From owner-freebsd-current@FreeBSD.ORG Mon Jul 28 21:35:06 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 71397106566B; Mon, 28 Jul 2008 21:35:06 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: from mail.garage.freebsd.pl (chello087206045140.chello.pl [87.206.45.140]) by mx1.freebsd.org (Postfix) with ESMTP id B5CAF8FC14; Mon, 28 Jul 2008 21:35:05 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: by mail.garage.freebsd.pl (Postfix, from userid 65534) id 0CDF3456B1; Mon, 28 Jul 2008 23:35:04 +0200 (CEST) Received: from localhost (chello087206045140.chello.pl [87.206.45.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.garage.freebsd.pl (Postfix) with ESMTP id 35EBF4569A; Mon, 28 Jul 2008 23:34:56 +0200 (CEST) Date: Mon, 28 Jul 2008 23:35:00 +0200 From: Pawel Jakub Dawidek To: Max Laier Message-ID: <20080728213500.GD2740@garage.freebsd.pl> References: <20080727125413.GG1345@garage.freebsd.pl> <200807282316.37722.max@love2party.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="BQPnanjtCNWHyqYD" Content-Disposition: inline In-Reply-To: <200807282316.37722.max@love2party.net> User-Agent: Mutt/1.4.2.3i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 8.0-CURRENT i386 X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on mail.garage.freebsd.pl X-Spam-Level: X-Spam-Status: No, score=-2.6 required=3.0 tests=BAYES_00 autolearn=ham version=3.0.4 Cc: freebsd-fs@freebsd.org, freebsd-current@freebsd.org Subject: Re: allow vs. usermount [Re: ZFS patches.] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 21:35:06 -0000 --BQPnanjtCNWHyqYD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 28, 2008 at 11:16:37PM +0200, Max Laier wrote: > On Sunday 27 July 2008 14:54:13 Pawel Jakub Dawidek wrote: > > If you have any questions, please use mailing lists > > (freebsd-fs@FreeBSD.org would be the best). >=20 > Short exercise: > | $ whoami > | mlaier > | $ zfs list > | NAME USED AVAIL REFER MOUNTPOINT > | tank 104K 228G 19K /tank > | tank/mlaier 18K 228G 18K /tank/mlaier > | $ zfs allow tank/mlaier > | ------------------------------------------------------------- > | Local+Descendent permissions on (tank/mlaier) > | user mlaier create,destroy,mount,snapshot > | ------------------------------------------------------------- > | $ zfs create tank/mlaier/test > | cannot mount 'tank/mlaier/test': Insufficient privileges > | filesystem successfully created, but not mounted >=20 > This is obviously due to the check in vfs_mount.c patched line 851: >=20 > if (jailed(td->td_ucred) || usermount =3D=3D 0) { >=20 > the question is, should this be tuned to allow for the finer grained zfs= =20 > permissions to take effect or will we force usermount to use zfs allow mo= unt? Current plan is to document it in the same way ZFS within a jail is documented in zfs(8). Yes, one needs to set vfs.usermount=3D1 by hand. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --BQPnanjtCNWHyqYD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFIjjuDForvXbEpPzQRAs21AJsHhp3tQ88mp0UGQr4mxgw7OeJq5wCglQ88 +pVcs/Jo8TGatlJ5dv+/lto= =cQsh -----END PGP SIGNATURE----- --BQPnanjtCNWHyqYD--