我有一台 FreeNAS (11.1-U1) 和一台 FreeBSD (11.1-RELEASE-p6) 机器。在 FreeNAS 上,我想以zfs receive具有委派权限的非 root 用户身份递归快照。这似乎对大多数子数据集都很有效。但 iocage 的data数据集(可以安装到 jail 中并从那里进行管理)却失败了:
root@freebsd:~> zfs send -RI "dozer@2018-02-21" "dozer@2018-03-08" | ssh -T -i /root/backup_key backupuser@freenas zfs receive -dvuF neo/backups/freebsd
receiving incremental stream of dozer@2018-03-03 into neo/backups/freebsd@2018-03-03
received 312B stream in 1 seconds (312B/sec)
receiving incremental stream of dozer@2018-03-07 into neo/backups/freebsd@2018-03-07
received 312B stream in 1 seconds (312B/sec)
receiving incremental stream of dozer@2018-03-08 into neo/backups/freebsd@2018-03-08
received 312B stream in 1 seconds (312B/sec)
receiving incremental stream of dozer/ROOT@2018-03-03 into neo/backups/freebsd/ROOT@2018-03-03
.
.
.
receiving incremental stream of dozer/iocage/jails/owncloud/root@2018-03-08 into neo/backups/freebsd/iocage/jails/owncloud/root@2018-03-08
received 578MB stream in 110 seconds (5.25MB/sec)
receiving incremental stream of dozer/iocage/jails/owncloud/root/data@2018-03-03 into neo/backups/freebsd/iocage/jails/owncloud/root/data@2018-03-03
cannot receive incremental stream: permission denied
warning: cannot send 'dozer/iocage/jails/owncloud/root/data@2018-03-03': signal received
warning: cannot send 'dozer/iocage/jails/owncloud/root/data@2018-03-07': Broken pipe
warning: cannot send 'dozer/iocage/jails/owncloud/root/data@2018-03-08': Broken pipe
该特定子级的权限与父数据集的权限完全相同:
root@freenas:~ # zfs allow neo/backups/freebsd/iocage/jails/owncloud/root/data
---- Permissions on neo/backups/freebsd -----------------------------
Local+Descendent permissions:
user backupuser atime,compression,create,dedup,exec,jailed,mount,mountpoint,quota,receive,rename,reservation,setuid,userprop
zfs receive以 root 身份在 FreeNAS 上运行一切正常。
我的用户需要什么委派权限才能接收 iocage 的被监禁的数据集,更一般地说,有没有办法zfs receive发出更详细的错误消息来告诉您缺少什么权限?
答案1
zfs在解决命令引起的权限问题时,请zfs根据操作的组成步骤进行分析。
示例命令zfs receive -duvF解压为几个步骤。其中两个标志与任何特殊权限无关:
-d 影响新数据集的命名(如果有)
-v 启用详细输出
另两个也一样。
-F 表示文件系统将回滚到接收开始前的增量传输的初始快照
-u 表示接收完成后不会挂载文件系统
我的直觉是你缺少回滚权限。命令中的 -F 标志表示zfs rollback将执行,而你的命令zfs allow未列出rollback。
一般情况下,人们可以对给定命令所需的权限做出推断猜测zfs。
手册页指出zfs:
权限名称与 ZFS 子命令和属性名称相同。
和 ...
权限通常是使用 ZFS 子命令或更改 ZFS 属性的能力。可用的权限如下:
NAME TYPE NOTES allow subcommand Must also have the permission that is being allowed clone subcommand Must also have the 'create' ability and 'mount' ability in the origin file system create subcommand Must also have the 'mount' ability destroy subcommand Must also have the 'mount' ability diff subcommand Allows lookup of paths within a dataset given an object number, and the ability to create snapshots necessary to 'zfs diff' hold subcommand Allows adding a user hold to a snapshot mount subcommand Allows mount/umount of ZFS datasets promote subcommand Must also have the 'mount' and 'promote' ability in the origin file system receive subcommand Must also have the 'mount' and 'create' ability release subcommand Allows releasing a user hold which might destroy the snapshot rename subcommand Must also have the 'mount' and 'create' ability in the new parent rollback subcommand Must also have the 'mount' ability send subcommand share subcommand Allows sharing file systems over the NFS protocol snapshot subcommand Must also have the 'mount' ability groupquota other Allows accessing any groupquota@... property groupused other Allows reading any groupused@... property userprop other Allows changing any user property userquota other Allows accessing any userquota@... property userused other Allows reading any userused@... property aclinherit property aclmode property atime property canmount property casesensitivity property checksum property compression property copies property dedup property devices property exec property filesystem_limit property logbias property jailed property mlslabel property mountpoint property nbmand property normalization property primarycache property quota property readonly property recordsize property refquota property refreservation property reservation property secondarycache property setuid property sharenfs property sharesmb property snapdir property snapshot_limit property sync property utf8only property version property volblocksize property volsize property vscan property xattr property
手头的示例包含该-u标志,因此在接收操作结束时不会挂载文件系统。但是,如果-u没有该标志,则在接收过程结束时将挂载文件系统。显然,权限receive需要mount权限。
由于zfs mount操作会自动创建任何必要的挂载点,因此用户可能拥有zfs挂载数据集的权限,但没有创建挂载点的文件系统权限。在 的情况下zfs mount,挂载将失败。在zfs create或rename操作中,将创建或重命名文件系统,但如果用户没有足够的文件系统权限来创建挂载点,它将保持未挂载状态。
类似地,zfs rename在重命名操作的几个阶段,命令可能会因权限不足而失败。粗略地说,组成步骤可能是:
1)卸载文件系统(mount权限)
2)创建新的文件系统(create权限)
3)将文件系统元数据映射到新名称(rename权限)
第四步是将新命名的文件系统重新挂载到新的、可能已更改的挂载点,这再次使用权限mount(可能还有文件系统权限)来创建新的挂载点。
我没有测试过这样的技巧,但可以看出zfs区分create和rename权限,以及mount和mountpoint权限。有人设想,可能可以允许用户创建新的文件系统,但一旦创建,用户就不能重命名它们。对于具有继承挂载点的文件系统,重命名文件系统通常也会重命名文件系统的挂载点,例如重命名为会将tank/usr/local挂载tank/usr/local.OLD点从更改/usr/local为/usr/local.OLD。
mount权限与权限rename的分离mountpoint意味着用户可以重命名文件系统,但不允许更改其挂载点。反之亦然,可以更改文件系统的挂载位置,但不能更改文件系统的名称。
其文件系统操作及其操作的委派的丰富性,再加上权限的粒度,可能会带来zfs一定的挑战性,但也非常强大。
答案2
这看起来就像您有一个缺少权限的快照。
尝试设置receive权限neo/backups/freebsd/iocage/jails/owncloud/root/data@2018-03-03。
看起来它在卷上设置正确,但在快照上缺失。