Time Machine Backups - Mac Catalina

[KevDog]

Hi using Time Machine for a long time with prior MacOS versions, I'm having issues with creating TM backups with Catalina.
FreeNas 11.2U6 with MacOS Catalina 10.15.1

One thing I've changed with Catalina is trying to use Time Machine over smb rather than afp

With the smb share I have the following settings:

Directory:
/mnt/tank/home
Use as home share
Time Machine
Browsable to Network Clients
Export Recycle Bin
Show Hidden Files

Host Allow (Blank)
Hosts Deny (Blank)
VFS Objects: fruit, streams_xattr, zfs_space, zfsacl
Aux Parameters: fruit:time machine = yes

I mounted the SMB Share within MacOS through Finder -> Go -> Connect to Server -- smb://10.0.1.197 (This is IP address of main FreeNas installation, not a jail), and choses homes.

I added the homes directory within the Time Machine Menu. When I go to perform backup I get following error:
Time Machine couldn't complete the backup to 10.0.1.197. The backup disk image could not be created.

I'm thinking this means a permissions error possibly however I initially see the spare bundle file created within the /mnt/tank/home/<username> directory.

I know I'm messing up permissions somewhere and probably file types.
Any help you could provide would be great.

 

[anodos]

With time machine over SMB, you should be using the "Time Machine" checkbox for the share rather than adding auxiliary parameters. This is because Samba will no longer perform mDNS advertisements in 11.3 (middlewared will do it instead).
Start by posting the output of the following:

Code:

getfacl /mnt/tank/home/<username>/<sparsebundle>
getfacl /mnt/tank/home/<username>
getfacl /mnt/tank/home
getfacl /mnt/tank

 

[KevDog]

@anodos
Thanks for your help.

For reference I was following the instructions here: https://www.ixsystems.com/community...ntal-support-for-time-machine-over-smb.70604/

I believe you actually authored the post I referenced so honestly I'm a little bit confused where to start.

Here is the information you requested
I dont have a sparsebundle file. Within home directory I have a directory called:
~/<username>'s MacBook Pro.backupbundle.
Within this directory I have the following:

Code:

[kevdog@freenas ~/Kevin’s MacBook Pro.backupbundle]$ ls -la
total 167
drwxrw-r--+  4 kevdog  kevdog   10 Nov  4 08:48 .
drwxrw-r--+ 14 kevdog  kevdog   32 Nov  4 08:39 ..
drwxrw-r--+  2 kevdog  kevdog   13 Nov  4 08:45 bands
-rwxrw-r--   1 kevdog  kevdog  516 Nov  4 08:39 com.apple.TimeMachine.MachineID.bckup
-rwxrw-r--   1 kevdog  kevdog  516 Nov  4 08:39 com.apple.TimeMachine.MachineID.plist
-rwxrw-r--   1 kevdog  kevdog  220 Nov  4 08:43 com.apple.TimeMachine.SnapshotHistory.plist
-rwxrw-r--   1 kevdog  kevdog  497 Nov  3 06:59 Info.bckup
-rwxrw-r--   1 kevdog  kevdog  497 Nov  3 06:59 Info.plist
drwxrw-r--+  2 kevdog  kevdog   13 Nov  4 08:45 mapped
-rwxrw-r--   1 kevdog  kevdog    0 Nov  3 07:00 token

Code:

$ getfacl /mnt/tank/home/kevdog
# file: /mnt/tank/home/kevdog
# owner: kevdog
# group: kevdog
            owner@:rwxpDdaARWcCos:fdi----:allow
            group@:rwxpDdaARWcCos:fdi----:allow
         everyone@:--------------:fdi----:allow
            owner@:rwxp--aARWcCos:-------:allow
            group@:rw-p--a-R-c--s:-------:allow
         everyone@:r-----a-R-c--s:-------:allow

Code:

getfacl /mnt/tank/home
# file: /mnt/tank/home
# owner: root
# group: wheel
            owner@:rwxpDdaARWcCos:fd-----:allow
            group@:rwxpDdaARWcCos:fd-----:allow
         everyone@:--------------:fd-----:allow

Code:

getfacl /mnt/tank
# file: /mnt/tank
# owner: root
# group: wheel
            owner@:rwxp--aARWcCos:-------:allow
            group@:rwxp--a-R-c--s:-------:allow
         everyone@:--x---a-R-c--s:-------:allow

 

[anodos]

Permissions error. Here's your problem:

Code:

getfacl /mnt/tank/home
# file: /mnt/tank/home
# owner: root
# group: wheel
            owner@:rwxpDdaARWcCos:fd-----:allow
            group@:rwxpDdaARWcCos:fd-----:allow
         everyone@:--------------:fd-----:allow

Run the command setfacl -m everyone@:rxaRc:d:allow /mnt/tank/home

 

[KevDog]

I'm going to ask a very basic question. Access Control Lists -- are these used for UFS mounts like smb? I don't understand how acl's work in freenas compared to regular linux. I've consulted this post regarding what the invidual fields specify: https://www.ixsystems.com/community/threads/setfacl-recursive-quick-and-dirty-how.16146/#post-82780
however this is much different than other threads which discuss acl's on linux which don't seem to have all these other fields.

When setting up directories for use with time machine, what acl's should be used for future reference?

 

[KevDog]

Well partial success on your command ...

however now I'm getting an error (from MBP that there isn't enough space to perform the backup). Frankly that's impossible since I have 27Tb free and I don't have any dataset quotas in place.

 

[anodos]

I'm going to ask a very basic question. Access Control Lists -- are these used for UFS mounts like smb? I don't understand how acl's work in freenas compared to regular linux. I've consulted this post regarding what the invidual fields specify: https://www.ixsystems.com/community/threads/setfacl-recursive-quick-and-dirty-how.16146/#post-82780
however this is much different than other threads which discuss acl's on linux which don't seem to have all these other fields.

When setting up directories for use with time machine, what acl's should be used for future reference?

We have native NFSv4 ACLs. They are largely the same as ACLs in windows. In this case, the problem was that execute is required in order to traverse a directory. This is the same in pretty much all OSes.

What's the output of testparm -s and zfs get all tank/home?

 

[KevDog]

Thanks for help

testparm:

Code:

$ testparm -s
Load smb config files from /usr/local/etc/smb4.conf
Processing section "[homes]"
Loaded services file OK.
Server role: ROLE_STANDALONE

# Global parameters
[global]
    aio max threads = 2
    deadtime = 15
    disable spoolss = Yes
    dns proxy = No
    dos charset = CP437
    hostname lookups = Yes
    kernel change notify = No
    lm announce = Yes
    load printers = No
    logging = file
    max log size = 51200
    max open files = 1881119
    nsupdate command = /usr/local/bin/samba-nsupdate -g
    obey pam restrictions = Yes
    printcap name = /dev/null
    security = USER
    server min protocol = SMB2_02
    server role = standalone server
    server string = FreeNAS Server
    time server = Yes
    idmap config *: range = 90000001-100000000
    fruit:nfs_aces = no
    idmap config * : backend = tdb
    acl allow execute always = Yes
    create mask = 0666
    directory mask = 0777
    directory name cache size = 0
    dos filemode = Yes
    strict locking = No


[homes]
    aio write size = 0
    comment = Home Directories
    hide dot files = No
    path = "/mnt/tank/home/%U"
    read only = No
    valid users = %U
    veto files = /.snapshot/.windows/.mac/.zfs/
    vfs objects = zfs_space zfsacl fruit streams_xattr recycle crossrename
    zfsacl:acesort = dontcare
    nfs4:chown = true
    nfs4:acedup = merge
    nfs4:mode = special
    recycle:subdir_mode = 0700
    recycle:directory_mode = 0777
    recycle:touch = yes
    recycle:versions = yes
    recycle:keeptree = yes
    recycle:repository = .recycle/%U
    fruit:volume_uuid = c1bb1735-9970-45b5-b351-7d9aa9b2cb09
    fruit:time machine = yes
    fruit:resource = stream
    fruit:metadata = stream

zfs get all tank/home

Code:

$ zfs get all tank/home
NAME       PROPERTY                 VALUE                    SOURCE
tank/home  type                     filesystem               -
tank/home  creation                 Wed Jan  4 20:52 2017    -
tank/home  used                     5.64T                    -
tank/home  available                21.1T                    -
tank/home  referenced               205K                     -
tank/home  compressratio            1.07x                    -
tank/home  mounted                  yes                      -
tank/home  quota                    none                     default
tank/home  reservation              none                     default
tank/home  recordsize               128K                     default
tank/home  mountpoint               /mnt/tank/home           default
tank/home  sharenfs                 off                      default
tank/home  checksum                 on                       default
tank/home  compression              lz4                      inherited from tank
tank/home  atime                    on                       default
tank/home  devices                  on                       default
tank/home  exec                     on                       default
tank/home  setuid                   on                       default
tank/home  readonly                 off                      default
tank/home  jailed                   off                      default
tank/home  snapdir                  hidden                   default
tank/home  aclmode                  passthrough              inherited from tank
tank/home  aclinherit               passthrough              inherited from tank
tank/home  canmount                 on                       default
tank/home  xattr                    off                      temporary
tank/home  copies                   1                        default
tank/home  version                  5                        -
tank/home  utf8only                 off                      -
tank/home  normalization            none                     -
tank/home  casesensitivity          sensitive                -
tank/home  vscan                    off                      default
tank/home  nbmand                   off                      default
tank/home  sharesmb                 off                      default
tank/home  refquota                 none                     default
tank/home  refreservation           none                     default
tank/home  primarycache             all                      default
tank/home  secondarycache           all                      default
tank/home  usedbysnapshots          0                        -
tank/home  usedbydataset            205K                     -
tank/home  usedbychildren           5.64T                    -
tank/home  usedbyrefreservation     0                        -
tank/home  logbias                  latency                  default
tank/home  dedup                    off                      inherited from tank
tank/home  mlslabel                                          -
tank/home  sync                     standard                 default
tank/home  refcompressratio         1.46x                    -
tank/home  written                  205K                     -
tank/home  logicalused              2.76T                    -
tank/home  logicalreferenced        36.5K                    -
tank/home  volmode                  default                  default
tank/home  filesystem_limit         none                     default
tank/home  snapshot_limit           none                     default
tank/home  filesystem_count         none                     default
tank/home  snapshot_count           none                     default
tank/home  redundant_metadata       all                      default
tank/home  org.freenas:description                           local
tank/home  org.freebsd.ioc:active   yes                      inherited from tank

 

[anodos]

Is /mnt/tank/home/kevdog a separate dataset?

 

[KevDog]

Yes it is --

zfs get all tank/home/kevdog

Code:

$ zfs get all tank/home/kevdog
NAME              PROPERTY                 VALUE                    SOURCE
tank/home/kevdog  type                     filesystem               -
tank/home/kevdog  creation                 Wed Jan  4 20:53 2017    -
tank/home/kevdog  used                     5.64T                    -
tank/home/kevdog  available                21.1T                    -
tank/home/kevdog  referenced               2.64T                    -
tank/home/kevdog  compressratio            1.07x                    -
tank/home/kevdog  mounted                  yes                      -
tank/home/kevdog  quota                    none                     local
tank/home/kevdog  reservation              none                     local
tank/home/kevdog  recordsize               128K                     default
tank/home/kevdog  mountpoint               /mnt/tank/home/kevdog    default
tank/home/kevdog  sharenfs                 off                      default
tank/home/kevdog  checksum                 on                       default
tank/home/kevdog  compression              lz4                      inherited from tank
tank/home/kevdog  atime                    on                       default
tank/home/kevdog  devices                  on                       default
tank/home/kevdog  exec                     on                       default
tank/home/kevdog  setuid                   on                       default
tank/home/kevdog  readonly                 off                      default
tank/home/kevdog  jailed                   off                      default
tank/home/kevdog  snapdir                  hidden                   default
tank/home/kevdog  aclmode                  passthrough              local
tank/home/kevdog  aclinherit               passthrough              inherited from tank
tank/home/kevdog  canmount                 on                       default
tank/home/kevdog  xattr                    off                      temporary
tank/home/kevdog  copies                   1                        default
tank/home/kevdog  version                  5                        -
tank/home/kevdog  utf8only                 off                      -
tank/home/kevdog  normalization            none                     -
tank/home/kevdog  casesensitivity          sensitive                -
tank/home/kevdog  vscan                    off                      default
tank/home/kevdog  nbmand                   off                      default
tank/home/kevdog  sharesmb                 off                      default
tank/home/kevdog  refquota                 none                     local
tank/home/kevdog  refreservation           none                     local
tank/home/kevdog  primarycache             all                      default
tank/home/kevdog  secondarycache           all                      default
tank/home/kevdog  usedbysnapshots          0                        -
tank/home/kevdog  usedbydataset            2.64T                    -
tank/home/kevdog  usedbychildren           3T                       -
tank/home/kevdog  usedbyrefreservation     0                        -
tank/home/kevdog  logbias                  latency                  default
tank/home/kevdog  dedup                    off                      inherited from tank
tank/home/kevdog  mlslabel                                          -
tank/home/kevdog  sync                     standard                 default
tank/home/kevdog  refcompressratio         1.07x                    -
tank/home/kevdog  written                  2.64T                    -
tank/home/kevdog  logicalused              2.76T                    -
tank/home/kevdog  logicalreferenced        2.76T                    -
tank/home/kevdog  volmode                  default                  default
tank/home/kevdog  filesystem_limit         none                     default
tank/home/kevdog  snapshot_limit           none                     default
tank/home/kevdog  filesystem_count         none                     default
tank/home/kevdog  snapshot_count           none                     default
tank/home/kevdog  redundant_metadata       all                      default
tank/home/kevdog  org.freenas:description                           local
tank/home/kevdog  org.freebsd.ioc:active   yes                      inherited from tank

