From owner-freebsd-fs@freebsd.org Mon Nov 18 10:01:32 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 362341BAF2F for ; Mon, 18 Nov 2019 10:01:32 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47Gkxk6y6wz4fkP; Mon, 18 Nov 2019 10:01:30 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id B78B79DC7F1; Mon, 18 Nov 2019 11:01:26 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: Date: Mon, 18 Nov 2019 11:01:26 +0100 Cc: Alan Somers , Jan Behrens , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> To: mike tancsa X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47Gkxk6y6wz4fkP X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.00 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.70)[ip: (-7.53), ipnet: 195.16.128.0/19(-3.52), asn: 3262(-2.50), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Nov 2019 10:01:32 -0000 > On 7 Nov 2019, at 15:54, mike tancsa wrote: >=20 > On 11/6/2019 7:02 PM, Alan Somers wrote: >>=20 >> Your analysis of the snapdir is correct. Setting it to hidden = doesn't make >> it inaccessible. That's not unique to FreeBSD, however. I believe = it's >> common to all ZFS implementations (I just double checked on Oracle >> Solaris). Also, the problem isn't unique to ZFS. Any backup system = would >> have the same problem, as long as users are allowed to access the = backups >> directly. And in fact, Bob could've directly observed Alice's id_rsa = file >> before she changed it. So I don't think this should be considered a >> security vulnerability. The best course for Alice would be to = consider her >> id_rsa as compromised as soon as she notices the problem, and delete = it. >=20 > Still, it would be a nice feature to have where .zfs could be set to > root only read. In a multi user system, my users (me included) do = all > sorts of accidental foot shooting things like making files readable = for > a brief period of time they should not make readable. I think I = recall > ZoL adding this as a feature back when I ran into this issue via zfs > allow / unallow ? Or at least I think I saw discussion about it. >=20 > https://github.com/zfsonlinux/zfs/issues/3963 The problem is, snapshot access breaks the semantics of chown() and = chmod(). Maybe a lesser evil would be to define a uid with snapshot access for = each dataset. At least for systems with a dataset per home directory it would allow a user to = access their past snapshots while at the same time restricting to past snapshots to other users. Borja.= From owner-freebsd-fs@freebsd.org Mon Nov 18 13:09:10 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 49BCE1BF6F0 for ; Mon, 18 Nov 2019 13:09:10 +0000 (UTC) (envelope-from mike@sentex.net) Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [IPv6:2607:f3e0:0:3::19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "pyroxene2.sentex.ca", Issuer "pyroxene2.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 47Gq6F2Z5sz4PYs; Mon, 18 Nov 2019 13:09:09 +0000 (UTC) (envelope-from mike@sentex.net) Received: from [192.168.43.29] ([192.168.43.29]) by pyroxene2a.sentex.ca (8.15.2/8.15.2) with ESMTPS id xAID973M003166 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 18 Nov 2019 08:09:08 -0500 (EST) (envelope-from mike@sentex.net) Subject: Re: ZFS snapdir readability (Crosspost) To: Borja Marcos Cc: Alan Somers , Jan Behrens , freebsd-fs References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> From: mike tancsa Openpgp: preference=signencrypt Autocrypt: addr=mike@sentex.net; keydata= mQENBFywzOMBCACoNFpwi5MeyEREiCeHtbm6pZJI/HnO+wXdCAWtZkS49weOoVyUj5BEXRZP xflV2ib2hflX4nXqhenaNiia4iaZ9ft3I1ebd7GEbGnsWCvAnob5MvDZyStDAuRxPJK1ya/s +6rOvr+eQiXYNVvfBhrCfrtR/esSkitBGxhUkBjOti8QwzD71JVF5YaOjBAs7jZUKyLGj0kW yDg4jUndudWU7G2yc9GwpHJ9aRSUN8e/mWdIogK0v+QBHfv/dsI6zVB7YuxCC9Fx8WPwfhDH VZC4kdYCQWKXrm7yb4TiVdBh5kgvlO9q3js1yYdfR1x8mjK2bH2RSv4bV3zkNmsDCIxjABEB AAG0HW1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5uZXQ+iQFUBBMBCAA+FiEEmuvCXT0aY6hs 4SbWeVOEFl5WrMgFAlywzOYCGwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ eVOEFl5WrMhnPAf7Bf+ola0V9t4i8rwCMGvzkssGaxY/5zNSZO9BgSgfN0WzgmBEOy/3R4km Yn5KH94NltJYAAE5hqkFmAwK6psOqAR9cxHrRfU+gV2KO8pCDc6K/htkQcd/mclJYpCHp6Eq EVJOiAxcNaYuHZkeMdXDuvvI5Rk82VHk84BGgxIqIrhLlkguoPbXOOa+8c/Mpb1sRAGZEOuX EzKNC49+GS9gKW6ISbanyPsGEcFyP7GKMzcHBPf3cPrewZQZ6gBoNscasL6IJeAQDqzQAxbU GjO0qBSMRgnLXK7+DJlxrYdHGXqNbV6AYsmHJ6c2WWWiuRviFBqXinlgJ2FnYebZPAfWibkB DQRcsMzkAQgA1Dpo/xWS66MaOJLwA28sKNMwkEk1Yjs+okOXDOu1F+0qvgE8sVmrOOPvvWr4 axtKRSG1t2QUiZ/ZkW/x/+t0nrM39EANV1VncuQZ1ceIiwTJFqGZQ8kb0+BNkwuNVFHRgXm1 qzAJweEtRdsCMohB+H7BL5LGCVG5JaU0lqFU9pFP40HxEbyzxjsZgSE8LwkI6wcu0BLv6K6c Lm0EiHPOl5G8kgRi38PS7/6s3R8QDsEtbGsYy6O82k3zSLIjuDBwA9GRaeigGppTxzAHVjf5 o9KKu4O7gC2KKVHPegbXS+GK7DU0fjzX57H5bZ6komE5eY4p3oWT/CwVPSGfPs8jOwARAQAB iQE8BBgBCAAmFiEEmuvCXT0aY6hs4SbWeVOEFl5WrMgFAlywzOQCGwwFCQHhM4AACgkQeVOE Fl5WrMhmjQf/dBCjAVn1J0GzSsHiLvSAQz1cchbdy8LD0Tnpzjgp5KLU7sNojbI8vqt4yKAi cayI88j8+xxNXPMWM4pHELuUuVHS5XTpHa/wwulUtI5w/zyKlUDsIvqTPZLUEwH7DfNBueVM WyNaIjV2kxSmM8rNMC+RkgyfbjGLCkmWsMRVuLIUYpl5D9WHmenUbiErlKU2KvEEXEg/aLKq 3m/AdM9RAYsP9O4l+sAZEfyYoNJzDhTZMzn/9Q0uFPLK9smDQh4WBTFaApveVJPHRKmHPoNF Xxj+yScYdQ4SKH34WnhNSELvnZQ3ulH5tpASmm0w+GxfZqSc8+QCwoKtBRDUxoE56A== Message-ID: Date: Mon, 18 Nov 2019 08:09:08 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US X-Rspamd-Queue-Id: 47Gq6F2Z5sz4PYs X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mike@sentex.net designates 2607:f3e0:0:3::19 as permitted sender) smtp.mailfrom=mike@sentex.net X-Spamd-Result: default: False [-2.71 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ptr]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; MIME_GOOD(-0.10)[text/plain]; HFILTER_HELO_IP_A(1.00)[pyroxene2a.sentex.ca]; DMARC_NA(0.00)[sentex.net]; HFILTER_HELO_NORES_A_OR_MX(0.30)[pyroxene2a.sentex.ca]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; IP_SCORE(-1.71)[ipnet: 2607:f3e0::/32(-4.93), asn: 11647(-3.55), country: CA(-0.09)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Nov 2019 13:09:10 -0000 On 11/18/2019 5:01 AM, Borja Marcos wrote: > >> On 11/6/2019 7:02 PM, Alan Somers wrote: >>> Your analysis of the snapdir is correct. Setting it to hidden doesn't make >>> it inaccessible. That's not unique to FreeBSD, however. I believe it's >>> common to all ZFS implementations (I just double checked on Oracle >>> Solaris). Also, the problem isn't unique to ZFS. Any backup system would >>> have the same problem, as long as users are allowed to access the backups >>> directly. And in fact, Bob could've directly observed Alice's id_rsa file >>> before she changed it. So I don't think this should be considered a >>> security vulnerability. The best course for Alice would be to consider her >>> id_rsa as compromised as soon as she notices the problem, and delete it. >> Still, it would be a nice feature to have where .zfs could be set to >> root only read. In a multi user system, my users (me included) do all >> sorts of accidental foot shooting things like making files readable for >> a brief period of time they should not make readable. I think I recall >> ZoL adding this as a feature back when I ran into this issue via zfs >> allow / unallow ? Or at least I think I saw discussion about it. >> >> https://github.com/zfsonlinux/zfs/issues/3963 > The problem is, snapshot access breaks the semantics of chown() and chmod(). > As the snapshots are always readonly, I think chown and chmod dont really apply in this use case. Also, the fact that the mounts can be set to be "visibile" or "invisible" has its own, different convention from UFS/NFS who dont have that "invisibility" feature (that I know of anyway). > Maybe a lesser evil would be to define a uid with snapshot access for each dataset. At least > for systems with a dataset per home directory it would allow a user to access their past snapshots > while at the same time restricting to past snapshots to other users. the problem is you could have a "rogue" snapshot. eg. a user does chmod a+rx ~ and leaves it on by mistake for a day. Any snapshots kept from that period would leave that directory open. I think having a "snapshots not mounted" option adds a layer of security flexibility safety.      ---Mike From owner-freebsd-fs@freebsd.org Wed Nov 20 08:17:56 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1C6181ADE92; Wed, 20 Nov 2019 08:17:56 +0000 (UTC) (envelope-from agapon@gmail.com) Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com [209.85.208.170]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47HwYG4fDpz4V52; Wed, 20 Nov 2019 08:17:54 +0000 (UTC) (envelope-from agapon@gmail.com) Received: by mail-lj1-f170.google.com with SMTP id g3so26412901ljl.11; Wed, 20 Nov 2019 00:17:54 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=UJXrHxreOFS0l0IEDB6o3J7o3ruoGBOWaGjPzy2d7pg=; b=C6oIxtmAyY1L+ZIzneV5k+Kb/x8ScPvl19NTU7/KcnHWOcM2c5CDjeU9uxY/KJUbQM yZvxSQ27uto6u63XfrUhSU/k/uKPfCiiHGZEusuAC0xzOnZGANceUi1LT/XNWwY7WKmM JOMcDRZMKVcRBJXwYkhsgp0hrZXydaHWOaTDMn2h6lHTfvwjiFMCxZYNS22kULiyn0S2 /xT+IoPsd3EC/mQLcfKwItaLmd0UjDIdasL+x3iH14jgBNSPZrkTu4RTdR9HYpoUe5D+ 7RFGCYWpDgRx6IHYEcm1dHsa9C6i+rYTlLQWea6P78D7rGmxf4FPXxNPnaom/KWoS9JU dHhQ== X-Gm-Message-State: APjAAAXcHC2HxpK4WIYTT9lwkzT+A3bfhAsX2H9Ynk2gbloQXaBcRa1u aWzpJsGiZq0Dy4rD6f0kL9ArV3W2a/o= X-Google-Smtp-Source: APXvYqzIIUb4YdfGTzrnp4f8MJ1nCvZzeil41a9ElpDbhG+Kn7n7z0Z+Oo+JJDBdGhzoidA9QAq4bw== X-Received: by 2002:a2e:9dd5:: with SMTP id x21mr1516466ljj.232.1574237872604; Wed, 20 Nov 2019 00:17:52 -0800 (PST) Received: from [192.168.0.88] (east.meadow.volia.net. [93.72.151.96]) by smtp.googlemail.com with ESMTPSA id e7sm11474296lja.5.2019.11.20.00.17.51 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 20 Nov 2019 00:17:51 -0800 (PST) Subject: Re: Revisiting the ZFS test suite To: Alan Somers , freebsd-testing , freebsd-fs References: From: Andriy Gapon Openpgp: preference=signencrypt Autocrypt: addr=avg@FreeBSD.org; prefer-encrypt=mutual; keydata= mQINBFm4LIgBEADNB/3lT7f15UKeQ52xCFQx/GqHkSxEdVyLFZTmY3KyNPQGBtyvVyBfprJ7 mAeXZWfhat6cKNRAGZcL5EmewdQuUfQfBdYmKjbw3a9GFDsDNuhDA2QwFt8BmkiVMRYyvI7l N0eVzszWCUgdc3qqM6qqcgBaqsVmJluwpvwp4ZBXmch5BgDDDb1MPO8AZ2QZfIQmplkj8Y6Z AiNMknkmgaekIINSJX8IzRzKD5WwMsin70psE8dpL/iBsA2cpJGzWMObVTtCxeDKlBCNqM1i gTXta1ukdUT7JgLEFZk9ceYQQMJJtUwzWu1UHfZn0Fs29HTqawfWPSZVbulbrnu5q55R4PlQ /xURkWQUTyDpqUvb4JK371zhepXiXDwrrpnyyZABm3SFLkk2bHlheeKU6Yql4pcmSVym1AS4 dV8y0oHAfdlSCF6tpOPf2+K9nW1CFA8b/tw4oJBTtfZ1kxXOMdyZU5fiG7xb1qDgpQKgHUX8 7Rd2T1UVLVeuhYlXNw2F+a2ucY+cMoqz3LtpksUiBppJhw099gEXehcN2JbUZ2TueJdt1FdS ztnZmsHUXLxrRBtGwqnFL7GSd6snpGIKuuL305iaOGODbb9c7ne1JqBbkw1wh8ci6vvwGlzx rexzimRaBzJxlkjNfMx8WpCvYebGMydNoeEtkWldtjTNVsUAtQARAQABtB5BbmRyaXkgR2Fw b24gPGF2Z0BGcmVlQlNELm9yZz6JAlQEEwEIAD4WIQS+LEO7ngQnXA4Bjr538m7TUc1yjwUC WbgsiAIbIwUJBaOagAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRB38m7TUc1yj+JAEACV l9AK/nOWAt/9cufV2fRj0hdOqB1aCshtSrwHk/exXsDa4/FkmegxXQGY+3GWX3deIyesbVRL rYdtdK0dqJyT1SBqXK1h3/at9rxr9GQA6KWOxTjUFURsU7ok/6SIlm8uLRPNKO+yq0GDjgaO LzN+xykuBA0FlhQAXJnpZLcVfPJdWv7sSHGedL5ln8P8rxR+XnmsA5TUaaPcbhTB+mG+iKFj GghASDSfGqLWFPBlX/fpXikBDZ1gvOr8nyMY9nXhgfXpq3B6QCRYKPy58ChrZ5weeJZ29b7/ QdEO8NFNWHjSD9meiLdWQaqo9Y7uUxN3wySc/YUZxtS0bhAd8zJdNPsJYG8sXgKjeBQMVGuT eCAJFEYJqbwWvIXMfVWop4+O4xB+z2YE3jAbG/9tB/GSnQdVSj3G8MS80iLS58frnt+RSEw/ psahrfh0dh6SFHttE049xYiC+cM8J27Aaf0i9RflyITq57NuJm+AHJoU9SQUkIF0nc6lfA+o JRiyRlHZHKoRQkIg4aiKaZSWjQYRl5Txl0IZUP1dSWMX4s3XTMurC/pnja45dge/4ESOtJ9R 8XuIWg45Oq6MeIWdjKddGhRj3OohsltKgkEU3eLKYtB6qRTQypHHUawCXz88uYt5e3w4V16H lCpSTZV/EVHnNe45FVBlvK7k7HFfDDkryLkCDQRZuCyIARAAlq0slcsVboY/+IUJdcbEiJRW be9HKVz4SUchq0z9MZPX/0dcnvz/gkyYA+OuM78dNS7Mbby5dTvOqfpLJfCuhaNYOhlE0wY+ 1T6Tf1f4c/uA3U/YiadukQ3+6TJuYGAdRZD5EqYFIkreARTVWg87N9g0fT9BEqLw9lJtEGDY EWUE7L++B8o4uu3LQFEYxcrb4K/WKmgtmFcm77s0IKDrfcX4doV92QTIpLiRxcOmCC/OCYuO jB1oaaqXQzZrCutXRK0L5XN1Y1PYjIrEzHMIXmCDlLYnpFkK+itlXwlE2ZQxkfMruCWdQXye syl2fynAe8hvp7Mms9qU2r2K9EcJiR5N1t1C2/kTKNUhcRv7Yd/vwusK7BqJbhlng5ZgRx0m WxdntU/JLEntz3QBsBsWM9Y9wf2V4tLv6/DuDBta781RsCB/UrU2zNuOEkSixlUiHxw1dccI 6CVlaWkkJBxmHX22GdDFrcjvwMNIbbyfQLuBq6IOh8nvu9vuItup7qemDG3Ms6TVwA7BD3j+ 3fGprtyW8Fd/RR2bW2+LWkMrqHffAr6Y6V3h5kd2G9Q8ZWpEJk+LG6Mk3fhZhmCnHhDu6CwN MeUvxXDVO+fqc3JjFm5OxhmfVeJKrbCEUJyM8ESWLoNHLqjywdZga4Q7P12g8DUQ1mRxYg/L HgZY3zfKOqcAEQEAAYkCPAQYAQgAJhYhBL4sQ7ueBCdcDgGOvnfybtNRzXKPBQJZuCyIAhsM BQkFo5qAAAoJEHfybtNRzXKPBVwQAKfFy9P7N3OsLDMB56A4Kf+ZT+d5cIx0Yiaf4n6w7m3i ImHHHk9FIetI4Xe54a2IXh4Bq5UkAGY0667eIs+Z1Ea6I2i27Sdo7DxGwq09Qnm/Y65ADvXs 3aBvokCcm7FsM1wky395m8xUos1681oV5oxgqeRI8/76qy0hD9WR65UW+HQgZRIcIjSel9vR XDaD2HLGPTTGr7u4v00UeTMs6qvPsa2PJagogrKY8RXdFtXvweQFz78NbXhluwix2Tb9ETPk LIpDrtzV73CaE2aqBG/KrboXT2C67BgFtnk7T7Y7iKq4/XvEdDWscz2wws91BOXuMMd4c/c4 OmGW9m3RBLufFrOag1q5yUS9QbFfyqL6dftJP3Zq/xe+mr7sbWbhPVCQFrH3r26mpmy841ym dwQnNcsbIGiBASBSKksOvIDYKa2Wy8htPmWFTEOPRpFXdGQ27awcjjnB42nngyCK5ukZDHi6 w0qK5DNQQCkiweevCIC6wc3p67jl1EMFY5+z+zdTPb3h7LeVnGqW0qBQl99vVFgzLxchKcl0 R/paSFgwqXCZhAKMuUHncJuynDOP7z5LirUeFI8qsBAJi1rXpQoLJTVcW72swZ42IdPiboqx NbTMiNOiE36GqMcTPfKylCbF45JNX4nF9ElM0E+Y8gi4cizJYBRr2FBJgay0b9Cp Message-ID: <1ef80fd8-d695-010f-9dc8-a6b9a2a80f8e@FreeBSD.org> Date: Wed, 20 Nov 2019 10:17:51 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 47HwYG4fDpz4V52 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of agapon@gmail.com designates 209.85.208.170 as permitted sender) smtp.mailfrom=agapon@gmail.com X-Spamd-Result: default: False [-3.13 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[FreeBSD.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; IP_SCORE(-1.13)[ip: (-0.43), ipnet: 209.85.128.0/17(-3.18), asn: 15169(-1.97), country: US(-0.05)]; TO_DN_ALL(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[170.208.85.209.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FORGED_SENDER(0.30)[avg@FreeBSD.org,agapon@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[170.208.85.209.rep.mailspike.net : 127.0.0.17]; MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[avg@FreeBSD.org,agapon@gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[96.151.72.93.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 08:17:56 -0000 On 04/10/2019 19:23, Alan Somers wrote: > My employment status changed last week, and I find myself once again > working on ZFS. It's hard to have confidence in any changes without a > solid test suite, so my main task right now is to fix the problems in > FreeBSD's ZFS test suite. Our most recent run had 64 failed tests and 99 > skipped ones; let's get those down to 0 and something small, respectively. > > https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/3880/testReport/ > > Would anybody be interested to review my changes to the test suite? It's > not terrible if I have to commit without review; I can't possibly break > anything but the test suite itself. Alan, just curious, did you have any plans to merge new tests and changes to existing tests from illumos or ZoL? I've imported quite a few code changes, many times there were test changes or new test, but I never took time to merge them. -- Andriy Gapon From owner-freebsd-fs@freebsd.org Wed Nov 20 10:07:32 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 344471B1585 for ; Wed, 20 Nov 2019 10:07:32 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47Hyzl00Bmz4bYC; Wed, 20 Nov 2019 10:07:30 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id 713159DD227; Wed, 20 Nov 2019 11:07:25 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: Date: Wed, 20 Nov 2019 11:07:24 +0100 Cc: Alan Somers , Jan Behrens , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> To: mike tancsa X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47Hyzl00Bmz4bYC X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.07 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.77)[ip: (-7.78), ipnet: 195.16.128.0/19(-3.58), asn: 3262(-2.55), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 10:07:32 -0000 > On 18 Nov 2019, at 14:09, mike tancsa wrote: >=20 > On 11/18/2019 5:01 AM, Borja Marcos wrote: >>=20 >>> On 11/6/2019 7:02 PM, Alan Somers wrote: >>>> Your analysis of the snapdir is correct. Setting it to hidden = doesn't make >>>> it inaccessible. That's not unique to FreeBSD, however. I believe = it's >>>> common to all ZFS implementations (I just double checked on Oracle >>>> Solaris). Also, the problem isn't unique to ZFS. Any backup = system would >>>> have the same problem, as long as users are allowed to access the = backups >>>> directly. And in fact, Bob could've directly observed Alice's = id_rsa file >>>> before she changed it. So I don't think this should be considered = a >>>> security vulnerability. The best course for Alice would be to = consider her >>>> id_rsa as compromised as soon as she notices the problem, and = delete it. >>> Still, it would be a nice feature to have where .zfs could be set to >>> root only read. In a multi user system, my users (me included) do = all >>> sorts of accidental foot shooting things like making files readable = for >>> a brief period of time they should not make readable. I think I = recall >>> ZoL adding this as a feature back when I ran into this issue via zfs >>> allow / unallow ? Or at least I think I saw discussion about it. >>>=20 >>> https://github.com/zfsonlinux/zfs/issues/3963 >> The problem is, snapshot access breaks the semantics of chown() and = chmod(). >>=20 > As the snapshots are always readonly, I think chown and chmod dont > really apply in this use case. Also, the fact that the mounts can be = set > to be "visibile" or "invisible" has its own, different convention from > UFS/NFS who dont have that "invisibility" feature (that I know of = anyway). That=E2=80=99s what I mean with breaking the semantics. When you change permissions on a file they apply to open() operations = attempted after the permissions/ownership change.=20 Now, if you add ZFS snapshots to the equation the situation is = different. If you change permissions/ownership on a file, access rights are not changed for the = snapshots because snapshots are read only. So, your file is still exposed.=20 > Maybe a lesser evil would be to define a uid with snapshot access for = each dataset. At least >> for systems with a dataset per home directory it would allow a user = to access their past snapshots >> while at the same time restricting to past snapshots to other users. >=20 > the problem is you could have a "rogue" snapshot. eg. a user does = chmod > a+rx ~ and leaves it on by mistake for a day. Any snapshots kept from > that period would leave that directory open. I think having a = "snapshots > not mounted" option adds a layer of security flexibility safety.=20 Yes, I mean that, as a lesser evil, those snapshots would be accessible = only to the dataset owner (either defined by a new attribute, or just determined by the owner of = the dataset root directory). That would offer the convenience of instantly accessible snapshots as an = instant access backup for HOME directories. You could make snapshots not mounted, period, requiring = administrator=E2=80=99s actions to mount them. But you would lose convenience for common users.=20 Borja. From owner-freebsd-fs@freebsd.org Wed Nov 20 13:24:48 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3627A1B6BBC for ; Wed, 20 Nov 2019 13:24:48 +0000 (UTC) (envelope-from mike@sentex.net) Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [IPv6:2607:f3e0:0:3::19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "pyroxene2.sentex.ca", Issuer "pyroxene2.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 47J3MM02Vfz3JjF; Wed, 20 Nov 2019 13:24:46 +0000 (UTC) (envelope-from mike@sentex.net) Received: from [192.168.43.26] (saphire3.sentex.net [192.168.43.26]) by pyroxene2a.sentex.ca (8.15.2/8.15.2) with ESMTP id xAKDOjDP033572; Wed, 20 Nov 2019 08:24:45 -0500 (EST) (envelope-from mike@sentex.net) Subject: Re: ZFS snapdir readability (Crosspost) To: Borja Marcos Cc: Alan Somers , Jan Behrens , freebsd-fs References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> From: Mike Tancsa Openpgp: preference=signencrypt Autocrypt: addr=mike@sentex.net; prefer-encrypt=mutual; keydata= mQENBEzcA24BCACpwI/iqOrs0GfQSfhA1v6Z8AcXVeGsRyKEKUpxoOYxXWc2z3vndbYlIP6E YJeifzKhS/9E+VjhhICaepLHfw865TDTUPr5D0Ed+edSsKjlnDtb6hfNJC00P7eoiuvi85TW F/gAxRY269A5d856bYrzLbkWp2lKUR3Bg6NnORtflGzx9ZWAltZbjYjjRqegPv0EQNYcHqWo eRpXilEo1ahT6nmOU8V7yEvT2j4wlLcQ6qg7w+N/vcBvyd/weiwHU+vTQ9mT61x5/wUrQhdw 2gJHeQXeDGMJV49RT2EEz+QVxaf477eyWsdQzPVjAKRMT3BVdK8WvpYAEfBAbXmkboOxABEB AAG0HG1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5jYT6JATgEEwECACIFAkzcA24CGwMGCwkI BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEJXHwM2kc8rX+sMH/2V6pTBKsQ5mpWWLgs6wVP2k BC+6r/YKNXv9Rw/PrC6+9hTbgA+sSjJ+8gxsCbJsOQXZrxF0x3l9oYdYfuKcwdwXFX1/FS8p HfBeDkmlH+dI709xT9wgrR4dS5aMmKp0scPrXPIAKiYVOHjOlNItcLYTEEWEFBepheEVsgmk GrNbcrHwOx/u4igUQ8vcpyXPyUki+BsftPw8ZQvBU887igh0OxaCR8AurJppQ5UQd63r81cX E1ZjoFoWCaGK/SjPb/OhpYpu5swoZIhOxQbn7OtakYPsDd5t2A5KhvjI8BMTnd5Go+2xsCmr jlIEq8Bi29gCcfQUvNiClevi13ifmnm5AQ0ETNwDbgEIALWGNJHRAhpd0A4vtd3G0oRqMBcM FGThQr3qORmEBTPPEomTdBaHcn+Xl+3YUvTBD/67/mutWBwgp2R5gQOSqcM7axvgMSHbKqBL 9sd1LsLw0UT2O5AYxv3EwzhG84pwRg3XcUqvWA4lA8tIj/1q4Jzi5qOkg1zxq4W9qr9oiYK5 bBR638JUvr3eHMaz/Nz+sDVFgwHmXZj3M6aE5Ce9reCGbvrae7H5D5PPvtT3r22X8SqfVAiO TFKedCf/6jbSOedPN931FJQYopj9P6b3m0nI3ZiCDVSqeyOAIBLzm+RBUIU3brzoxDhYR8pz CJc2sK8l6YjqivPakrD86bFDff8AEQEAAYkBHwQYAQIACQUCTNwDbgIbDAAKCRCVx8DNpHPK 1+iQB/99aqNtez9ZTBWELj269La8ntuRx6gCpzfPXfn6SDIfTItDxTh1hrdRVP5QNGGF5wus N4EMwXouskva1hbFX3Pv72csYSxxEJXjW16oV8WK4KjKXoskLg2RyRP4uXqL7Mp2ezNtVY5F 9nu3fj4ydpHCSaqKy5xd70A8D50PfZsFgkrsa5gdQhPiGGEdxhq/XSeAAnZ4uVLJKarH+mj5 MEhgZPEBWkGrbDZpezl9qbFcUem/uT9x8FYT/JIztMVh9qDcdP5tzANW5J7nvgXjska+VFGY ryZK4SPDczh74mn6GI/+RBi7OUzXXPgpPBrhS5FByjwCqjjsSpTjTds+NGIY Organization: Sentex Communications Message-ID: <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> Date: Wed, 20 Nov 2019 08:24:43 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US X-Rspamd-Queue-Id: 47J3MM02Vfz3JjF X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mike@sentex.net designates 2607:f3e0:0:3::19 as permitted sender) smtp.mailfrom=mike@sentex.net X-Spamd-Result: default: False [-2.71 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ptr]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; HFILTER_HELO_IP_A(1.00)[pyroxene2a.sentex.ca]; DMARC_NA(0.00)[sentex.net]; HAS_ORG_HEADER(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; HFILTER_HELO_NORES_A_OR_MX(0.30)[pyroxene2a.sentex.ca]; IP_SCORE(-1.71)[ipnet: 2607:f3e0::/32(-4.93), asn: 11647(-3.55), country: CA(-0.09)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 13:24:48 -0000 On 11/20/2019 5:07 AM, Borja Marcos wrote: > The problem is, snapshot access breaks the semantics of chown() and > chmod(). >> As the snapshots are always readonly, I think chown and chmod dont >> really apply in this use case. Also, the fact that the mounts can be set >> to be "visibile" or "invisible" has its own, different convention from >> UFS/NFS who dont have that "invisibility" feature (that I know of anyway). > That’s what I mean with breaking the semantics. > > When you change permissions on a file they apply to open() operations attempted after the > permissions/ownership change. > You could make snapshots not mounted, period, requiring administrator’s actions to mount them. But you > would lose convenience for common users. Actually, thats all I am advocating for-- settings perms on the accessibility of the snapshot. ie instead of the "invisibility" feature, change it to an "inaccessible" feature.     ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 x203 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada From owner-freebsd-fs@freebsd.org Wed Nov 20 13:41:06 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 150081B766E for ; Wed, 20 Nov 2019 13:41:06 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47J3k841RMz3KqV; Wed, 20 Nov 2019 13:41:04 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id C12F41FD8E; Wed, 20 Nov 2019 13:40:46 +0000 (UTC) Date: Wed, 20 Nov 2019 14:40:41 +0100 From: Jan Behrens To: Mike Tancsa Cc: Borja Marcos , Alan Somers , freebsd-fs Subject: Re: ZFS snapdir readability (Crosspost) Message-Id: <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> In-Reply-To: <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47J3k841RMz3KqV X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-0.74 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-0.74)[-0.738,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.54)[-0.539,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; IP_SCORE(0.24)[ipnet: 185.228.136.0/22(1.85), asn: 197540(-0.65), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 13:41:06 -0000 On Wed, 20 Nov 2019 08:24:43 -0500 Mike Tancsa wrote: > On 11/20/2019 5:07 AM, Borja Marcos wrote: > > You could make snapshots not mounted, period, requiring administrator’s actions to mount them. But you > > would lose convenience for common users. > > Actually, thats all I am advocating for-- settings perms on the > accessibility of the snapshot. ie instead of the "invisibility" feature, > change it to an "inaccessible" feature. > >     ---Mike This would solve the security problem, but only as long as snapshots are never mounted. Once they are mounted (unless you can specify the directory where they are mounted), unprivileged users could still access files they should not be allowed to access. A better solution would be to specify user, group, and modes (e.g. root:root 700) when mounting or auto-mounting snapshots. Regards, Jan From owner-freebsd-fs@freebsd.org Wed Nov 20 15:02:21 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C23891B9752 for ; Wed, 20 Nov 2019 15:02:21 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47J5Ww2Pt0z3R51; Wed, 20 Nov 2019 15:02:19 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id 2988F9DC53A; Wed, 20 Nov 2019 16:02:15 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> Date: Wed, 20 Nov 2019 16:02:14 +0100 Cc: Mike Tancsa , Alan Somers , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> To: Jan Behrens X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47J5Ww2Pt0z3R51 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.14 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.84)[ip: (-7.98), ipnet: 195.16.128.0/19(-3.64), asn: 3262(-2.61), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 15:02:21 -0000 > On 20 Nov 2019, at 14:40, Jan Behrens wrote: >=20 > On Wed, 20 Nov 2019 08:24:43 -0500 > Mike Tancsa wrote: >=20 >> On 11/20/2019 5:07 AM, Borja Marcos wrote: >=20 >>> You could make snapshots not mounted, period, requiring = administrator=E2=80=99s actions to mount them. But you >>> would lose convenience for common users.=20 >>=20 >> Actually, thats all I am advocating for-- settings perms on the >> accessibility of the snapshot. ie instead of the "invisibility" = feature, >> change it to an "inaccessible" feature. >>=20 >> ---Mike >=20 > This would solve the security problem, but only as long as snapshots = are > never mounted. Once they are mounted (unless you can specify the > directory where they are mounted), unprivileged users could still > access files they should not be allowed to access. >=20 > A better solution would be to specify user, group, and modes > (e.g. root:root 700) when mounting or auto-mounting snapshots. At least it=E2=80=99s a different problem. Mounting a snapshot = *intentionally* could be something similar to recovering a backup. What poses a serious issue in = my opinion is that the system *does* mount them automatically.=20 Borja. From owner-freebsd-fs@freebsd.org Wed Nov 20 15:34:50 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B1EBF1B9FD9 for ; Wed, 20 Nov 2019 15:34:50 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47J6FQ0wx6z3xfQ; Wed, 20 Nov 2019 15:34:49 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id 53D261FDE4; Wed, 20 Nov 2019 15:34:38 +0000 (UTC) Date: Wed, 20 Nov 2019 16:34:37 +0100 From: Jan Behrens To: Borja Marcos Cc: Mike Tancsa , Alan Somers , freebsd-fs Subject: Re: ZFS snapdir readability (Crosspost) Message-Id: <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> In-Reply-To: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47J6FQ0wx6z3xfQ X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-0.74 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-0.64)[-0.643,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.61)[-0.615,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; IP_SCORE(0.22)[ipnet: 185.228.136.0/22(1.74), asn: 197540(-0.65), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 15:34:50 -0000 On Wed, 20 Nov 2019 16:02:14 +0100 Borja Marcos wrote: > > On 20 Nov 2019, at 14:40, Jan Behrens wrote: > > > > On Wed, 20 Nov 2019 08:24:43 -0500 > > Mike Tancsa wrote: > > > >> Actually, thats all I am advocating for-- settings perms on the > >> accessibility of the snapshot. ie instead of the "invisibility" feature, > >> change it to an "inaccessible" feature. > >> > >> ---Mike > > > > This would solve the security problem, but only as long as snapshots are > > never mounted. Once they are mounted (unless you can specify the > > directory where they are mounted), unprivileged users could still > > access files they should not be allowed to access. > > > > A better solution would be to specify user, group, and modes > > (e.g. root:root 700) when mounting or auto-mounting snapshots. > > At least it’s a different problem. Mounting a snapshot *intentionally* could be > something similar to recovering a backup. What poses a serious issue in my > opinion is that the system *does* mount them automatically. > > Borja. > Security vulnerabilities during backup recovery (e.g. when recovering part of the backup but being forced to expose other data as well when mounting the system) are still security vulnerabilities. Of course limiting the security vulnerabilities to certain moments (partial backup recovery) is a nice step forward, but an even better solution would be to avoid security vulnerabilities at all times. The latter requires to either (a) never mount snapshots ever, or (b) only mount snapshots when they are to be *completely* restored, or (c) be able to specify the user, group, and mode (unless 700 by default) when mounting or auto-mounting the snapshots, or (d) be able to specify a mount point such that the mount point can be within a directory that is not +x for everyone. Regards, Jan From owner-freebsd-fs@freebsd.org Wed Nov 20 16:07:51 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6468E1BA917 for ; Wed, 20 Nov 2019 16:07:51 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu01176b.smtpx.saremail.com (cu01176b.smtpx.saremail.com [195.16.151.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47J6zV1T2Wz40My; Wed, 20 Nov 2019 16:07:49 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop01.sare.net (Postfix) with ESMTPA id 866F39DEB1E; Wed, 20 Nov 2019 17:07:45 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> Date: Wed, 20 Nov 2019 17:07:44 +0100 Cc: Mike Tancsa , Alan Somers , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> To: Jan Behrens X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47J6zV1T2Wz40My X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.151.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.02 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; SH_EMAIL_ZRD(0.00)[5.11.0.38]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:195.16.151.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; SH_EMAIL_DBL_DONT_QUERY_IPS(0.00)[5.11.0.38]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.151.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.72)[ip: (-7.31), ipnet: 195.16.128.0/19(-3.69), asn: 3262(-2.66), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 16:07:51 -0000 > On 20 Nov 2019, at 16:34, Jan Behrens wrote: >=20 > Security vulnerabilities during backup recovery (e.g. when recovering > part of the backup but being forced to expose other data as well when > mounting the system) are still security vulnerabilities. Of course > limiting the security vulnerabilities to certain moments (partial > backup recovery) is a nice step forward, but an even better solution > would be to avoid security vulnerabilities at all times. True.=20 > The latter requires to either > (a) never mount snapshots ever, or Well, they are useful for a reason :) > (b) only mount snapshots when they are to be *completely* restored, or Cloning is atomic. Receiving a snapshot stream, sorry, I don=E2=80=99t = remember :/ > (c) be able to specify the user, group, and mode (unless 700 by > default) when mounting or auto-mounting the snapshots, or > (d) be able to specify a mount point such that the mount point can be > within a directory that is not +x for everyone. Well, there are two options here. If by restoring snapshots you mean receiving a snapshot stream, you can = always receive it under a properly protected dataset. If you intend to mount (ie, clone) it the = solution is the same. Actually specifying a mount point when cloning a snapshot is mandatory. You are = actually creating a dataset. root@micro1:~ # zfs create unpul/forbidden root@micro1:~ # chmod go-rwx /unpul/forbidden/ Anything I restore or clone under this dataset will be only accessible = to root.=20 For example: root@micro1:~ # zfs clone unpul/UniFi/data@5.11.38 = unpul/forbidden/testing (now back to a regular user) borjam@micro1:/unpul % cd /unpul/forbidden/ /unpul/forbidden/: Permission denied. Anyway this is not a problem, it=E2=80=99s exactly what you would do if = you were reading a tape.=20 The real problem is the =E2=80=9Cunexpected=E2=80=9D, automatic, = unavoidable mounting of the .zfs directory.=20 Or am I missing anything?=20 Borja. From owner-freebsd-fs@freebsd.org Wed Nov 20 16:18:42 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CDC881BACCE; Wed, 20 Nov 2019 16:18:42 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-ot1-f54.google.com (mail-ot1-f54.google.com [209.85.210.54]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47J7D254Vhz40v6; Wed, 20 Nov 2019 16:18:42 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-ot1-f54.google.com with SMTP id b16so44651otk.9; Wed, 20 Nov 2019 08:18:42 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7cVwY+LN01eZxRUKFa7GjLY9S2a52DbUmZAIFfhVhHc=; b=OQrXnf2lWNY/rSD6NHm2q6bslsSNwIcFB71j/LNldzBXuw5ioDNYZRzOgOqrvCG2Si WCpbajfoew7l9nK1sg4P/Lc3tyDBd2BmncfCkEIiCXsqGTUCKi7Vvk/AOD9ZPICGshZl X+dbl1iOiLyQhcCr+B9wH74qyibZItt1hsbjf4p6LB9UuvfGYE4C59oNleRBGwDP3ox4 mq6JNdB9rrA8xvRfHVlzwLqelcR5v8AjWr7K7bYtBYToKKYgxAxSvwYZOYnUNBO//ZtO Hr/YUYsgOz9dk11yOFcuP27iMTXQQBOGdhCsxSgFIF5P/XXkFi+YI7GOGXDPua7hp+Zx WEYQ== X-Gm-Message-State: APjAAAVKQrwiVx5EV4F+iQfVkirEPbq+ZK2a05jQCSVq2AoK0VAj6rTf GlHUJPFLCc8my05O9q4bUxoAp8oRprjlJqkuOkX2i/1L X-Google-Smtp-Source: APXvYqxZ/oDUVvK9rtDqMxKn6xKtLtbldn48h6MFNKvccD+mmdYi9630TewjgU3Z+wxb/nP5c1PH9GwWdbtBB6OCGk8= X-Received: by 2002:a05:6830:1e0a:: with SMTP id s10mr2695985otr.18.1574266720879; Wed, 20 Nov 2019 08:18:40 -0800 (PST) MIME-Version: 1.0 References: <1ef80fd8-d695-010f-9dc8-a6b9a2a80f8e@FreeBSD.org> In-Reply-To: <1ef80fd8-d695-010f-9dc8-a6b9a2a80f8e@FreeBSD.org> From: Alan Somers Date: Wed, 20 Nov 2019 09:18:27 -0700 Message-ID: Subject: Re: Revisiting the ZFS test suite To: Andriy Gapon Cc: freebsd-testing , freebsd-fs X-Rspamd-Queue-Id: 47J7D254Vhz40v6 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-6.00 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; REPLY(-4.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 16:18:42 -0000 On Wed, Nov 20, 2019 at 1:17 AM Andriy Gapon wrote: > On 04/10/2019 19:23, Alan Somers wrote: > > My employment status changed last week, and I find myself once again > > working on ZFS. It's hard to have confidence in any changes without a > > solid test suite, so my main task right now is to fix the problems in > > FreeBSD's ZFS test suite. Our most recent run had 64 failed tests and 99 > > skipped ones; let's get those down to 0 and something small, > respectively. > > > > https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/3880/testReport/ > > > > Would anybody be interested to review my changes to the test suite? It's > > not terrible if I have to commit without review; I can't possibly break > > anything but the test suite itself. > > Alan, > > just curious, did you have any plans to merge new tests and changes to > existing > tests from illumos or ZoL? > I've imported quite a few code changes, many times there were test changes > or > new test, but I never took time to merge them. > > > -- > Andriy Gapon > We'll need to do it sooner or later, but it's going to take a large effort. I can't justify that much effort right now. And it will require changing ZoL's test suite, too, not just ours. We'll need to convince them to use ATF, for example. -Alan From owner-freebsd-fs@freebsd.org Wed Nov 20 16:58:16 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A806C1BC22F for ; Wed, 20 Nov 2019 16:58:16 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47J85g5lZDz447r; Wed, 20 Nov 2019 16:58:15 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id B0A881FE18; Wed, 20 Nov 2019 16:58:03 +0000 (UTC) Date: Wed, 20 Nov 2019 17:58:03 +0100 From: Jan Behrens To: Borja Marcos Cc: Mike Tancsa , Alan Somers , freebsd-fs Subject: Re: ZFS snapdir readability (Crosspost) Message-Id: <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> In-Reply-To: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47J85g5lZDz447r X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-0.81 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; SH_EMAIL_ZRD(0.00)[5.11.0.38]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.65)[-0.649,0]; SH_EMAIL_DBL_DONT_QUERY_IPS(0.00)[5.11.0.38]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; NEURAL_HAM_MEDIUM(-0.66)[-0.659,0]; IP_SCORE(0.20)[ipnet: 185.228.136.0/22(1.64), asn: 197540(-0.65), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Nov 2019 16:58:16 -0000 On Wed, 20 Nov 2019 17:07:44 +0100 Borja Marcos wrote: > > On 20 Nov 2019, at 16:34, Jan Behrens wrote: > > > > [...] Of course > > limiting the security vulnerabilities to certain moments (partial > > backup recovery) is a nice step forward, but an even better solution > > would be to avoid security vulnerabilities at all times. > > True. > > > The latter requires to either > > (a) never mount snapshots ever, or > > Well, they are useful for a reason :) > > > (b) only mount snapshots when they are to be *completely* restored, or > > Cloning is atomic. Receiving a snapshot stream, sorry, I don’t remember :/ With "mounting snapshots", I meant mounting snapshots that are already existent in a ZFS pool. Receiving a snapshot and creating a new filesystem from it is a different issue. In that case, you can use "zfs receive -u" and mount the file system manually under a directory with a parent directory that is chmod 700, as in option (d). > > > (c) be able to specify the user, group, and mode (unless 700 by > > default) when mounting or auto-mounting the snapshots, or > > (d) be able to specify a mount point such that the mount point can be > > within a directory that is not +x for everyone. > > Well, there are two options here. > > If by restoring snapshots you mean receiving a snapshot stream, you can always receive it under > a properly protected dataset. I did not mean receiving a snapshot stream, see above. > If you intend to mount (ie, clone) it the solution is the same. Actually > specifying a mount point when cloning a snapshot is mandatory. You are actually creating a dataset. > > root@micro1:~ # zfs create unpul/forbidden > root@micro1:~ # chmod go-rwx /unpul/forbidden/ > > Anything I restore or clone under this dataset will be only accessible to root. > > For example: > > root@micro1:~ # zfs clone unpul/UniFi/data@5.11.38 unpul/forbidden/testing > > (now back to a regular user) > > borjam@micro1:/unpul % cd /unpul/forbidden/ > /unpul/forbidden/: Permission denied. > > Anyway this is not a problem, it’s exactly what you would do if you were reading a tape. > > The real problem is the “unexpected”, automatic, unavoidable mounting of the .zfs directory. > > Or am I missing anything? > > Borja. Mounting is not the same as cloning and mounting. But you are right: If snapshots are cloned first, you can specify the mountpoint. But then you are mounting a new file system and not a snapshot technically. Which brings us back to option (a) never mount snapshots ever ;-) Given that we can prohibit the automounting of all snapshots, it would be a nice workaround which would not have too much overhead. Regards, Jan From owner-freebsd-fs@freebsd.org Thu Nov 21 05:14:40 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 80A8F1AE62C for ; Thu, 21 Nov 2019 05:14:40 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47JSRN2mVwz3N1d for ; Thu, 21 Nov 2019 05:14:40 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com [209.85.167.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: mmacy) by smtp.freebsd.org (Postfix) with ESMTPSA id 07779446B for ; Thu, 21 Nov 2019 05:14:40 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: by mail-lf1-f54.google.com with SMTP id l28so1517689lfj.1 for ; Wed, 20 Nov 2019 21:14:39 -0800 (PST) X-Gm-Message-State: APjAAAUIXZX45tV5ZXm+FHpkKf/lzGHd43ctV2pT8zid8TIJQ6Kmg+f1 CTXpVVzGb7A6ErBRsB0jn531z8Q9joVWXhgv0tU= X-Google-Smtp-Source: APXvYqxxq8kpovY4YWaj5pfWodKhvZ5H7YaDVqFFq0BcIeBm6hJLhYUhf4QAYINR/S1fAXu2UNqEtCYpBp9OOpAwI/M= X-Received: by 2002:ac2:5222:: with SMTP id i2mr5750848lfl.138.1574313278550; Wed, 20 Nov 2019 21:14:38 -0800 (PST) MIME-Version: 1.0 References: <1ef80fd8-d695-010f-9dc8-a6b9a2a80f8e@FreeBSD.org> In-Reply-To: From: Matthew Macy Date: Wed, 20 Nov 2019 21:14:27 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Revisiting the ZFS test suite To: freebsd-fs Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 05:14:40 -0000 On Wed, Nov 20, 2019 at 8:18 AM Alan Somers wrote: > > On Wed, Nov 20, 2019 at 1:17 AM Andriy Gapon wrote: > > > On 04/10/2019 19:23, Alan Somers wrote: > > > My employment status changed last week, and I find myself once again > > > working on ZFS. It's hard to have confidence in any changes without a > > > solid test suite, so my main task right now is to fix the problems in > > > FreeBSD's ZFS test suite. Our most recent run had 64 failed tests and 99 > > > skipped ones; let's get those down to 0 and something small, > > respectively. > > > > > > https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/3880/testReport/ > > > > > > Would anybody be interested to review my changes to the test suite? It's > > > not terrible if I have to commit without review; I can't possibly break > > > anything but the test suite itself. > > > > Alan, > > > > just curious, did you have any plans to merge new tests and changes to > > existing > > tests from illumos or ZoL? > > I've imported quite a few code changes, many times there were test changes > > or > > new test, but I never took time to merge them. > > > > > > -- > > Andriy Gapon > > > > We'll need to do it sooner or later, but it's going to take a large > effort. I can't justify that much effort right now. And it will require > changing ZoL's test suite, too, not just ours. We'll need to convince them > to use ATF, for example. I highly doubt that Brian cares one way or the other. They currently have a large group of ksh tests run by a bespoke python test driver. The issue is that someone would need to convert the test suite and CI to use ATF. The OpenZFS CI will be the first stop for any changes, so adding / fixing tests in the OpenZFS test suite would have the most long term impact. From owner-freebsd-fs@freebsd.org Thu Nov 21 11:19:35 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E54631BA051 for ; Thu, 21 Nov 2019 11:19:35 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from lwfs1-cam.cam.lispworks.com (mail.lispworks.com [46.17.166.21]) by mx1.freebsd.org (Postfix) with ESMTP id 47JcXQ6WWfz4F6Z for ; Thu, 21 Nov 2019 11:19:34 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (higson.cam.lispworks.com [192.168.1.7]) by lwfs1-cam.cam.lispworks.com (8.15.2/8.15.2) with ESMTP id xALBJTfU025282; Thu, 21 Nov 2019 11:19:29 GMT (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (localhost.localdomain [127.0.0.1]) by higson.cam.lispworks.com (8.14.4) id xALBJS2u030548; Thu, 21 Nov 2019 11:19:28 GMT Received: (from martin@localhost) by higson.cam.lispworks.com (8.14.4/8.14.4/Submit) id xALBJSIW030544; Thu, 21 Nov 2019 11:19:28 GMT Date: Thu, 21 Nov 2019 11:19:28 GMT Message-Id: <201911211119.xALBJSIW030544@higson.cam.lispworks.com> From: Martin Simmons To: Jan Behrens CC: borjam@sarenet.es, freebsd-fs@freebsd.org In-reply-to: <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> (message from Jan Behrens on Wed, 20 Nov 2019 17:58:03 +0100) Subject: Re: ZFS snapdir readability (Crosspost) References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47JcXQ6WWfz4F6Z X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of martin@lispworks.com has no SPF policy when checking 46.17.166.21) smtp.mailfrom=martin@lispworks.com X-Spamd-Result: default: False [-0.38 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.53)[-0.533,0]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; SH_EMAIL_DBL_DONT_QUERY_IPS(0.00)[5.11.0.38]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[lispworks.com]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-0.83)[-0.830,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[21.166.17.46.list.dnswl.org : 127.0.10.0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:51055, ipnet:46.17.166.0/24, country:GB]; IP_SCORE(-0.02)[country: GB(-0.08)]; SH_EMAIL_ZRD(0.00)[5.11.0.38] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 11:19:36 -0000 >>>>> On Wed, 20 Nov 2019 17:58:03 +0100, Jan Behrens said: > > On Wed, 20 Nov 2019 17:07:44 +0100 > Borja Marcos wrote: > > > > On 20 Nov 2019, at 16:34, Jan Behrens wrote: > > > > > > [...] Of course > > > limiting the security vulnerabilities to certain moments (partial > > > backup recovery) is a nice step forward, but an even better solution > > > would be to avoid security vulnerabilities at all times. > > > > True. > > > > > The latter requires to either > > > (a) never mount snapshots ever, or > > > > Well, they are useful for a reason :) > > > > > (b) only mount snapshots when they are to be *completely* restored, or > > > > Cloning is atomic. Receiving a snapshot stream, sorry, I don’t remember :/ > > With "mounting snapshots", I meant mounting snapshots that are already > existent in a ZFS pool. Receiving a snapshot and creating a new > filesystem from it is a different issue. In that case, you can use > "zfs receive -u" and mount the file system manually under a directory with > a parent directory that is chmod 700, as in option (d). > > > > > > (c) be able to specify the user, group, and mode (unless 700 by > > > default) when mounting or auto-mounting the snapshots, or > > > (d) be able to specify a mount point such that the mount point can be > > > within a directory that is not +x for everyone. > > > > Well, there are two options here. > > > > If by restoring snapshots you mean receiving a snapshot stream, you can always receive it under > > a properly protected dataset. > > I did not mean receiving a snapshot stream, see above. > > > If you intend to mount (ie, clone) it the solution is the same. Actually > > specifying a mount point when cloning a snapshot is mandatory. You are actually creating a dataset. > > > > root@micro1:~ # zfs create unpul/forbidden > > root@micro1:~ # chmod go-rwx /unpul/forbidden/ > > > > Anything I restore or clone under this dataset will be only accessible to root. > > > > For example: > > > > root@micro1:~ # zfs clone unpul/UniFi/data@5.11.38 unpul/forbidden/testing > > > > (now back to a regular user) > > > > borjam@micro1:/unpul % cd /unpul/forbidden/ > > /unpul/forbidden/: Permission denied. > > > > Anyway this is not a problem, it’s exactly what you would do if you were reading a tape. > > > > The real problem is the “unexpected”, automatic, unavoidable mounting of the .zfs directory. > > > > Or am I missing anything? > > > > Borja. > > Mounting is not the same as cloning and mounting. But you are right: If > snapshots are cloned first, you can specify the mountpoint. But then > you are mounting a new file system and not a snapshot technically. > Which brings us back to option (a) never mount snapshots ever ;-) > > Given that we can prohibit the automounting of all snapshots, it would > be a nice workaround which would not have too much overhead. Can't you already achieve (d) using /sbin/mount? __Martin From owner-freebsd-fs@freebsd.org Thu Nov 21 12:12:11 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 447091BC8CA for ; Thu, 21 Nov 2019 12:12:11 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47Jdj61Bn3z4Jgp; Thu, 21 Nov 2019 12:12:09 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id 8C96E9DCFEE; Thu, 21 Nov 2019 13:12:05 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> Date: Thu, 21 Nov 2019 13:12:04 +0100 Cc: Mike Tancsa , Alan Somers , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> To: Jan Behrens X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47Jdj61Bn3z4Jgp X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.21 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.91)[ip: (-8.14), ipnet: 195.16.128.0/19(-3.73), asn: 3262(-2.71), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 12:12:11 -0000 > On 20 Nov 2019, at 17:58, Jan Behrens wrote: >=20 >=20 > With "mounting snapshots", I meant mounting snapshots that are already > existent in a ZFS pool. Receiving a snapshot and creating a new > filesystem from it is a different issue. In that case, you can use > "zfs receive -u" and mount the file system manually under a directory = with > a parent directory that is chmod 700, as in option (d). What I mean is, there is no snapshot mount functionality. If you want to = access the contents of a snapshot you either rollback it or you clone it. There is = no mount. Or of course you access the =E2=80=9C.zfs" directory. Which makes me realize that the =E2=80=9C.zfs" directory feature is an = odd anomaly (ie a bloody kludge) in an otherwise really clean and consistent design. Why? 1. There is no accessible facility for the read only mount of a = snapshot. Yet the system mounts them by default. 2. Because of (1) you can=E2=80=99t control where to mount them. They = are mounted there. Period.=20 3. You can=E2=80=99t prevent it. You can hide the .zfs directory but = its=E2=80=99s still there, with the snapshots mounted.=20 > Mounting is not the same as cloning and mounting. But you are right: = If > snapshots are cloned first, you can specify the mountpoint. But then > you are mounting a new file system and not a snapshot technically. > Which brings us back to option (a) never mount snapshots ever ;-) >=20 > Given that we can prohibit the automounting of all snapshots, it would > be a nice workaround which would not have too much overhead. I would rather prefer if that option didn=E2=80=99t exist. Given that it = can=E2=80=99t be removed now because it would surely break someone=E2=80=99s work, the most important = tweak that can be done is to allow the administrator to supress it completely.=20 So, zfs set snapdir=3Ddisabled.=20 Limiting it by uid won=E2=80=99t necessarily be enough as you should = also take into account systems in which different securty enforcement mechanisms are = used. (MAC policies like mls, biba, etc). And adding a generalized way to deal = with this would probably be too complex.=20 Borja.= From owner-freebsd-fs@freebsd.org Thu Nov 21 12:59:33 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BDB611BDCCA for ; Thu, 21 Nov 2019 12:59:33 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from lwfs1-cam.cam.lispworks.com (mail.lispworks.com [46.17.166.21]) by mx1.freebsd.org (Postfix) with ESMTP id 47Jfln015Sz4M0H for ; Thu, 21 Nov 2019 12:59:32 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (higson.cam.lispworks.com [192.168.1.7]) by lwfs1-cam.cam.lispworks.com (8.15.2/8.15.2) with ESMTP id xALCxSMv029938; Thu, 21 Nov 2019 12:59:28 GMT (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (localhost.localdomain [127.0.0.1]) by higson.cam.lispworks.com (8.14.4) id xALCxSmh008747; Thu, 21 Nov 2019 12:59:28 GMT Received: (from martin@localhost) by higson.cam.lispworks.com (8.14.4/8.14.4/Submit) id xALCxShX008743; Thu, 21 Nov 2019 12:59:28 GMT Date: Thu, 21 Nov 2019 12:59:28 GMT Message-Id: <201911211259.xALCxShX008743@higson.cam.lispworks.com> From: Martin Simmons To: Borja Marcos CC: jbe-mlist@magnetkern.de, freebsd-fs@freebsd.org In-reply-to: <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> (message from Borja Marcos on Thu, 21 Nov 2019 13:12:04 +0100) Subject: Re: ZFS snapdir readability (Crosspost) References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> X-Rspamd-Queue-Id: 47Jfln015Sz4M0H X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of martin@lispworks.com has no SPF policy when checking 46.17.166.21) smtp.mailfrom=martin@lispworks.com X-Spamd-Result: default: False [0.38 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.33)[-0.327,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-0.27)[-0.274,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[lispworks.com]; AUTH_NA(1.00)[]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[21.166.17.46.list.dnswl.org : 127.0.10.0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:51055, ipnet:46.17.166.0/24, country:GB]; IP_SCORE(-0.02)[country: GB(-0.08)] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 12:59:33 -0000 >>>>> On Thu, 21 Nov 2019 13:12:04 +0100, Borja Marcos said: > > What I mean is, there is no snapshot mount functionality. If you want to access the > contents of a snapshot you either rollback it or you clone it. There is no > mount. I think that is incorrect. You can mount a snapshot on /mnt like this: /sbin/mount -t zfs filesystem@snapname /mnt __Martin From owner-freebsd-fs@freebsd.org Thu Nov 21 13:46:10 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 645611BF153 for ; Thu, 21 Nov 2019 13:46:10 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47JgnY3Sl5z4Pbd for ; Thu, 21 Nov 2019 13:46:08 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id 2470D9DC747; Thu, 21 Nov 2019 14:46:05 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: <201911211259.xALCxShX008743@higson.cam.lispworks.com> Date: Thu, 21 Nov 2019 14:46:04 +0100 Cc: Jan Behrens , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> To: Martin Simmons X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47JgnY3Sl5z4Pbd X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.25 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.95)[ip: (-8.27), ipnet: 195.16.128.0/19(-3.78), asn: 3262(-2.75), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 13:46:10 -0000 > On 21 Nov 2019, at 13:59, Martin Simmons wrote: >=20 >>>>>> On Thu, 21 Nov 2019 13:12:04 +0100, Borja Marcos said: >>=20 >> What I mean is, there is no snapshot mount functionality. If you want = to access the >> contents of a snapshot you either rollback it or you clone it. There = is no >> mount. >=20 > I think that is incorrect. You can mount a snapshot on /mnt like = this: >=20 > /sbin/mount -t zfs filesystem@snapname /mnt I=E2=80=99ve never seen that and, indeed, on FreeBSD 12.1 it=E2=80=99s = not possible. Or I am terribly sloppy today! Did I miss anything? Is it a new ZFS on Linux feature? root@micro1:~ # mount -t zfs -o ro pool/dataset@snapshot /mnt mount: unpul/wwwnfsen@antesinst: Device busy root@micro1:~ #=20 Borja. From owner-freebsd-fs@freebsd.org Thu Nov 21 14:18:39 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E51C1C0682 for ; Thu, 21 Nov 2019 14:18:39 +0000 (UTC) (envelope-from eborisch@alumni.stanford.edu) Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [IPv6:2a00:1450:4864:20::331]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47JhW20Wmcz4T42 for ; Thu, 21 Nov 2019 14:18:37 +0000 (UTC) (envelope-from eborisch@alumni.stanford.edu) Received: by mail-wm1-x331.google.com with SMTP id t26so3883488wmi.4 for ; Thu, 21 Nov 2019 06:18:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=AFSZxaZ0V1oMV9cmnojBA7gNohHWJ/pt4A9yPLRcevQ=; b=Nb/R/rWy5lISpraI6ElLq6UAs2oO+0XJICul14haq/2Gp8S28rQwtpHTYzpjaSBu4+ SF+sVGsjz97MldZnaiZLlomRr6HMPLtDkoMjmlSHvPiVHAIo+B37iEP1PgksK0S5t3yA Exuf9h7+09ZrO6q1QyC2riMZ50dbIPo7wTTXYPCro2Otds9vzaIGZhprVhnHzQQPTfKT UVnyprVE9QYo3bmR43cCHRK+S+hsHyxc1aO3KzDufg+Wa2f8415YfH+TidrP9YqrWE7K 73MrxEoej/j70yfx7+81/+DaM9Dxu19T4IESKUuzXOLCMNxmtKC6xd762dcDmz/53LHT heRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=AFSZxaZ0V1oMV9cmnojBA7gNohHWJ/pt4A9yPLRcevQ=; b=eqNwg57fxabGaGXqAfB4A4UoAcus63JBlcoe0WPEKvNuElUWyPbqb0NHZw61ae9SHs 7G0094mga8pxw87qZZt4LQ1wkeEGzTr1K+CMndOH6HH2eyYo1YwMC08CnmIiBApf7Zux 6asYlsGsKffDYyydTRztyGoU28Hxd2Vbtf3r5ycvn/RAIjWF4IFDJZ2/Xs1snAo47Tz5 7V+2dMbfju5j4SzDTyJkkDIiAqA65caYDJi1XOzuEcUFfpuDozQWnZU8htSrvWNGbKlb ctR6cJM7it+hiN4C6C+gWX50WecAGDoTG/U7O2nZ/8wTW3lgvSdNPC2pEsWBZfsfF5jZ mCHg== X-Gm-Message-State: APjAAAXpKv+BqUJ3jX4FZWLBJdrlBOCPla+YrEFklf+bImsdOqDW7a7B CIyDU7ht0wPQ/bcil/JkWRko+2PaKVdvTZ9+Xb3daQsS X-Google-Smtp-Source: APXvYqyMekRe2YNFlDm3klGEWK82T5H2fR4lxovnraXeHcFo9Rpx2I1Vp2UpYbQAkXsfv8ccHvvednplA5sU8Ju/7kA= X-Received: by 2002:a1c:a5c8:: with SMTP id o191mr10022693wme.168.1574345915754; Thu, 21 Nov 2019 06:18:35 -0800 (PST) MIME-Version: 1.0 References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> In-Reply-To: <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> From: Eric Borisch Date: Thu, 21 Nov 2019 08:18:24 -0600 Message-ID: Subject: Re: ZFS snapdir readability (Crosspost) To: Borja Marcos Cc: Martin Simmons , freebsd-fs X-Rspamd-Queue-Id: 47JhW20Wmcz4T42 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=Nb/R/rWy; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of eborisch@alumni.stanford.edu designates 2a00:1450:4864:20::331 as permitted sender) smtp.mailfrom=eborisch@alumni.stanford.edu X-Spamd-Result: default: False [-2.70 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-fs@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_TWO(0.00)[2]; IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[1.3.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; FORGED_SENDER(0.30)[eborisch@gmail.com,eborisch@alumni.stanford.edu]; MIME_TRACE(0.00)[0:+,1:+,2:~]; IP_SCORE(0.00)[ip: (-8.90), ipnet: 2a00:1450::/32(-2.71), asn: 15169(-1.97), country: US(-0.05)]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[eborisch@gmail.com,eborisch@alumni.stanford.edu]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 14:18:39 -0000 On Thu, Nov 21, 2019 at 7:46 AM Borja Marcos wrote: > > On 21 Nov 2019, at 13:59, Martin Simmons wrote: > > I think that is incorrect. You can mount a snapshot on /mnt like this: > > > > /sbin/mount -t zfs filesystem@snapname /mnt > > I=E2=80=99ve never seen that and, indeed, on FreeBSD 12.1 it=E2=80=99s no= t possible. Or I > am terribly > sloppy today! > > Did I miss anything? Is it a new ZFS on Linux feature? > In a quick test, this works both on Linux and on FreeBSD running ZoF (2019101600). - Eric From owner-freebsd-fs@freebsd.org Thu Nov 21 14:57:21 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6C9721C1828 for ; Thu, 21 Nov 2019 14:57:21 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu01176b.smtpx.saremail.com (cu01176b.smtpx.saremail.com [195.16.151.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47JjMh2mMCz4WFD for ; Thu, 21 Nov 2019 14:57:20 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop01.sare.net (Postfix) with ESMTPA id D2BB09DEA88; Thu, 21 Nov 2019 15:57:16 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: Date: Thu, 21 Nov 2019 15:57:15 +0100 Cc: Martin Simmons , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> To: Eric Borisch X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47JjMh2mMCz4WFD X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.151.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.11 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:195.16.151.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.151.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.81)[ip: (-7.47), ipnet: 195.16.128.0/19(-3.82), asn: 3262(-2.79), country: ES(0.04)]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 14:57:21 -0000 > On 21 Nov 2019, at 15:18, Eric Borisch wrote: >=20 > On Thu, Nov 21, 2019 at 7:46 AM Borja Marcos = wrote: > > On 21 Nov 2019, at 13:59, Martin Simmons = wrote: > > I think that is incorrect. You can mount a snapshot on /mnt like = this: > >=20 > > /sbin/mount -t zfs filesystem@snapname /mnt >=20 > I=E2=80=99ve never seen that and, indeed, on FreeBSD 12.1 it=E2=80=99s = not possible. Or I am terribly > sloppy today! >=20 > Did I miss anything? Is it a new ZFS on Linux feature? >=20 > In a quick test, this works both on Linux and on FreeBSD running ZoF = (2019101600). Thanks, so it=E2=80=99s a new feature from ZoL. I am running the stock = ZFS.=20 Is it really intended to work or just some misunderstanding? ZFS originally didn=E2=80=99t offer any mechanism to mount snapshots = explicitly. Except by cloning.=20 Borja. From owner-freebsd-fs@freebsd.org Thu Nov 21 14:59:59 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 050D11C18FF for ; Thu, 21 Nov 2019 14:59:59 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-oi1-f173.google.com (mail-oi1-f173.google.com [209.85.167.173]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47JjQk24Rfz4WKp for ; Thu, 21 Nov 2019 14:59:58 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-oi1-f173.google.com with SMTP id l20so3402892oie.10 for ; Thu, 21 Nov 2019 06:59:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XuR9K2nSYeQwxSarnovC1Y2QvQxYctHhL6q0xDfjIEk=; b=rMlLaCwKzLmK2L3bLuBRHt13RK+e4wzZmIyi23qwTkbH6J0C+z3Pt45qdnXr+m4GsT 9558TZE1MWkfsPuxNBRhHWdhx9kfxr4ffOKdRZ4NaBNnAj9iBjaAsAOabcZQw8Ba8ty1 alEQ+XXeWLKqxO8EFmcqAcRRdP5qSykbZBfgxojRnLr4rL2tUd5XWX2Skk8PawILGhzL te5gvSc9y4iXxc6rNs7ivylAmp/zLZRucXHqXjGcZheEqGkHq7Dnm7Em4l3Y0ILfm6HH yoLmpiTfHMEq/n75WSoR4X0SUPfs3D3SVXTks92EJLCRJQHzdpQ1x4b+yAyconAKfDRw jFdQ== X-Gm-Message-State: APjAAAW/nt8GNjY7ue8b42qYncUXlyvhr7mCVQR3zRmVdVzdpdHSQY5W 5F/1Bl98QUov49B47ftmFMNYtDWDuOGYjmCkDPHPJ5Qo X-Google-Smtp-Source: APXvYqxQPj+xpzIBPAXq8ius+bDln/bwEEzLo3+mGO90pkDZqukKFsNRog2lgQ4q13336OUeX2RLcv0XPZckbYgRl0Q= X-Received: by 2002:aca:3256:: with SMTP id y83mr7628491oiy.55.1574348396695; Thu, 21 Nov 2019 06:59:56 -0800 (PST) MIME-Version: 1.0 References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> In-Reply-To: <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> From: Alan Somers Date: Thu, 21 Nov 2019 07:59:45 -0700 Message-ID: Subject: Re: ZFS snapdir readability (Crosspost) To: Borja Marcos Cc: Eric Borisch , freebsd-fs X-Rspamd-Queue-Id: 47JjQk24Rfz4WKp X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of asomers@gmail.com designates 209.85.167.173 as permitted sender) smtp.mailfrom=asomers@gmail.com X-Spamd-Result: default: False [-3.12 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; RCVD_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-fs@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; MIME_TRACE(0.00)[0:+,1:+,2:~]; TO_DN_ALL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[173.167.85.209.list.dnswl.org : 127.0.5.0]; IP_SCORE(-1.12)[ip: (-0.42), ipnet: 209.85.128.0/17(-3.17), asn: 15169(-1.97), country: US(-0.05)]; FORGED_SENDER(0.30)[asomers@freebsd.org,asomers@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[173.167.85.209.rep.mailspike.net : 127.0.0.17]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[asomers@freebsd.org,asomers@gmail.com]; RCVD_TLS_ALL(0.00)[]; FREEMAIL_CC(0.00)[gmail.com] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 14:59:59 -0000 On Thu, Nov 21, 2019 at 7:57 AM Borja Marcos wrote: > > > > On 21 Nov 2019, at 15:18, Eric Borisch wrote: > > > > On Thu, Nov 21, 2019 at 7:46 AM Borja Marcos wrote: > > > On 21 Nov 2019, at 13:59, Martin Simmons wrote= : > > > I think that is incorrect. You can mount a snapshot on /mnt like thi= s: > > > > > > /sbin/mount -t zfs filesystem@snapname /mnt > > > > I=E2=80=99ve never seen that and, indeed, on FreeBSD 12.1 it=E2=80=99s = not possible. Or > I am terribly > > sloppy today! > > > > Did I miss anything? Is it a new ZFS on Linux feature? > > > > In a quick test, this works both on Linux and on FreeBSD running ZoF > (2019101600). > > Thanks, so it=E2=80=99s a new feature from ZoL. I am running the stock ZF= S. > > Is it really intended to work or just some misunderstanding? > > ZFS originally didn=E2=80=99t offer any mechanism to mount snapshots expl= icitly. > Except by cloning. > No, that is incorrect. You've always been able to mount snapshots that way. It's not a new feature. -Alan From owner-freebsd-fs@freebsd.org Thu Nov 21 15:01:43 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 751421C1B32 for ; Thu, 21 Nov 2019 15:01:43 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47JjSk3Qlxz4Wc3 for ; Thu, 21 Nov 2019 15:01:42 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id 17D459DC7A3; Thu, 21 Nov 2019 16:01:39 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> Date: Thu, 21 Nov 2019 16:01:38 +0100 Cc: Eric Borisch , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> To: Borja Marcos X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47JjSk3Qlxz4Wc3 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.30 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-3.00)[ip: (-8.38), ipnet: 195.16.128.0/19(-3.85), asn: 3262(-2.83), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; FREEMAIL_CC(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 15:01:43 -0000 > On 21 Nov 2019, at 15:57, Borja Marcos wrote: >=20 > ZFS originally didn=E2=80=99t offer any mechanism to mount snapshots = explicitly. Except by cloning.=20 Hmm. Looking at = https://github.com/zfsonfreebsd/ZoF/blob/projects/zfsbsd/cmd/mount_zfs/mou= nt_zfs.c snippet 1 =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94 /* try to open the dataset to access the mount point */ if ((zhp =3D zfs_open(g_zfs, dataset, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_SNAPSHOT)) =3D=3D NULL) { (void) fprintf(stderr, gettext("filesystem '%s' cannot = be " "mounted, unable to open the dataset\n"), dataset); libzfs_fini(g_zfs); return (MOUNT_USAGE); } =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94 snippet 2 =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94 /* treat all snapshots as legacy mount points */ if (zfs_get_type(zhp) =3D=3D ZFS_TYPE_SNAPSHOT) (void) strlcpy(prop, ZFS_MOUNTPOINT_LEGACY, = ZFS_MAXPROPLEN); else (void) zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, prop, sizeof (prop), NULL, NULL, 0, B_FALSE); =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2= =80=94=E2=80=94=E2=80=94 Does this really make sense? Workaround (setting its mountpoint as = legacy) in order to break=20 previous behavior? I don=E2=80=99t see the problem in cloning snapshots = in order to mount them. But this looks like something that can bite back in the future! Borja. From owner-freebsd-fs@freebsd.org Thu Nov 21 15:08:42 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C353A1C1E6F for ; Thu, 21 Nov 2019 15:08:42 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-ot1-f54.google.com (mail-ot1-f54.google.com [209.85.210.54]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47Jjcn6gFlz4X3w for ; Thu, 21 Nov 2019 15:08:41 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-ot1-f54.google.com with SMTP id n23so3150466otr.13 for ; Thu, 21 Nov 2019 07:08:41 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ir+JBrAx4Ua+8vqaXTGkrvqyspTthcrnOvJ/3UtHojE=; b=IClczj/WLg3ZoW7zp6IMh77DkoSREFA1QRQV6tvd9MNNNugLsmyN4pY/7LJfpSTZhu pvt4nd0hbDPAWoNoRjFc+Y+AWrPskpheDU7Cm9KteF9RlRAxx+ffY4gVLFkssaZhk+73 r/KT6lPr/B5Glkr0PbQOpn6OfRX0PpVLyvOpqjT4xQcf46LmoBwgZghRQZZFtSiVZLhF epJzJ9heb8vBHJlN6wTyzc34VORKfeWLh3ILzk4xFGvEs8iqVbOLnsfcMjv8ZqdxBCsz OJrO6ruDveWr8lRphVpMQMJ2NjsX8e1NZOnfDl7/ENetYlzeaUrW9SIJtkQjISq/NzBu 6eRQ== X-Gm-Message-State: APjAAAXcubJjpBsxnXRX+fHVol8LQWBoewQW6sJYZi3O6cnud1qsbodJ qx4x+6vS00rP5kt9feCWSgQvEkY7I2Wn4iVh90D0PPPo X-Google-Smtp-Source: APXvYqzXaNTcZxY3fDBUbiQ0mj1A5W84/jtyH0UBOuZJdEs5SQgYTWYeiW7KDSC7U7MZwAE9Tzklh+YmtRew+oF295Y= X-Received: by 2002:a9d:604d:: with SMTP id v13mr6909467otj.222.1574348920742; Thu, 21 Nov 2019 07:08:40 -0800 (PST) MIME-Version: 1.0 References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> In-Reply-To: From: Alan Somers Date: Thu, 21 Nov 2019 08:08:29 -0700 Message-ID: Subject: Re: ZFS snapdir readability (Crosspost) To: Borja Marcos Cc: freebsd-fs X-Rspamd-Queue-Id: 47Jjcn6gFlz4X3w X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of asomers@gmail.com designates 209.85.210.54 as permitted sender) smtp.mailfrom=asomers@gmail.com X-Spamd-Result: default: False [-2.10 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[54.210.85.209.rep.mailspike.net : 127.0.0.18]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-fs@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; URI_COUNT_ODD(1.00)[3]; MIME_TRACE(0.00)[0:+,1:+,2:~]; TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[54.210.85.209.list.dnswl.org : 127.0.5.0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; IP_SCORE(-1.10)[ip: (-0.30), ipnet: 209.85.128.0/17(-3.17), asn: 15169(-1.97), country: US(-0.05)]; FORGED_SENDER(0.30)[asomers@freebsd.org,asomers@gmail.com]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[asomers@freebsd.org,asomers@gmail.com]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 15:08:42 -0000 On Thu, Nov 21, 2019 at 8:01 AM Borja Marcos wrote: > > > > On 21 Nov 2019, at 15:57, Borja Marcos wrote: > > > > ZFS originally didn=E2=80=99t offer any mechanism to mount snapshots ex= plicitly. > Except by cloning. > > Hmm. Looking at > https://github.com/zfsonfreebsd/ZoF/blob/projects/zfsbsd/cmd/mount_zfs/mo= unt_zfs.c > > snippet 1 > =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94 > > /* try to open the dataset to access the mount point */ > if ((zhp =3D zfs_open(g_zfs, dataset, > ZFS_TYPE_FILESYSTEM | ZFS_TYPE_SNAPSHOT)) =3D=3D NULL) { > (void) fprintf(stderr, gettext("filesystem '%s' cannot be= " > "mounted, unable to open the dataset\n"), dataset); > libzfs_fini(g_zfs); > return (MOUNT_USAGE); > } > =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94 > > snippet 2 > =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94 > > /* treat all snapshots as legacy mount points */ > if (zfs_get_type(zhp) =3D=3D ZFS_TYPE_SNAPSHOT) > (void) strlcpy(prop, ZFS_MOUNTPOINT_LEGACY, > ZFS_MAXPROPLEN); > else > (void) zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, prop, > sizeof (prop), NULL, NULL, 0, B_FALSE); > =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94= =E2=80=94=E2=80=94=E2=80=94 > > Does this really make sense? Workaround (setting its mountpoint as legacy= ) > in order to break > previous behavior? I don=E2=80=99t see the problem in cloning snapshots i= n order > to mount them. But this > looks like something that can bite back in the future! > No, you're misunderstanding something. Nothing weird is required to manually mount a snapshot. You don't have to change its properties, nor does it happen automatically. The code you're looking at only relates to the in-memory copy of the mountpoint property, a property that snapshots don't have. -Alan From owner-freebsd-fs@freebsd.org Thu Nov 21 15:10:16 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CBC6D1C1F45 for ; Thu, 21 Nov 2019 15:10:16 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47Jjfc4xyMz4X7X; Thu, 21 Nov 2019 15:10:16 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id 9DC3A9DD31C; Thu, 21 Nov 2019 16:10:13 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: Date: Thu, 21 Nov 2019 16:10:13 +0100 Cc: Eric Borisch , freebsd-fs Content-Transfer-Encoding: quoted-printable Message-Id: <98FF3093-F510-4343-A6DA-26F58C978782@sarenet.es> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> <51805C8F-75D6-4DA1-A28E-68DAFC8A0276@sarenet.es> To: Alan Somers X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47Jjfc4xyMz4X7X X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-5.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; NEURAL_HAM_LONG(-0.99)[-0.993,0]; REPLY(-4.00)[] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 15:10:16 -0000 > On 21 Nov 2019, at 15:59, Alan Somers wrote: >=20 > Thanks, so it=E2=80=99s a new feature from ZoL. I am running the stock = ZFS.=20 >=20 > Is it really intended to work or just some misunderstanding? >=20 > ZFS originally didn=E2=80=99t offer any mechanism to mount snapshots = explicitly. Except by cloning.=20 >=20 > No, that is incorrect. You've always been able to mount snapshots = that way. It's not a new feature. Oops sorry! For some reason I was convinced it wasn=E2=80=99t possible.=20= Still odd that =E2=80=9Czfs mount=E2=80=9D doesn=E2=80=99t support it.=20= My apologies! Clearly I need more coffee today. Borja. From owner-freebsd-fs@freebsd.org Thu Nov 21 16:30:37 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6F8C51C43C3 for ; Thu, 21 Nov 2019 16:30:37 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from lwfs1-cam.cam.lispworks.com (mail.lispworks.com [46.17.166.21]) by mx1.freebsd.org (Postfix) with ESMTP id 47JlRJ0jp8z4cmY for ; Thu, 21 Nov 2019 16:30:35 +0000 (UTC) (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (higson.cam.lispworks.com [192.168.1.7]) by lwfs1-cam.cam.lispworks.com (8.15.2/8.15.2) with ESMTP id xALGUUFL037698; Thu, 21 Nov 2019 16:30:30 GMT (envelope-from martin@lispworks.com) Received: from higson.cam.lispworks.com (localhost.localdomain [127.0.0.1]) by higson.cam.lispworks.com (8.14.4) id xALGUTjo010709; Thu, 21 Nov 2019 16:30:29 GMT Received: (from martin@localhost) by higson.cam.lispworks.com (8.14.4/8.14.4/Submit) id xALGUT5Z010705; Thu, 21 Nov 2019 16:30:29 GMT Date: Thu, 21 Nov 2019 16:30:29 GMT Message-Id: <201911211630.xALGUT5Z010705@higson.cam.lispworks.com> From: Martin Simmons To: Borja Marcos CC: jbe-mlist@magnetkern.de, freebsd-fs@freebsd.org In-reply-to: <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> (message from Borja Marcos on Thu, 21 Nov 2019 14:46:04 +0100) Subject: Re: ZFS snapdir readability (Crosspost) References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47JlRJ0jp8z4cmY X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of martin@lispworks.com has no SPF policy when checking 46.17.166.21) smtp.mailfrom=martin@lispworks.com X-Spamd-Result: default: False [-0.24 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.39)[-0.391,0]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[lispworks.com]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-0.84)[-0.838,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[21.166.17.46.list.dnswl.org : 127.0.10.0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:51055, ipnet:46.17.166.0/24, country:GB]; IP_SCORE(-0.02)[country: GB(-0.08)] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 16:30:37 -0000 >>>>> On Thu, 21 Nov 2019 14:46:04 +0100, Borja Marcos said: > > > On 21 Nov 2019, at 13:59, Martin Simmons wrote: > > > >>>>>> On Thu, 21 Nov 2019 13:12:04 +0100, Borja Marcos said: > >> > >> What I mean is, there is no snapshot mount functionality. If you want to access the > >> contents of a snapshot you either rollback it or you clone it. There is no > >> mount. > > > > I think that is incorrect. You can mount a snapshot on /mnt like this: > > > > /sbin/mount -t zfs filesystem@snapname /mnt > > I’ve never seen that and, indeed, on FreeBSD 12.1 it’s not possible. Or I am terribly > sloppy today! > > Did I miss anything? Is it a new ZFS on Linux feature? > > > root@micro1:~ # mount -t zfs -o ro pool/dataset@snapshot /mnt > mount: unpul/wwwnfsen@antesinst: Device busy > root@micro1:~ # It looks like unpul/wwwnfsen@antesinst is already mounted -- probably in .zfs :-) __Martin From owner-freebsd-fs@freebsd.org Thu Nov 21 16:49:45 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F2ED91C4C6B for ; Thu, 21 Nov 2019 16:49:44 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47JlsN0F24z4dvK for ; Thu, 21 Nov 2019 16:49:43 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id 712DE1FF05; Thu, 21 Nov 2019 16:49:27 +0000 (UTC) Date: Thu, 21 Nov 2019 17:49:26 +0100 From: Jan Behrens To: Martin Simmons Cc: borjam@sarenet.es, freebsd-fs@freebsd.org Subject: Re: ZFS snapdir readability (Crosspost) Message-Id: <20191121174926.17bf250f4c65964620811554@magnetkern.de> In-Reply-To: <201911211119.xALBJSIW030544@higson.cam.lispworks.com> References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <201911211119.xALBJSIW030544@higson.cam.lispworks.com> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 47JlsN0F24z4dvK X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-1.37 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-0.96)[-0.955,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.89)[-0.894,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; IP_SCORE(0.18)[ipnet: 185.228.136.0/22(1.55), asn: 197540(-0.64), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 16:49:45 -0000 On Thu, 21 Nov 2019 11:19:28 GMT Martin Simmons wrote: > > Mounting is not the same as cloning and mounting. But you are right: If > > snapshots are cloned first, you can specify the mountpoint. But then > > you are mounting a new file system and not a snapshot technically. > > Which brings us back to option (a) never mount snapshots ever ;-) > > > > Given that we can prohibit the automounting of all snapshots, it would > > be a nice workaround which would not have too much overhead. > > Can't you already achieve (d) using /sbin/mount? > > __Martin Thanks for pointing that out, I didn't know. It works on my system (FreeBSD 12.0). mount -t zfs filesystem@snapshot /mnt "-o ro" is optional, in either case it is mounted read-only. Thus, if auto-mounting of the snapshots in .zfs/snapshot can somehow be disabled (or if access to .zfs can be restricted to root), it would be possible to mount snapshots in such way that only certain users can access them. mkdir /protected mkdir /protected/mnt chgrp snapreaders /protected chmod 770 /protected mount -t zfs -o ro filesystem@snapshot /protected/mnt It's not nice to have the extra parent directory (/protected) but at least it would work. Of course, this requires that access to .zfs/snapshot is prohibited for non-privileged users (or that snapshot automounting is disabled), as the solution is pointless if users can circumvent access restrictions by accessing .zfs/snapshot/. As far as I know, there is no way to disable having .zfs/snapshot readable by everyone, is that correct? Regards, Jan From owner-freebsd-fs@freebsd.org Thu Nov 21 16:59:51 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EF0861C4F8A for ; Thu, 21 Nov 2019 16:59:51 +0000 (UTC) (envelope-from mike@sentex.net) Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [IPv6:2607:f3e0:0:3::19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "pyroxene2.sentex.ca", Issuer "pyroxene2.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 47Jm5300Qdz4fJP for ; Thu, 21 Nov 2019 16:59:50 +0000 (UTC) (envelope-from mike@sentex.net) Received: from [192.168.43.29] ([192.168.43.29]) by pyroxene2a.sentex.ca (8.15.2/8.15.2) with ESMTPS id xALGxnBr055165 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 21 Nov 2019 11:59:50 -0500 (EST) (envelope-from mike@sentex.net) Subject: Re: ZFS snapdir readability (Crosspost) To: Jan Behrens , Martin Simmons Cc: freebsd-fs@freebsd.org References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <201911211119.xALBJSIW030544@higson.cam.lispworks.com> <20191121174926.17bf250f4c65964620811554@magnetkern.de> From: mike tancsa Openpgp: preference=signencrypt Autocrypt: addr=mike@sentex.net; keydata= mQENBFywzOMBCACoNFpwi5MeyEREiCeHtbm6pZJI/HnO+wXdCAWtZkS49weOoVyUj5BEXRZP xflV2ib2hflX4nXqhenaNiia4iaZ9ft3I1ebd7GEbGnsWCvAnob5MvDZyStDAuRxPJK1ya/s +6rOvr+eQiXYNVvfBhrCfrtR/esSkitBGxhUkBjOti8QwzD71JVF5YaOjBAs7jZUKyLGj0kW yDg4jUndudWU7G2yc9GwpHJ9aRSUN8e/mWdIogK0v+QBHfv/dsI6zVB7YuxCC9Fx8WPwfhDH VZC4kdYCQWKXrm7yb4TiVdBh5kgvlO9q3js1yYdfR1x8mjK2bH2RSv4bV3zkNmsDCIxjABEB AAG0HW1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5uZXQ+iQFUBBMBCAA+FiEEmuvCXT0aY6hs 4SbWeVOEFl5WrMgFAlywzOYCGwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ eVOEFl5WrMhnPAf7Bf+ola0V9t4i8rwCMGvzkssGaxY/5zNSZO9BgSgfN0WzgmBEOy/3R4km Yn5KH94NltJYAAE5hqkFmAwK6psOqAR9cxHrRfU+gV2KO8pCDc6K/htkQcd/mclJYpCHp6Eq EVJOiAxcNaYuHZkeMdXDuvvI5Rk82VHk84BGgxIqIrhLlkguoPbXOOa+8c/Mpb1sRAGZEOuX EzKNC49+GS9gKW6ISbanyPsGEcFyP7GKMzcHBPf3cPrewZQZ6gBoNscasL6IJeAQDqzQAxbU GjO0qBSMRgnLXK7+DJlxrYdHGXqNbV6AYsmHJ6c2WWWiuRviFBqXinlgJ2FnYebZPAfWibkB DQRcsMzkAQgA1Dpo/xWS66MaOJLwA28sKNMwkEk1Yjs+okOXDOu1F+0qvgE8sVmrOOPvvWr4 axtKRSG1t2QUiZ/ZkW/x/+t0nrM39EANV1VncuQZ1ceIiwTJFqGZQ8kb0+BNkwuNVFHRgXm1 qzAJweEtRdsCMohB+H7BL5LGCVG5JaU0lqFU9pFP40HxEbyzxjsZgSE8LwkI6wcu0BLv6K6c Lm0EiHPOl5G8kgRi38PS7/6s3R8QDsEtbGsYy6O82k3zSLIjuDBwA9GRaeigGppTxzAHVjf5 o9KKu4O7gC2KKVHPegbXS+GK7DU0fjzX57H5bZ6komE5eY4p3oWT/CwVPSGfPs8jOwARAQAB iQE8BBgBCAAmFiEEmuvCXT0aY6hs4SbWeVOEFl5WrMgFAlywzOQCGwwFCQHhM4AACgkQeVOE Fl5WrMhmjQf/dBCjAVn1J0GzSsHiLvSAQz1cchbdy8LD0Tnpzjgp5KLU7sNojbI8vqt4yKAi cayI88j8+xxNXPMWM4pHELuUuVHS5XTpHa/wwulUtI5w/zyKlUDsIvqTPZLUEwH7DfNBueVM WyNaIjV2kxSmM8rNMC+RkgyfbjGLCkmWsMRVuLIUYpl5D9WHmenUbiErlKU2KvEEXEg/aLKq 3m/AdM9RAYsP9O4l+sAZEfyYoNJzDhTZMzn/9Q0uFPLK9smDQh4WBTFaApveVJPHRKmHPoNF Xxj+yScYdQ4SKH34WnhNSELvnZQ3ulH5tpASmm0w+GxfZqSc8+QCwoKtBRDUxoE56A== Message-ID: Date: Thu, 21 Nov 2019 11:59:50 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: <20191121174926.17bf250f4c65964620811554@magnetkern.de> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US X-Rspamd-Queue-Id: 47Jm5300Qdz4fJP X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mike@sentex.net designates 2607:f3e0:0:3::19 as permitted sender) smtp.mailfrom=mike@sentex.net X-Spamd-Result: default: False [-2.71 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ptr]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; HFILTER_HELO_IP_A(1.00)[pyroxene2a.sentex.ca]; DMARC_NA(0.00)[sentex.net]; TO_DN_SOME(0.00)[]; HFILTER_HELO_NORES_A_OR_MX(0.30)[pyroxene2a.sentex.ca]; TO_MATCH_ENVRCPT_SOME(0.00)[]; IP_SCORE(-1.71)[ipnet: 2607:f3e0::/32(-4.93), asn: 11647(-3.55), country: CA(-0.09)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 16:59:52 -0000 On 11/21/2019 11:49 AM, Jan Behrens wrote: > > As far as I know, there is no way to disable having .zfs/snapshot > readable by everyone, is that correct? I believe so.  Hence the request to add a zfs feature to add a new option to snapdir along the lines of zfs set snapdir=inaccessible or zfs set snapdir=rootonly     ---Mike From owner-freebsd-fs@freebsd.org Thu Nov 21 17:19:37 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4CB341C578C for ; Thu, 21 Nov 2019 17:19:37 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47JmWr40jHz3Bpm for ; Thu, 21 Nov 2019 17:19:36 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id C180D1FF54; Thu, 21 Nov 2019 17:19:24 +0000 (UTC) Date: Thu, 21 Nov 2019 18:19:24 +0100 From: Jan Behrens To: mike tancsa Cc: Martin Simmons , freebsd-fs@freebsd.org Subject: Re: ZFS snapdir readability (Crosspost) Message-Id: <20191121181924.1e82775b8cdde685a41f65b3@magnetkern.de> In-Reply-To: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <201911211119.xALBJSIW030544@higson.cam.lispworks.com> <20191121174926.17bf250f4c65964620811554@magnetkern.de> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47JmWr40jHz3Bpm X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-1.39 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-0.96)[-0.957,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.90)[-0.901,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; IP_SCORE(0.16)[ipnet: 185.228.136.0/22(1.47), asn: 197540(-0.63), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 17:19:37 -0000 On Thu, 21 Nov 2019 11:59:50 -0500 mike tancsa wrote: > On 11/21/2019 11:49 AM, Jan Behrens wrote: > > > > As far as I know, there is no way to disable having .zfs/snapshot > > readable by everyone, is that correct? > > I believe so.  Hence the request to add a zfs feature to add a new > option to snapdir along the lines of > > zfs set snapdir=inaccessible > or > zfs set snapdir=rootonly > >     ---Mike > Out of curiosity, would one or two new values (inaccessible and/or rootonly) for the snapdir property require to introduce a new zpool-feature? How about compatibility with other operating systems? Regards, Jan From owner-freebsd-fs@freebsd.org Thu Nov 21 21:48:25 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B337C1CBC06; Thu, 21 Nov 2019 21:48:25 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47JtV149wgz40Bv; Thu, 21 Nov 2019 21:48:25 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from mail-lj1-f173.google.com (mail-lj1-f173.google.com [209.85.208.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: mmacy) by smtp.freebsd.org (Postfix) with ESMTPSA id 35B31B5A1; Thu, 21 Nov 2019 21:48:25 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: by mail-lj1-f173.google.com with SMTP id e9so4893796ljp.13; Thu, 21 Nov 2019 13:48:25 -0800 (PST) X-Gm-Message-State: APjAAAUGiyyrDO2HI7WDgR9PHOIamobxyJBWkTmvkaz9PG2OE8J5o4SR D3WajhtPiXGLqeMfckzlcFY8i2ML6bDL/B5WCAw= X-Google-Smtp-Source: APXvYqxb3nPrCFBl0pUf98lErUNIrj8y9vspujz7tCS1+d33ClgwhP9Wn1QFheERyXsC3kp6M9D3QMvqEY8HvRIOpOg= X-Received: by 2002:a05:651c:87:: with SMTP id 7mr9784181ljq.20.1574372903762; Thu, 21 Nov 2019 13:48:23 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Matthew Macy Date: Thu, 21 Nov 2019 13:48:12 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Revisiting the ZFS test suite To: Alan Somers Cc: freebsd-fs , freebsd-testing Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2019 21:48:25 -0000 FYI the ZTS TRIM test suite can=E2=80=99t be run on FreeBSD at the moment d= ue to the absence of a hole punching API. https://freebsd-arch.freebsd.narkive.com/JKZnzc4p/hole-punching-trim-etc https://github.com/zfsonlinux/zfs/projects/25 On Fri, Oct 4, 2019 at 09:24 Alan Somers wrote: > My employment status changed last week, and I find myself once again > working on ZFS. It's hard to have confidence in any changes without a > solid test suite, so my main task right now is to fix the problems in > FreeBSD's ZFS test suite. Our most recent run had 64 failed tests and 99 > skipped ones; let's get those down to 0 and something small, respectively= . > > https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/3880/testReport/ > > Would anybody be interested to review my changes to the test suite? It's > not terrible if I have to commit without review; I can't possibly break > anything but the test suite itself. > > -Alan > _______________________________________________ > freebsd-fs@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" > From owner-freebsd-fs@freebsd.org Fri Nov 22 08:09:59 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EF0CD1B0FEE for ; Fri, 22 Nov 2019 08:09:59 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu01176b.smtpx.saremail.com (cu01176b.smtpx.saremail.com [195.16.151.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47K8HB5KCxz4Tqt for ; Fri, 22 Nov 2019 08:09:58 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop01.sare.net (Postfix) with ESMTPA id C191A9DF1F8; Fri, 22 Nov 2019 09:09:53 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) OT: mount -t zfs for snapshots From: Borja Marcos In-Reply-To: <201911211630.xALGUT5Z010705@higson.cam.lispworks.com> Date: Fri, 22 Nov 2019 09:09:52 +0100 Cc: jbe-mlist@magnetkern.de, freebsd-fs@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> <201911211630.xALGUT5Z010705@higson.cam.lispworks.com> To: Martin Simmons X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47K8HB5KCxz4Tqt X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.151.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.16 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:195.16.151.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.151.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-2.86)[ip: (-7.61), ipnet: 195.16.128.0/19(-3.89), asn: 3262(-2.87), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Nov 2019 08:10:00 -0000 > On 21 Nov 2019, at 17:30, Martin Simmons wrote: >=20 >>=20 >> I=E2=80=99ve never seen that and, indeed, on FreeBSD 12.1 it=E2=80=99s = not possible. Or I am terribly >> sloppy today! >>=20 >> Did I miss anything? Is it a new ZFS on Linux feature? >>=20 >>=20 >> root@micro1:~ # mount -t zfs -o ro pool/dataset@snapshot /mnt >> mount: unpul/wwwnfsen@antesinst: Device busy >> root@micro1:~ #=20 >=20 > It looks like unpul/wwwnfsen@antesinst is already mounted -- probably = in .zfs :-) (This is a bit of off-topic now, the behavior of mount -t zfs) Yep, it=E2=80=99s only uglier! Whenever you access any of the directories below .zfs/snapshot the = snapshot is automagically mounted. It=E2=80=99s also sort of invisible except = when you run =E2=80=9Cmount -v=E2=80=9D. In that case those snapshot mounts are visible. You can also unmount them.=20 But it=E2=80=99s rather opaque. Auto mounted snapshots are invisible to = mount(8) unless the -v option is used, regardless of the status of the snapdir property. = However, when you mount them explicitly they are visible. Anyway, was this intended or is it a side effect of the general behavior = of mount? I see it=E2=80=99s not documented on the FreeBSD Manual, which only mentions mounting snapshots = as clones. Which, as far as I know, is consistent with the original ZFS design. Thank you for all the explanations, I was convinced that cloning was the = only way to mount a ZFS snapshot.=20 Borja. From owner-freebsd-fs@freebsd.org Fri Nov 22 08:42:00 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 065DE1B1D66 for ; Fri, 22 Nov 2019 08:42:00 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from cu1176c.smtpx.saremail.com (cu1176c.smtpx.saremail.com [195.16.148.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47K9066hvDz4WHp for ; Fri, 22 Nov 2019 08:41:58 +0000 (UTC) (envelope-from borjam@sarenet.es) Received: from [172.16.8.16] (unknown [192.148.167.11]) by proxypop02.sare.net (Postfix) with ESMTPA id D22E69DC70F; Fri, 22 Nov 2019 09:41:54 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: ZFS snapdir readability (Crosspost) From: Borja Marcos In-Reply-To: Date: Fri, 22 Nov 2019 09:41:52 +0100 Cc: Jan Behrens , Martin Simmons , freebsd-fs@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <201911211119.xALBJSIW030544@higson.cam.lispworks.com> <20191121174926.17bf250f4c65964620811554@magnetkern.de> To: mike tancsa X-Mailer: Apple Mail (2.3445.104.11) X-Rspamd-Queue-Id: 47K9066hvDz4WHp X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=sarenet.es; spf=pass (mx1.freebsd.org: domain of borjam@sarenet.es designates 195.16.148.151 as permitted sender) smtp.mailfrom=borjam@sarenet.es X-Spamd-Result: default: False [-5.35 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:195.16.148.0/24]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DMARC_POLICY_ALLOW(-0.50)[sarenet.es,none]; RCVD_IN_DNSWL_NONE(0.00)[151.148.16.195.list.dnswl.org : 127.0.10.0]; IP_SCORE(-3.05)[ip: (-8.48), ipnet: 195.16.128.0/19(-3.92), asn: 3262(-2.90), country: ES(0.04)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3262, ipnet:195.16.128.0/19, country:ES]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Nov 2019 08:42:00 -0000 > On 21 Nov 2019, at 17:59, mike tancsa wrote: >=20 > On 11/21/2019 11:49 AM, Jan Behrens wrote: >>=20 >> As far as I know, there is no way to disable having .zfs/snapshot >> readable by everyone, is that correct? >=20 > I believe so. Hence the request to add a zfs feature to add a new > option to snapdir along the lines of >=20 > zfs set snapdir=3Dinaccessible > or > zfs set snapdir=3Drootonly Instead of =E2=80=9Cinaccessible" I would say =E2=80=9Cdisable=E2=80=9D = because it=E2=80=99s not only preventing access. It is preventing an actual action from taking place: the automatic mounting of = the snapshots below .zfs/snapshot. So. =E2=80=9Cdisable=E2=80=9D is more descriptive. What about a third option, =E2=80=9Cowneronly=E2=80=9D? Although I think = it should be controlled by=20 the vfs.usermount property.=20 Borja. From owner-freebsd-fs@freebsd.org Fri Nov 22 14:16:16 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EE8CB1B93FB for ; Fri, 22 Nov 2019 14:16:16 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47KJPq5R1fz3LDb for ; Fri, 22 Nov 2019 14:16:14 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id CA81B20045; Fri, 22 Nov 2019 14:16:02 +0000 (UTC) Date: Fri, 22 Nov 2019 15:16:02 +0100 From: Jan Behrens To: Borja Marcos Cc: Martin Simmons , freebsd-fs@freebsd.org Subject: Re: ZFS snapdir readability (Crosspost) OT: mount -t zfs for snapshots Message-Id: <20191122151602.c84f717ca3d1a9bb6a66aab8@magnetkern.de> In-Reply-To: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <3C5DC6DD-C44B-41EE-B7AB-6D8F94E43174@sarenet.es> <201911211259.xALCxShX008743@higson.cam.lispworks.com> <462E2C53-2490-4B8C-BB54-BCE8B75BAEB0@sarenet.es> <201911211630.xALGUT5Z010705@higson.cam.lispworks.com> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47KJPq5R1fz3LDb X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-1.44 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.91)[-0.912,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.973,0]; IP_SCORE(0.15)[ipnet: 185.228.136.0/22(1.39), asn: 197540(-0.63), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Nov 2019 14:16:17 -0000 On Fri, 22 Nov 2019 09:09:52 +0100 Borja Marcos wrote: > > On 21 Nov 2019, at 17:30, Martin Simmons wrote: > > > >> I’ve never seen that and, indeed, on FreeBSD 12.1 it’s not possible. Or I am terribly > >> sloppy today! > >> > >> Did I miss anything? Is it a new ZFS on Linux feature? > >> > >> root@micro1:~ # mount -t zfs -o ro pool/dataset@snapshot /mnt > >> mount: unpul/wwwnfsen@antesinst: Device busy > >> root@micro1:~ # > > > > It looks like unpul/wwwnfsen@antesinst is already mounted -- probably in .zfs :-) > > (This is a bit of off-topic now, the behavior of mount -t zfs) > > Yep, it’s only uglier! > > Whenever you access any of the directories below .zfs/snapshot the snapshot > is automagically mounted. It’s also sort of invisible except when you run “mount -v”. In that > case those snapshot mounts are visible. You can also unmount them. I also just confirmed that once I manually mount a snapshot, I can't access it through .zfs/snapshot anymore. Of course, this is doesn't help with solving the original problem because in order to prohibit snapshot access for non-privileged users, it would require all snapshots to be mounted atomically at the same time the associated filesystem is mounted. > [...] > > Borja. Regards, Jan From owner-freebsd-fs@freebsd.org Fri Nov 22 14:36:42 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 53C1B1B9D13 for ; Fri, 22 Nov 2019 14:36:42 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from sapphire.magnetkern.de (sapphire.magnetkern.de [185.228.139.199]) by mx1.freebsd.org (Postfix) with ESMTP id 47KJsP2xWHz3MZM for ; Fri, 22 Nov 2019 14:36:41 +0000 (UTC) (envelope-from jbe-mlist@magnetkern.de) Received: from titanium (p57A35420.dip0.t-ipconnect.de [87.163.84.32]) by sapphire.magnetkern.de (Postfix) with ESMTPSA id 130492005E; Fri, 22 Nov 2019 14:36:30 +0000 (UTC) Date: Fri, 22 Nov 2019 15:36:29 +0100 From: Jan Behrens To: Borja Marcos Cc: mike tancsa , Martin Simmons , freebsd-fs@freebsd.org Subject: Re: ZFS snapdir readability (Crosspost) Message-Id: <20191122153629.2278467855a646a4c0b8f2b4@magnetkern.de> In-Reply-To: References: <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de> <20191120163437.691abd369ab9c0a6d7d45ff2@magnetkern.de> <20191120175803.03401c3316fe756cc46f79f1@magnetkern.de> <201911211119.xALBJSIW030544@higson.cam.lispworks.com> <20191121174926.17bf250f4c65964620811554@magnetkern.de> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 47KJsP2xWHz3MZM X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jbe-mlist@magnetkern.de designates 185.228.139.199 as permitted sender) smtp.mailfrom=jbe-mlist@magnetkern.de X-Spamd-Result: default: False [-1.47 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[32.84.163.87.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[magnetkern.de]; NEURAL_HAM_LONG(-0.93)[-0.930,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.98)[-0.978,0]; IP_SCORE(0.14)[ipnet: 185.228.136.0/22(1.33), asn: 197540(-0.63), country: DE(-0.01)]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:197540, ipnet:185.228.136.0/22, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Nov 2019 14:36:42 -0000 On Fri, 22 Nov 2019 09:41:52 +0100 Borja Marcos wrote: > > On 21 Nov 2019, at 17:59, mike tancsa wrote: > > > > On 11/21/2019 11:49 AM, Jan Behrens wrote: > >> > >> As far as I know, there is no way to disable having .zfs/snapshot > >> readable by everyone, is that correct? > > > > I believe so. Hence the request to add a zfs feature to add a new > > option to snapdir along the lines of > > > > zfs set snapdir=inaccessible > > or > > zfs set snapdir=rootonly > > Instead of “inaccessible" I would say “disable” because it’s not only preventing access. It is > preventing an actual action from taking place: the automatic mounting of the snapshots > below .zfs/snapshot. So. “disable” is more descriptive. > > What about a third option, “owneronly”? Although I think it should be controlled by > the vfs.usermount property. > > Borja. I definitely would appreciate one of "rootonly" or "owneronly". I believe this is what most people would want/need. For me, either would suffice. I like the automounting feature, if it could be limited to root or the owner of the filesystem. "owneronly" (in contrast to "rootonly") would also support those cases where users shall be allowed to access the snapshots of their directories. How about "grouponly" and "wheelonly" (in addition to "rootonly", "owneronly", and "disable")? I guess that would cover pretty much everything, though it might be a bit clunky to add all these options. An alternative would be to simply provide a way to disable zfs snapshot auto-mounting at all (whether through zfs set or sysctl) instead of attempting to extend it with access control. Regards, Jan From owner-freebsd-fs@freebsd.org Fri Nov 22 23:51:49 2019 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2AA831C4B31; Fri, 22 Nov 2019 23:51:49 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47KY9x0LkFz4P4T; Fri, 22 Nov 2019 23:51:49 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com [209.85.167.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: mmacy) by smtp.freebsd.org (Postfix) with ESMTPSA id A87E116772; Fri, 22 Nov 2019 23:51:48 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: by mail-lf1-f51.google.com with SMTP id 203so6753782lfa.12; Fri, 22 Nov 2019 15:51:48 -0800 (PST) X-Gm-Message-State: APjAAAVPhmE3PEsJnAS5nTiZ8cOiATy4eHfOAV63gWpWqEWSWfjpVABJ GP2P32yYh7SBWx/BxDrDJ90QVTN98w09OGP2reU= X-Google-Smtp-Source: APXvYqypf9Vc4sq7FzpYE0FNKivOXfcyVY8ONL8hPyNfrYwc9vywAvcIXsYnCdkJaMi+jz0f5LuFpM4Y0GP6Sj8bTo8= X-Received: by 2002:a19:f510:: with SMTP id j16mr61632lfb.30.1574466707181; Fri, 22 Nov 2019 15:51:47 -0800 (PST) MIME-Version: 1.0 References: <1ef80fd8-d695-010f-9dc8-a6b9a2a80f8e@FreeBSD.org> In-Reply-To: From: Matthew Macy Date: Fri, 22 Nov 2019 15:51:35 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Revisiting the ZFS test suite To: Alan Somers Cc: Andriy Gapon , freebsd-testing , freebsd-fs Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Nov 2019 23:51:49 -0000 On Wed, Nov 20, 2019 at 8:18 AM Alan Somers wrote: > > On Wed, Nov 20, 2019 at 1:17 AM Andriy Gapon wrote: > > > On 04/10/2019 19:23, Alan Somers wrote: > > > My employment status changed last week, and I find myself once again > > > working on ZFS. It's hard to have confidence in any changes without a > > > solid test suite, so my main task right now is to fix the problems in > > > FreeBSD's ZFS test suite. Our most recent run had 64 failed tests and 99 > > > skipped ones; let's get those down to 0 and something small, > > respectively. > > > > > > https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/3880/testReport/ > > > > > > Would anybody be interested to review my changes to the test suite? It's > > > not terrible if I have to commit without review; I can't possibly break > > > anything but the test suite itself. > > > > Alan, > > > > just curious, did you have any plans to merge new tests and changes to > > existing > > tests from illumos or ZoL? > > I've imported quite a few code changes, many times there were test changes > > or > > new test, but I never took time to merge them. > > > > > > -- > > Andriy Gapon > > > > We'll need to do it sooner or later, but it's going to take a large > effort. I can't justify that much effort right now. And it will require > changing ZoL's test suite, too, not just ours. We'll need to convince them > to use ATF, for example. Another issue came up when discussing your mail with Brian - the last release was 2014 and it's no longer available for Linux. -M