Much as the question says. Suppose I want to have the equivalent of a scripted "emergency button" for my FreeNAS pool - something that I can click to run from a GUI or execute in console/SSH, which very quickly closes everything that might be reading or writing to it, unmounts the file system, and - ideally - quiesces the disks or partitions it's using. I don't care about errors arising to other software or remote connections by doing this, or aborting any long file transfers prematurely, I just want it to offline the pool in the fastest way that's consistent with retaining its consistency and possibly giving it a few seconds for any pending writes to complete and the pool to be in a consistent state for data purposes. The options suggested by ZFS commands don't look promising: zpool offline only works on individual devices so one might have a race condition if writing happens while disks are removed one at a time; zpool export requires the -f option if in use and carries a warning that -f can lose data as well. One could check all open file descriptors using the pool or its devices (thousands or hundreds of thousands of them?) and manually force-close each but that could hit race conditions as it doesn't stop new fd's being created at the same time. I also should not assume all ZFS activity is mediated by a list of remote file serving daemons to be sent exit signals, because some file activity is likely to be local (cron/CLI/detached sessions). So looking at how best to offline an entire pool safely and quickly, it looks like umount might be my best bet - it works at a file system level and can offline an entire file system speedily and as a monolithic unit, after which zpool export looks like it would then be able to actually finish and quiesce any internal activity in a safe manner without the -f option, keeping the data itself in a guaranteed consistent state. If there's raw disk activity going on (resilver or scrub) then I guess that would resume or restart when the pool was later brought back online. But even umount doesn't seem to do it completely, because there could be iSCSI zvol targets in use as well. The data within those inherently can't be kept consistent as the server doesn't know its structure, so the remote initiators will have to do data repair as best they can when they reconnect. I'm fine with that, but I'm not sure if some kind of command to force-terminate or offline the targets is needed or best practice. (Note: force-terminating _connections_ has the same issues as closing individual fd's would.) I'm aware that there is bound to be some kind of data loss or issue if the pool is abruptly kicked out of RW state when writes are happening. But as long as it doesn't lose consistency (at a ZFS pool and file system level) then that's fine - any in-use files/iSCSI targets being updated will have to take their chances on files/blocks being in a ZFS-consistent but data-invalid state due to going offline partway through data being written. That's unavoidable and not an issue for the question. So what steps do I actually need to do, to offline an in-use pool as fast as possible consistent with guaranteed pool safety and consistency - and would manually umounting an in-use ZFS file system (as part of a solution) be safe or carry any risk of data damage? **Update:** Mentioning here in case someone else finds this useful. The accepted answer states that export -f may have issues with zvols (iSCSI etc). Based on this hint, I found that the iSCSI handler used by FreeNAS can forcibly logout/terminate sessions, and has other useful subcommands which could be issued beforehand - see man ctladm. Whatever your zvols are used for there's likely to be some command to end sessions on them.)

Trying to setup permissions for the plugins sickbeard / couchpotato. I’ve read almost every thread google / the forums have but haven’t really found a solution yet. I’m assuming it’s the data here: (Jail name)/usr/pbi/xxxxxxxxxx I tried: chown -R guest:guest /usr/pbi/sickbeard-amd64/* chown -R guest:guest /usr/pbi/couchpotato-amd64/* But I couldn’t get it to work. Or would I have to chmod 777 the folders?

My requirement is to find out all such directories in Linux which are mount points for network-based storage/file systems (like NFS, SSHFS, CIFS, SMB, etc) I did some research, and there is no utility command for that. The approach I am thinking of is first to list all mounted filesystems using the findmnt -l command, and then try and figure out from the SOURCE and FSTYPE columns of the output, which are network mounted. But I'm not sure to check for what information would surely tell me that this is a network share mounted on my Linux. Please help me with what would be the best approach to find this information. My Linux machines are RHEL 5/6/7 and Ubuntu v18 and above.

I have a Dell R230 which I've setup a few years ago with FreeNAS (installed version is 11.2-U7) The boot partition was installed on a mirrored pool on two 32GB USB sticks. - /dev/da9p2 - SanDisk Ultra Fit USB 3.1 Flash Drive - /dev/da10p2 - Samsung Bar Plus USB 3.1 Flash Drive A while ago I started to get a warning when booting the server: info Boot Pool Status Is DEGRADED: One or more devices has experienced an unrecoverable error. An attempt was made to correct the error. Applications are unaffected. The Boot Pool Status looked like this: I removed the da10 device (Samsung Bar Plus) since that one showed 0 bytes written to /read from and rebootet, getting the same Boot Pool Status, but with /dev/da10p2 now reading INVAL instead of ONLINE. I clicked the three dots right of /dev/da10p2 and selected 'detach', and now I'm seeing this BootPool Status: So, the 'mirror' is gone and only /dev/da9p2 is still visible. Clicking the three dots right of /dev/da9p2 only gives me a 'replace' option and clicking the three dots right of freenas-boot gives me an 'attach' option. I got a second 32GB SanDisk Ultra Fit (so the same I hope as the one that is in /dev/da9p2, diskinfo -v reports exact same media size and sector size, but different Disk descriptors) - but when I try to attach it to freenas-boot, I'm getting the following gpart error: [EFAULT] Command '('gpart', 'create', '-s', 'gpt', '/dev/da10')' returned non-zero exit status 1. if I try to manually execute gpart create -s gpt /dev/da10 I'm getting gpart: geom 'da10': File Exists How can I get back to a mirrored boot pool using the second SanDisk Ultra Fit?

