Mirror
/
mergerfs
mirror of https://github.com/trapexit/mergerfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
326 Commits
28 Branches
95 Tags
35 MiB
Tree: 6492fda483
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6492fda483'
${ noResults }
mergerfs/man/mergerfs.1

862 lines
28 KiB
Raw Normal View History

if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update readme with minfreespace and readonly details
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
update readme with minfreespace and readonly details
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update readme with minfreespace and readonly details
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update readme with minfreespace and readonly details
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update readme with minfreespace and readonly details
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update readme with minfreespace and readonly details
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
update precompiled man page
9 years ago
update man page
9 years ago
update precompiled man page
9 years ago
update man page
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
update / tweak readme
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
update / tweak readme
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update precompiled man page
9 years ago
update the precompiled man page
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add support section to readme and manpage
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
  1. .\"t
  2. .TH "mergerfs" "1" "2016\-02\-21" "mergerfs user manual" ""
  3. .SH NAME
  4. .PP
  5. mergerfs \- another (FUSE based) union filesystem
  6. .SH SYNOPSIS
  7. .PP
  8. mergerfs \-o<options> <srcmounts> <mountpoint>
  9. .SH DESCRIPTION
  10. .PP
  11. \f[B]mergerfs\f[] is a union filesystem geared towards simplifing
  12. storage and management of files across numerous commodity storage
  13. devices.
  14. It is similar to \f[B]mhddfs\f[], \f[B]unionfs\f[], and \f[B]aufs\f[].
  15. .SH FEATURES
  16. .IP \[bu] 2
  17. Runs in userspace (FUSE)
  18. .IP \[bu] 2
  19. Configurable behaviors
  20. .IP \[bu] 2
  21. Support for extended attributes (xattrs)
  22. .IP \[bu] 2
  23. Support for file attributes (chattr)
  24. .IP \[bu] 2
  25. Runtime configurable (via xattrs)
  26. .IP \[bu] 2
  27. Safe to run as root
  28. .IP \[bu] 2
  29. Opportunistic credential caching
  30. .IP \[bu] 2
  31. Works with heterogeneous filesystem types
  32. .IP \[bu] 2
  33. Handling of writes to full drives
  34. .IP \[bu] 2
  35. Handles pool of readonly and read/write drives
  36. .SH OPTIONS
  37. .SS options
  38. .IP \[bu] 2
  39. \f[B]defaults\f[]: a shortcut for FUSE\[aq]s \f[B]atomic_o_trunc\f[],
  40. \f[B]auto_cache\f[], \f[B]big_writes\f[], \f[B]default_permissions\f[],
  41. \f[B]splice_move\f[], \f[B]splice_read\f[], and \f[B]splice_write\f[].
  42. These options seem to provide the best performance.
  43. .IP \[bu] 2
  44. \f[B]direct_io\f[]: causes FUSE to bypass an addition caching step which
  45. can increase write speeds at the detriment of read speed.
  46. .IP \[bu] 2
  47. \f[B]minfreespace\f[]: the minimum space value used for creation
  48. policies.
  49. Understands \[aq]K\[aq], \[aq]M\[aq], and \[aq]G\[aq] to represent
  50. kilobyte, megabyte, and gigabyte respectively.
  51. (default: 4G)
  52. .IP \[bu] 2
  53. \f[B]moveonenospc\f[]: when enabled (set to \f[B]true\f[]) if a
  54. \f[B]write\f[] fails with \f[B]ENOSPC\f[] a scan of all drives will be
  55. done looking for the drive with most free space which is at least the
  56. size of the file plus the amount which failed to write.
  57. An attempt to move the file to that drive will occur (keeping all
  58. metadata possible) and if successful the original is unlinked and the
  59. write retried.
  60. (default: false)
  61. .IP \[bu] 2
  62. \f[B]func.<func>=<policy>\f[]: sets the specific FUSE function\[aq]s
  63. policy.
  64. See below for the list of value types.
  65. Example: \f[B]func.getattr=newest\f[]
  66. .IP \[bu] 2
  67. \f[B]category.<category>=<policy>\f[]: Sets policy of all FUSE functions
  68. in the provided category.
  69. Example: \f[B]category.create=mfs\f[]
  70. .PP
  71. \f[B]NOTE:\f[] Options are evaluated in the order listed so if the
  72. options are \f[B]func.rmdir=rand,category.action=ff\f[] the
  73. \f[B]action\f[] category setting will override the \f[B]rmdir\f[]
  74. setting.
  75. .SS srcmounts
  76. .PP
  77. The source mounts argument is a colon (\[aq]:\[aq]) delimited list of
  78. paths.
  79. To make it simpler to include multiple source mounts without having to
  80. modify your fstab (http://linux.die.net/man/5/fstab) we also support
  81. globbing (http://linux.die.net/man/7/glob).
