From owner-freebsd-fs@FreeBSD.ORG Fri Aug 8 03:39:02 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE0A71065670 for ; Fri, 8 Aug 2008 03:39:02 +0000 (UTC) (envelope-from jdc@parodius.com) Received: from mx01.sc1.parodius.com (mx01.sc1.parodius.com [72.20.106.3]) by mx1.freebsd.org (Postfix) with ESMTP id BBD318FC16 for ; Fri, 8 Aug 2008 03:39:02 +0000 (UTC) (envelope-from jdc@parodius.com) Received: by mx01.sc1.parodius.com (Postfix, from userid 1000) id 609B71CC0B7; Thu, 7 Aug 2008 20:39:02 -0700 (PDT) Date: Thu, 7 Aug 2008 20:39:02 -0700 From: Jeremy Chadwick To: Boris Kotzev Message-ID: <20080808033902.GA72860@eos.sc1.parodius.com> References: <200808071925.45786.boris.kotzev@gmail.com> <20080807165502.GA39420@eos.sc1.parodius.com> <200808072040.55571.boris.kotzev@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200808072040.55571.boris.kotzev@gmail.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: freebsd-fs@freebsd.org Subject: Re: zfs - no access to a Mac OS X zfs pool without root privileges X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Aug 2008 03:39:02 -0000 On Thu, Aug 07, 2008 at 08:40:55PM +0300, Boris Kotzev wrote: > ?? Thursday 07 August 2008 19:55:02 Jeremy Chadwick ??????: > > On Thu, Aug 07, 2008 at 07:25:45PM +0300, Boris Kotzev wrote: > > > Hello, > > > > > > I used the zfs port to Mac OS X (http://zfs.macosforge.org) to > > > create a storage pool under Mac OS X. The pool can be imported > > > successfully under FreeBSD: > > > > > > root:~-114# zpool import macpool > > > root:~-115# zpool list macpool > > > NAME SIZE USED AVAIL CAP HEALTH ALTROOT > > > macpool 6,94G 510K 6,94G 0% ONLINE - > > > root:~-116# zfs list macpool > > > NAME USED AVAIL REFER MOUNTPOINT > > > macpool 474K 6,83G 308K /macpool > > > > > > and is fully accessible to the root user: > > > > > > root:~-118# id > > > uid=0(root) gid=0(wheel) groups=0(wheel),5(operator) > > > root:~-119# ls -ld /macpool > > > drwxr-xr-x 7 root wheel 8 7 ??? 16:59 /macpool > > > root:~-120# ls -l /macpool > > > total 43 > > > drwx------ 3 root wheel 3 7 ??? 16:31 .Spotlight-V100 > > > -rw-r--r-- 1 root wheel 35014 7 ??? 16:31 .VolumeIcon.icns > > > drwx------ 2 root wheel 4 7 ??? 16:32 .fseventsd > > > drwxr-xr-x 2 root wheel 2 7 ??? 16:59 backup > > > drwxr-xr-x 2 root wheel 2 7 ??? 16:59 downloads > > > drwxr-xr-x 2 root wheel 2 7 ??? 16:58 music > > > > > > According to the file permissions on /macpool (drwxr-xr-x), > > > anyone should have read access to it. This is not the case > > > though: > > > > > > root:~-121# su user > > > % id > > > uid=1003(user) gid=1003(user) > > > groups=1003(user),0(wheel),5(operator) % ls -l /macpool > > > ls: /macpool: Permission denied > > > % cd /macpool > > > /macpool: Permission denied. > > > > > > Is this a bug, or is there some way to get access to /macpool as > > > an ordinary user? > > > > > > The pool was created under version zfs-119 of the Mac OS X port; > > > the FreeBSD version is: > > > > > > root:~-122# uname -a > > > FreeBSD xxxx 8.0-CURRENT FreeBSD 8.0-CURRENT #0: Sat Aug 2 > > > 14:19:33 EEST 2008 root@xxxx:/usr/obj/usr/src/sys/MACBOOK amd64 > > > > > > with the latest zfs patch, but the problem was also present > > > before applying the patch. > > > > As root, what does "zfs get all macpool" return on FreeBSD? > > root@:~-116# zfs get all macpool > NAME PROPERTY VALUE SOURCE > macpool type filesystem - > macpool creation ?? ??? 7 16:31 2008 - > macpool used 474K - > macpool available 6,83G - > macpool referenced 308K - > macpool compressratio 1.00x - > macpool mounted yes - > macpool quota none default > macpool reservation none default > macpool recordsize 128K default > macpool mountpoint /macpool default > macpool sharenfs off default > macpool checksum on default > macpool compression off default > macpool atime on default > macpool devices on default > macpool exec on default > macpool setuid on default > macpool readonly off default > macpool jailed off default > macpool snapdir hidden default > macpool aclmode groupmask default > macpool aclinherit restricted default > macpool canmount on default > macpool shareiscsi off default > macpool xattr off temporary > macpool copies 1 default > macpool version 1 - > macpool utf8only off - > macpool normalization none - > macpool casesensitivity sensitive - > macpool vscan off default > macpool nbmand off default > macpool sharesmb off default > macpool refquota none default > macpool refreservation none default It's interesting to note that your filesystem has a significantly larger number of properties returned than mine. I wonder if the ZFS code has support for those properties on FreeBSD, but they simply aren't listed. Or maybe the patch you're using adds all of them? I don't know. Anyway, the property that may be relevant is aclinherit. The zfs(1) manpage on FreeBSD makes no mention of what "restricted" means for property "aclinherit". I believe it may be the source of the problem. A ZFS filesystem made on FreeBSD has a different value for that property. I explicitly enabled compression on the below fs, BTW, which is why that value is not the default value: NAME PROPERTY VALUE SOURCE storage type filesystem - storage creation Sun May 25 19:33 2008 - storage used 183G - storage available 730G - storage referenced 183G - storage compressratio 1.02x - storage mounted yes - storage quota none default storage reservation none default storage recordsize 128K default storage mountpoint /storage default storage sharenfs off default storage checksum on default storage compression on local storage atime off local storage devices on default storage exec on default storage setuid on default storage readonly off default storage jailed off default storage snapdir hidden default storage aclmode groupmask default storage aclinherit secure default storage canmount on default storage shareiscsi off default storage xattr off temporary storage copies 1 default -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |