Re: [Nix-dev] setfacl: /var/log/journal: Operation not supported

2014-06-06 Thread _1126
Hey Ricardo!

On Wed, Jun 04, 2014 at 06:24:55PM +0200, Ricardo M. Correia wrote:
> If the problem is indeed the setfacl failure (as it appears to be), I think
> you need to enable ACLs in ZFS by doing:
> 
> "zfs set acltype=posixacl ", where  is the ZFS dataset/filesystem
> which contains your systemd journal.

Okay, thank you! I will look into that and test whether it resolves
the problem. 
 
> I'm not sure if the default ZFS version (0.6.2) contains the acltype
> property already... if not, you may have to use a recent git version. You
> can do that simply by adding "boot.zfs.useGit = true;" to your
> configuration.nix.

Done already.
 
> For performance reasons it's also advisable to do "zfs set xattr=sa ".
> This allows ZFS to use a more performant on-disk representation of ACLs.
> However, be careful because I think (but I could be wrong) that there have
> been reports of filesystem corruption using this option.
> 
> See for example this issue: https://github.com/zfsonlinux/zfs/issues/2214
> If I'm not mistaken our git version of ZFS, even in the unstable NixOS
> channel, does not include the fix for that yet.
> 
> I may be wrong but I think that if you're not going to be using ACLs apart
> from the systemd journal, it's OK to not set "xattr=sa", as the systemd
> journal's ACL will probably always be cached in memory due to constant
> access, so it shouldn't be cause a large performance impact.

I will investigate that issue and ensure a recent backup before doing
anything ;)

Thanks!
 
 
> On Wed, Jun 4, 2014 at 2:11 PM, _1126  wrote:
> 
> > Hello all!
> >
> > I recently re-installed my NixOS configuration on a ZFS root. Since
> > then I am unable to access systemd's journal. My user is part of the
> > systemd-journal group, but the journal file aint.
> >
> > -rw-r- 1 root root 117440512 Jun  4 14:07 system.journal
> >
> > This is might be due to the the error reported in the subject:
> >
> > setfacl: /var/log/journal: Operation not supported
> >
> > The nixos/modules/system/boot/systemd.nix module tries the following
> > (line 743):
> >
> > ${pkgs.acl}/bin/setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx
> > /var/log/journal
> >
> > This apparently fails. Has anyone an idea what that is the case? Or am
> > I wrong in suspecting that and the reason for the wrong permissions is
> > to be found somewhere else?
> >
> > Greetings
> > _1126 (Christian Lask)
> >
> >
> >
> >
> >
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] setfacl: /var/log/journal: Operation not supported

2014-06-04 Thread Ricardo M. Correia
Hi Christian,

If the problem is indeed the setfacl failure (as it appears to be), I think
you need to enable ACLs in ZFS by doing:

"zfs set acltype=posixacl ", where  is the ZFS dataset/filesystem
which contains your systemd journal.

I'm not sure if the default ZFS version (0.6.2) contains the acltype
property already... if not, you may have to use a recent git version. You
can do that simply by adding "boot.zfs.useGit = true;" to your
configuration.nix.

For performance reasons it's also advisable to do "zfs set xattr=sa ".
This allows ZFS to use a more performant on-disk representation of ACLs.
However, be careful because I think (but I could be wrong) that there have
been reports of filesystem corruption using this option.

See for example this issue: https://github.com/zfsonlinux/zfs/issues/2214
If I'm not mistaken our git version of ZFS, even in the unstable NixOS
channel, does not include the fix for that yet.

I may be wrong but I think that if you're not going to be using ACLs apart
from the systemd journal, it's OK to not set "xattr=sa", as the systemd
journal's ACL will probably always be cached in memory due to constant
access, so it shouldn't be cause a large performance impact.


On Wed, Jun 4, 2014 at 2:11 PM, _1126  wrote:

> Hello all!
>
> I recently re-installed my NixOS configuration on a ZFS root. Since
> then I am unable to access systemd's journal. My user is part of the
> systemd-journal group, but the journal file aint.
>
> -rw-r- 1 root root 117440512 Jun  4 14:07 system.journal
>
> This is might be due to the the error reported in the subject:
>
> setfacl: /var/log/journal: Operation not supported
>
> The nixos/modules/system/boot/systemd.nix module tries the following
> (line 743):
>
> ${pkgs.acl}/bin/setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx
> /var/log/journal
>
> This apparently fails. Has anyone an idea what that is the case? Or am
> I wrong in suspecting that and the reason for the wrong permissions is
> to be found somewhere else?
>
> Greetings
> _1126 (Christian Lask)
>
>
>
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] setfacl: /var/log/journal: Operation not supported

2014-06-04 Thread _1126
Hello all!

I recently re-installed my NixOS configuration on a ZFS root. Since
then I am unable to access systemd's journal. My user is part of the
systemd-journal group, but the journal file aint.

-rw-r- 1 root root 117440512 Jun  4 14:07 system.journal

This is might be due to the the error reported in the subject:

setfacl: /var/log/journal: Operation not supported

The nixos/modules/system/boot/systemd.nix module tries the following
(line 743):

${pkgs.acl}/bin/setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx 
/var/log/journal

This apparently fails. Has anyone an idea what that is the case? Or am
I wrong in suspecting that and the reason for the wrong permissions is
to be found somewhere else?

Greetings
_1126 (Christian Lask)


 


___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev