Mirror
/
mergerfs
mirror of https://github.com/trapexit/mergerfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
450 Commits
28 Branches
95 Tags
35 MiB
Tree: 67b48fcb3a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '67b48fcb3a'
${ noResults }
mergerfs/man/mergerfs.1

1073 lines
38 KiB
Raw Normal View History

if pandoc doesn't exist copy premade version
9 years ago
support setting of inodes (using use_ino option) creates a 64bit inode value from the underlying device value + original inode final_ino = orig_ino | (dev << 32) not perfect but given few filesystems use 64bit inodes nor is st_dev more than 16bit usually it should be fine
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add epall and eprand policies
8 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
add epall and eprand policies
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add EDQUOT to errors which trigger moveonenospc
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
support setting of inodes (using use_ino option) creates a 64bit inode value from the underlying device value + original inode final_ino = orig_ino | (dev << 32) not perfect but given few filesystems use 64bit inodes nor is st_dev more than 16bit usually it should be fine
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update readme with minfreespace and readonly details
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update readme with minfreespace and readonly details
9 years ago
update man page
8 years ago
update readme with minfreespace and readonly details
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add epall and eprand policies
8 years ago
add existing path first found policy. closes #289
8 years ago
update manpage
8 years ago
add existing path first found policy. closes #289
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update readme with minfreespace and readonly details
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
recreate manpage
8 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update readme with minfreespace and readonly details
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add epall and eprand policies
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update readme with minfreespace and readonly details
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add existing path first found policy. closes #289
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
update man page
8 years ago
add existing path first found policy. closes #289
8 years ago
update man page
9 years ago
update man page
8 years ago
update man page
9 years ago
update man page
8 years ago
update man page
9 years ago
update man page
8 years ago
update precompiled man page
9 years ago
update man page
9 years ago
update man page
8 years ago
update man page
9 years ago
update man page
8 years ago
update man page
9 years ago
update man page
8 years ago
update the precompiled man page
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
update / tweak readme
9 years ago
add minfreespace checks to policy ff's create and remove fwfs fwfs is now covered by ff with the minfreespace and readonly checks
9 years ago
update / tweak readme
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add mergerfs.ctl and scorch to tooling section
8 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add mergerfs.ctl and scorch to tooling section
8 years ago
update precompiled man page
9 years ago
update the precompiled man page
9 years ago
update / tweak readme
9 years ago
update man page
8 years ago
update / tweak readme
9 years ago
add mergerfs.ctl and scorch to tooling section
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
note that mergerfs should be run as root
8 years ago
update man page
8 years ago
update precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update the precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update man page
8 years ago
update man page
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
update manpage
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
add some more explination to the FAQ
8 years ago
update / tweak readme
9 years ago
add some more explination to the FAQ
8 years ago
update / tweak readme
9 years ago
add some more explination to the FAQ
8 years ago
update / tweak readme
9 years ago
add some more explination to the FAQ
8 years ago
update / tweak readme
9 years ago
add some more explination to the FAQ
8 years ago
update man page
8 years ago
add existing path first found policy. closes #289
8 years ago
support setting of inodes (using use_ino option) creates a 64bit inode value from the underlying device value + original inode final_ino = orig_ino | (dev << 32) not perfect but given few filesystems use 64bit inodes nor is st_dev more than 16bit usually it should be fine
8 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update precompiled man page
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
update / tweak readme
9 years ago
if pandoc doesn't exist copy premade version
9 years ago
add support section to readme and manpage
9 years ago
update man page
8 years ago
add mergerfs.ctl and scorch to tooling section
8 years ago
update man page
8 years ago
if pandoc doesn't exist copy premade version
9 years ago
  1. .\"t
  2. .TH "mergerfs" "1" "2016\-12\-14" "mergerfs user manual" ""
  3. .SH NAME
  4. .PP
  5. mergerfs \- another (FUSE based) union filesystem
  6. .SH SYNOPSIS
  7. .PP
  8. mergerfs \-o<options> <srcmounts> <mountpoint>
  9. .SH DESCRIPTION
  10. .PP
  11. \f[B]mergerfs\f[] is a union filesystem geared towards simplifying
  12. storage and management of files across numerous commodity storage
  13. devices.
  14. It is similar to \f[B]mhddfs\f[], \f[B]unionfs\f[], and \f[B]aufs\f[].
  15. .SH FEATURES
  16. .IP \[bu] 2
  17. Runs in userspace (FUSE)
  18. .IP \[bu] 2
  19. Configurable behaviors
  20. .IP \[bu] 2
  21. Support for extended attributes (xattrs)
  22. .IP \[bu] 2
  23. Support for file attributes (chattr)
  24. .IP \[bu] 2
  25. Runtime configurable (via xattrs)
  26. .IP \[bu] 2
  27. Safe to run as root
  28. .IP \[bu] 2
  29. Opportunistic credential caching
  30. .IP \[bu] 2
  31. Works with heterogeneous filesystem types
  32. .IP \[bu] 2
  33. Handling of writes to full drives (transparently move file to drive with
  34. capacity)
  35. .IP \[bu] 2
  36. Handles pool of readonly and read/write drives
  37. .SH OPTIONS
  38. .SS options
  39. .IP \[bu] 2
  40. \f[B]defaults\f[]: a shortcut for FUSE\[aq]s \f[B]atomic_o_trunc\f[],
  41. \f[B]auto_cache\f[], \f[B]big_writes\f[], \f[B]default_permissions\f[],
  42. \f[B]splice_move\f[], \f[B]splice_read\f[], and \f[B]splice_write\f[].
  43. These options seem to provide the best performance.
  44. .IP \[bu] 2
  45. \f[B]direct_io\f[]: causes FUSE to bypass an addition caching step which
  46. can increase write speeds at the detriment of read speed.
  47. .IP \[bu] 2
  48. \f[B]minfreespace\f[]: the minimum space value used for creation
  49. policies.
  50. Understands \[aq]K\[aq], \[aq]M\[aq], and \[aq]G\[aq] to represent
  51. kilobyte, megabyte, and gigabyte respectively.
  52. (default: 4G)
  53. .IP \[bu] 2
  54. \f[B]moveonenospc\f[]: when enabled (set to \f[B]true\f[]) if a
  55. \f[B]write\f[] fails with \f[B]ENOSPC\f[] or \f[B]EDQUOT\f[] a scan of
  56. all drives will be done looking for the drive with most free space which
  57. is at least the size of the file plus the amount which failed to write.
  58. An attempt to move the file to that drive will occur (keeping all
  59. metadata possible) and if successful the original is unlinked and the
  60. write retried.
  61. (default: false)
  62. .IP \[bu] 2
  63. \f[B]func.<func>=<policy>\f[]: sets the specific FUSE function\[aq]s
  64. policy.
  65. See below for the list of value types.
  66. Example: \f[B]func.getattr=newest\f[]
  67. .IP \[bu] 2
  68. \f[B]category.<category>=<policy>\f[]: Sets policy of all FUSE functions
  69. in the provided category.
  70. Example: \f[B]category.create=mfs\f[]
  71. .IP \[bu] 2
  72. \f[B]fsname\f[]: sets the name of the filesystem as seen in
  73. \f[B]mount\f[], \f[B]df\f[], etc.
  74. Defaults to a list of the source paths concatenated together with the
  75. longest common prefix removed.
  76. .IP \[bu] 2
  77. \f[B]use_ino\f[]: causes mergerfs to supply file/directory inodes rather
  78. than libfuse.
  79. While not a default it is generally recommended it be enabled so that
  80. hard linked files share the same inode value.
  81. .PP
  82. \f[B]NOTE:\f[] Options are evaluated in the order listed so if the
  83. options are \f[B]func.rmdir=rand,category.action=ff\f[] the
  84. \f[B]action\f[] category setting will override the \f[B]rmdir\f[]
  85. setting.
  86. .SS srcmounts
  87. .PP
  88. The srcmounts (source mounts) argument is a colon (\[aq]:\[aq])
  89. delimited list of paths to be included in the pool.
  90. It does not matter if the paths are on the same or different drives nor
  91. does it matter the filesystem.
  92. Used and available space will not be duplicated for paths on the same
  93. device and any features which aren\[aq]t supported by the underlying
  94. filesystem (such as file attributes or extended attributes) will return
  95. the appropriate errors.
  96. .PP
  97. To make it easier to include multiple source mounts mergerfs supports
  98. globbing (http://linux.die.net/man/7/glob).
  99. \f[B]The globbing tokens MUST be escaped when using via the shell else
  100. the shell itself will expand it.\f[]
  101. .IP
  102. .nf
  103. \f[C]
  104. $\ mergerfs\ \-o\ defaults,allow_other\ /mnt/disk\\*:/mnt/cdrom\ /media/drives
  105. \f[]
  106. .fi
  107. .PP
  108. The above line will use all mount points in /mnt prefixed with
  109. \f[B]disk\f[] and the \f[B]cdrom\f[].
  110. .PP
  111. To have the pool mounted at boot or otherwise accessable from related
  112. tools use \f[B]/etc/fstab\f[].
  113. .IP
  114. .nf
  115. \f[C]
  116. #\ <file\ system>\ \ \ \ \ \ \ \ <mount\ point>\ \ <type>\ \ \ \ \ \ \ \ \ <options>\ \ \ \ \ \ \ \ \ \ \ \ \ <dump>\ \ <pass>
  117. /mnt/disk*:/mnt/cdrom\ \ /media/drives\ \ fuse.mergerfs\ \ defaults,allow_other\ \ 0\ \ \ \ \ \ \ 0
  118. \f[]
  119. .fi
  120. .PP
  121. \f[B]NOTE:\f[] the globbing is done at mount or xattr update time (see
  122. below).
  123. If a new directory is added matching the glob after the fact it will not
  124. be automatically included.
  125. .PP
  126. \f[B]NOTE:\f[] for mounting via \f[B]fstab\f[] to work you must have
  127. \f[B]mount.fuse\f[] installed.
  128. For Ubuntu/Debian it is included in the \f[B]fuse\f[] package.
  129. .SH FUNCTIONS / POLICIES / CATEGORIES
  130. .PP
  131. The POSIX filesystem API has a number of functions.
  132. \f[B]creat\f[], \f[B]stat\f[], \f[B]chown\f[], etc.
  133. In mergerfs these functions are grouped into 3 categories:
  134. \f[B]action\f[], \f[B]create\f[], and \f[B]search\f[].
  135. Functions and categories can be assigned a policy which dictates how
  136. \f[B]mergerfs\f[] behaves.
  137. Any policy can be assigned to a function or category though some are not
  138. very practical.
  139. For instance: \f[B]rand\f[] (random) may be useful for file creation
  140. (create) but could lead to very odd behavior if used for \f[C]chmod\f[]
  141. (though only if there were more than one copy of the file).
  142. .PP
  143. Policies, when called to create, will ignore drives which are readonly
  144. or have less than \f[B]minfreespace\f[].
  145. This allows for read/write and readonly drives to be mixed together and
  146. keep drives which may remount as readonly on error from further
  147. affecting the pool.
  148. .SS Function / Category classifications
  149. .PP
  150. .TS
  151. tab(@);
  152. l l.
  153. T{
  154. Category
  155. T}@T{
  156. FUSE Functions
  157. T}
  158. _
  159. T{
  160. action
  161. T}@T{
  162. chmod, chown, link, removexattr, rename, rmdir, setxattr, truncate,
  163. unlink, utimens
  164. T}
  165. T{
  166. create
  167. T}@T{
  168. create, mkdir, mknod, symlink
  169. T}
  170. T{
  171. search
  172. T}@T{
  173. access, getattr, getxattr, ioctl, listxattr, open, readlink
  174. T}
  175. T{
  176. N/A
  177. T}@T{
  178. fallocate, fgetattr, fsync, ftruncate, ioctl, read, readdir, release,
  179. statfs, write
  180. T}
  181. .TE
  182. .PP
  183. Due to FUSE limitations \f[B]ioctl\f[] behaves differently if its acting
  184. on a directory.
  185. It\[aq]ll use the \f[B]getattr\f[] policy to find and open the directory
  186. before issuing the \f[B]ioctl\f[].
  187. In other cases where something may be searched (to confirm a directory
  188. exists across all source mounts) \f[B]getattr\f[] will also be used.
  189. .SS Policy descriptions
  190. .PP
  191. .TS
  192. tab(@);
  193. l l.
  194. T{
  195. Policy
  196. T}@T{
  197. Description
  198. T}
  199. _
  200. T{
  201. all
  202. T}@T{
  203. Search category: acts like \f[B]ff\f[].
  204. Action category: apply to all found.
  205. Create category: for \f[B]mkdir\f[], \f[B]mknod\f[], and
  206. \f[B]symlink\f[] it will apply to all found.
  207. \f[B]create\f[] works like \f[B]ff\f[].
  208. It will exclude readonly drives and those with free space less than
  209. \f[B]minfreespace\f[].
  210. T}
  211. T{
  212. epall (existing path, all)
  213. T}@T{
  214. Search category: acts like \f[B]epff\f[].
  215. Action category: apply to all found.
  216. Create category: for \f[B]mkdir\f[], \f[B]mknod\f[], and
  217. \f[B]symlink\f[] it will apply to all existing paths found.
  218. \f[B]create\f[] works like \f[B]epff\f[].
  219. It will exclude readonly drives and those with free space less than
  220. \f[B]minfreespace\f[].
  221. T}
  222. T{
  223. epff
  224. T}@T{
  225. Given the order of the drives, as defined at mount time or when
  226. configured via the xattr interface, act on the first one found where the
  227. path already exists.
  228. For \f[B]create\f[] category it will exclude readonly drives and those
  229. with free space less than \f[B]minfreespace\f[] (unless there is no
  230. other option).
  231. Falls back to \f[B]ff\f[].
  232. T}
  233. T{
  234. eplfs (existing path, least free space)
  235. T}@T{
  236. If the path exists on multiple drives use the one with the least free
  237. space.
