Closed emory closed 8 years ago
Please try with https://openzfsonosx.org/wiki/File:OpenZFS_on_OS_X_1.5.1-rw.dmg
Thanks.
Will this be possible if I am already running off master via ''zfsadm''?
If you're using zfsadm then you don't need to try the dmg. What commit are you on?
git log
says I'm at 32660431c1d02437d1724fb0f5ce2b7ec5e2f228
(Tag zfs-1.5.1
)
Sidebar: I created the pool under an earlier build, but I don't know how how to figure out which checkout I was using previously for my binaries.
Sidebar redux; I shoved two 500GB disks into a JBOD and made a pool (ashift=12, insensitive, formD) that act the same even without touching mountpoint
—
emory@anustart ⑄ ~
✰ ls -la /Volumes/cornballer
ls: ..: Permission denied
total 549
drwxr-xr-x@ 6 root wheel 6 Apr 28 22:16 ./
drwx------ 5 root wheel 5 Apr 28 22:16 .Spotlight-V100/
d-wx-wx-wt 2 root wheel 2 Apr 28 22:16 .Trashes/
-rw------- 1 root wheel 239735 Apr 28 22:16 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 28 22:16 .fseventsd/
-> [1]
emory@anustart ⑄ ~
✰ sudo ls -la /Volumes/cornballer
total 549
drwxr-xr-x@ 6 root wheel 6 Apr 28 22:16 .
drwxrwxrwt@ 14 root admin 476 Apr 28 22:16 ..
drwx------ 5 root wheel 5 Apr 28 22:16 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 28 22:16 .Trashes
-rw------- 1 root wheel 239735 Apr 28 22:16 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 28 22:16 .fseventsd
OK, having looked at the details now that you've confirmed you're on HEAD, it appears that this is all normal. zpool create
requires you use sudo
. Therefore, the mountpoint and all files and directories under it are initially owned by root.
In order to transition the file system to be accessible to a user, you at minimum have to
sudo chown -R someuser /Volumes/foo
In practice you will likely want to
sudo chown -R someuser:staff /Volumes/foo
or
sudo chown -R someuser:admin /Volumes/foo
The same applies to any datasets created subsequently via sudo zfs create
.
Bear with me a moment here, because I understand what you're saying, but the behavior is different. It's failing on ..
rather than .
My group membership:
emory@anustart ⑄ ~/Clouds
✰ id
uid=3001(emory) gid=80(admin) groups=80(admin),3003(iedcweb),2001(shmoopies),501(access_bpf),2004(dv),12(everyone),20(staff),61(localaccounts),79(_appserverusr),81(_appserveradm),98(_lpadmin),3001(emory),253(com.apple.access_vpn),702(com.apple.sharepoint.group.2),2002(adults),708(com.apple.sharepoint.group.8),705(com.apple.sharepoint.group.5),707(com.apple.sharepoint.group.7),33(_appstore),100(_lpoperator),204(_developer),398(com.apple.access_screensharing),399(com.apple.access_ssh),701(com.apple.sharepoint.group.1)
No wheel
.
I am however in gid 20
, staff
, so we'll work with that.
I've changed the mountpoint of cloister/Eyrie
to be /Eyrie
as I finish up. ~/Clouds
is just a folder on my jHFS+ home directory on my booted OS and applications volume.
emory@anustart ⑄ ~/Clouds
✰ sudo chgrp staff /Eyrie
emory@anustart ⑄ ~/Clouds
✰ sudo chgrp staff /Eyrie/*
emory@anustart ⑄ ~/Clouds
✰ sudo chgrp staff /Eyrie/zusers/zemoryl
emory@anustart ⑄ ~/Clouds
✰ ls -la /Eyrie/zusers
ls: ..: Permission denied
total 600
drwxr-xr-x@ 9 root staff 9 Apr 28 20:35 ./
drwx------ 5 root wheel 5 Apr 26 12:59 .Spotlight-V100/
d-wx-wx-wt 2 root wheel 2 Apr 25 08:45 .Trashes/
-rw------- 1 root wheel 239735 Apr 25 08:45 .VolumeIcon.icns
drwx------ 9 root wheel 9 Apr 28 21:16 .fseventsd/
drwxr-x---@ 43 emory staff 43 Apr 28 22:36 zemoryl/
### SNIP
Exit code on that one:
-> [1]
Root has no problem:
emory@anustart ⑄ ~/Clouds
✰ sudo ls -la /Eyrie/zusers
total 617
drwxr-xr-x@ 9 root staff 9 Apr 28 20:35 .