  82. \f[B]The globbing tokens MUST be escaped when using via the shell else
  83. the shell itself will probably expand it.\f[]
  84. .IP
  85. .nf
  86. \f[C]
  87. $\ mergerfs\ /mnt/disk\\*:/mnt/cdrom\ /media/drives
  88. \f[]
  89. .fi
  90. .PP
  91. The above line will use all mount points in /mnt prefixed with
  92. \f[I]disk\f[] and the directory \f[I]cdrom\f[].
  93. .PP
  94. In /etc/fstab it\[aq]d look like the following:
  95. .IP
  96. .nf
  97. \f[C]
  98. #\ <file\ system>\ \ \ \ \ \ \ \ <mount\ point>\ \ <type>\ \ \ \ \ \ \ \ \ <options>\ \ \ \ \ \ \ \ \ \ \ \ \ <dump>\ \ <pass>
  99. /mnt/disk*:/mnt/cdrom\ \ /media/drives\ \ fuse.mergerfs\ \ defaults,allow_other\ \ 0\ \ \ \ \ \ \ 0
  100. \f[]
  101. .fi
  102. .PP
  103. \f[B]NOTE:\f[] the globbing is done at mount or xattr update time.
  104. If a new directory is added matching the glob after the fact it will not
  105. be included.
  106. .SH FUNCTIONS / POLICIES / CATEGORIES
  107. .PP
  108. The filesystem has a number of functions.
  109. Those functions are grouped into 3 categories: \f[B]action\f[],
  110. \f[B]create\f[], \f[B]search\f[].
  111. These functions and categories can be assigned a policy which dictates
  112. how \f[B]mergerfs\f[] behaves.
  113. Any policy can be assigned to a function or category though some are not
  114. very practical.
  115. For instance: \f[B]rand\f[] (Random) may be useful for file creation
  116. (create) but could lead to very odd behavior if used for \f[C]chmod\f[].
  117. .PP
  118. All policies when used to create will ignore drives which are mounted
  119. readonly.
  120. This allows for read/write and readonly drives to be mixed together.
  121. .SS Function / Category classifications
  122. .PP
  123. .TS
  124. tab(@);
  125. l l.
  126. T{
  127. Category
  128. T}@T{
  129. FUSE Functions
  130. T}
  131. _
  132. T{
  133. action
  134. T}@T{
  135. chmod, chown, link, removexattr, rename, rmdir, setxattr, truncate,
  136. unlink, utimens
  137. T}
  138. T{
  139. create
  140. T}@T{
  141. create, mkdir, mknod, symlink
  142. T}
  143. T{
  144. search
  145. T}@T{
  146. access, getattr, getxattr, ioctl, listxattr, open, readlink
  147. T}
  148. T{
  149. N/A
  150. T}@T{
  151. fallocate, fgetattr, fsync, ftruncate, ioctl, read, readdir, release,
  152. statfs, write
  153. T}
  154. .TE
  155. .PP
  156. Due to FUSE limitations \f[B]ioctl\f[] behaves differently if its acting
  157. on a directory.
  158. It\[aq]ll use the \f[B]getattr\f[] policy to find and open the directory
  159. before issuing the \f[B]ioctl\f[].
  160. In other cases where something may be searched (to confirm a directory
  161. exists across all source mounts) then \f[B]getattr\f[] will be used.
  162. .SS Policy descriptions
  163. .PP
  164. Most policies when called to create will filter out drives which are
  165. readonly or have less than \f[B]minfreespace\f[].
  166. .PP
  167. .TS
  168. tab(@);
  169. l l.
  170. T{
  171. Policy
  172. T}@T{
  173. Description
  174. T}
  175. _
  176. T{
  177. all
  178. T}@T{
  179. Search category: acts like \f[B]ff\f[].
  180. Action category: apply to all found.
  181. Create category: for \f[B]mkdir\f[], \f[B]mknod\f[], and
  182. \f[B]symlink\f[] perform on all read/write drives with
  183. \f[B]minfreespace\f[].
  184. \f[B]create\f[] filters the same way but acts like \f[B]ff\f[].
  185. T}
  186. T{
  187. eplfs (existing path, least free space)
  188. T}@T{
  189. If the path exists on multiple drives use the one with the least free
  190. space.
  191. Falls back to \f[B]lfs\f[].
  192. T}
  193. T{
  194. epmfs (existing path, most free space)
  195. T}@T{
  196. If the path exists on multiple drives use the one with the most free
  197. space.
  198. Falls back to \f[B]mfs\f[].
  199. T}
  200. T{
  201. erofs
  202. T}@T{
  203. Exclusively return \f[B]\-1\f[] with \f[B]errno\f[] set to
  204. \f[B]EROFS\f[].
  205. By setting \f[B]create\f[] functions to this you can in effect turn the
  206. filesystem readonly.
  207. T}
  208. T{
  209. ff (first found)
  210. T}@T{
  211. Given the order of the drives, as defined at mount time or when
  212. configured via xattr interface, act on the first one found.
  213. T}
  214. T{
  215. lfs (least free space)
  216. T}@T{
  217. Pick the drive with the least available free space but more than
  218. \f[B]minfreespace\f[].
  219. Falls back to \f[B]mfs\f[].
  220. T}
  221. T{
  222. mfs (most free space)
  223. T}@T{
  224. Use the drive with the most available free space.
  225. Falls back to \f[B]ff\f[].
  226. T}
  227. T{
  228. newest (newest file)
  229. T}@T{
  230. Pick the file / directory with the largest mtime.
  231. T}
  232. T{
  233. rand (random)
  234. T}@T{
  235. Calls \f[B]all\f[] and then randomizes.
  236. T}
  237. .TE
  238. .SS Defaults
  239. .PP
  240. .TS
  241. tab(@);
  242. l l.
  243. T{
  244. Category
  245. T}@T{
  246. Policy
  247. T}
  248. _
  249. T{
  250. action
  251. T}@T{
  252. all
  253. T}
  254. T{
  255. create
  256. T}@T{
  257. epmfs
  258. T}
  259. T{
  260. search
  261. T}@T{
  262. ff
  263. T}
  264. .TE
  265. .SS rename & link
  266. .PP
  267. rename (http://man7.org/linux/man-pages/man2/rename.2.html) is a tricky
  268. function in a merged system.
  269. Normally if a rename can\[aq]t be done atomically due to the source and
  270. destination paths existing on different mount points it will return
  271. \f[C]\-1\f[] with \f[C]errno\ =\ EXDEV\f[].
  272. The atomic rename is most critical for replacing files in place
  273. atomically (such as securing writing to a temp file and then replacing a
  274. target).
  275. The problem is that by merging multiple paths you can have N instances
  276. of the source and destinations on different drives.
  277. This can lead to several undesirable situtations with or without errors
  278. and it\[aq]s not entirely obvious what to do when an error occurs.
  279. .PP
  280. Originally mergerfs would return EXDEV whenever a rename was requested
  281. which was cross directory in any way.
  282. This made the code simple and was technically complient with POSIX
  283. requirements.
  284. However, many applications fail to handle EXDEV at all and treat it as a
  285. normal error or they only partially support EXDEV (don\[aq]t respond the
  286. same as \f[C]mv\f[] would).
  287. Such apps include: gvfsd\-fuse v1.20.3 and prior, Finder / CIFS/SMB
  288. client in Apple OSX 10.9+, NZBGet, Samba\[aq]s recycling bin feature.
  289. .IP \[bu] 2
  290. If using a \f[C]create\f[] policy which tries to preserve directory
  291. paths (epmfs,eplfs)
  292. .IP \[bu] 2
  293. Using the \f[C]rename\f[] policy get the list of files to rename
  294. .IP \[bu] 2
  295. For each file attempt rename:
  296. .RS 2
  297. .IP \[bu] 2
  298. If failure with ENOENT run \f[C]create\f[] policy
  299. .IP \[bu] 2
  300. If create policy returns the same drive as currently evaluating then
  301. clone the path
  302. .IP \[bu] 2
  303. Re\-attempt rename
  304. .RE
  305. .IP \[bu] 2
  306. If \f[B]any\f[] of the renames succeed the higher level rename is
  307. considered a success
  308. .IP \[bu] 2
  309. If \f[B]no\f[] renames succeed the first error encountered will be
  310. returned
  311. .IP \[bu] 2
  312. On success:
  313. .RS 2
  314. .IP \[bu] 2
  315. Remove the target from all drives with no source file
  316. .IP \[bu] 2
  317. Remove the source from all drives which failed to rename
  318. .RE
  319. .IP \[bu] 2
  320. If using a \f[C]create\f[] policy which does \f[B]not\f[] try to
  321. preserve directory paths
  322. .IP \[bu] 2
  323. Using the \f[C]rename\f[] policy get the list of files to rename
  324. .IP \[bu] 2
  325. Using the \f[C]getattr\f[] policy get the target path
  326. .IP \[bu] 2
  327. For each file attempt rename:
  328. .RS 2
  329. .IP \[bu] 2
  330. If the source drive != target drive:
  331. .IP \[bu] 2
  332. Clone target path from target drive to source drive
  333. .IP \[bu] 2
  334. Rename
  335. .RE
  336. .IP \[bu] 2
  337. If \f[B]any\f[] of the renames succeed the higher level rename is
  338. considered a success
  339. .IP \[bu] 2
  340. If \f[B]no\f[] renames succeed the first error encountered will be
  341. returned
  342. .IP \[bu] 2
  343. On success:
  344. .RS 2
  345. .IP \[bu] 2
  346. Remove the target from all drives with no source file
  347. .IP \[bu] 2
  348. Remove the source from all drives which failed to rename
  349. .RE
  350. .PP
  351. The the removals are subject to normal entitlement checks.
  352. .PP
  353. The above behavior will help minimize the likelihood of EXDEV being
  354. returned but it will still be possible.
  355. To remove the possibility all together mergerfs would need to perform
  356. the as \f[C]mv\f[] does when it receives EXDEV normally.
  357. .PP
  358. \f[C]link\f[] uses the same basic strategy.
  359. .SS readdir
  360. .PP
  361. readdir (http://linux.die.net/man/3/readdir) is different from all other
  362. filesystem functions.
  363. It certainly could have it\[aq]s own set of policies to tweak its
  364. behavior.
  365. At this time it provides a simple \f[B]first found\f[] merging of
  366. directories and files found.
  367. That is: only the first file or directory found for a directory is
  368. returned.
  369. Given how FUSE works though the data representing the returned entry
  370. comes from \f[B]getattr\f[].
  371. .PP
  372. It could be extended to offer the ability to see all files found.
  373. Perhaps concatenating \f[B]#\f[] and a number to the name.
  374. But to really be useful you\[aq]d need to be able to access them which
  375. would complicate file lookup.
  376. .SS statvfs
  377. .PP
  378. statvfs (http://linux.die.net/man/2/statvfs) normalizes the source
  379. drives based on the fragment size and sums the number of adjusted blocks
  380. and inodes.
  381. This means you will see the combined space of all sources.
  382. Total, used, and free.
  383. The sources however are dedupped based on the drive so multiple sources
  384. on the same drive will not result in double counting it\[aq]s space.
  385. .SH BUILDING
  386. .PP
  387. \f[B]NOTE:\f[] Prebuilt packages can be found at:
  388. https://github.com/trapexit/mergerfs/releases
  389. .PP
  390. First get the code from github (http://github.com/trapexit/mergerfs).
  391. .IP
  392. .nf
  393. \f[C]
  394. $\ git\ clone\ https://github.com/trapexit/mergerfs.git
  395. $\ #\ or
  396. $\ wget\ https://github.com/trapexit/mergerfs/archive/master.zip
  397. \f[]
  398. .fi
  399. .SS Debian / Ubuntu
  400. .IP
  401. .nf
  402. \f[C]
  403. $\ sudo\ apt\-get\ install\ g++\ pkg\-config\ git\ git\-buildpackage\ pandoc\ debhelper\ libfuse\-dev\ libattr1\-dev\ python
  404. $\ cd\ mergerfs
  405. $\ make\ deb
  406. $\ sudo\ dpkg\ \-i\ ../mergerfs_version_arch.deb
  407. \f[]
  408. .fi
  409. .SS Fedora
  410. .IP
  411. .nf
  412. \f[C]
  413. $\ su\ \-
  414. #\ dnf\ install\ rpm\-build\ fuse\-devel\ libattr\-devel\ pandoc\ gcc\-c++\ git\ make\ which\ python
  415. #\ cd\ mergerfs
  416. #\ make\ rpm
  417. #\ rpm\ \-i\ rpmbuild/RPMS/<arch>/mergerfs\-<verion>.<arch>.rpm
  418. \f[]
  419. .fi
  420. .SS Generically
  421. .PP
  422. Have git, python, pkg\-config, pandoc, libfuse, libattr1 installed.
  423. .IP
  424. .nf
  425. \f[C]
  426. $\ cd\ mergerfs
  427. $\ make
  428. $\ make\ man
  429. $\ sudo\ make\ install
  430. \f[]
  431. .fi
  432. .SH RUNTIME
  433. .SS \&.mergerfs pseudo file
  434. .IP
  435. .nf
  436. \f[C]
  437. <mountpoint>/.mergerfs
  438. \f[]
  439. .fi
  440. .PP
  441. There is a pseudo file available at the mount point which allows for the
  442. runtime modification of certain \f[B]mergerfs\f[] options.
  443. The file will not show up in \f[B]readdir\f[] but can be
  444. \f[B]stat\f[]\[aq]ed and manipulated via
  445. {list,get,set}xattrs (http://linux.die.net/man/2/listxattr) calls.
  446. .PP
  447. Even if xattrs are disabled the
  448. {list,get,set}xattrs (http://linux.die.net/man/2/listxattr) calls will
  449. still work.
  450. .SS Keys
  451. .PP
  452. Use \f[C]xattr\ \-l\ /mount/point/.mergerfs\f[] to see all supported
  453. keys.
  454. .SS user.mergerfs.srcmounts
  455. .PP
  456. For \f[B]user.mergerfs.srcmounts\f[] there are several instructions
  457. available for manipulating the list.
