I am trying to set up a Jail to provide Samba services. Before doing this, I installed samba419 and zrepl for testing on the host side. The following command and configuration allow me to set up a Samba server on the host side, with snapshots used for versioning.
However, when I mount the dataset to the Jail and use the same configuration (with only the share path changed to path = /mnt/samba2), I find that I can share files, but the client cannot see the file's snapshot. I can see the snapshots in folders, but it shows the Previous Versions error.
Inside the Jail, I can see the snapshots, but it shows "Operation not permitted" for the new snapshots. After applying the solution from this post, the error no longer appears, and I can open the folder snapshots. However, I still cannot access the file's snapshot.
Does the nullfs mount not support reading ZFS snapshots? But I can read the snapshots in folders.
Should I consider another approach, like mounting a ZFS dataset to the Jail?
Code:
# user for samba is abcd
pkg install -y samba419 zrepl
zfs create zroot/samba2
zfs set xattr=sa dnodesize=auto relatime=on aclmode=restricted aclinherit=passthrough zroot/samba2
setfacl -b -R /zroot/samba2
chown -R abcd:abcd /zroot/samba2
chmod -R 770 /zroot/samba2
setfacl -R -m owner@:full_set:fd:allow,group@:modify_set:fd:allow,everyone@::fd:allow /zroot/samba2
pdbedit -a -u abcd
Code:
# zrepl main configuration file.
# For documentation, refer to https://zrepl.github.io/
#
global:
logging:
- type: "stdout"
level: "error"
format: "human"
- type: "syslog"
level: "info"
format: "logfmt"
# Add "jobs:" section(s) here for your specific use cases.
jobs:
# this job takes care of snapshot creation + pruning
- name: snapjob
type: snap
filesystems: {
"zroot/samba2<": true,
}
# create snapshots with prefix `zrepl_samba2_` every 15 minutes
snapshotting:
type: periodic
interval: 15m
prefix: zrepl_samba2_
pruning:
keep:
# fade-out scheme for snapshots starting with `zrepl_samba2_`
# - keep all created in the last hour
# - then destroy snapshots such that we keep 24 each 1 hour apart
# - then destroy snapshots such that we keep 14 each 1 day apart
# - then destroy snapshots such that we keep 12 each 30 days apart
# - then destroy all older snapshots
- type: grid
grid: 1x1h(keep=all) | 24x1h | 14x1d | 12x30d
regex: "^zrepl_samba2_.*"
# keep all snapshots that don't have the `zrepl_samba2_` prefix
- type: regex
negate: true
regex: "^zrepl_samba2_.*"
Code:
[global]
# workgroup = WORKGROUP
# server string = server_name
# netbios name = server_name
disable netbios = yes
security = user
encrypt passwords = true
passdb backend = tdbsam
nfs4:chown = true
strict sync = no
use sendfile = yes
block size = 4096
fstype = ZFS
store dos attributes = yes
map acl inherit = yes
[Share]
path = /zroot/samba2
read only = no
valid users = abcd
vfs objects = zfsacl recycle crossrename streams_xattr shadow_copy2
recycle:repository = .recycle
recycle:keeptree = yes
recycle:versions = yes
recycle:touch = yes
recycle:touch_mtime = yes
shadow:snapdir = .zfs/snapshot
shadow:sort = desc
shadow:format = zrepl_samba2_%Y%m%d_%H%M%S_000
shadow:localtime = no
hide dot files = no
Code:
exec.start += "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
classic {
# STARTUP/LOGGING
exec.consolelog = "/var/log/jail_console_${name}.log";
host.hostname = "${name}";
path = "/usr/local/jails/containers/${name}";
vnet;
#vnet.interface = "mce2.160";
vnet.interface = "mce2";
devfs_ruleset="7";
allow.raw_sockets;
mount = "/zroot/samba2 /usr/local/jails/containers/${name}/mnt/samba2 nullfs rw 0 0";
}However, when I mount the dataset to the Jail and use the same configuration (with only the share path changed to path = /mnt/samba2), I find that I can share files, but the client cannot see the file's snapshot. I can see the snapshots in folders, but it shows the Previous Versions error.
Inside the Jail, I can see the snapshots, but it shows "Operation not permitted" for the new snapshots. After applying the solution from this post, the error no longer appears, and I can open the folder snapshots. However, I still cannot access the file's snapshot.
Code:
root@freebsd0:~ # jexec -u root classic
root@classic:/ # ls -la /mnt/samba2/.zfs/snapshot
ls: zrepl_samba2_20241126_183513_000: Operation not permitted
ls: zrepl_samba2_20241126_185013_000: Operation not permitted
total 77
dr-xr-xr-x+ 13 root wheel 13 Nov 27 02:50 .
dr-xr-xr-x+ 3 root wheel 3 Nov 24 09:33 ..
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233607
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233615
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233835
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_140511_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_150511_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_160512_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_170512_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_180512_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_182012_000
root@classic:/ # exit
root@freebsd0:~ # ls -la /zroot/samba2/.zfs/snapshot
total 94
dr-xr-xr-x+ 13 root wheel 13 Nov 27 02:50 .
dr-xr-xr-x+ 3 root wheel 3 Nov 24 09:33 ..
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233607
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233615
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233835
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_140511_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_150511_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_160512_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_170512_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_180512_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_182012_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_183513_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_185013_000
root@freebsd0:~ # jexec -u root classic
root@classic:/ # ls -la /mnt/samba2/.zfs/snapshot
total 94
dr-xr-xr-x+ 13 root wheel 13 Nov 27 02:50 .
dr-xr-xr-x+ 3 root wheel 3 Nov 24 09:33 ..
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233607
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233615
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 2024-11-26_233835
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_140511_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_150511_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_160512_000
drwxrwx---+ 4 abcd abcd 9 Nov 26 04:11 zrepl_samba2_20241126_170512_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_180512_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_182012_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_183513_000
drwxrwx---+ 5 abcd abcd 10 Nov 27 01:15 zrepl_samba2_20241126_185013_000Does the nullfs mount not support reading ZFS snapshots? But I can read the snapshots in folders.
Should I consider another approach, like mounting a ZFS dataset to the Jail?