Protecting Windows users with hard links

A friend of mine was called in to a small architectural firm that he'd done some consulting work for in the past because of a delicate situation. It seems one of their employees had been clicking & dragging in Windows and had mistakingly trashed a lot of the companies project files that were shared via Samba from a Linux server. Oops.

Turns out the company doesn't have any recent backups because the employee who had been responsible for making backups had died (unexpectedly) of a heart-attack last year. Double oops. :-(

My friend was able to recover a lot of their data by using The Coroner's Toolkit, but it was a fairly tedious process. One would have hoped this company had learned their lesson...

But a few days later someone else accidentally deleted other files. Triple oops.

When I heard this story I asked "gee, what's it going to take to keep these guys from repeatedly shooting themselves in the foot?" My consultant friend could stand to make a pretty penny undeleting files for them, but obviously all parties involved could make better use of their time.

So I said "hey, you know... in Unix a file isn't deleted until it's hard link count goes to zero." Suddenly an obvious solution materialized in my mind. Write a program that monitors a particular set of directories. For each unique file it finds make a hard link to it in another location. (The only caveat being that hard links cannot span partitions or file systems.) If you built up a database of known files you could easily determine which files had been deleted and easily restore them by making a hard link back.

This solution seemed particularly elegant in that you could also track when a file had last been seen and then, if it hadn't been restored in a certain time period, delete the "backup" hard link, thus freeing the disk space. If this architectural firm had this type of system then my friend could quickly restore files for them in a matter of seconds as long as they noticed their mistake within (say) a month.

So at this point it was pure vaporware. (There may well be utilities out there, commercial or OSS that do this, but I've never actually looked for them.) I was just thinking outloud.

Next thing I knew a day or two later I got a call: "the company wants to buy this software. They'd be willing to pay $495 for it if you can create it quickly." I said OK as long as I got to keep the copyright.

Wow. My first contract for pure vaporware!

So last Saturday I wrote fguard (short for file guard). It was a 500-or so line Tcl script that uses the Unix find and ln (for a lot of the heavy lifting) and keeps a database of known files in sqlite. Two cron jobs later (one to do daily scans, and another to expire deleted files after they've gone thirty days without being restored) and the company should feel less pain next time they shoot themselves in the foot.

At this point I should probably write take the time to write documentation and release it (if there's interest; it's really such a basic idea...)

—Michael A. Cleverly


  1. Will Duquette wrote (at Mon, 27 Feb 2006, 20:47):

As I've noted so often before...."It's amazing what you can do with the right tools."

  1. Kevin Walzer wrote (at Sun, 05 Mar 2006, 15:31):

Congratulations, Michael! Opportunity favors the well-prepared.

Permanent URL for this post: