[OpenIndiana-discuss] zfs snapshot script

[Jamon Camisso]

On 5/1/2011 9:46 AM, Matt Connolly wrote:
> Hi all,
> 
> I'm putting together a script to create zfs snapshots after a backup has been completed (via Apple TimeMachine or rsync for example). When I'm logged into the machine, I can only access the "zfs snapshot" command as root via "sudo" or "pfexec". Neither of these are available directly from a ssh command. For example:
> 
> client$ ssh user at server
> server$ sudo zfs snapshot blah at blah -> works
> ..or..
> server$ pfexec zfs snapshot blah at blah -> works
> 
> ..but..
> 
> client$ ssh user at host zfs snapshot blah -> fails = permission denied
> client$ ssh user at host pfexec zfs snapshot blah -> fails = permission denied
> client$ ssh user at host sudo zfs snapshot blah -> fails = sudo: no tty present and no askpass program specified
> 
> What would be the best practice for creating a zfs snapshot based on an external trigger (eg: message from client after a successful backup).

Allow the backup user to have the zfssnap role with RBAC. With that set
you can run something like this:

DATE=$(date +%Y-%m-%d-%H:%M)
ssh user at 10.0.0.x "pfexec /usr/sbin/zfs snapshot BACKUPS/foohost@$DATE"

Proof that it works (though I didn't run an actual backup, so there's no
new data):

~ # ssh user at 10.0.0.x "/usr/sbin/zfs list -H -r -t snapshot
BACKUPS/foohost" |tail -n 1
BACKUPS/foohost at 2011-05-01-11:38 0       -     13.3G -

Jamon