On Wed, Jun 3, 2020 at 11:59 AM <gra...@grahamc.com> wrote: > Hello, > > The `zfs destroy` man page rightly warns about using `-r`: > > > Extreme care should be taken when applying either the -r or the > > -R options, as they can destroy large portions of a pool and > > cause unexpected behavior for mounted file systems in use. > > I've submitted a PR[0] to openzfs adding a new `-t` option, which > reduces the capabilites of a given `zfs destroy` call. The goal is > to make `-r` safer to use, by letting the caller specify the type of > what they're trying to destroy. > > The `-t` option accepts a comma-separated list of the following > values: filesystem, volume, snapshot, snap, bookmark, and all. > > It has the following behaviors: > > * attempting to delete a single thing which does not match a provided > type fails. > * Passing `-t snapshot` will guarantee that only snapshots are > destroyed. > * a recursive destroy with `-t volume` or `-t filesystem` will not > delete any filesystems or volumes which have snapshots or bookmarks. > * a recursive destroy with `-t volume,snapshot` or > `-t filesystem,snapshot` will delete any filesystems or volumes > which have snapshots. > * Passing `-t volume,bookmark` has the same behavior, but with > bookmarks. > * Passing `-t volume,snapshot,bookmark` will delete all volumes and > their bookmarks and snapshots. > > I'm a little confused by the rules for "compositing" (specifying multiple "types"). It would be nice if there was one rule for what "-t X,Y" means (e.g. "must be both X and Y" or "must be X or Y"), but I think that is not currently the case:
"-t snapshot" -> destroys snapshots only (set S) "-t volume" -> destroys volumes only (set V) "-t filesystem" -> destroys filesystems only (set F) "-t snapshot,bookmark" -> destroys snapshots and bookmarks (S union V) "-t filesystem,volume" -> destroys filesystems and volumes (F union V) "-t snapshot,volume" -> destroys volumes, and snapshots of volumes, which is not (S union V) or (S intersection V), it's "S union a subset of V". I understand that a goal may be to be able to say "destroy volumes and their snapshots, but not filesystems or their snapshots", in which case I think we need to come up with a different syntax for that. For example, this is kind of ugly but I think it's easier to understand the details: -t [filesystem, volume, fs_snap, vol_snap, any_snap, fs_book, vol_book, any_book, any] Where "fs_snap" means snapshots of filesystems, etc. Then if you specify multiple, it would mean "must be X or Y", i.e. "both X and Y can be destroyed". --matt ------------------------------------------ openzfs: openzfs-developer Permalink: https://openzfs.topicbox.com/groups/developer/T06af513a824c4d4b-M6f5ae3906d7e4e4e51667d4a Delivery options: https://openzfs.topicbox.com/groups/developer/subscription
