4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2014, 2021 by Delphix. All rights reserved.
26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
27 * Copyright 2017 RackTop Systems.
28 * Copyright (c) 2018 Datto Inc.
29 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
33 * Routines to manage ZFS mounts. We separate all the nasty routines that have
34 * to deal with the OS. The following functions are the main entry points --
35 * they are used by mount and unmount and when changing a filesystem's
44 * This file also contains the functions used to manage sharing filesystems via
57 * zfs_unshareall_nfs()
58 * zfs_unshareall_smb()
60 * zfs_unshareall_bypath()
62 * The following functions are available for pool consumers, and will
63 * mount/unmount and share/unshare all datasets within pool:
65 * zpool_enable_datasets()
66 * zpool_disable_datasets()
80 #include <sys/mntent.h>
81 #include <sys/mount.h>
84 #include <sys/dsl_crypt.h>
88 #include "libzfs_impl.h"
89 #include <thread_pool.h>
92 #include <sys/systeminfo.h>
93 #define MAXISALEN 257 /* based on sysinfo(2) man page */
95 static int mount_tp_nthr = 512; /* tpool threads for multi-threaded mounting */
97 static void zfs_mount_task(void *);
98 static zfs_share_type_t zfs_is_shared_proto(zfs_handle_t *, char **,
102 * The share protocols table must be in the same order as the zfs_share_proto_t
103 * enum in libzfs_impl.h
105 proto_table_t proto_table[PROTO_END] = {
106 {ZFS_PROP_SHARENFS, "nfs", EZFS_SHARENFSFAILED, EZFS_UNSHARENFSFAILED},
107 {ZFS_PROP_SHARESMB, "smb", EZFS_SHARESMBFAILED, EZFS_UNSHARESMBFAILED},
110 static zfs_share_proto_t nfs_only[] = {
115 static zfs_share_proto_t smb_only[] = {
119 static zfs_share_proto_t share_all_proto[] = {
128 dir_is_empty_stat(const char *dirname)
133 * We only want to return false if the given path is a non empty
134 * directory, all other errors are handled elsewhere.
136 if (stat(dirname, &st) < 0 || !S_ISDIR(st.st_mode)) {
141 * An empty directory will still have two entries in it, one
142 * entry for each of "." and "..".
144 if (st.st_size > 2) {
152 dir_is_empty_readdir(const char *dirname)
158 if ((dirfd = openat(AT_FDCWD, dirname,
159 O_RDONLY | O_NDELAY | O_LARGEFILE | O_CLOEXEC, 0)) < 0) {
163 if ((dirp = fdopendir(dirfd)) == NULL) {
168 while ((dp = readdir64(dirp)) != NULL) {
170 if (strcmp(dp->d_name, ".") == 0 ||
171 strcmp(dp->d_name, "..") == 0)
174 (void) closedir(dirp);
178 (void) closedir(dirp);
183 * Returns true if the specified directory is empty. If we can't open the
184 * directory at all, return true so that the mount can fail with a more
185 * informative error message.
188 dir_is_empty(const char *dirname)
193 * If the statvfs call fails or the filesystem is not a ZFS
194 * filesystem, fall back to the slow path which uses readdir.
196 if ((statfs64(dirname, &st) != 0) ||
197 (st.f_type != ZFS_SUPER_MAGIC)) {
198 return (dir_is_empty_readdir(dirname));
202 * At this point, we know the provided path is on a ZFS
203 * filesystem, so we can use stat instead of readdir to
204 * determine if the directory is empty or not. We try to avoid
205 * using readdir because that requires opening "dirname"; this
206 * open file descriptor can potentially end up in a child
207 * process if there's a concurrent fork, thus preventing the
208 * zfs_mount() from otherwise succeeding (the open file
209 * descriptor inherited by the child process will cause the
210 * parent's mount to fail with EBUSY). The performance
211 * implications of replacing the open, read, and close with a
212 * single stat is nice; but is not the main motivation for the
215 return (dir_is_empty_stat(dirname));
219 * Checks to see if the mount is active. If the filesystem is mounted, we fill
220 * in 'where' with the current mountpoint, and return 1. Otherwise, we return
224 is_mounted(libzfs_handle_t *zfs_hdl, const char *special, char **where)
228 if (libzfs_mnttab_find(zfs_hdl, special, &entry) != 0)
232 *where = zfs_strdup(zfs_hdl, entry.mnt_mountp);
238 zfs_is_mounted(zfs_handle_t *zhp, char **where)
240 return (is_mounted(zhp->zfs_hdl, zfs_get_name(zhp), where));
244 * Checks any higher order concerns about whether the given dataset is
245 * mountable, false otherwise. zfs_is_mountable_internal specifically assumes
246 * that the caller has verified the sanity of mounting the dataset at
247 * mountpoint to the extent the caller wants.
250 zfs_is_mountable_internal(zfs_handle_t *zhp, const char *mountpoint)
253 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED) &&
254 getzoneid() == GLOBAL_ZONEID)
261 * Returns true if the given dataset is mountable, false otherwise. Returns the
262 * mountpoint in 'buf'.
265 zfs_is_mountable(zfs_handle_t *zhp, char *buf, size_t buflen,
266 zprop_source_t *source, int flags)
268 char sourceloc[MAXNAMELEN];
269 zprop_source_t sourcetype;
271 if (!zfs_prop_valid_for_type(ZFS_PROP_MOUNTPOINT, zhp->zfs_type,
275 verify(zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, buf, buflen,
276 &sourcetype, sourceloc, sizeof (sourceloc), B_FALSE) == 0);
278 if (strcmp(buf, ZFS_MOUNTPOINT_NONE) == 0 ||
279 strcmp(buf, ZFS_MOUNTPOINT_LEGACY) == 0)
282 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_OFF)
285 if (!zfs_is_mountable_internal(zhp, buf))
288 if (zfs_prop_get_int(zhp, ZFS_PROP_REDACTED) && !(flags & MS_FORCE))
292 *source = sourcetype;
298 * The filesystem is mounted by invoking the system mount utility rather
299 * than by the system call mount(2). This ensures that the /etc/mtab
300 * file is correctly locked for the update. Performing our own locking
301 * and /etc/mtab update requires making an unsafe assumption about how
302 * the mount utility performs its locking. Unfortunately, this also means
303 * in the case of a mount failure we do not have the exact errno. We must
304 * make due with return value from the mount process.
306 * In the long term a shared library called libmount is under development
307 * which provides a common API to address the locking and errno issues.
308 * Once the standard mount utility has been updated to use this library
309 * we can add an autoconf check to conditionally use it.
311 * http://www.kernel.org/pub/linux/utils/util-linux/libmount-docs/index.html
315 zfs_add_option(zfs_handle_t *zhp, char *options, int len,
316 zfs_prop_t prop, char *on, char *off)
321 /* Skip adding duplicate default options */
322 if ((strstr(options, on) != NULL) || (strstr(options, off) != NULL))
326 * zfs_prop_get_int() is not used to ensure our mount options
327 * are not influenced by the current /proc/self/mounts contents.
329 value = getprop_uint64(zhp, prop, &source);
331 (void) strlcat(options, ",", len);
332 (void) strlcat(options, value ? on : off, len);
338 zfs_add_options(zfs_handle_t *zhp, char *options, int len)
342 error = zfs_add_option(zhp, options, len,
343 ZFS_PROP_ATIME, MNTOPT_ATIME, MNTOPT_NOATIME);
345 * don't add relatime/strictatime when atime=off, otherwise strictatime
346 * will force atime=on
348 if (strstr(options, MNTOPT_NOATIME) == NULL) {
349 error = zfs_add_option(zhp, options, len,
350 ZFS_PROP_RELATIME, MNTOPT_RELATIME, MNTOPT_STRICTATIME);
352 error = error ? error : zfs_add_option(zhp, options, len,
353 ZFS_PROP_DEVICES, MNTOPT_DEVICES, MNTOPT_NODEVICES);
354 error = error ? error : zfs_add_option(zhp, options, len,
355 ZFS_PROP_EXEC, MNTOPT_EXEC, MNTOPT_NOEXEC);
356 error = error ? error : zfs_add_option(zhp, options, len,
357 ZFS_PROP_READONLY, MNTOPT_RO, MNTOPT_RW);
358 error = error ? error : zfs_add_option(zhp, options, len,
359 ZFS_PROP_SETUID, MNTOPT_SETUID, MNTOPT_NOSETUID);
360 error = error ? error : zfs_add_option(zhp, options, len,
361 ZFS_PROP_NBMAND, MNTOPT_NBMAND, MNTOPT_NONBMAND);
367 zfs_mount(zfs_handle_t *zhp, const char *options, int flags)
369 char mountpoint[ZFS_MAXPROPLEN];
371 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL,
375 return (zfs_mount_at(zhp, options, flags, mountpoint));
379 * Mount the given filesystem.
382 zfs_mount_at(zfs_handle_t *zhp, const char *options, int flags,
383 const char *mountpoint)
386 char mntopts[MNT_LINE_MAX];
387 char overlay[ZFS_MAXPROPLEN];
388 char prop_encroot[MAXNAMELEN];
389 boolean_t is_encroot;
390 zfs_handle_t *encroot_hp = zhp;
391 libzfs_handle_t *hdl = zhp->zfs_hdl;
395 if (options == NULL) {
396 (void) strlcpy(mntopts, MNTOPT_DEFAULTS, sizeof (mntopts));
398 (void) strlcpy(mntopts, options, sizeof (mntopts));
401 if (strstr(mntopts, MNTOPT_REMOUNT) != NULL)
404 /* Potentially duplicates some checks if invoked by zfs_mount(). */
405 if (!zfs_is_mountable_internal(zhp, mountpoint))
409 * If the pool is imported read-only then all mounts must be read-only
411 if (zpool_get_prop_int(zhp->zpool_hdl, ZPOOL_PROP_READONLY, NULL))
412 (void) strlcat(mntopts, "," MNTOPT_RO, sizeof (mntopts));
415 * Append default mount options which apply to the mount point.
416 * This is done because under Linux (unlike Solaris) multiple mount
417 * points may reference a single super block. This means that just
418 * given a super block there is no back reference to update the per
419 * mount point options.
421 rc = zfs_add_options(zhp, mntopts, sizeof (mntopts));
423 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
424 "default options unavailable"));
425 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
426 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
431 * If the filesystem is encrypted the key must be loaded in order to
432 * mount. If the key isn't loaded, the MS_CRYPT flag decides whether
433 * or not we attempt to load the keys. Note: we must call
434 * zfs_refresh_properties() here since some callers of this function
435 * (most notably zpool_enable_datasets()) may implicitly load our key
436 * by loading the parent's key first.