  238. For \f[B]create\f[] category it will exclude readonly drives and those
  239. with free space less than \f[B]minfreespace\f[].
  240. Falls back to \f[B]lfs\f[].
  241. T}
  242. T{
  243. eplus (existing path, least used space)
  244. T}@T{
  245. If the path exists on multiple drives use the one with the least used
  246. space.
  247. For \f[B]create\f[] category it will exclude readonly drives and those
  248. with free space less than \f[B]minfreespace\f[].
  249. Falls back to \f[B]lus\f[].
  250. T}
  251. T{
  252. epmfs (existing path, most free space)
  253. T}@T{
  254. If the path exists on multiple drives use the one with the most free
  255. space.
  256. For \f[B]create\f[] category it will exclude readonly drives and those
  257. with free space less than \f[B]minfreespace\f[].
  258. Falls back to \f[B]mfs\f[].
  259. T}
  260. T{
  261. eprand (existing path, random)
  262. T}@T{
  263. Calls \f[B]epall\f[] and then randomizes.
  264. T}
  265. T{
  266. erofs
  267. T}@T{
  268. Exclusively return \f[B]\-1\f[] with \f[B]errno\f[] set to
  269. \f[B]EROFS\f[].
  270. By setting \f[B]create\f[] functions to this you can in effect turn the
  271. filesystem readonly.
  272. T}
  273. T{
  274. ff (first found)
  275. T}@T{
  276. Given the order of the drives, as defined at mount time or when
  277. configured via xattr interface, act on the first one found.
  278. For \f[B]create\f[] category it will exclude readonly drives and those
  279. with free space less than \f[B]minfreespace\f[] (unless there is no
  280. other option).
  281. T}
  282. T{
  283. lfs (least free space)
  284. T}@T{
  285. Pick the drive with the least available free space.
  286. For \f[B]create\f[] category it will exclude readonly drives and those
  287. with free space less than \f[B]minfreespace\f[].
  288. Falls back to \f[B]mfs\f[].
  289. T}
  290. T{
  291. lus (least used space)
  292. T}@T{
  293. Pick the drive with the least used space.
  294. For \f[B]create\f[] category it will exclude readonly drives and those
  295. with free space less than \f[B]minfreespace\f[].
  296. Falls back to \f[B]mfs\f[].
  297. T}
  298. T{
  299. mfs (most free space)
  300. T}@T{
  301. Pick the drive with the most available free space.
  302. For \f[B]create\f[] category it will exclude readonly drives and those
  303. with free space less than \f[B]minfreespace\f[].
  304. Falls back to \f[B]ff\f[].
  305. T}
  306. T{
  307. newest (newest file)
  308. T}@T{
  309. Pick the file / directory with the largest mtime.
  310. For \f[B]create\f[] category it will exclude readonly drives and those
  311. with free space less than \f[B]minfreespace\f[] (unless there is no
  312. other option).
  313. T}
  314. T{
  315. rand (random)
  316. T}@T{
  317. Calls \f[B]all\f[] and then randomizes.
  318. T}
  319. .TE
  320. .PP
  321. \f[B]epff\f[], \f[B]eplfs\f[], \f[B]eplus\f[], and \f[B]epmf\f[] are
  322. path preserving policies.
  323. As the descriptions above explain they will only consider drives where
  324. the path being accessed exists.
  325. Non\-path preserving policies will clone paths as necessary.
  326. .SS Defaults
  327. .PP
  328. .TS
  329. tab(@);
  330. l l.
  331. T{
  332. Category
  333. T}@T{
  334. Policy
  335. T}
  336. _
  337. T{
  338. action
  339. T}@T{
  340. all
  341. T}
  342. T{
  343. create
  344. T}@T{
  345. epmfs
  346. T}
  347. T{
  348. search
  349. T}@T{
  350. ff
  351. T}
  352. .TE
  353. .SS rename & link
  354. .PP
  355. rename (http://man7.org/linux/man-pages/man2/rename.2.html) is a tricky
  356. function in a merged system.
  357. Normally if a rename can\[aq]t be done atomically due to the source and
  358. destination paths existing on different mount points it will return
  359. \f[B]\-1\f[] with \f[B]errno = EXDEV\f[].
  360. The atomic rename is most critical for replacing files in place
  361. atomically (such as securing writing to a temp file and then replacing a
  362. target).
  363. The problem is that by merging multiple paths you can have N instances
  364. of the source and destinations on different drives.
  365. This can lead to several undesirable situtations with or without errors
  366. and it\[aq]s not entirely obvious what to do when an error occurs.
  367. .PP
  368. Originally mergerfs would return EXDEV whenever a rename was requested
  369. which was cross directory in any way.
  370. This made the code simple and was technically complient with POSIX
  371. requirements.
  372. However, many applications fail to handle EXDEV at all and treat it as a
  373. normal error or they only partially support EXDEV (don\[aq]t respond the
  374. same as \f[C]mv\f[] would).
  375. Such apps include: gvfsd\-fuse v1.20.3 and prior, Finder / CIFS/SMB
  376. client in Apple OSX 10.9+, NZBGet, Samba\[aq]s recycling bin feature.
  377. .IP \[bu] 2
  378. If using a \f[B]create\f[] policy which tries to preserve directory
  379. paths (epff,eplfs,eplus,epmfs)
  380. .IP \[bu] 2
  381. Using the \f[B]rename\f[] policy get the list of files to rename
  382. .IP \[bu] 2
  383. For each file attempt rename:
  384. .RS 2
  385. .IP \[bu] 2
  386. If failure with ENOENT run \f[B]create\f[] policy
  387. .IP \[bu] 2
  388. If create policy returns the same drive as currently evaluating then
  389. clone the path
  390. .IP \[bu] 2
  391. Re\-attempt rename
  392. .RE
  393. .IP \[bu] 2
  394. If \f[B]any\f[] of the renames succeed the higher level rename is
  395. considered a success
  396. .IP \[bu] 2
  397. If \f[B]no\f[] renames succeed the first error encountered will be
  398. returned
  399. .IP \[bu] 2
  400. On success:
  401. .RS 2
  402. .IP \[bu] 2
  403. Remove the target from all drives with no source file
  404. .IP \[bu] 2
  405. Remove the source from all drives which failed to rename
  406. .RE
  407. .IP \[bu] 2
  408. If using a \f[B]create\f[] policy which does \f[B]not\f[] try to
  409. preserve directory paths
  410. .IP \[bu] 2
  411. Using the \f[B]rename\f[] policy get the list of files to rename
  412. .IP \[bu] 2
  413. Using the \f[B]getattr\f[] policy get the target path
  414. .IP \[bu] 2
  415. For each file attempt rename:
  416. .RS 2
  417. .IP \[bu] 2
  418. If the source drive != target drive:
  419. .IP \[bu] 2
  420. Clone target path from target drive to source drive
  421. .IP \[bu] 2
  422. Rename
  423. .RE
  424. .IP \[bu] 2
  425. If \f[B]any\f[] of the renames succeed the higher level rename is
  426. considered a success
  427. .IP \[bu] 2
  428. If \f[B]no\f[] renames succeed the first error encountered will be
  429. returned
  430. .IP \[bu] 2
  431. On success:
  432. .RS 2
  433. .IP \[bu] 2
  434. Remove the target from all drives with no source file
  435. .IP \[bu] 2
  436. Remove the source from all drives which failed to rename
  437. .RE
  438. .PP
  439. The the removals are subject to normal entitlement checks.
  440. .PP
  441. The above behavior will help minimize the likelihood of EXDEV being
  442. returned but it will still be possible.
  443. To remove the possibility all together mergerfs would need to perform
  444. the as \f[B]mv\f[] does when it receives EXDEV normally.
  445. .PP
  446. \f[B]link\f[] uses the same basic strategy.
  447. .SS readdir
  448. .PP
  449. readdir (http://linux.die.net/man/3/readdir) is different from all other
  450. filesystem functions.
  451. While it could have it\[aq]s own set of policies to tweak its behavior
  452. at this time it provides a simple union of files and directories found.
  453. Remember that any action or information queried about these files and
  454. directories come from the respective function.
  455. For instance: an \f[B]ls\f[] is a \f[B]readdir\f[] and for each
  456. file/directory returned \f[B]getattr\f[] is called.
  457. Meaning the policy of \f[B]getattr\f[] is responsible for choosing the
  458. file/directory which is the source of the metadata you see in an
  459. \f[B]ls\f[].
  460. .SS statvfs
  461. .PP
  462. statvfs (http://linux.die.net/man/2/statvfs) normalizes the source
  463. drives based on the fragment size and sums the number of adjusted blocks
  464. and inodes.
  465. This means you will see the combined space of all sources.
  466. Total, used, and free.
  467. The sources however are dedupped based on the drive so multiple sources
  468. on the same drive will not result in double counting it\[aq]s space.
  469. .SH BUILDING
  470. .PP
  471. \f[B]NOTE:\f[] Prebuilt packages can be found at:
  472. https://github.com/trapexit/mergerfs/releases
  473. .PP
  474. First get the code from github (http://github.com/trapexit/mergerfs).
  475. .IP
  476. .nf
  477. \f[C]
  478. $\ git\ clone\ https://github.com/trapexit/mergerfs.git
  479. $\ #\ or
  480. $\ wget\ https://github.com/trapexit/mergerfs/releases/download/<ver>/mergerfs\-<ver>.tar.gz
  481. \f[]
  482. .fi
  483. .SS Debian / Ubuntu
  484. .IP
  485. .nf
  486. \f[C]
  487. $\ sudo\ apt\-get\ install\ g++\ pkg\-config\ git\ git\-buildpackage\ pandoc\ debhelper\ libfuse\-dev\ libattr1\-dev\ python
  488. $\ cd\ mergerfs
  489. $\ make\ deb
  490. $\ sudo\ dpkg\ \-i\ ../mergerfs_version_arch.deb
  491. \f[]
  492. .fi
  493. .SS Fedora
  494. .IP
  495. .nf
  496. \f[C]
  497. $\ su\ \-
  498. #\ dnf\ install\ rpm\-build\ fuse\-devel\ libattr\-devel\ pandoc\ gcc\-c++\ git\ make\ which\ python
  499. #\ cd\ mergerfs
  500. #\ make\ rpm
  501. #\ rpm\ \-i\ rpmbuild/RPMS/<arch>/mergerfs\-<verion>.<arch>.rpm
  502. \f[]
  503. .fi
  504. .SS Generically
  505. .PP
  506. Have git, python, pkg\-config, pandoc, libfuse, libattr1 installed.
  507. .IP
  508. .nf
  509. \f[C]
  510. $\ cd\ mergerfs
  511. $\ make
  512. $\ make\ man
  513. $\ sudo\ make\ install
  514. \f[]
  515. .fi
  516. .SH RUNTIME
  517. .SS \&.mergerfs pseudo file
  518. .IP
  519. .nf
  520. \f[C]
  521. <mountpoint>/.mergerfs
  522. \f[]
  523. .fi
  524. .PP
  525. There is a pseudo file available at the mount point which allows for the
  526. runtime modification of certain \f[B]mergerfs\f[] options.
  527. The file will not show up in \f[B]readdir\f[] but can be
  528. \f[B]stat\f[]\[aq]ed and manipulated via
  529. {list,get,set}xattrs (http://linux.die.net/man/2/listxattr) calls.
  530. .PP
  531. Even if xattrs are disabled for mergerfs the
  532. {list,get,set}xattrs (http://linux.die.net/man/2/listxattr) calls
  533. against this pseudo file will still work.
  534. .PP
  535. Any changes made at runtime are \f[B]not\f[] persisted.
  536. If you wish for values to persist they must be included as options
  537. wherever you configure the mounting of mergerfs (fstab).
  538. .SS Keys
  539. .PP
  540. Use \f[C]xattr\ \-l\ /mount/point/.mergerfs\f[] to see all supported
  541. keys.
  542. Some are informational and therefore readonly.
  543. .SS user.mergerfs.srcmounts
  544. .PP
  545. Used to query or modify the list of source mounts.
  546. When modifying there are several shortcuts to easy manipulation of the
  547. list.
  548. .PP
  549. .TS
  550. tab(@);
  551. l l.
  552. T{
  553. Value
  554. T}@T{
  555. Description
  556. T}
  557. _
  558. T{
  559. [list]
  560. T}@T{
  561. set
  562. T}
  563. T{
  564. +<[list]
  565. T}@T{
  566. prepend
  567. T}
  568. T{
  569. +>[list]
  570. T}@T{
  571. append
  572. T}
  573. T{
  574. \-[list]
  575. T}@T{
  576. remove all values provided
  577. T}
  578. T{
  579. \-<
  580. T}@T{
  581. remove first in list
  582. T}
  583. T{
  584. \->
  585. T}@T{
  586. remove last in list
  587. T}
  588. .TE
  589. .SS minfreespace
  590. .PP
  591. Input: interger with an optional multiplier suffix.
  592. \f[B]K\f[], \f[B]M\f[], or \f[B]G\f[].
  593. .PP
  594. Output: value in bytes
  595. .SS moveonenospc
  596. .PP
  597. Input: \f[B]true\f[] and \f[B]false\f[]
  598. .PP
  599. Ouput: \f[B]true\f[] or \f[B]false\f[]
  600. .SS categories / funcs
  601. .PP
  602. Input: short policy string as described elsewhere in this document
  603. .PP
  604. Output: the policy string except for categories where its funcs have
  605. multiple types.
  606. In that case it will be a comma separated list
  607. .SS Example
  608. .IP
  609. .nf
  610. \f[C]
  611. [trapexit:/tmp/mount]\ $\ xattr\ \-l\ .mergerfs
  612. user.mergerfs.srcmounts:\ /tmp/a:/tmp/b
  613. user.mergerfs.minfreespace:\ 4294967295
  614. user.mergerfs.moveonenospc:\ false
  615. \&...