I have an older (2-3 years) NAS running FreeNAS. I figured its time to upgrade some of the hard drives. Here's the current status: NAME STATE READ WRITE CKSUM Pool1 ONLINE 0 0 0 raidz1 ONLINE 0 0 0 ada3p2 ONLINE 0 0 0 ada4p2 ONLINE 0 0 0 ada5p2 ONLINE 0 0 0 mirror ONLINE 0 0 0 ada1p2 ONLINE 0 0 0 ada2p2 ONLINE 0 0 0 The drives in RaidZ1 are all 1GB and will stay. What's the best way to add 2 or 3 more 1GB hard drives to RaidZ1 and completely remove the mirrored drives, which are 500GB only, without: * Copying the data to a temporary holding spot * Recreating the pool * Copying it back The pool is about 50% full, so I'm not even sure there's data on the mirrored drives. How to check or where to begin?

We are attempting to get a new FreeNAS storage array setup and working. The server has an add in NIC twoo bring us up to dual 10gbps connections. When we boot the box, the add in NIC is not listed when we run

running

bxnt0

immediately makes the card available and we are able to further configure the card. We have attempted to configure the NIC through the web interface once it's detected and have also attempted to add the relevant

="DHCP"

and

=10.0.0.1 netmask 255.255.255.0

entries to

/etc/rc.local

but these configurations do not seem active after a reboot. My experience here is in the Linux universe so I'm coming up blank on what to try next in the BSD world. any suggestions?

I'm trying to set up an NFS volume shared by a TrueNAS server to use with my Docker container using Docker compose:

volumes:
  data:
    name: data
    driver: local
    driver_opts:
      type: nfs
      o: addr=[some_ip],rw,nfsvers=4
      device: ":/Share/volumes/data/"

However, when creating the stack (docker-compose up -d) Docker throws an error:

ERROR: for web Cannot create container for service web: failed to copy file info for /var/lib/docker/volumes/data/_data: failed to chown /var/lib/docker/volumes/data/_data: lchown /var/lib/docker/volumes/data/_data: operation not permitted

Now, I can mount this share and access it outside of Docker - and I can run the container if I add the :nocopy flag at the end of my volume statement:

volumes:
      - data:/some/dir #:nocopy

...but then data does not seem to be stored on the NFS share at all. I've read suggestions online to use the no_root_squash flag, but it seems to be both insecure and not easily available with the TrueNAS system. I'd really appreciate some pointers in solving this. Thanks!

I get this (FreeNAS 11.2-RELEASE-U1): Python 3.6.5 (default, Dec 20 2018, 21:27:40) [GCC 4.2.1 Compatible FreeBSD Clang 6.0.0 (tags/RELEASE_600/final 326565)] on freebsd11 Type "help", "copyright", "credits" or "license" for more information. >>> import socket >>> print (socket.gethostname()) backup-server.example.com >>> Wha...?

## problem description: I used to install ubuntu20.04 in a host with amd r3 3100 and i installed kvm and start a freeNas vm and all things went ok. But once i changed the cpu, freeNas guest failed to work but other guest with ubuntu is ok to run. ## the log in the freeNas guest

db> reboot
cpu_reset: Restarting BSP
cpu_reset_proxy: Stopped CPU 1
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 11.3-RELEASE-p14 #0 r325575+c936002dbe2(HEAD): Mon Sep 28 10:48:27 EDT 2020
    root@tnbuilds05.tn.ixsystems.net:/freenas-releng/freenas/_BE/objs/freenas-releng/freenas/_BE/os/sys/FreeNAS.amd64-DEBUG amd64
FreeBSD clang version 8.0.0 (tags/RELEASE_800/final 356365) (based on LLVM 8.0.0)
WARNING: WITNESS option enabled, expect reduced performance.
VT(vga): text 80x25
CPU: AMD EPYC-Milan Processor (3400.05-MHz K8-class CPU)
  Origin="AuthenticAMD"  Id=0xa00f11  Family=0x19  Model=0x1  Stepping=1
  Features=0x783fbff
  Features2=0xfff83203
  AMD Features=0x2e500800
  AMD Features2=0xc003f7
  Structured Extended Features=0x211c07ab
  Structured Extended Features2=0x40060c
  Structured Extended Features3=0xac000010
  XSAVE Features=0xf
  IA32_ARCH_CAPS=0x69
  AMD Extended Feature Extensions ID EBX=0x300d205
  SVM: NP,NRIP,NAsids=16
Hypervisor: Origin = "KVMKVMKVM"
real memory  = 8489271296 (8096 MB)
avail memory = 8143572992 (7766 MB)
Event timer "LAPIC" quality 600
ACPI APIC Table: 
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 2 package(s)
WARNING: VIMAGE (virtualized network stack) is a highly experimental feature.
ioapic0  irqs 0-23 on motherboard
SMP: AP CPU #1 Launched!
random: entropy device external interface
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
kbd1 at kbdmux0
mlx5en: Mellanox Ethernet driver 3.5.1 (April 2019)
nexus0
vtvga0:  on motherboard
cryptosoft0:  on motherboard
aesni0:  on motherboard
padlock0: No ACE support.
acpi0:  on motherboard
acpi0: Power Button (fixed)
cpu0:  on acpi0
cpu1:  on acpi0
atrtc0:  port 0x70-0x71,0x72-0x77 irq 8 on acpi0
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0:  port 0x608-0x60b on acpi0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
isab0:  at device 1.0 on pci0
isa0:  on isab0
atapci0:  port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xc1a0-0xc1af at device 1.1 on pci0
ata0:  at channel 0 on atapci0
ata1:  at channel 1 on atapci0
pci0:  at device 1.3 (no driver attached)
vgapci0:  port 0xc100-0xc11f mem 0xf4000000-0xf7ffffff,0xf8000000-0xfbffffff,0xfc094000-0xfc095fff irq 10 at device 2.0 on pci0
vgapci0: Boot video device
virtio_pci0:  port 0xc120-0xc13f mem 0xfc096000-0xfc096fff,0xfebf0000-0xfebf3fff irq 11 at device 3.0 on pci0
vtnet0:  on virtio_pci0
vtnet0: Ethernet address: 52:54:00:9b:85:3a
pci0:  at device 4.0 (no driver attached)
uhci0:  port 0xc140-0xc15f irq 10 at device 5.0 on pci0
usbus0 on uhci0
usbus0: 12Mbps Full Speed USB v1.0
uhci1:  port 0xc160-0xc17f irq 10 at device 5.1 on pci0
usbus1 on uhci1
usbus1: 12Mbps Full Speed USB v1.0
uhci2:  port 0xc180-0xc19f irq 11 at device 5.2 on pci0
usbus2 on uhci2
usbus2: 12Mbps Full Speed USB v1.0
ehci0:  mem 0xfc097000-0xfc097fff irq 11 at device 5.7 on pci0
usbus3: EHCI version 1.0
usbus3 on ehci0
usbus3: 480Mbps High Speed USB v2.0
virtio_pci1:  port 0xc080-0xc0bf mem 0xfc098000-0xfc098fff,0xfebf4000-0xfebf7fff irq 10 at device 6.0 on pci0
virtio_pci2:  port 0xc0c0-0xc0ff mem 0xfebf8000-0xfebfbfff irq 11 at device 7.0 on pci0
vtballoon0:  on virtio_pci2
virtio_pci3:  port 0xc000-0xc07f mem 0xfc099000-0xfc099fff,0xfebfc000-0xfebfffff irq 11 at device 8.0 on pci0
vtblk0:  on virtio_pci3
vtblk0: 5723166MB (11721045168 512 byte sectors)
acpi_syscontainer0:  on acpi0
acpi_syscontainer1:  port 0xaf00-0xaf0b on acpi0
acpi_syscontainer2:  port 0xafe0-0xafe3 on acpi0
acpi_syscontainer3:  port 0xae00-0xae13 on acpi0
atkbdc0:  port 0x60,0x64 irq 1 on acpi0
atkbd0:  irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
psm0:  irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: model IntelliMouse Explorer, device ID 4
uart0:  port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: console (9600,n,8,1)
orm0:  at iomem 0xe9800-0xeffff on isa0
attimer0:  at port 0x40 on isa0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Timecounters tick every 10.000 msec
freenas_sysctl: adding account.
freenas_sysctl: adding directoryservice.
freenas_sysctl: adding middlewared.
freenas_sysctl: adding network.
freenas_sysctl: adding services.
ipfw2 (+ipv6) initialized, divert enabled, nat enabled, default to accept, logging disabled
ugen2.1:  at usbus2
ugen3.1:  at usbus3
uhub0:  on usbus2
ugen0.1:  at usbus0
uhub1:  on usbus3
uhub2:  on usbus0
ugen1.1:  at usbus1
uhub3:  on usbus1
ada0 at ata0 bus 0 scbus0 target 0 lun 0
ada0:  ATA-7 device
ada0: Serial Number QM00001
ada0: 16.700MB/s transfers (WDMA2, PIO 8192bytes)
ada0: 61440MB (125829120 512 byte sectors)
cd0 at ata0 bus 0 scbus0 target 1 lun 0
cd0:  Removable CD-ROM SCSI device
cd0: Serial Number QM00002
cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes)
cd0: Attempt to query device size failed: NOT READY, Medium not present
WARNING: WITNESS option enabled, expect reduced performance.
Trying to mount root from zfs:freenas-boot/ROOT/default []...
Root mount waiting for: usbus3 usbus2 usbus1 usbus0
uhub0: 2 ports with 2 removable, self powered
uhub2: 2 ports with 2 removable, self powered
uhub3: 2 ports with 2 removable, self powered
Root mount waiting for: usbus3
Root mount waiting for: usbus3
uhub1: 6 ports with 6 removable, self powered
Root mount waiting for: usbus3
ugen3.2:  at usbus3
Starting devd.
warning: KLD '/boot/kernel-debug/uhid.ko' is newer than the linker.hints file
lo0: link state changed to UP


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0xfffffe02311f30c0
fault code		= supervisor write data, page not present
instruction pointer	= 0x20:0xffffffff81016d09


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address	= 0xfffffe02311c60c0
stack pointer	        = 0x28:0xfffffe02311f1eb0
frame pointer	        = 0x28:0xfffffe02311f1eb0
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 99 (python3.7)
trap number		= 12
panic: page fault
cpuid = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe02311f1b70
vpanic() at vpanic+0x17e/frame 0xfffffe02311f1bd0
panic() at panic+0x43/frame 0xfffffe02311f1c30
trap_fatal() at trap_fatal+0x369/frame 0xfffffe02311f1c80
trap_pfault() at trap_pfault+0x62/frame 0xfffffe02311f1cd0
trap() at trap+0x2b3/frame 0xfffffe02311f1de0
calltrap() at calltrap+0x8/frame 0xfffffe02311f1de0
--- trap 0xc, rip = 0xffffffff81016d09, rsp = 0xfffffe02311f1eb0, rbp = 0xfffffe02311f1eb0 ---
bcopy() at bcopy+0x19/frame 0xfffffe02311f1eb0
fpugetregs() at fpugetregs+0x192/frame 0xfffffe02311f1f00
get_mcontext() at get_mcontext+0x1b4/frame 0xfffffe02311f1f50
sys_getcontext() at sys_getcontext+0x56/frame 0xfffffe02311f2300
amd64_syscall() at amd64_syscall+0x792/frame 0xfffffe02311f2430
fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe02311f2430
--- syscall (421, FreeBSD ELF64, sys_getcontext), rip = 0x801c26280, rsp = 0x7fffffffd188, rbp = 0x7fffffffdcf0 ---
KDB: enter: panic
[ thread pid 99 tid 100490 ]
Stopped at      kdb_enter+0x3b: movq    $0,kdb_why

### the bios setting of cpu looks like below:

dmidecode | grep "Processor Information" -A 54
Processor Information
	Socket Designation: AM4
	Type: Central Processor
	Family: Zen
	Manufacturer: Advanced Micro Devices, Inc.
	ID: 10 0F A2 00 FF FB 8B 17
	Signature: Family 25, Model 33, Stepping 0
	Flags:
		FPU (Floating-point unit on-chip)
		VME (Virtual mode extension)
		DE (Debugging extension)
		PSE (Page size extension)
		TSC (Time stamp counter)
		MSR (Model specific registers)
		PAE (Physical address extension)
		MCE (Machine check exception)
		CX8 (CMPXCHG8 instruction supported)
		APIC (On-chip APIC hardware supported)
		SEP (Fast system call)
		MTRR (Memory type range registers)
		PGE (Page global enable)
		MCA (Machine check architecture)
		CMOV (Conditional move instruction supported)
		PAT (Page attribute table)
		PSE-36 (36-bit page size extension)
		CLFSH (CLFLUSH instruction supported)
		MMX (MMX technology supported)
		FXSR (FXSAVE and FXSTOR instructions supported)
		SSE (Streaming SIMD extensions)
		SSE2 (Streaming SIMD extensions 2)
		HTT (Multi-threading)
	Version: AMD Ryzen 9 5950X 16-Core Processor
	Voltage: 1.1 V
	External Clock: 100 MHz
	Max Speed: 5050 MHz
	Current Speed: 3400 MHz
	Status: Populated, Enabled
	Upgrade: Socket AM4
	L1 Cache Handle: 0x0013
	L2 Cache Handle: 0x0014
	L3 Cache Handle: 0x0015
	Serial Number: Unknown
	Asset Tag: Unknown
	Part Number: Unknown
	Core Count: 16
	Core Enabled: 16
	Thread Count: 32
	Characteristics:
		64-bit capable
		Multi-Core
		Hardware Thread
		Execute Protection
		Enhanced Virtualization
		Power/Performance Control

with reset in kdb i found below info:

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0xfffffe02311d00c0
fault code		= supervisor write data, page not present
instruction pointer	= 0x20:0xffffffff81016d09
stack pointer	        = 0x28:0xfffffe02311ceeb0
frame pointer	        = 0x28:0xfffffe02311ceeb0
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 99 (python3.7)
trap number		= 12
panic: page fault
cpuid = 1
KDB: stack backtrace:

## things i tried: 1. reinstall the guest but failed with the same problem also failed into the kdb mode 2. restart host, but that can not fix ## questions: 1. What can i do to gather more detailed info from kdb 2. How to solve the problem 3. freeNas doesn't support AMD Ryzen 9 5950X 16-Core Processor

I'm using FreeNAS (FreeBSD), and I've created a jail, and I've given the jail a hostname, and I can access the jail via IP address, but I can't access the jail by it's hostname. (within my home network) I think I somehow need to get local DNS working? But on a home network, I don't have a proper DNS? I am not sure how name resolution works on home networks. i.e. I can make http://192.168.1.42:8000 and the jail responds to those requests. on the jail:

root@jailname:/ # hostname
jailname

but on other computers on the network:

mckay@mckays-macbook ~ % ping jailname
ping: cannot resolve jailname: Unknown host

C:/> ping jailname
Ping request could not find host jailname. Please check the name and try again

FWIW, I can resolve my NAS and my mac by hostname on a windows machine, but a mac can't get the hostname of the NAS or the windows machine. (but it can ping them by IP). Android devices can get name resolution on the NAS.

Sorry for the ambiguous title, I am not really sure the correct terminology for what I am asking (which is also making searching for an answer kid of tricky). Basically, I have a TrueNas box on the network, with several SMB shares. I am mounting those shares in Linux Mint 20 (via File > Connect To server in Nemo). Everything works fine (I can create and delete directories and files), but Mint obviously recognises this mounted share is not the local files system, so I am loosing some features (such as the ability to select files from the share when uploading to a browser or drag files from the share into open applications). I was wondering if there is a way get support for these features? Do I need mount the shares via the command line with custom options? Or maybe do I need to look into using NFS instead? Thanks in advance for any help.

I'd like to install version 6 of unifi network controller in a jail on my FreeNAS server. I can see that a net-mgmt/unifi6 port exists in bugs.freebsd.org: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249466 . However I can't find it by searching any of the following places: - /usr/ports directory - pkg search command - https://www.freebsd.org/ports/searching.html web page I'm guessing this is in a pre-release state. Is it possible to install? If so, how? Thanks!

How do you use auditd for logging when files and folders are opened, read, moved, deleted or modified? Looking at the information here , i don't see how to accomplish the task. I'm trying to get a log of folder and file access/modification on a FreeBSD system. File access is via Samba share and i'm logging via SMB but in some rare instances SMB doesn't log a event (like today when a folder was moved, it wasn't logged but I moved a folder later and it was logged). Because of that, i'm looking for a more accurate alternative. **UPDATE** Here is what is not working with auditd on a FreeNAS 11 FreeBSD system. Check the options kernel was compiled with (looking for AUDIT):

sysctl kern.conftxt | grep AUDIT
> options	AUDIT

My /etc/security/audit_control

#
# $FreeBSD$
#
dir:/var/audit
dist:off
flags:lo,aa,fr,fw,cl,fa,fc,fd
minfree:5
naflags:lo,aa
policy:cnt,argv
filesz:2M
expire-after:10M

My /etc/security/audit_user:

#
# $FreeBSD$
#
testuser:lo,aa,fr,fw,cl,fa,fc,fd:no
root:lo:no

service auditd restart && service auditd status results:

Trigger sent.
Starting auditd.
auditd is running as pid 45763.

Based on the man audit_user pages > The flags field sets the system-wide default preselection mask for > attributable events. In the example above, successful and failed > login/logout events as well as authentication and authorization are > audited for all users. I should at least be getting login/logout logs for testuser and root. And because of: > Per-user and global audit preselection configuration are evaluated at > time of login, so users must log out and back in again for audit changes > relating to preselection to take effect. I then logged out and back in as testuser via ssh, created some directories and files, and deleted them. I did the same thing via a SMB share and then logged in as root to check trail. praudit /var/audit/current results:

header,56,11,audit startup,0,Fri May 24 09:50:23 2019, + 398 msec
text,auditd::Audit startup
return,success,0
trailer,56

Checking all available trails with praudit /var/audit/*:

header,56,11,audit startup,0,Wed May 22 14:41:33 2019, + 781 msec
text,auditd::Audit startup
return,success,0
trailer,56
header,56,11,audit startup,0,Thu May 23 18:44:10 2019, + 766 msec
text,auditd::Audit startup
return,success,0
trailer,56
header,56,11,audit startup,0,Thu May 23 18:54:51 2019, + 31 msec
text,auditd::Audit startup
return,success,0
trailer,56
header,56,11,audit startup,0,Thu May 23 18:55:04 2019, + 451 msec
text,auditd::Audit startup
return,success,0
trailer,56
header,56,11,audit startup,0,Thu May 23 18:55:04 2019, + 451 msec
text,auditd::Audit startup
return,success,0
trailer,56

I don't see any logs.

I am trying to write some scripts for graceful shutdowns from my UPS. My UPS is hooked up to my freenas system. I also have a KVM server running KVM on Ubuntu 18.04, and that is where I'm having some issues. I have the following script on my freenas to call the shutdown script on my KVM server: ssh user@192.168.1.1 /opt/shutdown.sh Then the shutdown.sh script on my KVM server is as follows #!/bin/bash # Configure timeout (in seconds). TIMEOUT=300 VIRSH=/usr/bin/virsh # List running domains. list_running_domains() { $VIRSH list | grep running | awk '{ print $2}' } echo "Try to cleanly shut down all running KVM domains..." # Create some sort of semaphore. touch /tmp/shutdown-kvm-guests # Try to shutdown each domain, one by one. list_running_domains | while read DOMAIN; do # Try to shutdown given domain. $VIRSH shutdown $DOMAIN done # Wait until all domains are shut down or timeout has reached. END_TIME=$(date -d "$TIMEOUT seconds" +%s) while [ $(date +%s) -lt $END_TIME ]; do # Break while loop when no domains are left. test -z "$(list_running_domains)" && break # Wait a litte, we don't want to DoS libvirt. sleep 1 done # Clean up left over domains, one by one. list_running_domains | while read DOMAIN; do # Try to shutdown given domain. $VIRSH destroy $DOMAIN # Give libvirt some time for killing off the domain. sleep 3 done I found the KVM script here enter link description here The KVM shutdown script works great when I SSH directly into the KVM server, however, when the freenas system calls the script over SSH it doesn't seem to work. I can see the echos, so I know it's getting called. I know it's not the best practice, but I set permissions on the script to 777 just to see if I can get it working, but that still doesn't seem to help. Any insight would be much appreciated.

