coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Atomic update of destination in cp and install


From: Markus Kuhn
Subject: Atomic update of destination in cp and install
Date: Sun, 23 Mar 2014 10:47:23 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0

It appears the coreutils "install" tool makes no effort to update
the destination file atomically. In other words, "install" is
currently not a safe tool to update an existing file if the
destination might be in use concurrently.

A destination file D can be updated atomically by

  1) first writing the new content of the destination file
     into a temporary file T (e.g. created with mkostemp()),
     located in the same directory as D, then

  2) rename T into D (which atomically replaces D on most
     Unix-style file systems)

This way, concurrent users of D will only be able to open
complete versions of either the old or the new D, but never
see any intermediate state, such as a missing D or a half
written one. Likewise, if the operation fails, the old D
will remain intact.

The "install" command on Mac OSX 10.9 has an option -S to
make the overwriting of the destination atomic.

It would be nice if the GNU variants of "cp", "install"
and "mv" (the latter also has to copy if the destination
is on a different device) would also offer the ability to
update destination files atomically.

I'm not even sure why this should just be an option:
can you think of a good reason why such atomic
updates should not be the default behaviour?

Surely the increased robustness far outweighs the cost of
an additional rename.

Markus

--
Markus Kuhn, Computer Laboratory, University of Cambridge
http://www.cl.cam.ac.uk/~mgk25/ || CB3 0FD, Great Britain



reply via email to

[Prev in Thread] Current Thread [Next in Thread]