From owner-freebsd-questions@FreeBSD.ORG Thu May 29 11:09:12 2014 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93AD5637 for ; Thu, 29 May 2014 11:09:12 +0000 (UTC) Received: from mail.cyberleo.net (mtumishi.cyberleo.net [216.226.128.201]) by mx1.freebsd.org (Postfix) with ESMTP id 715212D1D for ; Thu, 29 May 2014 11:09:11 +0000 (UTC) Received: from [172.16.44.4] (vitani.den.cyberleo.net [216.80.73.130]) by mail.cyberleo.net (Postfix) with ESMTPSA id 68FF42B01; Thu, 29 May 2014 07:08:52 -0400 (EDT) Message-ID: <5387154F.5040502@cyberleo.net> Date: Thu, 29 May 2014 06:09:03 -0500 From: CyberLeo Kitsana User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: Guillermo Marcus , freebsd-questions@FreeBSD.org Subject: Re: Mounting a ZFS snapshot by another user References: <80D52646-2377-447F-BBC4-BEF642585391@gmail.com> In-Reply-To: <80D52646-2377-447F-BBC4-BEF642585391@gmail.com> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 May 2014 11:09:12 -0000 On 05/28/2014 03:17 PM, Guillermo Marcus wrote: > Hi all, > > I am using ZFS in a FreeBSD 10.0-RELEASE (10.0-RELEASE FreeBSD 10.0-RELEASE #0 r260789). I setup some scripts to create snapshots of my ZFS pool at regular intervals, and then another script to mount the latest snapshot of each dataset in the pool to a specific location, recreating a snapshot of my pool for backup. The goal is to use Bacula to always backup the snapshot, to avoid data being in an inconsistent state. The mount script is then executed by the bacula user at the beginning of the backup job. The scripts work fine, but I have an issue with the script being executed by the backup user and not the pool owner. > Here is the thing: it works only partially. Apparently, it requires that the mount point of the dataset be owned by the bacula user and not dataowner, even when the user bacula has full access. Example: > Can anyone explain what I am missing? If I remember correctly, one of the security consolations inherent in vfs.usermount is that the user have sufficient access to both the source node and the target directory; to prevent, say, a mortal user mounting something over /bin or whatever. You may get a more consistent behaviour if you abstract the snapshot manipulation into a separate process which runs setuid root (through a setuid C binary, sudo, et cetera) and performs the necessary validation. That way, for example, the only thing with which your backup script would have to concern itself is in asking that a particular snapshot be mounted, and being handed back a fully populated directory upon which to operate. I'm sure there are other ways it can be handled, but that is the one that springs immediately to mind. -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net Furry Peace! - http://www.fur.com/peace/