On Fri, 2013-03-29 at 21:32 -0700, Rick Walker wrote:
"nrm -s" keeps a fine-grained horde of every deleted file -
even
multiple deletes of the same file! The strategy works so well, that
I'd seriously propose the .gone strategy as a kernel option. Then all
"unlink" calls would use the same sequencing system even if the file
was removed by a program without "anyone typing anything".
That's true as long as the damage was done via unlink. However a file
being overwritten is another story. That's why regular backups are
essential, as you say.
Backups are a highly recommended and mostly orthogonal safety
net.
I agree that the two are orthogonal. My concern about nrm and similar
tools is that they can instil a false sense of security in naive users.
Maybe I'm just paranoid, but paranoia in a sysadmin is no bad thing.
The nrm approach also diverts lots of support requests from the
department backup guru, and lets most users fix their own problems
without any need for help.
That depends somewhat on how restores are handled. On many systems the
backup appears as a mounted read-only filesystem mirroring the live
system, in which case restoring is as simple as the "cp .gone/..."
example you give. That's how I do it at least.
poc