diff --git a/lib/libshare/Makefile.am b/lib/libshare/Makefile.am index 1439b33ac804..04710564324b 100644 --- a/lib/libshare/Makefile.am +++ b/lib/libshare/Makefile.am @@ -1,13 +1,15 @@ include $(top_srcdir)/config/Rules.am DEFAULT_INCLUDES += \ -I$(top_srcdir)/include \ -I$(top_srcdir)/lib/libspl/include noinst_LTLIBRARIES = libshare.la libshare_la_SOURCES = \ + $(top_srcdir)/lib/libshare/libshare_impl.h \ $(top_srcdir)/lib/libshare/libshare.c \ $(top_srcdir)/lib/libshare/nfs.c \ - $(top_srcdir)/lib/libshare/libshare_impl.h \ - $(top_srcdir)/lib/libshare/nfs.h + $(top_srcdir)/lib/libshare/nfs.h \ + $(top_srcdir)/lib/libshare/smb.c \ + $(top_srcdir)/lib/libshare/smb.h diff --git a/lib/libshare/libshare.c b/lib/libshare/libshare.c index c34e83919402..6b39ba8724e2 100644 --- a/lib/libshare/libshare.c +++ b/lib/libshare/libshare.c @@ -1,810 +1,812 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2011 Gunnar Beutner */ #include #include #include #include #include #include #include #include #include #include #include "libshare_impl.h" #include "nfs.h" +#include "smb.h" static sa_share_impl_t find_share(sa_handle_impl_t handle, const char *sharepath); static sa_share_impl_t alloc_share(const char *sharepath); static void free_share(sa_share_impl_t share); static void parse_sharetab(sa_handle_impl_t impl_handle); static int process_share(sa_handle_impl_t impl_handle, sa_share_impl_t impl_share, char *pathname, char *resource, char *fstype, char *options, char *description, char *dataset, boolean_t from_sharetab); static void update_sharetab(sa_handle_impl_t impl_handle); static int update_zfs_share(sa_share_impl_t impl_handle, const char *proto); static int update_zfs_shares(sa_handle_impl_t impl_handle, const char *proto); static int fstypes_count; static sa_fstype_t *fstypes; sa_fstype_t * register_fstype(const char *name, const sa_share_ops_t *ops) { sa_fstype_t *fstype; fstype = calloc(sizeof (sa_fstype_t), 1); if (fstype == NULL) return NULL; fstype->name = name; fstype->ops = ops; fstype->fsinfo_index = fstypes_count; fstypes_count++; fstype->next = fstypes; fstypes = fstype; return fstype; } sa_handle_t sa_init(int init_service) { sa_handle_impl_t impl_handle; impl_handle = calloc(sizeof (struct sa_handle_impl), 1); if (impl_handle == NULL) return NULL; impl_handle->zfs_libhandle = libzfs_init(); if (impl_handle->zfs_libhandle != NULL) { libzfs_print_on_error(impl_handle->zfs_libhandle, B_TRUE); } parse_sharetab(impl_handle); update_zfs_shares(impl_handle, NULL); return ((sa_handle_t)impl_handle); } __attribute__((constructor)) static void libshare_init(void) { libshare_nfs_init(); + libshare_smb_init(); /* * This bit causes /etc/dfs/sharetab to be updated before libzfs gets a * chance to read that file; this is necessary because the sharetab file * might be out of sync with the NFS kernel exports (e.g. due to reboots * or users manually removing shares) */ sa_fini(sa_init(0)); } static void parse_sharetab(sa_handle_impl_t impl_handle) { FILE *fp; char line[512]; char *eol, *pathname, *resource, *fstype, *options, *description; fp = fopen("/etc/dfs/sharetab", "r"); if (fp == NULL) return; while (fgets(line, sizeof (line), fp) != NULL) { eol = line + strlen(line) - 1; while (eol >= line) { if (*eol != '\r' && *eol != '\n') break; *eol = '\0'; eol--; } pathname = line; if ((resource = strchr(pathname, '\t')) == NULL) continue; *resource = '\0'; resource++; if ((fstype = strchr(resource, '\t')) == NULL) continue; *fstype = '\0'; fstype++; if ((options = strchr(fstype, '\t')) == NULL) continue; *options = '\0'; options++; if ((description = strchr(fstype, '\t')) != NULL) { *description = '\0'; description++; } if (strcmp(resource, "-") == 0) resource = NULL; (void) process_share(impl_handle, NULL, pathname, resource, fstype, options, description, NULL, B_TRUE); } fclose(fp); } static void update_sharetab(sa_handle_impl_t impl_handle) { sa_share_impl_t impl_share; int temp_fd; FILE *temp_fp; char tempfile[] = "/etc/dfs/sharetab.XXXXXX"; sa_fstype_t *fstype; const char *resource; if (mkdir("/etc/dfs", 0755) < 0 && errno != EEXIST) { return; } temp_fd = mkstemp(tempfile); if (temp_fd < 0) return; temp_fp = fdopen(temp_fd, "w"); if (temp_fp == NULL) return; impl_share = impl_handle->shares; while (impl_share != NULL) { fstype = fstypes; while (fstype != NULL) { if (FSINFO(impl_share, fstype)->active && FSINFO(impl_share, fstype)->shareopts != NULL) { resource = FSINFO(impl_share, fstype)->resource; if (resource == NULL) resource = "-"; fprintf(temp_fp, "%s\t%s\t%s\t%s\n", impl_share->sharepath, resource, fstype->name, FSINFO(impl_share, fstype)->shareopts); } fstype = fstype->next; } impl_share = impl_share->next; } fflush(temp_fp); fsync(temp_fd); fclose(temp_fp); rename(tempfile, "/etc/dfs/sharetab"); } typedef struct update_cookie_s { sa_handle_impl_t handle; const char *proto; } update_cookie_t; static int update_zfs_shares_cb(zfs_handle_t *zhp, void *pcookie) { update_cookie_t *udata = (update_cookie_t *)pcookie; char mountpoint[ZFS_MAXPROPLEN]; char shareopts[ZFS_MAXPROPLEN]; char *dataset; zfs_type_t type = zfs_get_type(zhp); if (type == ZFS_TYPE_FILESYSTEM && zfs_iter_filesystems(zhp, update_zfs_shares_cb, pcookie) != 0) { zfs_close(zhp); return 1; } if (type != ZFS_TYPE_FILESYSTEM) { zfs_close(zhp); return 0; } if (zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, mountpoint, sizeof (mountpoint), NULL, NULL, 0, B_FALSE) != 0) { zfs_close(zhp); return 0; } dataset = (char *)zfs_get_name(zhp); if (dataset == NULL) { zfs_close(zhp); return 0; } if (!zfs_is_mounted(zhp, NULL)) { zfs_close(zhp); return 0; } if ((udata->proto == NULL || strcmp(udata->proto, "nfs") == 0) && zfs_prop_get(zhp, ZFS_PROP_SHARENFS, shareopts, sizeof (shareopts), NULL, NULL, 0, B_FALSE) == 0 && strcmp(shareopts, "off") != 0) { (void) process_share(udata->handle, NULL, mountpoint, NULL, "nfs", shareopts, NULL, dataset, B_FALSE); } if ((udata->proto == NULL || strcmp(udata->proto, "smb") == 0) && zfs_prop_get(zhp, ZFS_PROP_SHARESMB, shareopts, sizeof (shareopts), NULL, NULL, 0, B_FALSE) == 0 && strcmp(shareopts, "off") != 0) { (void) process_share(udata->handle, NULL, mountpoint, NULL, "smb", shareopts, NULL, dataset, B_FALSE); } zfs_close(zhp); return 0; } static int update_zfs_share(sa_share_impl_t impl_share, const char *proto) { sa_handle_impl_t impl_handle = impl_share->handle; zfs_handle_t *zhp; update_cookie_t udata; if (impl_handle->zfs_libhandle == NULL) return SA_SYSTEM_ERR; assert(impl_share->dataset != NULL); zhp = zfs_open(impl_share->handle->zfs_libhandle, impl_share->dataset, ZFS_TYPE_FILESYSTEM); if (zhp == NULL) return SA_SYSTEM_ERR; udata.handle = impl_handle; udata.proto = proto; (void) update_zfs_shares_cb(zhp, &udata); return SA_OK; } static int update_zfs_shares(sa_handle_impl_t impl_handle, const char *proto) { update_cookie_t udata; if (impl_handle->zfs_libhandle == NULL) return SA_SYSTEM_ERR; udata.handle = impl_handle; udata.proto = proto; (void) zfs_iter_root(impl_handle->zfs_libhandle, update_zfs_shares_cb, &udata); return SA_OK; } static int process_share(sa_handle_impl_t impl_handle, sa_share_impl_t impl_share, char *pathname, char *resource, char *proto, char *options, char *description, char *dataset, boolean_t from_sharetab) { struct stat statbuf; int rc; char *resource_dup = NULL, *dataset_dup = NULL; boolean_t new_share; sa_fstype_t *fstype; new_share = B_FALSE; if (impl_share == NULL) impl_share = find_share(impl_handle, pathname); if (impl_share == NULL) { if (lstat(pathname, &statbuf) != 0 || !S_ISDIR(statbuf.st_mode)) return SA_BAD_PATH; impl_share = alloc_share(pathname); if (impl_share == NULL) { rc = SA_NO_MEMORY; goto err; } new_share = B_TRUE; } if (dataset != NULL) { dataset_dup = strdup(dataset); if (dataset_dup == NULL) { rc = SA_NO_MEMORY; goto err; } } free(impl_share->dataset); impl_share->dataset = dataset_dup; rc = SA_INVALID_PROTOCOL; fstype = fstypes; while (fstype != NULL) { if (strcmp(fstype->name, proto) == 0) { if (resource != NULL) { resource_dup = strdup(resource); if (resource_dup == NULL) { rc = SA_NO_MEMORY; goto err; } } free(FSINFO(impl_share, fstype)->resource); FSINFO(impl_share, fstype)->resource = resource_dup; rc = fstype->ops->update_shareopts(impl_share, resource, options); if (rc == SA_OK && from_sharetab) FSINFO(impl_share, fstype)->active = B_TRUE; break; } fstype = fstype->next; } if (rc != SA_OK) goto err; if (new_share) { impl_share->handle = impl_handle; impl_share->next = impl_handle->shares; impl_handle->shares = impl_share; } err: if (rc != SA_OK) { if (new_share) free_share(impl_share); } return rc; } void sa_fini(sa_handle_t handle) { sa_handle_impl_t impl_handle = (sa_handle_impl_t)handle; sa_share_impl_t impl_share, next; sa_share_impl_t *pcurr; if (impl_handle == NULL) return; /* * clean up shares which don't have a non-NULL dataset property, * which means they're in sharetab but we couldn't find their * ZFS dataset. */ pcurr = &(impl_handle->shares); impl_share = *pcurr; while (impl_share != NULL) { next = impl_share->next; if (impl_share->dataset == NULL) { /* remove item from the linked list */ *pcurr = next; sa_disable_share(impl_share, NULL); free_share(impl_share); } else { pcurr = &(impl_share->next); } impl_share = next; } update_sharetab(impl_handle); if (impl_handle->zfs_libhandle != NULL) libzfs_fini(impl_handle->zfs_libhandle); impl_share = impl_handle->shares; while (impl_share != NULL) { next = impl_share->next; free_share(impl_share); impl_share = next; } free(impl_handle); } static sa_share_impl_t find_share(sa_handle_impl_t impl_handle, const char *sharepath) { sa_share_impl_t impl_share; impl_share = impl_handle->shares; while (impl_share != NULL) { if (strcmp(impl_share->sharepath, sharepath) == 0) { break; } impl_share = impl_share->next; } return impl_share; } sa_share_t sa_find_share(sa_handle_t handle, char *sharepath) { return (sa_share_t)find_share((sa_handle_impl_t)handle, sharepath); } int sa_enable_share(sa_share_t share, char *protocol) { sa_share_impl_t impl_share = (sa_share_impl_t)share; int rc, ret; boolean_t found_protocol; sa_fstype_t *fstype; #ifdef DEBUG fprintf(stderr, "sa_enable_share: share->sharepath=%s, protocol=%s\n", impl_share->sharepath, protocol); #endif assert(impl_share->handle != NULL); ret = SA_OK; found_protocol = B_FALSE; fstype = fstypes; while (fstype != NULL) { if (protocol == NULL || strcmp(fstype->name, protocol) == 0) { update_zfs_share(impl_share, fstype->name); rc = fstype->ops->enable_share(impl_share); if (rc != SA_OK) ret = rc; else FSINFO(impl_share, fstype)->active = B_TRUE; found_protocol = B_TRUE; } fstype = fstype->next; } update_sharetab(impl_share->handle); return (found_protocol ? ret : SA_INVALID_PROTOCOL); } int sa_disable_share(sa_share_t share, char *protocol) { sa_share_impl_t impl_share = (sa_share_impl_t)share; int rc, ret; boolean_t found_protocol; sa_fstype_t *fstype; #ifdef DEBUG fprintf(stderr, "sa_disable_share: share->sharepath=%s, protocol=%s\n", impl_share->sharepath, protocol); #endif ret = SA_OK; found_protocol = B_FALSE; fstype = fstypes; while (fstype != NULL) { if (protocol == NULL || strcmp(fstype->name, protocol) == 0) { rc = fstype->ops->disable_share(impl_share); if (rc == SA_OK) { fstype->ops->clear_shareopts(impl_share); FSINFO(impl_share, fstype)->active = B_FALSE; } else ret = rc; found_protocol = B_TRUE; } fstype = fstype->next; } update_sharetab(impl_share->handle); return (found_protocol ? ret : SA_INVALID_PROTOCOL); } /* * sa_errorstr(err) * * convert an error value to an error string */ char * sa_errorstr(int err) { static char errstr[32]; char *ret = NULL; switch (err) { case SA_OK: ret = dgettext(TEXT_DOMAIN, "ok"); break; case SA_NO_SUCH_PATH: ret = dgettext(TEXT_DOMAIN, "path doesn't exist"); break; case SA_NO_MEMORY: ret = dgettext(TEXT_DOMAIN, "no memory"); break; case SA_DUPLICATE_NAME: ret = dgettext(TEXT_DOMAIN, "name in use"); break; case SA_BAD_PATH: ret = dgettext(TEXT_DOMAIN, "bad path"); break; case SA_NO_SUCH_GROUP: ret = dgettext(TEXT_DOMAIN, "no such group"); break; case SA_CONFIG_ERR: ret = dgettext(TEXT_DOMAIN, "configuration error"); break; case SA_SYSTEM_ERR: ret = dgettext(TEXT_DOMAIN, "system error"); break; case SA_SYNTAX_ERR: ret = dgettext(TEXT_DOMAIN, "syntax error"); break; case SA_NO_PERMISSION: ret = dgettext(TEXT_DOMAIN, "no permission"); break; case SA_BUSY: ret = dgettext(TEXT_DOMAIN, "busy"); break; case SA_NO_SUCH_PROP: ret = dgettext(TEXT_DOMAIN, "no such property"); break; case SA_INVALID_NAME: ret = dgettext(TEXT_DOMAIN, "invalid name"); break; case SA_INVALID_PROTOCOL: ret = dgettext(TEXT_DOMAIN, "invalid protocol"); break; case SA_NOT_ALLOWED: ret = dgettext(TEXT_DOMAIN, "operation not allowed"); break; case SA_BAD_VALUE: ret = dgettext(TEXT_DOMAIN, "bad property value"); break; case SA_INVALID_SECURITY: ret = dgettext(TEXT_DOMAIN, "invalid security type"); break; case SA_NO_SUCH_SECURITY: ret = dgettext(TEXT_DOMAIN, "security type not found"); break; case SA_VALUE_CONFLICT: ret = dgettext(TEXT_DOMAIN, "property value conflict"); break; case SA_NOT_IMPLEMENTED: ret = dgettext(TEXT_DOMAIN, "not implemented"); break; case SA_INVALID_PATH: ret = dgettext(TEXT_DOMAIN, "invalid path"); break; case SA_NOT_SUPPORTED: ret = dgettext(TEXT_DOMAIN, "operation not supported"); break; case SA_PROP_SHARE_ONLY: ret = dgettext(TEXT_DOMAIN, "property not valid for group"); break; case SA_NOT_SHARED: ret = dgettext(TEXT_DOMAIN, "not shared"); break; case SA_NO_SUCH_RESOURCE: ret = dgettext(TEXT_DOMAIN, "no such resource"); break; case SA_RESOURCE_REQUIRED: ret = dgettext(TEXT_DOMAIN, "resource name required"); break; case SA_MULTIPLE_ERROR: ret = dgettext(TEXT_DOMAIN, "errors from multiple protocols"); break; case SA_PATH_IS_SUBDIR: ret = dgettext(TEXT_DOMAIN, "path is a subpath of share"); break; case SA_PATH_IS_PARENTDIR: ret = dgettext(TEXT_DOMAIN, "path is parent of a share"); break; case SA_NO_SECTION: ret = dgettext(TEXT_DOMAIN, "protocol requires a section"); break; case SA_NO_PROPERTIES: ret = dgettext(TEXT_DOMAIN, "properties not found"); break; case SA_NO_SUCH_SECTION: ret = dgettext(TEXT_DOMAIN, "section not found"); break; case SA_PASSWORD_ENC: ret = dgettext(TEXT_DOMAIN, "passwords must be encrypted"); break; case SA_SHARE_EXISTS: ret = dgettext(TEXT_DOMAIN, "path or file is already shared"); break; default: (void) snprintf(errstr, sizeof (errstr), dgettext(TEXT_DOMAIN, "unknown %d"), err); ret = errstr; } return (ret); } int sa_parse_legacy_options(sa_group_t group, char *options, char *proto) { sa_fstype_t *fstype; #ifdef DEBUG fprintf(stderr, "sa_parse_legacy_options: options=%s, proto=%s\n", options, proto); #endif fstype = fstypes; while (fstype != NULL) { if (strcmp(fstype->name, proto) != 0) { fstype = fstype->next; continue; } return fstype->ops->validate_shareopts(options); } return SA_INVALID_PROTOCOL; } boolean_t sa_needs_refresh(sa_handle_t handle) { return B_TRUE; } libzfs_handle_t * sa_get_zfs_handle(sa_handle_t handle) { sa_handle_impl_t impl_handle = (sa_handle_impl_t)handle; if (impl_handle == NULL) return NULL; return impl_handle->zfs_libhandle; } static sa_share_impl_t alloc_share(const char *sharepath) { sa_share_impl_t impl_share; impl_share = calloc(sizeof (struct sa_share_impl), 1); if (impl_share == NULL) return NULL; impl_share->sharepath = strdup(sharepath); if (impl_share->sharepath == NULL) { free(impl_share); return NULL; } impl_share->fsinfo = calloc(sizeof (sa_share_fsinfo_t), fstypes_count); if (impl_share->fsinfo == NULL) { free(impl_share->sharepath); free(impl_share); return NULL; } return impl_share; } static void free_share(sa_share_impl_t impl_share) { sa_fstype_t *fstype; fstype = fstypes; while (fstype != NULL) { fstype->ops->clear_shareopts(impl_share); free(FSINFO(impl_share, fstype)->resource); fstype = fstype->next; } free(impl_share->sharepath); free(impl_share->dataset); free(impl_share->fsinfo); free(impl_share); } int sa_zfs_process_share(sa_handle_t handle, sa_group_t group, sa_share_t share, char *mountpoint, char *proto, zprop_source_t source, char *shareopts, char *sourcestr, char *dataset) { sa_handle_impl_t impl_handle = (sa_handle_impl_t)handle; sa_share_impl_t impl_share = (sa_share_impl_t)share; #ifdef DEBUG fprintf(stderr, "sa_zfs_process_share: mountpoint=%s, proto=%s, " "shareopts=%s, sourcestr=%s, dataset=%s\n", mountpoint, proto, shareopts, sourcestr, dataset); #endif return process_share(impl_handle, impl_share, mountpoint, NULL, proto, shareopts, NULL, dataset, B_FALSE); } void sa_update_sharetab_ts(sa_handle_t handle) { sa_handle_impl_t impl_handle = (sa_handle_impl_t)handle; update_sharetab(impl_handle); } diff --git a/lib/libshare/nfs.c b/lib/libshare/nfs.c index 53691ebe588f..00ba0f621347 100644 --- a/lib/libshare/nfs.c +++ b/lib/libshare/nfs.c @@ -1,736 +1,737 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2011 Gunnar Beutner * Copyright (c) 2012 Cyril Plisko. All rights reserved. */ #include #include #include #include #include #include #include #include "libshare_impl.h" static boolean_t nfs_available(void); static sa_fstype_t *nfs_fstype; /* * nfs_exportfs_temp_fd refers to a temporary copy of the output * from exportfs -v. */ static int nfs_exportfs_temp_fd = -1; typedef int (*nfs_shareopt_callback_t)(const char *opt, const char *value, void *cookie); typedef int (*nfs_host_callback_t)(const char *sharepath, const char *host, const char *security, const char *access, void *cookie); /** * Invokes the specified callback function for each Solaris share option * listed in the specified string. */ static int foreach_nfs_shareopt(const char *shareopts, nfs_shareopt_callback_t callback, void *cookie) { char *shareopts_dup, *opt, *cur, *value; int was_nul, rc; if (shareopts == NULL) return SA_OK; shareopts_dup = strdup(shareopts); if (shareopts_dup == NULL) return SA_NO_MEMORY; opt = shareopts_dup; was_nul = 0; while (1) { cur = opt; while (*cur != ',' && *cur != '\0') cur++; if (*cur == '\0') was_nul = 1; *cur = '\0'; if (cur > opt) { value = strchr(opt, '='); if (value != NULL) { *value = '\0'; value++; } rc = callback(opt, value, cookie); if (rc != SA_OK) { free(shareopts_dup); return rc; } } opt = cur + 1; if (was_nul) break; } free(shareopts_dup); return 0; } typedef struct nfs_host_cookie_s { nfs_host_callback_t callback; const char *sharepath; void *cookie; const char *security; } nfs_host_cookie_t; /** * Helper function for foreach_nfs_host. This function checks whether the * current share option is a host specification and invokes a callback * function with information about the host. */ static int foreach_nfs_host_cb(const char *opt, const char *value, void *pcookie) { int rc; const char *access; char *host_dup, *host, *next; nfs_host_cookie_t *udata = (nfs_host_cookie_t *)pcookie; #ifdef DEBUG fprintf(stderr, "foreach_nfs_host_cb: key=%s, value=%s\n", opt, value); #endif if (strcmp(opt, "sec") == 0) udata->security = value; if (strcmp(opt, "rw") == 0 || strcmp(opt, "ro") == 0) { if (value == NULL) value = "*"; access = opt; host_dup = strdup(value); if (host_dup == NULL) return SA_NO_MEMORY; host = host_dup; do { next = strchr(host, ':'); if (next != NULL) { *next = '\0'; next++; } rc = udata->callback(udata->sharepath, host, udata->security, access, udata->cookie); if (rc != SA_OK) { free(host_dup); return rc; } host = next; } while (host != NULL); free(host_dup); } return SA_OK; } /** * Invokes a callback function for all NFS hosts that are set for a share. */ static int foreach_nfs_host(sa_share_impl_t impl_share, nfs_host_callback_t callback, void *cookie) { nfs_host_cookie_t udata; char *shareopts; udata.callback = callback; udata.sharepath = impl_share->sharepath; udata.cookie = cookie; udata.security = "sys"; shareopts = FSINFO(impl_share, nfs_fstype)->shareopts; return foreach_nfs_shareopt(shareopts, foreach_nfs_host_cb, &udata); } /** * Converts a Solaris NFS host specification to its Linux equivalent. */ static int get_linux_hostspec(const char *solaris_hostspec, char **plinux_hostspec) { /* * For now we just support CIDR masks (e.g. @192.168.0.0/16) and host * wildcards (e.g. *.example.org). */ if (solaris_hostspec[0] == '@') { /* * Solaris host specifier, e.g. @192.168.0.0/16; we just need * to skip the @ in this case */ *plinux_hostspec = strdup(solaris_hostspec + 1); } else { *plinux_hostspec = strdup(solaris_hostspec); } if (*plinux_hostspec == NULL) { return SA_NO_MEMORY; } return SA_OK; } /** * Used internally by nfs_enable_share to enable sharing for a single host. */ static int nfs_enable_share_one(const char *sharepath, const char *host, const char *security, const char *access, void *pcookie) { int rc; char *linuxhost, *hostpath, *opts; const char *linux_opts = (const char *)pcookie; char *argv[6]; /* exportfs -i -o sec=XX,rX, : */ rc = get_linux_hostspec(host, &linuxhost); if (rc < 0) exit(1); hostpath = malloc(strlen(linuxhost) + 1 + strlen(sharepath) + 1); if (hostpath == NULL) { free(linuxhost); exit(1); } sprintf(hostpath, "%s:%s", linuxhost, sharepath); free(linuxhost); if (linux_opts == NULL) linux_opts = ""; opts = malloc(4 + strlen(security) + 4 + strlen(linux_opts) + 1); if (opts == NULL) exit(1); sprintf(opts, "sec=%s,%s,%s", security, access, linux_opts); #ifdef DEBUG fprintf(stderr, "sharing %s with opts %s\n", hostpath, opts); #endif argv[0] = "/usr/sbin/exportfs"; argv[1] = "-i"; argv[2] = "-o"; argv[3] = opts; argv[4] = hostpath; argv[5] = NULL; rc = libzfs_run_process(argv[0], argv, 0); free(hostpath); free(opts); if (rc < 0) return SA_SYSTEM_ERR; else return SA_OK; } /** * Adds a Linux share option to an array of NFS options. */ static int add_linux_shareopt(char **plinux_opts, const char *key, const char *value) { size_t len = 0; char *new_linux_opts; if (*plinux_opts != NULL) len = strlen(*plinux_opts); new_linux_opts = realloc(*plinux_opts, len + 1 + strlen(key) + (value ? 