Protecting our /proj directories
Users have a bad habit of deleting directories we use and rely on in /proj/PID. In particular
tbdata. It gets really bad if they blow away their images since we no longer back those up.
What can we do to better protect these? Given that Emulab accesses these directories, both for read and write, as the project users themselves, there is probably nothing we can do using filesystem access controls.
That leaves us with obscurity! Maybe we should put all the directories we expect to manage under say /proj/PID/.emulab and then leave behind symlinks for backward compat. That way they are more likely to just blow away the symlinks ("rm -f *") and not the actual directories.
Or maybe we just move all our stuff into a separate hierarchy not in /proj. But I don't know if that is feasible given that many of "our" directories are expected to appear on nodes.
Or we don't worry about it and rely on forthcoming ZFS snapshot-based backup (which will capture images) to provide short-term recovery.