  617. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.category.search\ .mergerfs
  618. ff
  620. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.category.search\ newest\ .mergerfs
  621. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.category.search\ .mergerfs
  622. newest
  624. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.srcmounts\ +/tmp/c\ .mergerfs
  625. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.srcmounts\ .mergerfs
  626. /tmp/a:/tmp/b:/tmp/c
  628. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.srcmounts\ =/tmp/c\ .mergerfs
  629. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.srcmounts\ .mergerfs
  630. /tmp/c
  632. [trapexit:/tmp/mount]\ $\ xattr\ \-w\ user.mergerfs.srcmounts\ \[aq]+</tmp/a:/tmp/b\[aq]\ .mergerfs
  633. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.srcmounts\ .mergerfs
  634. /tmp/a:/tmp/b:/tmp/c
  635. \f[]
  636. .fi
  637. .SS file / directory xattrs
  638. .PP
  639. While they won\[aq]t show up when using
  640. listxattr (http://linux.die.net/man/2/listxattr) \f[B]mergerfs\f[]
  641. offers a number of special xattrs to query information about the files
  642. served.
  643. To access the values you will need to issue a
  644. getxattr (http://linux.die.net/man/2/getxattr) for one of the following:
  645. .IP \[bu] 2
  646. \f[B]user.mergerfs.basepath:\f[] the base mount point for the file given
  647. the current getattr policy
  648. .IP \[bu] 2
  649. \f[B]user.mergerfs.relpath:\f[] the relative path of the file from the
  650. perspective of the mount point
  651. .IP \[bu] 2
  652. \f[B]user.mergerfs.fullpath:\f[] the full path of the original file
  653. given the getattr policy
  654. .IP \[bu] 2
  655. \f[B]user.mergerfs.allpaths:\f[] a NUL (\[aq]\[aq]) separated list of
  656. full paths to all files found
  657. .IP
  658. .nf
  659. \f[C]
  660. [trapexit:/tmp/mount]\ $\ ls
  661. A\ B\ C
  662. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.fullpath\ A
  663. /mnt/a/full/path/to/A
  664. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.basepath\ A
  665. /mnt/a
  666. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.relpath\ A
  667. /full/path/to/A
  668. [trapexit:/tmp/mount]\ $\ xattr\ \-p\ user.mergerfs.allpaths\ A\ |\ tr\ \[aq]\\0\[aq]\ \[aq]\\n\[aq]
  669. /mnt/a/full/path/to/A
  670. /mnt/b/full/path/to/A
  671. \f[]
  672. .fi
  673. .SH TOOLING
  674. .IP \[bu] 2
  675. https://github.com/trapexit/mergerfs\-tools
  676. .IP \[bu] 2
  677. mergerfs.ctl: A tool to make it easier to query and configure mergerfs
  678. at runtime
  679. .IP \[bu] 2
  680. mergerfs.fsck: Provides permissions and ownership auditing and the
  681. ability to fix them
  682. .IP \[bu] 2
  683. mergerfs.dedup: Will help identify and optionally remove duplicate files
  684. .IP \[bu] 2
  685. mergerfs.mktrash: Creates FreeDesktop.org Trash specification compatible
  686. directories on a mergerfs mount
  687. .IP \[bu] 2
  688. https://github.com/trapexit/scorch
  689. .IP \[bu] 2
  690. scorch: A tool to help discover silent corruption of files
  691. .SH TIPS / NOTES
  692. .IP \[bu] 2
  693. Run mergerfs as \f[C]root\f[] unless you\[aq]re merging paths which are
  694. owned by the same user otherwise strange permission issues may arise.
  695. .IP \[bu] 2
  696. https://github.com/trapexit/backup\-and\-recovery\-howtos : A set of
  697. guides / howtos on creating a data storage system, backing it up,
  698. maintaining it, and recovering from failure.
  699. .IP \[bu] 2
  700. If you don\[aq]t see some directories / files you expect in a merged
  701. point be sure the user has permission to all the underlying directories.
  702. If \f[C]/drive0/a\f[] has is owned by \f[C]root:root\f[] with ACLs set
  703. to \f[C]0700\f[] and \f[C]/drive1/a\f[] is \f[C]root:root\f[] and
  704. \f[C]0755\f[] you\[aq]ll see only \f[C]/drive1/a\f[].
  705. Use \f[C]mergerfs.fsck\f[] to audit the drive for out of sync
  706. permissions.
  707. .IP \[bu] 2
  708. Do \f[I]not\f[] use \f[C]direct_io\f[] if you expect applications (such
  709. as rtorrent) to mmap (http://linux.die.net/man/2/mmap) files.
  710. It is not currently supported in FUSE w/ \f[C]direct_io\f[] enabled.
  711. .IP \[bu] 2
  712. Since POSIX gives you only error or success on calls its difficult to
  713. determine the proper behavior when applying the behavior to multiple
  714. targets.
  715. \f[B]mergerfs\f[] will return an error only if all attempts of an action
  716. fail.
  717. Any success will lead to a success returned.
  718. .IP \[bu] 2
  719. The recommended options are \f[B]defaults,allow_other\f[].
  720. The \f[B]allow_other\f[] is to allow users who are not the one which
  721. executed mergerfs access to the mountpoint.
  722. \f[B]defaults\f[] is described above and should offer the best
  723. performance.
  724. It\[aq]s possible that if you\[aq]re running on an older platform the
  725. \f[B]splice\f[] features aren\[aq]t available and could error.
  726. In that case simply use the other options manually.
  727. .IP \[bu] 2
  728. If write performance is valued more than read it may be useful to enable
  729. \f[B]direct_io\f[].
  730. Best to benchmark with and without and choose appropriately.
  731. .IP \[bu] 2
  732. Remember: some policies mixed with some functions may result in strange
  733. behaviors.
  734. Not that some of these behaviors and race conditions couldn\[aq]t happen
  735. outside \f[B]mergerfs\f[] but that they are far more likely to occur on
  736. account of attempt to merge together multiple sources of data which
  737. could be out of sync due to the different policies.
  738. .IP \[bu] 2
  739. An example: Kodi (http://kodi.tv) and Plex (http://plex.tv) can use
  740. directory mtime (http://linux.die.net/man/2/stat) to more efficiently
  741. determine whether to scan for new content rather than simply performing
  742. a full scan.
  743. If using the current default \f[B]getattr\f[] policy of \f[B]ff\f[] its
  744. possible \f[B]Kodi\f[] will miss an update on account of it returning
  745. the first directory found\[aq]s \f[B]stat\f[] info and its a later
  746. directory on another mount which had the \f[B]mtime\f[] recently
  747. updated.
  748. To fix this you will want to set \f[B]func.getattr=newest\f[].
  749. Remember though that this is just \f[B]stat\f[].
  750. If the file is later \f[B]open\f[]\[aq]ed or \f[B]unlink\f[]\[aq]ed and
  751. the policy is different for those then a completely different file or
  752. directory could be acted on.
  753. .IP \[bu] 2
  754. Due to previously mentioned issues its generally best to set
  755. \f[B]category\f[] wide policies rather than individual
  756. \f[B]func\f[]\[aq]s.
