Comment by sedatk
3 years ago
I wonder why users were angry about some files in their temp folder. Did McAfee fail to cleanup those files, or were they too big?
Edit: more information here: https://www2.sqlite.org/cvstrac/wiki?p=McafeeProblem Apparently, McAfee kept those files locked when it was using them, so the files couldn't be deleted and people got angry that they couldn't clean them up. Sounds like a loud minority to me.
There's some level of power user that will try to fix things, not understand what's going on, and yell at the world when they break things further.
I used to have a popular freely available 3rd party DLL that was included in lots of software packages. Because I was silly, it had my email address in the metadata that'd show up if you clicked "Properties" in Explorer. I'd get plenty of emails from random people asking for and sometimes _demanding_ help with software I've never heard of. I'm sure if I had an easy to find website with my name and a forum on it, it'd be full of such angry comments.
> There's some level of power user that will try to fix things, not understand what's going on, and yell at the world when they break things further.
That appears to me to be quite like a Chesterton fence. Everyone encounters these eventually.
https://en.m.wiktionary.org/wiki/Chesterton%27s_fence
It's a good thing, that there's a clear instructional video on how to remove McAffee antivirus from your computer then:
https://www.youtube.com/watch?v=bKgf5PaBzyg
(yes, it's the funny one)
In Linux, these files are unlinked, so they are invisible in the filesystem. It is legal to unlink an active file descriptor, but continue reads/writes to it.
I think that lsof can still see these temporary files; I'm not sure how I first noticed it.
Windows implements a POSIX kernel layer, so perhaps this functionality could be coaxed out of it.
I knew two guys long long ago that used to circumvent the per user disk quota on shared machines, which was tiny and not conducive to power users. One found a deep dark corner of the file system, and used it to hold binaries the rest of us used. I think his idea was that if it wasn’t for personal gain it was easier to answer difficult questions, which at some point came up and he got a pass, since it would take more disk space if we had private copies.
The other was keeping file handles open to deleted files, as you describe. I don’t recall how this worked, but I suspect it involved uncompressing data into a file descriptor, then reading it back. I guess as long as his terminal window was open it was more stable than tmp (he may have also been using screen).
> I don’t recall how this worked
Unlinking files reduces their reference count. Once the reference count reaches zero the file is considered deleted and the space can be reclaimed. Every open file descriptor and hard link increases a file's reference count. So if you've got a file descriptor open on a file in a background task (daemon, nohup, screen, etc) and unlink it with rm or something the file's reference count will decrement but not go to zero. Only when that program closes the file descriptor will the reference count go to zero and the file actually be deleted.
1 reply →
If a file is opened with `FILE_SHARE_DELETE` then it can be deleted while held open. This flag has existed since forever. It's just that unlike Linux this isn't the default, and no developer would think of setting it. I think the only common software I saw using it when I still used Windows was the media player mpv.
When youtube was flash based that is how flash would save it's cache file for the stream. to save a video you would go looking for what file descriptors were in use and yank them out of I believe /dev/fd and back into the filesystem. On windows the file was visible but locked behind the normal windows file locking shenanigans. To copy locked files on windows I used a program called hobocopy that utilized volume shadow tricks to work around the locks.
Apparently, recent Windows uses POSIX semantics by default: https://news.ycombinator.com/item?id=23745019
lsof shows “open file handles” which can include deleted files. Can be useful when you have a disk showing tons of usage but you can’t find any big files.
> Sounds like a loud minority to me.
Imagine for a moment the cross section of Windows users that 1) have McAfee running 2) poke around the Windows temp folders and/or run some sort of "cleaner" to "optimize" their system and 3) don't recognize the name "sqlite". I can imagine the exact type of user, peak Dunning-Kruger and utterly insufferable. Even just seeing their e-mails before deleting them would be maddening. I think most people on HN can vividly imagine the sort or remember back when they were that insufferable twat.
I was that person once. I was 12 and couldn't understand why MS-DOS disk maintenance tools shouldn't be used on PC-DOS because obviously repair tools can only fix things
That's interesting. Some DOS clones had a different FAT format?
Children really are peak Dunning-Kruger.