On Sun, Jul 24, 2005 at 10:34:37PM +0200, Hubert Feyrer wrote:
> On Fri, 22 Jul 2005, Bill Studenmund wrote:
> >Thoughts? I have a few, but I'd appreciate input.
> 
> I thought about removing USB sticks andy why one can ~safely pull them 
> after writing on Windows the other day, but I don't have the needed 
> kernel-know-how to describe an implementation. Anyways: right now it's 
> only safe to remove media (disk, stick ...) when the filesystem is 
> unmounted. On umount(2), all data is synced to disk first. So the "unsafe" 
> period is between mount and umount.
> 
> Now my idea is: why not make the "unsafe" period shorter, e.g. between 
> open and close, or maybe even before&after read/write/etc.?
> 
> I don't know if that makes sense and there are probably many details I 
> don't know, but that was the general idea...

Hubert,

We can also think of this as a type of usability problem: dirty buffers
are not "visible" to the operator.  One possible remedy is to add a device
node /dev/dbufs from which daemons can read the number of dirty buffers
on each removable storage device.  The daemons can render an unobtrusive
"dirty buffer meter" on the system console or in an X window, or else
they can light a keyboard LED.  It is "media safety" at a glance. [1]

Sometimes the operator is in a race with some process to remove the media
before more buffers are dirtied.  A useful adjunct to /dev/dbufs is a key
that you can press and hold to prevent buffer-dirtying on removable media
(remount read-only?) until you release the key (remount read-write?).

Sorry I have no idea how to implement /dev/dbuf.

Dave

[1] I believe Jef Raskin described this once.

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933