4 .\" The contents of this file are subject to the terms of the
5 .\" Common Development and Distribution License (the "License").
6 .\" You may not use this file except in compliance with the License.
8 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 .\" or http://www.opensolaris.org/os/licensing.
10 .\" See the License for the specific language governing permissions
11 .\" and limitations under the License.
13 .\" When distributing Covered Code, include this CDDL HEADER in each
14 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 .\" If applicable, add the following below this CDDL HEADER, with the
16 .\" fields enclosed by brackets "[]" replaced with your own identifying
17 .\" information: Portions Copyright [yyyy] [name of copyright owner]
22 .\" Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved.
23 .\" Copyright 2011 Joshua M. Clulow <josh@sysmgr.org>
24 .\" Copyright (c) 2011, 2017 by Delphix. All rights reserved.
25 .\" Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
26 .\" Copyright (c) 2014, Joyent, Inc. All rights reserved.
27 .\" Copyright (c) 2014 by Adam Stevko. All rights reserved.
28 .\" Copyright (c) 2014 Integros [integros.com]
29 .\" Copyright 2016 Richard Laager. All rights reserved.
30 .\" Copyright 2017 Nexenta Systems, Inc.
37 .Nd configures ZFS file systems
44 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
50 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
51 .Fl V Ar size Ar volume
55 .Ar filesystem Ns | Ns Ar volume
59 .Ar filesystem Ns | Ns Ar volume Ns @ Ns Ar snap Ns
60 .Oo % Ns Ar snap Ns Oo , Ns Ar snap Ns Oo % Ns Ar snap Oc Oc Oc Ns ...
63 .Ar filesystem Ns | Ns Ar volume Ns # Ns Ar bookmark
67 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
68 .Ar filesystem Ns @ Ns Ar snapname Ns | Ns Ar volume Ns @ Ns Ar snapname Ns ...
76 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
77 .Ar snapshot Ar filesystem Ns | Ns Ar volume
84 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
85 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
89 .Ar filesystem Ns | Ns Ar volume
90 .Ar filesystem Ns | Ns Ar volume
94 .Ar snapshot Ar snapshot
97 .Op Fl r Ns | Ns Fl d Ar depth
99 .Oo Fl o Ar property Ns Oo , Ns Ar property Oc Ns ... Oc
100 .Oo Fl s Ar property Oc Ns ...
101 .Oo Fl S Ar property Oc Ns ...
102 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
103 .Oo Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Oc Ns ...
106 .Ar property Ns = Ns Ar value Oo Ar property Ns = Ns Ar value Oc Ns ...
107 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Ns ...
110 .Op Fl r Ns | Ns Fl d Ar depth
112 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
113 .Oo Fl s Ar source Ns Oo , Ns Ar source Oc Ns ... Oc
114 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
115 .Cm all | Ar property Ns Oo , Ns Ar property Oc Ns ...
116 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Ns | Ns Ar bookmark Ns ...
120 .Ar property Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Ns ...
130 .Fl a | Ar filesystem
134 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
135 .Oo Fl s Ar field Oc Ns ...
136 .Oo Fl S Ar field Oc Ns ...
137 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
138 .Ar filesystem Ns | Ns Ar snapshot
142 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
143 .Oo Fl s Ar field Oc Ns ...
144 .Oo Fl S Ar field Oc Ns ...
145 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
146 .Ar filesystem Ns | Ns Ar snapshot
150 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
151 .Oo Fl s Ar field Oc Ns ...
152 .Oo Fl S Ar field Oc Ns ...
153 .Ar filesystem Ns | Ns Ar snapshot
156 .Oo Fl d Ns | Ns Fl r Ns Oc
157 .Ar file Ns | Ns Ar directory Ns ...
162 .Ar file Ns | Ns Ar directory Ns ...
167 .Oo Fl d Ns | Ns Fl r Ns Oc
169 .Ar file Ns | Ns Ar directory Ns ...
174 .Ar file Ns | Ns Ar directory Ns ...
181 .Fl a | Ar filesystem
185 .Fl a | Ar filesystem Ns | Ns Ar mountpoint
188 .Fl a | Ar filesystem
191 .Fl a | Ar filesystem Ns | Ns Ar mountpoint
194 .Ar snapshot bookmark
198 .Op Oo Fl I Ns | Ns Fl i Oc Ar snapshot
203 .Op Fl i Ar snapshot Ns | Ns Ar bookmark
204 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
208 .Fl t Ar receive_resume_token
212 .Op Fl o Sy origin Ns = Ns Ar snapshot
213 .Op Fl o Ar property Ns = Ns Ar value
215 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
219 .Op Fl d Ns | Ns Fl e
220 .Op Fl o Sy origin Ns = Ns Ar snapshot
221 .Op Fl o Ar property Ns = Ns Ar value
227 .Ar filesystem Ns | Ns Ar volume
230 .Ar filesystem Ns | Ns Ar volume
234 .Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns ...
