MDS File (Linux)
In addition to CTE-LDT attributes, the CTE-LDT process on Linux requires persistent storage for additional metadata related to encrypting, or rekeying, files in GuardPoints. CTE-LDT allocates the storage space as soon as the CTE-LDT process starts on a GuardPoint. It maintains this storage space during the entire transformation process, until the GuardPoint is completely transformed.
Storage for this metadata is allocated and managed in a special file, called the MDS (metadata store) file. The MDS file resides inside a GuardPoint directory so each GuardPoint has its own MDS file.
The MDS file is a CTE protected file with the name ::vorm:mds::
. For example:
ls -l /oxf-fs1/gp1/::vorm:mds::
-rwxr-xr-x. 1 root root 31754474496 Dec 8 09:09 /oxf-fs1/::vorm:mds::
du -B 1024 /oxf-fs1/gp1/::vorm:mds::
25056 /oxf-fs1/::vorm:mds::
As shown above, the MDS file is sparse. In the example, the file size is approximately 30GB, however the file is allocated with approximately 25MB of disk storage. CTE-LDT automatically creates the MDS file the first time the CTE-LDT process starts on any GuardPoint in the file system namespace. It populates the MDS file with all of the metadata for the GuardPoint at the beginning of the CTE-LDT process. Disk space allocated to the MDS file is freed and the MDS file in the GuardPoint directory is removed when the CTE-LDT process completes on the GuardPoint.
The MDS file is protected. You cannot remove it unless the administrator runs the voradmin command to manually remove the MDS file once it is no longer needed. See Deleting CTE-LDT Metadata (Linux) for more information.
CTE-LDT automatically allocates and deallocates disk space for the MDS file as part of the CTE-LDT process. Deallocation of disk space for a GuardPoint does not change the MDS file size, although it frees the disk blocks. MDS files are sparse and very large in size. The MDS file is automatically removed from GuardPoints when the files have been successfully rekeyed.