Any plans for EC2 AMIs with RootOnZFS?
Miroslav Lachman
000.fbsd at quip.cz
Sat Jan 5 22:14:28 UTC 2019
Ben Woods wrote on 2019/01/05 13:39:
> On Fri, 28 Dec 2018 at 12:43, Colin Percival<cperciva at tarsnap.com> wrote:
>
>> I've created an experimental FreeBSD 12.0 ZFS AMI in the us-east-1 region:
>> ami-0786f5b55d5aa573f
>>
>> Since I'm basically a ZFS newbie (I run it on my laptop, but only with the
>> default setup from the installer, and I've never used any of the fancy ZFS
>> features) I don't know if I've set everything up properly. So far I have
>> one piece of feedback, which is that I should have marked canmount=off for
>> zroot.
>>
> Hi Colin,
>
> Thanks a lot for doing this - much appreciated.
>
> I have just given it a try, and have the following feedback for you:
>
> 1. ZFS DATASETS AND PROPERTIES SHOULD MATCH INSTALLER DEFAULT
> To avoid any confusion or unexpected behaviour, I believe the list of ZFS
> datasets and their properties should exactly match the bsdinstall defaults
> (especially for releases).
> zpool create:
> https://svnweb.freebsd.org/base/head/usr.sbin/bsdinstall/scripts/zfsboot?revision=342283&view=markup#l1308
> zfs datasets and properties:
> https://svnweb.freebsd.org/base/head/usr.sbin/bsdinstall/scripts/zfsboot?revision=342283&view=markup#l141
>
> Looking at how you created the zpool and zfs datasets (using the "zpool
> history zroot" command), the following changes would achieve this outcome:
> --- zfs-commands.old
> +++ zfs-commands.new
> @@ -1,19 +1,15 @@
> -zpool create -o altroot=/mnt zroot ada0p2
> -zfs set compress=on zroot
> +zpool create -o altroot=/mnt -O compress=lz4 -O atime=off -m none -f zroot
> ada0p2
> zfs create -o mountpoint=none zroot/ROOT
> zfs create -o mountpoint=/ -o canmount=noauto zroot/ROOT/default
> zfs create -o mountpoint=/tmp -o exec=on -o setuid=off zroot/tmp
> -zfs create -o canmount=off -o mountpoint=/usr zroot/usr
> +zfs create -o mountpoint=/usr -o canmount=off zroot/usr
> zfs create zroot/usr/home
> -zfs create -o exec=off -o setuid=off zroot/usr/src
> -zfs create zroot/usr/obj
> -zfs create -o mountpoint=/usr/ports -o setuid=off zroot/usr/ports
> -zfs create -o exec=off -o setuid=off zroot/usr/ports/distfiles
> -zfs create -o exec=off -o setuid=off zroot/usr/ports/packages
> -zfs create -o canmount=off -o mountpoint=/var zroot/var
> +zfs create -o setuid=off zroot/usr/ports
> +zfs create zroot/usr/src
> +zfs create -o mountpoint=/var -o canmount=off zroot/var
> zfs create -o exec=off -o setuid=off zroot/var/audit
> zfs create -o exec=off -o setuid=off zroot/var/crash
> zfs create -o exec=off -o setuid=off zroot/var/log
> -zfs create -o atime=on -o exec=off -o setuid=off zroot/var/mail
> -zfs create -o exec=on -o setuid=off zroot/var/tmp
> +zfs create -o atime=on zroot/var/mail
> +zfs create -o setuid=off zroot/var/tmp
> zpool set bootfs=zroot/ROOT/default zroot
I think the opposite - bsdinstall shoul be fixed to use exec=off and
setuid=off.
Just my $0.02
Miroslav Lachman
More information about the freebsd-fs
mailing list