verytmp

verytmp came out of a previous employer's problem with badly behaved programs that weren't cleaning up large temporary files. Inevitably, someone who had to work with that code - and usually not the person who wrote the code! - would fill up their tempdir and spend a few minutes or hours being extremely confused about why other programs were suddenly throwing errors.

Our local mad scientist realized that this was obviously a problem for linux namespaces, and verytmp was born. By using (abusing?) a private mount namespace, verytmp takes advantage of the fact that mount namespaces are garbage collected to give you a fully-functional in-memory filesystem that gets cleaned up when your process exits without relying on any userspace code. No more full /tmp, no more strange errors.

The code is here, and was a lot of fun to write. Because the goal is to create a detached mount namespace, you end up with a filesystem you can't reference with a absolute paths, which means that your API for accessing files and directories has to look a little bit different than the usual interfaces. Instead you end up with something a lot more like openat2 and friends, which was both a fun exercise in API design and a fun excuse to contribute openat2 bindings to the nix crate.