drwxr-xr-x@ 9 root staff 9 Apr 28 10:12 ..
drwx------ 5 root wheel 5 Apr 26 12:59 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 25 08:45 .Trashes
-rw------- 1 root wheel 239735 Apr 25 08:45 .VolumeIcon.icns
drwx------ 9 root wheel 9 Apr 28 21:16 .fseventsd
drwxr-x---@ 43 emory staff 43 Apr 28 22:36 zemoryl
### SNIP
Contrasted with a typical jHFS+ USB harddrive, owned by root
and wheel
:
emory@anustart ⑄ ~/Clouds
✰ ls -la /Volumes/werner
total 559803424
drwxrwxr-x 22 root wheel 816 Apr 28 21:19 ./
drwxrwxrwt@ 14 root admin 476 Apr 28 22:16 ../
-rw-r--r--@ 1 emory admin 10244 Apr 22 09:26 .DS_Store
drwx------ 5 emory admin 170 Apr 14 14:23 .Spotlight-V100/
d-wx-wx-wt 3 emory admin 102 Apr 15 14:17 .Trashes/
drwx------ 5 emory admin 170 Apr 28 21:16 .fseventsd/
drwxrwxrwx 8 root wheel 272 Apr 14 15:13 .wdcache/
drwxrwxr-x 3 root 1000 102 Apr 14 15:03 .wdmc/
### snip
drwx------ 5 root wheel 170 Apr 14 14:57 Packages/
drwx------ 5 root wheel 170 Apr 14 15:19 Plex Media Server/
drwxr-xr-x 8 emory admin 272 Mar 1 21:22 Stock Video/
drwxr-xr-x 13 emory admin 442 Mar 4 18:02 Virtual Machines.localized/
drwxr-xr-x 11 emory admin 374 Mar 2 11:37 annex/
drwxr-xr-x 9 emory admin 306 Apr 17 21:02 anustart mkIV.sparsebundle/
-rw-r--r-- 1 emory admin 285661863424 Feb 29 09:45 anustart.sparseimage
-rw-r--r-- 1 emory admin 747761152 Mar 2 12:53 werner01.sparseimage
No errors, no permissions or ACL problems. user and group aren't me, but other
has rx
and I'm using both to list the directory as expected.
In case you're curious, these are the current thrashy permissions and ACLs in /Eyrie:
emory@anustart ⑄ ~
✰ sudo ls -lae /Eyrie
Password:
total 520
drwxr-xr-x@ 9 root staff 9 Apr 28 10:12 .
0: group:emory allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit
1: user:emoryl allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit
2: user:liz allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
3: user:emory allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
4: group:EYRIE\Children allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
5: group:EYRIE\Adults allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
drwxr-xr-x 47 root wheel 1666 Apr 28 22:49 ..
drwx------ 5 root staff 5 Apr 26 10:05 .Spotlight-V100
d-wx-wx-wt 2 root staff 2 Apr 25 08:44 .Trashes
-rw------- 1 root staff 239735 Apr 25 08:44 .VolumeIcon.icns
drwx------ 5 root staff 5 Apr 26 12:59 .fseventsd
drwxrwxr-x@ 6 root staff 6 Apr 25 12:12 zgroups
0: group:localaccounts allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
drwxr-xr-x@ 9 root staff 9 Apr 26 12:55 zshared
0: group:shmoopies allow list,search,readattr,readextattr,readsecurity,file_inherit,directory_inherit
1: group:EYRIE\Adults allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
2: group:emory allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit
drwxr-xr-x@ 9 root staff 9 Apr 28 20:35 zusers
0: group:localaccounts allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
1: group:emory allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit
Right, because ..
in your HFS example is
drwxrwxrwt@ 14 root admin 476 Apr 28 22:16 ../
which refers to the special /Volumes
directory that has mode 1777.