438 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
439 zfs_refresh_properties(zhp);
440 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS);
443 * If the key is unavailable and MS_CRYPT is set give the
444 * user a chance to enter the key. Otherwise just fail
447 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) {
448 if (flags & MS_CRYPT) {
449 rc = zfs_crypto_get_encryption_root(zhp,
450 &is_encroot, prop_encroot);
452 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
453 "Failed to get encryption root for "
454 "'%s'."), zfs_get_name(zhp));
459 encroot_hp = zfs_open(hdl, prop_encroot,
461 if (encroot_hp == NULL)
462 return (hdl->libzfs_error);
465 rc = zfs_crypto_load_key(encroot_hp,
469 zfs_close(encroot_hp);
473 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
474 "encryption key not loaded"));
475 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
476 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
484 * Append zfsutil option so the mount helper allow the mount
486 strlcat(mntopts, "," MNTOPT_ZFSUTIL, sizeof (mntopts));
488 /* Create the directory if it doesn't already exist */
489 if (lstat(mountpoint, &buf) != 0) {
490 if (mkdirp(mountpoint, 0755) != 0) {
491 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
492 "failed to create mountpoint: %s"),
494 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
495 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
501 * Overlay mounts are enabled by default but may be disabled
502 * via the 'overlay' property. The -O flag remains for compatibility.
504 if (!(flags & MS_OVERLAY)) {
505 if (zfs_prop_get(zhp, ZFS_PROP_OVERLAY, overlay,
506 sizeof (overlay), NULL, NULL, 0, B_FALSE) == 0) {
507 if (strcmp(overlay, "on") == 0) {
514 * Determine if the mountpoint is empty. If so, refuse to perform the
515 * mount. We don't perform this check if 'remount' is
516 * specified or if overlay option (-O) is given
518 if ((flags & MS_OVERLAY) == 0 && !remount &&
519 !dir_is_empty(mountpoint)) {
520 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
521 "directory is not empty"));
522 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
523 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint));
526 /* perform the mount */
527 rc = do_mount(zhp, mountpoint, mntopts, flags);
530 * Generic errors are nasty, but there are just way too many
531 * from mount(), and they're well-understood. We pick a few
532 * common ones to improve upon.
535 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
536 "mountpoint or dataset is busy"));
537 } else if (rc == EPERM) {
538 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
539 "Insufficient privileges"));
540 } else if (rc == ENOTSUP) {
543 VERIFY(zfs_spa_version(zhp, &spa_version) == 0);
544 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
545 "Can't mount a version %llu "
546 "file system on a version %d pool. Pool must be"
547 " upgraded to mount this file system."),
548 (u_longlong_t)zfs_prop_get_int(zhp,
549 ZFS_PROP_VERSION), spa_version);
551 zfs_error_aux(hdl, "%s", strerror(rc));
553 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
554 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
558 /* remove the mounted entry before re-adding on remount */
560 libzfs_mnttab_remove(hdl, zhp->zfs_name);
562 /* add the mounted entry into our cache */
563 libzfs_mnttab_add(hdl, zfs_get_name(zhp), mountpoint, mntopts);
568 * Unmount a single filesystem.
571 unmount_one(libzfs_handle_t *hdl, const char *mountpoint, int flags)
575 error = do_unmount(mountpoint, flags);
581 libzfs_err = EZFS_BUSY;
584 libzfs_err = EZFS_IO;
587 libzfs_err = EZFS_NOENT;
590 libzfs_err = EZFS_NOMEM;
593 libzfs_err = EZFS_PERM;
596 libzfs_err = EZFS_UMOUNTFAILED;
598 return (zfs_error_fmt(hdl, libzfs_err,
599 dgettext(TEXT_DOMAIN, "cannot unmount '%s'"),
607 * Unmount the given filesystem.
610 zfs_unmount(zfs_handle_t *zhp, const char *mountpoint, int flags)
612 libzfs_handle_t *hdl = zhp->zfs_hdl;
615 boolean_t encroot, unmounted = B_FALSE;
617 /* check to see if we need to unmount the filesystem */
618 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) &&
619 libzfs_mnttab_find(hdl, zhp->zfs_name, &entry) == 0)) {
621 * mountpoint may have come from a call to
622 * getmnt/getmntany if it isn't NULL. If it is NULL,
623 * we know it comes from libzfs_mnttab_find which can
624 * then get freed later. We strdup it to play it safe.
626 if (mountpoint == NULL)
627 mntpt = zfs_strdup(hdl, entry.mnt_mountp);
629 mntpt = zfs_strdup(hdl, mountpoint);
632 * Unshare and unmount the filesystem
634 if (zfs_unshare_proto(zhp, mntpt, share_all_proto) != 0) {
638 zfs_commit_all_shares();
640 if (unmount_one(hdl, mntpt, flags) != 0) {
642 (void) zfs_shareall(zhp);
643 zfs_commit_all_shares();
647 libzfs_mnttab_remove(hdl, zhp->zfs_name);
653 * If the MS_CRYPT flag is provided we must ensure we attempt to
654 * unload the dataset's key regardless of whether we did any work
655 * to unmount it. We only do this for encryption roots.
657 if ((flags & MS_CRYPT) != 0 &&
658 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
659 zfs_refresh_properties(zhp);
661 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0 &&
663 (void) zfs_mount(zhp, NULL, 0);
667 if (encroot && zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
668 ZFS_KEYSTATUS_AVAILABLE &&
669 zfs_crypto_unload_key(zhp) != 0) {
670 (void) zfs_mount(zhp, NULL, 0);
679 * Unmount this filesystem and any children inheriting the mountpoint property.
680 * To do this, just act like we're changing the mountpoint property, but don't
681 * remount the filesystems afterwards.
684 zfs_unmountall(zfs_handle_t *zhp, int flags)
686 prop_changelist_t *clp;
689 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT,
690 CL_GATHER_ITER_MOUNTED, flags);
694 ret = changelist_prefix(clp);
695 changelist_free(clp);
701 zfs_is_shared(zfs_handle_t *zhp)
703 zfs_share_type_t rc = 0;
704 zfs_share_proto_t *curr_proto;
706 if (ZFS_IS_VOLUME(zhp))
709 for (curr_proto = share_all_proto; *curr_proto != PROTO_END;
711 rc |= zfs_is_shared_proto(zhp, NULL, *curr_proto);
713 return (rc ? B_TRUE : B_FALSE);
717 * Unshare a filesystem by mountpoint.
720 unshare_one(libzfs_handle_t *hdl, const char *name, const char *mountpoint,
721 zfs_share_proto_t proto)
725 err = sa_disable_share(mountpoint, proto_table[proto].p_name);
727 return (zfs_error_fmt(hdl, proto_table[proto].p_unshare_err,
728 dgettext(TEXT_DOMAIN, "cannot unshare '%s': %s"),
729 name, sa_errorstr(err)));
735 * Query libshare for the given mountpoint and protocol, returning
736 * a zfs_share_type_t value.
739 is_shared(const char *mountpoint, zfs_share_proto_t proto)
741 if (sa_is_shared(mountpoint, proto_table[proto].p_name)) {
748 return (SHARED_NOT_SHARED);
751 return (SHARED_NOT_SHARED);
755 * Share the given filesystem according to the options in the specified
756 * protocol specific properties (sharenfs, sharesmb). We rely
757 * on "libshare" to do the dirty work for us.
760 zfs_share_proto(zfs_handle_t *zhp, zfs_share_proto_t *proto)
762 char mountpoint[ZFS_MAXPROPLEN];
763 char shareopts[ZFS_MAXPROPLEN];
764 char sourcestr[ZFS_MAXPROPLEN];
765 zfs_share_proto_t *curr_proto;
766 zprop_source_t sourcetype;
769 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL, 0))
772 for (curr_proto = proto; *curr_proto != PROTO_END; curr_proto++) {
774 * Return success if there are no share options.
776 if (zfs_prop_get(zhp, proto_table[*curr_proto].p_prop,
777 shareopts, sizeof (shareopts), &sourcetype, sourcestr,
778 ZFS_MAXPROPLEN, B_FALSE) != 0 ||
779 strcmp(shareopts, "off") == 0)
783 * If the 'zoned' property is set, then zfs_is_mountable()
784 * will have already bailed out if we are in the global zone.
785 * But local zones cannot be NFS servers, so we ignore it for
786 * local zones as well.
788 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED))
791 err = sa_enable_share(zfs_get_name(zhp), mountpoint, shareopts,
792 proto_table[*curr_proto].p_name);
794 return (zfs_error_fmt(zhp->zfs_hdl,
795 proto_table[*curr_proto].p_share_err,
796 dgettext(TEXT_DOMAIN, "cannot share '%s: %s'"),
797 zfs_get_name(zhp), sa_errorstr(err)));
805 zfs_share(zfs_handle_t *zhp)
807 assert(!ZFS_IS_VOLUME(zhp));
808 return (zfs_share_proto(zhp, share_all_proto));
812 zfs_unshare(zfs_handle_t *zhp)
814 assert(!ZFS_IS_VOLUME(zhp));
815 return (zfs_unshareall(zhp));
819 * Check to see if the filesystem is currently shared.
821 static zfs_share_type_t
822 zfs_is_shared_proto(zfs_handle_t *zhp, char **where, zfs_share_proto_t proto)
827 if (!zfs_is_mounted(zhp, &mountpoint))
828 return (SHARED_NOT_SHARED);
830 if ((rc = is_shared(mountpoint, proto))
831 != SHARED_NOT_SHARED) {
839 return (SHARED_NOT_SHARED);
844 zfs_is_shared_nfs(zfs_handle_t *zhp, char **where)
846 return (zfs_is_shared_proto(zhp, where,
847 PROTO_NFS) != SHARED_NOT_SHARED);
851 zfs_is_shared_smb(zfs_handle_t *zhp, char **where)
853 return (zfs_is_shared_proto(zhp, where,
854 PROTO_SMB) != SHARED_NOT_SHARED);
858 * zfs_parse_options(options, proto)
860 * Call the legacy parse interface to get the protocol specific
861 * options using the NULL arg to indicate that this is a "parse" only.
864 zfs_parse_options(char *options, zfs_share_proto_t proto)
866 return (sa_validate_shareopts(options, proto_table[proto].p_name));
870 zfs_commit_proto(zfs_share_proto_t *proto)
872 zfs_share_proto_t *curr_proto;
873 for (curr_proto = proto; *curr_proto != PROTO_END; curr_proto++) {
874 sa_commit_shares(proto_table[*curr_proto].p_name);
879 zfs_commit_nfs_shares(void)
881 zfs_commit_proto(nfs_only);
885 zfs_commit_smb_shares(void)
887 zfs_commit_proto(smb_only);
891 zfs_commit_all_shares(void)
893 zfs_commit_proto(share_all_proto);
897 zfs_commit_shares(const char *proto)
900 zfs_commit_proto(share_all_proto);
901 else if (strcmp(proto, "nfs") == 0)
902 zfs_commit_proto(nfs_only);
903 else if (strcmp(proto, "smb") == 0)
904 zfs_commit_proto(smb_only);
908 zfs_share_nfs(zfs_handle_t *zhp)
910 return (zfs_share_proto(zhp, nfs_only));
914 zfs_share_smb(zfs_handle_t *zhp)
916 return (zfs_share_proto(zhp, smb_only));
920 zfs_shareall(zfs_handle_t *zhp)
922 return (zfs_share_proto(zhp, share_all_proto));
926 * Unshare the given filesystem.
929 zfs_unshare_proto(zfs_handle_t *zhp, const char *mountpoint,
930 zfs_share_proto_t *proto)
932 libzfs_handle_t *hdl = zhp->zfs_hdl;
936 /* check to see if need to unmount the filesystem */
937 if (mountpoint != NULL)
938 mntpt = zfs_strdup(hdl, mountpoint);
940 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) &&
941 libzfs_mnttab_find(hdl, zfs_get_name(zhp), &entry) == 0)) {
942 zfs_share_proto_t *curr_proto;
944 if (mountpoint == NULL)
945 mntpt = zfs_strdup(zhp->zfs_hdl, entry.mnt_mountp);
947 for (curr_proto = proto; *curr_proto != PROTO_END;
950 if (is_shared(mntpt, *curr_proto)) {
951 if (unshare_one(hdl, zhp->zfs_name,
952 mntpt, *curr_proto) != 0) {
967 zfs_unshare_nfs(zfs_handle_t *zhp, const char *mountpoint)
969 return (zfs_unshare_proto(zhp, mountpoint, nfs_only));
973 zfs_unshare_smb(zfs_handle_t *zhp, const char *mountpoint)
975 return (zfs_unshare_proto(zhp, mountpoint, smb_only));
979 * Same as zfs_unmountall(), but for NFS and SMB unshares.
982 zfs_unshareall_proto(zfs_handle_t *zhp, zfs_share_proto_t *proto)
984 prop_changelist_t *clp;
987 clp = changelist_gather(zhp, ZFS_PROP_SHARENFS, 0, 0);
991 ret = changelist_unshare(clp, proto);
992 changelist_free(clp);
998 zfs_unshareall_nfs(zfs_handle_t *zhp)
1000 return (zfs_unshareall_proto(zhp, nfs_only));
1004 zfs_unshareall_smb(zfs_handle_t *zhp)
1006 return (zfs_unshareall_proto(zhp, smb_only));
1010 zfs_unshareall(zfs_handle_t *zhp)
1012 return (zfs_unshareall_proto(zhp, share_all_proto));
1016 zfs_unshareall_bypath(zfs_handle_t *zhp, const char *mountpoint)
1018 return (zfs_unshare_proto(zhp, mountpoint, share_all_proto));
1022 zfs_unshareall_bytype(zfs_handle_t *zhp, const char *mountpoint,
1026 return (zfs_unshare_proto(zhp, mountpoint, share_all_proto));
1027 if (strcmp(proto, "nfs") == 0)
1028 return (zfs_unshare_proto(zhp, mountpoint, nfs_only));
1029 else if (strcmp(proto, "smb") == 0)
1030 return (zfs_unshare_proto(zhp, mountpoint, smb_only));
1036 * Remove the mountpoint associated with the current dataset, if necessary.
1037 * We only remove the underlying directory if:
1039 * - The mountpoint is not 'none' or 'legacy'
1040 * - The mountpoint is non-empty
1041 * - The mountpoint is the default or inherited
1042 * - The 'zoned' property is set, or we're in a local zone
1044 * Any other directories we leave alone.
1047 remove_mountpoint(zfs_handle_t *zhp)
1049 char mountpoint[ZFS_MAXPROPLEN];
1050 zprop_source_t source;
1052 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint),
1056 if (source == ZPROP_SRC_DEFAULT ||
1057 source == ZPROP_SRC_INHERITED) {
1059 * Try to remove the directory, silently ignoring any errors.
1060 * The filesystem may have since been removed or moved around,
1061 * and this error isn't really useful to the administrator in
1064 (void) rmdir(mountpoint);
1069 * Add the given zfs handle to the cb_handles array, dynamically reallocating
1070 * the array if it is out of space.
1073 libzfs_add_handle(get_all_cb_t *cbp, zfs_handle_t *zhp)
1075 if (cbp->cb_alloc == cbp->cb_used) {
1077 zfs_handle_t **newhandles;
1079 newsz = cbp->cb_alloc != 0 ? cbp->cb_alloc * 2 : 64;
1080 newhandles = zfs_realloc(zhp->zfs_hdl,
1081 cbp->cb_handles, cbp->cb_alloc * sizeof (zfs_handle_t *),
1082 newsz * sizeof (zfs_handle_t *));
1083 cbp->cb_handles = newhandles;
1084 cbp->cb_alloc = newsz;
1086 cbp->cb_handles[cbp->cb_used++] = zhp;
1090 * Recursive helper function used during file system enumeration
1093 zfs_iter_cb(zfs_handle_t *zhp, void *data)
1095 get_all_cb_t *cbp = data;
1097 if (!(zfs_get_type(zhp) & ZFS_TYPE_FILESYSTEM)) {
1102 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_NOAUTO) {
1107 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
1108 ZFS_KEYSTATUS_UNAVAILABLE) {
1114 * If this filesystem is inconsistent and has a receive resume
1115 * token, we can not mount it.
1117 if (zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT) &&
1118 zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
1119 NULL, 0, NULL, NULL, 0, B_TRUE) == 0) {
1124 libzfs_add_handle(cbp, zhp);
1125 if (zfs_iter_filesystems(zhp, zfs_iter_cb, cbp) != 0) {
1133 * Sort comparator that compares two mountpoint paths. We sort these paths so
1134 * that subdirectories immediately follow their parents. This means that we
1135 * effectively treat the '/' character as the lowest value non-nul char.
1136 * Since filesystems from non-global zones can have the same mountpoint
1137 * as other filesystems, the comparator sorts global zone filesystems to
1138 * the top of the list. This means that the global zone will traverse the
1139 * filesystem list in the correct order and can stop when it sees the
1140 * first zoned filesystem. In a non-global zone, only the delegated
1141 * filesystems are seen.
1143 * An example sorted list using this comparator would look like:
1153 * The mounting code depends on this ordering to deterministically iterate
1154 * over filesystems in order to spawn parallel mount tasks.
1157 mountpoint_cmp(const void *arga, const void *argb)
1159 zfs_handle_t *const *zap = arga;
1160 zfs_handle_t *za = *zap;
1161 zfs_handle_t *const *zbp = argb;
1162 zfs_handle_t *zb = *zbp;
1163 char mounta[MAXPATHLEN];
1164 char mountb[MAXPATHLEN];
1165 const char *a = mounta;
1166 const char *b = mountb;
1167 boolean_t gota, gotb;
1168 uint64_t zoneda, zonedb;
1170 zoneda = zfs_prop_get_int(za, ZFS_PROP_ZONED);
1171 zonedb = zfs_prop_get_int(zb, ZFS_PROP_ZONED);
1172 if (zoneda && !zonedb)
1174 if (!zoneda && zonedb)
1177 gota = (zfs_get_type(za) == ZFS_TYPE_FILESYSTEM);
1179 verify(zfs_prop_get(za, ZFS_PROP_MOUNTPOINT, mounta,
1180 sizeof (mounta), NULL, NULL, 0, B_FALSE) == 0);
1182 gotb = (zfs_get_type(zb) == ZFS_TYPE_FILESYSTEM);
1184 verify(zfs_prop_get(zb, ZFS_PROP_MOUNTPOINT, mountb,
1185 sizeof (mountb), NULL, NULL, 0, B_FALSE) == 0);
1189 while (*a != '\0' && (*a == *b)) {
1203 return (*a < *b ? -1 : *a > *b);
1212 * If neither filesystem has a mountpoint, revert to sorting by
1215 return (strcmp(zfs_get_name(za), zfs_get_name(zb)));
1219 * Return true if path2 is a child of path1 or path2 equals path1 or
1220 * path1 is "/" (path2 is always a child of "/").
1223 libzfs_path_contains(const char *path1, const char *path2)
1225 return (strcmp(path1, path2) == 0 || strcmp(path1, "/") == 0 ||
1226 (strstr(path2, path1) == path2 && path2[strlen(path1)] == '/'));
1230 * Given a mountpoint specified by idx in the handles array, find the first
1231 * non-descendent of that mountpoint and return its index. Descendant paths
1232 * start with the parent's path. This function relies on the ordering
1233 * enforced by mountpoint_cmp().
1236 non_descendant_idx(zfs_handle_t **handles, size_t num_handles, int idx)
1238 char parent[ZFS_MAXPROPLEN];
1239 char child[ZFS_MAXPROPLEN];
1242 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, parent,
1243 sizeof (parent), NULL, NULL, 0, B_FALSE) == 0);
1245 for (i = idx + 1; i < num_handles; i++) {
1246 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT, child,
1247 sizeof (child), NULL, NULL, 0, B_FALSE) == 0);
1248 if (!libzfs_path_contains(parent, child))
1254 typedef struct mnt_param {
1255 libzfs_handle_t *mnt_hdl;
1257 zfs_handle_t **mnt_zhps; /* filesystems to mount */
1258 size_t mnt_num_handles;
1259 int mnt_idx; /* Index of selected entry to mount */
1260 zfs_iter_f mnt_func;
1265 * Allocate and populate the parameter struct for mount function, and
1266 * schedule mounting of the entry selected by idx.
1269 zfs_dispatch_mount(libzfs_handle_t *hdl, zfs_handle_t **handles,
1270 size_t num_handles, int idx, zfs_iter_f func, void *data, tpool_t *tp)
1272 mnt_param_t *mnt_param = zfs_alloc(hdl, sizeof (mnt_param_t));
1274 mnt_param->mnt_hdl = hdl;
1275 mnt_param->mnt_tp = tp;
1276 mnt_param->mnt_zhps = handles;
1277 mnt_param->mnt_num_handles = num_handles;
1278 mnt_param->mnt_idx = idx;
1279 mnt_param->mnt_func = func;
1280 mnt_param->mnt_data = data;
1282 (void) tpool_dispatch(tp, zfs_mount_task, (void*)mnt_param);
1286 * This is the structure used to keep state of mounting or sharing operations
1287 * during a call to zpool_enable_datasets().
1289 typedef struct mount_state {
1291 * ms_mntstatus is set to -1 if any mount fails. While multiple threads
1292 * could update this variable concurrently, no synchronization is
1293 * needed as it's only ever set to -1.
1297 const char *ms_mntopts;
1301 zfs_mount_one(zfs_handle_t *zhp, void *arg)
1303 mount_state_t *ms = arg;
1307 * don't attempt to mount encrypted datasets with
1310 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
1311 ZFS_KEYSTATUS_UNAVAILABLE)
1314 if (zfs_mount(zhp, ms->ms_mntopts, ms->ms_mntflags) != 0)
1315 ret = ms->ms_mntstatus = -1;
1320 zfs_share_one(zfs_handle_t *zhp, void *arg)
1322 mount_state_t *ms = arg;
1325 if (zfs_share(zhp) != 0)
1326 ret = ms->ms_mntstatus = -1;
1331 * Thread pool function to mount one file system. On completion, it finds and
1332 * schedules its children to be mounted. This depends on the sorting done in
1333 * zfs_foreach_mountpoint(). Note that the degenerate case (chain of entries
1334 * each descending from the previous) will have no parallelism since we always
1335 * have to wait for the parent to finish mounting before we can schedule
1339 zfs_mount_task(void *arg)
1341 mnt_param_t *mp = arg;
1342 int idx = mp->mnt_idx;
1343 zfs_handle_t **handles = mp->mnt_zhps;
1344 size_t num_handles = mp->mnt_num_handles;
1345 char mountpoint[ZFS_MAXPROPLEN];
1347 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, mountpoint,
1348 sizeof (mountpoint), NULL, NULL, 0, B_FALSE) == 0);
1350 if (mp->mnt_func(handles[idx], mp->mnt_data) != 0)
1354 * We dispatch tasks to mount filesystems with mountpoints underneath
1355 * this one. We do this by dispatching the next filesystem with a
1356 * descendant mountpoint of the one we just mounted, then skip all of
1357 * its descendants, dispatch the next descendant mountpoint, and so on.
1358 * The non_descendant_idx() function skips over filesystems that are
1359 * descendants of the filesystem we just dispatched.
1361 for (int i = idx + 1; i < num_handles;
1362 i = non_descendant_idx(handles, num_handles, i)) {
1363 char child[ZFS_MAXPROPLEN];
1364 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT,
1365 child, sizeof (child), NULL, NULL, 0, B_FALSE) == 0);
1367 if (!libzfs_path_contains(mountpoint, child))
1368 break; /* not a descendant, return */
1369 zfs_dispatch_mount(mp->mnt_hdl, handles, num_handles, i,
1370 mp->mnt_func, mp->mnt_data, mp->mnt_tp);
1376 * Issue the func callback for each ZFS handle contained in the handles
1377 * array. This function is used to mount all datasets, and so this function
1378 * guarantees that filesystems for parent mountpoints are called before their
1379 * children. As such, before issuing any callbacks, we first sort the array
1380 * of handles by mountpoint.
1382 * Callbacks are issued in one of two ways:
1384 * 1. Sequentially: If the parallel argument is B_FALSE or the ZFS_SERIAL_MOUNT
1385 * environment variable is set, then we issue callbacks sequentially.
1387 * 2. In parallel: If the parallel argument is B_TRUE and the ZFS_SERIAL_MOUNT
1388 * environment variable is not set, then we use a tpool to dispatch threads
1389 * to mount filesystems in parallel. This function dispatches tasks to mount
1390 * the filesystems at the top-level mountpoints, and these tasks in turn
1391 * are responsible for recursively mounting filesystems in their children
1395 zfs_foreach_mountpoint(libzfs_handle_t *hdl, zfs_handle_t **handles,
1396 size_t num_handles, zfs_iter_f func, void *data, boolean_t parallel)
1398 zoneid_t zoneid = getzoneid();
1401 * The ZFS_SERIAL_MOUNT environment variable is an undocumented
1402 * variable that can be used as a convenience to do a/b comparison
1403 * of serial vs. parallel mounting.
1405 boolean_t serial_mount = !parallel ||
1406 (getenv("ZFS_SERIAL_MOUNT") != NULL);
1409 * Sort the datasets by mountpoint. See mountpoint_cmp for details
1410 * of how these are sorted.
1412 qsort(handles, num_handles, sizeof (zfs_handle_t *), mountpoint_cmp);
1415 for (int i = 0; i < num_handles; i++) {
1416 func(handles[i], data);
1422 * Issue the callback function for each dataset using a parallel
1423 * algorithm that uses a thread pool to manage threads.
1425 tpool_t *tp = tpool_create(1, mount_tp_nthr, 0, NULL);
1428 * There may be multiple "top level" mountpoints outside of the pool's
1429 * root mountpoint, e.g.: /foo /bar. Dispatch a mount task for each of
1432 for (int i = 0; i < num_handles;
1433 i = non_descendant_idx(handles, num_handles, i)) {
1435 * Since the mountpoints have been sorted so that the zoned
1436 * filesystems are at the end, a zoned filesystem seen from
1437 * the global zone means that we're done.
1439 if (zoneid == GLOBAL_ZONEID &&
1440 zfs_prop_get_int(handles[i], ZFS_PROP_ZONED))
1442 zfs_dispatch_mount(hdl, handles, num_handles, i, func, data,
1446 tpool_wait(tp); /* wait for all scheduled mounts to complete */
1451 * Mount and share all datasets within the given pool. This assumes that no
1452 * datasets within the pool are currently mounted.
1455 zpool_enable_datasets(zpool_handle_t *zhp, const char *mntopts, int flags)
1457 get_all_cb_t cb = { 0 };
1458 mount_state_t ms = { 0 };
1462 if ((zfsp = zfs_open(zhp->zpool_hdl, zhp->zpool_name,
1463 ZFS_TYPE_DATASET)) == NULL)
1467 * Gather all non-snapshot datasets within the pool. Start by adding
1468 * the root filesystem for this pool to the list, and then iterate
1469 * over all child filesystems.
1471 libzfs_add_handle(&cb, zfsp);
1472 if (zfs_iter_filesystems(zfsp, zfs_iter_cb, &cb) != 0)
1476 * Mount all filesystems
1478 ms.ms_mntopts = mntopts;
1479 ms.ms_mntflags = flags;
1480 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used,
1481 zfs_mount_one, &ms, B_TRUE);
1482 if (ms.ms_mntstatus != 0)
1483 ret = ms.ms_mntstatus;
1486 * Share all filesystems that need to be shared. This needs to be
1487 * a separate pass because libshare is not mt-safe, and so we need
1488 * to share serially.
1490 ms.ms_mntstatus = 0;
1491 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used,
1492 zfs_share_one, &ms, B_FALSE);
1493 if (ms.ms_mntstatus != 0)
1494 ret = ms.ms_mntstatus;
1496 zfs_commit_all_shares();
1499 for (int i = 0; i < cb.cb_used; i++)
1500 zfs_close(cb.cb_handles[i]);
1501 free(cb.cb_handles);
1507 mountpoint_compare(const void *a, const void *b)
1509 const char *mounta = *((char **)a);
1510 const char *mountb = *((char **)b);
1512 return (strcmp(mountb, mounta));
1516 * Unshare and unmount all datasets within the given pool. We don't want to
1517 * rely on traversing the DSL to discover the filesystems within the pool,
1518 * because this may be expensive (if not all of them are mounted), and can fail
1519 * arbitrarily (on I/O error, for example). Instead, we walk /proc/self/mounts
1520 * and gather all the filesystems that are currently mounted.
1523 zpool_disable_datasets(zpool_handle_t *zhp, boolean_t force)
1527 struct mnttab entry;
1529 char **mountpoints = NULL;
1530 zfs_handle_t **datasets = NULL;
1531 libzfs_handle_t *hdl = zhp->zpool_hdl;
1534 int flags = (force ? MS_FORCE : 0);
1536 namelen = strlen(zhp->zpool_name);
1538 if ((mnttab = fopen(MNTTAB, "re")) == NULL)
1542 while (getmntent(mnttab, &entry) == 0) {
1544 * Ignore non-ZFS entries.
1546 if (entry.mnt_fstype == NULL ||
1547 strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0)
1551 * Ignore filesystems not within this pool.
1553 if (entry.mnt_mountp == NULL ||
1554 strncmp(entry.mnt_special, zhp->zpool_name, namelen) != 0 ||
1555 (entry.mnt_special[namelen] != '/' &&
1556 entry.mnt_special[namelen] != '\0'))
1560 * At this point we've found a filesystem within our pool. Add
1561 * it to our growing list.
1563 if (used == alloc) {
1565 if ((mountpoints = zfs_alloc(hdl,
1566 8 * sizeof (void *))) == NULL)
1569 if ((datasets = zfs_alloc(hdl,
1570 8 * sizeof (void *))) == NULL)
1577 if ((ptr = zfs_realloc(hdl, mountpoints,
1578 alloc * sizeof (void *),
1579 alloc * 2 * sizeof (void *))) == NULL)
1583 if ((ptr = zfs_realloc(hdl, datasets,
1584 alloc * sizeof (void *),
1585 alloc * 2 * sizeof (void *))) == NULL)
1593 if ((mountpoints[used] = zfs_strdup(hdl,
1594 entry.mnt_mountp)) == NULL)
1598 * This is allowed to fail, in case there is some I/O error. It
1599 * is only used to determine if we need to remove the underlying
1600 * mountpoint, so failure is not fatal.
1602 datasets[used] = make_dataset_handle(hdl, entry.mnt_special);
1608 * At this point, we have the entire list of filesystems, so sort it by
1611 qsort(mountpoints, used, sizeof (char *), mountpoint_compare);
1614 * Walk through and first unshare everything.
1616 for (i = 0; i < used; i++) {
1617 zfs_share_proto_t *curr_proto;
1618 for (curr_proto = share_all_proto; *curr_proto != PROTO_END;
1620 if (is_shared(mountpoints[i], *curr_proto) &&
1621 unshare_one(hdl, mountpoints[i],
1622 mountpoints[i], *curr_proto) != 0)
1626 zfs_commit_all_shares();
1629 * Now unmount everything, removing the underlying directories as
1632 for (i = 0; i < used; i++) {
1633 if (unmount_one(hdl, mountpoints[i], flags) != 0)
1637 for (i = 0; i < used; i++) {
1639 remove_mountpoint(datasets[i]);
1644 (void) fclose(mnttab);
1645 for (i = 0; i < used; i++) {
1647 zfs_close(datasets[i]);
1648 free(mountpoints[i]);