zfs(1M) System Administration Commands zfs(1M)NAMEzfs - configures ZFS file systems
SYNOPSISzfs [-?]
zfs create [-p] [-o property=value] ... filesystem
zfs create [-ps] [-b blocksize] [-o property=value] ... -V size volume
zfs destroy [-rRf] filesystem|volume|snapshot
zfs snapshot [-r] [-o property=value]...
filesystem@snapname|volume@snapname
zfs rollback [-rRf] snapshot
zfs clone [-p] [-o property=value] ... snapshot filesystem|volume
zfs promote clone-filesystem
zfs rename filesystem|volume|snapshot
filesystem|volume|snapshot
zfs rename [-p] filesystem|volume filesystem|volume
zfs rename -r snapshot snapshot
zfs list [-r|-d depth][-H][-o property[,...]] [-t type[,...]]
[-s property] ... [-S property] ... [filesystem|volume|snapshot] ...
zfs set property=value filesystem|volume|snapshot ...
zfs get [-r|-d depth][-Hp][-o field[,...]] [-s source[,...]]
"all" | property[,...] filesystem|volume|snapshot ...
zfs inherit [-r] property filesystem|volume|snapshot ...
zfs upgrade [-v]
zfs upgrade [-r] [-V version] -a | filesystem
zfs userspace [-niHp] [-o field[,...]] [-sS field] ...
[-t type [,...]] filesystem|snapshot
zfs groupspace [-niHp] [-o field[,...]] [-sS field] ...
[-t type [,...]] filesystem|snapshot
zfs mount
zfs mount [-vO] [-o options] -a | filesystem
zfs unmount [-f] -a | filesystem|mountpoint
zfs share -a | filesystem
zfs unshare -a filesystem|mountpoint
zfs send [-vR] [-[iI] snapshot] snapshot
zfs receive [-vnFu] filesystem|volume|snapshot
zfs receive [-vnFu] -d filesystem
zfs allow filesystem|volume
zfs allow [-ldug] "everyone"|user|group[,...] perm|@setname[,...]
filesystem|volume
zfs allow [-ld] -e perm|@setname[,...] filesystem|volume
zfs allow -c perm|@setname[,...] filesystem|volume
zfs allow -s @setname perm|@setname[,...] filesystem|volume
zfs unallow [-rldug] "everyone"|user|group[,...] [perm|@setname[,... ]]
filesystem|volume
zfs unallow [-rld] -e [perm|@setname[,... ]] filesystem|volume
zfs unallow [-r] -c [perm|@setname[ ... ]] filesystem|volume
zfs unallow [-r] -s @setname [perm|@setname[,... ]] filesystem|volume
DESCRIPTION
The zfs command configures ZFS datasets within a ZFS storage pool, as
described in zpool(1M). A dataset is identified by a unique path within
the ZFS namespace. For example:
pool/{filesystem,volume,snapshot}
...where the maximum length of a dataset name is MAXNAMELEN (256
bytes).
A dataset can be one of the following:
file system
A ZFS dataset of type "filesystem" that can be mounted within the
standard system namespace and behaves like other file systems.
While ZFS file systems are designed to be POSIX compliant, known
issues exist that prevent compliance in some cases. Applications
that depend on standards conformance might fail due to nonstandard
behavior when checking file system free space.
volume
A logical volume exported as a raw or block device. This type of
dataset should only be used under special circumstances. File sys‐
tems are typically used in most environments.
snapshot
A read-only version of a file system or volume at a given point in
time. It is specified as filesystem@name or volume@name.
ZFS File System Hierarchy
A ZFS storage pool is a logical collection of devices that provide
space for datasets. A storage pool is also the root of the ZFS file
system hierarchy.
The root of the pool can be accessed as a file system, such as mounting
and unmounting, taking snapshots, and setting properties. The physical
storage characteristics, however, are managed by the zpool(1M) command.
See zpool(1M) for more information on creating and administering pools.
Snapshots
A snapshot is a read-only copy of a file system or volume. Snapshots
can be created extremely quickly, and initially consume no additional
space within the pool. As data within the active dataset changes, the
snapshot consumes more data than would otherwise be shared with the
active dataset.
Snapshots can have arbitrary names. Snapshots of volumes can be cloned
or rolled back, but cannot be accessed independently.
File system snapshots can be accessed under the ".zfs/snapshot" direc‐
tory in the root of the file system. Snapshots are automatically
mounted on demand and may be unmounted at regular intervals. The visi‐
bility of the ".zfs" directory can be controlled by the "snapdir" prop‐
erty.
Clones
A clone is a writable volume or file system whose initial contents are
the same as another dataset. As with snapshots, creating a clone is
nearly instantaneous, and initially consumes no additional space.
Clones can only be created from a snapshot. When a snapshot is cloned,
it creates an implicit dependency between the parent and child. Even
though the clone is created somewhere else in the dataset hierarchy,
the original snapshot cannot be destroyed as long as a clone exists.
The "origin" property exposes this dependency, and the destroy command
lists any such dependencies, if they exist.
The clone parent-child dependency relationship can be reversed by using
the "promote" subcommand. This causes the "origin" file system to
become a clone of the specified file system, which makes it possible to
destroy the file system that the clone was created from.
Mount Points
Creating a ZFS file system is a simple operation, so the number of file
systems per system is likely to be numerous. To cope with this, ZFS
automatically manages mounting and unmounting file systems without the
need to edit the /etc/vfstab file. All automatically managed file sys‐
tems are mounted by ZFS at boot time.
By default, file systems are mounted under /path, where path is the
name of the file system in the ZFS namespace. Directories are created
and destroyed as needed.
A file system can also have a mount point set in the mountpoint prop‐
erty. This directory is created as needed, and ZFS automatically mounts
the file system when the zfs mount -a command is invoked (without edit‐
ing /etc/vfstab). The mountpoint property can be inherited, so if
pool/home has a mount point of /export/stuff, then pool/home/user auto‐
matically inherits a mount point of /export/stuff/user.
A file system mountpoint property of none prevents the file system from
being mounted.
If needed, ZFS file systems can also be managed with traditional tools
(mount, umount, /etc/vfstab). If a file system's mount point is set to
legacy, ZFS makes no attempt to manage the file system, and the admin‐
istrator is responsible for mounting and unmounting the file system.
Zones
A ZFS file system can be added to a non-global zone by using the
zonecfg add fs subcommand. A ZFS file system that is added to a non-
global zone must have its mountpoint property set to legacy.
The physical properties of an added file system are controlled by the
global administrator. However, the zone administrator can create, mod‐
ify, or destroy files within the added file system, depending on how
the file system is mounted.
A dataset can also be delegated to a non-global zone by using zonecfg
add dataset subcommand. You cannot delegate a dataset to one zone and
the children of the same dataset to another zone. The zone administra‐
tor can change properties of the dataset or any of its children. How‐
ever, the quota property is controlled by the global administrator.
A ZFS volume can be added as a device to a non-global zone by using
zonecfg add device subcommand. However, its physical properties can be
modified only by the global administrator.
For more information about zonecfg syntax, see zonecfg(1M).
After a dataset is delegated to a non-global zone, the zoned property
is automatically set. A zoned file system cannot be mounted in the
global zone, since the zone administrator might have to set the mount
point to an unacceptable value.
The global administrator can forcibly clear the zoned property, though
this should be done with extreme care. The global administrator should
verify that all the mount points are acceptable before clearing the
property.
Native Properties
Properties are divided into two types, native and user-defined (or
"user"). Native properties either export internal statistics or control
ZFS behavior. In addition, native properties are either editable or
read-only. User properties have no effect on ZFS behavior, but you can
use them to annotate datasets in a way that is meaningful in your envi‐
ronment. For more information about user properties, see the "User
Properties" section, below.
Every dataset has a set of properties that export statistics about the
dataset as well as control various behaviors. Properties are inherited
from the parent unless overridden by the child. Some properties apply
only to certain types of datasets (file systems, volumes, or snap‐
shots).
The values of numeric properties can be specified using human-readable
suffixes (for example, k, KB, M, Gb, and so forth, up to Z for
zettabyte). The following are all valid (and equal) specifications:
1536M, 1.5g, 1.50GB
The values of non-numeric properties are case sensitive and must be
lowercase, except for mountpoint, sharenfs, and sharesmb.
The following native properties consist of read-only statistics about
the dataset. These properties can be neither set, nor inherited. Native
properties apply to all dataset types unless otherwise noted.
available
The amount of space available to the dataset and all its children,
assuming that there is no other activity in the pool. Because space
is shared within a pool, availability can be limited by any number
of factors, including physical pool size, quotas, reservations, or
other datasets within the pool.
This property can also be referred to by its shortened column name,
avail.
compressratio
The compression ratio achieved for this dataset, expressed as a
multiplier. Compression can be turned on by running: zfs set com‐
pression=on dataset. The default value is off.
creation
The time this dataset was created.
mounted
For file systems, indicates whether the file system is currently
mounted. This property can be either yes or no.
origin
For cloned file systems or volumes, the snapshot from which the
clone was created. The origin cannot be destroyed (even with the -r
or -f options) so long as a clone exists.
referenced
The amount of data that is accessible by this dataset, which may or
may not be shared with other datasets in the pool. When a snapshot
or clone is created, it initially references the same amount of
space as the file system or snapshot it was created from, since its
contents are identical.
This property can also be referred to by its shortened column name,
refer.
type
The type of dataset: filesystem, volume, or snapshot.
used
The amount of space consumed by this dataset and all its descen‐
dents. This is the value that is checked against this dataset's
quota and reservation. The space used does not include this
dataset's reservation, but does take into account the reservations
of any descendent datasets. The amount of space that a dataset con‐
sumes from its parent, as well as the amount of space that are
freed if this dataset is recursively destroyed, is the greater of
its space used and its reservation.
When snapshots (see the "Snapshots" section) are created, their
space is initially shared between the snapshot and the file system,
and possibly with previous snapshots. As the file system changes,
space that was previously shared becomes unique to the snapshot,
and counted in the snapshot's space used. Additionally, deleting
snapshots can increase the amount of space unique to (and used by)
other snapshots.
The amount of space used, available, or referenced does not take
into account pending changes. Pending changes are generally
accounted for within a few seconds. Committing a change to a disk
using fsync(3c) or O_SYNC does not necessarily guarantee that the
space usage information is updated immediately.
usedby*
The usedby* properties decompose the used properties into the vari‐
ous reasons that space is used. Specifically, used = usedbychildren
+ usedbydataset + usedbyrefreservation +, usedbysnapshots. These
properties are only available for datasets created on zpool "ver‐
sion 13" pools.
usedbychildren
The amount of space used by children of this dataset, which would
be freed if all the dataset's children were destroyed.
usedbydataset
The amount of space used by this dataset itself, which would be
freed if the dataset were destroyed (after first removing any
refreservation and destroying any necessary snapshots or descen‐
dents).
usedbyrefreservation
The amount of space used by a refreservation set on this dataset,
which would be freed if the refreservation was removed.
usedbysnapshots
The amount of space consumed by snapshots of this dataset. In par‐
ticular, it is the amount of space that would be freed if all of
this dataset's snapshots were destroyed. Note that this is not sim‐
ply the sum of the snapshots' used properties because space can be
shared by multiple snapshots
userused@user
The amount of space referenced in this dataset by the specified
user. Space is charged to the owner of each file, as displayed by
ls -l. The amount of space charged is displayed by du and ls -s.
See the zfs userspace subcommand for more information.
Unprivileged users can access only their own space usage. The root
user, or a user who has been granted the userused privilege with
zfs allow, can access everyone's usage.
This property cannot be set on volumes, or on pools before version
15. The userused@... properties are not displayed by zfs get all.
The user's name must be appended after the @ symbol, using one of
the following forms:
o posix name (for example, joe)
o posix numeric id (for example, 789)
o sid name (for example, joe.smith@mydomain)
o sid numeric id (for example, S-1-123-456-789)
groupused@group
The amount of space referenced in this dataset by the specified
group. Space is charged to the group of each file, as displayed by
ls -l. See the userused@user property for more information.
Unprivileged users can only access the groupused@... property for
groups that they are a member of. The root user, or a user who has
been granted the groupused privilege with zfs allow, can access all
groups' usage.
volblocksize=blocksize
For volumes, specifies the block size of the volume. The blocksize
cannot be changed once the volume has been written, so it should be
set at volume creation time. The default blocksize for volumes is 8
Kbytes. Any power of 2 from 512 bytes to 128 Kbytes is valid.
This property can also be referred to by its shortened column name,
volblock.
The following native properties can be used to change the behavior of a
ZFS dataset.
aclinherit=discard | noallow | restricted | passthrough | passthrough-x
Controls how ACL entries are inherited when files and directories
are created. A file system with an aclinherit property of discard
does not inherit any ACL entries. A file system with an aclinherit
property value of noallow only inherits inheritable ACL entries
that specify "deny" permissions. The property value restricted (the
default) removes the write_acl and write_owner permissions when the
ACL entry is inherited. A file system with an aclinherit property
value of passthrough inherits all inheritable ACL entries without
any modifications made to the ACL entries when they are inherited.
A file system with an aclinherit property value of passthrough-x
has the same meaning as passthrough, except that the owner@,
group@, and everyone@ ACEs inherit the execute permission only if
the file creation mode also requests the execute bit.
When the property value is set to passthrough, files are created
with a mode determined by the inheritable ACEs. If no inheritable
ACEs exist that affect the mode, then the mode is set in accordance
to the requested mode from the application.
aclmode=discard | groupmask | passthrough
Controls how an ACL is modified during chmod(2). A file system with
an aclmode property of discard deletes all ACL entries that do not
represent the mode of the file. An aclmode property of groupmask
(the default) reduces user or group permissions. The permissions
are reduced, such that they are no greater than the group permis‐
sion bits, unless it is a user entry that has the same UID as the
owner of the file or directory. In this case, the ACL permissions
are reduced so that they are no greater than owner permission bits.
A file system with an aclmode property of passthrough indicates
that no changes are made to the ACL other than generating the nec‐
essary ACL entries to represent the new mode of the file or direc‐
tory.
atime=on | off
Controls whether the access time for files is updated when they are
read. Turning this property off avoids producing write traffic when
reading files and can result in significant performance gains,
though it might confuse mailers and other similar utilities. The
default value is on.
canmount=on | off | noauto
If this property is set to off, the file system cannot be mounted,
and is ignored by zfs mount -a. Setting this property to off is
similar to setting the mountpoint property to none, except that the
dataset still has a normal mountpoint property, which can be inher‐
ited. Setting this property to off allows datasets to be used
solely as a mechanism to inherit properties. One example of setting
canmount=off is to have two datasets with the same mountpoint, so
that the children of both datasets appear in the same directory,
but might have different inherited characteristics.
When the noauto option is set, a dataset can only be mounted and
unmounted explicitly. The dataset is not mounted automatically when
the dataset is created or imported, nor is it mounted by the zfs
mount -a command or unmounted by the zfs unmount -a command.
This property is not inherited.
checksum=on | off | fletcher2,| fletcher4 | sha256
Controls the checksum used to verify data integrity. The default
value is on, which automatically selects an appropriate algorithm
(currently, fletcher2, but this may change in future releases). The
value off disables integrity checking on user data. Disabling
checksums is NOT a recommended practice.
compression=on | off | lzjb | gzip | gzip-N
Controls the compression algorithm used for this dataset. The lzjb
compression algorithm is optimized for performance while providing
decent data compression. Setting compression to "on" uses the
"lzjb" compression algorithm. The "gzip" compression algorithm uses
the same compression as the gzip(1) command. You can specify the
"gzip" level by using the value "gzip-N" where N is an integer from
1 (fastest) to 9 (best compression ratio). Currently, "gzip" is
equivalent to "gzip-6" (which is also the default for gzip(1)).
This property can also be referred to by its shortened column name
"compress".
copies=1 | 2 | 3
Controls the number of copies of data stored for this dataset.
These copies are in addition to any redundancy provided by the
pool, for example, mirroring or raid-z. The copies are stored on
different disks, if possible. The space used by multiple copies is
charged to the associated file and dataset, changing the used prop‐
erty and counting against quotas and reservations.
Changing this property only affects newly-written data. Therefore,
set this property at file system creation time by using the -o
copies= option.
devices=on | off
Controls whether device nodes can be opened on this file system.
The default value is on.
exec=on | off
Controls whether processes can be executed from within this file
system. The default value is on.
mountpoint=path | none | legacy
Controls the mount point used for this file system. See the "Mount
Points" section for more information on how this property is used.
When the mountpoint property is changed for a file system, the file
system and any children that inherit the mount point are unmounted.
If the new value is legacy, then they remain unmounted. Otherwise,
they are automatically remounted in the new location if the prop‐
erty was previously legacy or none, or if they were mounted before
the property was changed. In addition, any shared file systems are
unshared and shared in the new location.
nbmand=on | off
Controls whether the file system should be mounted with nbmand (Non
Blocking mandatory locks). This is used for CIFS clients. Changes
to this property only take effect when the file system is umounted
and remounted. See mount(1M) for more information on nbmand mounts.
primarycache=all | none | metadata
Controls what is cached in the primary cache (ARC). If this prop‐
erty is set to all, then both user data and metadata is cached. If
this property is set to none, then neither user data nor metadata
is cached. If this property is set to metadata, then only metadata
is cached. The default value is all.
quota=size | none
Limits the amount of space a dataset and its descendents can con‐
sume. This property enforces a hard limit on the amount of space
used. This includes all space consumed by descendents, including
file systems and snapshots. Setting a quota on a descendent of a
dataset that already has a quota does not override the ancestor's
quota, but rather imposes an additional limit.
Quotas cannot be set on volumes, as the volsize property acts as an
implicit quota.
userquota@user=size | none
Limits the amount of space referenced by the specified user, which
is specified by the userspace@user property.
Enforcement of user quotas may be delayed by several seconds. In
other words, users may go a bit over their quota before the system
notices that they are over quota and begins to refuse additional
writes with EDQUOT. See the zfs userspace subcommand for more
information.
Unprivileged users can get only their own quota. The root user, or
a user who has been granted the userquota privilege with zfs allow,
can get and set everyone's quota.
This property cannot be set on volumes, on filesystems before ver‐
sion 4, or on pools before version 15. The userquota@... properties
are not displayed by zfs get all. The user's name must be appended
after the @ symbol, using one of the following forms:
o posix name (for example, joe)
o posix numeric id (for example, 789)
o sid name (for example, joe.smith@mydomain)
o sid numeric id (for example, S-1-123-456-789)
groupquota@group=size | none
Limits the amount of space referenced by the specified group. See
the userquota@user property for more information.
Unprivileged users can only get the quota of groups they are a mem‐
ber of. The root user, or a user who has been granted the
groupquota privilege with zfs allow, can get and set all groups'
quotas.
readonly=on | off
Controls whether this dataset can be modified. The default value is
off.
This property can also be referred to by its shortened column name,
rdonly.
recordsize=size
Specifies a suggested block size for files in the file system. This
property is designed solely for use with database workloads that
access files in fixed-size records. ZFS automatically tunes block
sizes according to internal algorithms optimized for typical access
patterns.
For databases that create very large files but access them in small
random chunks, these algorithms may be suboptimal. Specifying a
recordsize greater than or equal to the record size of the database
can result in significant performance gains. Use of this property
for general purpose file systems is strongly discouraged, and may
adversely affect performance.
The size specified must be a power of two greater than or equal to
512 and less than or equal to 128 Kbytes.
Changing the file system's recordsize affects only files created
afterward; existing files are unaffected.
This property can also be referred to by its shortened column name,
recsize.
refquota=size | none
Limits the amount of space a dataset can consume. This property
enforces a hard limit on the amount of space used. This hard limit
does not include space used by descendents, including file systems
and snapshots.
refreservation=size | none
The minimum amount of space guaranteed to a dataset, not including
its descendents. When the amount of space used is below this value,
the dataset is treated as if it were taking up the amount of space
specified by refreservation. The refreservation reservation is
accounted for in the parent datasets' space used, and counts
against the parent datasets' quotas and reservations.
If refreservation is set, a snapshot is only allowed if there is
enough free pool space outside of this reservation to accommodate
the current number of "referenced" bytes in the dataset.
This property can also be referred to by its shortened column name,
refreserv.
reservation=size | none
The minimum amount of space guaranteed to a dataset and its descen‐
dents. When the amount of space used is below this value, the
dataset is treated as if it were taking up the amount of space
specified by its reservation. Reservations are accounted for in the
parent datasets' space used, and count against the parent datasets'
quotas and reservations.
This property can also be referred to by its shortened column name,
reserv.
secondarycache=all | none | metadata
Controls what is cached in the secondary cache (L2ARC). If this
property is set to all, then both user data and metadata is cached.
If this property is set to none, then neither user data nor meta‐
data is cached. If this property is set to metadata, then only
metadata is cached. The default value is all.
setuid=on | off
Controls whether the set-UID bit is respected for the file system.
The default value is on.
shareiscsi=on | off
Like the sharenfs property, shareiscsi indicates whether a ZFS vol‐
ume is exported as an iSCSI target. The acceptable values for this
property are on, off, and type=disk. The default value is off. In
the future, other target types might be supported. For example,
tape.
You might want to set shareiscsi=on for a file system so that all
ZFS volumes within the file system are shared by default. However,
setting this property on a file system has no direct effect.
sharesmb=on | off | opts
Controls whether the file system is shared by using the Solaris
CIFS service, and what options are to be used. A file system with
the sharesmb property set to off is managed through traditional
tools such as sharemgr(1M). Otherwise, the file system is automati‐
cally shared and unshared with the zfs share and zfs unshare com‐
mands. If the property is set to on, the sharemgr(1M) command is
invoked with no options. Otherwise, the sharemgr(1M) command is
invoked with options equivalent to the contents of this property.
Because SMB shares requires a resource name, a unique resource name
is constructed from the dataset name. The constructed name is a
copy of the dataset name except that the characters in the dataset
name, which would be illegal in the resource name, are replaced
with underscore (_) characters. A pseudo property "name" is also
supported that allows you to replace the data set name with a spec‐
ified name. The specified name is then used to replace the prefix
dataset in the case of inheritance. For example, if the dataset
data/home/john is set to name=john, then data/home/john has a
resource name of john. If a child dataset of data/home/john/back‐
ups, it has a resource name of john_backups.
When SMB shares are created, the SMB share name appears as an entry
in the .zfs/shares directory. You can use the ls or chmod command
to display the share-level ACLs on the entries in this directory.
When the sharesmb property is changed for a dataset, the dataset
and any children inheriting the property are re-shared with the new
options, only if the property was previously set to off, or if they
were shared before the property was changed. If the new property is
set to off, the file systems are unshared.
sharenfs=on | off | opts
Controls whether the file system is shared via NFS, and what
options are used. A file system with a sharenfs property of off is
managed through traditional tools such as share(1M), unshare(1M),
and dfstab(4). Otherwise, the file system is automatically shared
and unshared with the zfs share and zfs unshare commands. If the
property is set to on, the share(1M) command is invoked with no
options. Otherwise, the share(1M) command is invoked with options
equivalent to the contents of this property.
When the sharenfs property is changed for a dataset, the dataset
and any children inheriting the property are re-shared with the new
options, only if the property was previously "off", or if they were
shared before the property was changed. If the new property is off,
the file systems are unshared.
snapdir=hidden | visible
Controls whether the .zfs directory is hidden or visible in the
root of the file system as discussed in the "Snapshots" section.
The default value is hidden.
version=1 | 2 | current
The on-disk version of this file system, which is independent of
the pool version. This property can only be set to later supported
versions. See the zfs upgrade command.
volsize=size
For volumes, specifies the logical size of the volume. By default,
creating a volume establishes a reservation of equal size. For
storage pools with a version number of 9 or higher, a refreserva‐
tion is set instead. Any changes to volsize are reflected in an
equivalent change to the reservation (or refreservation). The vol‐
size can only be set to a multiple of volblocksize, and cannot be
zero.
The reservation is kept equal to the volume's logical size to pre‐
vent unexpected behavior for consumers. Without the reservation,
the volume could run out of space, resulting in undefined behavior
or data corruption, depending on how the volume is used. These
effects can also occur when the volume size is changed while it is
in use (particularly when shrinking the size). Extreme care should
be used when adjusting the volume size.
Though not recommended, a "sparse volume" (also known as "thin pro‐
visioning") can be created by specifying the -s option to the zfs
create -V command, or by changing the reservation after the volume
has been created. A "sparse volume" is a volume where the reserva‐
tion is less then the volume size. Consequently, writes to a sparse
volume can fail with ENOSPC when the pool is low on space. For a
sparse volume, changes to volsize are not reflected in the reserva‐
tion.
vscan=on | off
Controls whether regular files should be scanned for viruses when a
file is opened and closed. In addition to enabling this property,
the virus scan service must also be enabled for virus scanning to
occur. The default value is off.
xattr=on | off
Controls whether extended attributes are enabled for this file sys‐
tem. The default value is on.
zoned=on | off
Controls whether the dataset is managed from a non-global zone. See
the "Zones" section for more information. The default value is off.
The following three properties cannot be changed after the file system
is created, and therefore, should be set when the file system is cre‐
ated. If the properties are not set with the zfs create or zpool create
commands, these properties are inherited from the parent dataset. If
the parent dataset lacks these properties due to having been created
prior to these features being supported, the new file system will have
the default values for these properties.
casesensitivity=sensitive | insensitive | mixed
Indicates whether the file name matching algorithm used by the file
system should be case-sensitive, case-insensitive, or allow a com‐
bination of both styles of matching. The default value for the cas‐
esensitivity property is sensitive. Traditionally, UNIX and POSIX
file systems have case-sensitive file names.
The mixed value for the casesensitivity property indicates that the
file system can support requests for both case-sensitive and case-
insensitive matching behavior. Currently, case-insensitive matching
behavior on a file system that supports mixed behavior is limited
to the Solaris CIFS server product. For more information about the
mixed value behavior, see the Solaris ZFS Administration Guide.
normalization=none | formD | formKCf
Indicates whether the file system should perform a unicode normal‐
ization of file names whenever two file names are compared, and
which normalization algorithm should be used. File names are always
stored unmodified, names are normalized as part of any comparison
process. If this property is set to a legal value other than none,
and the utf8only property was left unspecified, the utf8only prop‐
erty is automatically set to on. The default value of the normal‐
ization property is none. This property cannot be changed after the
file system is created.
utf8only=on | off
Indicates whether the file system should reject file names that
include characters that are not present in the UTF-8 character code
set. If this property is explicitly set to off, the normalization
property must either not be explicitly set or be set to none. The
default value for the utf8only property is off. This property can‐
not be changed after the file system is created.
The casesensitivity, normalization, and utf8only properties are also
new permissions that can be assigned to non-privileged users by using
the ZFS delegated administration feature.
Temporary Mount Point Properties
When a file system is mounted, either through mount(1M) for legacy
mounts or the zfs mount command for normal file systems, its mount
options are set according to its properties. The correlation between
properties and mount options is as follows:
PROPERTY MOUNT OPTION
devices devices/nodevices
exec exec/noexec
readonly ro/rw
setuid setuid/nosetuid
xattr xattr/noxattr
In addition, these options can be set on a per-mount basis using the -o
option, without affecting the property that is stored on disk. The val‐
ues specified on the command line override the values stored in the
dataset. The -nosuid option is an alias for nodevices,nosetuid. These
properties are reported as "temporary" by the zfs get command. If the
properties are changed while the dataset is mounted, the new setting
overrides any temporary settings.
User Properties
In addition to the standard native properties, ZFS supports arbitrary
user properties. User properties have no effect on ZFS behavior, but
applications or administrators can use them to annotate datasets (file
systems, volumes, and snapshots).
User property names must contain a colon (:) character to distinguish
them from native properties. They may contain lowercase letters, num‐
bers, and the following punctuation characters: colon (:), dash (-),
period (.), and underscore (_). The expected convention is that the
property name is divided into two portions such as module:property, but
this namespace is not enforced by ZFS. User property names can be at
most 256 characters, and cannot begin with a dash (-).
When making programmatic use of user properties, it is strongly sug‐
gested to use a reversed DNS domain name for the module component of
property names to reduce the chance that two independently-developed
packages use the same property name for different purposes. Property
names beginning with com.sun. are reserved for use by Sun Microsystems.
The values of user properties are arbitrary strings, are always inher‐
ited, and are never validated. All of the commands that operate on
properties (zfs list, zfs get, zfs set, and so forth) can be used to
manipulate both native properties and user properties. Use the zfs
inherit command to clear a user property . If the property is not
defined in any parent dataset, it is removed entirely. Property values
are limited to 1024 characters.
ZFS Volumes as Swap or Dump Devices
During an initial installation or a live upgrade from a UFS file sys‐
tem, a swap device and dump device are created on ZFS volumes in the
ZFS root pool. By default, the swap area size is based on 1/2 the size
of physical memory up to 2 Gbytes. The size of the dump device depends
on the kernel's requirements at installation time. Separate ZFS volumes
must be used for the swap area and dump devices. Do not swap to a file
on a ZFS file system. A ZFS swap file configuration is not supported.
If you need to change your swap area or dump device after the system is
installed or upgraded, use the swap(1M) and dumpadm(1M) commands. If
you need to change the size of your swap area or dump device, see the
Solaris ZFS Administration Guide.
SUBCOMMANDS
All subcommands that modify state are logged persistently to the pool
in their original form.
zfs ?
Displays a help message.
zfs create [-p] [-o property=value] ... filesystem
Creates a new ZFS file system. The file system is automatically
mounted according to the "mountpoint" property inherited from the
parent.
-p
Creates all the non-existing parent datasets. Datasets created
in this manner are automatically mounted according to the
mountpoint property inherited from their parent. Any property
specified on the command line using the -o option is ignored.
If the target filesystem already exists, the operation com‐
pletes successfully.
-o property=value
Sets the specified property as if the command zfs set prop‐
erty=value was invoked at the same time the dataset was cre‐
ated. Any editable ZFS property can also be set at creation
time. Multiple -o options can be specified. An error results if
the same property is specified in multiple -o options.
zfs create [-ps] [-b blocksize] [-o property=value] ... -V size volume
Creates a volume of the given size. The volume is exported as a
block device in /dev/zvol/{dsk,rdsk}/path, where path is the name
of the volume in the ZFS namespace. The size represents the logical
size as exported by the device. By default, a reservation of equal
size is created.
size is automatically rounded up to the nearest 128 Kbytes to
ensure that the volume has an integral number of blocks regardless
of blocksize.
-p
Creates all the non-existing parent datasets. Datasets created
in this manner are automatically mounted according to the
mountpoint property inherited from their parent. Any property
specified on the command line using the -o option is ignored.
If the target filesystem already exists, the operation com‐
pletes successfully.
-s
Creates a sparse volume with no reservation. See volsize in the
Native Properties section for more information about sparse
volumes.
-o property=value
Sets the specified property as if the zfs set property=value
command was invoked at the same time the dataset was created.
Any editable ZFS property can also be set at creation time.
Multiple -o options can be specified. An error results if the
same property is specified in multiple -o options.
-b blocksize
Equivalent to -o volblocksize=blocksize. If this option is
specified in conjunction with -o volblocksize, the resulting
behavior is undefined.
zfs destroy [-rRf] filesystem|volume|snapshot
Destroys the given dataset. By default, the command unshares any
file systems that are currently shared, unmounts any file systems
that are currently mounted, and refuses to destroy a dataset that
has active dependents (children, snapshots, clones).
-r
Recursively destroy all children. If a snapshot is specified,
destroy all snapshots with this name in descendent file sys‐
tems.
-R
Recursively destroy all dependents, including cloned file sys‐
tems outside the target hierarchy. If a snapshot is specified,
destroy all snapshots with this name in descendent file sys‐
tems.
-f
Force an unmount of any file systems using the unmount -f com‐
mand. This option has no effect on non-file systems or
unmounted file systems.
Extreme care should be taken when applying either the -r or the -f
options, as they can destroy large portions of a pool and cause
unexpected behavior for mounted file systems in use.
zfs snapshot [-r] [-o property=value] ... filesystem@snapname|vol‐
ume@snapname
Creates a snapshot with the given name. All previous modifications
by successful system calls to the file system are part of the snap‐
shot. See the "Snapshots" section for details.
-r
Recursively create snapshots of all descendent datasets. Snap‐
shots are taken atomically, so that all recursive snapshots
correspond to the same moment in time.
-o property=value
Sets the specified property; see zfs create for details.
zfs rollback [-rRf] snapshot
Roll back the given dataset to a previous snapshot. When a dataset
is rolled back, all data that has changed since the snapshot is
discarded, and the dataset reverts to the state at the time of the
snapshot. By default, the command refuses to roll back to a snap‐
shot other than the most recent one. In order to do so, all inter‐
mediate snapshots must be destroyed by specifying the -r option.
-r
Recursively destroy any snapshots more recent than the one
specified.
-R
Recursively destroy any more recent snapshots, as well as any
clones of those snapshots.
-f
Used with the -R option to force an unmount of any clone file
systems that are to be destroyed.
zfs clone [-p] [-o property=value] ... snapshot filesystem|volume
Creates a clone of the given snapshot. See the "Clones" section for
details. The target dataset can be located anywhere in the ZFS
hierarchy, and is created as the same type as the original.
-p
Creates all the non-existing parent datasets. Datasets created
in this manner are automatically mounted according to the
mountpoint property inherited from their parent. If the target
filesystem or volume already exists, the operation completes
successfully.
-o property=value
Sets the specified property; see zfs create for details.
zfs promote clone-filesystem
Promotes a clone file system to no longer be dependent on its "ori‐
gin" snapshot. This makes it possible to destroy the file system
that the clone was created from. The clone parent-child dependency
relationship is reversed, so that the origin file system becomes a
clone of the specified file system.
The snapshot that was cloned, and any snapshots previous to this
snapshot, are now owned by the promoted clone. The space they use
moves from the origin file system to the promoted clone, so enough
space must be available to accommodate these snapshots. No new
space is consumed by this operation, but the space accounting is
adjusted. The promoted clone must not have any conflicting snapshot
names of its own. The rename subcommand can be used to rename any
conflicting snapshots.
zfs rename filesystem|volume|snapshot
filesystem|volume|snapshot
zfs rename [-p] filesystem|volume filesystem|volume
Renames the given dataset. The new target can be located anywhere
in the ZFS hierarchy, with the exception of snapshots. Snapshots
can only be renamed within the parent file system or volume. When
renaming a snapshot, the parent file system of the snapshot does
not need to be specified as part of the second argument. Renamed
file systems can inherit new mount points, in which case they are
unmounted and remounted at the new mount point.
-p
Creates all the nonexistent parent datasets. Datasets created
in this manner are automatically mounted according to the
mountpoint property inherited from their parent.
zfs rename -r snapshot snapshot
Recursively rename the snapshots of all descendent datasets. Snap‐
shots are the only dataset that can be renamed recursively.
zfs list [-r|-d depth] [-H] [-o property[,...]] [ -t type[,...]] [ -s
property ] ... [ -S property ] ... [filesystem|volume|snapshot] ...
Lists the property information for the given datasets in tabular
form. If specified, you can list property information by the abso‐
lute pathname or the relative pathname. By default, all file sys‐
tems and volumes are displayed. Snapshots are displayed if the
listsnaps property is on (the default is off) . The following
fields are displayed:
name,used,available,referenced,mountpoint
-H
Used for scripting mode. Do not print headers and separate
fields by a single tab instead of arbitrary whitespace.
-r
Recursively display any children of the dataset on the command
line.
-d depth
Recursively display any children of the dataset, limiting the
recursion to depth. A depth of 1 will display only the dataset
and its direct children.
-o property
A comma-separated list of properties to display. The property
must be:
o one of the properties described in the "Native Prop‐
erties" section
o a user property
o the value name to display the dataset name
o the value space to display space usage properties on
file systems and volumes. This is a shortcut for:
-o name,avail,used,usedsnap,usedds,usedrefreserv,\
usedchild -t filesystem,volume
-s property
A property to use for sorting the output by column in ascending
order based on the value of the property. The property must be
one of the properties described in the "Properties" section, or
the special value name to sort by the dataset name. Multiple
properties can be specified at one time using multiple -s prop‐
erty options. Multiple -s options are evaluated from left to
right in decreasing order of importance.
The following is a list of sorting criteria:
o Numeric types sort in numeric order.
o String types sort in alphabetical order.
o Types inappropriate for a row sort that row to the
literal bottom, regardless of the specified order‐
ing.
o If no sorting options are specified the existing
behavior of zfs list is preserved.
-S property
Same as the -s option, but sorts by property in descending
order.
-t type
A comma-separated list of types to display, where type is one
of filesystem, snapshot , volume, or all. For example, specify‐
ing -t snapshot displays only snapshots.
zfs set property=value filesystem|volume|snapshot ...
Sets the property to the given value for each dataset. Only some
properties can be edited. See the "Properties" section for more
information on what properties can be set and acceptable values.
Numeric values can be specified as exact values, or in a human-
readable form with a suffix of B, K, M, G, T, P, E, Z (for bytes,
kilobytes, megabytes, gigabytes, terabytes, petabytes, exabytes, or
zettabytes, respectively). Properties cannot be set on snapshots.
zfs get [-r|-d depth] [-Hp] [-o field[,...] [-s source[,...] "all" |
property[,...] filesystem|volume|snapshot ...
Displays properties for the given datasets. If no datasets are
specified, then the command displays properties for all datasets on
the system. For each property, the following columns are displayed:
name Dataset name
property Property name
value Property value
source Property source. Can either be local, default,
temporary, inherited, or none (-).
All columns are displayed by default, though this can be controlled
by using the -o option. This command takes a comma-separated list
of properties as described in the "Native Properties" and "User
Properties" sections.
The special value all can be used to display all properties that
apply to the given dataset's type (filesystem, volume, or snap‐
shot).
-r
Recursively display properties for any children.
-d depth
Recursively display any children of the dataset, limiting the
recursion to depth. A depth of 1 will display only the dataset
and its direct children.
-H
Display output in a form more easily parsed by scripts. Any
headers are omitted, and fields are explicitly separated by a
single tab instead of an arbitrary amount of space.
-o field
A comma-separated list of columns to display. name,prop‐
erty,value,source is the default value.
-s source
A comma-separated list of sources to display. Those properties
coming from a source other than those in this list are ignored.
Each source must be one of the following: local,default,inher‐
ited,temporary,none. The default value is all sources.
-p
Display numbers in parseable (exact) values.
zfs inherit [-r] property filesystem|volume|snapshot ...
Clears the specified property, causing it to be inherited from an
ancestor. If no ancestor has the property set, then the default
value is used. See the "Properties" section for a listing of
default values, and details on which properties can be inherited.
-r
Recursively inherit the given property for all children.
zfs upgrade [-v]
Displays a list of file systems that are not the most recent ver‐
sion.
zfs upgrade [-r] [-V version] [-a | filesystem]
Upgrades file systems to a new on-disk version. Once this is done,
the file systems will no longer be accessible on systems running
older versions of the software. zfs send streams generated from new
snapshots of these file systems can not be accessed on systems run‐
ning older versions of the software.
The file system version is independent of the pool version (see
zpool(1M) for information on the zpool upgrade command).
The file system version does not have to be upgraded when the pool
version is upgraded, and vice-versa.
-a
Upgrade all file systems on all imported pools.
filesystem
Upgrade the specified file system.
-r
Upgrade the specified file system and all descendent file sys‐
tems
-V version
Upgrade to the specified version. If the -V flag is not speci‐
fied, this command upgrades to the most recent version. This
option can only be used to increase the version number, and
only up to the most recent version supported by this software.
zfs userspace [-niHp] [-o field[,...]] [-sS field]... [-t type [,...]]
filesystem | snapshot
Displays space consumed by, and quotas on, each user in the speci‐
fied filesystem or snapshot. This corresponds to the userused@user
and userquota@user properties.
-n
Print numeric ID instead of user/group name.
-H
Do not print headers, use tab-delimited output.
-p
Use exact (parseable) numeric output.
-o field[,...]
Display only the specified fields, from the following set:
type,name,used,quota
The default is to display all fields.
-s field
Sort output by this field. The s and S flags may be specified
multiple times to sort first by one field, then by another. The
default is:
-s type -s name
-S field
Sort by this field in reverse order. See -s.
-t type[,...]
Print only the specified types, from the following set:
all,posixuser,smbuser,posixgroup,smbgroup
The default is:
-t posixuser,smbuser
...but can be changed to include group types.
-i
Translate SID to POSIX ID. The POSIX ID may be ephemeral if no
mapping exists. Normal POSIX interfaces (for example, stat(2),
ls -l) perform this translation, so the -i option allows the
output from zfs userspace to be compared directly with those
utilities. However, -i may lead to confusion if some files were
created by an SMB user before a SMB-to-POSIX name mapping was
established. In such a case, some files are owned by the SMB
entity and some by the POSIX entity. However, he -i option will
report that the POSIX entity has the total usage and quota for
both.
zfs groupspace [-niHp] [-o field[,...]] [-sS field]... [-t type [,...]]
filesystem | snapshot
Displays space consumed by, and quotas on, each group in the speci‐
fied filesystem or snapshot. This subcommand is identical to zfs
userspace, except that the default types to display are:
-t posixgroup,smbgroup
zfs mount
Displays all ZFS file systems currently mounted.
zfs mount [-vO] [-o options] -a | filesystem
Mounts ZFS file systems. Invoked automatically as part of the boot
process.
-o options
An optional, comma-separated list of mount options to use tem‐
porarily for the duration of the mount. See the "Temporary
Mount Point Properties" section for details.
-O
Perform an overlay mount. See mount(1M) for more information.
-v
Report mount progress.
-a
Mount all available ZFS file systems. Invoked automatically as
part of the boot process.
filesystem
Mount the specified filesystem.
zfs unmount [-f] -a | filesystem|mountpoint
Unmounts currently mounted ZFS file systems. Invoked automatically
as part of the shutdown process.
-f
Forcefully unmount the file system, even if it is currently in
use.
-a
Unmount all available ZFS file systems. Invoked automatically
as part of the boot process.
filesystem|mountpoint
Unmount the specified filesystem. The command can also be given
a path to a ZFS file system mount point on the system.
zfs share -a | filesystem
Shares available ZFS file systems.
-a
Share all available ZFS file systems. Invoked automatically as
part of the boot process.
filesystem
Share the specified filesystem according to the sharenfs and
sharesmb properties. File systems are shared when the sharenfs
or sharesmb property is set.
zfs unshare -a | filesystem|mountpoint
Unshares currently shared ZFS file systems. This is invoked auto‐
matically as part of the shutdown process.
-a
Unshare all available ZFS file systems. Invoked automatically
as part of the boot process.
filesystem|mountpoint
Unshare the specified filesystem. The command can also be given
a path to a ZFS file system shared on the system.
zfs send [-vR] [-[iI] snapshot] snapshot
Creates a stream representation of the second snapshot, which is
written to standard output. The output can be redirected to a file
or to a different system (for example, using ssh(1). By default, a
full stream is generated.
-i snapshot
Generate an incremental stream from the first snapshot to the
second snapshot. The incremental source (the first snapshot)
can be specified as the last component of the snapshot name
(for example, the part after the @), and it is assumed to be
from the same file system as the second snapshot.
If the destination is a clone, the source may be the origin
snapshot, which must be fully specified (for example,
pool/fs@origin, not just @origin).
-I snapshot
Generate a stream package that sends all intermediary snapshots
from the first snapshot to the second snapshot. For example, -I
@a fs@d is similar to -i @a fs@b; -i @b fs@c; -i @c fs@d. The
incremental source snapshot may be specified as with the -i
option.
-R
Generate a replication stream package, which will replicate the
specified filesystem, and all descendent file systems, up to
the named snapshot. When received, all properties, snapshots,
descendent file systems, and clones are preserved.
If the -i or -I flags are used in conjunction with the -R flag,
an incremental replication stream is generated. The current
values of properties, and current snapshot and file system
names are set when the stream is received. If the -F flag is
specified when this stream is received, snapshots and file sys‐
tems that do not exist on the sending side are destroyed.
-v
Print verbose information about the stream package generated.
The format of the stream is evolving. No backwards compatibility is
guaranteed. You may not be able to receive your streams on future
versions of ZFS.
zfs receive [-vnFu] filesystem|volume|snapshot
zfs receive [-vnFu] -d filesystem
Creates a snapshot whose contents are as specified in the stream
provided on standard input. If a full stream is received, then a
new file system is created as well. Streams are created using the
zfs send subcommand, which by default creates a full stream. zfs
recv can be used as an alias for zfs receive.
If an incremental stream is received, then the destination file
system must already exist, and its most recent snapshot must match
the incremental stream's source. For zvols, the destination device
link is destroyed and recreated, which means the zvol cannot be
accessed during the receive operation.
The name of the snapshot (and file system, if a full stream is
received) that this subcommand creates depends on the argument type
and the -d option.
If the argument is a snapshot name, the specified snapshot is cre‐
ated. If the argument is a file system or volume name, a snapshot
with the same name as the sent snapshot is created within the spec‐
ified filesystem or volume. If the -d option is specified, the
snapshot name is determined by appending the sent snapshot's name
to the specified filesystem. If the -d option is specified, any
required file systems within the specified one are created.
-d
Use the name of the sent snapshot to determine the name of the
new snapshot as described in the paragraph above.
-u
File system that is associated with the received stream is not
mounted.
-v
Print verbose information about the stream and the time
required to perform the receive operation.
-n
Do not actually receive the stream. This can be useful in con‐
junction with the -v option to verify the name the receive
operation would use.
-F
Force a rollback of the file system to the most recent snapshot
before performing the receive operation. If receiving an incre‐
mental replication stream (for example, one generated by zfs
send -R -[iI]), destroy snapshots and file systems that do not
exist on the sending side.
zfs allow filesystem | volume
Displays permissions that have been delegated on the specified
filesystem or volume. See the other forms of zfs allow for more
information.
zfs allow [-ldug] "everyone"|user|group[,...] perm|@setname[,...]
filesystem| volume
zfs allow [-ld] -e perm|@setname[,...] filesystem | volume
Delegates ZFS administration permission for the file systems to
non-privileged users.
[-ug] "everyone"|user|group[,...]
Specifies to whom the permissions are delegated. Multiple enti‐
ties can be specified as a comma-separated list. If neither of
the -ug options are specified, then the argument is interpreted
preferentially as the keyword "everyone", then as a user name,
and lastly as a group name. To specify a user or group named
"everyone", use the -u or -g options. To specify a group with
the same name as a user, use the -g options.
[-e] perm|@setname[,...]
Specifies that the permissions be delegated to "everyone." Mul‐
tiple permissions may be specified as a comma-separated list.
Permission names are the same as ZFS subcommand and property
names. See the property list below. Property set names, which
begin with an "at sign" ("@") , may be specified. See the -s
form below for details.
[-ld] filesystem|volume
Specifies where the permissions are delegated. If neither of
the -ld options are specified, or both are, then the permis‐
sions are allowed for the file system or volume, and all of its
descendents. If only the -l option is used, then is allowed
"locally" only for the specified file system. If only the -d
option is used, then is allowed only for the descendent file
systems.
Permissions are generally the ability to use a ZFS subcommand or change
a ZFS property. The following permissions are available:
NAME TYPE NOTES
allow subcommand Must also have the permission
that is being allowed.
clone subcommand Must also have the 'create' ability
and the 'mount' ability in the origin
file system.
create subcommand Must also have the 'mount' ability.
destroy subcommand Must also have the 'mount' ability.
mount subcommand Allows mount, unmount, and
create/remove zvol device links.
promote subcommand Must also have the 'mount' ability and
'promote' ability in the origin file system.
receive subcommand Must also have the 'mount' ability and
the 'create' ability.
rename subcommand Must also have the 'mount' ability and
the 'create' ability in the new parent.
rollback subcommand Must also have the 'mount' ability.
snapshot subcommand Must also have the 'mount' ability.
share subcommand Allows share and unshare.
send subcommand
aclinherit property
aclmode property
atime property
canmount property
casesensitivity property
checksum property
compression property
copies property
devices property
exec property
groupquota other Allows accessing any groupquota@... property.
groupused other Allows reading any groupused@... property.
mountpoint property
nbmand property
normalization property
primarycache property
quota property
readonly property
recordsize property
refquota property
refreservation property
reservation property
secondarycache property
setuid property
shareiscsi property
sharenfs property
sharesmb property
snapdir property
utf8only property
userprop other Allows changing any user property.
userquota other Allows accessing any userquota@... property.
userused other Allows reading any userused@... property.
version property
volblocksize property
volsize property
vscan property
xattr property
zoned property
userprop other Allows changing any user property.
zfs allow -c perm|@setname[,...] filesystem|volume
Sets "create time" permissions. These permissions are granted
(locally) to the creator of any newly-created descendent file sys‐
tem.
zfs allow -s @setname perm|@setname[,...] filesystem|volume
Defines or adds permissions to a permission set. The set can be
used by other zfs allow commands for the specified file system and
its descendents. Sets are evaluated dynamically, so changes to a
set are immediately reflected. Permission sets follow the same nam‐
ing restrictions as ZFS file systems, but the name must begin with
an "at sign" (@), and can be no more than 64 characters long.
zfs unallow [-rldug] "everyone"|user|group[,...] [perm|@setname[, ...]]
filesystem|volume
zfs unallow [-rld] -e [perm|@setname [,...]] filesystem|volume
zfs unallow [-r] -c [perm|@setname[,...]]
filesystem|volume
Removes permissions that were granted with the zfs allow command.
No permissions are explicitly denied, so other permissions granted
are still in effect. For example, if the permission is granted by
an ancestor. If no permissions are specified, then all permissions
for the specified user, group, or everyone are removed. Specifying
"everyone" (or using the -e option) only removes the permissions
that were granted to "everyone", not all permissions for every user
and group. See the zfs allow command for a description of the
-ldugec options.
-r
Recursively remove the permissions from this file system and
all descendents.
zfs unallow [-r] -s @setname [perm|@setname[,...]]
filesystem|volume
Removes permissions from a permission set. If no permissions are
specified, then all permissions are removed, thus removing the set
entirely.
EXAMPLES
Example 1 Creating a ZFS File System Hierarchy
The following commands create a file system named pool/home and a file
system named pool/home/bob. The mount point /export/home is set for the
parent file system, and automatically inherited by the child file sys‐
tem.
# zfs create pool/home
# zfs set mountpoint=/export/home pool/home
# zfs create pool/home/bob
Example 2 Creating a ZFS Snapshot
The following command creates a snapshot named yesterday. This snapshot
is mounted on demand in the .zfs/snapshot directory at the root of the
pool/home/bob file system.
# zfs snapshot pool/home/bob@yesterday
Example 3 Taking and Destroying Multiple Snapshots
The following command creates snapshots named yesterday of pool/home
and all of its descendent file systems. Each snapshot is mounted on
demand in the .zfs/snapshot directory at the root of its file system.
The second command destroys the newly created snapshots.
# zfs snapshot -r pool/home@yesterday
# zfs destroy -r pool/home@yesterday
Example 4 Turning Off Compression
The following commands turn compression off for all file systems under
pool/home, but explicitly turns it on for pool/home/anne.
# zfs set compression=off pool/home
# zfs set compression=on pool/home/anne
Example 5 Listing ZFS Datasets
The following command lists all active file systems and volumes in the
system. Snapshots are displayed if the listsnaps property is on (the
default is off) . See zpool(1M) for more information on pool proper‐
ties.
# zfs list
NAME USED AVAIL REFER MOUNTPOINT
pool 450K 457G 18K /pool
pool/home 315K 457G 21K /export/home
pool/home/anne 18K 457G 18K /export/home/anne
pool/home/bob 276K 457G 276K /export/home/bob
Example 6 Setting a Quota on a ZFS File System
The following command sets a quota of 50 Gbytes for pool/home/bob.
# zfs set quota=50G pool/home/bob
Example 7 Listing ZFS Properties
The following command lists all properties for pool/home/bob.
# zfs get all pool/home/bob
NAME PROPERTY VALUE SOURCE
pool/home/bob type filesystem -
pool/home/bob creation Thu Jul 12 14:44 2007 -
pool/home/bob used 276K -
pool/home/bob available 50.0G -
pool/home/bob referenced 276K -
pool/home/bob compressratio 1.00x -
pool/home/bob mounted yes -
pool/home/bob quota 50G local
pool/home/bob reservation none default
pool/home/bob recordsize 128K default
pool/home/bob mountpoint /export/home/bob inherited
from
pool/home
pool/home/bob sharenfs off default
pool/home/bob checksum on default
pool/home/bob compression off default
pool/home/bob atime on default
pool/home/bob devices on default
pool/home/bob exec on default
pool/home/bob setuid on default
pool/home/bob readonly off default
pool/home/bob zoned off default
pool/home/bob snapdir hidden default
pool/home/bob aclmode groupmask default
pool/home/bob aclinherit restricted default
pool/home/bob canmount on default
pool/home/bob shareiscsi off default
pool/home/bob xattr on default
pool/home/bob copies 1 default
pool/home/bob version 1 -
pool/home/bob utf8only off -
pool/home/bob normalization none -
pool/home/bob casesensitivity sensitive -
pool/home/bob vscan off default
pool/home/bob nbmand off default
pool/home/bob sharesmb off default
pool/home/bob refquota 10M local
pool/home/bob refreservation none default
pool/home/bob primarycache all default
pool/home/bob secondarycache a default
pool/home/bob usedbysnapshots 0 -
pool/home/bob usedbydataset 18K -
pool/home/bob usedbychildren 0 -
pool/home/bob usedbyrefreservation 0 -
The following command gets a single property value.
# zfs get -H -o value compression pool/home/bob
on
The following command lists all properties with local settings for
pool/home/bob.
# zfs get -r -s local -o name,property,value all pool/home/bob
NAME PROPERTY VALUE
pool compression on
pool/home checksum off
Example 8 Rolling Back a ZFS File System
The following command reverts the contents of pool/home/anne to the
snapshot named yesterday, deleting all intermediate snapshots.
# zfs rollback -r pool/home/anne@yesterday
Example 9 Creating a ZFS Clone
The following command creates a writable file system whose initial con‐
tents are the same as pool/home/bob@yesterday.
# zfs clone pool/home/bob@yesterday pool/clone
Example 10 Promoting a ZFS Clone
The following commands illustrate how to test out changes to a file
system, and then replace the original file system with the changed one,
using clones, clone promotion, and renaming:
# zfs create pool/project/production
populate /pool/project/production with data
# zfs snapshot pool/project/production@today
# zfs clone pool/project/production@today pool/project/beta
make changes to /pool/project/beta and test them
# zfs promote pool/project/beta
# zfs rename pool/project/production pool/project/legacy
# zfs rename pool/project/beta pool/project/production
once the legacy version is no longer needed, it can be destroyed
# zfs destroy pool/project/legacy
Example 11 Inheriting ZFS Properties
The following command causes pool/home/bob and pool/home/anne to
inherit the checksum property from their parent.
# zfs inherit checksum pool/home/bob pool/home/anne
Example 12 Remotely Replicating ZFS Data
The following commands send a full stream and then an incremental
stream to a remote machine, restoring them into poolB/received/fs@aand
poolB/received/fs@b, respectively. poolB must contain the file system
poolB/received, and must not initially contain poolB/received/fs.
# zfs send pool/fs@a | \
ssh host zfs receive poolB/received/fs@a
# zfs send -i a pool/fs@b | ssh host \
zfs receive poolB/received/fs
Example 13 Using the receive -d Option
The following command sends a full stream of poolA/fsA/fsB@snap to a
remote machine, receiving it into poolB/received/fsA/fsB@snap. The
fsA/fsB@snap portion of the received snapshot's name is determined from
the name of the sent snapshot. poolB must contain the file system
poolB/received. If poolB/received/fsA does not exist, it is created as
an empty file system.
# zfs send poolA/fsA/fsB@snap | \
ssh host zfs receive -d poolB/received
Example 14 Setting User Properties
The following example sets the user-defined com.example:department
property for a dataset.
# zfs set com.example:department=12345 tank/accounting
Example 15 Creating a ZFS Volume as an iSCSI Target Device
The following example shows how to create a ZFS volume as an iSCSI tar‐
get.
# zfs create -V 2g pool/volumes/vol1
# zfs set shareiscsi=on pool/volumes/vol1
# iscsitadm list target
Target: pool/volumes/vol1
iSCSI Name:
iqn.1986-03.com.sun:02:7b4b02a6-3277-eb1b-e686-a24762c52a8c
Connections: 0
After the iSCSI target is created, set up the iSCSI initiator. For more
information about the Solaris iSCSI initiator, see iscsitadm(1M).
Example 16 Performing a Rolling Snapshot
The following example shows how to maintain a history of snapshots with
a consistent naming scheme. To keep a week's worth of snapshots, the
user destroys the oldest snapshot, renames the remaining snapshots, and
then creates a new snapshot, as follows:
# zfs destroy -r pool/users@7daysago
# zfs rename -r pool/users@6daysago @7daysago
# zfs rename -r pool/users@5daysago @6daysago
# zfs rename -r pool/users@yesterday @5daysago
# zfs rename -r pool/users@yesterday @4daysago
# zfs rename -r pool/users@yesterday @3daysago
# zfs rename -r pool/users@yesterday @2daysago
# zfs rename -r pool/users@today @yesterday
# zfs snapshot -r pool/users@today
Example 17 Setting sharenfs Property Options on a ZFS File System
The following commands show how to set sharenfs property options to
enable rw access for a set of IP addresses and to enable root access
for system neo on the tank/home file system.
# # zfs set sharenfs='rw=@123.123.0.0/16,root=neo' tank/home
If you are using DNS for host name resolution, specify the fully quali‐
fied hostname.
Example 18 Delegating ZFS Administration Permissions on a ZFS Dataset
The following example shows how to set permissions so that user cindys
can create, destroy, mount, and take snapshots on tank/cindys. The per‐
missions on tank/cindys are also displayed.
# # zfs allow cindys create,destroy,mount,snapshot tank/cindys
# zfs allow tank/cindys
-------------------------------------------------------------
Local+Descendent permissions on (tank/cindys)
user cindys create,destroy,mount,snapshot
-------------------------------------------------------------
Because the tank/cindys mount point permission is set to 755 by
default, user cindys will be unable to mount file systems under
tank/cindys. Set an ACL similar to the following syntax to provide
mount point access:
# chmod A+user:cindys:add_subdirectory:allow /tank/cindys
Example 19 Delegating Create Time Permissions on a ZFS Dataset
The following example shows how to grant anyone in the group staff to
create file systems in tank/users. This syntax also allows staff mem‐
bers to destroy their own file systems, but not destroy anyone else's
file system. The permissions on tank/users are also displayed.
# # zfs allow staff create,mount tank/users
# zfs allow -c destroy tank/users
# zfs allow tank/users
-------------------------------------------------------------
Create time permissions on (tank/users)
create,destroy
Local+Descendent permissions on (tank/users)
group staff create,mount
-------------------------------------------------------------
Example 20 Defining and Granting a Permission Set on a ZFS Dataset
The following example shows how to define and grant a permission set on
the tank/users file system. The permissions on tank/users are also dis‐
played.
# zfs allow -s @pset create,destroy,snapshot,mount tank/users
# zfs allow staff @pset tank/users
# zfs allow tank/users
-------------------------------------------------------------
Permission sets on (tank/users)
@pset create,destroy,mount,snapshot
Create time permissions on (tank/users)
create,destroy
Local+Descendent permissions on (tank/users)
group staff @pset,create,mount
-------------------------------------------------------------
Example 21 Delegating Property Permissions on a ZFS Dataset
The following example shows to grant the ability to set quotas and
reservations on the users/home file system. The permissions on
users/home are also displayed.
# zfs allow cindys quota,reservation users/home
# zfs allow users/home
-------------------------------------------------------------
Local+Descendent permissions on (users/home)
user cindys quota,reservation
-------------------------------------------------------------
cindys% zfs set quota=10G users/home/marks
cindys% zfs get quota users/home/marks
NAME PROPERTY VALUE SOURCE
users/home/marks quota 10G local
Example 22 Removing ZFS Delegated Permissions on a ZFS Dataset
The following example shows how to remove the snapshot permission from
the staff group on the tank/users file system. The permissions on
tank/users are also displayed.
# zfs unallow staff snapshot tank/users
# zfs allow tank/users
-------------------------------------------------------------
Permission sets on (tank/users)
@pset create,destroy,mount,snapshot
Create time permissions on (tank/users)
create,destroy
Local+Descendent permissions on (tank/users)
group staff @pset,create,mount
-------------------------------------------------------------
EXIT STATUS
The following exit values are returned:
0
Successful completion.
1
An error occurred.
2
Invalid command line options were specified.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWzfsu │
├─────────────────────────────┼─────────────────────────────┤
│Interface Stability │Committed │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOssh(1), iscsitadm(1M), mount(1M), share(1M), sharemgr(1M), unshare(1M),
zonecfg(1M), zpool(1M), chmod(2), stat(2), write(2), fsync(3C),
dfstab(4), attributes(5)
See the gzip(1) man page, which is not part of the SunOS man page col‐
lection.
For information about using the ZFS web-based management tool and other
ZFS features, see the Solaris ZFS Administration Guide.
SunOS 5.11 5 May 2009 zfs(1M)