Filenail: Working with incomplete filesystem state

Abstract

The use of filesystems has become a standard, with a purpose well beyond just storing and accessing application data. For instance, common system security and compliance operations, sush as software or package installation, system and application configurations or process management also leverage a filesystem. Over decades, various system management and security tools have been designed to access system state and to implement their respective functions through a file interface. However, we observe that these tools do not require access to all the files in the filesystem and in some cases they can even work with incomplete file contents. Motivated by these observations, we propose filenail (or Filesystem Thumbnail) a system that exercises an incomplete filesystem state marshalling and un-marshalling protocol. We discuss the use of filenail to implement an effective and optimal disaggregated solution to perform common system security tasks for container clouds. In general, depending on the use-case not all the files in the filesystem are equal and that incomplete filesystem state can be often enough. The results of this paper show filenail is very efficient in capturing and transferring filesystem state of systems and enables implementing disaggregated security solutions in the cloud.