Contrast that with ..
in your ZFS example, which is
drwxr-xr-x@ 9 root staff 9 Apr 28 10:12 ..
referring to /Eyrie
, with mode 0755.
referring to
/Eyrie
, with mode 0755.
OK, but 0755 would still be a directory I could stat, yes? I'd still have read and execute to get in there. In either event, setting /Eyrie to 1777 doesn't make the error go away either, and the new pool I created arbitrarily in /Volumes (cornballer
) also has the error.
emory@anustart ⑄ ~
✰ sudo ls -la /Volumes/cornballer
total 549
drwxr-xr-x@ 6 root wheel 6 Apr 28 22:16 .
drwxrwxrwt@ 14 root admin 476 Apr 28 22:16 ..
drwx------ 5 root wheel 5 Apr 28 22:16 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 28 22:16 .Trashes
-rw------- 1 root wheel 239735 Apr 28 22:16 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 28 22:16 .fseventsd
emory@anustart ⑄ ~
✰ ls -la /Volumes/cornballer
ls: ..: Permission denied
total 549
drwxr-xr-x@ 6 root wheel 6 Apr 28 22:16 ./
drwx------ 5 root wheel 5 Apr 28 22:16 .Spotlight-V100/
d-wx-wx-wt 2 root wheel 2 Apr 28 22:16 .Trashes/
-rw------- 1 root wheel 239735 Apr 28 22:16 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 28 22:16 .fseventsd/
-> [1]
emory@anustart ⑄ ~
✰
Interesting, that /Volumes
ACL:
emory@anustart ⑄ ~
✰ sudo ls -lae /Volumes/cornballer
total 549
drwxr-xr-x@ 6 root wheel 6 Apr 28 22:16 .
drwxrwxrwt@ 14 root admin 476 Apr 28 22:16 ..
0: group:everyone deny add_file,add_subdirectory,directory_inherit,only_inherit
drwx------ 5 root wheel 5 Apr 28 22:16 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 28 22:16 .Trashes
-rw------- 1 root wheel 239735 Apr 28 22:16 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 28 22:16 .fseventsd
I'm beginning to feel like something is completely boned and a reinstall of the OS is the only path out.
My iMac at the office looks like:
paris:~ $ sudo ls -lae /Volumes
drwxrwxrwt@ 6 root admin 204 Apr 28 13:59 .
0: group:everyone deny add_file,add_subdirectory,directory_inherit,only_inherit
drwxr-xr-x 35 root wheel 1258 Apr 29 02:20 ..
drwxrwxr-x 14 root admin 544 Apr 26 08:39 FantomMachine
drwxrwxr-x 15 root admin 578 Apr 21 14:55 FantomOne
drwxr-xr-x 10 root wheel 408 Apr 18 11:07 Recovery HD
lrwxr-xr-x 1 root admin 1 Apr 26 08:38 speedy -> /
headdesk.
Josephs-MacBook-Pro:~ joe$ ssh 10.0.1.15
Last login: Fri Apr 29 01:04:43 2016
iMac-TMP:~ joe$ mkdir pools
iMac-TMP:~ joe$ cd pools
iMac-TMP:pools joe$ bash
bash-3.2$ pwd
/Users/joe/pools
bash-3.2$ sysctl {spl,zfs}.kext_version
spl.kext_version: 1.5.2-1
zfs.kext_version: 1.5.2-1
bash-3.2$ mkfile 256m pool.bin
bash-3.2$ sudo zpool create foo `pwd`/pool.bin
Password:
bash-3.2$ zfs get mountpoint foo
NAME PROPERTY VALUE SOURCE
foo mountpoint /Volumes/foo default
bash-3.2$ ls -al /Volumes/foo
total 521
drwxr-xr-x@ 6 root wheel 6 Apr 29 01:07 .
