Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

umount: only root can use "--types" option #8478

Open
jsoref opened this issue Mar 6, 2019 · 6 comments

Comments

@jsoref
Copy link
Contributor

commented Mar 6, 2019

System information

Type Version/Name
Distribution Name Ubuntu
Distribution Version bionic (18.04.2)
Linux Kernel 4.15.0-46-generic
Architecture x86_64
ZFS Version 0.7.5-1ubuntu16
SPL Version 0.7.5-1ubuntu1

Describe the problem you're observing

When I try to create a volume as a non root user, I get a pretty warning explaining that as a non root user zfs can't mount the volume.
When I try to destroy a volume as a non root user, I get a technical warning (from /bin/umount)

The equivalent error can be seen here:

$ /bin/umount x --types foo
umount: only root can use "--types" option

Ideally, just as zfs create gives a human readable warning when it knows it can't mount a volume, zfs destroy should give a human readable warning when it knows it can't unmount a volume.

Describe how to reproduce the problem

$ sudo zfs allow user create,mount,destroy pool/vol
$ zfs create pool/vol/test
filesystem successfully created, but it may only be mounted by root
$ sudo zfs mount pool/vol/test
$ zfs destroy pool/vol/test
umount: only root can use "--types" option
cannot unmount '/vol/test': umount failed

Include any warning/errors/backtraces from the system logs

@fvigotti

This comment has been minimized.

Copy link

commented May 9, 2019

+1 , same problem
useful in send/receive streams over ssh to a non root user destination ( root is not allowed from remote for security )

@minorsatellite

This comment has been minimized.

Copy link

commented May 24, 2019

+1. I ran against this issue yesterday. I am assuming that this is a bug not a "feature".

@jsoref

This comment has been minimized.

Copy link
Contributor Author

commented May 24, 2019

To be clear, this is purely about improving the error message.

The unmount restriction is from Linux itself.

And to some extent this issue is for me to hang a PR from, although I haven't gotten to it yet.

@minorsatellite

This comment has been minimized.

Copy link

commented May 24, 2019

Any workarounds on the Linux side? I would prefer not the elevate to root for ordinary replication jobs.

@jpoa

This comment has been minimized.

Copy link

commented May 25, 2019

jsoref added a commit to jsoref/zfs that referenced this issue May 26, 2019
This should result in better error handling (zfsonlinux#8478)
jsoref added a commit to jsoref/zfs that referenced this issue May 26, 2019
This should result in better error handling

Closes zfsonlinux#8478

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
@jsoref jsoref referenced this issue May 26, 2019
3 of 12 tasks complete
@jsoref

This comment has been minimized.

Copy link
Contributor Author

commented May 27, 2019

@minorsatellite: with many many many security warnings, apparently there would be some way to work around this using setcap cap_sys_admin+ep /sbin/mount.zfs per #8817 (comment) -- hand waving on my part: while I'm vaguely aware of caps, I have not done much with them -- before doing this, you should read about caps and get a sense of the security implications.

jsoref added a commit to jsoref/zfs that referenced this issue May 29, 2019
Try to give better error messages for this case...

Closes zfsonlinux#8478

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.