Trash spec: wrapping up

[Alexander Larsson]

On Wed, 2004-09-22 at 13:00 +0200, David Faure wrote:
> On Wednesday 22 September 2004 10:09, Alexander Larsson wrote:
> > On Tue, 2004-09-21 at 17:00 +0200, David Faure wrote:
> > > I'm done with the trash implementation in KDE (after I fix the last undo/redo bug today :).
> > > 
> > > The last draft of the spec seems to be OK with everyone involved,
> > > so how about we turn it into an official freedesktop standard?
> > > Does anyone know how we should proceed for this to happen?
> > > 
> > > I would like to thank Mikhail and Alexander for their participation in the
> > > creation of this spec, BTW!
> > 
> > Where is there a link to the last draft? I wanna make sure it looks ok.
> 
> http://www.ramendik.ru/docs/trashspec.html

It looks mostly ok to me. Some small comments:

"A relative pathname is to be from the directory in which the trash
directory resides (i.e., from $XDG_DATA_HOME for the home trash\
directory); it MUST not contain .."

It must not contain "/../". However, "foo..bar" is fine.

"The value type for this key is localestring; it should use the locale
in which file names are stored on this file systems, or, if this is
unknown, UTF-8."

Didn't we decide to not place any interpretion on the bytes of the
filename?

"When trashing a file or directory, the implementation SHOULD create the
corresponding file in $trash/info first. Moreover, it SHOULD use O_EXCL
when creating it. Before creating this file, or before trying again if
the creation fails, the implementation should check whether a file with
the same already exists; if so, the name should be changed. (This
prevents a race condition if two processes try to trash files at the
same time, and attempt to use the same file name.)"

This says that you don't have to use O_EXCL (SHOULD, not MUST), and then
goes on to say you should look before creating the file, which is racy. 

I guess most implementers will know how to really create a file
atomically, but it would be nice if this was something like:

When trashing a file or directory, the implementation MUST create the
corresponding file in $trash/info first. Moreover, it MUST try to do
this in an atomic fashion, so that if two processes try trash files with
the same filename they will result in two different trash files. On Unix
systems this is done by generating a filename, and then opening with
O_EXCL. If that succeeds the creation was atomic (at least on the same
machine), if it fails you need to pick another filename.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Alexander Larsson                                            Red Hat, Inc 
                   alexl at redhat.com    alla at lysator.liu.se 
He's a benighted guitar-strumming master criminal in drag. She's a man-hating 
kleptomaniac vampire prone to fits of savage, blood-crazed rage. They fight 
crime!