Re: [Nix-dev] setfacl: /var/log/journal: Operation not supported
Hey Ricardo! On Wed, Jun 04, 2014 at 06:24:55PM +0200, Ricardo M. Correia wrote: > If the problem is indeed the setfacl failure (as it appears to be), I think > you need to enable ACLs in ZFS by doing: > > "zfs set acltype=posixacl ", where is the ZFS dataset/filesystem > which contains your systemd journal. Okay, thank you! I will look into that and test whether it resolves the problem. > I'm not sure if the default ZFS version (0.6.2) contains the acltype > property already... if not, you may have to use a recent git version. You > can do that simply by adding "boot.zfs.useGit = true;" to your > configuration.nix. Done already. > For performance reasons it's also advisable to do "zfs set xattr=sa ". > This allows ZFS to use a more performant on-disk representation of ACLs. > However, be careful because I think (but I could be wrong) that there have > been reports of filesystem corruption using this option. > > See for example this issue: https://github.com/zfsonlinux/zfs/issues/2214 > If I'm not mistaken our git version of ZFS, even in the unstable NixOS > channel, does not include the fix for that yet. > > I may be wrong but I think that if you're not going to be using ACLs apart > from the systemd journal, it's OK to not set "xattr=sa", as the systemd > journal's ACL will probably always be cached in memory due to constant > access, so it shouldn't be cause a large performance impact. I will investigate that issue and ensure a recent backup before doing anything ;) Thanks! > On Wed, Jun 4, 2014 at 2:11 PM, _1126 wrote: > > > Hello all! > > > > I recently re-installed my NixOS configuration on a ZFS root. Since > > then I am unable to access systemd's journal. My user is part of the > > systemd-journal group, but the journal file aint. > > > > -rw-r- 1 root root 117440512 Jun 4 14:07 system.journal > > > > This is might be due to the the error reported in the subject: > > > > setfacl: /var/log/journal: Operation not supported > > > > The nixos/modules/system/boot/systemd.nix module tries the following > > (line 743): > > > > ${pkgs.acl}/bin/setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx > > /var/log/journal > > > > This apparently fails. Has anyone an idea what that is the case? Or am > > I wrong in suspecting that and the reason for the wrong permissions is > > to be found somewhere else? > > > > Greetings > > _1126 (Christian Lask) > > > > > > > > > > > > ___ > > nix-dev mailing list > > nix-dev@lists.science.uu.nl > > http://lists.science.uu.nl/mailman/listinfo/nix-dev > > ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] setfacl: /var/log/journal: Operation not supported
Hi Christian, If the problem is indeed the setfacl failure (as it appears to be), I think you need to enable ACLs in ZFS by doing: "zfs set acltype=posixacl ", where is the ZFS dataset/filesystem which contains your systemd journal. I'm not sure if the default ZFS version (0.6.2) contains the acltype property already... if not, you may have to use a recent git version. You can do that simply by adding "boot.zfs.useGit = true;" to your configuration.nix. For performance reasons it's also advisable to do "zfs set xattr=sa ". This allows ZFS to use a more performant on-disk representation of ACLs. However, be careful because I think (but I could be wrong) that there have been reports of filesystem corruption using this option. See for example this issue: https://github.com/zfsonlinux/zfs/issues/2214 If I'm not mistaken our git version of ZFS, even in the unstable NixOS channel, does not include the fix for that yet. I may be wrong but I think that if you're not going to be using ACLs apart from the systemd journal, it's OK to not set "xattr=sa", as the systemd journal's ACL will probably always be cached in memory due to constant access, so it shouldn't be cause a large performance impact. On Wed, Jun 4, 2014 at 2:11 PM, _1126 wrote: > Hello all! > > I recently re-installed my NixOS configuration on a ZFS root. Since > then I am unable to access systemd's journal. My user is part of the > systemd-journal group, but the journal file aint. > > -rw-r- 1 root root 117440512 Jun 4 14:07 system.journal > > This is might be due to the the error reported in the subject: > > setfacl: /var/log/journal: Operation not supported > > The nixos/modules/system/boot/systemd.nix module tries the following > (line 743): > > ${pkgs.acl}/bin/setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx > /var/log/journal > > This apparently fails. Has anyone an idea what that is the case? Or am > I wrong in suspecting that and the reason for the wrong permissions is > to be found somewhere else? > > Greetings > _1126 (Christian Lask) > > > > > > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] setfacl: /var/log/journal: Operation not supported
Hello all! I recently re-installed my NixOS configuration on a ZFS root. Since then I am unable to access systemd's journal. My user is part of the systemd-journal group, but the journal file aint. -rw-r- 1 root root 117440512 Jun 4 14:07 system.journal This is might be due to the the error reported in the subject: setfacl: /var/log/journal: Operation not supported The nixos/modules/system/boot/systemd.nix module tries the following (line 743): ${pkgs.acl}/bin/setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal This apparently fails. Has anyone an idea what that is the case? Or am I wrong in suspecting that and the reason for the wrong permissions is to be found somewhere else? Greetings _1126 (Christian Lask) ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev