far, at least, the
|
|
system has worked without locks - aufs does re-open databases after
|
|
it detects change, to avoid some problems. Security is not
|
|
particularly strict - the server will not create entries if
|
|
directories don't exist, and will not remove entries for existing
|
|
directories. The system is not foolproof, and can have problems if
|
|
the database gets corrupted, but there we are.
|
|
|
|
The current version (1.1) of the database is the second go. The first
|
|
version contained two sets of entries: fullpath->id and id->fullpath.
|
|
This worked fine until the system tried to delete or move directory
|
|
trees - it just moved the top one, and left the children in their
|
|
original places. The second version mirrors the directory structure
|
|
in providing a tree. Moving and deleting now alters the tree
|
|
structure. This means that many more accesses are required, but the
|
|
records themselves are on average smaller. Each record, looked up by
|
|
key N<id>, consists of:
|
|
|
|
<parent id><num children><child ids....><name>
|
|
|
|
There is also an initial record consisting of the databased version
|
|
and the root id.
|
|
|
|
As well as a the afpidsrvr server there is an afpidtool, which can
|
|
send messages directly to the server, and afpidlist, which will
|
|
list the database.
|
|
|
|
The system is by no means foolproof. Expect problems if different
|
|
people are working on the same area - aufs still cannot detect
|
|
automatically that other processes have changed the Unix
|
|
filestructure. Since the server routines pass a fullpath back to
|
|
aufs itself, and let it then decode that into the internal aufs
|
|
directory tree, if the name is changed by another process, then aufs
|
|
may see a whole new path. If this proves a problem, a mechanism will
|
|
be required to pass back the information to aufs - it is essentially
|
|
a problem with the aufs/afpidsrvr interface, rather than with afpidsrvr
|
|
itself. One possibility would be to passback a list of extId/name
|
|
pairs, rather than a path. If the names changed than aufs would
|
|
realise that, and could change its internal record. I've no idea how
|
|
it would tell the Mac though!
|
|
|
|
Another area of concern is in the integrity of the database. The
|
|
current database should not get corrupted, but if it does the
|
|
programs are not very resiliant to it - the contents of a record are
|
|
believed. It is not particularly clear how this will workout in
|
|
practice - my experience with corruptions is limited to problems
|
|
during testing, when bugs caused process crashes. If corruptions turn
|
|
out to be a problem, then some extra checks will be required. To be
|
|
worth while, adding CRC checks to the database records is probably
|
|
required. For the moment the simple scheme seems preferable. Do note
|
|
that, in the extreme case, you may have to delete the database in
|
|
/usr/local/lib/cap and start again. If you do this, ensure you stop both
|
|
afpidsrvr and aufs first - neither like this event! This will obviously
|
|
cause problems to users. The previous version of afpidsrvr had a clean
|
|
function, which was intended to remove unused and faulty entries.
|
|
This is currently non-operative, but may be re-instated in the
|
|
future.
|
|
|
|
In will be noted that afpidsrvr is optional. Why might you not wish to
|
|
use this:
|
|
|
|
* There is a performance penalty, and you might not wish to pay it.
|
|
In practice, there is a slight penalty on startup, and in opening
|
|
folders for the first time - especially new ones. The only "bad case"
|
|
scenario that actually occurs is the reverse lookup of an id to a
|
|
pathname, which is then converted to an internal pointer by a second
|
|
tree semi-traversal. My experience with a Sun II server suggests that
|
|
this delay is negligable.
|
|
|
|
* Reliability. The system has, currently, only been tested on a Sun
|
|
II server. There may be minor problems elsewhere, but there is
|
|
nothing to suggest that there should be huge problems. I'm still not
|
|
sure about the big-endian/little-endian situation, but I believe that
|
|
providing the database is not moved from one machine to another there
|
|
should be no problem.
|
|
|
|
* NFS. We do not use NFS much, and I have little experience of it. I
|
|
would only expect problems if the aufs server for the same area ran
|
|
on serveral machines, but there are several suspect areas.
|
|
|
|
* Portability. The system runs under SunOS4.1. I have not tested it
|
|
on other systems - not even Solaris. The chief problem areas may be
|
|
in named sockets, which are used to send the information between
|
|
client processes and the server. On other systems you my have to use
|
|
equivalents.
|
|
|
|
On a final point, the modified server does contain emergency code for
|
|
use if the server ceases to function. This should never happen in
|
|
normal running, but may if errors are hit. This backup mechanism
|
|
actually reflects v1.0 if the database, and just records name/id
|
|
pairs. It is anything but efficient, and is merely intended to avoid
|
|
having to crash the server. Really there ought to be a few bells
|
|
ringing if this happens, but there are not! [Perhaps in a future
|
|
version, if something thinks of a good interface.] It is suggested
|
|
that this should not be used routinely - not least it has problems
|
|
still with moving and deleting sub-trees of directories - and is very
|
|
inefficient. In case you wonder why not just fall back on the default
|
|
scheme, the assumption is that the existing database is fine, but
|
|
cannot be modified.
|
|
|
|
Installation and Use
|
|
--------------------
|
|
|
|
To use the file/directory ID server, select the FIXED_DIRIDS option in
|
|
the m4.features file. Re-run gen.makes, 'make clean' and rebuild CAP.
|
|
|
|
When compiled and installed, you will get the additional tools afpidsrvr,
|
|
afpidlist and afpidtool in your cap bin directory - along with the
|
|
modified aufs.
|
|
|
|
To bring them into operation, you must:
|
|
|
|
* Modify /etc/rc.local or your start-cap-servers file to place the
|
|
following lines, or similar, before you start aufs:
|
|
|
|
rm /usr/local/lib/cap/afpIDsock
|
|
afpidsrvr -l /usr/adm/afpidsrvr.log
|
|
|
|
Then restart as appropriate. The first call to afpidsrvr will create
|
|
the database, and aufs processes will then use it. Note the first
|
|
line is to delete the socket used for communication. This normally
|
|
happens when afpidsrvr exits, but may not if the machine crashes. In
|
|
normal running, you should be careful about running this - ensure
|
|
there is no afpidsrvr server running. This will only happen in normal
|
|
running if the afpidsrvr falls over. If this does happen, run
|
|
afpidlist first to ensure you can printout the database. If you
|
|
have real problems, you may have to close down aufs and delete the
|
|
database before continuing. You may prefer to try to restore the
|
|
database off backup.
|
|
|
|
John Forrest,
|
|
jf@ap.co.umist.ac.uk
|