Page 1 of 1

Users on ZFS

PostPosted: Sat Sep 26, 2020 9:58 am
by decuser
Has anyone successfully moved their Users folder on to OpenZFS? I'm getting ready to try:
Install Mojave on a 50 GB partition of a 1TB SSD
Create two equal partitions of type ZFS with the rest.
zpool create -o atime=off \
-o ashift=12 \
-O casesensitivity=insensitive \
-O normalization=formD \
zroot disk1sN disk1sN+1

zfs create Users mountpoint=/Users (or something along these lines)
Then I plan to create users and use the system.

Is this a workable plan?

Will

Re: Users on ZFS

PostPosted: Sat Sep 26, 2020 1:56 pm
by Sharko
Has anyone successfully moved their Users folder on to OpenZFS?


Yes, this is the standard way that I run my systems. On my Mac Pro 5,1 it is a little easier, since I have enough SATA positions to run the boot from a wholly separate disk, but I've done it all on one disk as well for my laptop. If you need to do it all on one disk here's a link to a key article that has necessary Terminal command to shrink down an APFS filesystem to make room for a zfs partition:

https://www.macobserver.com/tips/deep-dive/resize-your-apfs-container/

What I do is run with an admin user, and a standard user (in your situation I would have all my main file data under the standard user, the admin user account is just for maintenance and other administrative tasks). I install Mojave on an APFS partition that includes the whole disk, and set up the admin user and standard user accounts on that APFS partition; I log into the standard account, and get it through the set up process, but then I leave it alone. I then clone the whole target disk to an external disk, and boot from that; I need to be booted off something other than the target disk to be able to run the Terminal command from the MacObserver article above. After re-sizing the APFS partition and creating an HFS+ partition with the remainder, then shut down and reboot back into the admin user account on the small APFS boot partition on the target disk (you don't need the external disk any longer at this point).

At this point you can install openzfsonosx and get that working. You'll have to make a choice about whether and what kind of encryption you want on the ZFS partition; for my laptop I've typically used Filevault encryption on the HFS+ partition that will become a ZFS filesystem. I've used zfs native encryption on my external replication disks, but for those I supply a password manually using 'zfs mount -l TANK'; I know that native encryption also supports some automatic key procedure, but I haven't looked into it yet. The nice thing about FileVault is that it seems pretty reliable about unlocking the ZFS disk partition during the boot process IF you are also running FileVault on the boot disk (for my Mac Pro I can't run Mojave on the boot disk per Apple because no boot screen until the OS loads).

Assuming then that you are logged into the boot partition of the target disk as the admin user, then here is the procedure. Once you have your zfs pool TANK set up, then create a Users folder at the top level, and rsync the entire home directory structure from the boot partition of the standard user to reside under /Volumes/TANK/Users (creating a home folder like /Volumes/TANK/Users/mystandarduser). Once that is done open System Preferences, and navigate to Users & Groups. Authenticate with the lock in the corner, and then right-click on the entry for the standard user to get the 'Advanced Options' context menu item. This will bring up a sheet with various options: User ID, Group, etc. The field you want to set is the Home Directory field. Use the Choose... button to navigate to the mystandarduser folder you populated with minimal user data using rsync, and set that as the home folder for your standard user. I leave the admin user account on the small APFS boot partition for safety. You'll have to reboot for changes to take effect. Once you have the minimal standard account working on the relocated home folder then you can bring the rest of your data over to that location from a backup (to populate Documents, Desktop, Music, Photos, etc).

Now, in theory you could boot directly into your standard user account, but I play it safe and never do. I always boot into the admin account, verify that the zfs partition is unlocked and ready to go, and then switch to my non-admin standard user account for day to day work. By the way, there is nothing that says the relocated account has to be non-admin, it is just the way that I've done it for security.

There is a write-up on how to boot directly from a ZFS filesystem, but I haven't tried it yet:

https://openzfsonosx.org/wiki/ZFS_on_Boot

Good luck, I hope this helps.

Kurt