235 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
236 .Ar setname Oc Ns ...
237 .Ar filesystem Ns | Ns Ar volume
241 .Fl e Ns | Ns Sy everyone
242 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
243 .Ar setname Oc Ns ...
244 .Ar filesystem Ns | Ns Ar volume
248 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
249 .Ar setname Oc Ns ...
250 .Ar filesystem Ns | Ns Ar volume
253 .Fl s No @ Ns Ar setname
254 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
255 .Ar setname Oc Ns ...
256 .Ar filesystem Ns | Ns Ar volume
260 .Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns ...
261 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
262 .Ar setname Oc Ns ... Oc
263 .Ar filesystem Ns | Ns Ar volume
267 .Fl e Ns | Ns Sy everyone
268 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
269 .Ar setname Oc Ns ... Oc
270 .Ar filesystem Ns | Ns Ar volume
275 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
276 .Ar setname Oc Ns ... Oc
277 .Ar filesystem Ns | Ns Ar volume
281 .Fl s @ Ns Ar setname
282 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
283 .Ar setname Oc Ns ... Oc
284 .Ar filesystem Ns | Ns Ar volume
288 .Ar tag Ar snapshot Ns ...
296 .Ar tag Ar snapshot Ns ...
300 .Ar snapshot Ar snapshot Ns | Ns Ar filesystem
305 .Op Fl m Ar memory_limit
311 .Op Fl L Ar keylocation
312 .Fl a | Ar filesystem
316 .Fl a | Ar filesystem
320 .Op Fl o Ar keylocation Ns = Ns Ar value
321 .Op Fl o Ar keyformat Ns = Ns Ar value
322 .Op Fl o Ar pbkdf2iters Ns = Ns Ar value
332 command configures ZFS datasets within a ZFS storage pool, as described in
334 A dataset is identified by a unique path within the ZFS namespace.
337 pool/{filesystem,volume,snapshot}
340 where the maximum length of a dataset name is
344 A dataset can be one of the following:
345 .Bl -tag -width "file system"
347 A ZFS dataset of type
349 can be mounted within the standard system namespace and behaves like other file
351 While ZFS file systems are designed to be POSIX compliant, known issues exist
352 that prevent compliance in some cases.
353 Applications that depend on standards conformance might fail due to non-standard
354 behavior when checking file system free space.
356 A logical volume exported as a raw or block device.
357 This type of dataset should only be used under special circumstances.
358 File systems are typically used in most environments.
360 A read-only version of a file system or volume at a given point in time.
362 .Ar filesystem Ns @ Ns Ar name
364 .Ar volume Ns @ Ns Ar name .
368 but without the hold on on-disk data. It can be used as the source of a send
369 (but not for a receive). It is specified as
370 .Ar filesystem Ns # Ns Ar name
372 .Ar volume Ns # Ns Ar name .
374 .Ss ZFS File System Hierarchy
375 A ZFS storage pool is a logical collection of devices that provide space for
377 A storage pool is also the root of the ZFS file system hierarchy.
379 The root of the pool can be accessed as a file system, such as mounting and
380 unmounting, taking snapshots, and setting properties.
381 The physical storage characteristics, however, are managed by the
387 for more information on creating and administering pools.
389 A snapshot is a read-only copy of a file system or volume.
390 Snapshots can be created extremely quickly, and initially consume no additional
391 space within the pool.
392 As data within the active dataset changes, the snapshot consumes more data than
393 would otherwise be shared with the active dataset.
395 Snapshots can have arbitrary names.
396 Snapshots of volumes can be cloned or rolled back, visibility is determined
399 property of the parent volume.
401 File system snapshots can be accessed under the
403 directory in the root of the file system.
404 Snapshots are automatically mounted on demand and may be unmounted at regular
406 The visibility of the
408 directory can be controlled by the
412 A bookmark is like a snapshot, a read-only copy of a file system or volume.
413 Bookmarks can be created extremely quickly, compared to snapshots, and they
414 consume no additional space within the pool. Bookmarks can also have arbitrary
415 names, much like snapshots.
417 Unlike snapshots, bookmarks can not be accessed through the filesystem in any
418 way. From a storage standpoint a bookmark just provides a way to reference
419 when a snapshot was created as a distinct object. Bookmarks are initially
420 tied to a snapshot, not the filesystem or volume, and they will survive if the
421 snapshot itself is destroyed. Since they are very light weight there's little
422 incentive to destroy them.
424 A clone is a writable volume or file system whose initial contents are the same
426 As with snapshots, creating a clone is nearly instantaneous, and initially
427 consumes no additional space.
429 Clones can only be created from a snapshot.
430 When a snapshot is cloned, it creates an implicit dependency between the parent
432 Even though the clone is created somewhere else in the dataset hierarchy, the
433 original snapshot cannot be destroyed as long as a clone exists.
436 property exposes this dependency, and the
438 command lists any such dependencies, if they exist.
