Darren J Moffat wrote:
Kyle McDonald wrote:
Andriy Gapon wrote:
What do you think about the following feature?
"Subdirectory is automatically a new filesystem" property - an
administrator turns
on this magic property of a filesystem, after that every mkdir *in
the root* of
that filesystem creates a new filesystem. The new filesystems have
default/inherited properties except for the magic property which is
off.
Right now I see this as being mostly useful for /home. Main benefit
in this case
is that various user administration tools can work unmodified and do
the right
thing when an administrator wants a policy of a separate fs per user
But I am sure that there could be other interesting uses for this.
But now that quotas are working properly, Why would you want to
continue the hack of 1 FS per user?
hack ? Different usage cases!
Why bother? What's the benefit?
The benefit is that users can control their own snapshot policy, they
can create and destroy their own sub datasets, send and recv them etc.
We can also delegate specific properties to users if we want as well.
This is exactly how I have the builds area setup on our ONNV build
machines for the Solaris security team. Sure the output of zfs list
is long - but I don't care about that.
I can imagine a use for a builds. 1 FS per build - I don't know. But why
link it to the mkdir? Why not make the build scripts do the zfs create
out right?
When encryption comes along having a separate filesystem per user is
an useful deployment case because it means we can deploy with separate
keys for each user (granted may be less interesting if they only
access their home dir over NFS/CIFS but still useful). I have a
prototype PAM module
that uses the users login password as the ZFS dataset wrapping key and
keeps that in sync with the users login password on password change.
Encryption is an interesting case. User Snapshots I'd need to think
about more.
Couldn't the other properties be delegated on directories?
Maybe I'm just getting old. ;) I still think having the zpool not
automatically include a filesystem, and having ZFS containers was a
useful concept. And I still use share (and now sharemgr) to manage my
shares, and not ZFS share. Oh well. :)
-Kyle
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