I'm setting a home NAS taking it as a chance to get familiar with FreeNAS **My specs**: FreeNAS-11.3-U2 Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz. 16GB DDR3 RAM. OS: runs on a SSD ADATA SP600 250GB. **My Pools**: 1) NAS01. /mnt/NAS01 **2x 2TB Mirror** w/ 1 spare (the real backup/NAS space). The 2 dev of the mirror are WDC WD2003FZEX ; the spare is a ST2000DL003 2) S500. /mnt/S500 **1x 500GB** (scratch space). The disk is a ST3500320AS There is also a 6th 1TDB disk waiting to be used... I originally backed up some 80GB of data from another computer into an zfs dataset on an external HD. Only after that I learned such a disk can't be imported. This dataset had a snapshot created in that original computer. I then managed to transfer the dataset into pool2 as S500/pre2012 mounted on /mnt/pre2012 (honestly, can't remember exactly right now how I did it by, but must have been through cli via zpool and ifs). At some point I used a zfs send | recv to transfer (can I say copy?) S500/pre2012@snp1 to pool1 under NAS01/pre2012 -which unexpectedly to me was mounted under /mn/mnt/pre2012. After testing and getting somewhat familiar with SMB shares and checking I could have it working with all my MACs & Linux boxes I decided it was time to organize pool 1 (NAS01) into different datasets according to what I'm planning to store and how to use it. I created these datasets using the GUI. **The result is the following structure of root datasets (as per zfs list)**: NAS01/PRIVATE 55.0G 1.62T 20.5G /mnt/NAS01/PRIVATE NAS01/PRIVATE/Documents 573M 1.62T 573M /mnt/NAS01/PRIVATE/Documents NAS01/PRIVATE/Fotos 33.9G 1.62T 33.9G /mnt/NAS01/PRIVATE/Fotos NAS01/PUBLIC 16.9G 1.62T 96K /mnt/NAS01/PUBLIC NAS01/PUBLIC/Library 57.6M 1.62T 57.6M /mnt/NAS01/PUBLIC/Library NAS01/PUBLIC/Movies 15.5G 1.62T 15.5G /mnt/NAS01/PUBLIC/Movies NAS01/PUBLIC/Music 1.05G 1.62T 1.05G /mnt/NAS01/PUBLIC/Music NAS01/PUBLIC/Software 299M 1.62T 299M /mnt/NAS01/PUBLIC/Software NAS01/pre2012 71.3G 1.62T 71.3G /mnt/mnt/pre2012 S500 268G 178G 136K /mnt/S500 S500/SharedScratch 196G 178G 196G /mnt/S500/SharedScratch S500/pre2012 71.4G 178G 71.3G /mnt/pre2012 SharedScratch has been working well under SMB in my network -while I used only guest account access and nobody:nobody ownerships. But that's another story. Currently, the **structure of S500/pre2012** ( or rather that of of its mount point) is: /mnt//pre2012/120/30/home/ /mnt//pre2012/120/30/MatLab6.5/ /mnt//pre2012/120/80/home/ /mnt//pre2012/120/80/O/ /mnt//pre2012/120/80/usr/ /mnt//pre2012/250/48/home/ /mnt//pre2012/250/80win/ It also had other folders like Music that I managed to mv (not w/o quite some pain) to NAS01/PUBLIC/Music, say. All these folders under S500/pre2012 are owned by user admin. It's the only additional user I created. **My problem seems to be related to privileges issues, although I sudoed into root when issuing commands like the following**: root@freenas[/mnt/S500/pre2012]#mv 120 /mnt/NAS01/PRIVATE/Documents mv: chmod: /mnt/NAS01/PRIVATE/Documents/120/30/home/msantos/Reports/Apoptosis: Operation not permitted mv: chmod: /mnt/NAS01/PRIVATE/Documents/120/30/home/msantos/Reports/.Designability.March.2005.tex.swp: Operation not permitted mv: /mnt/NAS01/PRIVATE/Documents/120/30/home/msantos/Reports/NMR: File exists mv: /bin/cp 120 /mnt/NAS01/PRIVATE/Documents/120: terminated with 1 (non-zero) status The **folders' permissions** are: root@freenas[/mnt/S500/pre2012/120]# ll ; ll /mnt/NAS01/PRIVATE/Documents/120 total 26 drwxr-x---+ 4 admin admin uarch 4 Sep 22 21:03 ./ drwxr-x---+ 4 admin admin uarch 4 Sep 22 21:03 ../ drwxr-x---+ 3 admin admin uarch 3 Sep 22 21:14 30/ drwxr-x---+ 5 admin admin uarch 5 Sep 14 15:56 80/ total 2 drwxrwx---+ 3 root admin uarch 3 Sep 22 21:57 ./ drwxrwx---+ 3 admin admin uarch 4 Sep 22 21:57 ../ drwxrwx---+ 3 root admin uarch 3 Sep 22 21:57 30/ As you can see the move failed to copy everything, although it did copy something! That's even more worrisome bc it's a move! Here some **permissions of destination folders**: root@freenas[~]# ls -lF /mnt/NAS01 total 9 drwxr-xr-x+ 5 admin admin 6 Sep 22 19:16 PRIVATE/ drwxrwx---+ 6 root wheel 6 Sep 22 15:30 PUBLIC/ root@freenas[~]# ls -lFd /mnt/NAS01/*/* drwxrwx---+ 3 admin admin 4 Sep 22 21:57 /mnt/NAS01/PRIVATE/Documents/ drwxrwx---+ 15 admin admin 19 Sep 22 20:37 /mnt/NAS01/PRIVATE/Fotos/ drwxrwx---+ 2 nobody admin 4 Sep 22 21:03 /mnt/NAS01/PUBLIC/Library/ drwxrwx---+ 5 nobody admin 38 Sep 22 20:13 /mnt/NAS01/PUBLIC/Movies/ drwxrwx---+ 17 nobody admin 36 Sep 22 20:41 /mnt/NAS01/PUBLIC/Music/ drwxrwx---+ 9 nobody admin 9 Sep 22 21:09 /mnt/NAS01/PUBLIC/Software/ All those children datasets of PRIVATE and PUBLIC are being shared via SMB. The first one should only be accessible to admin user. Hence those permissions/ownerships. **My questions: How can I reliably use mv here to populate these datasets?** I don't understand how to use zfs send/ recv to copy data into a specific datasets/folder. That's why initially when I tried I ended up with a copy of pre2012 under /mnt/mnt/ which the GUI doesn't let me use as a share. Hence my using mv. **Furthermore, since I'm trying to sort different folders of the original dataset into different dst datasets, I can't see how zfs send/recv can do that. Is that possible?** I'm a bit frustrated at this point. Either I did things totally wrong or I'm missing a fundamental idea of how FreeNAS is supposed to be used...or both :-/ In any case, I didn't expect that populating the server with data would be so complicated. Again, this is just after my first 1.5 weeks in toying with FreeNAS. Sorry for the lengthly post. I'm stuck right now. Any hint will be appreciated. Thanks in advance.

I'm having an odd issue with my FreeNAS server related to permissions. Let's just say I have a ZFS pool with the following datasets:

personal1  personal1:guest drwx------
personal2  personal2:family drwx------
something  public www:www drwxrwsr-x
restricted root:wheel d rw-r----

Let's also say I'm user personal1, who is a member of the group guest. Naturally I should not be able to cd into restricted, or personal2. But for some reason, while I get a permission denied trying to cd into restricted, I'm somehow able to cd into personal2 despite the permissions denying this. I can't ls the directory, but I can continue to cd into folders in this directory, despite not seeing this. It's acting like I can execute the directories, but not read them, but the unix mode is very clearly 0700. ACLs seem correct too. What could I be overlooking? Here is some additional data:

freenas% whoami
personal1
freenas% stat personal2
14116848448016153017 34 drwx------ 34 personal2 family 18446744073709551615 53 "Sep 14 10:41:49 2020" "Sep 13 18:38:16 2020" "Sep 13 18:38:16 2020" "Aug 14 17:53:19 2020" 16384 65 0x800 personal2
freenas% cd personal2/
freenas% cd ..
freenas% groups
guest

I've been using a FreeNAS server for the past 6 months and recently, something happened and it's not able to boot up completely now. After attaching a monitor to the server, I've found multiple logs saying "Periph destroyed" pertaining to almost all my disk devices. Not trying to panic but I really don't know what the messages mean. And I can't even drop to the shell to investigate anything so the logs are all I have. I'm using FreeNAS 9.3. My server is a typical Intel PC server. I can't remember specifics about the server build but if anyone thinks it's pertinent information I can dig out my receipts. Appreciate any pointers towards what may the problem be and how to solve it.

Currently , on the laboratory I'm working on, there are three NAS: * 2x Seagate NAS Pro with 15TB (RAID 5) * 1x FreeNAS machine with 9TB (RAID 0) All of these are used through NFS shares mounted on different paths but IMHO that's far from ideal. We're going through an expansion soon and will need more storage. I needed some kind of mechanism for "merging" those NASes together so I could optimize the use of disks still providing space for larger datasets. One of the data centers I use has an AFS share that seems really nice, but I don't really understand much about file systems and don't know if that's the way. I've searched about [mergerfs](https://github.com/trapexit/mergerfs) , aufs, OverlayFS, mhddfs and many other stuff but I can't find an optimal solution for me and have no idea of where to look for it. Can you guys please help me on that?