440 The clone parent-child dependency relationship can be reversed by using the
445 file system to become a clone of the specified file system, which makes it
446 possible to destroy the file system that the clone was created from.
448 Creating a ZFS file system is a simple operation, so the number of file systems
449 per system is likely to be numerous.
450 To cope with this, ZFS automatically manages mounting and unmounting file
451 systems without the need to edit the
454 All automatically managed file systems are mounted by ZFS at boot time.
456 By default, file systems are mounted under
460 is the name of the file system in the ZFS namespace.
461 Directories are created and destroyed as needed.
463 A file system can also have a mount point set in the
466 This directory is created as needed, and ZFS automatically mounts the file
468 .Nm zfs Cm mount Fl a
475 property can be inherited, so if
481 automatically inherits a mount point of
482 .Pa /export/stuff/user .
488 prevents the file system from being mounted.
490 If needed, ZFS file systems can also be managed with traditional tools
496 If a file system's mount point is set to
498 ZFS makes no attempt to manage the file system, and the administrator is
499 responsible for mounting and unmounting the file system. Because pools must
500 be imported before a legacy mount can succeed, administrators should ensure
501 that legacy mounts are only attempted after the zpool import process
502 finishes at boot time. For example, on machines using systemd, the mount
505 .Nm x-systemd.requires=zfs-import.target
507 will ensure that the zfs-import completes before systemd attempts mounting
508 the filesystem. See systemd.mount(5) for details.
510 Deduplication is the process for removing redundant data at the block level,
511 reducing the total amount of data stored. If a file system has the
513 property enabled, duplicate data blocks are removed synchronously. The result
514 is that only unique data is stored and common components are shared among files.
516 Deduplicating data is a very resource-intensive operation. It is generally
517 recommended that you have at least 1.25 GiB of RAM per 1 TiB of storage when
518 you enable deduplication. Calculating the exact requirement depends heavily
519 on the type of data stored in the pool.
521 Enabling deduplication on an improperly-designed system can result in
522 performance issues (slow IO and administrative operations). It can potentially
523 lead to problems importing a pool due to memory exhaustion. Deduplication
524 can consume significant processing power (CPU) and memory as well as generate
527 Before creating a pool with deduplication enabled, ensure that you have planned
528 your hardware requirements appropriately and implemented appropriate recovery
529 practices, such as regular backups. As an alternative to deduplication
532 as a less resource-intensive alternative.
533 .Ss Native Properties
534 Properties are divided into two types, native properties and user-defined
539 Native properties either export internal statistics or control ZFS behavior.
540 In addition, native properties are either editable or read-only.
541 User properties have no effect on ZFS behavior, but you can use them to annotate
542 datasets in a way that is meaningful in your environment.
543 For more information about user properties, see the
547 Every dataset has a set of properties that export statistics about the dataset
548 as well as control various behaviors.
549 Properties are inherited from the parent unless overridden by the child.
550 Some properties apply only to certain types of datasets
551 .Pq file systems, volumes, or snapshots .
553 The values of numeric properties can be specified using human-readable suffixes
563 The following are all valid
566 .Li 1536M, 1.5g, 1.50GB .
568 The values of non-numeric properties are case sensitive and must be lowercase,
575 The following native properties consist of read-only statistics about the
577 These properties can be neither set, nor inherited.
578 Native properties apply to all dataset types unless otherwise noted.
579 .Bl -tag -width "usedbyrefreservation"
581 The amount of space available to the dataset and all its children, assuming that
582 there is no other activity in the pool.
583 Because space is shared within a pool, availability can be limited by any number
584 of factors, including physical pool size, quotas, reservations, or other
585 datasets within the pool.
587 This property can also be referred to by its shortened column name,
590 For non-snapshots, the compression ratio achieved for the
592 space of this dataset, expressed as a multiplier.
595 property includes descendant datasets, and, for clones, does not include the
596 space shared with the origin snapshot.
602 Compression can be turned on by running:
603 .Nm zfs Cm set Sy compression Ns = Ns Sy on Ar dataset .
607 The transaction group (txg) in which the dataset was created. Bookmarks have
610 as the snapshot they are initially tied to. This property is suitable for
611 ordering a list of snapshots, e.g. for incremental send and receive.
613 The time this dataset was created.
615 For snapshots, this property is a comma-separated list of filesystems or volumes
616 which are clones of this snapshot.
619 property is this snapshot.
622 property is not empty, then this snapshot can not be destroyed
629 The roles of origin and clone can be swapped by promoting the clone with the
635 if the snapshot has been marked for deferred destroy by using the
636 .Nm zfs Cm destroy Fl d
638 Otherwise, the property is
640 .It Sy encryptionroot
641 For encrypted datasets, indicates where the dataset is currently inheriting its
642 encryption key from. Loading or unloading a key for the
644 will implicitly load / unload the key for any inheriting datasets (see
647 .Nm zfs Cm unload-key
649 Clones will always share an
650 encryption key with their origin. See the
653 .It Sy filesystem_count
654 The total number of filesystems and volumes that exist under this location in
656 This value is only available when a
658 has been set somewhere in the tree under which the dataset resides.
