From nobody Fri Nov 24 23:35:41 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ScWZK4vFRz51KWq; Fri, 24 Nov 2023 23:35:53 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ScWZJ3Rl5z3JkZ; Fri, 24 Nov 2023 23:35:52 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=hlxbJz+N; spf=pass (mx1.freebsd.org: domain of rick.macklem@gmail.com designates 2607:f8b0:4864:20::1029 as permitted sender) smtp.mailfrom=rick.macklem@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-pj1-x1029.google.com with SMTP id 98e67ed59e1d1-285196aaecaso1996594a91.0; Fri, 24 Nov 2023 15:35:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700868951; x=1701473751; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=UiSEmEcUxsLqFGUNGaTpue5DgZavQCO83qAFvfYMLEw=; b=hlxbJz+N/OjKkjSu7Qp1b3sebWhGgmn0GIX8EHD+YMpK7/QiuLUvc8eLojYm8Irlmu lgouFnDjV1SCzthoi009UUU/8gi55ud0pUY9R7ZafiV2f9wocDKZ+qD4d8D6DVLArpHx lIA1hHWriGyz8xRdC3y11Q18VP2NCyOuEvWI6+JeQ5qqXhONes/h/JA7KA0pj4NBelNw 1nqUvgx2xqFhYm0E1u3R3VYDp31QJzRIvIrMuZ7LTnmmZ+kaNpO47dm/QMQYHsYXhAyp 35S9kszEKf2+3wIrCDgO+wEhagNDzGSaUf99Egshzc8cD7IbhLwLHlaDjSHZx/ZHkpvx 4HMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700868951; x=1701473751; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UiSEmEcUxsLqFGUNGaTpue5DgZavQCO83qAFvfYMLEw=; b=gdV6Hw6znTkhBJs2WhIcdqWq0bjTV9QvZtPNvqb/5meyvpY41YbSvPQwIcrnm18G+4 V6EGCQkiN7N9AFIQOEMjVvT+nP0BhlGYQrM6nEQgvpw+UpeOR/laH778kNsZPs6aDjZa eb+86CkDVtfbI1UeWtWsB5/mV3W9bfGESb3v74L3H7tczUdDB1NCjwCq0xDkq026CnU6 rAlOLpwPOpATV1jVdc0E7VHqwEmYatzNefuQvcaFaux/KS/oetZ98jf+e6de4lsvyxVy BZPROIGsslfnyXzNdCm/+KS8fX4gwbS5v8GPO+vPIV1A3S7lupIwuQWAn2Ib4Kv/zblu pl7A== X-Gm-Message-State: AOJu0Ywk+aLz3YmbpZx3yPHZuGd3YXLdt7lJLszMIS5IYws46kSH7X2p d3XKGDoLpxHnNEfqg6iRvT6uuXKurvJDwD6cmA== X-Google-Smtp-Source: AGHT+IFHQqKeV+j0H1QaNZUrRAXhtbj3uVCsfOwhILJvPKrZF65jU/XgisKq0Z7RrH0f8OjWL+wATgKJpK4FKIc2pVE= X-Received: by 2002:a17:90b:1d0a:b0:27c:f1f8:261f with SMTP id on10-20020a17090b1d0a00b0027cf1f8261fmr4370480pjb.20.1700868950755; Fri, 24 Nov 2023 15:35:50 -0800 (PST) List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 References: <202311231525.3ANFPBo6039293@gitrepo.freebsd.org> <987d4593d50b9cbffb9b6443d3825499@Leidinger.net> In-Reply-To: From: Rick Macklem Date: Fri, 24 Nov 2023 15:35:41 -0800 Message-ID: Subject: Re: git: f5f277728ade - main - nfsd: Fix NFS access to .zfs/snapshot snapshots To: Mike Karels Cc: Konstantin Belousov , Alexander Leidinger , Rick Macklem , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; NEURAL_HAM_LONG(-0.99)[-0.992]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1029:from]; TAGGED_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org,dev-commits-src-main@freebsd.org]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCPT_COUNT_SEVEN(0.00)[7]; FROM_EQ_ENVFROM(0.00)[]; RCVD_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_CC(0.00)[gmail.com,leidinger.net,freebsd.org] X-Rspamd-Queue-Id: 4ScWZJ3Rl5z3JkZ X-Spamd-Bar: --- On Fri, Nov 24, 2023 at 8:16=E2=80=AFAM Rick Macklem wrote: > > On Fri, Nov 24, 2023 at 7:58=E2=80=AFAM Rick Macklem wrote: > > > > On Fri, Nov 24, 2023 at 5:18=E2=80=AFAM Mike Karels w= rote: > > > > > > CAUTION: This email originated from outside of the University of Guel= ph. Do not click links or open attachments unless you recognize the sender = and know the content is safe. If in doubt, forward suspicious emails to ITh= elp@uoguelph.ca. > > > > > > > > > On 24 Nov 2023, at 7:02, Konstantin Belousov wrote: > > > > > > > On Fri, Nov 24, 2023 at 08:50:22AM +0100, Alexander Leidinger wrote= : > > > >> Am 2023-11-23 16:25, schrieb Rick Macklem: > > > >>> The branch main has been updated by rmacklem: > > > >>> > > > >>> URL: https://cgit.FreeBSD.org/src/commit/?id=3Df5f277728adec4c5b3= e840a1fb16bd16f8cc956d > > > >>> > > > >>> commit f5f277728adec4c5b3e840a1fb16bd16f8cc956d > > > >>> Author: Rick Macklem > > > >>> AuthorDate: 2023-11-23 15:23:33 +0000 > > > >>> Commit: Rick Macklem > > > >>> CommitDate: 2023-11-23 15:23:33 +0000 > > > >>> > > > >>> nfsd: Fix NFS access to .zfs/snapshot snapshots > > > >>> > > > >>> When a process attempts to access a snapshot under > > > >>> //.zfs/snapshot, the snapshot is automounted. > > > >>> However, without this patch, the automount does not > > > >>> set mnt_exjail, which results in the snapshot not being > > > >>> accessible over NFS. > > > >>> > > > >>> This patch defines a new function called vfs_exjail_clone() > > > >>> which sets mnt_exjail from another mount point and > > > >>> then uses that function to set mnt_exjail in the snapshot > > > >>> automount. A separate patch that is currently a pull request > > > >>> for OpenZFS, calls this function to fix the problem. > > > >> > > > >> May the same/similar fix like for ZFS be needed / useful for nullf= s mounted > > > >> stuff? > > > >> > > > >> I have a ZFS dataset which is mounted via nullfs into a jail. This > > > >> nullfs-mount is then exported via samba. In samba I have the shado= w-copy > > > >> stuff enabled, but it doesn't work, as the jails can't access the = snapshot. > > > > > > > > Jails cannot access snapshots because, as I understand, snapshots > > > > are mounts. Nullfs does not provide an option to recursively bypass > > > > into mounts. The patch you responded to does not automatically moun= ts > > > > snapshots on clients, it only allows them to mount if wanted. > > > > > > It works for me, with main and this change, or 13.2 without a patch. > > > I don't know the mechanics, but it doesn't use nullfs, and the snapsh= ot > > > does not show up as a separate filesystem with the mount command. > > Yes. ZFS essentially does an automount of the snapshots under .zfs/snap= shot. > > (As I understand it, there are non-default ZFS options that allow these= to be > > mounted manually instead.) > > I can now see that these automounts are 'real mounts" in the > > mountlist. The only reason > > they are not visible is that they have MNT_IGNORE set on them. > Oh and I forgot to mention that this automount is for some weird in > memory file system that does just enough so you can see the snapshots. > Once you "cd ", the vnodes are associated with the ZFS > mount (dataset) and not this weird snapshot fs. (That is why it doesn't n= eed to > be exported, but did need mnt_exjail to be set properly.) > > I might be able to test a nullfs over ZFS case later to-day and will > post if I do so. Yes, it is broken in a similar way. With a nullfs mount on top of a ZFS mou= nt that is exported to an NFS client, you can access the snapshots under .zfs/snapshot if the mnt_exjail checks are commented out. However, if the checks are done, they fail. So, yes, something similar to what ZFS will do is needed for nullfs. Now I have to figure out how/when it can be done. I will play with it to-da= y, but it probably won't get fixed until late Dec. Again, sorry for the breakage, rick > > rick > > > > > Now, as for what happens when nullfs is on top of ZFS, I do not know. > > What Kostik says about nullfs recursing into mounts suggests it will no= t work. > > I will look at it, but since I am headed to Florida for a few weeks, it= may > > not happen until the end of the year. > > > > If someone can test this case and determine if there is no NFS client a= ccess > > for snapshots under .zfs after applying the patch that is an > > attachment in PR#275200 > > when nullfs is over the ZFS file system, that would be appreciated. > > > > rick > > > > > > > > Mike > > > > > > > You might try to set up something with autofs, no idea if it could = be made > > > > to work usefully. > > >