Re: change of zfs mount options?

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: change of zfs mount options?
From: Takashi YAMAMOTO <yamt9999%gmail.com@localhost>
Date: Wed, 20 May 2026 20:59:24 +0900

hi,

On Mon, May 18, 2026 at 10:39 PM Greg Troxel <gdt%lexort.com@localhost> wrote:
>
> Simon Burge <simonb%NetBSD.org@localhost> writes:
>
> > Greg Troxel wrote:
> >
> >> I've had a netbsd-10 amdt64 machine for a long time, most data on zfs,
> >> xen dom0.  I recently upgraded it to 11RC4, and found that
> >> pkgsrc/devel/gettext-tools wouldn't build, because pkgsrc was mounted
> >> noexec.
> >>
> >> A "zfs set exec=yes" on the dataset resolved this.
> >>
> >> I have no memory of this happening before, so I wonder if defaults
> >> changed.
> >>
> >> Perhaps this is "fixes for property overrides", part of a big pullup of
> >> zfs fixes (yay!) and it always should have been like that.
> >
> > If I had to guess, I'd suspect
> > https://mail-index.NetBSD.org/source-changes/2026/03/17/msg161042.html
> > or possibly
> > https://mail-index.NetBSD.org/source-changes/2026/03/01/msg160827.html
> >
> > Are you able to easily test with either of these changes reversed?
>
> Thanks for the pointers.
>
> I could semi-easily test, but tl;dr is that I now think there is no bug.
>
>
>
> I have 3 machines with zfs.  All are up to date with their branches.
>
> which           version initialized     exec/setuid
> desktop         10      2023-08-15      on/on
> xen             11      2021-02-11      off/off
> n11-test        11      2024-10-30      on/on
>
>
> zpool history is a great feature.  It tells me that I set exec/setuid to
> off 3 days after creation on xen, on all datasets.
>
> I just created a test dataset on netbsd-10, and it was off/off and
> mounted without noexec/nosuid.  I then set the properties to on/on and
> the mount options changed.
>
>   tank1/test-suid on /tank1/test-suid type zfs (noexec, nosuid, local)
>
>
> Now, I think:
>
>   I had intentionally set exec/setuid off long ago, as general paranoia,
>   perhaps not wise.
>
>   I am really unclear on whether this was effective or not, because most
>   packages don't run binaries from pkgsrc.  I want to say it was not
>   effective, simply because that seems more likely than me not having a
>   problem from 2021 to last week.
>
>   The xen machine is now correctly propagating exec/setuid flags to
>   mount properties.
>
>   My netbsd-10 machine propagates flags if I set them.
>
> so overall I am now thinking
>
>   I had done this on purpose and it just never caused a problem.
>
>   I have no reason to think our zfs code in 10 or 11 is wrong about
>   exec/setuid.

it's because https://gnats.netbsd.org/60024 was fixed for netbsd-11.
although the PR is about readonly, the same applies to suid and exec.

References:
- Re: change of zfs mount options?
  - From: Simon Burge
- Re: change of zfs mount options?
  - From: Greg Troxel

Prev by Date: Re: savecore: can't find device
Next by Date: Re: savecore: can't find device
Previous by Thread: Re: change of zfs mount options?
Next by Thread: PCIe -> PCI bridge shopping advice
Indexes:

Home | Main Index | Thread Index | Old Index