660 Indicates if an encryption key is currently loaded into ZFS. The possible
669 .Nm zfs Cm unload-key .
671 The 64 bit GUID of this dataset or bookmark which does not change over its
672 entire lifetime. When a snapshot is sent to another pool, the received
673 snapshot has the same GUID. Thus, the
675 is suitable to identify a snapshot across pools.
676 .It Sy logicalreferenced
677 The amount of space that is
679 accessible by this dataset.
683 The logical space ignores the effect of the
687 properties, giving a quantity closer to the amount of data that applications
689 However, it does include space consumed by metadata.
691 This property can also be referred to by its shortened column name,
694 The amount of space that is
696 consumed by this dataset and all its descendents.
700 The logical space ignores the effect of the
704 properties, giving a quantity closer to the amount of data that applications
706 However, it does include space consumed by metadata.
708 This property can also be referred to by its shortened column name,
711 For file systems, indicates whether the file system is currently mounted.
712 This property can be either
717 For cloned file systems or volumes, the snapshot from which the clone was
722 .It Sy receive_resume_token
723 For filesystems or volumes which have saved partially-completed state from
725 this opaque token can be provided to
727 to resume and complete the
730 The amount of data that is accessible by this dataset, which may or may not be
731 shared with other datasets in the pool.
732 When a snapshot or clone is created, it initially references the same amount of
733 space as the file system or snapshot it was created from, since its contents are
736 This property can also be referred to by its shortened column name,
738 .It Sy refcompressratio
739 The compression ratio achieved for the
741 space of this dataset, expressed as a multiplier.
745 .It Sy snapshot_count
746 The total number of snapshots that exist under this location in the dataset
748 This value is only available when a
750 has been set somewhere in the tree under which the dataset resides.
758 The amount of space consumed by this dataset and all its descendents.
759 This is the value that is checked against this dataset's quota and reservation.
760 The space used does not include this dataset's reservation, but does take into
761 account the reservations of any descendent datasets.
762 The amount of space that a dataset consumes from its parent, as well as the
763 amount of space that is freed if this dataset is recursively destroyed, is the
764 greater of its space used and its reservation.
766 The used space of a snapshot
771 is space that is referenced exclusively by this snapshot.
772 If this snapshot is destroyed, the amount of
775 Space that is shared by multiple snapshots isn't accounted for in this metric.
776 When a snapshot is destroyed, space that was previously shared with this
777 snapshot can become unique to snapshots adjacent to it, thus changing the used
778 space of those snapshots.
779 The used space of the latest snapshot can also be affected by changes in the
783 space of a snapshot is a subset of the
785 space of the snapshot.
787 The amount of space used, available, or referenced does not take into account
789 Pending changes are generally accounted for within a few seconds.
790 Committing a change to a disk using
794 does not necessarily guarantee that the space usage information is updated
799 properties decompose the
801 properties into the various reasons that space is used.
804 .Sy usedbychildren No +
805 .Sy usedbydataset No +
806 .Sy usedbyrefreservation No +
807 .Sy usedbysnapshots .
808 These properties are only available for datasets created on
812 .It Sy usedbychildren
813 The amount of space used by children of this dataset, which would be freed if
814 all the dataset's children were destroyed.
816 The amount of space used by this dataset itself, which would be freed if the
817 dataset were destroyed
818 .Po after first removing any
820 and destroying any necessary snapshots or descendents
822 .It Sy usedbyrefreservation
823 The amount of space used by a
825 set on this dataset, which would be freed if the
828 .It Sy usedbysnapshots
829 The amount of space consumed by snapshots of this dataset.
830 In particular, it is the amount of space that would be freed if all of this
831 dataset's snapshots were destroyed.
832 Note that this is not simply the sum of the snapshots'
834 properties because space can be shared by multiple snapshots.
835 .It Sy userused Ns @ Ns Em user
836 The amount of space consumed by the specified user in this dataset.
837 Space is charged to the owner of each file, as displayed by
839 The amount of space charged is displayed by
845 subcommand for more information.
847 Unprivileged users can access only their own space usage.
848 The root user, or a user who has been granted the
852 can access everyone's usage.
855 .Sy userused Ns @ Ns Em ...
856 properties are not displayed by
857 .Nm zfs Cm get Sy all .
858 The user's name must be appended after the @ symbol, using one of the following
860 .Bl -bullet -width ""
874 .Sy joe.smith@mydomain
883 Files created on Linux always have POSIX owners.
884 .It Sy userobjused Ns @ Ns Em user
887 property is similar to
889 but instead it counts the number of objects consumed by a user. This property
890 counts all objects allocated on behalf of the user, it may differ from the
891 results of system tools such as
896 is set on a file system additional objects will be created per-file to store
897 extended attributes. These additional objects are reflected in the
899 value and are counted against the user's
901 When a file system is configured to use
903 no additional internal objects are normally required.
