Mounting a ZFS snapshot by another user

Guillermo Marcus guillermo.marcus at gmail.com
Wed May 28 20:17:20 UTC 2014 

Hi all,

I am using ZFS in a FreeBSD 10.0-RELEASE (10.0-RELEASE FreeBSD 10.0-RELEASE #0 r260789). I setup some scripts to create snapshots of my ZFS pool at regular intervals, and then another script to mount the latest snapshot of each dataset in the pool to a specific location, recreating a snapshot of my pool for backup. The goal is to use Bacula to always backup the snapshot, to avoid data being in an inconsistent state. The mount script is then executed by the bacula user at the beginning of the backup job. The scripts work fine, but I have an issue with the script being executed by the backup user and not the pool owner.

So I set up the delegation of the pool to:

---- Permissions on tank --------------------------------------------
Permission sets:
   @bacula aclinherit,clone,create,destroy,mount,mountpoint,readonly,sharenfs,userprop
Create time permissions:
   clone,create,destroy
Local+Descendent permissions:
   user bacula @bacula


I also set up the VFS sysctl:

vfs.usermount: 1


and finally, I grant full ACL access to the bacula user to the pool file system:

# file: /tank
# owner: dataowner
# group: dataowner
       user:bacula:rwxpDdaARWcCos:fd----:allow
            owner@:rwxp--aARWcCos:------:allow
            group@:r-x---a-R-c--s:------:allow
         everyone@:r-x---a-R-c--s:------:allow


Here is the thing: it works only partially. Apparently, it requires that the mount point of the dataset be owned by the bacula user and not dataowner, even when the user bacula has full access. Example:

To mount a dataset by user bacula: su -m bacula -c "zfs clone -o readonly=on -o mountpoint=/tank/latest-snapshot tank/dataset1 at snapN", one of two things will happen: if /tank/latest-snapshot does not exist, it will be created, owned by user bacula. However, if /tank/latest-snapshot exists in the parent dataset (where it is owned by dataowner), it will fail with "Insufficient privileges", even when the user bacula is given full access by the ACL. If I change the owner of the mount point it works correctly.

Can anyone explain what I am missing?

Thanks in advance.

PS: as why this will be an issue: This will extrapolate to a big issue when mounting hierarchical datasets with different owners in my snapshots, and I cannot change the ownership of a mountpoint inside a snapshot because it is readonly.

Best Regards,
G. Marcus

More information about the freebsd-questions mailing list