Date: Thu, 30 Oct 2008 19:47:48 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: d@delphij.net Cc: freebsd-hackers@freebsd.org Subject: Re: open(2) and O_NOATIME Message-ID: <20081031024748.GA20319@icarus.home.lan> In-Reply-To: <490A6A8A.7080504@delphij.net> References: <20081030154711.GA8416@icarus.home.lan> <490A6A8A.7080504@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Oct 30, 2008 at 07:16:42PM -0700, Xin LI wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jeremy Chadwick wrote: > > I've recently been reading about Linux's O_NOATIME flag to open(2), and > > I'm curious why we haven't implemented this. There seem to be a lot of > > good reasons to implement such a thing. > > > > Chances are it's due to lack of time/interest, which is expected, but I > > was wondering if there were other reasons. > > > > I realise mount's noatime trumps this, but there are lots of scenarios > > where atime is desired as a default, but disabled in specific cases. > > Em... Allowing administrators to disable NOATIME would be a good thing, > but wouldn't allowing arbitrary program to decide whether atime should > be changed, be a serious security disaster? How? There's only one condition I can think of: where a system administrator is, for some reason, relying upon atimes as a form of proof of something bad happening (which is a horrible concept in general, being as the amount of false positives seen would be tremendous; using atime as a security auditing method is stupid). If that's what you were referring to, then possibly making O_NOATIME only to root would be a suitable compromise. > Disclaimer: I'm not a big atime fan myself, actually I disable atime on > a lot of my servers for performance reasons :) I can't disable atime on any systems I maintain, because they all provide access to classic UNIX mbox spools where atime is used to determine if new mail has arrived. The instant filesystem-level backups run, atime is lost, and users have no way of knowing if they have new mail or not. Switching to Maildir is an option, but the performance hit of readdir() + stat() on thousands of files is tremendous (which is why mail clients like mutt have features like "header caching" via Oracle/Sleepycat DB). Anyway, I just was reading about it and realise that a lot of backup solutions out there can make use of O_NOATIME if available, which it isn't on FreeBSD. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081031024748.GA20319>