905 This property is set to the number of user holds on this snapshot.
906 User holds are set by using the
909 .It Sy groupused Ns @ Ns Em group
910 The amount of space consumed by the specified group in this dataset.
911 Space is charged to the group of each file, as displayed by
914 .Sy userused Ns @ Ns Em user
915 property for more information.
917 Unprivileged users can only access their own groups' space usage.
918 The root user, or a user who has been granted the
922 can access all groups' usage.
923 .It Sy groupobjused Ns @ Ns Em group
924 The number of objects consumed by the specified group in this dataset.
925 Multiple objects may be charged to the group for each file when extended
926 attributes are in use. See the
927 .Sy userobjused Ns @ Ns Em user
928 property for more information.
930 Unprivileged users can only access their own groups' space usage.
931 The root user, or a user who has been granted the
935 can access all groups' usage.
936 .It Sy projectused Ns @ Ns Em project
937 The amount of space consumed by the specified project in this dataset. Project
938 is identified via the project identifier (ID) that is object-based numeral
939 attribute. An object can inherit the project ID from its parent object (if the
940 parent has the flag of inherit project ID that can be set and changed via
943 .Nm zfs project Fl s )
944 when being created. The privileged user can set and change object's project
949 anytime. Space is charged to the project of each file, as displayed by
954 .Sy userused Ns @ Ns Em user
955 property for more information.
957 The root user, or a user who has been granted the
961 can access all projects' usage.
962 .It Sy projectobjused Ns @ Ns Em project
967 but instead it counts the number of objects consumed by project. When the
970 is set on a fileset, ZFS will create additional objects per-file to store
971 extended attributes. These additional objects are reflected in the
973 value and are counted against the project's
974 .Sy projectobjquota .
975 When a filesystem is configured to use
977 no additional internal objects are required. See the
978 .Sy userobjused Ns @ Ns Em user
979 property for more information.
981 The root user, or a user who has been granted the
985 can access all projects' objects usage.
987 For volumes, specifies the block size of the volume.
990 cannot be changed once the volume has been written, so it should be set at
991 volume creation time.
994 for volumes is 8 Kbytes.
995 Any power of 2 from 512 bytes to 128 Kbytes is valid.
997 This property can also be referred to by its shortened column name,
1002 by this dataset, that was written since the previous snapshot
1003 .Pq i.e. that is not referenced by the previous snapshot .
1004 .It Sy written Ns @ Ns Em snapshot
1007 space written to this dataset since the specified snapshot.
1008 This is the space that is referenced by this dataset but was not referenced by
1009 the specified snapshot.
1013 may be specified as a short snapshot name
1014 .Po just the part after the
1017 in which case it will be interpreted as a snapshot in the same filesystem as
1021 may be a full snapshot name
1022 .Po Em filesystem Ns @ Ns Em snapshot Pc ,
1023 which for clones may be a snapshot in the origin's filesystem
1024 .Pq or the origin of the origin's filesystem, etc.
1027 The following native properties can be used to change the behavior of a ZFS
1031 .Sy aclinherit Ns = Ns Sy discard Ns | Ns Sy noallow Ns | Ns
1032 .Sy restricted Ns | Ns Sy passthrough Ns | Ns Sy passthrough-x
1034 Controls how ACEs are inherited when files and directories are created.
1035 .Bl -tag -width "passthrough-x"
1037 does not inherit any ACEs.
1039 only inherits inheritable ACEs that specify
1043 default, removes the
1047 permissions when the ACE is inherited.
1049 inherits all inheritable ACEs without any modifications.
1050 .It Sy passthrough-x
1058 ACEs inherit the execute permission only if the file creation mode also requests
1062 When the property value is set to
1064 files are created with a mode determined by the inheritable ACEs.
1065 If no inheritable ACEs exist that affect the mode, then the mode is set in
1066 accordance to the requested mode from the application.
1070 property does not apply to posix ACLs.
1071 .It Sy acltype Ns = Ns Sy off Ns | Ns Sy noacl Ns | Ns Sy posixacl
1072 Controls whether ACLs are enabled and if so what type of ACL to use.
1073 .Bl -tag -width "posixacl"
1075 default, when a file system has the
1077 property set to off then ACLs are disabled.
1082 indicates posix ACLs should be used. Posix ACLs are specific to Linux and are
1083 not functional on other platforms. Posix ACLs are stored as an extended
1084 attribute and therefore will not overwrite any existing NFSv4 ACLs which
1088 To obtain the best performance when setting
1090 users are strongly encouraged to set the
1092 property. This will result in the posix ACL being stored more efficiently on
1093 disk. But as a consequence of this all new extended attributes will only be
1094 accessible from OpenZFS implementations which support the
1098 property for more details.
