clacour
n00b
Joined: 19 Apr 2002
Posts: 59
Location: Dallas, Tx USA
|
 Posted: Thu Jul 11, 2002 8:31 pm Post subject: Overlay filesystem |
 |
|
Does anyone know of a filesystem/program that would have the following characteristics?
* Would be transparent to any program using it.
* Protects the filesystem underneath, so that changes are "virtual" and only affect the program(s) using it. An option to commit the changes if the underlying FS is writeable would be a very nice benny.
I've thought of two uses for this thing:
It would a fantastic help for bootable CDs. No worrying about whether a particular directory is writable or not -- just put everything on the CD, and mount the overlay fs on top of it. (Or start up everything as a child of it, if it was implemented as a program that was started, rather than a filesystem that was mounted.)
It might make a better alternative to the sandbox. (By the way, if anyone knows where I can find a detailed, comprehensive explanation of how the sandbox works, I'd appreciate it.)
One of the most frequent problems I've seen on the mailing lists is packages trying to put things outside the sandbox. If we could make the entire system a "sandbox", one that was completely transparent, it would make life a lot simpler. (The ability to commit changes would be a necessity for this application.)
A slightly different program would make a nice substitute for chroot. The idea would be that only the directory you're chrooted into would be writable, but things like /bin, /usr/bin, etc would still be visible, so you wouldn't have to copy them into the chroot partition to use them. Ideally, you'd be able to specify which directories would be visible, so that you could protect sensitive data.
I saw some very old stuff (1996, 1997ish) called "overlay" filesystems which seemed to be something like this. Does anyone know of one that's maintained and does most of what I describe?
Thanks,
CHL |
|
Off the Wall