I have been trying to set up the ACL on FreeNas 11.3 all day and it just does not work the way I think it should I am wondering what I am doing wrong. All I want to do is when a user creates a file in a folder, that new file or directory it will have permissions rwxrwx---. I have tried, what I think is, every combination of owner@, group@, Group, User, and everyone@ with every permission and flag option. No matter what I set the flags for inheritance it always comes out exactly the same or denies me from creating a new file/folder. When a new file is made, the permissions are -rw-r--r-- and when a new folder is made the permissions are drwxrwx---. When I try to change the ACLs and I set it to be recursive, then it will change the permissions of the files existing files to what I want them to be, but when I create a new file, the new file is right back to that same -rw-r--r--. I don't understand what I need to do. I have used getfacl, So here is what is really weird. I have around 7 datasets. One is named Admin, and another is named Operations. They have the exact same output when I check them with the getfacl command, but in Operations, when I create a new file it automatically comes up with the permissions I am looking for. In Admin when I create a new file it makes it something different. Is there any reason that the ACLs would be the same but when files are created they have different permissions? **Edit** Below is the output of the mount command: freenas-boot/ROOT/11.3-U3.2 on / (zfs, local, noatime, nfsv4acls) devfs on /dev (devfs, local, multilabel) tmpfs on /etc (tmpfs, local) tmpfs on /mnt (tmpfs, local) tmpfs on /var (tmpfs, local) fdescfs on /dev/fd (fdescfs) Business_Data on /mnt/Business_Data (zfs, local, nfsv4acls) Business_Data/Share on /mnt/Business_Data/Share (zfs, local, nfsv4acls) Business_Data/Projects on /mnt/Business_Data/Projects (zfs, local, nfsv4acls) Business_Data/Users on /mnt/Business_Data/Users (zfs, local, nfsv4acls) Business_Data/Archives on /mnt/Business_Data/Archives (zfs, local, nfsv4acls) Business_Data/iocage on /mnt/Business_Data/iocage (zfs, local, nfsv4acls) Business_Data/Operations on /mnt/Business_Data/Operations (zfs, local, nfsv4acls) Business_Data/Marketing on /mnt/Business_Data/Marketing (zfs, local, nfsv4acls) Business_Data/Financial on /mnt/Business_Data/Financial (zfs, local, nfsv4acls) Business_Data/Human Resources on /mnt/Business_Data/Human Resources (zfs, local, nfsv4acls) Business_Data/Administrative on /mnt/Business_Data/Administrative (zfs, local, nfsv4acls) Business_Data/iocage/download on /mnt/Business_Data/iocage/download (zfs, local, nfsv4acls) Business_Data/iocage/jails on /mnt/Business_Data/iocage/jails (zfs, local, nfsv4acls) Business_Data/iocage/templates on /mnt/Business_Data/iocage/templates (zfs, local, nfsv4acls) Business_Data/iocage/log on /mnt/Business_Data/iocage/log (zfs, local, nfsv4acls) Business_Data/iocage/releases on /mnt/Business_Data/iocage/releases (zfs, local, nfsv4acls) Business_Data/iocage/images on /mnt/Business_Data/iocage/images (zfs, local, nfsv4acls) Business_Data/.system on /var/db/system (zfs, local, nfsv4acls) Business_Data/.system/cores on /var/db/system/cores (zfs, local, nfsv4acls) Business_Data/.system/samba4 on /var/db/system/samba4 (zfs, local, nfsv4acls) Business_Data/.system/syslog-b34611ec74194ef89937f2d1ccaf453a on /var/db/system/syslog-b34611ec74194ef89937f2d1ccaf453a (zfs, local, nfsv4acls) Business_Data/.system/rrd-b34611ec74194ef89937f2d1ccaf453a on /var/db/system/rrd-b34611ec74194ef89937f2d1ccaf453a (zfs, local, nfsv4acls) Business_Data/.system/configs-b34611ec74194ef89937f2d1ccaf453a on /var/db/system/configs-b34611ec74194ef89937f2d1ccaf453a (zfs, local, nfsv4acls) Business_Data/.system/webui on /var/db/system/webui (zfs, local, nfsv4acls) Output of getfacl on Projects Dataset, and the Operations Dataset # file: Projects # owner: kevin # group: ALL_emp group:ALL_emp:rwxpDdaARWcCos:fd-----:allow owner@:rwxpDdaARWcCos:fd-----:allow group@:rwxpDdaARWc--s:fd-----:allow everyone@:--------------:fd-----:allow # file: Operations # owner: kevin # group: ALL_emp group:ALL_emp:rwxpDdaARWcCos:fd-----:allow owner@:rwxpDdaARWcCos:fd-----:allow group@:rwxpDdaARWc--s:fd-----:allow everyone@:--------------:fd-----:allow When I create a file from my windows computer in Projects and run ls -al: -rw-rwxr--+ 1 kevin ALL_emp 0 Jun 26 15:58 New Text Document.txt When I create a file from my windows computer in Operations and run ls -al: -rwxrwx---+ 1 kevin ALL_emp 0 Jun 26 16:01 New Text Document.txt Please let me know if there is any other detail I can provide. Any help or advice is greatly appreciated.

I have a FreeNAS box with 40 or so SMB shares. Mostly works no problem. Except for this one share where I can't create folder sometimes based on the name of the folder. I noticed, because if I browse to the share within Windows and create a "New Folder", I just get a "permission denied" error (I assume this is because explorer makes a folder named "New Folder" first and then changes the name later). But if I browse to the directory from within my WLS instance, and create the folder named 'test' via mkdir, it creates it no problem. Unless I try to make a folder 'New Folder' with mkidr. This seems to be the case with a bunch of random folders, and from the FreeNAS box itself, I can create these folders no problem. The folders also certainly don't exist before hand, but if I create with FreeNAS, I'm able to delete them no problem from the places mounting these shares. But then not able to create them again. This sounds like one of those problems where I'd just reboot the box, but around ~100 or so people are using it so I am trying to do this with as little down time as possible. ---------- EDIT This is still happening and I have no clue as to what's going on. Some test cases/examples that make no sense together - Making a new folder in my Documents named "New Folder" and copying it to my share results in permission deined. - Making a new folder called "New Folderx" in my Documents and copying it over works just fine. I can also rename this folder to anything except "New Folder" - On the server itself, running su -m brian -c 'mkdir "New Folder"' works no problem, and from Windows, I can rename or delete this folder. - "New Folder" is just an example folder that doesn't work, other folder names also randomly have these exact same issues - This is only true for the root of the share, inside other folders, I don't have these issues ---------- some sanity checks

$ getfacl .
# file: ../Share
# owner: root
# group: company
       group:super:rwxpDdaARWcCos:fd-----:allow
            owner@:rwxpDdaARWcCos:fd-----:allow
            group@:rwxpDdaARWcCos:fd-----:allow

$ groups brian
brian super

$ sharesec -v 'Share'
REVISION:1
CONTROL:SR|DP
OWNER:
GROUP:
ACL:S-1-5-21-4096896313-3432959665-639265334-1283:ALLOWED/0x0/FULL
ACL:S-1-5-21-4096896313-3432959665-639265334-1287:ALLOWED/0x0/FULL

$ net groupmap list | grep super
super (S-1-5-21-4096896313-3432959665-639265334-1287) -> super