drwxrwxrwt@ 5 root admin 238 Apr 29 01:07 ..
drwx------ 5 root wheel 5 Apr 29 01:07 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 29 01:07 .Trashes
-rw-r--r-- 1 root wheel 239735 Apr 29 01:07 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 29 01:07 .fseventsd
bash-3.2$ sudo zfs create foo/bar
bash-3.2$ zfs get mountpoint foo/bar
NAME PROPERTY VALUE SOURCE
foo/bar mountpoint /Volumes/foo/bar default
bash-3.2$ ls -al /Volumes/foo/bar/
total 524
drwxr-xr-x@ 6 root wheel 6 Apr 29 01:07 .
drwxr-xr-x@ 7 root wheel 7 Apr 29 01:07 ..
drwx------ 5 root wheel 5 Apr 29 01:07 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 29 01:07 .Trashes
-rw-r--r-- 1 root wheel 239735 Apr 29 01:07 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 29 01:07 .fseventsd
bash-3.2$ mkfile 256m tank.bin
bash-3.2$ sudo zpool create tank `pwd`/tank.bin
bash-3.2$ sudo zfs set mountpoint=/tank tank
Running process: '/usr/sbin/diskutil' 'unmount' '/Volumes/tank'
Unmount successful for /Volumes/tank
Mount successful
bash-3.2$ sudo zfs create tank/car
bash-3.2$ ls -al /tank
total 522
drwxr-xr-x@ 7 root wheel 7 Apr 29 01:09 .
drwxr-xr-x 24 root wheel 1156 Apr 29 01:09 ..
drwx------ 5 root wheel 5 Apr 29 01:08 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 29 01:08 .Trashes
-rw-r--r-- 1 root wheel 239735 Apr 29 01:08 .VolumeIcon.icns
drwx------ 5 root wheel 5 Apr 29 01:09 .fseventsd
drwxr-xr-x@ 6 root wheel 6 Apr 29 01:09 car
bash-3.2$ ls -al /tank/car
total 524
drwxr-xr-x@ 6 root wheel 6 Apr 29 01:09 .
drwxr-xr-x@ 7 root wheel 7 Apr 29 01:09 ..
drwx------ 5 root wheel 5 Apr 29 01:09 .Spotlight-V100
d-wx-wx-wt 2 root wheel 2 Apr 29 01:09 .Trashes
-rw-r--r-- 1 root wheel 239735 Apr 29 01:09 .VolumeIcon.icns
drwx------ 3 root wheel 3 Apr 29 01:09 .fseventsd
bash-3.2
I'm closing this, something on my workstation is wrong, and it's not openzfsonosx.
@emory OK, thanks for letting us know. If you need more help with whatever it actually is, don't hesitate to come ask in the IRC channel or on the forum.
I recently created a new mirrored pool and am migrating data from previous 2x2vdev mirrored zpool. Some of the datasets were copied with
zfs send | zfs receive
and others were selectivelyrsync
orditto
copies.End result is that I'm unable to navigate pool with Finder successfully, but perhaps most relevant behavior is this permission error right off the bat:
I do have Server.app installed. I do not have any Shares enabled there except for an HFS+ zvol.
I have screwed around with access list permissions trying to troubleshoot my Finder browsing. I don't know if this problem in
/cloister
existed prior to Server.app ACL shenanigans.A network authenticated user via Samba AD/KDC acts similar:
That user's memberships is:
I just changed property
aclmode
with no change; current properties of the pool are:Most datasets will resemble that with exceptions of my vmware dataset (limited caching) and a couple of datasets below user folders have
com.apple.mimic_hfs
set to on. I don't do home directories on ZFS, but each user has a corresponding folder of/$pool/$domain/zusers/$username
.Browsing in the Finder gives user
emory
document icons for datasets that can't be opened/traversed. e.g. screenshot jpeg of finder browsing hosted on dropbox