384 is set to \fBlegacy\fR, \fBZFS\fR makes no attempt to manage the file system,
385 and the administrator is responsible for mounting and unmounting the file
386 system.
387 .SS "Zones"
388 .sp
389 .LP
390 A \fBZFS\fR file system can be added to a non-global zone by using the
391 \fBzonecfg\fR \fBadd fs\fR subcommand. A \fBZFS\fR file system that is added to
392 a non-global zone must have its \fBmountpoint\fR property set to \fBlegacy\fR.
393 .sp
394 .LP
395 The physical properties of an added file system are controlled by the global
396 administrator. However, the zone administrator can create, modify, or destroy
397 files within the added file system, depending on how the file system is
398 mounted.
399 .sp
400 .LP
401 A dataset can also be delegated to a non-global zone by using the \fBzonecfg\fR
402 \fBadd dataset\fR subcommand. You cannot delegate a dataset to one zone and the
403 children of the same dataset to another zone. The zone administrator can change
404 properties of the dataset or any of its children. However, the \fBquota\fR
405 property is controlled by the global administrator.
406 .sp
407 .LP
408 A \fBZFS\fR volume can be added as a device to a non-global zone by using the
409 \fBzonecfg\fR \fBadd device\fR subcommand. However, its physical properties can
410 be modified only by the global administrator.
411 .sp
412 .LP
413 For more information about \fBzonecfg\fR syntax, see \fBzonecfg\fR(1M).
414 .sp
415 .LP
416 After a dataset is delegated to a non-global zone, the \fBzoned\fR property is
417 automatically set. A zoned file system cannot be mounted in the global zone,
418 since the zone administrator might have to set the mount point to an
419 unacceptable value.
420 .sp
421 .LP
422 The global administrator can forcibly clear the \fBzoned\fR property, though
423 this should be done with extreme care. The global administrator should verify
424 that all the mount points are acceptable before clearing the property.
425 .SS "Native Properties"
929 .ne 2
930 .na
931 \fB\fBcopies\fR=\fB1\fR | \fB2\fR | \fB3\fR\fR
932 .ad
933 .sp .6
934 .RS 4n
935 Controls the number of copies of data stored for this dataset. These copies are
936 in addition to any redundancy provided by the pool, for example, mirroring or
937 RAID-Z. The copies are stored on different disks, if possible. The space used
938 by multiple copies is charged to the associated file and dataset, changing the
939 \fBused\fR property and counting against quotas and reservations.
940 .sp
941 Changing this property only affects newly-written data. Therefore, set this
942 property at file system creation time by using the \fB-o\fR
943 \fBcopies=\fR\fIN\fR option.
944 .RE
945
946 .sp
947 .ne 2
948 .na
949 \fB\fBdevices\fR=\fBon\fR | \fBoff\fR\fR
950 .ad
951 .sp .6
952 .RS 4n
953 Controls whether device nodes can be opened on this file system. The default
954 value is \fBon\fR.
955 .RE
956
957 .sp
958 .ne 2
959 .na
960 \fB\fBexec\fR=\fBon\fR | \fBoff\fR\fR
961 .ad
962 .sp .6
963 .RS 4n
964 Controls whether processes can be executed from within this file system. The
965 default value is \fBon\fR.
966 .RE
967
968 .sp
1014 .sp
1015 .ne 2
1016 .na
1017 \fB\fBquota\fR=\fIsize\fR | \fBnone\fR\fR
1018 .ad
1019 .sp .6
1020 .RS 4n
1021 Limits the amount of space a dataset and its descendents can consume. This
1022 property enforces a hard limit on the amount of space used. This includes all
1023 space consumed by descendents, including file systems and snapshots. Setting a
1024 quota on a descendent of a dataset that already has a quota does not override
1025 the ancestor's quota, but rather imposes an additional limit.
1026 .sp
1027 Quotas cannot be set on volumes, as the \fBvolsize\fR property acts as an
1028 implicit quota.
1029 .RE
1030
1031 .sp
1032 .ne 2
1033 .na
1034 \fB\fBuserquota@\fR\fIuser\fR=\fIsize\fR | \fBnone\fR\fR
1035 .ad
1036 .sp .6
1037 .RS 4n
1038 Limits the amount of space consumed by the specified user. User space
1039 consumption is identified by the \fBuserspace@\fR\fIuser\fR property.
1040 .sp
1041 Enforcement of user quotas may be delayed by several seconds. This delay means
1042 that a user might exceed their quota before the system notices that they are
1043 over quota and begins to refuse additional writes with the \fBEDQUOT\fR error
1044 message . See the \fBzfs userspace\fR subcommand for more information.
1045 .sp
1046 Unprivileged users can only access their own groups' space usage. The root
1047 user, or a user who has been granted the \fBuserquota\fR privilege with \fBzfs
1048 allow\fR, can get and set everyone's quota.