 

[anodos]

Possibly a spurious error message from the mac. Try setting clean ACLs on the time machine share:

Code:

setfacl -b /mnt/tank/home/kevdog
setfacl -m u:kevdog:full_set:fd:allow,owner@:full_set:fd:allow,group@:full_set:fd:allow,everyone@::fd:allow /mnt/tank/home/kevdog
winacl -a clone -rv -p /mnt/tank/home/kevdog

Once you have done this, change your share in the following ways:
1) remove zfsacl and zfs_space
2) set ixnas

Then restart the SMB service. You may also need to remove and re-add the time machine share since you're now registering a volume_uuid value for the share (possibly reboot the mac).

 

[KevDog]

Thanks for your help. Performed the recommended steps above (winacl took awhile), however still can't complete a backup. Not sure where to look for logs, however on my MBP, I grabbed this out of the time machine logs:

Code:

2019-11-05 07:43:46  Looking for sparsebundle for host UUIDs '(
2019-11-05 07:43:46  Mountpoint '/Volumes/.timemachine/10.0.1.197/BE7BDFF5-1317-49E9-9216-770CBBF42421/kevdog'is still valid
2019-11-05 07:43:46  Mountpoint '/Volumes/.timemachine/10.0.1.197/BE7BDFF5-1317-49E9-9216-770CBBF42421/kevdog'is still valid
2019-11-05 07:43:46  Creating a sparsebundle using Case-sensitive Journaled HFS+ filesystem
2019-11-05 07:55:28  Thermal pressure level 0 -> 1
2019-11-05 07:55:28  Thermal pressure level 0 -> 1
2019-11-05 07:55:47  Thermal pressure level 1 -> 0
2019-11-05 07:55:47  Thermal pressure level 1 -> 0
2019-11-05 08:03:37  Thermal pressure level 0 -> 1
2019-11-05 08:03:37  Thermal pressure level 0 -> 1
2019-11-05 08:03:39  Thermal pressure level 1 -> 0
2019-11-05 08:03:39  Thermal pressure level 1 -> 0
2019-11-05 08:05:41  Thermal pressure level 0 -> 1
2019-11-05 08:05:41  Thermal pressure level 0 -> 1
2019-11-05 08:05:45  Thermal pressure level 1 -> 0
2019-11-05 08:05:45  Thermal pressure level 1 -> 0
2019-11-05 08:07:42  Thermal pressure level 0 -> 1
2019-11-05 08:07:42  Thermal pressure level 0 -> 1
2019-11-05 08:07:43  Thermal pressure level 1 -> 0
2019-11-05 08:07:43  Thermal pressure level 1 -> 0
2019-11-05 08:11:02  TMPowerState: 2
2019-11-05 08:11:02  Not starting scheduled Time Machine backup: Backup already running
2019-11-05 08:14:21  Thermal pressure level 0 -> 1
2019-11-05 08:14:21  Thermal pressure level 0 -> 1
2019-11-05 08:14:22  Thermal pressure level 1 -> 0
2019-11-05 08:14:22  Thermal pressure level 1 -> 0
2019-11-05 08:17:04  Thermal pressure level 0 -> 1
2019-11-05 08:17:04  Thermal pressure level 0 -> 1
2019-11-05 08:17:27  Thermal pressure level 1 -> 2
2019-11-05 08:17:27  Thermal pressure level 1 -> 2
2019-11-05 08:18:31  Thermal pressure level 2 -> 1
2019-11-05 08:18:31  Thermal pressure level 2 -> 1
2019-11-05 08:20:12  Thermal pressure level 1 -> 0
2019-11-05 08:20:12  Thermal pressure level 1 -> 0
2019-11-05 08:25:59  Thermal pressure level 0 -> 1
2019-11-05 08:25:59  Thermal pressure level 0 -> 1
2019-11-05 08:26:39  Thermal pressure level 1 -> 0
2019-11-05 08:26:39  Thermal pressure level 1 -> 0
2019-11-05 08:31:24  Thermal pressure level 0 -> 1
2019-11-05 08:31:24  Thermal pressure level 0 -> 1
2019-11-05 08:31:41  Thermal pressure level 1 -> 0
2019-11-05 08:31:41  Thermal pressure level 1 -> 0
2019-11-05 08:32:04  Thermal pressure level 0 -> 1
2019-11-05 08:32:04  Thermal pressure level 0 -> 1
2019-11-05 08:32:07  Thermal pressure level 1 -> 0
2019-11-05 08:32:07  Thermal pressure level 1 -> 0
2019-11-05 08:32:43  Thermal pressure level 0 -> 1
2019-11-05 08:32:43  Thermal pressure level 0 -> 1
2019-11-05 08:33:25  Thermal pressure level 1 -> 0
2019-11-05 08:33:25  Thermal pressure level 1 -> 0
2019-11-05 08:38:38  Failed to create '/Volumes/.timemachine/10.0.1.197/BE7BDFF5-1317-49E9-9216-770CBBF42421/kevdog/87938AB9-1129-5B10-B808-2CEA13BC4CC0.sparsebundle', results: {
2019-11-05 08:38:39  Mountpoint '/Volumes/.timemachine/10.0.1.197/BE7BDFF5-1317-49E9-9216-770CBBF42421/kevdog'is still valid
2019-11-05 08:38:39  Backup failed with error 20: 20
2019-11-05 08:38:46  Failed to unmount '/Volumes/.timemachine/10.0.1.197/BE7BDFF5-1317-49E9-9216-770CBBF42421/kevdog', error: Error Domain=com.apple.diskmanagement Code=0 "No error" UserInfo={NSDebugDescription=No error, NSLocalizedDescription=No Error.}

 

[KevDog]

Yea I tried with a different volume and although results were slightly different, the backup couldn't be completed. The system was preparing backup for like 8 hours. I'm not sure what the issue is.

 

[kelchm]

I recently ran into this exact same problem when moving from AFP to SMB for my time machine shares. I ended up resolving it be removing the existing .DS_store and sparsebundle from the share directory.

 

[its3am]

I had the same "The backup disk image could not be created" problem; it turns out that these two Samba settings for the Time Machine share were the culprit:

Code:

#create mask = 0600
#directory mask = 0700

Commenting them out as shown here allowed the creation of the sparseimage and the backup to commence. (8 hours to go until completion but it's progressing, fingers crossed.)

 

[Spoon]

I had the same "The backup disk image could not be created" problem; it turns out that these two Samba settings for the Time Machine share were the culprit:

Code:

#create mask = 0600
#directory mask = 0700

Commenting them out as shown here allowed the creation of the sparseimage and the backup to commence. (8 hours to go until completion but it's progressing, fingers crossed.)

I'm having the same issue. How and where did you comment them out?

 

[its3am]

I'm having the same issue. How and where did you comment them out?

I had them in my own /usr/local/etc/smb4.conf.

 

[Spoon]

I had them in my own /usr/local/etc/smb4.conf.

Thanks for the reply. It appears they aren't in the file. I'll keep looking.

 

[its3am]

Thanks for the reply. It appears they aren't in the file. I'll keep looking.

It's all super flaky. In my case there were files created but subsequently deleted after some secret operation apparently errored out if I had the creation umask set to xx00.

And after this it still took three tries before the full initial backup of a mostly empty machine succeeded without erroring out at some point with an error about credits.

Good luck!

 

[johnlocke]

Permissions error. Here's your problem:

The problem is that TrueNAS GUI itself does it like that: everyone@:--------------:fd-----:allow if you select time machine ACL preset for TimeMachine dataset. Which gives chdir_current_service: vfs_ChDir(/mnt/mypool/TimeMachine/myuser) failed: Permission denied. error when adding disk to TM.
So what is the proper getfacl output for both, TimeMachine dataset and child, user datasets?