Friends,
I'm using FreeBSD 10.2-RELEASE-p16 amd64. My goal's to make a jail within which a non-root account can receive ZFS snapshots, and save them within a jailed ZFS filesystem.
I'm able to create and mount ZFS filesystems using the jail's root account, with no problems. Yet when I use a non-root account in the jail, I see this:
Here's my configuration:
If anybody feels like making suggestions, I'd sure appreciate it. Thanks so much for reading!
I'm using FreeBSD 10.2-RELEASE-p16 amd64. My goal's to make a jail within which a non-root account can receive ZFS snapshots, and save them within a jailed ZFS filesystem.
I'm able to create and mount ZFS filesystems using the jail's root account, with no problems. Yet when I use a non-root account in the jail, I see this:
Code:
jail$ zfs create z/j/d.net/jail/j/z0
cannot mount 'z/j/d.net/jail/j/z0': Insufficient privileges
filesystem successfully created, but not mounted
Code:
jail$ id
uid=1200(zfs) gid=1200(zfs) groups=1200(zfs)
jail$ zfs allow z/j/d.net/jail/j
---- Permissions on z/j/d.net/jail/j ------------------------------
Local+Descendent permissions:
user zfs canmount,compression,create,mount,mountpoint,receive
---- Permissions on z ------------------------------------------------
Local+Descendent permissions:
user zfs create,hold,mount,mountpoint,receive,send,snapshot
jail$ ls -ld /j
drwxr-xr-x 7 zfs zfs 7 May 28 19:13 /j
jail$ zfs get jailed,mounted,mountpoint z/j/d.net/jail/j
NAME PROPERTY VALUE SOURCE
z/j/d.net/jail/j jailed on local
z/j/d.net/jail/j mounted yes -
z/j/d.net/jail/j mountpoint /j local
jail$ sysctl vfs.usermount security.jail.mount_allowed security.jail.mount_zfs_allowed security.jail.enforce_statfs
vfs.usermount: 1
security.jail.mount_allowed: 1
security.jail.mount_zfs_allowed: 1
security.jail.enforce_statfs: 1
jail$ ls -l /dev/zfs
crw-rw-rw- 1 root operator 0x4b May 5 23:11 /dev/zfs
jail$ zfs mount
z/j/d.net/jail /
z/j/d.net/jail/j /j