ZFS snapdir readability (Crosspost)

Jan Behrens jbe-mlist at magnetkern.de
Thu Nov 21 16:49:45 UTC 2019

On Thu, 21 Nov 2019 11:19:28 GMT
Martin Simmons <martin at lispworks.com> wrote:

> > Mounting is not the same as cloning and mounting. But you are right: If
> > snapshots are cloned first, you can specify the mountpoint. But then
> > you are mounting a new file system and not a snapshot technically.
> > Which brings us back to option (a) never mount snapshots ever ;-)
> > 
> > Given that we can prohibit the automounting of all snapshots, it would
> > be a nice workaround which would not have too much overhead.
> Can't you already achieve (d) using /sbin/mount?
> __Martin

Thanks for pointing that out, I didn't know. It works on my system
(FreeBSD 12.0).

mount -t zfs filesystem at snapshot /mnt

"-o ro" is optional, in either case it is mounted read-only.

Thus, if auto-mounting of the snapshots in .zfs/snapshot can somehow be
disabled (or if access to .zfs can be restricted to root), it would be
possible to mount snapshots in such way that only certain users can
access them.

mkdir /protected
mkdir /protected/mnt
chgrp snapreaders /protected
chmod 770 /protected
mount -t zfs -o ro filesystem at snapshot /protected/mnt

It's not nice to have the extra parent directory (/protected) but at
least it would work.

Of course, this requires that access to .zfs/snapshot is prohibited for
non-privileged users (or that snapshot automounting is disabled), as
the solution is pointless if users can circumvent access restrictions
by accessing .zfs/snapshot/.

As far as I know, there is no way to disable having .zfs/snapshot
readable by everyone, is that correct?


More information about the freebsd-fs mailing list