1 + strlen(value) : 0) + 1); if (new_linux_opts == NULL) return SA_NO_MEMORY; new_linux_opts[len] = '\0'; if (len > 0) strcat(new_linux_opts, ","); strcat(new_linux_opts, key); if (value != NULL) { strcat(new_linux_opts, "="); strcat(new_linux_opts, value); } *plinux_opts = new_linux_opts; return SA_OK; } /** * Validates and converts a single Solaris share option to its Linux * equivalent. */ static int get_linux_shareopts_cb(const char *key, const char *value, void *cookie) { char **plinux_opts = (char **)cookie; /* host-specific options, these are taken care of elsewhere */ if (strcmp(key, "ro") == 0 || strcmp(key, "rw") == 0 || strcmp(key, "sec") == 0) return SA_OK; if (strcmp(key, "anon") == 0) key = "anonuid"; if (strcmp(key, "root_mapping") == 0) { (void) add_linux_shareopt(plinux_opts, "root_squash", NULL); key = "anonuid"; } if (strcmp(key, "nosub") == 0) key = "subtree_check"; if (strcmp(key, "insecure") != 0 && strcmp(key, "secure") != 0 && strcmp(key, "async") != 0 && strcmp(key, "sync") != 0 && strcmp(key, "no_wdelay") != 0 && strcmp(key, "wdelay") != 0 && strcmp(key, "nohide") != 0 && strcmp(key, "hide") != 0 && strcmp(key, "crossmnt") != 0 && strcmp(key, "no_subtree_check") != 0 && strcmp(key, "subtree_check") != 0 && strcmp(key, "insecure_locks") != 0 && strcmp(key, "secure_locks") != 0 && strcmp(key, "no_auth_nlm") != 0 && strcmp(key, "auth_nlm") != 0 && strcmp(key, "no_acl") != 0 && strcmp(key, "mountpoint") != 0 && strcmp(key, "mp") != 0 && strcmp(key, "fsuid") != 0 && strcmp(key, "refer") != 0 && strcmp(key, "replicas") != 0 && strcmp(key, "root_squash") != 0 && strcmp(key, "no_root_squash") != 0 && strcmp(key, "all_squash") != 0 && strcmp(key, "no_all_squash") != 0 && strcmp(key, "fsid") != 0 && strcmp(key, "anonuid") != 0 && strcmp(key, "anongid") != 0) { return SA_SYNTAX_ERR; } (void) add_linux_shareopt(plinux_opts, key, value); return SA_OK; } /** * Takes a string containing Solaris share options (e.g. "sync,no_acl") and * converts them to a NULL-terminated array of Linux NFS options. */ static int get_linux_shareopts(const char *shareopts, char **plinux_opts) { int rc; assert(plinux_opts != NULL); *plinux_opts = NULL; /* default options for Solaris shares */ (void) add_linux_shareopt(plinux_opts, "no_subtree_check", NULL); (void) add_linux_shareopt(plinux_opts, "no_root_squash", NULL); (void) add_linux_shareopt(plinux_opts, "mountpoint", NULL); rc = foreach_nfs_shareopt(shareopts, get_linux_shareopts_cb, plinux_opts); if (rc != SA_OK) { free(*plinux_opts); *plinux_opts = NULL; } return rc; } /** * Enables NFS sharing for the specified share. */ static int nfs_enable_share(sa_share_impl_t impl_share) { char *shareopts, *linux_opts; int rc; if (!nfs_available()) { return SA_SYSTEM_ERR; } shareopts = FSINFO(impl_share, nfs_fstype)->shareopts; if (shareopts == NULL) return SA_OK; rc = get_linux_shareopts(shareopts, &linux_opts); if (rc != SA_OK) return rc; rc = foreach_nfs_host(impl_share, nfs_enable_share_one, linux_opts); free(linux_opts); return rc; } /** * Used internally by nfs_disable_share to disable sharing for a single host. */ static int nfs_disable_share_one(const char *sharepath, const char *host, const char *security, const char *access, void *cookie) { int rc; char *linuxhost, *hostpath; char *argv[4]; rc = get_linux_hostspec(host, &linuxhost); if (rc < 0) exit(1); hostpath = malloc(strlen(linuxhost) + 1 + strlen(sharepath) + 1); if (hostpath == NULL) { free(linuxhost); exit(1); } sprintf(hostpath, "%s:%s", linuxhost, sharepath); free(linuxhost); #ifdef DEBUG fprintf(stderr, "unsharing %s\n", hostpath); #endif argv[0] = "/usr/sbin/exportfs"; argv[1] = "-u"; argv[2] = hostpath; argv[3] = NULL; rc = libzfs_run_process(argv[0], argv, 0); free(hostpath); if (rc < 0) return SA_SYSTEM_ERR; else return SA_OK; } /** * Disables NFS sharing for the specified share. */ static int nfs_disable_share(sa_share_impl_t impl_share) { if (!nfs_available()) { /* * The share can't possibly be active, so nothing * needs to be done to disable it. */ return SA_OK; } return foreach_nfs_host(impl_share, nfs_disable_share_one, NULL); } /** * Checks whether the specified NFS share options are syntactically correct. */ static int nfs_validate_shareopts(const char *shareopts) { char *linux_opts; int rc; rc = get_linux_shareopts(shareopts, &linux_opts); if (rc != SA_OK) return rc; free(linux_opts); return SA_OK; } /** * Checks whether a share is currently active. */ static boolean_t -is_share_active(sa_share_impl_t impl_share) +nfs_is_share_active(sa_share_impl_t impl_share) { char line[512]; char *tab, *cur; FILE *nfs_exportfs_temp_fp; if (!nfs_available()) return B_FALSE; nfs_exportfs_temp_fp = fdopen(dup(nfs_exportfs_temp_fd), "r"); if (nfs_exportfs_temp_fp == NULL || fseek(nfs_exportfs_temp_fp, 0, SEEK_SET) < 0) { fclose(nfs_exportfs_temp_fp); return B_FALSE; } while (fgets(line, sizeof(line), nfs_exportfs_temp_fp) != NULL) { /* * exportfs uses separate lines for the share path * and the export options when the share path is longer * than a certain amount of characters; this ignores * the option lines */ if (line[0] == '\t') continue; tab = strchr(line, '\t'); if (tab != NULL) { *tab = '\0'; cur = tab - 1; } else { /* * there's no tab character, which means the * NFS options are on a separate line; we just * need to remove the new-line character * at the end of the line */ cur = line + strlen(line) - 1; } /* remove trailing spaces and new-line characters */ while (cur >= line && (*cur == ' ' || *cur == '\n')) *cur-- = '\0'; if (strcmp(line, impl_share->sharepath) == 0) { fclose(nfs_exportfs_temp_fp); return B_TRUE; } } fclose(nfs_exportfs_temp_fp); return B_FALSE; } /** * Called to update a share's options. A share's options might be out of * date if the share was loaded from disk (i.e. /etc/dfs/sharetab) and the * "sharenfs" dataset property has changed in the meantime. This function * also takes care of re-enabling the share if necessary. */ static int nfs_update_shareopts(sa_share_impl_t impl_share, const char *resource, const char *shareopts) { char *shareopts_dup; boolean_t needs_reshare = B_FALSE; char *old_shareopts; - FSINFO(impl_share, nfs_fstype)->active = is_share_active(impl_share); + FSINFO(impl_share, nfs_fstype)->active = + nfs_is_share_active(impl_share); old_shareopts = FSINFO(impl_share, nfs_fstype)->shareopts; if (strcmp(shareopts, "on") == 0) shareopts = "rw"; if (FSINFO(impl_share, nfs_fstype)->active && old_shareopts != NULL && strcmp(old_shareopts, shareopts) != 0) { needs_reshare = B_TRUE; nfs_disable_share(impl_share); } shareopts_dup = strdup(shareopts); if (shareopts_dup == NULL) return SA_NO_MEMORY; if (old_shareopts != NULL) free(old_shareopts); FSINFO(impl_share, nfs_fstype)->shareopts = shareopts_dup; if (needs_reshare) nfs_enable_share(impl_share); return SA_OK; } /** * Clears a share's NFS options. Used by libshare to * clean up shares that are about to be free()'d. */ static void nfs_clear_shareopts(sa_share_impl_t impl_share) { free(FSINFO(impl_share, nfs_fstype)->shareopts); FSINFO(impl_share, nfs_fstype)->shareopts = NULL; } static const sa_share_ops_t nfs_shareops = { .enable_share = nfs_enable_share, .disable_share = nfs_disable_share, .validate_shareopts = nfs_validate_shareopts, .update_shareopts = nfs_update_shareopts, .clear_shareopts = nfs_clear_shareopts, }; /* * nfs_check_exportfs() checks that the exportfs command runs * and also maintains a temporary copy of the output from * exportfs -v. * To update this temporary copy simply call this function again. * * TODO : Use /var/lib/nfs/etab instead of our private copy. * But must implement locking to prevent concurrent access. * * TODO : The temporary file descriptor is never closed since * there is no libshare_nfs_fini() function. */ static int nfs_check_exportfs(void) { pid_t pid; int rc, status; static char nfs_exportfs_tempfile[] = "/tmp/exportfs.XXXXXX"; /* * Close any existing temporary copies of output from exportfs. * We have already called unlink() so file will be deleted. */ if (nfs_exportfs_temp_fd >= 0) close(nfs_exportfs_temp_fd); nfs_exportfs_temp_fd = mkstemp(nfs_exportfs_tempfile); if (nfs_exportfs_temp_fd < 0) return SA_SYSTEM_ERR; unlink(nfs_exportfs_tempfile); fcntl(nfs_exportfs_temp_fd, F_SETFD, FD_CLOEXEC); pid = fork(); if (pid < 0) { (void) close(nfs_exportfs_temp_fd); nfs_exportfs_temp_fd = -1; return SA_SYSTEM_ERR; } if (pid > 0) { while ((rc = waitpid(pid, &status, 0)) <= 0 && errno == EINTR) ; /* empty loop body */ if (rc <= 0) { (void) close(nfs_exportfs_temp_fd); nfs_exportfs_temp_fd = -1; return SA_SYSTEM_ERR; } if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { (void) close(nfs_exportfs_temp_fd); nfs_exportfs_temp_fd = -1; return SA_CONFIG_ERR; } return SA_OK; } /* child */ /* exportfs -v */ if (dup2(nfs_exportfs_temp_fd, STDOUT_FILENO) < 0) exit(1); rc = execlp("/usr/sbin/exportfs", "exportfs", "-v", NULL); if (rc < 0) { exit(1); } exit(0); } /* * Provides a convenient wrapper for determing nfs availability */ static boolean_t nfs_available(void) { if (nfs_exportfs_temp_fd == -1) (void) nfs_check_exportfs(); return (nfs_exportfs_temp_fd != -1) ? B_TRUE : B_FALSE; } /** * Initializes the NFS functionality of libshare. */ void libshare_nfs_init(void) { nfs_fstype = register_fstype("nfs", &nfs_shareops); } diff --git a/lib/libshare/smb.c b/lib/libshare/smb.c new file mode 100644 index 000000000000..e34d14259112 --- /dev/null +++ b/lib/libshare/smb.c @@ -0,0 +1,437 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ + +/* + * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011,2012 Turbo Fredriksson , based on nfs.c + * by Gunnar Beutner + * + * This is an addition to the zfs device driver to add, modify and remove SMB + * shares using the 'net share' command that comes with Samba. + + * TESTING + * Make sure that samba listens to 'localhost' (127.0.0.1) and that the options + * 'usershare max shares' and 'usershare owner only' have been rewied/set + * accordingly (see zfs(8) for information). + * + * Once configuration in samba have been done, test that this + * works with the following three commands (in this case, my ZFS + * filesystem is called 'share/Test1'): + * + * (root)# net -U root -S 127.0.0.1 usershare add Test1 /share/Test1 \ + * "Comment: /share/Test1" "Everyone:F" + * (root)# net usershare list | grep -i test + * (root)# net -U root -S 127.0.0.1 usershare delete Test1 + * + * The first command will create a user share that gives everyone full access. + * To limit the access below that, use normal UNIX commands (chmod, chown etc). + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "libshare_impl.h" +#include "smb.h" + +static boolean_t smb_available(void); + +static sa_fstype_t *smb_fstype; + +/** + * Retrieve the list of SMB shares. + */ +static int +smb_retrieve_shares(void) +{ + int rc = SA_OK; + char file_path[PATH_MAX], line[512], *token, *key, *value; + char *dup_value, *path = NULL, *comment = NULL, *name = NULL; + char *guest_ok = NULL; + DIR *shares_dir; + FILE *share_file_fp = NULL; + struct dirent *directory; + struct stat eStat; + smb_share_t *shares, *new_shares = NULL; + + /* opendir(), stat() */ + shares_dir = opendir(SHARE_DIR); + if (shares_dir == NULL) + return SA_SYSTEM_ERR; + + /* Go through the directory, looking for shares */ + while ((directory = readdir(shares_dir))) { + if (directory->d_name[0] == '.') + continue; + + snprintf(file_path, sizeof (file_path), + "%s/%s", SHARE_DIR, directory->d_name); + + if (stat(file_path, &eStat) == -1) { + rc = SA_SYSTEM_ERR; + goto out; + } + + if (!S_ISREG(eStat.st_mode)) + continue; + + if ((share_file_fp = fopen(file_path, "r")) == NULL) { + rc = SA_SYSTEM_ERR; + goto out; + } + + name = strdup(directory->d_name); + if (name == NULL) { + rc = SA_NO_MEMORY; + goto out; + } + + while (fgets(line, sizeof(line), share_file_fp)) { + if (line[0] == '#') + continue; + + /* Trim trailing new-line character(s). */ + while (line[strlen(line) - 1] == '\r' || + line[strlen(line) - 1] == '\n') + line[strlen(line) - 1] = '\0'; + + /* Split the line in two, separated by '=' */ + token = strchr(line, '='); + if (token == NULL) + continue; + + key = line; + value = token + 1; + *token = '\0'; + + dup_value = strdup(value); + if (dup_value == NULL) { + rc = SA_NO_MEMORY; + goto out; + } + + if (strcmp(key, "path") == 0) + path = dup_value; + if (strcmp(key, "comment") == 0) + comment = dup_value; + if (strcmp(key, "guest_ok") == 0) + guest_ok = dup_value; + + if (path == NULL || comment == NULL || guest_ok == NULL) + continue; /* Incomplete share definition */ + else { + shares = (smb_share_t *) + malloc(sizeof (smb_share_t)); + if (shares == NULL) { + rc = SA_NO_MEMORY; + goto out; + } + + strncpy(shares->name, name, + sizeof (shares->name)); + shares->name [sizeof(shares->name)-1] = '\0'; + + strncpy(shares->path, path, + sizeof (shares->path)); + shares->path [sizeof(shares->path)-1] = '\0'; + + strncpy(shares->comment, comment, + sizeof (shares->comment)); + shares->comment[sizeof(shares->comment)-1]='\0'; + + shares->guest_ok = atoi(guest_ok); + + shares->next = new_shares; + new_shares = shares; + + name = NULL; + path = NULL; + comment = NULL; + guest_ok = NULL; + } + } + +out: + if (share_file_fp != NULL) + fclose(share_file_fp); + + free(name); + free(path); + free(comment); + free(guest_ok); + } + closedir(shares_dir); + + smb_shares = new_shares; + + return rc; +} + +/** + * Used internally by smb_enable_share to enable sharing for a single host. + */ +static int +smb_enable_share_one(const char *sharename, const char *sharepath) +{ + char *argv[10], *pos; + char name[SMB_NAME_MAX], comment[SMB_COMMENT_MAX]; + int rc; + + /* Support ZFS share name regexp '[[:alnum:]_-.: ]' */ + strncpy(name, sharename, sizeof(name)); + name [sizeof(name)-1] = '\0'; + + pos = name; + while (*pos != '\0') { + switch (*pos) { + case '/': + case '-': + case ':': + case ' ': + *pos = '_'; + } + + ++pos; + } + + /* CMD: net -S NET_CMD_ARG_HOST usershare add Test1 /share/Test1 \ + * "Comment" "Everyone:F" */ + snprintf(comment, sizeof(comment), "Comment: %s", sharepath); + + argv[0] = NET_CMD_PATH; + argv[1] = (char*)"-S"; + argv[2] = NET_CMD_ARG_HOST; + argv[3] = (char*)"usershare"; + argv[4] = (char*)"add"; + argv[5] = (char*)name; + argv[6] = (char*)sharepath; + argv[7] = (char*)comment; + argv[8] = "Everyone:F"; + argv[9] = NULL; + + rc = libzfs_run_process(argv[0], argv, 0); + if (rc < 0) + return SA_SYSTEM_ERR; + + /* Reload the share file */ + (void) smb_retrieve_shares(); + + return SA_OK; +} + +/** + * Enables SMB sharing for the specified share. + */ +static int +smb_enable_share(sa_share_impl_t impl_share) +{ + char *shareopts; + + if (!smb_available()) + return SA_SYSTEM_ERR; + + shareopts = FSINFO(impl_share, smb_fstype)->shareopts; + if (shareopts == NULL) /* on/off */ + return SA_SYSTEM_ERR; + + if (strcmp(shareopts, "off") == 0) + return SA_OK; + + /* Magic: Enable (i.e., 'create new') share */ + return smb_enable_share_one(impl_share->dataset, impl_share->sharepath); +} + +/** + * Used internally by smb_disable_share to disable sharing for a single host. + */ +static int +smb_disable_share_one(const char *sharename) +{ + int rc; + char *argv[7]; + + /* CMD: net -S NET_CMD_ARG_HOST usershare delete Test1 */ + argv[0] = NET_CMD_PATH; + argv[1] = (char*)"-S"; + argv[2] = NET_CMD_ARG_HOST; + argv[3] = (char*)"usershare"; + argv[4] = (char*)"delete"; + argv[5] = strdup(sharename); + argv[6] = NULL; + + rc = libzfs_run_process(argv[0], argv, 0); + if (rc < 0) + return SA_SYSTEM_ERR; + else + return SA_OK; +} + +/** + * Disables SMB sharing for the specified share. + */ +static int +smb_disable_share(sa_share_impl_t impl_share) +{ + smb_share_t *shares = smb_shares; + + if (!smb_available()) { + /* + * The share can't possibly be active, so nothing + * needs to be done to disable it. + */ + return SA_OK; + } + + while (shares != NULL) { + if (strcmp(impl_share->sharepath, shares->path) == 0) + return smb_disable_share_one(shares->name); + + shares = shares->next; + } + + return SA_OK; +} + +/** + * Checks whether the specified SMB share options are syntactically correct. + */ +static int +smb_validate_shareopts(const char *shareopts) +{ + /* TODO: Accept 'name' and sec/acl (?) */ + if ((strcmp(shareopts, "off") == 0) || (strcmp(shareopts, "on") == 0)) + return SA_OK; + + return SA_SYNTAX_ERR; +} + +/** + * Checks whether a share is currently active. + */ +static boolean_t +smb_is_share_active(sa_share_impl_t impl_share) +{ + if (!smb_available()) + return B_FALSE; + + /* Retrieve the list of (possible) active shares */ + smb_retrieve_shares(); + + while (smb_shares != NULL) { + if (strcmp(impl_share->sharepath, smb_shares->path) == 0) + return B_TRUE; + + smb_shares = smb_shares->next; + } + + return B_FALSE; +} + +/** + * Called to update a share's options. A share's options might be out of + * date if the share was loaded from disk and the "sharesmb" dataset + * property has changed in the meantime. This function also takes care + * of re-enabling the share if necessary. + */ +static int +smb_update_shareopts(sa_share_impl_t impl_share, const char *resource, + const char *shareopts) +{ + char *shareopts_dup; + boolean_t needs_reshare = B_FALSE; + char *old_shareopts; + + if(!impl_share) + return SA_SYSTEM_ERR; + + FSINFO(impl_share, smb_fstype)->active = + smb_is_share_active(impl_share); + + old_shareopts = FSINFO(impl_share, smb_fstype)->shareopts; + + if (FSINFO(impl_share, smb_fstype)->active && old_shareopts != NULL && + strcmp(old_shareopts, shareopts) != 0) { + needs_reshare = B_TRUE; + smb_disable_share(impl_share); + } + + shareopts_dup = strdup(shareopts); + + if (shareopts_dup == NULL) + return SA_NO_MEMORY; + + if (old_shareopts != NULL) + free(old_shareopts); + + FSINFO(impl_share, smb_fstype)->shareopts = shareopts_dup; + + if (needs_reshare) + smb_enable_share(impl_share); + + return SA_OK; +} + +/** + * Clears a share's SMB options. Used by libshare to + * clean up shares that are about to be free()'d. + */ +static void +smb_clear_shareopts(sa_share_impl_t impl_share) +{ + free(FSINFO(impl_share, smb_fstype)->shareopts); + FSINFO(impl_share, smb_fstype)->shareopts = NULL; +} + +static const sa_share_ops_t smb_shareops = { + .enable_share = smb_enable_share, + .disable_share = smb_disable_share, + + .validate_shareopts = smb_validate_shareopts, + .update_shareopts = smb_update_shareopts, + .clear_shareopts = smb_clear_shareopts, +}; + +/* + * Provides a convenient wrapper for determining SMB availability + */ +static boolean_t +smb_available(void) +{ + /* TODO: Sanity check NET_CMD_PATH and SHARE_DIR */ + return B_TRUE; +} + +/** + * Initializes the SMB functionality of libshare. + */ +void +libshare_smb_init(void) +{ + smb_fstype = register_fstype("smb", &smb_shareops); +} diff --git a/lib/libshare/smb.h b/lib/libshare/smb.h new file mode 100644 index 000000000000..f5ac83ace87f --- /dev/null +++ b/lib/libshare/smb.h @@ -0,0 +1,49 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ + +/* + * Copyright (c) 2011 Turbo Fredriksson . + */ + +/* + * The maximum SMB share name seems to be 254 characters, though good + * references are hard to find. + */ + +#define SMB_NAME_MAX 255 +#define SMB_COMMENT_MAX 255 + +#define SHARE_DIR "/var/lib/samba/usershares" +#define NET_CMD_PATH "/usr/bin/net" +#define NET_CMD_ARG_HOST "127.0.0.1" + +typedef struct smb_share_s { + char name[SMB_NAME_MAX]; /* Share name */ + char path[PATH_MAX]; /* Share path */ + char comment[SMB_COMMENT_MAX]; /* Share's comment */ + boolean_t guest_ok; /* 'y' or 'n' */ + + struct smb_share_s *next; +} smb_share_t; + +smb_share_t *smb_shares; + +void libshare_smb_init(void); diff --git a/lib/libzfs/libzfs_mount.c b/lib/libzfs/libzfs_mount.c index 0fe83e550c14..9a57ad98f050 100644 --- a/lib/libzfs/libzfs_mount.c +++ b/lib/libzfs/libzfs_mount.c @@ -1,1279 +1,1279 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. */ /* * Routines to manage ZFS mounts. We separate all the nasty routines that have * to deal with the OS. The following functions are the main entry points -- * they are used by mount and unmount and when changing a filesystem's * mountpoint. * * zfs_is_mounted() * zfs_mount() * zfs_unmount() * zfs_unmountall() * * This file also contains the functions used to manage sharing filesystems via * NFS and iSCSI: * * zfs_is_shared() * zfs_share() * zfs_unshare() * * zfs_is_shared_nfs() * zfs_is_shared_smb() * zfs_share_proto() * zfs_shareall(); * zfs_unshare_nfs() * zfs_unshare_smb() * zfs_unshareall_nfs() * zfs_unshareall_smb() * zfs_unshareall() * zfs_unshareall_bypath() * * The following functions are available for pool consumers, and will * mount/unmount and share/unshare all datasets within pool: * * zpool_enable_datasets() * zpool_disable_datasets() */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "libzfs_impl.h" #include #include #define MAXISALEN 257 /* based on sysinfo(2) man page */ static int zfs_share_proto(zfs_handle_t *, zfs_share_proto_t *); zfs_share_type_t zfs_is_shared_proto(zfs_handle_t *, char **, zfs_share_proto_t); /* * The share protocols table must be in the same order as the zfs_share_prot_t * enum in libzfs_impl.h */ typedef struct { zfs_prop_t p_prop; char *p_name; int p_share_err; int p_unshare_err; } proto_table_t; proto_table_t proto_table[PROTO_END] = { {ZFS_PROP_SHARENFS, "nfs", EZFS_SHARENFSFAILED, EZFS_UNSHARENFSFAILED}, {ZFS_PROP_SHARESMB, "smb", EZFS_SHARESMBFAILED, EZFS_UNSHARESMBFAILED}, }; zfs_share_proto_t nfs_only[] = { PROTO_NFS, PROTO_END }; zfs_share_proto_t smb_only[] = { PROTO_SMB, PROTO_END }; zfs_share_proto_t share_all_proto[] = { PROTO_NFS, PROTO_SMB, PROTO_END }; /* * Search the sharetab for the given mountpoint and protocol, returning * a zfs_share_type_t value. */ static zfs_share_type_t is_shared(libzfs_handle_t *hdl, const char *mountpoint, zfs_share_proto_t proto) { char buf[MAXPATHLEN], *tab; char *ptr; if (hdl->libzfs_sharetab == NULL) return (SHARED_NOT_SHARED); (void) fseek(hdl->libzfs_sharetab, 0, SEEK_SET); while (fgets(buf, sizeof (buf), hdl->libzfs_sharetab) != NULL) { /* the mountpoint is the first entry on each line */ if ((tab = strchr(buf, '\t')) == NULL) continue; *tab = '\0'; if (strcmp(buf, mountpoint) == 0) { /* * the protocol field is the third field * skip over second field */ ptr = ++tab; if ((tab = strchr(ptr, '\t')) == NULL) continue; ptr = ++tab; if ((tab = strchr(ptr, '\t')) == NULL) continue; *tab = '\0'; if (strcmp(ptr, proto_table[proto].p_name) == 0) { switch (proto) { case PROTO_NFS: return (SHARED_NFS); case PROTO_SMB: return (SHARED_SMB); default: return (0); } } } } return (SHARED_NOT_SHARED); } /* * Returns true if the specified directory is empty. If we can't open the * directory at all, return true so that the mount can fail with a more * informative error message. */ static boolean_t dir_is_empty(const char *dirname) { DIR *dirp; struct dirent64 *dp; if ((dirp = opendir(dirname)) == NULL) return (B_TRUE); while ((dp = readdir64(dirp)) != NULL) { if (strcmp(dp->d_name, ".") == 0 || strcmp(dp->d_name, "..") == 0) continue; (void) closedir(dirp); return (B_FALSE); } (void) closedir(dirp); return (B_TRUE); } /* * Checks to see if the mount is active. If the filesystem is mounted, we fill * in 'where' with the current mountpoint, and return 1. Otherwise, we return * 0. */ boolean_t is_mounted(libzfs_handle_t *zfs_hdl, const char *special, char **where) { struct mnttab entry; if (libzfs_mnttab_find(zfs_hdl, special, &entry) != 0) return (B_FALSE); if (where != NULL) *where = zfs_strdup(zfs_hdl, entry.mnt_mountp); return (B_TRUE); } boolean_t zfs_is_mounted(zfs_handle_t *zhp, char **where) { return (is_mounted(zhp->zfs_hdl, zfs_get_name(zhp), where)); } /* * Returns true if the given dataset is mountable, false otherwise. Returns the * mountpoint in 'buf'. */ static boolean_t zfs_is_mountable(zfs_handle_t *zhp, char *buf, size_t buflen, zprop_source_t *source) { char sourceloc[ZFS_MAXNAMELEN]; zprop_source_t sourcetype; if (!zfs_prop_valid_for_type(ZFS_PROP_MOUNTPOINT, zhp->zfs_type)) return (B_FALSE); verify(zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, buf, buflen, &sourcetype, sourceloc, sizeof (sourceloc), B_FALSE) == 0); if (strcmp(buf, ZFS_MOUNTPOINT_NONE) == 0 || strcmp(buf, ZFS_MOUNTPOINT_LEGACY) == 0) return (B_FALSE); if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_OFF) return (B_FALSE); if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED) && getzoneid() == GLOBAL_ZONEID) return (B_FALSE); if (source) *source = sourcetype; return (B_TRUE); } /* * The filesystem is mounted by invoking the system mount utility rather * than by the system call mount(2). This ensures that the /etc/mtab * file is correctly locked for the update. Performing our own locking * and /etc/mtab update requires making an unsafe assumption about how * the mount utility performs its locking. Unfortunately, this also means * in the case of a mount failure we do not have the exact errno. We must * make due with return value from the mount process. * * In the long term a shared library called libmount is under development * which provides a common API to address the locking and errno issues. * Once the standard mount utility has been updated to use this library * we can add an autoconf check to conditionally use it. * * http://www.kernel.org/pub/linux/utils/util-linux/libmount-docs/index.html */ static int do_mount(const char *src, const char *mntpt, char *opts) { char *argv[8] = { "/bin/mount", "-t", MNTTYPE_ZFS, "-o", opts, (char *)src, (char *)mntpt, (char *)NULL }; int rc; /* Return only the most critical mount error */ rc = libzfs_run_process(argv[0], argv, STDOUT_VERBOSE|STDERR_VERBOSE); if (rc) { if (rc & MOUNT_FILEIO) return EIO; if (rc & MOUNT_USER) return EINTR; if (rc & MOUNT_SOFTWARE) return EPIPE; if (rc & MOUNT_SYSERR) return EAGAIN; if (rc & MOUNT_USAGE) return EINVAL; return ENXIO; /* Generic error */ } return 0; } static int do_unmount(const char *mntpt, int flags) { char force_opt[] = "-f"; char lazy_opt[] = "-l"; char *argv[7] = { "/bin/umount", "-t", MNTTYPE_ZFS, NULL, NULL, NULL, NULL }; int rc, count = 3; if (flags & MS_FORCE) { argv[count] = force_opt; count++; } if (flags & MS_DETACH) { argv[count] = lazy_opt; count++; } argv[count] = (char *)mntpt; rc = libzfs_run_process(argv[0], argv, STDOUT_VERBOSE|STDERR_VERBOSE); return (rc ? EINVAL : 0); } static int zfs_add_option(zfs_handle_t *zhp, char *options, int len, zfs_prop_t prop, char *on, char *off) { char *source; uint64_t value; /* Skip adding duplicate default options */ if ((strstr(options, on) != NULL) || (strstr(options, off) != NULL)) return (0); /* * zfs_prop_get_int() to not used to ensure our mount options * are not influenced by the current /etc/mtab contents. */ value = getprop_uint64(zhp, prop, &source); (void) strlcat(options, ",", len); (void) strlcat(options, value ? on : off, len); return (0); } static int zfs_add_options(zfs_handle_t *zhp, char *options, int len) { int error = 0; error = zfs_add_option(zhp, options, len, ZFS_PROP_ATIME, MNTOPT_ATIME, MNTOPT_NOATIME); error = error ? error : zfs_add_option(zhp, options, len, ZFS_PROP_DEVICES, MNTOPT_DEVICES, MNTOPT_NODEVICES); error = error ? error : zfs_add_option(zhp, options, len, ZFS_PROP_EXEC, MNTOPT_EXEC, MNTOPT_NOEXEC); error = error ? error : zfs_add_option(zhp, options, len, ZFS_PROP_READONLY, MNTOPT_RO, MNTOPT_RW); error = error ? error : zfs_add_option(zhp, options, len, ZFS_PROP_SETUID, MNTOPT_SETUID, MNTOPT_NOSETUID); error = error ? error : zfs_add_option(zhp, options, len, ZFS_PROP_XATTR, MNTOPT_XATTR, MNTOPT_NOXATTR); error = error ? error : zfs_add_option(zhp, options, len, ZFS_PROP_NBMAND, MNTOPT_NBMAND, MNTOPT_NONBMAND); return (error); } /* * Mount the given filesystem. */ int zfs_mount(zfs_handle_t *zhp, const char *options, int flags) { struct stat buf; char mountpoint[ZFS_MAXPROPLEN]; char mntopts[MNT_LINE_MAX]; libzfs_handle_t *hdl = zhp->zfs_hdl; int remount = 0, rc; if (options == NULL) { (void) strlcpy(mntopts, MNTOPT_DEFAULTS, sizeof (mntopts)); } else { (void) strlcpy(mntopts, options, sizeof (mntopts)); } if (strstr(mntopts, MNTOPT_REMOUNT) != NULL) remount = 1; /* * If the pool is imported read-only then all mounts must be read-only */ if (zpool_get_prop_int(zhp->zpool_hdl, ZPOOL_PROP_READONLY, NULL)) (void) strlcat(mntopts, "," MNTOPT_RO, sizeof (mntopts)); /* * Append default mount options which apply to the mount point. * This is done because under Linux (unlike Solaris) multiple mount * points may reference a single super block. This means that just * given a super block there is no back reference to update the per * mount point options. */ rc = zfs_add_options(zhp, mntopts, sizeof (mntopts)); if (rc) { zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "default options unavailable")); return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint)); } /* * Append zfsutil option so the mount helper allow the mount */ strlcat(mntopts, "," MNTOPT_ZFSUTIL, sizeof (mntopts)); if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL)) return (0); /* Create the directory if it doesn't already exist */ if (lstat(mountpoint, &buf) != 0) { if (mkdirp(mountpoint, 0755) != 0) { zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "failed to create mountpoint")); return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint)); } } /* * Determine if the mountpoint is empty. If so, refuse to perform the * mount. We don't perform this check if 'remount' is * specified or if overlay option(-O) is given */ if ((flags & MS_OVERLAY) == 0 && !remount && !dir_is_empty(mountpoint)) { zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "directory is not empty")); return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint)); } /* perform the mount */ rc = do_mount(zfs_get_name(zhp), mountpoint, mntopts); if (rc) { /* * Generic errors are nasty, but there are just way too many * from mount(), and they're well-understood. We pick a few * common ones to improve upon. */ if (rc == EBUSY) { zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "mountpoint or dataset is busy")); } else if (rc == EPERM) { zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "Insufficient privileges")); } else if (rc == ENOTSUP) { char buf[256]; int spa_version; VERIFY(zfs_spa_version(zhp, &spa_version) == 0); (void) snprintf(buf, sizeof (buf), dgettext(TEXT_DOMAIN, "Can't mount a version %lld " "file system on a version %d pool. Pool must be" " upgraded to mount this file system."), (u_longlong_t)zfs_prop_get_int(zhp, ZFS_PROP_VERSION), spa_version); zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, buf)); } else { zfs_error_aux(hdl, strerror(rc)); } return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, dgettext(TEXT_DOMAIN, "cannot mount '%s'"), zhp->zfs_name)); } /* remove the mounted entry before re-adding on remount */ if (remount) libzfs_mnttab_remove(hdl, zhp->zfs_name); /* add the mounted entry into our cache */ libzfs_mnttab_add(hdl, zfs_get_name(zhp), mountpoint, mntopts); return (0); } /* * Unmount a single filesystem. */ static int unmount_one(libzfs_handle_t *hdl, const char *mountpoint, int flags) { int error; error = do_unmount(mountpoint, flags); if (error != 0) { return (zfs_error_fmt(hdl, EZFS_UMOUNTFAILED, dgettext(TEXT_DOMAIN, "cannot unmount '%s'"), mountpoint)); } return (0); } /* * Unmount the given filesystem. */ int zfs_unmount(zfs_handle_t *zhp, const char *mountpoint, int flags) { libzfs_handle_t *hdl = zhp->zfs_hdl; struct mnttab entry; char *mntpt = NULL; /* check to see if we need to unmount the filesystem */ if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) && libzfs_mnttab_find(hdl, zhp->zfs_name, &entry) == 0)) { /* * mountpoint may have come from a call to * getmnt/getmntany if it isn't NULL. If it is NULL, * we know it comes from libzfs_mnttab_find which can * then get freed later. We strdup it to play it safe. */ if (mountpoint == NULL) mntpt = zfs_strdup(hdl, entry.mnt_mountp); else mntpt = zfs_strdup(hdl, mountpoint); /* * Unshare and unmount the filesystem */ if (zfs_unshare_proto(zhp, mntpt, share_all_proto) != 0) return (-1); if (unmount_one(hdl, mntpt, flags) != 0) { free(mntpt); (void) zfs_shareall(zhp); return (-1); } libzfs_mnttab_remove(hdl, zhp->zfs_name); free(mntpt); } return (0); } /* * Unmount this filesystem and any children inheriting the mountpoint property. * To do this, just act like we're changing the mountpoint property, but don't * remount the filesystems afterwards. */ int zfs_unmountall(zfs_handle_t *zhp, int flags) { prop_changelist_t *clp; int ret; clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT, 0, flags); if (clp == NULL) return (-1); ret = changelist_prefix(clp); changelist_free(clp); return (ret); } boolean_t zfs_is_shared(zfs_handle_t *zhp) { zfs_share_type_t rc = 0; zfs_share_proto_t *curr_proto; if (ZFS_IS_VOLUME(zhp)) return (B_FALSE); for (curr_proto = share_all_proto; *curr_proto != PROTO_END; curr_proto++) rc |= zfs_is_shared_proto(zhp, NULL, *curr_proto); return (rc ? B_TRUE : B_FALSE); } int zfs_share(zfs_handle_t *zhp) { assert(!ZFS_IS_VOLUME(zhp)); return (zfs_share_proto(zhp, share_all_proto)); } int zfs_unshare(zfs_handle_t *zhp) { assert(!ZFS_IS_VOLUME(zhp)); return (zfs_unshareall(zhp)); } /* * Check to see if the filesystem is currently shared. */ zfs_share_type_t zfs_is_shared_proto(zfs_handle_t *zhp, char **where, zfs_share_proto_t proto) { char *mountpoint; zfs_share_type_t rc; if (!zfs_is_mounted(zhp, &mountpoint)) return (SHARED_NOT_SHARED); if ((rc = is_shared(zhp->zfs_hdl, mountpoint, proto))) { if (where != NULL) *where = mountpoint; else free(mountpoint); return (rc); } else { free(mountpoint); return (SHARED_NOT_SHARED); } } boolean_t zfs_is_shared_nfs(zfs_handle_t *zhp, char **where) { return (zfs_is_shared_proto(zhp, where, PROTO_NFS) != SHARED_NOT_SHARED); } boolean_t zfs_is_shared_smb(zfs_handle_t *zhp, char **where) { return (zfs_is_shared_proto(zhp, where, PROTO_SMB) != SHARED_NOT_SHARED); } /* * zfs_init_libshare(zhandle, service) * * Initialize the libshare API if it hasn't already been initialized. * In all cases it returns 0 if it succeeded and an error if not. The * service value is which part(s) of the API to initialize and is a * direct map to the libshare sa_init(service) interface. */ int zfs_init_libshare(libzfs_handle_t *zhandle, int service) { int ret = SA_OK; if (ret == SA_OK && zhandle->libzfs_shareflags & ZFSSHARE_MISS) { /* * We had a cache miss. Most likely it is a new ZFS * dataset that was just created. We want to make sure * so check timestamps to see if a different process * has updated any of the configuration. If there was * some non-ZFS change, we need to re-initialize the * internal cache. */ zhandle->libzfs_shareflags &= ~ZFSSHARE_MISS; if (sa_needs_refresh(zhandle->libzfs_sharehdl)) { zfs_uninit_libshare(zhandle); zhandle->libzfs_sharehdl = sa_init(service); } } if (ret == SA_OK && zhandle && zhandle->libzfs_sharehdl == NULL) zhandle->libzfs_sharehdl = sa_init(service); if (ret == SA_OK && zhandle->libzfs_sharehdl == NULL) ret = SA_NO_MEMORY; return (ret); } /* * zfs_uninit_libshare(zhandle) * * Uninitialize the libshare API if it hasn't already been * uninitialized. It is OK to call multiple times. */ void zfs_uninit_libshare(libzfs_handle_t *zhandle) { if (zhandle != NULL && zhandle->libzfs_sharehdl != NULL) { sa_fini(zhandle->libzfs_sharehdl); zhandle->libzfs_sharehdl = NULL; } } /* * zfs_parse_options(options, proto) * * Call the legacy parse interface to get the protocol specific * options using the NULL arg to indicate that this is a "parse" only. */ int zfs_parse_options(char *options, zfs_share_proto_t proto) { return (sa_parse_legacy_options(NULL, options, proto_table[proto].p_name)); } /* * Share the given filesystem according to the options in the specified * protocol specific properties (sharenfs, sharesmb). We rely - * on "libshare" to the dirty work for us. + * on "libshare" to do the dirty work for us. */ static int zfs_share_proto(zfs_handle_t *zhp, zfs_share_proto_t *proto) { char mountpoint[ZFS_MAXPROPLEN]; char shareopts[ZFS_MAXPROPLEN]; char sourcestr[ZFS_MAXPROPLEN]; libzfs_handle_t *hdl = zhp->zfs_hdl; sa_share_t share; zfs_share_proto_t *curr_proto; zprop_source_t sourcetype; int ret; if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL)) return (0); if ((ret = zfs_init_libshare(hdl, SA_INIT_SHARE_API)) != SA_OK) { (void) zfs_error_fmt(hdl, EZFS_SHARENFSFAILED, dgettext(TEXT_DOMAIN, "cannot share '%s': %s"), zfs_get_name(zhp), sa_errorstr(ret)); return (-1); } for (curr_proto = proto; *curr_proto != PROTO_END; curr_proto++) { /* * Return success if there are no share options. */ if (zfs_prop_get(zhp, proto_table[*curr_proto].p_prop, shareopts, sizeof (shareopts), &sourcetype, sourcestr, ZFS_MAXPROPLEN, B_FALSE) != 0 || strcmp(shareopts, "off") == 0) continue; /* * If the 'zoned' property is set, then zfs_is_mountable() * will have already bailed out if we are in the global zone. * But local zones cannot be NFS servers, so we ignore it for * local zones as well. */ if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) continue; share = sa_find_share(hdl->libzfs_sharehdl, mountpoint); if (share == NULL) { /* * This may be a new file system that was just * created so isn't in the internal cache * (second time through). Rather than * reloading the entire configuration, we can * assume ZFS has done the checking and it is * safe to add this to the internal * configuration. */ if (sa_zfs_process_share(hdl->libzfs_sharehdl, NULL, NULL, mountpoint, proto_table[*curr_proto].p_name, sourcetype, shareopts, sourcestr, zhp->zfs_name) != SA_OK) { (void) zfs_error_fmt(hdl, proto_table[*curr_proto].p_share_err, dgettext(TEXT_DOMAIN, "cannot share '%s'"), zfs_get_name(zhp)); return (-1); } hdl->libzfs_shareflags |= ZFSSHARE_MISS; share = sa_find_share(hdl->libzfs_sharehdl, mountpoint); } if (share != NULL) { int err; err = sa_enable_share(share, proto_table[*curr_proto].p_name); if (err != SA_OK) { (void) zfs_error_fmt(hdl, proto_table[*curr_proto].p_share_err, dgettext(TEXT_DOMAIN, "cannot share '%s'"), zfs_get_name(zhp)); return (-1); } } else { (void) zfs_error_fmt(hdl, proto_table[*curr_proto].p_share_err, dgettext(TEXT_DOMAIN, "cannot share '%s'"), zfs_get_name(zhp)); return (-1); } } return (0); } int zfs_share_nfs(zfs_handle_t *zhp) { return (zfs_share_proto(zhp, nfs_only)); } int zfs_share_smb(zfs_handle_t *zhp) { return (zfs_share_proto(zhp, smb_only)); } int zfs_shareall(zfs_handle_t *zhp) { return (zfs_share_proto(zhp, share_all_proto)); } /* * Unshare a filesystem by mountpoint. */ static int unshare_one(libzfs_handle_t *hdl, const char *name, const char *mountpoint, zfs_share_proto_t proto) { sa_share_t share; int err; char *mntpt; /* * Mountpoint could get trashed if libshare calls getmntany * which it does during API initialization, so strdup the * value. */ mntpt = zfs_strdup(hdl, mountpoint); /* make sure libshare initialized */ if ((err = zfs_init_libshare(hdl, SA_INIT_SHARE_API)) != SA_OK) { free(mntpt); /* don't need the copy anymore */ return (zfs_error_fmt(hdl, EZFS_SHARENFSFAILED, dgettext(TEXT_DOMAIN, "cannot unshare '%s': %s"), name, sa_errorstr(err))); } share = sa_find_share(hdl->libzfs_sharehdl, mntpt); free(mntpt); /* don't need the copy anymore */ if (share != NULL) { err = sa_disable_share(share, proto_table[proto].p_name); if (err != SA_OK) { return (zfs_error_fmt(hdl, EZFS_UNSHARENFSFAILED, dgettext(TEXT_DOMAIN, "cannot unshare '%s': %s"), name, sa_errorstr(err))); } } else { return (zfs_error_fmt(hdl, EZFS_UNSHARENFSFAILED, dgettext(TEXT_DOMAIN, "cannot unshare '%s': not found"), name)); } return (0); } /* * Unshare the given filesystem. */ int zfs_unshare_proto(zfs_handle_t *zhp, const char *mountpoint, zfs_share_proto_t *proto) { libzfs_handle_t *hdl = zhp->zfs_hdl; struct mnttab entry; char *mntpt = NULL; /* check to see if need to unmount the filesystem */ rewind(zhp->zfs_hdl->libzfs_mnttab); if (mountpoint != NULL) mountpoint = mntpt = zfs_strdup(hdl, mountpoint); if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) && libzfs_mnttab_find(hdl, zfs_get_name(zhp), &entry) == 0)) { zfs_share_proto_t *curr_proto; if (mountpoint == NULL) mntpt = zfs_strdup(zhp->zfs_hdl, entry.mnt_mountp); for (curr_proto = proto; *curr_proto != PROTO_END; - curr_proto++) { + curr_proto++) { if (is_shared(hdl, mntpt, *curr_proto) && unshare_one(hdl, zhp->zfs_name, - mntpt, *curr_proto) != 0) { + mntpt, *curr_proto) != 0) { if (mntpt != NULL) free(mntpt); return (-1); } } } if (mntpt != NULL) free(mntpt); return (0); } int zfs_unshare_nfs(zfs_handle_t *zhp, const char *mountpoint) { return (zfs_unshare_proto(zhp, mountpoint, nfs_only)); } int zfs_unshare_smb(zfs_handle_t *zhp, const char *mountpoint) { return (zfs_unshare_proto(zhp, mountpoint, smb_only)); } /* * Same as zfs_unmountall(), but for NFS and SMB unshares. */ int zfs_unshareall_proto(zfs_handle_t *zhp, zfs_share_proto_t *proto) { prop_changelist_t *clp; int ret; clp = changelist_gather(zhp, ZFS_PROP_SHARENFS, 0, 0); if (clp == NULL) return (-1); ret = changelist_unshare(clp, proto); changelist_free(clp); return (ret); } int zfs_unshareall_nfs(zfs_handle_t *zhp) { return (zfs_unshareall_proto(zhp, nfs_only)); } int zfs_unshareall_smb(zfs_handle_t *zhp) { return (zfs_unshareall_proto(zhp, smb_only)); } int zfs_unshareall(zfs_handle_t *zhp) { return (zfs_unshareall_proto(zhp, share_all_proto)); } int zfs_unshareall_bypath(zfs_handle_t *zhp, const char *mountpoint) { return (zfs_unshare_proto(zhp, mountpoint, share_all_proto)); } /* * Remove the mountpoint associated with the current dataset, if necessary. * We only remove the underlying directory if: * * - The mountpoint is not 'none' or 'legacy' * - The mountpoint is non-empty * - The mountpoint is the default or inherited * - The 'zoned' property is set, or we're in a local zone * * Any other directories we leave alone. */ void remove_mountpoint(zfs_handle_t *zhp) { char mountpoint[ZFS_MAXPROPLEN]; zprop_source_t source; if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), &source)) return; if (source == ZPROP_SRC_DEFAULT || source == ZPROP_SRC_INHERITED) { /* * Try to remove the directory, silently ignoring any errors. * The filesystem may have since been removed or moved around, * and this error isn't really useful to the administrator in * any way. */ (void) rmdir(mountpoint); } } void libzfs_add_handle(get_all_cb_t *cbp, zfs_handle_t *zhp) { if (cbp->cb_alloc == cbp->cb_used) { size_t newsz; void *ptr; newsz = cbp->cb_alloc ? cbp->cb_alloc * 2 : 64; ptr = zfs_realloc(zhp->zfs_hdl, cbp->cb_handles, cbp->cb_alloc * sizeof (void *), newsz * sizeof (void *)); cbp->cb_handles = ptr; cbp->cb_alloc = newsz; } cbp->cb_handles[cbp->cb_used++] = zhp; } static int mount_cb(zfs_handle_t *zhp, void *data) { get_all_cb_t *cbp = data; if (!(zfs_get_type(zhp) & ZFS_TYPE_FILESYSTEM)) { zfs_close(zhp); return (0); } if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_NOAUTO) { zfs_close(zhp); return (0); } libzfs_add_handle(cbp, zhp); if (zfs_iter_filesystems(zhp, mount_cb, cbp) != 0) { zfs_close(zhp); return (-1); } return (0); } int libzfs_dataset_cmp(const void *a, const void *b) { zfs_handle_t **za = (zfs_handle_t **)a; zfs_handle_t **zb = (zfs_handle_t **)b; char mounta[MAXPATHLEN]; char mountb[MAXPATHLEN]; boolean_t gota, gotb; if ((gota = (zfs_get_type(*za) == ZFS_TYPE_FILESYSTEM)) != 0) verify(zfs_prop_get(*za, ZFS_PROP_MOUNTPOINT, mounta, sizeof (mounta), NULL, NULL, 0, B_FALSE) == 0); if ((gotb = (zfs_get_type(*zb) == ZFS_TYPE_FILESYSTEM)) != 0) verify(zfs_prop_get(*zb, ZFS_PROP_MOUNTPOINT, mountb, sizeof (mountb), NULL, NULL, 0, B_FALSE) == 0); if (gota && gotb) return (strcmp(mounta, mountb)); if (gota) return (-1); if (gotb) return (1); return (strcmp(zfs_get_name(a), zfs_get_name(b))); } /* * Mount and share all datasets within the given pool. This assumes that no * datasets within the pool are currently mounted. Because users can create * complicated nested hierarchies of mountpoints, we first gather all the * datasets and mountpoints within the pool, and sort them by mountpoint. Once * we have the list of all filesystems, we iterate over them in order and mount * and/or share each one. */ #pragma weak zpool_mount_datasets = zpool_enable_datasets int zpool_enable_datasets(zpool_handle_t *zhp, const char *mntopts, int flags) { get_all_cb_t cb = { 0 }; libzfs_handle_t *hdl = zhp->zpool_hdl; zfs_handle_t *zfsp; int i, ret = -1; int *good; /* * Gather all non-snap datasets within the pool. */ if ((zfsp = zfs_open(hdl, zhp->zpool_name, ZFS_TYPE_DATASET)) == NULL) goto out; libzfs_add_handle(&cb, zfsp); if (zfs_iter_filesystems(zfsp, mount_cb, &cb) != 0) goto out; /* * Sort the datasets by mountpoint. */ qsort(cb.cb_handles, cb.cb_used, sizeof (void *), libzfs_dataset_cmp); /* * And mount all the datasets, keeping track of which ones * succeeded or failed. */ if ((good = zfs_alloc(zhp->zpool_hdl, cb.cb_used * sizeof (int))) == NULL) goto out; ret = 0; for (i = 0; i < cb.cb_used; i++) { if (zfs_mount(cb.cb_handles[i], mntopts, flags) != 0) ret = -1; else good[i] = 1; } /* * Then share all the ones that need to be shared. This needs * to be a separate pass in order to avoid excessive reloading * of the configuration. Good should never be NULL since * zfs_alloc is supposed to exit if memory isn't available. */ for (i = 0; i < cb.cb_used; i++) { if (good[i] && zfs_share(cb.cb_handles[i]) != 0) ret = -1; } free(good); out: for (i = 0; i < cb.cb_used; i++) zfs_close(cb.cb_handles[i]); free(cb.cb_handles); return (ret); } static int mountpoint_compare(const void *a, const void *b) { const char *mounta = *((char **)a); const char *mountb = *((char **)b); return (strcmp(mountb, mounta)); } /* alias for 2002/240 */ #pragma weak zpool_unmount_datasets = zpool_disable_datasets /* * Unshare and unmount all datasets within the given pool. We don't want to * rely on traversing the DSL to discover the filesystems within the pool, * because this may be expensive (if not all of them are mounted), and can fail * arbitrarily (on I/O error, for example). Instead, we walk /etc/mtab and * gather all the filesystems that are currently mounted. */ int zpool_disable_datasets(zpool_handle_t *zhp, boolean_t force) { int used, alloc; struct mnttab entry; size_t namelen; char **mountpoints = NULL; zfs_handle_t **datasets = NULL; libzfs_handle_t *hdl = zhp->zpool_hdl; int i; int ret = -1; int flags = (force ? MS_FORCE : 0); namelen = strlen(zhp->zpool_name); rewind(hdl->libzfs_mnttab); used = alloc = 0; while (getmntent(hdl->libzfs_mnttab, &entry) == 0) { /* * Ignore non-ZFS entries. */ if (entry.mnt_fstype == NULL || strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0) continue; /* * Ignore filesystems not within this pool. */ if (entry.mnt_mountp == NULL || strncmp(entry.mnt_special, zhp->zpool_name, namelen) != 0 || (entry.mnt_special[namelen] != '/' && entry.mnt_special[namelen] != '\0')) continue; /* * At this point we've found a filesystem within our pool. Add * it to our growing list. */ if (used == alloc) { if (alloc == 0) { if ((mountpoints = zfs_alloc(hdl, 8 * sizeof (void *))) == NULL) goto out; if ((datasets = zfs_alloc(hdl, 8 * sizeof (void *))) == NULL) goto out; alloc = 8; } else { void *ptr; if ((ptr = zfs_realloc(hdl, mountpoints, alloc * sizeof (void *), alloc * 2 * sizeof (void *))) == NULL) goto out; mountpoints = ptr; if ((ptr = zfs_realloc(hdl, datasets, alloc * sizeof (void *), alloc * 2 * sizeof (void *))) == NULL) goto out; datasets = ptr; alloc *= 2; } } if ((mountpoints[used] = zfs_strdup(hdl, entry.mnt_mountp)) == NULL) goto out; /* * This is allowed to fail, in case there is some I/O error. It * is only used to determine if we need to remove the underlying * mountpoint, so failure is not fatal. */ datasets[used] = make_dataset_handle(hdl, entry.mnt_special); used++; } /* * At this point, we have the entire list of filesystems, so sort it by * mountpoint. */ qsort(mountpoints, used, sizeof (char *), mountpoint_compare); /* * Walk through and first unshare everything. */ for (i = 0; i < used; i++) { zfs_share_proto_t *curr_proto; for (curr_proto = share_all_proto; *curr_proto != PROTO_END; curr_proto++) { if (is_shared(hdl, mountpoints[i], *curr_proto) && unshare_one(hdl, mountpoints[i], mountpoints[i], *curr_proto) != 0) goto out; } } /* * Now unmount everything, removing the underlying directories as * appropriate. */ for (i = 0; i < used; i++) { if (unmount_one(hdl, mountpoints[i], flags) != 0) goto out; } for (i = 0; i < used; i++) { if (datasets[i]) remove_mountpoint(datasets[i]); } ret = 0; out: for (i = 0; i < used; i++) { if (datasets[i]) zfs_close(datasets[i]); free(mountpoints[i]); } free(datasets); free(mountpoints); return (ret); } diff --git a/man/man8/zfs.8 b/man/man8/zfs.8 index 59ecceb817e1..07660df47441 100644 --- a/man/man8/zfs.8 +++ b/man/man8/zfs.8 @@ -1,3422 +1,3434 @@ '\" te .\" Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved. .\" Copyright (c) 2012 by Delphix. All rights reserved. .\" Copyright (c) 2012 Nexenta Systems, Inc. All Rights Reserved. .\" Copyright (c) 2012, Joyent, Inc. All rights reserved. .\" Copyright 2011 Joshua M. Clulow .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] .TH zfs 8 "Aug 16, 2012" "ZFS pool 28, filesystem 5" "System Administration Commands" .SH NAME zfs \- configures ZFS file systems .SH SYNOPSIS .LP .nf \fBzfs\fR [\fB-?\fR] .fi .LP .nf \fBzfs\fR \fBcreate\fR [\fB-p\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fIfilesystem\fR .fi .LP .nf \fBzfs\fR \fBcreate\fR [\fB-ps\fR] [\fB-b\fR \fIblocksize\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fB-V\fR \fIsize\fR \fIvolume\fR .fi .LP .nf \fBzfs\fR \fBdestroy\fR [\fB-fnpRrv\fR] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBdestroy\fR [\fB-dnpRrv\fR] \fIfilesystem\fR|\fIvolume\fR@\fIsnap\fR[%\fIsnap\fR][,...] .fi .LP .nf \fBzfs\fR \fBsnapshot | snap\fR [\fB-r\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR]... \fIfilesystem@snapname\fR|\fIvolume@snapname\fR .fi .LP .nf \fBzfs\fR \fBrollback\fR [\fB-rRf\fR] \fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBclone\fR [\fB-p\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fIsnapshot\fR \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBpromote\fR \fIclone-filesystem\fR .fi .LP .nf \fBzfs\fR \fBrename\fR [\fB-f\fR] \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBrename\fR [\fB-fp\fR] \fIfilesystem\fR|\fIvolume\fR \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBrename\fR \fB-r\fR \fIsnapshot\fR \fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBlist\fR [\fB-r\fR|\fB-d\fR \fIdepth\fR][\fB-H\fR][\fB-o\fR \fIproperty\fR[,...]] [\fB-t\fR \fItype\fR[,...]] [\fB-s\fR \fIproperty\fR] ... [\fB-S\fR \fIproperty\fR] ... [\fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR|\fIsnap\fR] ... .fi .LP .nf \fBzfs\fR \fBset\fR \fIproperty\fR=\fIvalue\fR \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR ... .fi .LP .nf \fBzfs\fR \fBget\fR [\fB-r\fR|\fB-d\fR \fIdepth\fR][\fB-Hp\fR][\fB-o\fR \fIfield\fR[,...]] [\fB-t\fR \fItype\fR[,...]] [\fB-s\fR \fIsource\fR[,...]] "\fIall\fR" | \fIproperty\fR[,...] \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR ... .fi .LP .nf \fBzfs\fR \fBinherit\fR [\fB-r\fR] \fIproperty\fR \fIfilesystem\fR|\fIvolume|snapshot\fR ... .fi .LP .nf \fBzfs\fR \fBupgrade\fR [\fB-v\fR] .fi .LP .nf \fBzfs\fR \fBupgrade\fR [\fB-r\fR] [\fB-V\fR \fIversion\fR] \fB-a\fR | \fIfilesystem\fR .fi .LP .nf \fBzfs\fR \fBuserspace\fR [\fB-niHp\fR] [\fB-o\fR \fIfield\fR[,...]] [\fB-sS\fR \fIfield\fR] ... [\fB-t\fR \fItype\fR[,...]] \fIfilesystem\fR|\fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBgroupspace\fR [\fB-niHp\fR] [\fB-o\fR \fIfield\fR[,...]] [\fB-sS\fR \fIfield\fR] ... [\fB-t\fR \fItype\fR[,...]] \fIfilesystem\fR|\fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBmount\fR .fi .LP .nf \fBzfs\fR \fBmount\fR [\fB-vO\fR] [\fB-o \fIoptions\fR\fR] \fB-a\fR | \fIfilesystem\fR .fi .LP .nf \fBzfs\fR \fBunmount | umount\fR [\fB-f\fR] \fB-a\fR | \fIfilesystem\fR|\fImountpoint\fR .fi .LP .nf \fBzfs\fR \fBshare\fR \fB-a\fR | \fIfilesystem\fR .fi .LP .nf \fBzfs\fR \fBunshare\fR \fB-a\fR \fIfilesystem\fR|\fImountpoint\fR .fi .LP .nf \fBzfs\fR \fBsend\fR [\fB-DnPpRrv\fR] [\fB-\fR[\fBiI\fR] \fIsnapshot\fR] \fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBreceive | recv\fR [\fB-vnFu\fR] \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR .fi .LP .nf \fBzfs\fR \fBreceive | recv\fR [\fB-vnFu\fR] [\fB-d\fR|\fB-e\fR] \fIfilesystem\fR .fi .LP .nf \fBzfs\fR \fBallow\fR \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBallow\fR [\fB-ldug\fR] "\fIeveryone\fR"|\fIuser\fR|\fIgroup\fR[,...] \fIperm\fR|\fI@setname\fR[,...] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBallow\fR [\fB-ld\fR] \fB-e\fR \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBallow\fR \fB-c\fR \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBallow\fR \fB-s\fR @\fIsetname\fR \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBunallow\fR [\fB-rldug\fR] "\fIeveryone\fR"|\fIuser\fR|\fIgroup\fR[,...] [\fIperm\fR|@\fIsetname\fR[,... ]] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBunallow\fR [\fB-rld\fR] \fB-e\fR [\fIperm\fR|@\fIsetname\fR[,... ]] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBunallow\fR [\fB-r\fR] \fB-c\fR [\fIperm\fR|@\fIsetname\fR[ ... ]] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBunallow\fR [\fB-r\fR] \fB-s\fR @\fIsetname\fR [\fIperm\fR|@\fIsetname\fR[,... ]] \fIfilesystem\fR|\fIvolume\fR .fi .LP .nf \fBzfs\fR \fBhold\fR [\fB-r\fR] \fItag\fR \fIsnapshot\fR... .fi .LP .nf \fBzfs\fR \fBholds\fR [\fB-r\fR] \fIsnapshot\fR... .fi .LP .nf \fBzfs\fR \fBrelease\fR [\fB-r\fR] \fItag\fR \fIsnapshot\fR... .fi .LP .nf \fBzfs\fR \fBdiff\fR [\fB-FHt\fR] \fIsnapshot\fR \fIsnapshot|filesystem\fR .SH DESCRIPTION .sp .LP The \fBzfs\fR command configures \fBZFS\fR datasets within a \fBZFS\fR storage pool, as described in \fBzpool\fR(8). A dataset is identified by a unique path within the \fBZFS\fR namespace. For example: .sp .in +2 .nf pool/{filesystem,volume,snapshot} .fi .in -2 .sp .sp .LP where the maximum length of a dataset name is \fBMAXNAMELEN\fR (256 bytes). .sp .LP A dataset can be one of the following: .sp .ne 2 .mk .na \fB\fIfile system\fR\fR .ad .sp .6 .RS 4n A \fBZFS\fR dataset of type \fBfilesystem\fR can be mounted within the standard system namespace and behaves like other file systems. While \fBZFS\fR file systems are designed to be \fBPOSIX\fR compliant, known issues exist that prevent compliance in some cases. Applications that depend on standards conformance might fail due to nonstandard behavior when checking file system free space. .RE .sp .ne 2 .mk .na \fB\fIvolume\fR\fR .ad .sp .6 .RS 4n A logical volume exported as a raw or block device. This type of dataset should only be used under special circumstances. File systems are typically used in most environments. .RE .sp .ne 2 .mk .na \fB\fIsnapshot\fR\fR .ad .sp .6 .RS 4n A read-only version of a file system or volume at a given point in time. It is specified as \fIfilesystem@name\fR or \fIvolume@name\fR. .RE .SS "ZFS File System Hierarchy" .sp .LP A \fBZFS\fR storage pool is a logical collection of devices that provide space for datasets. A storage pool is also the root of the \fBZFS\fR file system hierarchy. .sp .LP The root of the pool can be accessed as a file system, such as mounting and unmounting, taking snapshots, and setting properties. The physical storage characteristics, however, are managed by the \fBzpool\fR(8) command. .sp .LP See \fBzpool\fR(8) for more information on creating and administering pools. .SS "Snapshots" .sp .LP A snapshot is a read-only copy of a file system or volume. Snapshots can be created extremely quickly, and initially consume no additional space within the pool. As data within the active dataset changes, the snapshot consumes more data than would otherwise be shared with the active dataset. .sp .LP Snapshots can have arbitrary names. Snapshots of volumes can be cloned or rolled back, but cannot be accessed independently. .sp .LP File system snapshots can be accessed under the \fB\&.zfs/snapshot\fR directory in the root of the file system. Snapshots are automatically mounted on demand and may be unmounted at regular intervals. The visibility of the \fB\&.zfs\fR directory can be controlled by the \fBsnapdir\fR property. .SS "Clones" .sp .LP A clone is a writable volume or file system whose initial contents are the same as another dataset. As with snapshots, creating a clone is nearly instantaneous, and initially consumes no additional space. .sp .LP Clones can only be created from a snapshot. When a snapshot is cloned, it creates an implicit dependency between the parent and child. Even though the clone is created somewhere else in the dataset hierarchy, the original snapshot cannot be destroyed as long as a clone exists. The \fBorigin\fR property exposes this dependency, and the \fBdestroy\fR command lists any such dependencies, if they exist. .sp .LP The clone parent-child dependency relationship can be reversed by using the \fBpromote\fR subcommand. This causes the "origin" file system to become a clone of the specified file system, which makes it possible to destroy the file system that the clone was created from. .SS "Mount Points" .sp .LP Creating a \fBZFS\fR file system is a simple operation, so the number of file systems per system is likely to be numerous. To cope with this, \fBZFS\fR automatically manages mounting and unmounting file systems without the need to edit the \fB/etc/fstab\fR file. All automatically managed file systems are mounted by \fBZFS\fR at boot time. .sp .LP By default, file systems are mounted under \fB/\fIpath\fR\fR, where \fIpath\fR is the name of the file system in the \fBZFS\fR namespace. Directories are created and destroyed as needed. .sp .LP A file system can also have a mount point set in the \fBmountpoint\fR property. This directory is created as needed, and \fBZFS\fR automatically mounts the file system when the \fBzfs mount -a\fR command is invoked (without editing \fB/etc/fstab\fR). The \fBmountpoint\fR property can be inherited, so if \fBpool/home\fR has a mount point of \fB/export/stuff\fR, then \fBpool/home/user\fR automatically inherits a mount point of \fB/export/stuff/user\fR. .sp .LP A file system \fBmountpoint\fR property of \fBnone\fR prevents the file system from being mounted. .sp .LP If needed, \fBZFS\fR file systems can also be managed with traditional tools (\fBmount\fR, \fBumount\fR, \fB/etc/fstab\fR). If a file system's mount point is set to \fBlegacy\fR, \fBZFS\fR makes no attempt to manage the file system, and the administrator is responsible for mounting and unmounting the file system. .SS "Deduplication" .sp .LP Deduplication is the process for removing redundant data at the block-level, reducing the total amount of data stored. If a file system has the \fBdedup\fR property enabled, duplicate data blocks are removed synchronously. The result is that only unique data is stored and common components are shared among files. .SS "Native Properties" .sp .LP Properties are divided into two types, native properties and user-defined (or "user") properties. Native properties either export internal statistics or control \fBZFS\fR behavior. In addition, native properties are either editable or read-only. User properties have no effect on \fBZFS\fR behavior, but you can use them to annotate datasets in a way that is meaningful in your environment. For more information about user properties, see the "User Properties" section, below. .sp .LP Every dataset has a set of properties that export statistics about the dataset as well as control various behaviors. Properties are inherited from the parent unless overridden by the child. Some properties apply only to certain types of datasets (file systems, volumes, or snapshots). .sp .LP The values of numeric properties can be specified using human-readable suffixes (for example, \fBk\fR, \fBKB\fR, \fBM\fR, \fBGb\fR, and so forth, up to \fBZ\fR for zettabyte). The following are all valid (and equal) specifications: .sp .in +2 .nf 1536M, 1.5g, 1.50GB .fi .in -2 .sp .sp .LP The values of non-numeric properties are case sensitive and must be lowercase, except for \fBmountpoint\fR, \fBsharenfs\fR, and \fBsharesmb\fR. .sp .LP The following native properties consist of read-only statistics about the dataset. These properties can be neither set, nor inherited. Native properties apply to all dataset types unless otherwise noted. .sp .ne 2 .mk .na \fB\fBavailable\fR\fR .ad .sp .6 .RS 4n The amount of space available to the dataset and all its children, assuming that there is no other activity in the pool. Because space is shared within a pool, availability can be limited by any number of factors, including physical pool size, quotas, reservations, or other datasets within the pool. .sp This property can also be referred to by its shortened column name, \fBavail\fR. .RE .sp .ne 2 .mk .na \fB\fBcompressratio\fR\fR .ad .sp .6 .RS 4n For non-snapshots, the compression ratio achieved for the \fBused\fR space of this dataset, expressed as a multiplier. The \fBused\fR property includes descendant datasets, and, for clones, does not include the space shared with the origin snapshot. For snapshots, the \fBcompressratio\fR is the same as the \fBrefcompressratio\fR property. Compression can be turned on by running: \fBzfs set compression=on \fIdataset\fR\fR. The default value is \fBoff\fR. .RE .sp .ne 2 .mk .na \fB\fBcreation\fR\fR .ad .sp .6 .RS 4n The time this dataset was created. .RE .sp .ne 2 .mk .na \fB\fBclones\fR\fR .ad .sp .6 .RS 4n For snapshots, this property is a comma-separated list of filesystems or volumes which are clones of this snapshot. The clones' \fBorigin\fR property is this snapshot. If the \fBclones\fR property is not empty, then this snapshot can not be destroyed (even with the \fB-r\fR or \fB-f\fR options). .RE .sp .ne 2 .na \fB\fBdefer_destroy\fR\fR .ad .sp .6 .RS 4n This property is \fBon\fR if the snapshot has been marked for deferred destruction by using the \fBzfs destroy\fR \fB-d\fR command. Otherwise, the property is \fBoff\fR. .RE .sp .ne 2 .mk .na \fB\fBmounted\fR\fR .ad .sp .6 .RS 4n For file systems, indicates whether the file system is currently mounted. This property can be either \fByes\fR or \fBno\fR. .RE .sp .ne 2 .mk .na \fB\fBorigin\fR\fR .ad .sp .6 .RS 4n For cloned file systems or volumes, the snapshot from which the clone was created. See also the \fBclones\fR property. .RE .sp .ne 2 .mk .na \fB\fBreferenced\fR\fR .ad .sp .6 .RS 4n The amount of data that is accessible by this dataset, which may or may not be shared with other datasets in the pool. When a snapshot or clone is created, it initially references the same amount of space as the file system or snapshot it was created from, since its contents are identical. .sp This property can also be referred to by its shortened column name, \fBrefer\fR. .RE .sp .ne 2 .mk .na \fB\fBrefcompressratio\fR\fR .ad .sp .6 .RS 4n The compression ratio achieved for the \fBreferenced\fR space of this dataset, expressed as a multiplier. See also the \fBcompressratio\fR property. .RE .sp .ne 2 .mk .na \fB\fBtype\fR\fR .ad .sp .6 .RS 4n The type of dataset: \fBfilesystem\fR, \fBvolume\fR, or \fBsnapshot\fR. .RE .sp .ne 2 .mk .na \fB\fBused\fR\fR .ad .sp .6 .RS 4n The amount of space consumed by this dataset and all its descendents. This is the value that is checked against this dataset's quota and reservation. The space used does not include this dataset's reservation, but does take into account the reservations of any descendent datasets. The amount of space that a dataset consumes from its parent, as well as the amount of space that are freed if this dataset is recursively destroyed, is the greater of its space used and its reservation. .sp When snapshots (see the "Snapshots" section) are created, their space is initially shared between the snapshot and the file system, and possibly with previous snapshots. As the file system changes, space that was previously shared becomes unique to the snapshot, and counted in the snapshot's space used. Additionally, deleting snapshots can increase the amount of space unique to (and used by) other snapshots. .sp The amount of space used, available, or referenced does not take into account pending changes. Pending changes are generally accounted for within a few seconds. Committing a change to a disk using \fBfsync\fR(2) or \fBO_SYNC\fR does not necessarily guarantee that the space usage information is updated immediately. .RE .sp .ne 2 .mk .na \fB\fBusedby*\fR\fR .ad .sp .6 .RS 4n The \fBusedby*\fR properties decompose the \fBused\fR properties into the various reasons that space is used. Specifically, \fBused\fR = \fBusedbychildren\fR + \fBusedbydataset\fR + \fBusedbyrefreservation\fR +, \fBusedbysnapshots\fR. These properties are only available for datasets created on \fBzpool\fR "version 13" pools. .RE .sp .ne 2 .mk .na \fB\fBusedbychildren\fR\fR .ad .sp .6 .RS 4n The amount of space used by children of this dataset, which would be freed if all the dataset's children were destroyed. .RE .sp .ne 2 .mk .na \fB\fBusedbydataset\fR\fR .ad .sp .6 .RS 4n The amount of space used by this dataset itself, which would be freed if the dataset were destroyed (after first removing any \fBrefreservation\fR and destroying any necessary snapshots or descendents). .RE .sp .ne 2 .mk .na \fB\fBusedbyrefreservation\fR\fR .ad .sp .6 .RS 4n The amount of space used by a \fBrefreservation\fR set on this dataset, which would be freed if the \fBrefreservation\fR was removed. .RE .sp .ne 2 .mk .na \fB\fBusedbysnapshots\fR\fR .ad .sp .6 .RS 4n The amount of space consumed by snapshots of this dataset. In particular, it is the amount of space that would be freed if all of this dataset's snapshots were destroyed. Note that this is not simply the sum of the snapshots' \fBused\fR properties because space can be shared by multiple snapshots. .RE .sp .ne 2 .mk .na \fB\fBuserused@\fR\fIuser\fR\fR .ad .sp .6 .RS 4n The amount of space consumed by the specified user in this dataset. Space is charged to the owner of each file, as displayed by \fBls\fR \fB-l\fR. The amount of space charged is displayed by \fBdu\fR and \fBls\fR \fB-s\fR. See the \fBzfs userspace\fR subcommand for more information. .sp Unprivileged users can access only their own space usage. The root user, or a user who has been granted the \fBuserused\fR privilege with \fBzfs allow\fR, can access everyone's usage. .sp The \fBuserused@\fR... properties are not displayed by \fBzfs get all\fR. The user's name must be appended after the \fB@\fR symbol, using one of the following forms: .RS +4 .TP .ie t \(bu .el o \fIPOSIX name\fR (for example, \fBjoe\fR) .RE .RS +4 .TP .ie t \(bu .el o \fIPOSIX numeric ID\fR (for example, \fB789\fR) .RE .RS +4 .TP .ie t \(bu .el o \fISID name\fR (for example, \fBjoe.smith@mydomain\fR) .RE .RS +4 .TP .ie t \(bu .el o \fISID numeric ID\fR (for example, \fBS-1-123-456-789\fR) .RE .RE .sp .ne 2 .mk .na \fB\fBuserrefs\fR\fR .ad .sp .6 .RS 4n This property is set to the number of user holds on this snapshot. User holds are set by using the \fBzfs hold\fR command. .RE .sp .ne 2 .mk .na \fB\fBgroupused@\fR\fIgroup\fR\fR .ad .sp .6 .RS 4n The amount of space consumed by the specified group in this dataset. Space is charged to the group of each file, as displayed by \fBls\fR \fB-l\fR. See the \fBuserused@\fR\fIuser\fR property for more information. .sp Unprivileged users can only access their own groups' space usage. The root user, or a user who has been granted the \fBgroupused\fR privilege with \fBzfs allow\fR, can access all groups' usage. .RE .sp .ne 2 .mk .na \fB\fBvolblocksize\fR=\fIblocksize\fR\fR .ad .sp .6 .RS 4n For volumes, specifies the block size of the volume. The \fBblocksize\fR cannot be changed once the volume has been written, so it should be set at volume creation time. The default \fBblocksize\fR for volumes is 8 Kbytes. Any power of 2 from 512 bytes to 128 Kbytes is valid. .sp This property can also be referred to by its shortened column name, \fBvolblock\fR. .RE .sp .ne 2 .na \fB\fBwritten\fR\fR .ad .sp .6 .RS 4n The amount of \fBreferenced\fR space written to this dataset since the previous snapshot. .RE .sp .ne 2 .na \fB\fBwritten@\fR\fIsnapshot\fR\fR .ad .sp .6 .RS 4n The amount of \fBreferenced\fR space written to this dataset since the specified snapshot. This is the space that is referenced by this dataset but was not referenced by the specified snapshot. .sp The \fIsnapshot\fR may be specified as a short snapshot name (just the part after the \fB@\fR), in which case it will be interpreted as a snapshot in the same filesystem as this dataset. The \fIsnapshot\fR be a full snapshot name (\fIfilesystem\fR@\fIsnapshot\fR), which for clones may be a snapshot in the origin's filesystem (or the origin of the origin's filesystem, etc). .RE .sp .LP The following native properties can be used to change the behavior of a \fBZFS\fR dataset. .sp .ne 2 .mk .na \fB\fBaclinherit\fR=\fBdiscard\fR | \fBnoallow\fR | \fBrestricted\fR | \fBpassthrough\fR | \fBpassthrough-x\fR\fR .ad .sp .6 .RS 4n Controls how \fBACL\fR entries are inherited when files and directories are created. A file system with an \fBaclinherit\fR property of \fBdiscard\fR does not inherit any \fBACL\fR entries. A file system with an \fBaclinherit\fR property value of \fBnoallow\fR only inherits inheritable \fBACL\fR entries that specify "deny" permissions. The property value \fBrestricted\fR (the default) removes the \fBwrite_acl\fR and \fBwrite_owner\fR permissions when the \fBACL\fR entry is inherited. A file system with an \fBaclinherit\fR property value of \fBpassthrough\fR inherits all inheritable \fBACL\fR entries without any modifications made to the \fBACL\fR entries when they are inherited. A file system with an \fBaclinherit\fR property value of \fBpassthrough-x\fR has the same meaning as \fBpassthrough\fR, except that the \fBowner@\fR, \fBgroup@\fR, and \fBeveryone@\fR \fBACE\fRs inherit the execute permission only if the file creation mode also requests the execute bit. .sp When the property value is set to \fBpassthrough\fR, files are created with a mode determined by the inheritable \fBACE\fRs. If no inheritable \fBACE\fRs exist that affect the mode, then the mode is set in accordance to the requested mode from the application. .RE .sp .ne 2 .mk .na \fB\fBaclmode\fR=\fBdiscard\fR | \fBgroupmask\fR | \fBpassthrough\fR\fR .ad .sp .6 .RS 4n Controls how an \fBACL\fR is modified during \fBchmod\fR(2). A file system with an \fBaclmode\fR property of \fBdiscard\fR deletes all \fBACL\fR entries that do not represent the mode of the file. An \fBaclmode\fR property of \fBgroupmask\fR (the default) reduces user or group permissions. The permissions are reduced, such that they are no greater than the group permission bits, unless it is a user entry that has the same \fBUID\fR as the owner of the file or directory. In this case, the \fBACL\fR permissions are reduced so that they are no greater than owner permission bits. A file system with an \fBaclmode\fR property of \fBpassthrough\fR indicates that no changes are made to the \fBACL\fR other than generating the necessary \fBACL\fR entries to represent the new mode of the file or directory. .RE .sp .ne 2 .mk .na \fB\fBatime\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether the access time for files is updated when they are read. Turning this property off avoids producing write traffic when reading files and can result in significant performance gains, though it might confuse mailers and other similar utilities. The default value is \fBon\fR. .RE .sp .ne 2 .mk .na \fB\fBcanmount\fR=\fBon\fR | \fBoff\fR | \fBnoauto\fR\fR .ad .sp .6 .RS 4n If this property is set to \fBoff\fR, the file system cannot be mounted, and is ignored by \fBzfs mount -a\fR. Setting this property to \fBoff\fR is similar to setting the \fBmountpoint\fR property to \fBnone\fR, except that the dataset still has a normal \fBmountpoint\fR property, which can be inherited. Setting this property to \fBoff\fR allows datasets to be used solely as a mechanism to inherit properties. One example of setting \fBcanmount=\fR\fBoff\fR is to have two datasets with the same \fBmountpoint\fR, so that the children of both datasets appear in the same directory, but might have different inherited characteristics. .sp When the \fBnoauto\fR option is set, a dataset can only be mounted and unmounted explicitly. The dataset is not mounted automatically when the dataset is created or imported, nor is it mounted by the \fBzfs mount -a\fR command or unmounted by the \fBzfs unmount -a\fR command. .sp This property is not inherited. .RE .sp .ne 2 .mk .na \fB\fBchecksum\fR=\fBon\fR | \fBoff\fR | \fBfletcher2,\fR| \fBfletcher4\fR | \fBsha256\fR\fR .ad .sp .6 .RS 4n Controls the checksum used to verify data integrity. The default value is \fBon\fR, which automatically selects an appropriate algorithm (currently, \fBfletcher2\fR, but this may change in future releases). The value \fBoff\fR disables integrity checking on user data. Disabling checksums is \fBNOT\fR a recommended practice. .sp Changing this property affects only newly-written data. .RE .sp .ne 2 .mk .na \fBcompression\fR=\fBon\fR | \fBoff\fR | \fBlzjb\fR | \fBgzip\fR | \fBgzip-\fR\fIN\fR | \fBzle\fR .ad .sp .6 .RS 4n Controls the compression algorithm used for this dataset. The \fBlzjb\fR compression algorithm is optimized for performance while providing decent data compression. Setting compression to \fBon\fR uses the \fBlzjb\fR compression algorithm. .sp The \fBgzip\fR compression algorithm uses the same compression as the \fBgzip\fR(1) command. You can specify the \fBgzip\fR level by using the value \fBgzip-\fR\fIN\fR where \fIN\fR is an integer from 1 (fastest) to 9 (best compression ratio). Currently, \fBgzip\fR is equivalent to \fBgzip-6\fR (which is also the default for \fBgzip\fR(1)). .sp The \fBzle\fR (zero-length encoding) compression algorithm is a fast and simple algorithm to eliminate runs of zeroes. .sp This property can also be referred to by its shortened column name \fBcompress\fR. Changing this property affects only newly-written data. .RE .sp .ne 2 .mk .na \fB\fBcopies\fR=\fB1\fR | \fB2\fR | \fB3\fR\fR .ad .sp .6 .RS 4n Controls the number of copies of data stored for this dataset. These copies are in addition to any redundancy provided by the pool, for example, mirroring or RAID-Z. The copies are stored on different disks, if possible. The space used by multiple copies is charged to the associated file and dataset, changing the \fBused\fR property and counting against quotas and reservations. .sp Changing this property only affects newly-written data. Therefore, set this property at file system creation time by using the \fB-o\fR \fBcopies=\fR\fIN\fR option. .RE .sp .ne 2 .mk .na \fB\fBdedup\fR=\fBon\fR | \fBoff\fR | \fBverify\fR | \fBsha256\fR[,\fBverify\fR]\fR .ad .sp .6 .RS 4n Controls whether deduplication is in effect for a dataset. The default value is \fBoff\fR. The default checksum used for deduplication is \fBsha256\fR (subject to change). When \fBdedup\fR is enabled, the \fBdedup\fR checksum algorithm overrides the \fBchecksum\fR property. Setting the value to \fBverify\fR is equivalent to specifying \fBsha256,verify\fR. .sp If the property is set to \fBverify\fR, then, whenever two blocks have the same signature, ZFS will do a byte-for-byte comparison with the existing block to ensure that the contents are identical. .RE .sp .ne 2 .mk .na \fB\fBdevices\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether device nodes can be opened on this file system. The default value is \fBon\fR. .RE .sp .ne 2 .mk .na \fB\fBexec\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether processes can be executed from within this file system. The default value is \fBon\fR. .RE .sp .ne 2 .mk .na \fB\fBmlslabel\fR=\fIlabel\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n The \fBmlslabel\fR property is a sensitivity label that determines if a dataset can be mounted in a zone on a system with Trusted Extensions enabled. If the labeled dataset matches the labeled zone, the dataset can be mounted and accessed from the labeled zone. .sp When the \fBmlslabel\fR property is not set, the default value is \fBnone\fR. Setting the \fBmlslabel\fR property to \fBnone\fR is equivalent to removing the property. .sp The \fBmlslabel\fR property can be modified only when Trusted Extensions is enabled and only with appropriate privilege. Rights to modify it cannot be delegated. When changing a label to a higher label or setting the initial dataset label, the \fB{PRIV_FILE_UPGRADE_SL}\fR privilege is required. When changing a label to a lower label or the default (\fBnone\fR), the \fB{PRIV_FILE_DOWNGRADE_SL}\fR privilege is required. Changing the dataset to labels other than the default can be done only when the dataset is not mounted. When a dataset with the default label is mounted into a labeled-zone, the mount operation automatically sets the \fBmlslabel\fR property to the label of that zone. .sp When Trusted Extensions is \fBnot\fR enabled, only datasets with the default label (\fBnone\fR) can be mounted. .sp Zones are a Solaris feature and are not relevant on Linux. .RE .sp .ne 2 .mk .na \fB\fBmountpoint\fR=\fIpath\fR | \fBnone\fR | \fBlegacy\fR\fR .ad .sp .6 .RS 4n Controls the mount point used for this file system. See the "Mount Points" section for more information on how this property is used. .sp When the \fBmountpoint\fR property is changed for a file system, the file system and any children that inherit the mount point are unmounted. If the new value is \fBlegacy\fR, then they remain unmounted. Otherwise, they are automatically remounted in the new location if the property was previously \fBlegacy\fR or \fBnone\fR, or if they were mounted before the property was changed. In addition, any shared file systems are unshared and shared in the new location. .RE .sp .ne 2 .mk .na \fB\fBnbmand\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether the file system should be mounted with \fBnbmand\fR (Non Blocking mandatory locks). This is used for \fBCIFS\fR clients. Changes to this property only take effect when the file system is umounted and remounted. See \fBmount\fR(8) for more information on \fBnbmand\fR mounts. .RE .sp .ne 2 .mk .na \fB\fBprimarycache\fR=\fBall\fR | \fBnone\fR | \fBmetadata\fR\fR .ad .sp .6 .RS 4n Controls what is cached in the primary cache (ARC). If this property is set to \fBall\fR, then both user data and metadata is cached. If this property is set to \fBnone\fR, then neither user data nor metadata is cached. If this property is set to \fBmetadata\fR, then only metadata is cached. The default value is \fBall\fR. .RE .sp .ne 2 .mk .na \fB\fBquota\fR=\fIsize\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n Limits the amount of space a dataset and its descendents can consume. This property enforces a hard limit on the amount of space used. This includes all space consumed by descendents, including file systems and snapshots. Setting a quota on a descendent of a dataset that already has a quota does not override the ancestor's quota, but rather imposes an additional limit. .sp Quotas cannot be set on volumes, as the \fBvolsize\fR property acts as an implicit quota. .RE .sp .ne 2 .mk .na \fB\fBuserquota@\fR\fIuser\fR=\fIsize\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n Limits the amount of space consumed by the specified user. Similar to the \fBrefquota\fR property, the \fBuserquota\fR space calculation does not include space that is used by descendent datasets, such as snapshots and clones. User space consumption is identified by the \fBuserspace@\fR\fIuser\fR property. .sp Enforcement of user quotas may be delayed by several seconds. This delay means that a user might exceed their quota before the system notices that they are over quota and begins to refuse additional writes with the \fBEDQUOT\fR error message . See the \fBzfs userspace\fR subcommand for more information. .sp Unprivileged users can only access their own groups' space usage. The root user, or a user who has been granted the \fBuserquota\fR privilege with \fBzfs allow\fR, can get and set everyone's quota. .sp This property is not available on volumes, on file systems before version 4, or on pools before version 15. The \fBuserquota@\fR... properties are not displayed by \fBzfs get all\fR. The user's name must be appended after the \fB@\fR symbol, using one of the following forms: .RS +4 .TP .ie t \(bu .el o \fIPOSIX name\fR (for example, \fBjoe\fR) .RE .RS +4 .TP .ie t \(bu .el o \fIPOSIX numeric ID\fR (for example, \fB789\fR) .RE .RS +4 .TP .ie t \(bu .el o \fISID name\fR (for example, \fBjoe.smith@mydomain\fR) .RE .RS +4 .TP .ie t \(bu .el o \fISID numeric ID\fR (for example, \fBS-1-123-456-789\fR) .RE .RE .sp .ne 2 .mk .na \fB\fBgroupquota@\fR\fIgroup\fR=\fIsize\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n Limits the amount of space consumed by the specified group. Group space consumption is identified by the \fBuserquota@\fR\fIuser\fR property. .sp Unprivileged users can access only their own groups' space usage. The root user, or a user who has been granted the \fBgroupquota\fR privilege with \fBzfs allow\fR, can get and set all groups' quotas. .RE .sp .ne 2 .mk .na \fB\fBreadonly\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether this dataset can be modified. The default value is \fBoff\fR. .sp This property can also be referred to by its shortened column name, \fBrdonly\fR. .RE .sp .ne 2 .mk .na \fB\fBrecordsize\fR=\fIsize\fR\fR .ad .sp .6 .RS 4n Specifies a suggested block size for files in the file system. This property is designed solely for use with database workloads that access files in fixed-size records. \fBZFS\fR automatically tunes block sizes according to internal algorithms optimized for typical access patterns. .sp For databases that create very large files but access them in small random chunks, these algorithms may be suboptimal. Specifying a \fBrecordsize\fR greater than or equal to the record size of the database can result in significant performance gains. Use of this property for general purpose file systems is strongly discouraged, and may adversely affect performance. .sp The size specified must be a power of two greater than or equal to 512 and less than or equal to 128 Kbytes. .sp Changing the file system's \fBrecordsize\fR affects only files created afterward; existing files are unaffected. .sp This property can also be referred to by its shortened column name, \fBrecsize\fR. .RE .sp .ne 2 .mk .na \fB\fBrefquota\fR=\fIsize\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n Limits the amount of space a dataset can consume. This property enforces a hard limit on the amount of space used. This hard limit does not include space used by descendents, including file systems and snapshots. .RE .sp .ne 2 .mk .na \fB\fBrefreservation\fR=\fIsize\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n The minimum amount of space guaranteed to a dataset, not including its descendents. When the amount of space used is below this value, the dataset is treated as if it were taking up the amount of space specified by \fBrefreservation\fR. The \fBrefreservation\fR reservation is accounted for in the parent datasets' space used, and counts against the parent datasets' quotas and reservations. .sp If \fBrefreservation\fR is set, a snapshot is only allowed if there is enough free pool space outside of this reservation to accommodate the current number of "referenced" bytes in the dataset. .sp This property can also be referred to by its shortened column name, \fBrefreserv\fR. .RE .sp .ne 2 .mk .na \fB\fBreservation\fR=\fIsize\fR | \fBnone\fR\fR .ad .sp .6 .RS 4n The minimum amount of space guaranteed to a dataset and its descendents. When the amount of space used is below this value, the dataset is treated as if it were taking up the amount of space specified by its reservation. Reservations are accounted for in the parent datasets' space used, and count against the parent datasets' quotas and reservations. .sp This property can also be referred to by its shortened column name, \fBreserv\fR. .RE .sp .ne 2 .mk .na \fB\fBsecondarycache\fR=\fBall\fR | \fBnone\fR | \fBmetadata\fR\fR .ad .sp .6 .RS 4n Controls what is cached in the secondary cache (L2ARC). If this property is set to \fBall\fR, then both user data and metadata is cached. If this property is set to \fBnone\fR, then neither user data nor metadata is cached. If this property is set to \fBmetadata\fR, then only metadata is cached. The default value is \fBall\fR. .RE .sp .ne 2 .mk .na \fB\fBsetuid\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether the set-\fBUID\fR bit is respected for the file system. The default value is \fBon\fR. .RE .sp .ne 2 .mk .na \fB\fBshareiscsi\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Like the \fBsharenfs\fR property, \fBshareiscsi\fR indicates whether a \fBZFS\fR volume is exported as an \fBiSCSI\fR target. The acceptable values for this property are \fBon\fR, \fBoff\fR, and \fBtype=disk\fR. The default value is \fBoff\fR. In the future, other target types might be supported. For example, \fBtape\fR. .sp You might want to set \fBshareiscsi=on\fR for a file system so that all \fBZFS\fR volumes within the file system are shared by default. However, setting this property on a file system has no direct effect. .RE .sp .ne 2 .mk .na -\fB\fBsharesmb\fR=\fBon\fR | \fBoff\fR | \fIopts\fR\fR +\fB\fBsharesmb\fR=\fBon\fR | \fBoff\fR .ad .sp .6 .RS 4n -Controls whether the file system is shared by using the Solaris \fBCIFS\fR service, and what options are to be used. A file system with the \fBsharesmb\fR property set to \fBoff\fR is managed through traditional tools such as \fBsharemgr\fR(1M). Otherwise, the file system is automatically shared and unshared with the \fBzfs share\fR and \fBzfs unshare\fR commands. If the property is set to \fBon\fR, the \fBsharemgr\fR(1M) command is invoked with no options. Otherwise, the \fBsharemgr\fR(1M) command is invoked with options equivalent to the contents of this property. +Controls whether the file system is shared by using \fBSamba USERSHARES\fR, and what options are to be used. Otherwise, the file system is automatically shared and unshared with the \fBzfs share\fR and \fBzfs unshare\fR commands. If the property is set to \fBon\fR, the \fBnet\fR(8) command is invoked to create a \fBUSERSHARE\fR. .sp -Because \fBSMB\fR shares requires a resource name, a unique resource name is constructed from the dataset name. The constructed name is a copy of the dataset name except that the characters in the dataset name, which would be illegal in the resource name, are replaced with underscore (\fB_\fR) characters. A pseudo property "name" is also supported that allows you to replace the data set name with a specified name. The specified name is then used to replace the prefix dataset in the case of inheritance. For example, if the dataset \fBdata/home/john\fR is set to \fBname=john\fR, then \fBdata/home/john\fR has a resource name of \fBjohn\fR. If a child dataset of \fBdata/home/john/backups\fR, it has a resource name of \fBjohn_backups\fR. +Because \fBSMB\fR shares requires a resource name, a unique resource name is constructed from the dataset name. The constructed name is a copy of the dataset name except that the characters in the dataset name, which would be illegal in the resource name, are replaced with underscore (\fB_\fR) characters. The ZFS On Linux driver does not (yet) support additional options which might be availible in the Solaris version. .sp -When SMB shares are created, the SMB share name appears as an entry in the \fB\&.zfs/shares\fR directory. You can use the \fBls\fR or \fBchmod\fR command to display the share-level ACLs on the entries in this directory. +If the \fBsharesmb\fR property is set to \fBoff\fR, the file systems are unshared. .sp -When the \fBsharesmb\fR property is changed for a dataset, the dataset and any children inheriting the property are re-shared with the new options, only if the property was previously set to \fBoff\fR, or if they were shared before the property was changed. If the new property is set to \fBoff\fR, the file systems are unshared. +In Linux, the share is created with the acl "Everyone:F" by default, meaning that everyone have read access. This however isn't the full truth: Any access control on the underlaying filesystem supersedes this. +.sp +.ne 2 +.mk +.na +\fBMinimal /etc/samba/smb.conf configuration\fR +.sp +.in +2 +* Samba will need to listen to 'localhost' (127.0.0.1) for the zfs utilities to communitate with samba. This is the default behavior for most Linux distributions. +.sp +* See the \fBUSERSHARE\fR section of the \fBsmb.conf\fR(5) man page for all configuration options. +.sp +.in -2 .RE .sp .ne 2 .mk .na \fB\fBsharenfs\fR=\fBon\fR | \fBoff\fR | \fIopts\fR\fR .ad .sp .6 .RS 4n Controls whether the file system is shared via \fBNFS\fR, and what options are used. A file system with a \fBsharenfs\fR property of \fBoff\fR is managed through traditional tools such as \fBshare\fR(1M), \fBunshare\fR(1M), and \fBdfstab\fR(4). Otherwise, the file system is automatically shared and unshared with the \fBzfs share\fR and \fBzfs unshare\fR commands. If the property is set to \fBon\fR, the \fBshare\fR(1M) command is invoked with no options. Otherwise, the \fBshare\fR(1M) command is invoked with options equivalent to the contents of this property. .sp When the \fBsharenfs\fR property is changed for a dataset, the dataset and any children inheriting the property are re-shared with the new options, only if the property was previously \fBoff\fR, or if they were shared before the property was changed. If the new property is \fBoff\fR, the file systems are unshared. .RE .sp .ne 2 .mk .na \fB\fBlogbias\fR = \fBlatency\fR | \fBthroughput\fR\fR .ad .sp .6 .RS 4n Provide a hint to ZFS about handling of synchronous requests in this dataset. If \fBlogbias\fR is set to \fBlatency\fR (the default), ZFS will use pool log devices (if configured) to handle the requests at low latency. If \fBlogbias\fR is set to \fBthroughput\fR, ZFS will not use configured pool log devices. ZFS will instead optimize synchronous operations for global pool throughput and efficient use of resources. .RE .sp .ne 2 .mk .na \fB\fBsnapdir\fR=\fBhidden\fR | \fBvisible\fR\fR .ad .sp .6 .RS 4n Controls whether the \fB\&.zfs\fR directory is hidden or visible in the root of the file system as discussed in the "Snapshots" section. The default value is \fBhidden\fR. .RE .sp .ne 2 .mk .na \fB\fBsync\fR=\fBdefault\fR | \fBalways\fR | \fBdisabled\fR\fR .ad .sp .6 .RS 4n Controls the behavior of synchronous requests (e.g. fsync, O_DSYNC). \fBdefault\fR is the POSIX specified behavior of ensuring all synchronous requests are written to stable storage and all devices are flushed to ensure data is not cached by device controllers (this is the default). \fBalways\fR causes every file system transaction to be written and flushed before its system call returns. This has a large performance penalty. \fBdisabled\fR disables synchronous requests. File system transactions are only committed to stable storage periodically. This option will give the highest performance. However, it is very dangerous as ZFS would be ignoring the synchronous transaction demands of applications such as databases or NFS. Administrators should only use this option when the risks are understood. .RE .sp .ne 2 .na \fB\fBversion\fR=\fB1\fR | \fB2\fR | \fBcurrent\fR\fR .ad .sp .6 .RS 4n The on-disk version of this file system, which is independent of the pool version. This property can only be set to later supported versions. See the \fBzfs upgrade\fR command. .RE .sp .ne 2 .mk .na \fB\fBvolsize\fR=\fIsize\fR\fR .ad .sp .6 .RS 4n For volumes, specifies the logical size of the volume. By default, creating a volume establishes a reservation of equal size. For storage pools with a version number of 9 or higher, a \fBrefreservation\fR is set instead. Any changes to \fBvolsize\fR are reflected in an equivalent change to the reservation (or \fBrefreservation\fR). The \fBvolsize\fR can only be set to a multiple of \fBvolblocksize\fR, and cannot be zero. .sp The reservation is kept equal to the volume's logical size to prevent unexpected behavior for consumers. Without the reservation, the volume could run out of space, resulting in undefined behavior or data corruption, depending on how the volume is used. These effects can also occur when the volume size is changed while it is in use (particularly when shrinking the size). Extreme care should be used when adjusting the volume size. .sp Though not recommended, a "sparse volume" (also known as "thin provisioning") can be created by specifying the \fB-s\fR option to the \fBzfs create -V\fR command, or by changing the reservation after the volume has been created. A "sparse volume" is a volume where the reservation is less then the volume size. Consequently, writes to a sparse volume can fail with \fBENOSPC\fR when the pool is low on space. For a sparse volume, changes to \fBvolsize\fR are not reflected in the reservation. .RE .sp .ne 2 .mk .na \fB\fBvscan\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether regular files should be scanned for viruses when a file is opened and closed. In addition to enabling this property, the virus scan service must also be enabled for virus scanning to occur. The default value is \fBoff\fR. .RE .sp .ne 2 .mk .na \fB\fBxattr\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether extended attributes are enabled for this file system. The default value is \fBon\fR. .RE .sp .ne 2 .mk .na \fB\fBzoned\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Controls whether the dataset is managed from a non-global zone. Zones are a Solaris feature and are not relevant on Linux. The default value is \fBoff\fR. .RE .sp .LP The following three properties cannot be changed after the file system is created, and therefore, should be set when the file system is created. If the properties are not set with the \fBzfs create\fR or \fBzpool create\fR commands, these properties are inherited from the parent dataset. If the parent dataset lacks these properties due to having been created prior to these features being supported, the new file system will have the default values for these properties. .sp .ne 2 .mk .na \fB\fBcasesensitivity\fR=\fBsensitive\fR | \fBinsensitive\fR | \fBmixed\fR\fR .ad .sp .6 .RS 4n Indicates whether the file name matching algorithm used by the file system should be case-sensitive, case-insensitive, or allow a combination of both styles of matching. The default value for the \fBcasesensitivity\fR property is \fBsensitive\fR. Traditionally, UNIX and POSIX file systems have case-sensitive file names. .sp The \fBmixed\fR value for the \fBcasesensitivity\fR property indicates that the file system can support requests for both case-sensitive and case-insensitive matching behavior. Currently, case-insensitive matching behavior on a file system that supports mixed behavior is limited to the Solaris CIFS server product. For more information about the \fBmixed\fR value behavior, see the \fISolaris ZFS Administration Guide\fR. .RE .sp .ne 2 .mk .na \fB\fBnormalization\fR = \fBnone\fR | \fBformC\fR | \fBformD\fR | \fBformKC\fR | \fBformKD\fR\fR .ad .sp .6 .RS 4n Indicates whether the file system should perform a \fBunicode\fR normalization of file names whenever two file names are compared, and which normalization algorithm should be used. File names are always stored unmodified, names are normalized as part of any comparison process. If this property is set to a legal value other than \fBnone\fR, and the \fButf8only\fR property was left unspecified, the \fButf8only\fR property is automatically set to \fBon\fR. The default value of the \fBnormalization\fR property is \fBnone\fR. This property cannot be changed after the file system is created. .RE .sp .ne 2 .mk .na \fB\fButf8only\fR=\fBon\fR | \fBoff\fR\fR .ad .sp .6 .RS 4n Indicates whether the file system should reject file names that include characters that are not present in the \fBUTF-8\fR character code set. If this property is explicitly set to \fBoff\fR, the normalization property must either not be explicitly set or be set to \fBnone\fR. The default value for the \fButf8only\fR property is \fBoff\fR. This property cannot be changed after the file system is created. .RE .sp .LP The \fBcasesensitivity\fR, \fBnormalization\fR, and \fButf8only\fR properties are also new permissions that can be assigned to non-privileged users by using the \fBZFS\fR delegated administration feature. .SS "Temporary Mount Point Properties" .sp .LP When a file system is mounted, either through \fBmount\fR(8) for legacy mounts or the \fBzfs mount\fR command for normal file systems, its mount options are set according to its properties. The correlation between properties and mount options is as follows: .sp .in +2 .nf PROPERTY MOUNT OPTION devices devices/nodevices exec exec/noexec readonly ro/rw setuid setuid/nosetuid xattr xattr/noxattr .fi .in -2 .sp .sp .LP In addition, these options can be set on a per-mount basis using the \fB-o\fR option, without affecting the property that is stored on disk. The values specified on the command line override the values stored in the dataset. The \fB-nosuid\fR option is an alias for \fBnodevices,nosetuid\fR. These properties are reported as "temporary" by the \fBzfs get\fR command. If the properties are changed while the dataset is mounted, the new setting overrides any temporary settings. .SS "User Properties" .sp .LP In addition to the standard native properties, \fBZFS\fR supports arbitrary user properties. User properties have no effect on \fBZFS\fR behavior, but applications or administrators can use them to annotate datasets (file systems, volumes, and snapshots). .sp .LP User property names must contain a colon (\fB:\fR) character to distinguish them from native properties. They may contain lowercase letters, numbers, and the following punctuation characters: colon (\fB:\fR), dash (\fB-\fR), period (\fB\&.\fR), and underscore (\fB_\fR). The expected convention is that the property name is divided into two portions such as \fImodule\fR\fB:\fR\fIproperty\fR, but this namespace is not enforced by \fBZFS\fR. User property names can be at most 256 characters, and cannot begin with a dash (\fB-\fR). .sp .LP When making programmatic use of user properties, it is strongly suggested to use a reversed \fBDNS\fR domain name for the \fImodule\fR component of property names to reduce the chance that two independently-developed packages use the same property name for different purposes. For example, property names beginning with \fBcom.sun\fR. are reserved for use by Oracle Corporation (which acquired Sun Microsystems). .sp .LP The values of user properties are arbitrary strings, are always inherited, and are never validated. All of the commands that operate on properties (\fBzfs list\fR, \fBzfs get\fR, \fBzfs set\fR, and so forth) can be used to manipulate both native properties and user properties. Use the \fBzfs inherit\fR command to clear a user property . If the property is not defined in any parent dataset, it is removed entirely. Property values are limited to 1024 characters. .SS "ZFS Volumes as Swap" .sp .LP Do not swap to a file on a \fBZFS\fR file system. A \fBZFS\fR swap file configuration is not supported. .SH SUBCOMMANDS .sp .LP All subcommands that modify state are logged persistently to the pool in their original form. .sp .ne 2 .mk .na \fB\fBzfs ?\fR\fR .ad .sp .6 .RS 4n Displays a help message. .RE .sp .ne 2 .mk .na \fB\fBzfs create\fR [\fB-p\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fIfilesystem\fR\fR .ad .sp .6 .RS 4n Creates a new \fBZFS\fR file system. The file system is automatically mounted according to the \fBmountpoint\fR property inherited from the parent. .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Creates all the non-existing parent datasets. Datasets created in this manner are automatically mounted according to the \fBmountpoint\fR property inherited from their parent. Any property specified on the command line using the \fB-o\fR option is ignored. If the target filesystem already exists, the operation completes successfully. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIproperty\fR=\fIvalue\fR\fR .ad .sp .6 .RS 4n Sets the specified property as if the command \fBzfs set\fR \fIproperty\fR=\fIvalue\fR was invoked at the same time the dataset was created. Any editable \fBZFS\fR property can also be set at creation time. Multiple \fB-o\fR options can be specified. An error results if the same property is specified in multiple \fB-o\fR options. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs create\fR [\fB-ps\fR] [\fB-b\fR \fIblocksize\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fB-V\fR \fIsize\fR \fIvolume\fR\fR .ad .sp .6 .RS 4n Creates a volume of the given size. The volume is exported as a block device in \fB/dev/zvol/\fR\fIpath\fR, where \fIpath\fR is the name of the volume in the \fBZFS\fR namespace. The size represents the logical size as exported by the device. By default, a reservation of equal size is created. .sp \fIsize\fR is automatically rounded up to the nearest 128 Kbytes to ensure that the volume has an integral number of blocks regardless of \fIblocksize\fR. .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Creates all the non-existing parent datasets. Datasets created in this manner are automatically mounted according to the \fBmountpoint\fR property inherited from their parent. Any property specified on the command line using the \fB-o\fR option is ignored. If the target filesystem already exists, the operation completes successfully. .RE .sp .ne 2 .mk .na \fB\fB-s\fR\fR .ad .sp .6 .RS 4n Creates a sparse volume with no reservation. See \fBvolsize\fR in the Native Properties section for more information about sparse volumes. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIproperty\fR=\fIvalue\fR\fR .ad .sp .6 .RS 4n Sets the specified property as if the \fBzfs set\fR \fIproperty\fR=\fIvalue\fR command was invoked at the same time the dataset was created. Any editable \fBZFS\fR property can also be set at creation time. Multiple \fB-o\fR options can be specified. An error results if the same property is specified in multiple \fB-o\fR options. .RE .sp .ne 2 .mk .na \fB\fB-b\fR \fIblocksize\fR\fR .ad .sp .6 .RS 4n Equivalent to \fB-o\fR \fBvolblocksize\fR=\fIblocksize\fR. If this option is specified in conjunction with \fB-o\fR \fBvolblocksize\fR, the resulting behavior is undefined. .RE .RE .sp .ne 2 .mk .na \fBzfs destroy\fR [\fB-fnpRrv\fR] \fIfilesystem\fR|\fIvolume\fR .ad .sp .6 .RS 4n Destroys the given dataset. By default, the command unshares any file systems that are currently shared, unmounts any file systems that are currently mounted, and refuses to destroy a dataset that has active dependents (children or clones). .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively destroy all children. .RE .sp .ne 2 .mk .na \fB\fB-R\fR\fR .ad .sp .6 .RS 4n Recursively destroy all dependents, including cloned file systems outside the target hierarchy. .RE .sp .ne 2 .mk .na \fB\fB-f\fR\fR .ad .sp .6 .RS 4n Force an unmount of any file systems using the \fBunmount -f\fR command. This option has no effect on non-file systems or unmounted file systems. .RE .sp .ne 2 .na \fB\fB-n\fR\fR .ad .sp .6 .RS 4n Do a dry-run ("No-op") deletion. No data will be deleted. This is useful in conjunction with the \fB-v\fR or \fB-p\fR flags to determine what data would be deleted. .RE .sp .ne 2 .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Print machine-parsable verbose information about the deleted data. .RE .sp .ne 2 .na \fB\fB-v\fR\fR .ad .sp .6 .RS 4n Print verbose information about the deleted data. .RE .sp Extreme care should be taken when applying either the \fB-r\fR or the \fB-R\fR options, as they can destroy large portions of a pool and cause unexpected behavior for mounted file systems in use. .RE .sp .ne 2 .mk .na \fBzfs destroy\fR [\fB-dnpRrv\fR] \fIfilesystem\fR|\fIvolume\fR@\fIsnap\fR[%\fIsnap\fR][,...] .ad .sp .6 .RS 4n The given snapshots are destroyed immediately if and only if the \fBzfs destroy\fR command without the \fB-d\fR option would have destroyed it. Such immediate destruction would occur, for example, if the snapshot had no clones and the user-initiated reference count were zero. .sp If a snapshot does not qualify for immediate destruction, it is marked for deferred destruction. In this state, it exists as a usable, visible snapshot until both of the preconditions listed above are met, at which point it is destroyed. .sp An inclusive range of snapshots may be specified by separating the first and last snapshots with a percent sign. The first and/or last snapshots may be left blank, in which case the filesystem's oldest or newest snapshot will be implied. .sp Multiple snapshots (or ranges of snapshots) of the same filesystem or volume may be specified in a comma-separated list of snapshots. Only the snapshot's short name (the part after the \fB@\fR) should be specified when using a range or comma-separated list to identify multiple snapshots. .sp .ne 2 .mk .na \fB\fB-d\fR\fR .ad .sp .6 .RS 4n Defer snapshot deletion. .RE .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Destroy (or mark for deferred destruction) all snapshots with this name in descendent file systems. .RE .sp .ne 2 .mk .na \fB\fB-R\fR\fR .ad .sp .6 .RS 4n Recursively destroy all dependents. .RE .sp .ne 2 .na \fB\fB-n\fR\fR .ad .sp .6 .RS 4n Do a dry-run ("No-op") deletion. No data will be deleted. This is useful in conjunction with the \fB-v\fR or \fB-p\fR flags to determine what data would be deleted. .RE .sp .ne 2 .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Print machine-parsable verbose information about the deleted data. .RE .sp .ne 2 .na \fB\fB-v\fR\fR .ad .sp .6 .RS 4n Print verbose information about the deleted data. .RE .sp Extreme care should be taken when applying either the \fB-r\fR or the \fB-f\fR options, as they can destroy large portions of a pool and cause unexpected behavior for mounted file systems in use. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs snapshot\fR [\fB-r\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fIfilesystem@snapname\fR|\fIvolume@snapname\fR\fR .ad .sp .6 .RS 4n Creates a snapshot with the given name. All previous modifications by successful system calls to the file system are part of the snapshot. See the "Snapshots" section for details. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively create snapshots of all descendent datasets. Snapshots are taken atomically, so that all recursive snapshots correspond to the same moment in time. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIproperty\fR=\fIvalue\fR\fR .ad .sp .6 .RS 4n Sets the specified property; see \fBzfs create\fR for details. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs rollback\fR [\fB-rRf\fR] \fIsnapshot\fR\fR .ad .sp .6 .RS 4n Roll back the given dataset to a previous snapshot. When a dataset is rolled back, all data that has changed since the snapshot is discarded, and the dataset reverts to the state at the time of the snapshot. By default, the command refuses to roll back to a snapshot other than the most recent one. In order to do so, all intermediate snapshots must be destroyed by specifying the \fB-r\fR option. .sp The \fB-rR\fR options do not recursively destroy the child snapshots of a recursive snapshot. Only the top-level recursive snapshot is destroyed by either of these options. To completely roll back a recursive snapshot, you must rollback the individual child snapshots. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively destroy any snapshots more recent than the one specified. .RE .sp .ne 2 .mk .na \fB\fB-R\fR\fR .ad .sp .6 .RS 4n Recursively destroy any more recent snapshots, as well as any clones of those snapshots. .RE .sp .ne 2 .mk .na \fB\fB-f\fR\fR .ad .sp .6 .RS 4n Used with the \fB-R\fR option to force an unmount of any clone file systems that are to be destroyed. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs clone\fR [\fB-p\fR] [\fB-o\fR \fIproperty\fR=\fIvalue\fR] ... \fIsnapshot\fR \fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Creates a clone of the given snapshot. See the "Clones" section for details. The target dataset can be located anywhere in the \fBZFS\fR hierarchy, and is created as the same type as the original. .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Creates all the non-existing parent datasets. Datasets created in this manner are automatically mounted according to the \fBmountpoint\fR property inherited from their parent. If the target filesystem or volume already exists, the operation completes successfully. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIproperty\fR=\fIvalue\fR\fR .ad .sp .6 .RS 4n Sets the specified property; see \fBzfs create\fR for details. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs promote\fR \fIclone-filesystem\fR\fR .ad .sp .6 .RS 4n Promotes a clone file system to no longer be dependent on its "origin" snapshot. This makes it possible to destroy the file system that the clone was created from. The clone parent-child dependency relationship is reversed, so that the origin file system becomes a clone of the specified file system. .sp The snapshot that was cloned, and any snapshots previous to this snapshot, are now owned by the promoted clone. The space they use moves from the origin file system to the promoted clone, so enough space must be available to accommodate these snapshots. No new space is consumed by this operation, but the space accounting is adjusted. The promoted clone must not have any conflicting snapshot names of its own. The \fBrename\fR subcommand can be used to rename any conflicting snapshots. .RE .sp .ne 2 .mk .na \fB\fBzfs rename\fR [\fB-f\fR] \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR\fR .ad .br .na \fB\fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR\fR .ad .br .na \fB\fBzfs rename\fR [\fB-fp\fR] \fIfilesystem\fR|\fIvolume\fR \fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Renames the given dataset. The new target can be located anywhere in the \fBZFS\fR hierarchy, with the exception of snapshots. Snapshots can only be renamed within the parent file system or volume. When renaming a snapshot, the parent file system of the snapshot does not need to be specified as part of the second argument. Renamed file systems can inherit new mount points, in which case they are unmounted and remounted at the new mount point. .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Creates all the nonexistent parent datasets. Datasets created in this manner are automatically mounted according to the \fBmountpoint\fR property inherited from their parent. .RE .sp .ne 2 .na \fB\fB-f\fR\fR .ad .sp .6 .RS 4n Force unmount any filesystems that need to be unmounted in the process. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs rename\fR \fB-r\fR \fIsnapshot\fR \fIsnapshot\fR\fR .ad .sp .6 .RS 4n Recursively rename the snapshots of all descendent datasets. Snapshots are the only dataset that can be renamed recursively. .RE .sp .ne 2 .mk .na \fB\fBzfs\fR \fBlist\fR [\fB-r\fR|\fB-d\fR \fIdepth\fR] [\fB-H\fR] [\fB-o\fR \fIproperty\fR[,\fI\&...\fR]] [ \fB-t\fR \fItype\fR[,\fI\&...\fR]] [ \fB-s\fR \fIproperty\fR ] ... [ \fB-S\fR \fIproperty\fR ] ... [\fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR|\fIsnap\fR] ...\fR .ad .sp .6 .RS 4n Lists the property information for the given datasets in tabular form. If specified, you can list property information by the absolute pathname or the relative pathname. By default, all file systems and volumes are displayed. Snapshots are displayed if the \fBlistsnaps\fR property is \fBon\fR (the default is \fBoff\fR) . The following fields are displayed, \fBname,used,available,referenced,mountpoint\fR. .sp .ne 2 .mk .na \fB\fB-H\fR\fR .ad .sp .6 .RS 4n Used for scripting mode. Do not print headers and separate fields by a single tab instead of arbitrary white space. .RE .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively display any children of the dataset on the command line. .RE .sp .ne 2 .mk .na \fB\fB-d\fR \fIdepth\fR\fR .ad .sp .6 .RS 4n Recursively display any children of the dataset, limiting the recursion to \fIdepth\fR. A depth of \fB1\fR will display only the dataset and its direct children. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIproperty\fR\fR .ad .sp .6 .RS 4n A comma-separated list of properties to display. The property must be: .RS +4 .TP .ie t \(bu .el o One of the properties described in the "Native Properties" section .RE .RS +4 .TP .ie t \(bu .el o A user property .RE .RS +4 .TP .ie t \(bu .el o The value \fBname\fR to display the dataset name .RE .RS +4 .TP .ie t \(bu .el o The value \fBspace\fR to display space usage properties on file systems and volumes. This is a shortcut for specifying \fB-o name,avail,used,usedsnap,usedds,usedrefreserv,usedchild\fR \fB-t filesystem,volume\fR syntax. .RE .RE .sp .ne 2 .mk .na \fB\fB-s\fR \fIproperty\fR\fR .ad .sp .6 .RS 4n A property for sorting the output by column in ascending order based on the value of the property. The property must be one of the properties described in the "Properties" section, or the special value \fBname\fR to sort by the dataset name. Multiple properties can be specified at one time using multiple \fB-s\fR property options. Multiple \fB-s\fR options are evaluated from left to right in decreasing order of importance. .sp The following is a list of sorting criteria: .RS +4 .TP .ie t \(bu .el o Numeric types sort in numeric order. .RE .RS +4 .TP .ie t \(bu .el o String types sort in alphabetical order. .RE .RS +4 .TP .ie t \(bu .el o Types inappropriate for a row sort that row to the literal bottom, regardless of the specified ordering. .RE .RS +4 .TP .ie t \(bu .el o If no sorting options are specified the existing behavior of \fBzfs list\fR is preserved. .RE .RE .sp .ne 2 .mk .na \fB\fB-S\fR \fIproperty\fR\fR .ad .sp .6 .RS 4n Same as the \fB-s\fR option, but sorts by property in descending order. .RE .sp .ne 2 .mk .na \fB\fB-t\fR \fItype\fR\fR .ad .sp .6 .RS 4n A comma-separated list of types to display, where \fItype\fR is one of \fBfilesystem\fR, \fBsnapshot\fR , \fBvolume\fR, or \fBall\fR. For example, specifying \fB-t snapshot\fR displays only snapshots. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs set\fR \fIproperty\fR=\fIvalue\fR \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR ...\fR .ad .sp .6 .RS 4n Sets the property to the given value for each dataset. Only some properties can be edited. See the "Properties" section for more information on what properties can be set and acceptable values. Numeric values can be specified as exact values, or in a human-readable form with a suffix of \fBB\fR, \fBK\fR, \fBM\fR, \fBG\fR, \fBT\fR, \fBP\fR, \fBE\fR, \fBZ\fR (for bytes, kilobytes, megabytes, gigabytes, terabytes, petabytes, exabytes, or zettabytes, respectively). User properties can be set on snapshots. For more information, see the "User Properties" section. .RE .sp .ne 2 .mk .na \fB\fBzfs get\fR [\fB-r\fR|\fB-d\fR \fIdepth\fR] [\fB-Hp\fR] [\fB-o\fR \fIfield\fR[,...] [\fB-t\fR \fItype\fR[,...]] [\fB-s\fR \fIsource\fR[,...] "\fIall\fR" | \fIproperty\fR[,...] \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR ...\fR .ad .sp .6 .RS 4n Displays properties for the given datasets. If no datasets are specified, then the command displays properties for all datasets on the system. For each property, the following columns are displayed: .sp .in +2 .nf name Dataset name property Property name value Property value source Property source. Can either be local, default, temporary, inherited, or none (-). .fi .in -2 .sp All columns are displayed by default, though this can be controlled by using the \fB-o\fR option. This command takes a comma-separated list of properties as described in the "Native Properties" and "User Properties" sections. .sp The special value \fBall\fR can be used to display all properties that apply to the given dataset's type (filesystem, volume, or snapshot). .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively display properties for any children. .RE .sp .ne 2 .mk .na \fB\fB-d\fR \fIdepth\fR\fR .ad .sp .6 .RS 4n Recursively display any children of the dataset, limiting the recursion to \fIdepth\fR. A depth of \fB1\fR will display only the dataset and its direct children. .RE .sp .ne 2 .mk .na \fB\fB-H\fR\fR .ad .sp .6 .RS 4n Display output in a form more easily parsed by scripts. Any headers are omitted, and fields are explicitly separated by a single tab instead of an arbitrary amount of space. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIfield\fR\fR .ad .sp .6 .RS 4n A comma-separated list of columns to display. \fBname,property,value,source\fR is the default value. .RE .sp .ne 2 .mk .na \fB\fB-s\fR \fIsource\fR\fR .ad .sp .6 .RS 4n A comma-separated list of sources to display. Those properties coming from a source other than those in this list are ignored. Each source must be one of the following: \fBlocal,default,inherited,temporary,none\fR. The default value is all sources. .RE .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Display numbers in parseable (exact) values. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs inherit\fR [\fB-r\fR] \fIproperty\fR \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR ...\fR .ad .sp .6 .RS 4n Clears the specified property, causing it to be inherited from an ancestor. If no ancestor has the property set, then the default value is used. See the "Properties" section for a listing of default values, and details on which properties can be inherited. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively inherit the given property for all children. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs upgrade\fR [\fB-v\fR]\fR .ad .sp .6 .RS 4n Displays a list of file systems that are not the most recent version. .RE .sp .ne 2 .mk .na \fB\fBzfs upgrade\fR [\fB-r\fR] [\fB-V\fR \fIversion\fR] [\fB-a\fR | \fIfilesystem\fR]\fR .ad .sp .6 .RS 4n Upgrades file systems to a new on-disk version. Once this is done, the file systems will no longer be accessible on systems running older versions of the software. \fBzfs send\fR streams generated from new snapshots of these file systems cannot be accessed on systems running older versions of the software. .sp In general, the file system version is independent of the pool version. See \fBzpool\fR(8) for information on the \fBzpool upgrade\fR command. .sp In some cases, the file system version and the pool version are interrelated and the pool version must be upgraded before the file system version can be upgraded. .sp .ne 2 .mk .na \fB\fB-a\fR\fR .ad .sp .6 .RS 4n Upgrade all file systems on all imported pools. .RE .sp .ne 2 .mk .na \fB\fIfilesystem\fR\fR .ad .sp .6 .RS 4n Upgrade the specified file system. .RE .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Upgrade the specified file system and all descendent file systems .RE .sp .ne 2 .mk .na \fB\fB-V\fR \fIversion\fR\fR .ad .sp .6 .RS 4n Upgrade to the specified \fIversion\fR. If the \fB-V\fR flag is not specified, this command upgrades to the most recent version. This option can only be used to increase the version number, and only up to the most recent version supported by this software. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs userspace\fR [\fB-niHp\fR] [\fB-o\fR \fIfield\fR[,...]] [\fB-sS\fR \fIfield\fR]... [\fB-t\fR \fItype\fR [,...]] \fIfilesystem\fR | \fIsnapshot\fR\fR .ad .sp .6 .RS 4n Displays space consumed by, and quotas on, each user in the specified filesystem or snapshot. This corresponds to the \fBuserused@\fR\fIuser\fR and \fBuserquota@\fR\fIuser\fR properties. .sp .ne 2 .mk .na \fB\fB-n\fR\fR .ad .sp .6 .RS 4n Print numeric ID instead of user/group name. .RE .sp .ne 2 .mk .na \fB\fB-H\fR\fR .ad .sp .6 .RS 4n Do not print headers, use tab-delimited output. .RE .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Use exact (parseable) numeric output. .RE .sp .ne 2 .mk .na \fB\fB-o\fR \fIfield\fR[,...]\fR .ad .sp .6 .RS 4n Display only the specified fields from the following set, \fBtype,name,used,quota\fR.The default is to display all fields. .RE .sp .ne 2 .mk .na \fB\fB-s\fR \fIfield\fR\fR .ad .sp .6 .RS 4n Sort output by this field. The \fIs\fR and \fIS\fR flags may be specified multiple times to sort first by one field, then by another. The default is \fB-s type\fR \fB-s name\fR. .RE .sp .ne 2 .mk .na \fB\fB-S\fR \fIfield\fR\fR .ad .sp .6 .RS 4n Sort by this field in reverse order. See \fB-s\fR. .RE .sp .ne 2 .mk .na \fB\fB-t\fR \fItype\fR[,...]\fR .ad .sp .6 .RS 4n Print only the specified types from the following set, \fBall,posixuser,smbuser,posixgroup,smbgroup\fR. .sp The default is \fB-t posixuser,smbuser\fR .sp The default can be changed to include group types. .RE .sp .ne 2 .mk .na \fB\fB-i\fR\fR .ad .sp .6 .RS 4n Translate SID to POSIX ID. The POSIX ID may be ephemeral if no mapping exists. Normal POSIX interfaces (for example, \fBstat\fR(2), \fBls\fR \fB-l\fR) perform this translation, so the \fB-i\fR option allows the output from \fBzfs userspace\fR to be compared directly with those utilities. However, \fB-i\fR may lead to confusion if some files were created by an SMB user before a SMB-to-POSIX name mapping was established. In such a case, some files are owned by the SMB entity and some by the POSIX entity. However, the \fB-i\fR option will report that the POSIX entity has the total usage and quota for both. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs groupspace\fR [\fB-niHp\fR] [\fB-o\fR \fIfield\fR[,...]] [\fB-sS\fR \fIfield\fR]... [\fB-t\fR \fItype\fR [,...]] \fIfilesystem\fR | \fIsnapshot\fR\fR .ad .sp .6 .RS 4n Displays space consumed by, and quotas on, each group in the specified filesystem or snapshot. This subcommand is identical to \fBzfs userspace\fR, except that the default types to display are \fB-t posixgroup,smbgroup\fR. .sp .in +2 .nf - .fi .in -2 .sp .RE .sp .ne 2 .mk .na \fB\fBzfs mount\fR\fR .ad .sp .6 .RS 4n Displays all \fBZFS\fR file systems currently mounted. .RE .sp .ne 2 .mk .na \fB\fBzfs mount\fR [\fB-vO\fR] [\fB-o\fR \fIoptions\fR] \fB-a\fR | \fIfilesystem\fR\fR .ad .sp .6 .RS 4n Mounts \fBZFS\fR file systems. Invoked automatically as part of the boot process. .sp .ne 2 .mk .na \fB\fB-o\fR \fIoptions\fR\fR .ad .sp .6 .RS 4n An optional, comma-separated list of mount options to use temporarily for the duration of the mount. See the "Temporary Mount Point Properties" section for details. .RE .sp .ne 2 .mk .na \fB\fB-O\fR\fR .ad .sp .6 .RS 4n Perform an overlay mount. See \fBmount\fR(8) for more information. .RE .sp .ne 2 .mk .na \fB\fB-v\fR\fR .ad .sp .6 .RS 4n Report mount progress. .RE .sp .ne 2 .mk .na \fB\fB-a\fR\fR .ad .sp .6 .RS 4n Mount all available \fBZFS\fR file systems. Invoked automatically as part of the boot process. .RE .sp .ne 2 .mk .na \fB\fIfilesystem\fR\fR .ad .sp .6 .RS 4n Mount the specified filesystem. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs unmount\fR [\fB-f\fR] \fB-a\fR | \fIfilesystem\fR|\fImountpoint\fR\fR .ad .sp .6 .RS 4n Unmounts currently mounted \fBZFS\fR file systems. Invoked automatically as part of the shutdown process. .sp .ne 2 .mk .na \fB\fB-f\fR\fR .ad .sp .6 .RS 4n Forcefully unmount the file system, even if it is currently in use. .RE .sp .ne 2 .mk .na \fB\fB-a\fR\fR .ad .sp .6 .RS 4n Unmount all available \fBZFS\fR file systems. Invoked automatically as part of the boot process. .RE .sp .ne 2 .mk .na \fB\fIfilesystem\fR|\fImountpoint\fR\fR .ad .sp .6 .RS 4n Unmount the specified filesystem. The command can also be given a path to a \fBZFS\fR file system mount point on the system. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs share\fR \fB-a\fR | \fIfilesystem\fR\fR .ad .sp .6 .RS 4n Shares available \fBZFS\fR file systems. .sp .ne 2 .mk .na \fB\fB-a\fR\fR .ad .sp .6 .RS 4n Share all available \fBZFS\fR file systems. Invoked automatically as part of the boot process. .RE .sp .ne 2 .mk .na \fB\fIfilesystem\fR\fR .ad .sp .6 .RS 4n Share the specified filesystem according to the \fBsharenfs\fR and \fBsharesmb\fR properties. File systems are shared when the \fBsharenfs\fR or \fBsharesmb\fR property is set. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs unshare\fR \fB-a\fR | \fIfilesystem\fR|\fImountpoint\fR\fR .ad .sp .6 .RS 4n Unshares currently shared \fBZFS\fR file systems. This is invoked automatically as part of the shutdown process. .sp .ne 2 .mk .na \fB\fB-a\fR\fR .ad .sp .6 .RS 4n Unshare all available \fBZFS\fR file systems. Invoked automatically as part of the boot process. .RE .sp .ne 2 .mk .na \fB\fIfilesystem\fR|\fImountpoint\fR\fR .ad .sp .6 .RS 4n Unshare the specified filesystem. The command can also be given a path to a \fBZFS\fR file system shared on the system. .RE .RE .sp .ne 2 .mk .na \fBzfs send\fR [\fB-DnPpRrv\fR] [\fB-\fR[\fBiI\fR] \fIsnapshot\fR] \fIsnapshot\fR .ad .sp .6 .RS 4n Creates a stream representation of the second \fIsnapshot\fR, which is written to standard output. The output can be redirected to a file or to a different system (for example, using \fBssh\fR(1). By default, a full stream is generated. .sp .ne 2 .mk .na \fB\fB-i\fR \fIsnapshot\fR\fR .ad .sp .6 .RS 4n Generate an incremental stream from the first \fIsnapshot\fR to the second \fIsnapshot\fR. The incremental source (the first \fIsnapshot\fR) can be specified as the last component of the snapshot name (for example, the part after the \fB@\fR), and it is assumed to be from the same file system as the second \fIsnapshot\fR. .sp If the destination is a clone, the source may be the origin snapshot, which must be fully specified (for example, \fBpool/fs@origin\fR, not just \fB@origin\fR). .RE .sp .ne 2 .mk .na \fB\fB-I\fR \fIsnapshot\fR\fR .ad .sp .6 .RS 4n Generate a stream package that sends all intermediary snapshots from the first snapshot to the second snapshot. For example, \fB-I @a fs@d\fR is similar to \fB-i @a fs@b; -i @b fs@c; -i @c fs@d\fR. The incremental source snapshot may be specified as with the \fB-i\fR option. .RE .sp .ne 2 .mk .na \fB\fB-v\fR\fR .ad .sp .6 .RS 4n Print verbose information about the stream package generated. This information includes a per-second report of how much data has been sent. .RE .sp .ne 2 .mk .na \fB\fB-R\fR\fR .ad .sp .6 .RS 4n Generate a replication stream package, which will replicate the specified filesystem, and all descendent file systems, up to the named snapshot. When received, all properties, snapshots, descendent file systems, and clones are preserved. .sp If the \fB-i\fR or \fB-I\fR flags are used in conjunction with the \fB-R\fR flag, an incremental replication stream is generated. The current values of properties, and current snapshot and file system names are set when the stream is received. If the \fB-F\fR flag is specified when this stream is received, snapshots and file systems that do not exist on the sending side are destroyed. .RE .sp .ne 2 .mk .na \fB\fB-D\fR\fR .ad .sp .6 .RS 4n This option will cause dedup processing to be performed on the data being written to a send stream. Dedup processing is optional because it isn't always appropriate (some kinds of data have very little duplication) and it has significant costs: the checksumming required to detect duplicate blocks is CPU-intensive and the data that must be maintained while the stream is being processed can occupy a very large amount of memory. .sp Duplicate blocks are detected by calculating a cryptographically strong checksum on each data block. Blocks that have the same checksum are presumed to be identical. The checksum type used at this time is SHA256. However, the stream format contains a field which identifies the checksum type, permitting other checksums to be used in the future. .RE .sp .ne 2 .mk .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Include properties in the send stream without the -R option. .RE The format of the stream is committed. You will be able to receive your streams on future versions of \fBZFS\fR. .RE .sp .ne 2 .mk .na \fB\fBzfs receive\fR [\fB-vnFu\fR] \fIfilesystem\fR|\fIvolume\fR|\fIsnapshot\fR\fR .ad .br .na \fB\fBzfs receive\fR [\fB-vnFu\fR] [\fB-d\fR|\fB-e\fR] \fIfilesystem\fR\fR .ad .sp .6 .RS 4n Creates a snapshot whose contents are as specified in the stream provided on standard input. If a full stream is received, then a new file system is created as well. Streams are created using the \fBzfs send\fR subcommand, which by default creates a full stream. \fBzfs recv\fR can be used as an alias for \fBzfs receive\fR. .sp If an incremental stream is received, then the destination file system must already exist, and its most recent snapshot must match the incremental stream's source. For \fBzvols\fR, the destination device link is destroyed and recreated, which means the \fBzvol\fR cannot be accessed during the \fBreceive\fR operation. .sp When a snapshot replication package stream that is generated by using the \fBzfs send\fR \fB-R\fR command is received, any snapshots that do not exist on the sending location are destroyed by using the \fBzfs destroy\fR \fB-d\fR command. .sp The name of the snapshot (and file system, if a full stream is received) that this subcommand creates depends on the argument type and the use of the \fB-d\fR or \fB-e\fR options. .sp If the argument is a snapshot name, the specified \fIsnapshot\fR is created. If the argument is a file system or volume name, a snapshot with the same name as the sent snapshot is created within the specified \fIfilesystem\fR or \fIvolume\fR. If neither of the \fB-d\fR or \fB-e\fR options are specified, the provided target snapshot name is used exactly as provided. .sp The \fB-d\fR and \fB-e\fR options cause the file system name of the target snapshot to be determined by appending a portion of the sent snapshot's name to the specified target \fIfilesystem\fR. If the \fB-d\fR option is specified, all but the first element of the sent snapshot's file system path (usually the pool name) is used and any required intermediate file systems within the specified one are created. If the \fB-e\fR option is specified, then only the last element of the sent snapshot's file system name (i.e. the name of the source file system itself) is used as the target file system name. .sp .ne 2 .mk .na \fB\fB-d\fR\fR .ad .sp .6 .RS 4n Discard the first element of the sent snapshot's file system name, using the remaining elements to determine the name of the target file system for the new snapshot as described in the paragraph above. .RE .sp .ne 2 .na \fB\fB-e\fR\fR .ad .sp .6 .RS 4n Discard all but the last element of the sent snapshot's file system name, using that element to determine the name of the target file system for the new snapshot as described in the paragraph above. .RE .sp .ne 2 .mk .na \fB\fB-u\fR\fR .ad .sp .6 .RS 4n File system that is associated with the received stream is not mounted. .RE .sp .ne 2 .mk .na \fB\fB-D\fR\fR .ad .sp .6 .RS 4n Generate a deduplicated stream. Blocks which would have been sent multiple times in the send stream will only be sent once. The receiving system must also support this feature to recieve a deduplicated stream. This flag can be used regardless of the dataset's \fBdedup\fR property, but performance will be much better if the filesystem uses a dedup-capable checksum (eg. \fBsha256\fR). .RE .sp .ne 2 .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively send all descendant snapshots. This is similar to the \fB-R\fR flag, but information about deleted and renamed datasets is not included, and property information is only included if the \fB-p\fR flag is specified. .RE .sp .ne 2 .na \fB\fB-p\fR\fR .ad .sp .6 .RS 4n Include the dataset's properties in the stream. This flag is implicit when \fB-R\fR is specified. The receiving system must also support this feature. .RE .sp .ne 2 .na \fB\fB-n\fR\fR .ad .sp .6 .RS 4n Do a dry-run ("No-op") send. Do not generate any actual send data. This is useful in conjunction with the \fB-v\fR or \fB-P\fR flags to determine what data will be sent. .RE .sp .ne 2 .na \fB\fB-P\fR\fR .ad .sp .6 .RS 4n Print machine-parsable verbose information about the stream package generated. .RE .sp .ne 2 .na \fB\fB-v\fR\fR .ad .sp .6 .RS 4n Print verbose information about the stream and the time required to perform the receive operation. .RE .sp .ne 2 .mk .na \fB\fB-n\fR\fR .ad .sp .6 .RS 4n Do not actually receive the stream. This can be useful in conjunction with the \fB-v\fR option to verify the name the receive operation would use. .RE .sp .ne 2 .mk .na \fB\fB-F\fR\fR .ad .sp .6 .RS 4n Force a rollback of the file system to the most recent snapshot before performing the receive operation. If receiving an incremental replication stream (for example, one generated by \fBzfs send -R -[iI]\fR), destroy snapshots and file systems that do not exist on the sending side. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs allow\fR \fIfilesystem\fR | \fIvolume\fR\fR .ad .sp .6 .RS 4n Displays permissions that have been delegated on the specified filesystem or volume. See the other forms of \fBzfs allow\fR for more information. .RE .sp .ne 2 .mk .na \fB\fBzfs allow\fR [\fB-ldug\fR] "\fIeveryone\fR"|\fIuser\fR|\fIgroup\fR[,...] \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR| \fIvolume\fR\fR .ad .br .na \fB\fBzfs allow\fR [\fB-ld\fR] \fB-e\fR \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR | \fIvolume\fR\fR .ad .sp .6 .RS 4n Delegates \fBZFS\fR administration permission for the file systems to non-privileged users. .sp .ne 2 .mk .na \fB[\fB-ug\fR] "\fIeveryone\fR"|\fIuser\fR|\fIgroup\fR[,...]\fR .ad .sp .6 .RS 4n Specifies to whom the permissions are delegated. Multiple entities can be specified as a comma-separated list. If neither of the \fB-ug\fR options are specified, then the argument is interpreted preferentially as the keyword "everyone", then as a user name, and lastly as a group name. To specify a user or group named "everyone", use the \fB-u\fR or \fB-g\fR options. To specify a group with the same name as a user, use the \fB-g\fR options. .RE .sp .ne 2 .mk .na \fB[\fB-e\fR] \fIperm\fR|@\fIsetname\fR[,...]\fR .ad .sp .6 .RS 4n Specifies that the permissions be delegated to "everyone." Multiple permissions may be specified as a comma-separated list. Permission names are the same as \fBZFS\fR subcommand and property names. See the property list below. Property set names, which begin with an at sign (\fB@\fR) , may be specified. See the \fB-s\fR form below for details. .RE .sp .ne 2 .mk .na \fB[\fB-ld\fR] \fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Specifies where the permissions are delegated. If neither of the \fB-ld\fR options are specified, or both are, then the permissions are allowed for the file system or volume, and all of its descendents. If only the \fB-l\fR option is used, then is allowed "locally" only for the specified file system. If only the \fB-d\fR option is used, then is allowed only for the descendent file systems. .RE .RE .sp .LP Permissions are generally the ability to use a \fBZFS\fR subcommand or change a \fBZFS\fR property. The following permissions are available: .sp .in +2 .nf NAME TYPE NOTES allow subcommand Must also have the permission that is being allowed clone subcommand Must also have the 'create' ability and 'mount' ability in the origin file system create subcommand Must also have the 'mount' ability destroy subcommand Must also have the 'mount' ability diff subcommand Allows lookup of paths within a dataset given an object number, and the ability to create snapshots necessary to 'zfs diff'. mount subcommand Allows mount/umount of ZFS datasets promote subcommand Must also have the 'mount' and 'promote' ability in the origin file system receive subcommand Must also have the 'mount' and 'create' ability rename subcommand Must also have the 'mount' and 'create' ability in the new parent rollback subcommand Must also have the 'mount' ability send subcommand share subcommand Allows sharing file systems over NFS or SMB protocols snapshot subcommand Must also have the 'mount' ability groupquota other Allows accessing any groupquota@... property groupused other Allows reading any groupused@... property userprop other Allows changing any user property userquota other Allows accessing any userquota@... property userused other Allows reading any userused@... property aclinherit property aclmode property atime property canmount property casesensitivity property checksum property compression property copies property dedup property devices property exec property logbias property mlslabel property mountpoint property nbmand property normalization property primarycache property quota property readonly property recordsize property refquota property refreservation property reservation property secondarycache property setuid property shareiscsi property sharenfs property sharesmb property snapdir property utf8only property version property volblocksize property volsize property vscan property xattr property zoned property .fi .in -2 .sp .sp .ne 2 .mk .na \fB\fBzfs allow\fR \fB-c\fR \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Sets "create time" permissions. These permissions are granted (locally) to the creator of any newly-created descendent file system. .RE .sp .ne 2 .mk .na \fB\fBzfs allow\fR \fB-s\fR @\fIsetname\fR \fIperm\fR|@\fIsetname\fR[,...] \fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Defines or adds permissions to a permission set. The set can be used by other \fBzfs allow\fR commands for the specified file system and its descendents. Sets are evaluated dynamically, so changes to a set are immediately reflected. Permission sets follow the same naming restrictions as ZFS file systems, but the name must begin with an "at sign" (\fB@\fR), and can be no more than 64 characters long. .RE .sp .ne 2 .mk .na \fB\fBzfs unallow\fR [\fB-rldug\fR] "\fIeveryone\fR"|\fIuser\fR|\fIgroup\fR[,...] [\fIperm\fR|@\fIsetname\fR[, ...]] \fIfilesystem\fR|\fIvolume\fR\fR .ad .br .na \fB\fBzfs unallow\fR [\fB-rld\fR] \fB-e\fR [\fIperm\fR|@\fIsetname\fR [,...]] \fIfilesystem\fR|\fIvolume\fR\fR .ad .br .na \fB\fBzfs unallow\fR [\fB-r\fR] \fB-c\fR [\fIperm\fR|@\fIsetname\fR[,...]]\fR .ad .br .na \fB\fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Removes permissions that were granted with the \fBzfs allow\fR command. No permissions are explicitly denied, so other permissions granted are still in effect. For example, if the permission is granted by an ancestor. If no permissions are specified, then all permissions for the specified \fIuser\fR, \fIgroup\fR, or \fIeveryone\fR are removed. Specifying "everyone" (or using the \fB-e\fR option) only removes the permissions that were granted to "everyone", not all permissions for every user and group. See the \fBzfs allow\fR command for a description of the \fB-ldugec\fR options. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively remove the permissions from this file system and all descendents. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs unallow\fR [\fB-r\fR] \fB-s\fR @\fIsetname\fR [\fIperm\fR|@\fIsetname\fR[,...]]\fR .ad .br .na \fB\fIfilesystem\fR|\fIvolume\fR\fR .ad .sp .6 .RS 4n Removes permissions from a permission set. If no permissions are specified, then all permissions are removed, thus removing the set entirely. .RE .sp .ne 2 .mk .na \fB\fBzfs hold\fR [\fB-r\fR] \fItag\fR \fIsnapshot\fR...\fR .ad .sp .6 .RS 4n Adds a single reference, named with the \fItag\fR argument, to the specified snapshot or snapshots. Each snapshot has its own tag namespace, and tags must be unique within that space. .sp If a hold exists on a snapshot, attempts to destroy that snapshot by using the \fBzfs destroy\fR command return \fBEBUSY\fR. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Specifies that a hold with the given tag is applied recursively to the snapshots of all descendent file systems. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs holds\fR [\fB-r\fR] \fIsnapshot\fR...\fR .ad .sp .6 .RS 4n Lists all existing user references for the given snapshot or snapshots. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Lists the holds that are set on the named descendent snapshots, in addition to listing the holds on the named snapshot. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs release\fR [\fB-r\fR] \fItag\fR \fIsnapshot\fR...\fR .ad .sp .6 .RS 4n Removes a single reference, named with the \fItag\fR argument, from the specified snapshot or snapshots. The tag must already exist for each snapshot. .sp If a hold exists on a snapshot, attempts to destroy that snapshot by using the \fBzfs destroy\fR command return \fBEBUSY\fR. .sp .ne 2 .mk .na \fB\fB-r\fR\fR .ad .sp .6 .RS 4n Recursively releases a hold with the given tag on the snapshots of all descendent file systems. .RE .RE .sp .ne 2 .mk .na \fB\fBzfs diff\fR [\fB-FHt\fR] \fIsnapshot\fR \fIsnapshot|filesystem\fR .ad .sp .6 .RS 4n Display the difference between a snapshot of a given filesystem and another snapshot of that filesystem from a later time or the current contents of the filesystem. The first column is a character indicating the type of change, the other columns indicate pathname, new pathname (in case of rename), change in link count, and optionally file type and/or change time. The types of change are: .in +2 .nf - The path has been removed + The path has been created M The path has been modified R The path has been renamed .fi .in -2 .sp .ne 2 .na \fB-F\fR .ad .sp .6 .RS 4n Display an indication of the type of file, in a manner similar to the \fB-F\fR option of \fBls\fR(1). .in +2 .nf B Block device C Character device / Directory > Door | Named pipe @ Symbolic link P Event port = Socket F Regular file .fi .in -2 .RE .sp .ne 2 .na \fB-H\fR .ad .sp .6 .RS 4n Give more parseable tab-separated output, without header lines and without arrows. .RE .sp .ne 2 .na \fB-t\fR .ad .sp .6 .RS 4n Display the path's inode change time as the first column of output. .RE .SH EXAMPLES .LP \fBExample 1 \fRCreating a ZFS File System Hierarchy .sp .LP The following commands create a file system named \fBpool/home\fR and a file system named \fBpool/home/bob\fR. The mount point \fB/export/home\fR is set for the parent file system, and is automatically inherited by the child file system. .sp .in +2 .nf # \fBzfs create pool/home\fR # \fBzfs set mountpoint=/export/home pool/home\fR # \fBzfs create pool/home/bob\fR .fi .in -2 .sp .LP \fBExample 2 \fRCreating a ZFS Snapshot .sp .LP The following command creates a snapshot named \fByesterday\fR. This snapshot is mounted on demand in the \fB\&.zfs/snapshot\fR directory at the root of the \fBpool/home/bob\fR file system. .sp .in +2 .nf # \fBzfs snapshot pool/home/bob@yesterday\fR .fi .in -2 .sp .LP \fBExample 3 \fRCreating and Destroying Multiple Snapshots .sp .LP The following command creates snapshots named \fByesterday\fR of \fBpool/home\fR and all of its descendent file systems. Each snapshot is mounted on demand in the \fB\&.zfs/snapshot\fR directory at the root of its file system. The second command destroys the newly created snapshots. .sp .in +2 .nf # \fBzfs snapshot -r pool/home@yesterday\fR # \fBzfs destroy -r pool/home@yesterday\fR .fi .in -2 .sp .LP \fBExample 4 \fRDisabling and Enabling File System Compression .sp .LP The following command disables the \fBcompression\fR property for all file systems under \fBpool/home\fR. The next command explicitly enables \fBcompression\fR for \fBpool/home/anne\fR. .sp .in +2 .nf # \fBzfs set compression=off pool/home\fR # \fBzfs set compression=on pool/home/anne\fR .fi .in -2 .sp .LP \fBExample 5 \fRListing ZFS Datasets .sp .LP The following command lists all active file systems and volumes in the system. Snapshots are displayed if the \fBlistsnaps\fR property is \fBon\fR. The default is \fBoff\fR. See \fBzpool\fR(8) for more information on pool properties. .sp .in +2 .nf # \fBzfs list\fR NAME USED AVAIL REFER MOUNTPOINT pool 450K 457G 18K /pool pool/home 315K 457G 21K /export/home pool/home/anne 18K 457G 18K /export/home/anne pool/home/bob 276K 457G 276K /export/home/bob .fi .in -2 .sp .LP \fBExample 6 \fRSetting a Quota on a ZFS File System .sp .LP The following command sets a quota of 50 Gbytes for \fBpool/home/bob\fR. .sp .in +2 .nf # \fBzfs set quota=50G pool/home/bob\fR .fi .in -2 .sp .LP \fBExample 7 \fRListing ZFS Properties .sp .LP The following command lists all properties for \fBpool/home/bob\fR. .sp .in +2 .nf # \fBzfs get all pool/home/bob\fR NAME PROPERTY VALUE SOURCE pool/home/bob type filesystem - pool/home/bob creation Tue Jul 21 15:53 2009 - pool/home/bob used 21K - pool/home/bob available 20.0G - pool/home/bob referenced 21K - pool/home/bob compressratio 1.00x - pool/home/bob mounted yes - pool/home/bob quota 20G local pool/home/bob reservation none default pool/home/bob recordsize 128K default pool/home/bob mountpoint /pool/home/bob default pool/home/bob sharenfs off default pool/home/bob checksum on default pool/home/bob compression on local pool/home/bob atime on default pool/home/bob devices on default pool/home/bob exec on default pool/home/bob setuid on default pool/home/bob readonly off default pool/home/bob zoned off default pool/home/bob snapdir hidden default pool/home/bob aclmode groupmask default pool/home/bob aclinherit restricted default pool/home/bob canmount on default pool/home/bob shareiscsi off default pool/home/bob xattr on default pool/home/bob copies 1 default pool/home/bob version 4 - pool/home/bob utf8only off - pool/home/bob normalization none - pool/home/bob casesensitivity sensitive - pool/home/bob vscan off default pool/home/bob nbmand off default pool/home/bob sharesmb off default pool/home/bob refquota none default pool/home/bob refreservation none default pool/home/bob primarycache all default pool/home/bob secondarycache all default pool/home/bob usedbysnapshots 0 - pool/home/bob usedbydataset 21K - pool/home/bob usedbychildren 0 - pool/home/bob usedbyrefreservation 0 - pool/home/bob logbias latency default pool/home/bob dedup off default pool/home/bob mlslabel none default .fi .in -2 .sp .sp .LP The following command gets a single property value. .sp .in +2 .nf # \fBzfs get -H -o value compression pool/home/bob\fR on .fi .in -2 .sp .sp .LP The following command lists all properties with local settings for \fBpool/home/bob\fR. .sp .in +2 .nf # \fBzfs get -r -s local -o name,property,value all pool/home/bob\fR NAME PROPERTY VALUE pool/home/bob quota 20G pool/home/bob compression on .fi .in -2 .sp .LP \fBExample 8 \fRRolling Back a ZFS File System .sp .LP The following command reverts the contents of \fBpool/home/anne\fR to the snapshot named \fByesterday\fR, deleting all intermediate snapshots. .sp .in +2 .nf # \fBzfs rollback -r pool/home/anne@yesterday\fR .fi .in -2 .sp .LP \fBExample 9 \fRCreating a ZFS Clone .sp .LP The following command creates a writable file system whose initial contents are the same as \fBpool/home/bob@yesterday\fR. .sp .in +2 .nf # \fBzfs clone pool/home/bob@yesterday pool/clone\fR .fi .in -2 .sp .LP \fBExample 10 \fRPromoting a ZFS Clone .sp .LP The following commands illustrate how to test out changes to a file system, and then replace the original file system with the changed one, using clones, clone promotion, and renaming: .sp .in +2 .nf # \fBzfs create pool/project/production\fR populate /pool/project/production with data # \fBzfs snapshot pool/project/production@today\fR # \fBzfs clone pool/project/production@today pool/project/beta\fR make changes to /pool/project/beta and test them # \fBzfs promote pool/project/beta\fR # \fBzfs rename pool/project/production pool/project/legacy\fR # \fBzfs rename pool/project/beta pool/project/production\fR once the legacy version is no longer needed, it can be destroyed # \fBzfs destroy pool/project/legacy\fR .fi .in -2 .sp .LP \fBExample 11 \fRInheriting ZFS Properties .sp .LP The following command causes \fBpool/home/bob\fR and \fBpool/home/anne\fR to inherit the \fBchecksum\fR property from their parent. .sp .in +2 .nf # \fBzfs inherit checksum pool/home/bob pool/home/anne\fR .fi .in -2 .sp .LP \fBExample 12 \fRRemotely Replicating ZFS Data .sp .LP The following commands send a full stream and then an incremental stream to a remote machine, restoring them into \fBpoolB/received/fs@a\fRand \fBpoolB/received/fs@b\fR, respectively. \fBpoolB\fR must contain the file system \fBpoolB/received\fR, and must not initially contain \fBpoolB/received/fs\fR. .sp .in +2 .nf # \fBzfs send pool/fs@a | \e\fR \fBssh host zfs receive poolB/received/fs@a\fR # \fBzfs send -i a pool/fs@b | ssh host \e\fR \fBzfs receive poolB/received/fs\fR .fi .in -2 .sp .LP \fBExample 13 \fRUsing the \fBzfs receive\fR \fB-d\fR Option .sp .LP The following command sends a full stream of \fBpoolA/fsA/fsB@snap\fR to a remote machine, receiving it into \fBpoolB/received/fsA/fsB@snap\fR. The \fBfsA/fsB@snap\fR portion of the received snapshot's name is determined from the name of the sent snapshot. \fBpoolB\fR must contain the file system \fBpoolB/received\fR. If \fBpoolB/received/fsA\fR does not exist, it is created as an empty file system. .sp .in +2 .nf # \fBzfs send poolA/fsA/fsB@snap | \e ssh host zfs receive -d poolB/received\fR .fi .in -2 .sp .LP \fBExample 14 \fRSetting User Properties .sp .LP The following example sets the user-defined \fBcom.example:department\fR property for a dataset. .sp .in +2 .nf # \fBzfs set com.example:department=12345 tank/accounting\fR .fi .in -2 .sp .LP \fBExample 15 \fRCreating a ZFS Volume as an iSCSI Target Device .sp .LP The following example shows how to create a \fBZFS\fR volume as an \fBiSCSI\fR target. .sp .in +2 .nf # \fBzfs create -V 2g pool/volumes/vol1\fR # \fBzfs set shareiscsi=on pool/volumes/vol1\fR # \fBiscsitadm list target\fR Target: pool/volumes/vol1 iSCSI Name: iqn.1986-03.com.sun:02:7b4b02a6-3277-eb1b-e686-a24762c52a8c Connections: 0 .fi .in -2 .sp .sp .LP After the \fBiSCSI\fR target is created, set up the \fBiSCSI\fR initiator. For more information about the Solaris \fBiSCSI\fR initiator, see \fBiscsitadm\fR(1M). .LP \fBExample 16 \fRPerforming a Rolling Snapshot .sp .LP The following example shows how to maintain a history of snapshots with a consistent naming scheme. To keep a week's worth of snapshots, the user destroys the oldest snapshot, renames the remaining snapshots, and then creates a new snapshot, as follows: .sp .in +2 .nf # \fBzfs destroy -r pool/users@7daysago\fR # \fBzfs rename -r pool/users@6daysago @7daysago\fR # \fBzfs rename -r pool/users@5daysago @6daysago\fR # \fBzfs rename -r pool/users@yesterday @5daysago\fR # \fBzfs rename -r pool/users@yesterday @4daysago\fR # \fBzfs rename -r pool/users@yesterday @3daysago\fR # \fBzfs rename -r pool/users@yesterday @2daysago\fR # \fBzfs rename -r pool/users@today @yesterday\fR # \fBzfs snapshot -r pool/users@today\fR .fi .in -2 .sp .LP \fBExample 17 \fRSetting \fBsharenfs\fR Property Options on a ZFS File System .sp .LP The following commands show how to set \fBsharenfs\fR property options to enable \fBrw\fR access for a set of \fBIP\fR addresses and to enable root access for system \fBneo\fR on the \fBtank/home\fR file system. .sp .in +2 .nf # \fBzfs set sharenfs='rw=@123.123.0.0/16,root=neo' tank/home\fR .fi .in -2 .sp .sp .LP If you are using \fBDNS\fR for host name resolution, specify the fully qualified hostname. .LP \fBExample 18 \fRDelegating ZFS Administration Permissions on a ZFS Dataset .sp .LP The following example shows how to set permissions so that user \fBcindys\fR can create, destroy, mount, and take snapshots on \fBtank/cindys\fR. The permissions on \fBtank/cindys\fR are also displayed. .sp .in +2 .nf # \fBzfs allow cindys create,destroy,mount,snapshot tank/cindys\fR # \fBzfs allow tank/cindys\fR ------------------------------------------------------------- Local+Descendent permissions on (tank/cindys) user cindys create,destroy,mount,snapshot ------------------------------------------------------------- .fi .in -2 .sp .sp .LP Because the \fBtank/cindys\fR mount point permission is set to 755 by default, user \fBcindys\fR will be unable to mount file systems under \fBtank/cindys\fR. Set an \fBACL\fR similar to the following syntax to provide mount point access: .sp .in +2 .nf # \fBchmod A+user:cindys:add_subdirectory:allow /tank/cindys\fR .fi .in -2 .sp .LP \fBExample 19 \fRDelegating Create Time Permissions on a ZFS Dataset .sp .LP The following example shows how to grant anyone in the group \fBstaff\fR to create file systems in \fBtank/users\fR. This syntax also allows staff members to destroy their own file systems, but not destroy anyone else's file system. The permissions on \fBtank/users\fR are also displayed. .sp .in +2 .nf # \fBzfs allow staff create,mount tank/users\fR # \fBzfs allow -c destroy tank/users\fR # \fBzfs allow tank/users\fR ------------------------------------------------------------- Create time permissions on (tank/users) create,destroy Local+Descendent permissions on (tank/users) group staff create,mount ------------------------------------------------------------- .fi .in -2 .sp .LP \fBExample 20 \fRDefining and Granting a Permission Set on a ZFS Dataset .sp .LP The following example shows how to define and grant a permission set on the \fBtank/users\fR file system. The permissions on \fBtank/users\fR are also displayed. .sp .in +2 .nf # \fBzfs allow -s @pset create,destroy,snapshot,mount tank/users\fR # \fBzfs allow staff @pset tank/users\fR # \fBzfs allow tank/users\fR ------------------------------------------------------------- Permission sets on (tank/users) @pset create,destroy,mount,snapshot Create time permissions on (tank/users) create,destroy Local+Descendent permissions on (tank/users) group staff @pset,create,mount ------------------------------------------------------------- .fi .in -2 .sp .LP \fBExample 21 \fRDelegating Property Permissions on a ZFS Dataset .sp .LP The following example shows to grant the ability to set quotas and reservations on the \fBusers/home\fR file system. The permissions on \fBusers/home\fR are also displayed. .sp .in +2 .nf # \fBzfs allow cindys quota,reservation users/home\fR # \fBzfs allow users/home\fR ------------------------------------------------------------- Local+Descendent permissions on (users/home) user cindys quota,reservation ------------------------------------------------------------- cindys% \fBzfs set quota=10G users/home/marks\fR cindys% \fBzfs get quota users/home/marks\fR NAME PROPERTY VALUE SOURCE users/home/marks quota 10G local .fi .in -2 .sp .LP \fBExample 22 \fRRemoving ZFS Delegated Permissions on a ZFS Dataset .sp .LP The following example shows how to remove the snapshot permission from the \fBstaff\fR group on the \fBtank/users\fR file system. The permissions on \fBtank/users\fR are also displayed. .sp .in +2 .nf # \fBzfs unallow staff snapshot tank/users\fR # \fBzfs allow tank/users\fR ------------------------------------------------------------- Permission sets on (tank/users) @pset create,destroy,mount,snapshot Create time permissions on (tank/users) create,destroy Local+Descendent permissions on (tank/users) group staff @pset,create,mount ------------------------------------------------------------- .fi .in -2 .sp .LP \fBExample 23\fR Showing the differences between a snapshot and a ZFS Dataset .sp .LP The following example shows how to see what has changed between a prior snapshot of a ZFS Dataset and its current state. The \fB-F\fR option is used to indicate type information for the files affected. .sp .in +2 .nf # zfs diff -F tank/test@before tank/test M / /tank/test/ M F /tank/test/linked (+1) R F /tank/test/oldname -> /tank/test/newname - F /tank/test/deleted + F /tank/test/created M F /tank/test/modified .fi .in -2 .sp .SH EXIT STATUS .sp .LP The following exit values are returned: .sp .ne 2 .mk .na \fB\fB0\fR\fR .ad .sp .6 .RS 4n Successful completion. .RE .sp .ne 2 .mk .na \fB\fB1\fR\fR .ad .sp .6 .RS 4n An error occurred. .RE .sp .ne 2 .mk .na \fB\fB2\fR\fR .ad .sp .6 .RS 4n Invalid command line options were specified. .RE .SH SEE ALSO .sp .LP \fBchmod\fR(2), \fBfsync\fR(2), \fBgzip\fR(1), \fBmount\fR(8), \fBssh\fR(1), \fBstat\fR(2), \fBwrite\fR(2), \fBzpool\fR(8) diff --git a/scripts/Makefile.am b/scripts/Makefile.am index 3dc1e67fbefd..d8cb00705813 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -1,69 +1,70 @@ SUBDIRS = zpool-config zpool-layout zpios-test zpios-profile pkglibexecdir = $(libexecdir)/@PACKAGE@ dist_pkglibexec_SCRIPTS = \ $(top_builddir)/scripts/common.sh \ $(top_srcdir)/scripts/zconfig.sh \ $(top_srcdir)/scripts/zfault.sh \ $(top_srcdir)/scripts/zfs.sh \ $(top_srcdir)/scripts/zpool-create.sh \ $(top_srcdir)/scripts/zpios.sh \ $(top_srcdir)/scripts/zpios-sanity.sh \ - $(top_srcdir)/scripts/zpios-survey.sh + $(top_srcdir)/scripts/zpios-survey.sh \ + $(top_srcdir)/scripts/smb.sh ZFS=$(top_builddir)/scripts/zfs.sh ZCONFIG=$(top_builddir)/scripts/zconfig.sh ZFAULT=$(top_builddir)/scripts/zfault.sh ZTEST=$(top_builddir)/cmd/ztest/ztest ZPIOS_SANITY=$(top_builddir)/scripts/zpios-sanity.sh all: @list='$(dist_pkglibexec_SCRIPTS)'; \ for file in $$list; do \ link=$$(basename $$file); \ if [ ! -e $$link ]; then \ $(LN_S) $$file $$link; \ fi \ done clean: @list='$(dist_pkglibexec_SCRIPTS)'; \ for file in $$list; do \ link=$$(basename $$file); \ if [ -L $$link ]; then \ $(RM) $$link; \ fi \ done check: @$(ZFS) -u @echo @echo -n "====================================" @echo -n " ZTEST " @echo "====================================" @echo @$(ZFS) @$(ZTEST) -V @$(ZFS) -u @echo @echo @echo -n "===================================" @echo -n " ZCONFIG " @echo "===================================" @echo @$(ZCONFIG) -c @echo @echo -n "===================================" @echo -n " ZFAULT " @echo "===================================" @echo @$(ZFAULT) -c @echo @echo -n "====================================" @echo -n " ZPIOS " @echo "====================================" @echo @$(ZFS) @$(ZPIOS_SANITY) @$(ZFS) -u @echo diff --git a/scripts/smb.sh b/scripts/smb.sh new file mode 100755 index 000000000000..7cf6c4bc12fb --- /dev/null +++ b/scripts/smb.sh @@ -0,0 +1,214 @@ +#!/bin/bash + +BASETANK="share" +DATE=`date "+%Y%m%d"` + +TEST_SMBFS=0 +TEST_DESTROY=0 + +if [ -z "$1" ]; then + echo "Usage: `basename $0` [unpack]<[smbfs][snapshot][all]>" + exit 1 +fi + +set_onoff() { + type="$1" + dataset="$2" + toggle="$3" + + current=`zfs get -H $type -o value $dataset` + if [ "$current" != "$toggle" ]; then + run "zfs set $type=$toggle $dataset" + fi +} + +check_exists() { + dataset="$1" + + extra="" + [ -n "$2" ] && extra="$2" + + zfs get all "$dataset" > /dev/null 2>&1 + if [ $? != 0 ]; then + run "zfs create $extra $dataset" + fi +} + +check_shares() { + if [ "$TEST_SMBFS" == "1" ]; then + echo "Shares:" + echo "=> usershare list:" + net usershare list + echo + echo "=> /etc/dfs/sharetab:" + cat /etc/dfs/sharetab + echo + fi + + sleep 2 +} + +test_header() { + echo "TEST: $*" + echo "======================================" +} + +run() { + cmd="$*" + + echo "CMD: $cmd" + $cmd +} + +# --------- +# Needs more work... +if echo "$*" | grep -qi "unpack"; then + zfs unmount -a + zfs unshare -a + run "zfs destroy -r $BASETANK/tests" + + sh /etc/init.d/zfs stop + +# for tid in `grep ^tid /proc/net/iet/volume | sed "s@.*:\([0-9].*\) name.*@\1@"` +# do +# ietadm --op delete --tid $tid +# done + + set -e + rmmod `lsmod | grep ^z | grep -v zlib_deflate | sed 's@ .*@@'` spl zlib_deflate + + pushd / > /dev/null + [ -f "tmp/zfs.tgz" ] && tar xzf tmp/zfs.tgz && rm tmp/zfs.tgz + [ -f "tmp/spl.tgz" ] && tar xzf tmp/spl.tgz && rm tmp/spl.tgz + popd > /dev/null + + depmod -a + + sh /etc/init.d/zfs start + set +e +fi + +# --------- +if echo "$*" | egrep -qi "smbfs|all"; then + check_exists $BASETANK/tests + + TEST_SMBFS=1 + + test_header "Exists || Create" + str= + for volnr in 1 2 3; do + check_exists $BASETANK/tests/smbfs$volnr + + str="$str $BASETANK/tests/smbfs$volnr" + done + run "zfs get sharesmb $str" + + # Set sharesmb=on + test_header "Enable SMB share" + for volnr in 1 2 3; do + set_onoff sharesmb "$BASETANK/tests/smbfs$volnr" on + check_shares + done + + # Share all + test_header "Share all (individually)" + for volnr in 1 2 3; do + run "zfs share $BASETANK/tests/smbfs$volnr" + check_shares + done + + # Unshare all + test_header "Unshare all (individually)" + for volnr in 1 2 3; do + run "zfs unshare $BASETANK/tests/smbfs$volnr" + check_shares + done + + # Change mountpoint - first unshare and then share individual + test_header "Change mount point (unshare ; share)" + mkdir -p /tests + set_onoff sharesmb "$str" off + for volnr in 3 1 2; do + run "zfs set mountpoint=/tests/smbfs$volnr $BASETANK/tests/smbfs$volnr" + echo "CMD: mount | grep ^$BASETANK/tests/smbfs$volnr" + mount | grep ^$BASETANK/tests/smbfs$volnr + echo + + run "zfs mount $BASETANK/tests/smbfs$volnr" + echo "CMD: mount | grep ^$BASETANK/tests/smbfs$volnr" + mount | grep ^$BASETANK/tests/smbfs$volnr + echo + + set_onoff sharesmb "$BASETANK/tests/smbfs$volnr" on + check_shares + + run "zfs share $BASETANK/tests/smbfs$volnr" + check_shares + + echo "-------------------" + done + + # Change mountpoint - remounting + test_header "Change mount point (remounting)" + for volnr in 3 1 2; do + run "zfs set mountpoint=/$BASETANK/tests/smbfs$volnr $BASETANK/tests/smbfs$volnr" + echo "CMD: mount | grep ^$BASETANK/tests/smbfs$volnr" + mount | grep ^$BASETANK/tests/smbfs$volnr + echo + # => Doesn't seem to remount (!?) + + run "zfs mount $BASETANK/tests/smbfs$volnr" + echo "CMD: mount | grep ^$BASETANK/tests/smbfs$volnr" + mount | grep ^$BASETANK/tests/smbfs$volnr + echo + # => Doesn't seem to reshare (!?) + + check_shares + + run "zfs share $BASETANK/tests/smbfs$volnr" + check_shares + + echo "-------------------" + done +fi + +# --------- +if echo "$*" | egrep -qi "smbfs|all"; then + test_header "Unshare + Share all" + + run "zfs share -a" ; check_shares + run "zfs unshare -a" ; check_shares +fi + +# --------- +if echo "$*" | grep -qi "snapshot|all"; then + test_header "Snapshots" + + echo ; echo "-------------------" + check_exists $BASETANK/tests/destroy + check_exists $BASETANK/tests/destroy/destroy1 + run "zfs destroy -r $BASETANK/tests/destroy" + + echo ; echo "-------------------" + check_exists $BASETANK/tests/destroy + run "zfs snapshot $BASETANK/tests/destroy@$DATE" + run "zfs destroy -r $BASETANK/tests/destroy" + + echo ; echo "-------------------" + check_exists $BASETANK/tests/destroy + run "zfs snapshot $BASETANK/tests/destroy@$DATE" + run "zfs destroy -r $BASETANK/tests/destroy@$DATE" + run "zfs destroy -r $BASETANK/tests/destroy" +fi + +if echo "$*" | egrep -qi "smbfs|snapshot|all"; then + test_header "Cleanup (Share all + Destroy all)" + + run "zfs share -a" + check_shares + + run "zfs destroy -r $BASETANK/tests" + check_shares + + run "zfs list" +fi