From owner-freebsd-fs@FreeBSD.ORG Mon Nov 17 14:15:46 2008 Return-Path: Delivered-To: freebsd-fs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1831F106567A for ; Mon, 17 Nov 2008 14:15:46 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: from mail.garage.freebsd.pl (chello087206045082.chello.pl [87.206.45.82]) by mx1.freebsd.org (Postfix) with ESMTP id 6B22D8FC12 for ; Mon, 17 Nov 2008 14:15:45 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: by mail.garage.freebsd.pl (Postfix, from userid 65534) id 4AF394569A; Mon, 17 Nov 2008 15:15:43 +0100 (CET) Received: from localhost (ghf58.internetdsl.tpnet.pl [83.12.187.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.garage.freebsd.pl (Postfix) with ESMTP id 6AA2B45684; Mon, 17 Nov 2008 15:15:34 +0100 (CET) Date: Mon, 17 Nov 2008 15:15:23 +0100 From: Pawel Jakub Dawidek To: Andriy Gapon Message-ID: <20081117141523.GB2101@garage.freebsd.pl> References: <491D710A.9090308@icyb.net.ua> <491D8621.40101@icyb.net.ua> <20081117043042.GA2101@garage.freebsd.pl> <49215C28.1020405@icyb.net.ua> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="PuGuTyElPB9bOcsM" Content-Disposition: inline In-Reply-To: <49215C28.1020405@icyb.net.ua> User-Agent: Mutt/1.4.2.3i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 8.0-CURRENT i386 X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on mail.garage.freebsd.pl X-Spam-Level: X-Spam-Status: No, score=-5.9 required=3.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.0.4 Cc: freebsd-fs@FreeBSD.org Subject: Re: zfs snapdir: from hidden to visible and back again X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Nov 2008 14:15:46 -0000 --PuGuTyElPB9bOcsM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 17, 2008 at 01:57:28PM +0200, Andriy Gapon wrote: > on 17/11/2008 06:31 Pawel Jakub Dawidek said the following: > > On Fri, Nov 14, 2008 at 04:07:29PM +0200, Andriy Gapon wrote: > >> on 14/11/2008 14:37 Andriy Gapon said the following: > >>> Also, even with snapdir=3Dhidden, I still can list snapshots (their > >>> contents) if I ls full path with .zfs in it. > >>> Is this right? > >> And it seems that any snapshot accessed in this way gets automatically > >> added to mounts. This doesn't seem to be reasonable. > >> > >> For example, periodic security script would report suid binaries found > >> in these snapshots, etc. > >=20 > > Everything you described is expected behaviour. > >=20 >=20 > I see. I guess there is no way to access something without mounting and > no way to auto-unmount after use. > Thanks. You can setup a cron job which will try to unmount all the snapshots every few minutes. If something is using the snapshot, unmount should fail. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --PuGuTyElPB9bOcsM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFJIXx6ForvXbEpPzQRArpvAJ9WK5J5WTZtlqAeWJUWiJO2jgjYigCgpJ2R Z4YyBMC/P1emLEi462ZO6QI= =yFXy -----END PGP SIGNATURE----- --PuGuTyElPB9bOcsM--