  458. The value provided is just as the value used at mount time.
  459. A colon (\[aq]:\[aq]) delimited list of full path globs.
  460. .PP
  461. .TS
  462. tab(@);
  463. l l.
  464. T{
  465. Instruction
  466. T}@T{
  467. Description
  468. T}
  469. _
  470. T{
  471. [list]
  472. T}@T{
  473. set
  474. T}
  475. T{
  476. +<[list]
  477. T}@T{
  478. prepend
  479. T}
  480. T{
  481. +>[list]
  482. T}@T{
  483. append
  484. T}
  485. T{
  486. \-[list]
  487. T}@T{
  488. remove all values provided
  489. T}
  490. T{
  491. \-<
  492. T}@T{
  493. remove first in list
  494. T}
  495. T{
  496. \->
  497. T}@T{
  498. remove last in list
  499. T}
  500. .TE
  501. .SS minfreespace
  502. .PP
  503. Input: interger with an optional multiplier suffix.
  504. \f[B]K\f[], \f[B]M\f[], or \f[B]G\f[].
  505. .PP
  506. Output: value in bytes
  507. .SS moveonenospc
  508. .PP
  509. Input: \f[B]true\f[] and \f[B]false\f[]
  510. .PP
  511. Ouput: \f[B]true\f[] or \f[B]false\f[]
  512. .SS categories / funcs
  513. .PP
  514. Input: short policy string as described elsewhere in this document
  515. .PP
  516. Output: the policy string except for categories where its funcs have
  517. multiple types.
  518. In that case it will be a comma separated list
  519. .SS Example
  520. .IP
  521. .nf
  522. \f[C]
  523. [trapexit:/tmp/mount]\ $\ xattr\ \-l\ .mergerfs
  524. user.mergerfs.srcmounts:\ /tmp/a:/tmp/b
  525. user.mergerfs.minfreespace:\ 4294967295
  526. user.mergerfs.moveonenospc:\ false
  527. \&...
  529. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.category.search\ .mergerfs
  530. ff
  532. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.category.search\ newest\ .mergerfs
  533. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.category.search\ .mergerfs
  534. newest
  536. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.srcmounts\ +/tmp/c\ .mergerfs
  537. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.srcmounts\ .mergerfs
  538. /tmp/a:/tmp/b:/tmp/c
  540. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.srcmounts\ =/tmp/c\ .mergerfs
  541. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.srcmounts\ .mergerfs
  542. /tmp/c
  544. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.srcmounts\ \[aq]+</tmp/a:/tmp/b\[aq]\ .mergerfs
  545. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.srcmounts\ .mergerfs
  546. /tmp/a:/tmp/b:/tmp/c
  547. \f[]
  548. .fi
  549. .SS mergerfs file xattrs
  550. .PP
  551. While they won\[aq]t show up when using
  552. listxattr (http://linux.die.net/man/2/listxattr) \f[B]mergerfs\f[]
  553. offers a number of special xattrs to query information about the files
  554. served.
  555. To access the values you will need to issue a
  556. getxattr (http://linux.die.net/man/2/getxattr) for one of the following:
  557. .IP \[bu] 2
  558. \f[B]user.mergerfs.basepath:\f[] the base mount point for the file given
  559. the current getattr policy
  560. .IP \[bu] 2
  561. \f[B]user.mergerfs.relpath:\f[] the relative path of the file from the
  562. perspective of the mount point
  563. .IP \[bu] 2
  564. \f[B]user.mergerfs.fullpath:\f[] the full path of the original file
  565. given the getattr policy
  566. .IP \[bu] 2
  567. \f[B]user.mergerfs.allpaths:\f[] a NUL (\[aq]\[aq]) separated list of
  568. full paths to all files found
  569. .IP
  570. .nf
  571. \f[C]
  572. [trapexit:/tmp/mount]\ $\ ls
  573. A\ B\ C
  574. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.fullpath\ A
  575. /mnt/a/full/path/to/A
  576. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.basepath\ A
  577. /mnt/a
  578. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.relpath\ A
  579. /full/path/to/A
  580. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.allpaths\ A\ |\ tr\ \[aq]\\0\[aq]\ \[aq]\\n\[aq]
  581. /mnt/a/full/path/to/A
  582. /mnt/b/full/path/to/A
  583. \f[]
  584. .fi
  585. .SH TOOLING
  586. .PP
  587. Find tooling to help with managing \f[C]mergerfs\f[] at:
  588. https://github.com/trapexit/mergerfs\-tools
  589. .IP \[bu] 2
  590. mergerfs.fsck: Provides permissions and ownership auditing and the
  591. ability to fix them
  592. .IP \[bu] 2
  593. mergerfs.mktrash: Creates FreeDesktop.org Trash specification compatible
  594. directories on a mergerfs mount
  595. .SH TIPS / NOTES
  596. .IP \[bu] 2
  597. Detailed guides to setting up a backup solution using mergerfs and other
  598. technologies: https://github.com/trapexit/backup\-and\-recovery\-howtos
  599. .IP \[bu] 2
  600. If you don\[aq]t see some directories / files you expect in a merged
  601. point be sure the user has permission to all the underlying directories.
