From swell.k@gmail.com  Fri Dec 17 21:36:07 2010
Return-Path: <swell.k@gmail.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 165B6106564A
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 17 Dec 2010 21:36:07 +0000 (UTC)
	(envelope-from swell.k@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 9FDE28FC13
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 17 Dec 2010 21:36:06 +0000 (UTC)
Received: by wwf26 with SMTP id 26so1037241wwf.31
        for <FreeBSD-gnats-submit@freebsd.org>; Fri, 17 Dec 2010 13:36:05 -0800 (PST)
Received: by 10.216.88.10 with SMTP id z10mr4303850wee.73.1292621765546;
        Fri, 17 Dec 2010 13:36:05 -0800 (PST)
Received: from localhost ([74.3.165.39])
        by mx.google.com with ESMTPS id p4sm466113wer.29.2010.12.17.13.36.02
        (version=SSLv3 cipher=RC4-MD5);
        Fri, 17 Dec 2010 13:36:04 -0800 (PST)
Message-Id: <868vzo84mm.fsf@gmail.com>
Date: Sat, 18 Dec 2010 00:35:13 +0300
From: Anonymous <swell.k@gmail.com>
To: FreeBSD-gnats-submit@freebsd.org
Subject: [patch][zfs] creating ZVOLs requires `refreservation' ability

>Number:         153258
>Category:       bin
>Synopsis:       [patch][zfs] creating ZVOLs requires `refreservation' ability
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-fs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 17 21:40:08 UTC 2010
>Closed-Date:    
>Last-Modified:  Fri Dec 17 21:50:11 UTC 2010
>Originator:     Anonymous
>Release:        FreeBSD 9.0-CURRENT amd64
>Organization:
>Environment:
$ uname -vm
FreeBSD 9.0-HEAD-20101216-JPSNAP #0: Thu Dec 16 07:13:24 UTC 2010
root@build-amd64-fbsd.allbsd.org:/usr/obj/usr/src/sys/GENERIC  amd64

also affects v28
>Description:
Creating zfs volumes for ordinary users requires ability to modify
`refreservation' property.

Is this reproducable on opensolaris?
>How-To-Repeat:
root# zpool create blah gptid/A-B-C-E
root# zfs allow luser create,mount blah
root# sysctl vfs.usermount=1

luser$ zfs create -V10m blah/test
cannot create 'blah/test': permission denied

luser$ truss zfs create -V10m blah/test 2>&1 | fgrep ioctl | tail -1
ioctl(3,0xcc285a18 { IORW 0x5a('Z'), 24, 3112 },0xffffd110) ERR#1 'Operation not permitted'

luser$ grep "'Z'.*24" /usr/src/sys/cddl/contrib/opensolaris/uts/common/sys/fs/zfs.h
#define ZFS_IOC_CREATE                  _IOWR('Z', 24, struct zfs_cmd)

root# zfs allow luser refreservation
luser$ zfs create -V10m blah/test
luser$ find /dev/zvol -ls
    86        1 dr-xr-xr-x    3 root             wheel                 512 Dec 17 21:24 /dev/zvol
    87        1 dr-xr-xr-x    2 root             wheel                 512 Dec 17 21:24 /dev/zvol/blah
    85        0 crw-r-----    1 root             operator           0,  85 Dec 17 21:23 /dev/zvol/blah/test
>Fix:
--- a.diff begins here ---
Index: cddl/contrib/opensolaris/cmd/zfs/zfs.8
===================================================================
--- cddl/contrib/opensolaris/cmd/zfs/zfs.8	(revision 216504)
+++ cddl/contrib/opensolaris/cmd/zfs/zfs.8	(working copy)
@@ -2269,7 +2269,7 @@
 clone        subcommand   Must also have the 'create' ability
                            and the 'mount' ability in the origin 
                            file system.
-create       subcommand   Must also have the 'mount' ability.
+create       subcommand   Must also have the 'mount' and 'refreservation' ability.
 destroy      subcommand   Must also have the 'mount' ability.     
 mount        subcommand   Allows mount, unmount, and
                            create/remove zvol device links.
Index: cddl/contrib/opensolaris/lib/pyzfs/common/allow.py
===================================================================
--- cddl/contrib/opensolaris/lib/pyzfs/common/allow.py	(revision 216504)
+++ cddl/contrib/opensolaris/lib/pyzfs/common/allow.py	(working copy)
@@ -202,7 +202,7 @@
 	return d
 
 perms_subcmd = dict(
-    create=_("Must also have the 'mount' ability"),
+    create=_("Must also have the 'mount' and 'refreservation' ability"),
     destroy=_("Must also have the 'mount' ability"),
     snapshot=_("Must also have the 'mount' ability"),
     rollback=_("Must also have the 'mount' ability"),
--- a.diff ends here ---
>Release-Note:
>Audit-Trail:

From: Anonymous <swell.k@gmail.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:  
Subject: Re: bin/153258: [patch][zfs] creating ZVOLs requires `refreservation' ability
Date: Sat, 18 Dec 2010 00:43:16 +0300

 Anonymous <swell.k@gmail.com> writes:
 
 > Creating zfs volumes for ordinary users requires ability to modify
 > `refreservation' property.
 
 It doesn't affect `sparse' volumes, those created with `-s' option.
 So, `refreservation' ability is not required for the following to work
 
   luser$ zfs create -sV10m blah/test
>Unformatted:
