[Bug 260160] zfs jailed: snapshots not accessible

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 260160] zfs jailed: snapshots not accessible"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 10 Feb 2023 22:08:38 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260160

--- Comment #25 from Jim Long <freebsd-bugzilla@umpquanet.com> ---
For those affected by this regression who are looking for a workaround that
eliminates (or rather, automates) the need to run 'jail -m ...' on each jail
that requires access to its snapshots:

This simple change to the globals section of /etc/jail.conf uses the
"exec.poststart" hook to have /etc/rc.d/jail spawn a small subshell process
after each jail is started (either at boot time or by "service jail
[re]start").

From man 8 jail:

     exec.poststart
             Command(s) to run in the system environment after a jail is
             created, and after any exec.start commands have completed.

This is very much a temporary hack until a proper fix is merged into the
codebase, but the method appears to be both effective and minimally intrusive:

/etc/jail.conf:

# Global:
# .. whatever global stuff you already have
zfs.mount_snapshot      = 1;
exec.poststart          = "( /bin/sleep 30; /usr/sbin/jail -m $name ) &";
# ... and whatever else you like ...

jail1 {
# ... your normal per-jail parameters here
}

jail2 {
# ... your normal per-jail parameters here
}

If you prefer not to do this globally, the "poststart" directive can be deleted
from the global context and inserted into each individual jail where it is
needed.

For my purposes the global context is more convenient, because my primary use
case is several jailed Samba instances where I want to allow end-user access to
ZFS snapshots of the data share, so that users can access backups without any
sysadmin intervention.  A secondary use case is to simply allow root-users of
jailed FreeBSD instances to access snapshot backups of their own system files.

In both cases, however, it is also desired that the root user of the jail NOT
be able to destroy snapshots.  Hence the reason for not simply setting
"jailed=on" and delegating the entire ZFS filesystem to the jail.  Effectively
this makes the backups readable by the jail, but immutable by even the jail
root.

HTH,

Jim

-- 
You are receiving this mail because:
You are the assignee for the bug.