  757. This will help limit the confusion of tools such as
  758. rsync (http://linux.die.net/man/1/rsync).
  759. .SH KNOWN ISSUES / BUGS
  760. .SS rtorrent fails with ENODEV (No such device)
  761. .PP
  762. Be sure to turn off \f[C]direct_io\f[].
  763. rtorrent and some other applications use
  764. mmap (http://linux.die.net/man/2/mmap) to read and write to files and
  765. offer no failback to traditional methods.
  766. FUSE does not currently support mmap while using \f[C]direct_io\f[].
  767. There will be a performance penalty on writes with \f[C]direct_io\f[]
  768. off but it\[aq]s the only way to get such applications to work.
  769. If the performance loss is too high for other apps you can mount
  770. mergerfs twice.
  771. Once with \f[C]direct_io\f[] enabled and one without it.
  772. .SS mmap performance is really bad
  773. .PP
  774. There is a bug (https://lkml.org/lkml/2016/3/16/260) in caching which
  775. affects overall performance of mmap through FUSE in Linux 4.x kernels.
  776. It is fixed in 4.4.10 and 4.5.4 (https://lkml.org/lkml/2016/5/11/59).
  777. .SS Trashing files occasionally fails
  778. .PP
  779. This is the same issue as with Samba.
  780. \f[C]rename\f[] returns \f[C]EXDEV\f[] (in our case that will really
  781. only happen with path preserving policies like \f[C]epmfs\f[]) and the
  782. software doesn\[aq]t handle the situtation well.
  783. This is unfortunately a common failure of software which moves files
  784. around.
  785. The standard indicates that an implementation \f[C]MAY\f[] choose to
  786. support non\-user home directory trashing of files (which is a
  787. \f[C]MUST\f[]).
  788. The implementation \f[C]MAY\f[] also support "top directory trashes"
  789. which many probably do.
  790. .PP
  791. To create a \f[C]$topdir/.Trash\f[] directory as defined in the standard
  792. use the mergerfs\-tools (https://github.com/trapexit/mergerfs-tools)
  793. tool \f[C]mergerfs.mktrash\f[].
  794. .SS Samba: Moving files / directories fails
  795. .PP
  796. Workaround: Copy the file/directory and then remove the original rather
  797. than move.
  798. .PP
  799. This isn\[aq]t an issue with Samba but some SMB clients.
  800. GVFS\-fuse v1.20.3 and prior (found in Ubuntu 14.04 among others) failed
  801. to handle certain error codes correctly.
  802. Particularly \f[B]STATUS_NOT_SAME_DEVICE\f[] which comes from the
  803. \f[B]EXDEV\f[] which is returned by \f[B]rename\f[] when the call is
  804. crossing mount points.
  805. When a program gets an \f[B]EXDEV\f[] it needs to explicitly take an
  806. alternate action to accomplish it\[aq]s goal.
  807. In the case of \f[B]mv\f[] or similar it tries \f[B]rename\f[] and on
  808. \f[B]EXDEV\f[] falls back to a manual copying of data between the two
  809. locations and unlinking the source.
  810. In these older versions of GVFS\-fuse if it received \f[B]EXDEV\f[] it
  811. would translate that into \f[B]EIO\f[].
  812. This would cause \f[B]mv\f[] or most any application attempting to move
  813. files around on that SMB share to fail with a IO error.
  814. .PP
  815. GVFS\-fuse v1.22.0 (https://bugzilla.gnome.org/show_bug.cgi?id=734568)
  816. and above fixed this issue but a large number of systems use the older
  817. release.
  818. On Ubuntu the version can be checked by issuing
  819. \f[C]apt\-cache\ showpkg\ gvfs\-fuse\f[].
  820. Most distros released in 2015 seem to have the updated release and will
  821. work fine but older systems may not.
  822. Upgrading gvfs\-fuse or the distro in general will address the problem.
  823. .PP
  824. In Apple\[aq]s MacOSX 10.9 they replaced Samba (client and server) with
  825. their own product.
  826. It appears their new client does not handle \f[B]EXDEV\f[] either and
  827. responds similar to older release of gvfs on Linux.
  828. .SS Supplemental user groups
  829. .PP
  830. Due to the overhead of
  831. getgroups/setgroups (http://linux.die.net/man/2/setgroups) mergerfs
  832. utilizes a cache.
  833. This cache is opportunistic and per thread.
  834. Each thread will query the supplemental groups for a user when that
  835. particular thread needs to change credentials and will keep that data
  836. for the lifetime of the thread.
  837. This means that if a user is added to a group it may not be picked up
  838. without the restart of mergerfs.
  839. However, since the high level FUSE API\[aq]s (at least the standard
  840. version) thread pool dynamically grows and shrinks it\[aq]s possible
  841. that over time a thread will be killed and later a new thread with no
  842. cache will start and query the new data.
  843. .PP
  844. The gid cache uses fixed storage to simplify the design and be
  845. compatible with older systems which may not have C++11 compilers.
  846. There is enough storage for 256 users\[aq] supplemental groups.
  847. Each user is allowed upto 32 supplemental groups.
  848. Linux >= 2.6.3 allows upto 65535 groups per user but most other *nixs
  849. allow far less.
  850. NFS allowing only 16.
  851. The system does handle overflow gracefully.
  852. If the user has more than 32 supplemental groups only the first 32 will
  853. be used.
  854. If more than 256 users are using the system when an uncached user is
  855. found it will evict an existing user\[aq]s cache at random.
  856. So long as there aren\[aq]t more than 256 active users this should be
  857. fine.
  858. If either value is too low for your needs you will have to modify
  859. \f[C]gidcache.hpp\f[] to increase the values.
  860. Note that doing so will increase the memory needed by each thread.
  861. .SS mergerfs or libfuse crashing
  862. .PP
  863. If suddenly the mergerfs mount point disappears and
  864. \f[C]Transport\ endpoint\ is\ not\ connected\f[] is returned when
  865. attempting to perform actions within the mount directory \f[B]and\f[]
  866. the version of libfuse (use \f[C]mergerfs\ \-v\f[] to find the version)
  867. is older than \f[C]2.9.4\f[] its likely due to a bug in libfuse.
  868. Affected versions of libfuse can be found in Debian Wheezy, Ubuntu
  869. Precise and others.
  870. .PP
  871. In order to fix this please install newer versions of libfuse.
  872. If using a Debian based distro (Debian,Ubuntu,Mint) you can likely just
  873. install newer versions of
  874. libfuse (https://packages.debian.org/unstable/libfuse2) and
  875. fuse (https://packages.debian.org/unstable/fuse) from the repo of a
  876. newer release.
  877. .SS mergerfs under heavy load and memory preasure leads to kernel panic
  878. .PP
  879. https://lkml.org/lkml/2016/9/14/527
  880. .IP
  881. .nf
  882. \f[C]
  883. [25192.515454]\ kernel\ BUG\ at\ /build/linux\-a2WvEb/linux\-4.4.0/mm/workingset.c:346!
  884. [25192.517521]\ invalid\ opcode:\ 0000\ [#1]\ SMP
  885. [25192.519602]\ Modules\ linked\ in:\ netconsole\ ip6t_REJECT\ nf_reject_ipv6\ ipt_REJECT\ nf_reject_ipv4\ configfs\ binfmt_misc\ veth\ bridge\ stp\ llc\ nf_conntrack_ipv6\ nf_defrag_ipv6\ xt_conntrack\ ip6table_filter\ ip6_tables\ xt_multiport\ iptable_filter\ ipt_MASQUERADE\ nf_nat_masquerade_ipv4\ xt_comment\ xt_nat\ iptable_nat\ nf_conntrack_ipv4\ nf_defrag_ipv4\ nf_nat_ipv4\ nf_nat\ nf_conntrack\ xt_CHECKSUM\ xt_tcpudp\ iptable_mangle\ ip_tables\ x_tables\ intel_rapl\ x86_pkg_temp_thermal\ intel_powerclamp\ eeepc_wmi\ asus_wmi\ coretemp\ sparse_keymap\ kvm_intel\ ppdev\ kvm\ irqbypass\ mei_me\ 8250_fintek\ input_leds\ serio_raw\ parport_pc\ tpm_infineon\ mei\ shpchp\ mac_hid\ parport\ lpc_ich\ autofs4\ drbg\ ansi_cprng\ dm_crypt\ algif_skcipher\ af_alg\ btrfs\ raid456\ async_raid6_recov\ async_memcpy\ async_pq\ async_xor\ async_tx\ xor\ raid6_pq\ libcrc32c\ raid0\ multipath\ linear\ raid10\ raid1\ i915\ crct10dif_pclmul\ crc32_pclmul\ aesni_intel\ i2c_algo_bit\ aes_x86_64\ drm_kms_helper\ lrw\ gf128mul\ glue_helper\ ablk_helper\ syscopyarea\ cryptd\ sysfillrect\ sysimgblt\ fb_sys_fops\ drm\ ahci\ r8169\ libahci\ mii\ wmi\ fjes\ video\ [last\ unloaded:\ netconsole]
  886. [25192.540910]\ CPU:\ 2\ PID:\ 63\ Comm:\ kswapd0\ Not\ tainted\ 4.4.0\-36\-generic\ #55\-Ubuntu
  887. [25192.543411]\ Hardware\ name:\ System\ manufacturer\ System\ Product\ Name/P8H67\-M\ PRO,\ BIOS\ 3904\ 04/27/2013
  888. [25192.545840]\ task:\ ffff88040cae6040\ ti:\ ffff880407488000\ task.ti:\ ffff880407488000
  889. [25192.548277]\ RIP:\ 0010:[<ffffffff811ba501>]\ \ [<ffffffff811ba501>]\ shadow_lru_isolate+0x181/0x190
  890. [25192.550706]\ RSP:\ 0018:ffff88040748bbe0\ \ EFLAGS:\ 00010002
  891. [25192.553127]\ RAX:\ 0000000000001c81\ RBX:\ ffff8802f91ee928\ RCX:\ ffff8802f91eeb38
  892. [25192.555544]\ RDX:\ ffff8802f91ee938\ RSI:\ ffff8802f91ee928\ RDI:\ ffff8804099ba2c0
  893. [25192.557914]\ RBP:\ ffff88040748bc08\ R08:\ 000000000001a7b6\ R09:\ 000000000000003f
  894. [25192.560237]\ R10:\ 000000000001a750\ R11:\ 0000000000000000\ R12:\ ffff8804099ba2c0
  895. [25192.562512]\ R13:\ ffff8803157e9680\ R14:\ ffff8803157e9668\ R15:\ ffff8804099ba2c8
  896. [25192.564724]\ FS:\ \ 0000000000000000(0000)\ GS:ffff88041f280000(0000)\ knlGS:0000000000000000
  897. [25192.566990]\ CS:\ \ 0010\ DS:\ 0000\ ES:\ 0000\ CR0:\ 0000000080050033
  898. [25192.569201]\ CR2:\ 00007ffabb690000\ CR3:\ 0000000001e0a000\ CR4:\ 00000000000406e0
  899. [25192.571419]\ Stack:
  900. [25192.573550]\ \ ffff8804099ba2c0\ ffff88039e4f86f0\ ffff8802f91ee928\ ffff8804099ba2c8
  901. [25192.575695]\ \ ffff88040748bd08\ ffff88040748bc58\ ffffffff811b99bf\ 0000000000000052
  902. [25192.577814]\ \ 0000000000000000\ ffffffff811ba380\ 000000000000008a\ 0000000000000080
  903. [25192.579947]\ Call\ Trace:
  904. [25192.582022]\ \ [<ffffffff811b99bf>]\ __list_lru_walk_one.isra.3+0x8f/0x130
  905. [25192.584137]\ \ [<ffffffff811ba380>]\ ?\ memcg_drain_all_list_lrus+0x190/0x190
  906. [25192.586165]\ \ [<ffffffff811b9a83>]\ list_lru_walk_one+0x23/0x30
  907. [25192.588145]\ \ [<ffffffff811ba544>]\ scan_shadow_nodes+0x34/0x50
  908. [25192.590074]\ \ [<ffffffff811a0e9d>]\ shrink_slab.part.40+0x1ed/0x3d0
  909. [25192.591985]\ \ [<ffffffff811a53da>]\ shrink_zone+0x2ca/0x2e0
  910. [25192.593863]\ \ [<ffffffff811a64ce>]\ kswapd+0x51e/0x990
  911. [25192.595737]\ \ [<ffffffff811a5fb0>]\ ?\ mem_cgroup_shrink_node_zone+0x1c0/0x1c0
  912. [25192.597613]\ \ [<ffffffff810a0808>]\ kthread+0xd8/0xf0
  913. [25192.599495]\ \ [<ffffffff810a0730>]\ ?\ kthread_create_on_node+0x1e0/0x1e0
  914. [25192.601335]\ \ [<ffffffff8182e34f>]\ ret_from_fork+0x3f/0x70
  915. [25192.603193]\ \ [<ffffffff810a0730>]\ ?\ kthread_create_on_node+0x1e0/0x1e0
  916. \f[]
  917. .fi
  918. .PP
  919. There is a bug in the kernel.
  920. A work around appears to be turning off \f[C]splice\f[].
  921. Add \f[C]no_splice_write,no_splice_move,no_splice_read\f[] to
  922. mergerfs\[aq] options.
  923. Should be placed after \f[C]defaults\f[] if it is used since it will
  924. turn them on.
  925. .SH FAQ
  926. .SS Why use mergerfs over mhddfs?
  927. .PP
  928. mhddfs is no longer maintained and has some known stability and security
  929. issues (see below).
  930. MergerFS provides a superset of mhddfs\[aq] features and should offer
  931. the same or maybe better performance.
  932. .SS Why use mergerfs over aufs?
  933. .PP
  934. While aufs can offer better peak performance mergerfs offers more
  935. configurability and is generally easier to use.
  936. mergerfs however doesn\[aq]t offer the same overlay features (which
  937. tends to result in whiteout files being left around the underlying
  938. filesystems.)
  939. .SS Why use mergerfs over LVM/ZFS/BTRFS/RAID0 drive concatenation /
  940. striping?
  941. .PP
  942. With simple JBOD / drive concatenation / stripping / RAID0 a single
  943. drive failure will lead to full pool failure.
  944. mergerfs performs a similar behavior without the catastrophic failure
  945. and general lack of recovery.
  946. Drives can fail and all other data will continue to be accessable.
  947. .PP
  948. When combined with something like SnapRaid (http://www.snapraid.it)
  949. and/or an offsite full backup solution you can have the flexibilty of
  950. JBOD without the single point of failure.
  951. .SS Can drives be written to directly? Outside of mergerfs while pooled?
  952. .PP
  953. Yes.
  954. It will be represented immediately in the pool as the policies would
  955. describe.
  956. .SS Why do I get an "out of space" error even though the system says
  957. there\[aq]s lots of space left?
  958. .PP
  959. Please reread the sections above about policies, path preserving, and
  960. the \f[B]moveonenospc\f[] option.
  961. If the policy is path preserving and a drive is almost full and the
  962. drive the policy would pick then the writing of the file may fill the
  963. drive and receive ENOSPC errors.
  964. That is expected with those settings.
  965. If you don\[aq]t want that: enable \f[B]moveonenospc\f[] and don\[aq]t
  966. use a path preserving policy.
  967. .SS How are inodes calculated?
  968. .PP
  969. mergerfs\-inode = (original\-inode | (device\-id << 32))
  970. .PP
  971. While \f[C]ino_t\f[] is 64 bits few filesystems use more than 32.
  972. Similarly, while \f[C]dev_t\f[] is also 64 bits it was traditionally 16
  973. bits.
  974. Bitwise or\[aq]ing them together should work most of the time.
  975. Should it cause a problem in the future the values could be hashed
  976. instead.
  977. .SS It\[aq]s mentioned that there are some security issues with mhddfs.
  978. What are they? How does mergerfs address them?
  979. .PP
  980. mhddfs (https://github.com/trapexit/mhddfs) tries to handle being run as
  981. \f[B]root\f[] by calling
  982. getuid() (https://github.com/trapexit/mhddfs/blob/cae96e6251dd91e2bdc24800b4a18a74044f6672/src/main.c#L319)
  983. and if it returns \f[B]0\f[] then it will
  984. chown (http://linux.die.net/man/1/chown) the file.
  985. Not only is that a race condition but it doesn\[aq]t handle many other
  986. situations.
  987. Rather than attempting to simulate POSIX ACL behaviors the proper
  988. behavior is to use seteuid (http://linux.die.net/man/2/seteuid) and
  989. setegid (http://linux.die.net/man/2/setegid), become the user making the
  990. original call and perform the action as them.
  991. This is how mergerfs (https://github.com/trapexit/mergerfs) handles
  992. things.
  993. .PP
  994. If you are familiar with POSIX standards you\[aq]ll know that this
  995. behavior poses a problem.
  996. \f[B]seteuid\f[] and \f[B]setegid\f[] affect the whole process and
  997. \f[B]libfuse\f[] is multithreaded by default.
  998. We\[aq]d need to lock access to \f[B]seteuid\f[] and \f[B]setegid\f[]
  999. with a mutex so that the several threads aren\[aq]t stepping on one
  1000. anofther and files end up with weird permissions and ownership.
  1001. This however wouldn\[aq]t scale well.
  1002. With lots of calls the contention on that mutex would be extremely high.
  1003. Thankfully on Linux and OSX we have a better solution.
  1004. .PP
  1005. OSX has a non\-portable pthread
  1006. extension (https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man2/pthread_setugid_np.2.html)
  1007. for per\-thread user and group impersonation.
  1008. .PP
  1009. Linux does not support
  1010. pthread_setugid_np (https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man2/pthread_setugid_np.2.html)
  1011. but user and group IDs are a per\-thread attribute though documentation
  1012. on that fact or how to manipulate them is not well distributed.
  1013. From the \f[B]4.00\f[] release of the Linux man\-pages project for
  1014. setuid (http://man7.org/linux/man-pages/man2/setuid.2.html).
  1015. .RS
  1016. .PP
  1017. At the kernel level, user IDs and group IDs are a per\-thread attribute.
  1018. However, POSIX requires that all threads in a process share the same
  1019. credentials.
  1020. The NPTL threading implementation handles the POSIX requirements by
  1021. providing wrapper functions for the various system calls that change
  1022. process UIDs and GIDs.
  1023. These wrapper functions (including the one for setuid()) employ a
  1024. signal\-based technique to ensure that when one thread changes
  1025. credentials, all of the other threads in the process also change their
  1026. credentials.
  1027. For details, see nptl(7).
  1028. .RE
  1029. .PP
  1030. Turns out the setreuid syscalls apply only to the thread.
  1031. GLIBC hides this away using RT signals to inform all threads to change
  1032. credentials.
  1033. Taking after \f[B]Samba\f[] mergerfs uses
  1034. \f[B]syscall(SYS_setreuid,...)\f[] to set the callers credentials for
  1035. that thread only.
  1036. Jumping back to \f[B]root\f[] as necessary should escalated privileges
  1037. be needed (for instance: to clone paths).
  1038. .PP
  1039. For non\-Linux systems mergerfs uses a read\-write lock and changes
  1040. credentials only when necessary.
  1041. If multiple threads are to be user X then only the first one will need
  1042. to change the processes credentials.
  1043. So long as the other threads need to be user X they will take a readlock
  1044. allow multiple threads to share the credentials.
  1045. Once a request comes in to run as user Y that thread will attempt a
  1046. write lock and change to Y\[aq]s credentials when it can.
  1047. If the ability to give writers priority is supported then that flag will
  1048. be used so threads trying to change credentials don\[aq]t starve.
  1049. This isn\[aq]t the best solution but should work reasonably well.
  1050. As new platforms are supported if they offer per thread credentials
  1051. those APIs will be adopted.
  1052. .SH SUPPORT
  1053. .SS Issues with the software
  1054. .IP \[bu] 2
  1055. github.com: https://github.com/trapexit/mergerfs/issues
  1056. .IP \[bu] 2
  1057. email: trapexit\@spawn.link
  1058. .SS Support development
  1059. .IP \[bu] 2
  1060. Gratipay: https://gratipay.com/~trapexit
  1061. .IP \[bu] 2
  1062. BitCoin: 12CdMhEPQVmjz3SSynkAEuD5q9JmhTDCZA
  1063. .SH LINKS
  1064. .IP \[bu] 2
  1065. http://github.com/trapexit/mergerfs
  1066. .IP \[bu] 2
  1067. http://github.com/trapexit/mergerfs\-tools
  1068. .IP \[bu] 2
  1069. http://github.com/trapexit/scorch
  1070. .IP \[bu] 2
  1071. http://github.com/trapexit/backup\-and\-recovery\-howtos
  1072. .SH AUTHORS
  1073. Antonio SJ Musumeci <trapexit@spawn.link>.