On Aug 7, 2009, at 8:26 PM, Mike Mackovitch wrote: > > (* The part I don't quite understand was that I expected the > snapshot directories to appear as separate file systems but > they are not. I even had put off trying to access them from > my NFS client until I had some "mirror mount" support in place. > Then I discovered I didn't need it. *My* expectations were > destroyed there.) >
Too funny. The fsid is the same between snapshots and the "base" zfs so that NFS3 clients won't have to perform mounts to access the snapshots. Soon after the snapshot dir arrived in ZFS, Solaris developers started getting very irritated by the inability to access snapshots reliably over NFS. Initially fsids were different between the base fs and snapshot dirs. The automounter hid some of the pain, but if you created a snapshot after the fs had been accessed, then the automounter didn't know about the new snapshot's fs. Some machines could access the snapshot, but others couldn't. Very frustrating. The ZFS solution was to provide the NFS server with the same fsid for the base fs and all snapshots (even though they are backed by different datasets). This required that ZFS provide unique fids for an object in the base fs and all snapshots. The gotcha to this approach is that NFS2 clients cannot access ZFS snapshots because the NFS2 FH isn't large enough to accommodate the larger ZFS snapshot fids. But, NFS2 needs to go away anyway... :-) > > That sounds about right. BTW, to pick a nit, it's not just about > delegated administration. Even the root user calling ACCESS gets > the wrong answer. root/superuser/uid=0 gets the write access even > without a delegation. Not calling zfs_secpolicy_* explains both > the root and delegated user cases. I agree -- good point. > > Thanks for tracking this down.... and sorry about what happened > to your expectations. ;-) No problem - it was an interesting set of problems, and I learned something really useful in the process. I'm glad to have my hopes dashed this time -- creating and destroying snapshots at the server by manipulating the snapshot dir with normal commands over NFS is just awesome, and I never knew about the feature until today. Jeff
