On Tue, Apr 29, 2008 at 07:52:12AM -0700, Garrett D'Amore wrote:
> Darren J Moffat wrote:
> >
> > Zones do not support lofi(7d). This case doesn't change that.
> >
>
> Is there any fundamental reason why zones can't support lofi at some
> point in the future. I can see this being useful to zone administrators
> (though presumably they would only be able to lofi mount portions of the
> filesystem they could already access.)
>
> >
> > 3. VFS interface
> >
> > This feature requires explicit filesystem support in the relevant
> > VFS_MOUNT() routine.
> >
> > In particular, a filesystem can call the following helper:
> >
> > int vfs_get_lofi(vfs_t *, vnode_t **);
> >
> > This returns the vnode for a lofi minor node corresponding to the
> > mounted file. A filesystem would then use this vnode as the device
> > to actually mount.
> >
> > For this to work, such a filesystem needs to skip the block device
> > security check for the lofi node, as it could fail. However, the
> > VOP_ACCESS() check on the mount source (which is a file for the lofi
> > case) is still needed to ensure that the mount is secure.
> >
> > For example, a process with PRIV_SYS_MOUNT and
> > PRIV_FILE_DAC_READ/WRITE would fail an explicit check to open the
> > lofi node, but succeed in the mount source check (unless the file is
> > root-owned, preserving standard semantics for least privilege).
> >
> > Currently, filesystem support exists for ufs, pcfs, hsfs, and udfs.
> > ZFS support is unlikely to happen as it doesn't support traditional
> > mounting in this manner.
> >
>
> Hmmm... I didn't realize that ZFS doesn't support lofi. That seems like
> a fairly severe shortcoming, particularly given the push towards ZFS
> root. (On a system with ZFS root, its likely there won't be *any* ufs,
> etc. filesystems.)
>
> Are there any plans afoot that you're aware of to address this shortcoming?
I don't think that sentence means what you think it means. You can
certainly create a lofi device backed by a file on a ZFS filesystem.
In fact, since you can also create a zpool on a lofi device, I think it
just means that you can't put a ZFS/lofi combination in vfstab.
Ceri
--
That must be wonderful! I don't understand it at all.
-- Moliere
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20080429/dee79d79/attachment.bin>
