On 05/02/17 12:08, Kai Krakow wrote: > Wrong. If you tend to not be in control of the permissions below a > mountpoint, you prevent access to it by restricting permissions on a > parent directory of the mountpoint. It's that easy and it always has > been. That is standard practice. While your backup is running, you have > no control of it - thus use this standard practice!
Sorry, you are missing the point. This isn't about backups, it is about snapshots. To the sysadmin who is not a developer and does not know how receive is actually implemented, send/receive appears to work exactly like taking a readonly snapshot, but between two different disks. That is the mental model they have of the process. Taking a snapshot does not require hiding the target: it either works or it doesn't, and it cannot be interfered with. The sysadmin's natural expectation is that send/receive works the same way. You may say, from your position of knowledge about how it is implemented, that is an unrealistic expectation but it is a natural and common expectation. I very firmly believe that 80% of ordinary btrfs sysadmins would be surprised by this behaviour. But, in any case, we can all agree that this unexpected behaviour needs to be documented. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
