[FEATURE REQUEST] zfs.filesystem_present should support 'mode' #67636
Replies: 2 comments
-
That's absolutely logical, you might run zfs module to mount dataset first and then apply permissions to it in your state. |
Beta Was this translation helpful? Give feedback.
-
|
Back before ZFS supported native encryption, we used salt to manage LUKS to 'unlock' the drives, followed by a zpool import. Occasionally things wouldn't go so well and before the pool could be imported some process (like samba) would trample all over /tank followed by salt setting permissions on the unmounted filesystem. I would have to abort everything, zfs umount -a, rm -rf /tank, then zfs mount -a, make sure it worked, then go highstate again. Fortunately the issues are less with native encryption, but they still happen. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
There currently doesn't appear to be a way to set permissions on a file, folder or zfs dataset without creating it.
For example:
Will create
tank/mydataset. But if I want to set permissions on it, I need to:Unfortunately what happens--especially in the ZFS world is that the dataset actually exists, but it hasn't been mounted. For example with encryption.
This causes salt to create the directory on the root filesystem and assign it permissions which don't actually apply to the dataset.
It can similarly happen when you have a system that manages files and folders outside of salt. If you want to set permissions on a folder or file, but not create it if it doesn't exist...there really isn't a way to handle it.
I have to hack something up like:
Maybe add 'permissions' to the file module?
Beta Was this translation helpful? Give feedback.
All reactions