Archive for the zfs Category

I spent the last week writing this utility to manage my ZFS backups. ZFS’s snapshot ability is great for efficient incremental backups. Solutions using rsync and other file level backup utilities are at a disadvantage because they do not know what changes occur so they have to constantly scan all the data during each backup. Since ZFS’s incremental backups are made at the file system level, changes are marked during new write operations making the process of snapshot-ing instantaneous. I wrote this based on inspiration from duplicity and  ftplicity (which I think now is just duply?). The idea is to send remote snapshots to an offsite location securely and safely, that is, encrypt it so nobody can read your data and ensure that all your 1s and 0s don’t get mangled in the process. This utility tries to do both utilizing gnupg for encryption and md5sum for data integrity, though I maintain no guarantee this first version will actually meet up to both goals, I am pretty confident it will work in most circumstances. I still need further testing (yes, from you) for faulty conditions such as the internet failing in the middle of transfer or the local or remote computer shutting down, but I guess I can only find out from testing…

So without further to do, here’s my first release of zfsbackup.

Here is how I got zfs to share files on smb with no passwords (Note: I am on opensolaris snv_134)

Install the zfs cifs kernel package:

pfexec pkg install SUNWsmbs
pfexec pkg install SUNWsmbskr # this was already installed by default on my system

Reboot the system after this…

pfexec reboot

The service is disabled, let’s enable it.

$ svcs smb/server
STATE          STIME    FMRI
disabled       21:28:39 svc:/network/smb/server:default

$ svcadm enable -r smb/server # the -r recursively enables dependent services
# the following error message is fine.
svcadm: svc:/milestone/network depends on svc:/network/physical, which has multiple instances.

If you wish to join a certain workgroup (default is WORKGROUP):

smbadm join -w MyHome

Now let’s create the zfs file system:

pfexec zfs create -o casesensitivity=mixed -o nbmand=on rpool/storage

Let’s fix the permissions so that anyone and everyone could use access the file share:

pfexec chmod 777 /rpool/storage/
# must specify solaris chmod as GNU chmod does not know about solaris extended permissions

zfs set aclinherit=passthrough rpool/storage
zfs set aclmode=passthrough rpool/storage

pfexec /usr/bin/chmod -R A=everyone@:full_set:fd:allow /rpool/storage/

And let us make the share:

pfexec zfs set sharesmb=name=storage,guestok=true rpool/storage

Verify setup:

$ sharemgr show -v

Last step, map the windows guest user to a valid solaris account (if not, it’ll generate random UIDs):

pfexec idmap add winname:Guest unixuser:nobody

and the group too:

pfexec idmap add "wingroup:Domain Users" unixgroup:staff

Test the connection from another computer. Done! Thank you James, Simon, and Afshin for your help.