zfs in jail - cannot mount: Insufficient privileges
Łukasz Wąsikowski
lukasz at wasikowski.net
Tue Feb 5 18:33:08 UTC 2013
FreeBSD 9.1-STABLE r246099, zfs in jail, unprivileged user is unable to
mount dataset.
In jail:
# sysctl vfs.usermount security.jail.enforce_statfs
security.jail.mount_zfs_allowed security.jail.mount_allowed
security.jail.jailed
vfs.usermount: 1
security.jail.enforce_statfs: 0
security.jail.mount_zfs_allowed: 1
security.jail.mount_allowed: 1
security.jail.jailed: 1
# zfs allow jinx/jails/jtest/testset
---- Permissions on jinx/jails/jtest/testset -------------------------
Permission sets:
@testperms
clone,create,destroy,mount,quota,readonly,receive,rollback,send,snapshot
Local+Descendent permissions:
user testuser @testperms
# zfs get mountpoint jinx/jails/jtest/testset
NAME PROPERTY VALUE SOURCE
jinx/jails/jtest/testset mountpoint /testset local
# getfacl /testset
# file: /testset
# owner: testuser
# group: testuser
owner@:rwxp--aARWcCos:------:allow
group@:r-x---a-R-c--s:------:allow
everyone@:r-x---a-R-c--s:------:allow
# su - testuser
$ zfs create jinx/jails/jtest/testset/testdir
cannot mount 'jinx/jails/jtest/testset/testdir': Insufficient privileges
filesystem successfully created, but not mounted
Is it a bug or am I missing something? root can create dataset in this
jail without any problem:
# zfs create jinx/jails/jtest/testset/testdir2 && zfs list
jinx/jails/jtest/testset/testdir2
NAME USED AVAIL REFER MOUNTPOINT
jinx/jails/jtest/testset/testdir2 31K 18.4G 31K /testset/testdir2
On host user can create and mount dataset, problem appears only in jail.
--
best regards,
Lukasz Wasikowski
More information about the freebsd-fs
mailing list