On Tue, Nov 23, 1999 at 02:06:45PM -0800, Chuck Silvers wrote:
> by "disable access to the filesystem" I meant "all VOPs return an error
> and no writes from the filesystem to the device are permitted" rather than
> "forced unmount".  then it's really apparent to applications that something
> is horribly wrong, but the machine can keep going.  does that sound more
> acceptable?

Yes, it looks better :)

> 
> I'm not opposed to making this optionally panic as long as it's just
> in one place in the code.  but I don't think that's what most people
> will want if they have more than a couple filesystems.
> 
> really, the best thing would be to disable corrupted bits of the
> filesystem on a finer granularity (eg. per-file), but just getting
> rid of the explicit panics would be a good start.

Hum, is corruption appeared on a filesystem I'd rather disable it
completely, to avoid corrupting it more.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--