ZFS snapshots and daily security checks
Lev Serebryakov
lev at FreeBSD.org
Mon Apr 8 09:49:06 UTC 2013
Hello, Jeremy.
You wrote 8 апреля 2013 г., 13:30:17:
JC> My theory is that your "pool" filesystem has the snapdir property as
JC> visible, and therefore all filesystems under pool (ex. "pool/home")
JC> would inherit the value.
Nope :) It is "hidden, default"
JC> Looking at the ZFS code, hidden **is** the default, even in r244958
JC> (which you're running):
JC> http://svnweb.freebsd.org/base/stable/9/sys/cddl/contrib/opensolaris/common/zfs/zfs_prop.c?view=annotate
JC> See line 218. The 3rd parameter, ZFS_SNAPDIR_HIDDEN, is what defines
JC> the default value.
Pool and FS was created long time ago :)
Ok, it is not very interesting, why it was set to "visible".
Now we understand why snapshots were "mounted" and why only `mount
-p' show them. Last question is how to make them mounted (to allow
users use them) and don't have bogus 25 line difference (24 hourly
snapshots and 1 daily snapshot) in each daily security report...
It looks like, I need simply add properly crafted "grep -v" to
security script
--
// Black Lion AKA Lev Serebryakov <lev at FreeBSD.org>
More information about the freebsd-fs
mailing list