From owner-freebsd-fs@freebsd.org Sun May 20 22:29:41 2018 Return-Path: Delivered-To: freebsd-fs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0ED09EF2040 for ; Sun, 20 May 2018 22:29:41 +0000 (UTC) (envelope-from peter@rulingia.com) Received: from vtr.rulingia.com (vtr.rulingia.com [IPv6:2001:19f0:5801:ebe:5400:1ff:fe53:30fd]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vtr.rulingia.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 40E7F740F2 for ; Sun, 20 May 2018 22:29:39 +0000 (UTC) (envelope-from peter@rulingia.com) Received: from server.rulingia.com (ppp59-167-167-3.static.internode.on.net [59.167.167.3]) by vtr.rulingia.com (8.15.2/8.15.2) with ESMTPS id w4KMTT57055328 (version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256 verify=OK); Mon, 21 May 2018 08:29:35 +1000 (AEST) (envelope-from peter@rulingia.com) X-Bogosity: Ham, spamicity=0.000000 Received: from server.rulingia.com (localhost.rulingia.com [127.0.0.1]) by server.rulingia.com (8.15.2/8.15.2) with ESMTPS id w4KMTN3D047724 (version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256 verify=NO); Mon, 21 May 2018 08:29:24 +1000 (AEST) (envelope-from peter@server.rulingia.com) Received: (from peter@localhost) by server.rulingia.com (8.15.2/8.15.2/Submit) id w4KMTNfO047723; Mon, 21 May 2018 08:29:23 +1000 (AEST) (envelope-from peter) Date: Mon, 21 May 2018 08:29:23 +1000 From: Peter Jeremy To: Alex Aminoff Cc: freebsd-fs@freebsd.org Subject: Re: Can one remove a specific file from all snapshots? Message-ID: <20180520222923.GA47588@server.rulingia.com> References: <38792b3b-04db-0c7f-c9a4-3f55b908a427@nber.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <38792b3b-04db-0c7f-c9a4-3f55b908a427@nber.org> User-Agent: Mutt/1.9.5 (2018-04-13) X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 May 2018 22:29:41 -0000 On 2018-May-18 16:17:33 -0400, Alex Aminoff wrote: >The use case here is that we have data sets of sensitive data that we >are contractually obligated to delete with no backups at a certain point >in time. The datasets are stored on a ZFS filesystem (on a truenas from >IxSystems as it happens). The snapshots are kept for 15 days, so at the >moment we have to rm the files 15 days before the deadline to be >compliant. Is there a way to delete a specific file from the live >filesystem as well as all the snapshots? A potential alternative to having the sensitive data on a filesystem with a different snapshot schedule might be to encrypt the sensitive data and then destroy the keys at the appropriate deadline. This doesn't change the general problem but reduces the amount of sensitive data that needs to be managed and destroyed - which be easier. -- Peter Jeremy