Stopping Spotlight etc. from changing ZFS without permission

From OpenZFS on OS X
Revision as of 05:30, 23 January 2017 by Foobaron (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The Issue

ZFS is a great solution for moving data between platforms (e.g. Linux and Mac OS X). However, if you connect an external ZFS drive to Mac OS X, you may be unpleasantly surprised to find that Spotlight, Finder etc. will modify the filesystems on the drive without asking (and even in violation of the user privileges granted by those filesystems). This goes against several basic principles that you probably expect:

  • the filesystem should not change unless you change data on the filesystem. E.g. simply plugging in the drive should not change the filesystem.
  • any attempted changes to the filesystem should obey the privilege rules set on that filesystem. E.g. if the current user plugging in the drive lacks write privileges to the filesystem, no changes should be allowed.

However, Spotlight, Finder etc. do not obey these expectations. This can lead to serious problems for standard ZFS activities such as snapshot based backup. For example, say you backup data from Computer A by sending ZFS snapshots to ZFS filesystems on an external drive. At some point you connect this drive to a Mac (Computer B), e.g. to copy some of its data to the Mac. However, the next time you try to backup some new snapshots from Computer A to this drive, it will fail with messages like "data has been changed since snapshot XYZ". Note that this will happen even if the user login on Computer B lacks write privileges to the external drive's ZFS filesystems. Now you are in a quandary. You will have to manually investigate all the changed filesystems to see what all the changes are, and whether there are any changes that need to be preserved (rather than just rolled back).

The following Mac OS X services will modify your ZFS filesystems silently:

  • Spotlight
  • Finder (.DS_Store, Trash)

Solutions

  • in general, if you are connecting an external ZFS drive to a Mac solely to READ data from it, just import it readonly. This is the one trivially easy way to avoid the whole problem, e.g.:

zpool import -o readonly=on tank

If that is not an option, then you are going to have clean up your ZFS filesystems (every time) after OS X has "dirtied" them:

  • always take a snapshot of ZFS filesystems BEFORE plugging them in to a Mac. This makes it relatively easy to know which changes are "OS X dirt" vs. previous data changes that you made before plugging into the Mac, and to rollback the dirt.
  • if you did not deliberately make changes to a given ZFS filesystem while connected to the Mac, then just rollback to the latest snapshot (as your first action once you import that drive to a non-Mac host).
  • add "flag files" to each file system to prevent various OS X services from dirtying them. E.g. touch /tank/.metadata_never_index should prevent Spotlight indexing. We should collect a list here of all the rules for preventing such "dirty" services.
Retrieved from "https://openzfsonosx.org/w/index.php?title=Stopping_Spotlight_etc._from_changing_ZFS_without_permission&oldid=1147"