Sam Gentle.com

Transactional shell

Here's a neat idea I had today: a transactional system shell. Once or twice I've accidentally nuked some files I wished I'd kept around, or overwritten something by accident. On desktop OSes the way that's solved is by making destructive operations actually non-destructive in various ways, like a special trash folder or OS X's version history system. But when you're using commands on a shell, there's no such protection available.

One option that I've started using is change the default to confirm before you delete or overwrite files, but it's a bit annoying. Worse still you train yourself in the habit of just hitting yes every time, which means it's inevitably going to lead to confirming by accident sometime too. Instead, you could use an overlay filesystem: a small filesystem just containing the changes you've made. When you start a transaction, all changes from that point happen in the overlay filesystem, and when you're ready you can commit them for good.

The nice thing about this is that, on top of protecting you from yourself, it would also provide a safer environment for running other people's shell scripts. If you run a script or a command in a transaction, you could confirm what changes it's made afterwards and decide whether it's done what you expect. Even if it has, it's nice to know exactly what changes have happened.

All the other software in my life seems to have gone to a safe-with-undo-by-default system, so it'd be great to see shells get there too.