public inbox for pbs-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Christian Ebner <c.ebner@proxmox.com>
To: Robert Obkircher <r.obkircher@proxmox.com>, pbs-devel@lists.proxmox.com
Subject: Re: [PATCH v1 proxmox 2/2] fix #7690: proxmox-sys: close fd before rename/unlink in replace_file
Date: Mon, 29 Jun 2026 13:18:21 +0200	[thread overview]
Message-ID: <0fb3fc84-c8cc-4cc8-be71-5bcdf4e95132@proxmox.com> (raw)
In-Reply-To: <20260617105000.232928-3-r.obkircher@proxmox.com>

On 6/17/26 12:49 PM, Robert Obkircher wrote:
> Fix the rename operation on WORM file systems and allow FUSE file
> systems to unlink without creating temporary .fuse_hidden files.

question: what about other helpers using a similar pattern when removing 
a temp file in error case, e.g. unlink() after file content writing or 
fsync() failed while still holding an open file descriptor in 
atomic_open_or_create_file()? These will produce the .fuse_hidden files 
as well?

> Closing the fd earlier shouldn't have any noticeable effects on normal
> file systems, because the path-based rename and unlink operations are
> completely separate from the content.
> 
> Link: https://bugzilla.proxmox.com/show_bug.cgi?id=7690
> Signed-off-by: Robert Obkircher <r.obkircher@proxmox.com>
> ---
>   proxmox-sys/src/fs/file.rs | 6 ++++++
>   1 file changed, 6 insertions(+)
> 
> diff --git a/proxmox-sys/src/fs/file.rs b/proxmox-sys/src/fs/file.rs
> index 533e0896..03223e5a 100644
> --- a/proxmox-sys/src/fs/file.rs
> +++ b/proxmox-sys/src/fs/file.rs
> @@ -180,6 +180,7 @@ pub fn replace_file<P: AsRef<Path>>(
>       let (mut file, tmp_path) = make_tmp_file(&path, options)?;
>   
>       if let Err(err) = file.write_all(data) {
> +        drop(file);
>           let _ = unistd::unlink(&tmp_path);
>           bail!("write failed: {}", err);
>       }
> @@ -187,11 +188,16 @@ pub fn replace_file<P: AsRef<Path>>(
>       if fsync {
>           // make sure data is on disk
>           if let Err(err) = nix::unistd::fsync(file.as_raw_fd()) {
> +            drop(file);
>               let _ = unistd::unlink(&tmp_path);
>               bail!("fsync failed: {}", err);
>           }
>       }
>   
> +    // Allow WORM file systems to commit the contents before the rename
> +    // and prevent temporary .fuse_hidden* files created by unlink.
> +    drop(file);
> +
>       if let Err(err) = std::fs::rename(&tmp_path, &path) {
>           let _ = unistd::unlink(&tmp_path);
>           bail!(





  reply	other threads:[~2026-06-29 11:18 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-17 10:49 [PATCH v1 proxmox 0/2] improve proxmox-sys::fs::replace_file Robert Obkircher
2026-06-17 10:49 ` [PATCH v1 proxmox 1/2] proxmox-sys: avoid unnecessary conversion in replace_file Robert Obkircher
2026-06-29 11:12   ` Christian Ebner
2026-06-17 10:49 ` [PATCH v1 proxmox 2/2] fix #7690: proxmox-sys: close fd before rename/unlink " Robert Obkircher
2026-06-29 11:18   ` Christian Ebner [this message]
2026-06-30 13:24     ` Robert Obkircher
2026-06-30 15:02       ` Christian Ebner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0fb3fc84-c8cc-4cc8-be71-5bcdf4e95132@proxmox.com \
    --to=c.ebner@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    --cc=r.obkircher@proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal