Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 May 2018 08:29:23 +1000
From:      Peter Jeremy <peter@rulingia.com>
To:        Alex Aminoff <aminoff@nber.org>
Cc:        freebsd-fs@freebsd.org
Subject:   Re: Can one remove a specific file from all snapshots?
Message-ID:  <20180520222923.GA47588@server.rulingia.com>
In-Reply-To: <38792b3b-04db-0c7f-c9a4-3f55b908a427@nber.org>
References:  <38792b3b-04db-0c7f-c9a4-3f55b908a427@nber.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 2018-May-18 16:17:33 -0400, Alex Aminoff <aminoff@nber.org> wrote:
>The use case here is that we have data sets of sensitive data that we 
>are contractually obligated to delete with no backups at a certain point 
>in time. The datasets are stored on a ZFS filesystem (on a truenas from 
>IxSystems as it happens). The snapshots are kept for 15 days, so at the 
>moment we have to rm the files 15 days before the deadline to be 
>compliant. Is there a way to delete a specific file from the live 
>filesystem as well as all the snapshots?

A potential alternative to having the sensitive data on a filesystem with a
different snapshot schedule might be to encrypt the sensitive data and then
destroy the keys at the appropriate deadline.  This doesn't change the general
problem but reduces the amount of sensitive data that needs to be managed and
destroyed - which be easier.

-- 
Peter Jeremy



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180520222923.GA47588>