zfs - no access to a Mac OS X zfs pool without root privileges
Jeremy Chadwick
koitsu at FreeBSD.org
Fri Aug 8 11:26:13 UTC 2008
On Fri, Aug 08, 2008 at 01:01:27PM +0200, Gary Jennejohn wrote:
> On Thu, 7 Aug 2008 20:39:02 -0700
> Jeremy Chadwick <koitsu at FreeBSD.org> wrote:
>
> > On Thu, Aug 07, 2008 at 08:40:55PM +0300, Boris Kotzev wrote:
> [snip]
> > > macpool aclinherit restricted default
> > > macpool canmount on default
> > > macpool shareiscsi off default
> > > macpool xattr off temporary
> > > macpool copies 1 default
> > > macpool version 1 -
> > > macpool utf8only off -
> > > macpool normalization none -
> > > macpool casesensitivity sensitive -
> > > macpool vscan off default
> > > macpool nbmand off default
> > > macpool sharesmb off default
> > > macpool refquota none default
> > > macpool refreservation none default
> >
> > It's interesting to note that your filesystem has a significantly larger
> > number of properties returned than mine. I wonder if the ZFS code has
> > support for those properties on FreeBSD, but they simply aren't listed.
> > Or maybe the patch you're using adds all of them? I don't know.
> >
> > Anyway, the property that may be relevant is aclinherit. The zfs(1)
> > manpage on FreeBSD makes no mention of what "restricted" means for
> > property "aclinherit". I believe it may be the source of the problem.
> >
> > A ZFS filesystem made on FreeBSD has a different value for that
> > property. I explicitly enabled compression on the below fs, BTW, which
> > is why that value is not the default value:
>
> No, it doesn't necessarily. Here the output from a ZFS FS made with
> FreeBSD but using the old version 6 ZFS:
>
> root:peedub:~:bash:1> zfs get all mirpool
> NAME PROPERTY VALUE SOURCE
> mirpool type filesystem -
> mirpool creation Sat Nov 24 17:53 2007 -
> mirpool used 141G -
> mirpool available 316G -
> mirpool referenced 18K -
> mirpool compressratio 1.00x -
> mirpool mounted yes -
> mirpool quota none default
> mirpool reservation none default
> mirpool recordsize 128K default
> mirpool mountpoint /mirpool default
> mirpool sharenfs off local
> mirpool checksum on default
> mirpool compression off default
> mirpool atime on default
> mirpool devices on default
> mirpool exec on default
> mirpool setuid on default
> mirpool readonly off default
> mirpool jailed off default
> mirpool snapdir hidden default
> mirpool aclmode groupmask default
> mirpool aclinherit restricted default <==
> mirpool canmount on default
> mirpool shareiscsi off default
> mirpool xattr off temporary
> mirpool copies 1 default
> mirpool version 1 -
> mirpool utf8only off -
> mirpool normalization none -
> mirpool casesensitivity sensitive -
> mirpool vscan off default
> mirpool nbmand off default
> mirpool sharesmb off default
> mirpool refquota none default
> mirpool refreservation none default
>
> root:peedub:~:bash:2> zfs set aclinherit=secure mirpool
> property 'aclinherit' not supported on FreeBSD: permission denied
>
> Apparently it's not really used.
You need to remember the individual is using the patch on CURRENT
provided by pjd, which bring ZFS up to the latest OpenSolaris version.
It's possible on that version it *is* implemented; I do not know.
Based on the manpage description for aclinherit, that option could
definitely cause what he's seeing.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-fs
mailing list