zfs icon indicating copy to clipboard operation
zfs copied to clipboard

Published 20 hours ago verified publisher icon openzfsonosx

Question: admin password required in Finder

Open anohren opened this issue 5 years ago • 5 comments

I'm giving this a try for the first time, and created a new pool on a USB drive. Whenever I try to write to it using Finder it asks me for my admin password, which isn't very appealing to me.

The only thing I found on that subject was:

Then, ZFS write/read permissions need to be changed to enable write access for your user:

sudo zfs allow aj create,destroy,mount data

That did not have any visible effect, and as far as I understand I already have write permission anyway -- I just have to authenticate every single time.

I was unable to find a "getting started" section on the website/wiki/github, so I don't know if I've missed some important step or concept.

How do I avoid having to authenticate every time I want to write?

Edit: It works if I change owner of the mount point, but I'd like to be the owner automatically if possible

anohren avatar May 07 '19 14:05 anohren

I recommend running chown -r $user /path/to/dataset/mountpoint to get rid of it ;-)

JMoVS avatar May 07 '19 18:05 JMoVS

ah saw your edit. I'm sorry, don't know any other way, maybe @lundman has an idea?

JMoVS avatar May 07 '19 18:05 JMoVS

It is a standard Unix thing, you can just chmod 777 the mountpoint after you create it, it is a one-time thing. Or use chown as you guys discussed. It is that you do not need to do this with hfs, as apple has added a concept of mount owner, which we currently do not use. Mount owners do not fit with ZFS in general, but we probably should look at that.

For now, easiest is chmod 777, or disable owners with the owners property.

lundman avatar May 07 '19 21:05 lundman

Thanks, I appreciate the suggestions and explanation of why it works a little differently.

The reason I'd like as frictionless a mount as possible is because I'm investigating if Zfs would be suitable as a remote Time Machine backup target, which will only occasionally be connected over USB in case a restore is needed. It's possible Zfs isn't the best choice for this, but you've got to start with some sort of use case...

Anyway, I managed to create a non-portable pool in Linux the first thing I did so I thought it best to ask here in case I was setting myself up for any more gotchas.

anohren avatar May 09 '19 12:05 anohren

Yep - easiest is the chmod, one time thing.

To fix it properly, we need to basically support OSX "owner" feature on mounts, which should be straight forward, but that would require running zfs mount as a user, not as root. Which means we would need to do the privilege framework, as in, "zfs allow". Care needs to be taken there, so we don't open up large root access security problems, so we've put that task off. But it is all on the TODO. Or perhaps, use "diskutil mount" on mount requests, unsure how that is done when passing private data to the kernel.

lundman avatar May 09 '19 23:05 lundman