  602. If \f[C]/drive0/a\f[] has is owned by \f[C]root:root\f[] with ACLs set
  603. to \f[C]0700\f[] and \f[C]/drive1/a\f[] is \f[C]root:root\f[] and
  604. \f[C]0755\f[] you\[aq]ll see only \f[C]/drive1/a\f[].
  605. Use \f[C]mergerfs.fsck\f[] to audit the drive for out of sync
  606. permissions.
  607. .IP \[bu] 2
  608. Since POSIX gives you only error or success on calls its difficult to
  609. determine the proper behavior when applying the behavior to multiple
  610. targets.
  611. \f[B]mergerfs\f[] will return an error only if all attempts of an action
  612. fail.
  613. Any success will lead to a success returned.
  614. .IP \[bu] 2
  615. The recommended options are \f[B]defaults,allow_other\f[].
  616. The \f[B]allow_other\f[] is to allow users who are not the one which
  617. executed mergerfs access to the mountpoint.
  618. \f[B]defaults\f[] is described above and should offer the best
  619. performance.
  620. It\[aq]s possible that if you\[aq]re running on an older platform the
  621. \f[B]splice\f[] features aren\[aq]t available and could error.
  622. In that case simply use the other options manually.
  623. .IP \[bu] 2
  624. If write performance is valued more than read it may be useful to enable
  625. \f[B]direct_io\f[].
  626. Best to benchmark with and without and choose appropriately.
  627. .IP \[bu] 2
  628. Remember: some policies mixed with some functions may result in strange
  629. behaviors.
  630. Not that some of these behaviors and race conditions couldn\[aq]t happen
  631. outside \f[B]mergerfs\f[] but that they are far more likely to occur on
  632. account of attempt to merge together multiple sources of data which
  633. could be out of sync due to the different policies.
  634. .IP \[bu] 2
  635. An example: Kodi (http://kodi.tv) and Plex (http://plex.tv) can use
  636. directory mtime (http://linux.die.net/man/2/stat) to more efficiently
  637. determine whether to scan for new content rather than simply performing
  638. a full scan.
  639. If using the current default \f[B]getattr\f[] policy of \f[B]ff\f[] its
  640. possible \f[B]Kodi\f[] will miss an update on account of it returning
  641. the first directory found\[aq]s \f[B]stat\f[] info and its a later
  642. directory on another mount which had the \f[B]mtime\f[] recently
  643. updated.
  644. To fix this you will want to set \f[B]func.getattr=newest\f[].
  645. Remember though that this is just \f[B]stat\f[].
  646. If the file is later \f[B]open\f[]\[aq]ed or \f[B]unlink\f[]\[aq]ed and
  647. the policy is different for those then a completely different file or
  648. directory could be acted on.
  649. .IP \[bu] 2
  650. Due to previously mentioned issues its generally best to set
  651. \f[B]category\f[] wide policies rather than individual
  652. \f[B]func\f[]\[aq]s.
  653. This will help limit the confusion of tools such as
  654. rsync (http://linux.die.net/man/1/rsync).
  655. .SH KNOWN ISSUES / BUGS
  656. .SS Trashing files occasionally fails
  657. .PP
  658. This is the same issue as with Samba.
  659. \f[C]rename\f[] returns \f[C]EXDEV\f[] (in our case that will really
  660. only happen with path preserving policies like \f[C]epmfs\f[]) and the
  661. software doesn\[aq]t handle the situtation well.
  662. This is unfortunately a common failure of software which moves files
  663. around.
  664. The standard indicates that an implementation \f[C]MAY\f[] choose to
  665. support non\-user home directory trashing of files (which is a
  666. \f[C]MUST\f[]).
  667. The implementation \f[C]MAY\f[] also support "top directory trashes"
  668. which many probably do.
  669. .PP
  670. To create a \f[C]$topdir/.Trash\f[] directory as defined in the standard
  671. use the mergerfs\-tools (https://github.com/trapexit/mergerfs-tools)
  672. tool \f[C]mergerfs.mktrash\f[].
  673. .SS Samba: Moving files / directories fails
  674. .PP
  675. Workaround: Copy the file/directory and then remove the original rather
  676. than move.
  677. .PP
  678. This isn\[aq]t an issue with Samba but some SMB clients.
  679. GVFS\-fuse v1.20.3 and prior (found in Ubuntu 14.04 among others) failed
  680. to handle certain error codes correctly.
  681. Particularly \f[B]STATUS_NOT_SAME_DEVICE\f[] which comes from the
  682. \f[B]EXDEV\f[] which is returned by \f[B]rename\f[] when the call is
  683. crossing mount points.
  684. When a program gets an \f[B]EXDEV\f[] it needs to explicitly take an
  685. alternate action to accomplish it\[aq]s goal.
  686. In the case of \f[B]mv\f[] or similar it tries \f[B]rename\f[] and on
  687. \f[B]EXDEV\f[] falls back to a manual copying of data between the two
  688. locations and unlinking the source.
  689. In these older versions of GVFS\-fuse if it received \f[B]EXDEV\f[] it
  690. would translate that into \f[B]EIO\f[].
  691. This would cause \f[B]mv\f[] or most any application attempting to move
  692. files around on that SMB share to fail with a IO error.
  693. .PP
  694. GVFS\-fuse v1.22.0 (https://bugzilla.gnome.org/show_bug.cgi?id=734568)
  695. and above fixed this issue but a large number of systems use the older
  696. release.
  697. On Ubuntu the version can be checked by issuing
  698. \f[C]apt\-cache\ showpkg\ gvfs\-fuse\f[].
  699. Most distros released in 2015 seem to have the updated release and will
  700. work fine but older systems may not.
  701. Upgrading gvfs\-fuse or the distro in general will address the problem.
  702. .PP
  703. In Apple\[aq]s MacOSX 10.9 they replaced Samba (client and server) with
  704. their own product.
  705. It appears their new client does not handle \f[B]EXDEV\f[] either and
  706. responds similar to older release of gvfs on Linux.
  707. .SS Supplemental user groups
  708. .PP
  709. Due to the overhead of
  710. getgroups/setgroups (http://linux.die.net/man/2/setgroups) mergerfs
  711. utilizes a cache.
  712. This cache is opportunistic and per thread.
  713. Each thread will query the supplemental groups for a user when that
  714. particular thread needs to change credentials and will keep that data
  715. for the lifetime of the thread.
  716. This means that if a user is added to a group it may not be picked up
  717. without the restart of mergerfs.
  718. However, since the high level FUSE API\[aq]s (at least the standard
  719. version) thread pool dynamically grows and shrinks it\[aq]s possible
  720. that over time a thread will be killed and later a new thread with no
  721. cache will start and query the new data.
  722. .PP
  723. The gid cache uses fixed storage to simplify the design and be
  724. compatible with older systems which may not have C++11 compilers.
  725. There is enough storage for 256 users\[aq] supplemental groups.
  726. Each user is allowed upto 32 supplemental groups.
  727. Linux >= 2.6.3 allows upto 65535 groups per user but most other *nixs
  728. allow far less.
  729. NFS allowing only 16.
  730. The system does handle overflow gracefully.
  731. If the user has more than 32 supplemental groups only the first 32 will
  732. be used.
  733. If more than 256 users are using the system when an uncached user is
  734. found it will evict an existing user\[aq]s cache at random.
  735. So long as there aren\[aq]t more than 256 active users this should be
  736. fine.
  737. If either value is too low for your needs you will have to modify
  738. \f[C]gidcache.hpp\f[] to increase the values.
  739. Note that doing so will increase the memory needed by each thread.
  740. .SS mergerfs or libfuse crashing
  741. .PP
  742. If suddenly the mergerfs mount point disappears and
  743. \f[C]Transport\ endpoint\ is\ not\ connected\f[] is returned when
  744. attempting to perform actions within the mount directory \f[B]and\f[]
  745. the version of libfuse (use \f[C]mergerfs\ \-v\f[] to find the version)
  746. is older than \f[C]2.9.4\f[] its likely due to a bug in libfuse.
  747. Affected versions of libfuse can be found in Debian Wheezy, Ubuntu
  748. Precise and others.
  749. .PP
  750. In order to fix this please install newer versions of libfuse.
  751. If using a Debian based distro (Debian,Ubuntu,Mint) you can likely just
  752. install newer versions of
  753. libfuse (https://packages.debian.org/unstable/libfuse2) and
  754. fuse (https://packages.debian.org/unstable/fuse) from the repo of a
  755. newer release.
  756. .SH FAQ
  757. .SS Why use mergerfs over mhddfs?
  758. .PP
  759. mhddfs is no longer maintained and has some known stability and security
  760. issues (see below).
  761. .SS Why use mergerfs over aufs?
  762. .PP
  763. While aufs can offer better peak performance mergerfs offers more
  764. configurability and is generally easier to use.
  765. mergerfs however doesn\[aq]t offer the overlay features which tends to
  766. result in whiteout files being left around the underlying filesystems.
  767. .SS Why use mergerfs over LVM/ZFS/BTRFS/RAID0 drive concatenation /
  768. striping?
  769. .PP
  770. A single drive failure will lead to full pool failure without additional
  771. redundancy.
  772. mergerfs performs a similar behavior without the catastrophic failure
  773. and lack of recovery.
  774. Drives can fail and all other data will continue to be accessable.
  775. .SS It\[aq]s mentioned that there are some security issues with mhddfs.
  776. What are they? How does mergerfs address them?
  777. .PP
  778. mhddfs (https://github.com/trapexit/mhddfs) tries to handle being run as
  779. \f[B]root\f[] by calling
  780. getuid() (https://github.com/trapexit/mhddfs/blob/cae96e6251dd91e2bdc24800b4a18a74044f6672/src/main.c#L319)
  781. and if it returns \f[B]0\f[] then it will
  782. chown (http://linux.die.net/man/1/chown) the file.
  783. Not only is that a race condition but it doesn\[aq]t handle many other
  784. situations.
  785. Rather than attempting to simulate POSIX ACL behaviors the proper
  786. behavior is to use seteuid (http://linux.die.net/man/2/seteuid) and
  787. setegid (http://linux.die.net/man/2/setegid), become the user making the
  788. original call and perform the action as them.
  789. This is how mergerfs (https://github.com/trapexit/mergerfs) handles
  790. things.
  791. .PP
  792. If you are familiar with POSIX standards you\[aq]ll know that this
  793. behavior poses a problem.
  794. \f[B]seteuid\f[] and \f[B]setegid\f[] affect the whole process and
  795. \f[B]libfuse\f[] is multithreaded by default.
  796. We\[aq]d need to lock access to \f[B]seteuid\f[] and \f[B]setegid\f[]
  797. with a mutex so that the several threads aren\[aq]t stepping on one
  798. anofther and files end up with weird permissions and ownership.
  799. This however wouldn\[aq]t scale well.
  800. With lots of calls the contention on that mutex would be extremely high.
  801. Thankfully on Linux and OSX we have a better solution.
  802. .PP
  803. OSX has a non\-portable pthread
  804. extension (https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man2/pthread_setugid_np.2.html)
  805. for per\-thread user and group impersonation.
  806. .PP
  807. Linux does not support
  808. pthread_setugid_np (https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man2/pthread_setugid_np.2.html)
  809. but user and group IDs are a per\-thread attribute though documentation
  810. on that fact or how to manipulate them is not well distributed.
  811. From the \f[B]4.00\f[] release of the Linux man\-pages project for
  812. setuid (http://man7.org/linux/man-pages/man2/setuid.2.html).
  813. .RS
  814. .PP
  815. At the kernel level, user IDs and group IDs are a per\-thread attribute.
  816. However, POSIX requires that all threads in a process share the same
  817. credentials.
  818. The NPTL threading implementation handles the POSIX requirements by
  819. providing wrapper functions for the various system calls that change
  820. process UIDs and GIDs.
  821. These wrapper functions (including the one for setuid()) employ a
  822. signal\-based technique to ensure that when one thread changes
  823. credentials, all of the other threads in the process also change their
  824. credentials.
  825. For details, see nptl(7).
  826. .RE
  827. .PP
  828. Turns out the setreuid syscalls apply only to the thread.
  829. GLIBC hides this away using RT signals to inform all threads to change
  830. credentials.
  831. Taking after \f[B]Samba\f[] mergerfs uses
  832. \f[B]syscall(SYS_setreuid,...)\f[] to set the callers credentials for
  833. that thread only.
  834. Jumping back to \f[B]root\f[] as necessary should escalated privileges
  835. be needed (for instance: to clone paths).
  836. .PP
  837. For non\-Linux systems mergerfs uses a read\-write lock and changes
  838. credentials only when necessary.
  839. If multiple threads are to be user X then only the first one will need
  840. to change the processes credentials.
  841. So long as the other threads need to be user X they will take a readlock
  842. allow multiple threads to share the credentials.
  843. Once a request comes in to run as user Y that thread will attempt a
  844. write lock and change to Y\[aq]s credentials when it can.
  845. If the ability to give writers priority is supported then that flag will
  846. be used so threads trying to change credentials don\[aq]t starve.
  847. This isn\[aq]t the best solution but should work reasonably well.
  848. As new platforms are supported if they offer per thread credentials
  849. those APIs will be adopted.
  850. .SH SUPPORT
  851. .SS Issues with the software
  852. .IP \[bu] 2
  853. github.com: https://github.com/trapexit/mergerfs/issues
  854. .IP \[bu] 2
  855. email: trapexit\@spawn.link
  856. .SS Support development
  857. .IP \[bu] 2
  858. Gratipay: https://gratipay.com/~trapexit
  859. .IP \[bu] 2
  860. BitCoin: 12CdMhEPQVmjz3SSynkAEuD5q9JmhTDCZA
  861. .SH AUTHORS
  862. Antonio SJ Musumeci <trapexit@spawn.link>.