Linux-MacOS ZFS mount points (and permissions!)

All your general support questions for OpenZFS on OS X.

Linux-MacOS ZFS mount points (and permissions!)

Postby boldstripe » Mon Sep 07, 2020 8:55 am

I am just getting started here, but the goal is to use my old Mac Pro 2008 to dual boot MacOS High Sierra and MX-Linux with added latest backports version of ZFS on Linux (MX-Linux is a Debian derivative).

On Linux, I created a pool (no datasets yet) with the feature restrictions suggested on the O3X wiki for a cross-platform pool.

In Linux, since making the pool I have not yet changed the mountpoint. By default ZFS on Linux puts 'tank' at the computer's top level as /tank on doing a 'zpool import'.

I previously had a problem finding the mountpoint on MacOS after I had already set a Linux pool mountpoint. So, to check the default mount on MacOS, I exported the pool on Linux and then booted into MacOS High Sierra.

I was quite pleased to discover that 'zpool import tank' automatically mounted tank in the MacOS /Volumes folder, which is exactly what I wanted.

But I did not set this up. Did OpenZFS on OSX choose the MacOS mountpoint for me?

If so, I'm grateful for the automation and the specific choice, but what is the best way now to manage the respective Linux-MacOS mountpoints as I switch between the two systems--particularly now I am about to introduce datasets and actual files?
Last edited by boldstripe on Tue Sep 08, 2020 7:12 am, edited 1 time in total.
boldstripe
 
Posts: 5
Joined: Mon Sep 07, 2020 8:27 am

Re: Linux-MacOS ZFS mount points

Postby boldstripe » Tue Sep 08, 2020 7:11 am

Mount points was not the problem I thought it would be. For now, I leave mounting as default in Linux ('/') and added a file browser shortcut to the datasets I need to access. Over on the MacOS side, O3X continues to look after mounting quite conveniently and nicely puts a hard drive icon for a dataset on the Mac Desktop.

File permissions between the two platforms is a bigger issue, as discussed here already in https://openzfsonosx.org/forum/viewtopic.php?f=26&t=3237&p=10267#p10267.

I created the zfsusers group, added my user to it and changed the permissions settings on both the pool and the dataset. Group now shows zfsusers on files on both sides. I did the same recursively for the few files and folders I had put there.

Ownership varies on the two sides because my user ID numbers are 1000 (Linux) and 505 (MacOS).

Differing ownership might be OK, given my user is also a member of the zfsusers group on both platforms, except that files I create on the Mac side, or copy and paste into the dataset while I am in MacOS, have more restrictive permissions set, in particular -rwx------ or drwrx------ I cannot open and edit them directly on the Linux side now, I have to make a copy etc etc

I can think of two ways I might be able to fix this:

1. Run a recursive change ownership and/or change permissions command whenever I change platforms; not convenient

2. Changing my User ID number on one side or the other: this appears to be a risky process with possibly complex consequences on either Linux or MacOS.

Is there a better way to fix this ownership issue across the platforms?
Last edited by boldstripe on Thu Sep 10, 2020 12:39 pm, edited 1 time in total.
boldstripe
 
Posts: 5
Joined: Mon Sep 07, 2020 8:27 am

Re: Linux-MacOS ZFS mount points (and permissions!)

Postby boldstripe » Wed Sep 09, 2020 5:55 am

Can someone check me on the following?

The crucial issue for daily use appears to be that new/copied files are assigned owner=group to the current user on either side, as soon as they are created. So even with a common zfsusers group with ID=1200 on both sides:

- on Linux a new file or copied file assumes owner=group=1000 and the machine knows the current user ('boldstripe') as 1000.

- on MacOS a new file or copied file assumes owner=group=505 and the machine knows the current user ('boldstripe') as 505.

I can manually assign the group=zfsusers=1200 on either side for existing files. But then I have to manually assign group ownership recursively to the files, which is not convenient.

So for the kind of practicality I would like, do I really have to give my user the same number on both platforms?

Or, is there another way to do this with a shadow user/group on each side? It could be named as a recognizable variation of my current user, with the addition of a suffix to remind me that it exists on the 'other' platform.

For example, on the MacOS, ID 1000 is now available (current user is boldstripe=505): so can I just make a new user 'boldstripe-linux' assign it the number 1000 and then add 'boldstripe' to the 'boldstripe-linux' group? Would that be enough to let the Mac user 'boldstripe' open/edit/save a file which was assigned group=1000 on the Linux side?

Ordinarily I would try this without asking here first, but this seems risky enough to seek advice first.

This reminds me of a long-standing issue on MacOS when two users on the same machine want to share files in the /Users/Shared folder. By default they are read-only to the other user, and it becomes quite difficult to set things up so either user can open/edit/save files arbitrarily. You can assign inheritable ACLs but its complicated and can get broken over time. It is actually easier if the two users just share a file on a sync service like Dropbox, although you then have to store two copies of every file on the same machine.

Edit: also, I don't see how an ACL solution would work on ZFS across both platforms.

For a description of the /Users/Shared folder problem in MacOS and more generally on Unix systems, see for example this StackExchange posting, which describes the problem and some solutions: https://apple.stackexchange.com/questio ... /7255#7255

In a way, because sharing using a traditional disk image and 'ignoring permissions' is one of the solutions, it would seem like ZFS would be a good way to fix this problem.
boldstripe
 
Posts: 5
Joined: Mon Sep 07, 2020 8:27 am

Re: Linux-MacOS ZFS mount points (and permissions!)

Postby lundman » Wed Sep 09, 2020 4:16 pm

If you have the same group, you would have to;

* set "umask" on both machines to create new entries with group in mind.
* Set the group setgid bit on directories (chmod g+s)

Which will get you closer.

However, setting the UID to the same is probably the easiest. You can probably google for it on osx, but
on Unix you just edit /etc/passwd (or rather, use the tools for it on your variant, vipasswd, edituser etc).
Then do something like "find / -uid 1000 -print0 | xargs -0 chown 505"
(Find all entries owned by 1000, and call chown 505 on them. I wouldn't personally bother with "/" as I know files that my user owns are in the home directory/external disks, so find /usr/home /externaldisk1 ...)

You can probably also do something clever with ACLs, but they are more hassle, as they differ between platforms, especially Linux vs Others.
User avatar
lundman
 
Posts: 1335
Joined: Thu Mar 06, 2014 2:05 pm
Location: Tokyo, Japan

Re: Linux-MacOS ZFS mount points (and permissions!)

Postby boldstripe » Thu Sep 10, 2020 12:36 pm

Thank you very much, that got me unstuck. I seem to have found a solution now.

I was lucky enough to find a useful posting on the forum for my Linux distribution MX Linux, setting up umask to address the 'classic' problem I mentioned of two users on one machine sharing a common folder of files and each wanting read/write access.

To save repeating my post there explaining how I adapted it for dual-boot ZFS sharing, I hope it is OK to just provide the link to that posting:
https://forum.mxlinux.org/viewtopic.php?f=108&t=57181
boldstripe
 
Posts: 5
Joined: Mon Sep 07, 2020 8:27 am

Re: Linux-MacOS ZFS mount points (and permissions!)

Postby _max_ » Sat Sep 30, 2023 6:45 am

I am thinking that this pseudo solution also has some merit on totally different systems (vs your dual boot osx/linux setup). I keep a complete zfs pool offsite backup at my son’s house l, but running on FreeBSD. From the freebsd side, the uid/gid’s don’t match up of course, so I end up always working as su for access. Of course this is a small dedicated backup system setup with no other users, so I won’t have day to day issues like you might have encounter.

I did have some initial issues just when setting up the pool. I tried creating empty pools on the BSD side and then move the drives to empty drive slots on the OSX machine to populate with files. Tried it the other way with no success either. Ended up having to hook the backup box locally for initial zfs send population, then moved offsite to receive the much smaller) daily incrementals.
_max_
 
Posts: 5
Joined: Fri Feb 10, 2023 4:24 am


Return to General Help

Who is online

Users browsing this forum: No registered users and 28 guests