1049 .sp
1050 This property is not available on volumes, on file systems before version 4, or
1051 on pools before version 15. The \fBuserquota@\fR... properties are not
1052 displayed by \fBzfs get all\fR. The user's name must be appended after the
1053 \fB@\fR symbol, using one of the following forms:
3108 ability in the new parent
3109 rollback subcommand Must also have the 'mount' ability
3110 send subcommand
3111 share subcommand Allows sharing file systems over NFS or SMB
3112 protocols
3113 snapshot subcommand Must also have the 'mount' ability
3114 groupquota other Allows accessing any groupquota@... property
3115 groupused other Allows reading any groupused@... property
3116 userprop other Allows changing any user property
3117 userquota other Allows accessing any userquota@... property
3118 userused other Allows reading any userused@... property
3119
3120 aclinherit property
3121 aclmode property
3122 atime property
3123 canmount property
3124 casesensitivity property
3125 checksum property
3126 compression property
3127 copies property
3128 devices property
3129 exec property
3130 mountpoint property
3131 nbmand property
3132 normalization property
3133 primarycache property
3134 quota property
3135 readonly property
3136 recordsize property
3137 refquota property
3138 refreservation property
3139 reservation property
3140 secondarycache property
3141 setuid property
3142 shareiscsi property
3143 sharenfs property
3144 sharesmb property
3145 snapdir property
3146 utf8only property
3147 version property
3148 volblocksize property
3149 volsize property
3150 vscan property
3151 xattr property
3152 zoned property
3153 .fi
3154 .in -2
3155 .sp
3156
3157 .sp
3158 .ne 2
3159 .na
3160 \fB\fBzfs allow\fR \fB-c\fR \fIperm\fR|@\fIsetname\fR[,...]
3161 \fIfilesystem\fR|\fIvolume\fR\fR
3162 .ad
3163 .sp .6
3164 .RS 4n
3165 Sets "create time" permissions. These permissions are granted (locally) to the
|
384 is set to \fBlegacy\fR, \fBZFS\fR makes no attempt to manage the file system,
385 and the administrator is responsible for mounting and unmounting the file
386 system.
387 .SS "Zones"
388 .sp
389 .LP
390 A \fBZFS\fR file system can be added to a non-global zone by using the
391 \fBzonecfg\fR \fBadd fs\fR subcommand. A \fBZFS\fR file system that is added to
392 a non-global zone must have its \fBmountpoint\fR property set to \fBlegacy\fR.
393 .sp
394 .LP
395 The physical properties of an added file system are controlled by the global
396 administrator. However, the zone administrator can create, modify, or destroy
397 files within the added file system, depending on how the file system is
398 mounted.
399 .sp
400 .LP
401 A dataset can also be delegated to a non-global zone by using the \fBzonecfg\fR
402 \fBadd dataset\fR subcommand. You cannot delegate a dataset to one zone and the
403 children of the same dataset to another zone. The zone administrator can change
404 properties of the dataset or any of its children. However, the \fBquota\fR,
405 \fBdataset_quota\fR and \fBsnapshot_quota\fR properties are controlled by the
406 global administrator.
407 .sp
408 .LP
409 A \fBZFS\fR volume can be added as a device to a non-global zone by using the
410 \fBzonecfg\fR \fBadd device\fR subcommand. However, its physical properties can
411 be modified only by the global administrator.
412 .sp
413 .LP
414 For more information about \fBzonecfg\fR syntax, see \fBzonecfg\fR(1M).
415 .sp
416 .LP
417 After a dataset is delegated to a non-global zone, the \fBzoned\fR property is
418 automatically set. A zoned file system cannot be mounted in the global zone,
419 since the zone administrator might have to set the mount point to an
420 unacceptable value.
421 .sp
422 .LP
423 The global administrator can forcibly clear the \fBzoned\fR property, though
424 this should be done with extreme care. The global administrator should verify
425 that all the mount points are acceptable before clearing the property.
426 .SS "Native Properties"
930 .ne 2
931 .na
932 \fB\fBcopies\fR=\fB1\fR | \fB2\fR | \fB3\fR\fR
933 .ad
934 .sp .6
935 .RS 4n
936 Controls the number of copies of data stored for this dataset. These copies are
937 in addition to any redundancy provided by the pool, for example, mirroring or
938 RAID-Z. The copies are stored on different disks, if possible. The space used
939 by multiple copies is charged to the associated file and dataset, changing the
940 \fBused\fR property and counting against quotas and reservations.
941 .sp
942 Changing this property only affects newly-written data. Therefore, set this
943 property at file system creation time by using the \fB-o\fR
944 \fBcopies=\fR\fIN\fR option.
945 .RE
946
947 .sp
948 .ne 2
949 .na
950 \fB\fBdataset_quota\fR=\fIcount\fR | \fBnone\fR\fR
951 .ad
952 .sp .6
953 .RS 4n
954 Limits the number of datasets that can be created within a dataset and its
955 descendents. This property enforces a hard limit on the number of datasets
956 below the given dataset. Setting a dataset_quota on a descendent of a dataset
957 that already has a dataset_quota does not override the ancestor's dataset_quota,
958 but rather imposes an additional limit. This feature must be enabled to be
959 used (see \fBzpool-features\fR(5)).
960 .RE
961
962 .sp
963 .ne 2
964 .na
965 \fB\fBdevices\fR=\fBon\fR | \fBoff\fR\fR
966 .ad
967 .sp .6
968 .RS 4n
969 Controls whether device nodes can be opened on this file system. The default
970 value is \fBon\fR.
971 .RE
972
973 .sp
974 .ne 2
975 .na
976 \fB\fBexec\fR=\fBon\fR | \fBoff\fR\fR
977 .ad
978 .sp .6
979 .RS 4n
980 Controls whether processes can be executed from within this file system. The
981 default value is \fBon\fR.
982 .RE
983
984 .sp
1030 .sp
1031 .ne 2
1032 .na
1033 \fB\fBquota\fR=\fIsize\fR | \fBnone\fR\fR
1034 .ad
1035 .sp .6
1036 .RS 4n
1037 Limits the amount of space a dataset and its descendents can consume. This
1038 property enforces a hard limit on the amount of space used. This includes all
1039 space consumed by descendents, including file systems and snapshots. Setting a
1040 quota on a descendent of a dataset that already has a quota does not override
1041 the ancestor's quota, but rather imposes an additional limit.
1042 .sp
1043 Quotas cannot be set on volumes, as the \fBvolsize\fR property acts as an
1044 implicit quota.
1045 .RE
1046
1047 .sp
1048 .ne 2
1049 .na
1050 \fB\fBsnapshot_quota\fR=\fIcount\fR | \fBnone\fR\fR
1051 .ad
1052 .sp .6
1053 .RS 4n
1054 Limits the number of snapshots that can be created on a dataset and its
1055 descendents. This property enforces a hard limit on the number of snapshots
1056 below the given dataset. Setting a snapshot_quota on a descendent of a dataset
1057 that already has a snapshot_quota does not override the ancestor's
1058 snapshot_quota, but rather imposes an additional limit. The quota is not
1059 enforced for recursive snapshots taken from above the dataset with the quota,
1060 but that snapshot will be counted against the quota if the dataset is
1061 snapshotted directly. This feature must be enabled to be used (see
1062 \fBzpool-features\fR(5)).
1063 .RE
1064
1065 .sp
1066 .ne 2
1067 .na
1068 \fB\fBuserquota@\fR\fIuser\fR=\fIsize\fR | \fBnone\fR\fR
1069 .ad
1070 .sp .6
1071 .RS 4n
1072 Limits the amount of space consumed by the specified user. User space
1073 consumption is identified by the \fBuserspace@\fR\fIuser\fR property.
1074 .sp
1075 Enforcement of user quotas may be delayed by several seconds. This delay means
1076 that a user might exceed their quota before the system notices that they are
1077 over quota and begins to refuse additional writes with the \fBEDQUOT\fR error
1078 message . See the \fBzfs userspace\fR subcommand for more information.
1079 .sp
1080 Unprivileged users can only access their own groups' space usage. The root
1081 user, or a user who has been granted the \fBuserquota\fR privilege with \fBzfs
1082 allow\fR, can get and set everyone's quota.
1083 .sp
1084 This property is not available on volumes, on file systems before version 4, or
1085 on pools before version 15. The \fBuserquota@\fR... properties are not
1086 displayed by \fBzfs get all\fR. The user's name must be appended after the
1087 \fB@\fR symbol, using one of the following forms:
3142 ability in the new parent
3143 rollback subcommand Must also have the 'mount' ability
3144 send subcommand
3145 share subcommand Allows sharing file systems over NFS or SMB
3146 protocols
3147 snapshot subcommand Must also have the 'mount' ability
3148 groupquota other Allows accessing any groupquota@... property
3149 groupused other Allows reading any groupused@... property
3150 userprop other Allows changing any user property
3151 userquota other Allows accessing any userquota@... property
3152 userused other Allows reading any userused@... property
3153
3154 aclinherit property
3155 aclmode property
3156 atime property
3157 canmount property
3158 casesensitivity property
3159 checksum property
3160 compression property
3161 copies property
3162 dataset_quota property
3163 devices property
3164 exec property
3165 mountpoint property
3166 nbmand property
3167 normalization property
3168 primarycache property
3169 quota property
3170 readonly property
3171 recordsize property
3172 refquota property
3173 refreservation property
3174 reservation property
3175 secondarycache property
3176 setuid property
3177 shareiscsi property
3178 sharenfs property
3179 sharesmb property
3180 snapdir property
3181 snapshot_quota property
3182 utf8only property
3183 version property
3184 volblocksize property
3185 volsize property
3186 vscan property
3187 xattr property
3188 zoned property
3189 .fi
3190 .in -2
3191 .sp
3192
3193 .sp
3194 .ne 2
3195 .na
3196 \fB\fBzfs allow\fR \fB-c\fR \fIperm\fR|@\fIsetname\fR[,...]
3197 \fIfilesystem\fR|\fIvolume\fR\fR
3198 .ad
3199 .sp .6
3200 .RS 4n
3201 Sets "create time" permissions. These permissions are granted (locally) to the
|