#2568 closed defect (fixed)

Magic Folder: usability issues with 'tahoe magic-folder join'

Reported by: daira Owned by: daira
Priority: normal Milestone: undecided
Component: code-frontend-magic-folder Version: 1.10.1
Keywords: tahoe-magic-folder cli usability reliability review-needed Cc:
Launchpad Bug:

Description (last modified by daira)

While manually testing Magic Folder, I ran the commands for Alice to create+join a folder, and to invite Bob. Then I accidentally had Alice use Bob's invite code to join again. This didn't cause an error; it just overwrote Alice's private/magic_folder_dircap and [magic_folder]local.directory entry.

This is an easy mistake to make and could cause data loss. Alice has lost her write cap to her DMD, and there is no way to get it back (only a read cap to that directory is linked from the collective directory). Also, Alice's magic folder db will be inconsistent with the DMD that she is now using.

The above problem is easy to fix by making it an error for a client to join a magic folder when it has one already configured. (Perhaps a tahoe magic-folder leave command could be added; this would disable magic folder and also delete the magic folder db.)

A related but trickier problem is that if the invite code is used twice, then two clients will be writing to the same DMD. There's no way to enforce that an invite code is single-use, because join is a strictly local operation that has no side effects on the collective directory. This has some advantages --if you lose state but retain the invite code then you can re-join-- but is also a little error-prone.

Change History (18)

comment:1 Changed at 2015-11-05T00:57:57Z by daira

  • Description modified (diff)

comment:2 Changed at 2015-11-05T00:58:44Z by daira

  • Description modified (diff)
  • Owner changed from daira to dawuud

comment:3 Changed at 2015-11-05T16:27:33Z by dawuud

  • Owner changed from dawuud to daira

I created a simple "leave" command... and taught the join command to only join if not already joined: https://github.com/david415/tahoe-lafs/tree/2568.make-join-useable.0

Please review.

comment:4 Changed at 2015-11-06T14:59:31Z by dawuud

A missing feature from the above mentioned changeset is; the leave command must remove the magic-folder configuration section from the tahoe.cfg file.

Is there a set of helper functions for dealing with .cfg configuration files?

Last edited at 2015-12-02T02:27:33Z by daira (previous) (diff)

comment:6 Changed at 2015-12-02T02:28:18Z by daira

  • Keywords review-needed added
  • Status changed from new to assigned

Reviewing.

comment:8 follow-up: Changed at 2015-12-03T13:00:33Z by dawuud

  • Status changed from assigned to new

added more join + leave unit tests in the same dev branch. These test might be sufficient. Review needed.

comment:11 in reply to: ↑ 8 Changed at 2015-12-08T16:12:57Z by daira

Replying to dawuud:

added more join + leave unit tests in the same dev branch. These test might be sufficient. Review needed.

LGTM modulo comments on the commits in https://github.com/tahoe-lafs/tahoe-lafs/compare/2568.make-join-useable.1...david415:2568.make-join-useable.1.

comment:13 Changed at 2015-12-14T21:49:53Z by daira

Please rebase the branch onto 2438.magic-folder-stable.5 and open a new PR.

comment:14 Changed at 2015-12-14T21:50:14Z by daira

  • Owner changed from daira to dawuud

comment:15 Changed at 2015-12-17T11:22:59Z by dawuud

  • Owner changed from dawuud to daira

comment:16 Changed at 2015-12-21T21:40:54Z by daira

Pushed to 2438.magic-folder-stable.5.wip .

comment:17 Changed at 2015-12-21T22:19:21Z by daira

  • Resolution set to fixed
  • Status changed from new to closed

Pushed to 2438.magic-folder-stable.5 .

comment:18 Changed at 2016-07-21T21:32:36Z by Brian Warner <warner@…>

In cd1c1667/trunk:

Improve the error reporting for 'tahoe magic-folder join/leave'. refs #2568

Signed-off-by: Daira Hopwood <daira@…>

Note: See TracTickets for help on using tickets.