zfs-zone,
zfs-unzone —
attach and detach ZFS filesystems to user
namespaces
zfs
zone |
nsfile
filesystem |
zfs
unzone |
nsfile
filesystem |
zfs
zone
nsfile
filesystem- Attach the specified filesystem to the
user namespace identified by nsfile. From
now on this file system tree can be managed from within a user namespace
if the zoned property has been set.
You cannot attach a zoned dataset's children to another user namespace. You
can also not attach the root file system of the user namespace or any
dataset which needs to be mounted before the zfs service is run inside the
user namespace, as it would be attached unmounted until it is mounted from
the service inside the user namespace.
To allow management of the dataset from within a user namespace, the
zoned property has to be set and the user
namespaces needs access to the /dev/zfs
device. The quota property cannot be changed
from within a user namespace.
After a dataset is attached to a user namespace and the
zoned property is set, a zoned file system
cannot be mounted outside the user namespace, since the user namespace
administrator might have set the mount point to an unacceptable
value.
zfs
unzone
nsfile
filesystem- Detach the specified filesystem from the
user namespace identified by nsfile.
Example 1: Delegating a Dataset to a
User Namespace
The following example delegates the
tank/users
dataset to a user namespace identified by user namespace file
/proc/1234/ns/user.
#
zfs zone
/proc/1234/ns/user
tank/users
zfsprops(7)