Opened 6 weeks ago

Last modified 5 weeks ago

#31937 new enhancement

decide and document that stuff in the CacheDirectory can be deleted while Tor is running

Reported by: arma Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Normal Keywords:
Cc: eighthave Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

As of #24272 and #22703 we have a separate CacheDirectory that Tor can use to put transient things like cached directory info.

_hc asked just now if it's ok to put the CacheDirectory, for Tor on Android, in a place where it might get blown away periodically.

On #24272 I see an example value being "/var/cache/".

And on https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s05.html it says that for /var/cache/, "The application must always be able to recover from manual deletion of these files (generally because of a disk space shortage)."

So I think the answer is yes, we should support having the files in CacheDirectory disappear out from under us.

So:

  • Step zero is to decide that this is what we want.
  • Step one is to learn whether Tor breaks currently in this situation. Like, we mmap some of those files. If they get deleted, does everything go smoothly? (For some Linux filesystems, the file can be deleted but Tor will still hold its copy in existence until it gives up the file descriptor, which would seem helpful in this situation. But I bet not all OSes and FSes work that way.)
  • And step two would be to change the man page to say what we do or don't promise here.

Child Tickets

Change History (3)

comment:1 Changed 6 weeks ago by eighthave

Android apps get two relevant dirs allocated: cache and data. Both can be wiped by the user, the main difference is that when cache is wiped, the app is not killed. When data is wiped, cache is also wiped then the app is killed, because the assumption is that the app has been reset to default.

comment:2 Changed 5 weeks ago by nickm

It's not actually supported to remove any files out from underneath Tor while it's running; only between runs. If we decide we want to support this, we'll have some coding to do.

It's not clear that we actually want to encourage this: everything in the cache will either be deleted by Tor itself, or will be needed the next time Tor runs. If we don't have it, we'll have to fetch it again, which will waste bandwidth.

Maybe we should look into wasys to store our data more compactly on Android?

comment:3 Changed 5 weeks ago by eighthave

I think the bigger question is sorting out the true "cache" files that can be deleted at will, and the "data" files that need to be kept around. XDG's definition is a little looser, but not much: "There is a single base directory relative to which user-specific non-essential (cached) data should be written. This directory is defined by the environment variable $XDG_CACHE_HOME."https://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html

To me, "non-essential" means things will run regardless of the presence of those files. So XDG's definition of "cache" is pretty much the same as Android's.

Note: See TracTickets for help on using tickets.