Use ZFS dataset within jail (create sub-datasets, etc)

[Wulffi]

Hi,

I have searched the internet for hours and could not find any tutorial that may help me with my problem.

I have set up a FreeNAS system and successfully set up a jail for "UrBackup".
My plan was to create a separate dataset for the image backups so that I can use the full COW features within UrBackup.

According to a tutorial on the internet I have created a new dataset "images" (pool/images).
Furthermore I have set the "jailed" property (zfs set jailed=on pool/images) and also assigned this dataset to the jail (zfs jail UrBackup pool/images).

Everything worked just fine and I can see the zfs dataset within the jail - the command "zfs list" within the jail shows "pool" and "pool/images" as available datasets.

But it is not possible to create a sub-dataset within the jail right now.
"zfs create pool/images/test" will result in "permission denied".

Can anyone help me with that problem?

Kind regards,
Wulffi

 

[joeschmuck]

How about something simple like mkdir /mnt/pool/images/test

 

[Wulffi]

@joeschmuck
Thank you for your reply.
Unfortunately this is not possible as I need separate datasets for UrBackup's function.

 

[joeschmuck]

What are the permissions for /pool/images ? You could try 777 and see what happens. Also I'm assuming you are "root" within the jail?

 

[joeschmuck]

Also, why not just use the GUI to create the dataset? Do you still get the same permissions issue?

 

[Wulffi]

Yes, I am "root" in the jail also also changed the permissions on the host to 777 for the dataset.
The software needs to be able to create the datasets itself. As this in running in the jail, I need to be able to create those sub-datasets from within the jail and not from the GUI.

 

[joeschmuck]

Did you follow these directions and complete step 6?

 

[joeschmuck]

Also, what version of FreeNAS are you using and what is your hardware specs?

 

[Wulffi]

Thank you for the link to the install instructions...
But this is not my problem - UrBackup works fine with standard values :)

In the documentation [http://www.urbackup.org/administration_manual.html#x1-10900011.7.1] (11.7.1) you will find a sub-topic about ZFS and one section starting with "Copy-on-write raw image backups with ZFS".

Doing this e.g. on a Debian system with ZFSonLinux works just fine and UrBackup created a new dataset for each backup.
To be able to use that function in FreeNAS I need to be able to control the ZFS dataset from within the jail.

I have found another solution but this is not working either.
https://bugs.freenas.org/issues/6495
https://github.com/trueos/pcbsd/commit/dcad170d0ae6c504c1f43bacc7adb8b472eb156d

 

[Wulffi]

I am running the latest release FreeNAS-9.10.2-U3 (e1497f269) on a HP ProLiant Gen8 server.

 

[joeschmuck]

I've never used UrBackup but I was able to install it in a jail and start a backup. I had to stop it because my test machine doesn't have the storage to backup my main Windoze 7 PC but it was running, got to 3% before I killed it.

I am using FreeNAS 11, maybe that is the difference? I'll try on a different machine.

 

[Wulffi]

As already written - UrBackup with standard settings is working just fine.

The only problem is getting the full access to the ZFS dataset within the jail.
This is standard FreeBSD and not specially related to UrBackup...

 

[joeschmuck]

The only problem is getting the full access to the ZFS dataset within the jail.

I guess I'm not following the problem since UrBackup works. Can you walk me through the issue because I don't see which dataset you are talking about.

For my situation I have the following pool: /mnt/backup_pool
For my jail it's: /mnt/backup_pool/jails/UrBackup
For my backups within the jail for UrBackup I created: /backup_data

Now to be honest I don't like the idea of placing backup data within a jail and maybe you are trying to avoid this as well but it sounds like you wanted to create a dataset within the jail, not outside the jail. Please help me understand your plight.

 

[Allan Wilmath]

The whole point of the jail system is to prevent software in the jail from doing things like you want to do, manipulate the file system.

You may be able to delegate ZFS rights for that dataset to the user ID for that piece of software. Likely this will have to be done at the command line in ZFS directly, going around the GUI. There is a book out covering in detail ZFS. IT Mastery: ZFS by Michael Lukas. In it there is a section that covers delegating rights to users to control datasets. You should be able to delegate to the user ID of URBackup.

I don't know of a guide for this, you'll have to piece it together. The book is a good read for anyone using ZFS anyway.

 

[Robert Trevellyan]

Does this help?
https://forums.freebsd.org/threads/51262/

 

[Wulffi]

Thank you all for your help!
The link from Robert did help me as there was still one property not set.

Everything is working fine right now :)

 

[SmarJackal]

Thank you all for your help!
The link from Robert did help me as there was still one property not set.

Everything is working fine right now :)

Wulffi, explain how you solved your problem, please. I can not create a sub-dataset within the jail :-( ("permission denied")