1099 .It Sy atime Ns = Ns Sy on Ns | Ns Sy off
1100 Controls whether the access time for files is updated when they are read.
1101 Turning this property off avoids producing write traffic when reading files and
1102 can result in significant performance gains, though it might confuse mailers
1103 and other similar utilities. The values
1107 are equivalent to the
1111 mount options. The default value is
1116 .It Sy canmount Ns = Ns Sy on Ns | Ns Sy off Ns | Ns Sy noauto
1117 If this property is set to
1119 the file system cannot be mounted, and is ignored by
1120 .Nm zfs Cm mount Fl a .
1121 Setting this property to
1123 is similar to setting the
1127 except that the dataset still has a normal
1129 property, which can be inherited.
1130 Setting this property to
1132 allows datasets to be used solely as a mechanism to inherit properties.
1133 One example of setting
1134 .Sy canmount Ns = Ns Sy off
1135 is to have two datasets with the same
1137 so that the children of both datasets appear in the same directory, but might
1138 have different inherited characteristics.
1142 a dataset can only be mounted and unmounted explicitly.
1143 The dataset is not mounted automatically when the dataset is created or
1144 imported, nor is it mounted by the
1145 .Nm zfs Cm mount Fl a
1146 command or unmounted by the
1147 .Nm zfs Cm unmount Fl a
1150 This property is not inherited.
1152 .Sy checksum Ns = Ns Sy on Ns | Ns Sy off Ns | Ns Sy fletcher2 Ns | Ns
1153 .Sy fletcher4 Ns | Ns Sy sha256 Ns | Ns Sy noparity Ns | Ns
1154 .Sy sha512 Ns | Ns Sy skein Ns | Ns Sy edonr
1156 Controls the checksum used to verify data integrity.
1157 The default value is
1159 which automatically selects an appropriate algorithm
1162 but this may change in future releases
1166 disables integrity checking on user data.
1169 not only disables integrity but also disables maintaining parity for user data.
1170 This setting is used internally by a dump device residing on a RAID-Z pool and
1171 should not be used by any other dataset.
1172 Disabling checksums is
1174 a recommended practice.
1181 checksum algorithms require enabling the appropriate features on the pool.
1183 .Xr zpool-features 5
1184 for more information on these algorithms.
1186 Changing this property affects only newly-written data.
1188 Salted checksum algorithms
1189 .Pq Cm edonr , skein
1190 are currently not supported for any filesystem on the boot pools.
1192 .Sy compression Ns = Ns Sy on Ns | Ns Sy off Ns | Ns Sy gzip Ns | Ns
1193 .Sy gzip- Ns Em N Ns | Ns Sy lz4 Ns | Ns Sy lzjb Ns | Ns Sy zle
1195 Controls the compression algorithm used for this dataset.
1197 Setting compression to
1199 indicates that the current default compression algorithm should be used.
1200 The default balances compression and decompression speed, with compression ratio
1201 and is expected to work well on a wide variety of workloads.
1202 Unlike all other settings for this property,
1204 does not select a fixed compression type.
1205 As new compression algorithms are added to ZFS and enabled on a pool, the
1206 default compression algorithm may change.
1207 The current default compression algorithm is either
1216 compression algorithm is a high-performance replacement for the
1219 It features significantly faster compression and decompression, as well as a
1220 moderately higher compression ratio than
1222 but can only be used on pools with the
1227 .Xr zpool-features 5
1228 for details on ZFS feature flags and the
1234 compression algorithm is optimized for performance while providing decent data
1239 compression algorithm uses the same compression as the
1244 level by using the value
1248 is an integer from 1
1251 .Pq best compression ratio .
1256 .Po which is also the default for
1262 compression algorithm compresses runs of zeros.
1264 This property can also be referred to by its shortened column name
1266 Changing this property affects only newly-written data.
1268 .Sy context Ns = Ns Sy none Ns | Ns
1269 .Em SELinux_User:SElinux_Role:Selinux_Type:Sensitivity_Level
1271 This flag sets the SELinux context for all files in the file system under
1272 a mount point for that file system. See
1274 for more information.
1276 .Sy fscontext Ns = Ns Sy none Ns | Ns
1277 .Em SELinux_User:SElinux_Role:Selinux_Type:Sensitivity_Level
1279 This flag sets the SELinux context for the file system file system being
1282 for more information.
1284 .Sy defcontext Ns = Ns Sy none Ns | Ns
1285 .Em SELinux_User:SElinux_Role:Selinux_Type:Sensitivity_Level
1287 This flag sets the SELinux default context for unlabeled files. See
1289 for more information.
1291 .Sy rootcontext Ns = Ns Sy none Ns | Ns
1292 .Em SELinux_User:SElinux_Role:Selinux_Type:Sensitivity_Level
1294 This flag sets the SELinux context for the root inode of the file system. See
1296 for more information.
1297 .It Sy copies Ns = Ns Sy 1 Ns | Ns Sy 2 Ns | Ns Sy 3
1298 Controls the number of copies of data stored for this dataset.
1299 These copies are in addition to any redundancy provided by the pool, for
1300 example, mirroring or RAID-Z.
1301 The copies are stored on different disks, if possible.
1302 The space used by multiple copies is charged to the associated file and dataset,
1305 property and counting against quotas and reservations.
1307 Changing this property only affects newly-written data.
1308 Therefore, set this property at file system creation time by using the
1309 .Fl o Sy copies Ns = Ns Ar N
1312 Remember that ZFS will not import a pool with a missing top-level vdev. Do
1314 create, for example a two-disk striped pool and set
1316 on some datasets thinking you have setup redundancy for them. When a disk
1317 fails you will not be able to import the pool and will have lost all of your
1319 .It Sy devices Ns = Ns Sy on Ns | Ns Sy off
1320 Controls whether device nodes can be opened on this file system.
1321 The default value is
1327 are equivalent to the
1333 .Sy dnodesize Ns = Ns Sy legacy Ns | Ns Sy auto Ns | Ns Sy 1k Ns | Ns
1334 .Sy 2k Ns | Ns Sy 4k Ns | Ns Sy 8k Ns | Ns Sy 16k
1336 Specifies a compatibility mode or literal value for the size of dnodes in the
1337 file system. The default value is
1339 Setting this property to a value other than
1341 requires the large_dnode pool feature to be enabled.
1347 if the dataset uses the
1349 property setting and the workload makes heavy use of extended attributes. This
1350 may be applicable to SELinux-enabled systems, Lustre servers, and Samba
1351 servers, for example. Literal values are supported for cases where the optimal
1352 size is known in advance and for performance testing.
1358 if you need to receive a send stream of this dataset on a pool that doesn't
1359 enable the large_dnode feature, or if you need to import this pool on a system
1360 that doesn't support the large_dnode feature.
1362 This property can also be referred to by its shortened column name,
1365 .Sy encryption Ns = Ns Sy off Ns | Ns Sy on Ns | Ns Sy aes-128-ccm Ns | Ns
1366 .Sy aes-192-ccm Ns | Ns Sy aes-256-ccm Ns | Ns Sy aes-128-gcm Ns | Ns
1367 .Sy aes-192-gcm Ns | Ns Sy aes-256-gcm
1369 Controls the encryption cipher suite (block cipher, key length, and mode) used
1370 for this dataset. Requires the
1372 feature to be enabled on the pool.
1375 to be set at dataset creation time.
1378 .Sy encryption Ns = Ns Sy on
1379 when creating a dataset indicates that the default encryption suite will be
1380 selected, which is currently
1382 In order to provide consistent data protection, encryption must be specified at
1383 dataset creation time and it cannot be changed afterwards.
1385 For more details and caveats about encryption see the
1388 .It Sy keyformat Ns = Ns Sy raw Ns | Ns Sy hex Ns | Ns Sy passphrase
1389 Controls what format the user's encryption key will be provided as. This
1390 property is only set when the dataset is encrypted.
1392 Raw keys and hex keys must be 32 bytes long (regardless of the chosen
1393 encryption suite) and must be randomly generated. A raw key can be generated
1394 with the following command:
1396 # dd if=/dev/urandom of=/path/to/output/key bs=32 count=1
1399 Passphrases must be between 8 and 512 bytes long and will be processed through
1400 PBKDF2 before being used (see the
1402 property). Even though the
1403 encryption suite cannot be changed after dataset creation, the keyformat can be
1405 .Nm zfs Cm change-key .
1407 .Sy keylocation Ns = Ns Sy prompt Ns | Ns Sy file:// Ns Em </absolute/file/path>
1409 Controls where the user's encryption key will be loaded from by default for
1413 .Nm zfs Cm mount Cm -l . This property is
1414 only set for encrypted datasets which are encryption roots. If unspecified, the
1418 Even though the encryption suite cannot be changed after dataset creation, the
1419 keylocation can be with either
1422 .Nm zfs Cm change-key .
1425 is selected ZFS will ask for the key at the command prompt when it is required
1426 to access the encrypted data (see
1428 for details). This setting will also allow the key to be passed in via STDIN,
1429 but users should be careful not to place keys which should be kept secret on
1430 the command line. If a file URI is selected, the key will be loaded from the
1431 specified absolute file path.
1432 .It Sy pbkdf2iters Ns = Ns Ar iterations
1433 Controls the number of PBKDF2 iterations that a
1435 encryption key should be run through when processing it into an encryption key.
1436 This property is only defined when encryption is enabled and a keyformat of
1438 is selected. The goal of PBKDF2 is to significantly increase the
1439 computational difficulty needed to brute force a user's passphrase. This is
1440 accomplished by forcing the attacker to run each passphrase through a
1441 computationally expensive hashing function many times before they arrive at the
1442 resulting key. A user who actually knows the passphrase will only have to pay
1443 this cost once. As CPUs become better at processing, this number should be
1444 raised to ensure that a brute force attack is still not possible. The current
1449 This property may be changed with
1450 .Nm zfs Cm change-key .
1451 .It Sy exec Ns = Ns Sy on Ns | Ns Sy off
1452 Controls whether processes can be executed from within this file system.
1453 The default value is
1459 are equivalent to the
1464 .It Sy filesystem_limit Ns = Ns Em count Ns | Ns Sy none
1465 Limits the number of filesystems and volumes that can exist under this point in
1467 The limit is not enforced if the user is allowed to change the limit.
1469 .Sy filesystem_limit
1472 a descendent of a filesystem that already has a
1473 .Sy filesystem_limit
1474 does not override the ancestor's
1475 .Sy filesystem_limit ,
1476 but rather imposes an additional limit.
1477 This feature must be enabled to be used
1479 .Xr zpool-features 5
1481 .It Sy mountpoint Ns = Ns Pa path Ns | Ns Sy none Ns | Ns Sy legacy
1482 Controls the mount point used for this file system.
1485 section for more information on how this property is used.
1489 property is changed for a file system, the file system and any children that
1490 inherit the mount point are unmounted.
1493 then they remain unmounted.
1494 Otherwise, they are automatically remounted in the new location if the property
1499 or if they were mounted before the property was changed.
1500 In addition, any shared file systems are unshared and shared in the new
1502 .It Sy nbmand Ns = Ns Sy on Ns | Ns Sy off
1503 Controls whether the file system should be mounted with
1505 .Pq Non Blocking mandatory locks .
1506 This is used for SMB clients.
1507 Changes to this property only take effect when the file system is umounted and
1511 for more information on
1513 mounts. This property is not used on Linux.
1514 .It Sy overlay Ns = Ns Sy off Ns | Ns Sy on
1515 Allow mounting on a busy directory or a directory which already contains
1516 files or directories. This is the default mount behavior for Linux file systems.
1517 For consistency with OpenZFS on other platforms overlay mounts are
1521 to enable overlay mounts.
1522 .It Sy primarycache Ns = Ns Sy all Ns | Ns Sy none Ns | Ns Sy metadata
1523 Controls what is cached in the primary cache
1525 If this property is set to
1527 then both user data and metadata is cached.
1528 If this property is set to
1530 then neither user data nor metadata is cached.
1531 If this property is set to
1533 then only metadata is cached.
1534 The default value is
1536 .It Sy quota Ns = Ns Em size Ns | Ns Sy none
1537 Limits the amount of space a dataset and its descendents can consume.
1538 This property enforces a hard limit on the amount of space used.
1539 This includes all space consumed by descendents, including file systems and
1541 Setting a quota on a descendent of a dataset that already has a quota does not
1542 override the ancestor's quota, but rather imposes an additional limit.
1544 Quotas cannot be set on volumes, as the
1546 property acts as an implicit quota.
1547 .It Sy snapshot_limit Ns = Ns Em count Ns | Ns Sy none
1548 Limits the number of snapshots that can be created on a dataset and its
1552 on a descendent of a dataset that already has a
1554 does not override the ancestor's
1555 .Sy snapshot_limit ,
1556 but rather imposes an additional limit.
1557 The limit is not enforced if the user is allowed to change the limit.
1558 For example, this means that recursive snapshots taken from the global zone are
1559 counted against each delegated dataset within a zone.
1560 This feature must be enabled to be used
1562 .Xr zpool-features 5
1564 .It Sy userquota@ Ns Em user Ns = Ns Em size Ns | Ns Sy none
1565 Limits the amount of space consumed by the specified user.
1566 User space consumption is identified by the
1567 .Sy userspace@ Ns Em user
1570 Enforcement of user quotas may be delayed by several seconds.
1571 This delay means that a user might exceed their quota before the system notices
1572 that they are over quota and begins to refuse additional writes with the
1576 .Nm zfs Cm userspace
1577 subcommand for more information.
1579 Unprivileged users can only access their own groups' space usage.
1580 The root user, or a user who has been granted the
1584 can get and set everyone's quota.
1586 This property is not available on volumes, on file systems before version 4, or
1587 on pools before version 15.
1589 .Sy userquota@ Ns Em ...
1590 properties are not displayed by
1591 .Nm zfs Cm get Sy all .
1592 The user's name must be appended after the
1594 symbol, using one of the following forms:
1602 .Em POSIX numeric ID
1609 .Sy joe.smith@mydomain
1618 Files created on Linux always have POSIX owners.
1619 .It Sy userobjquota@ Ns Em user Ns = Ns Em size Ns | Ns Sy none
1624 but it limits the number of objects a user can create. Please refer to
1626 for more information about how objects are counted.
1627 .It Sy groupquota@ Ns Em group Ns = Ns Em size Ns | Ns Sy none
1628 Limits the amount of space consumed by the specified group.
1629 Group space consumption is identified by the
1630 .Sy groupused@ Ns Em group
1633 Unprivileged users can access only their own groups' space usage.
1634 The root user, or a user who has been granted the
1638 can get and set all groups' quotas.
1639 .It Sy groupobjquota@ Ns Em group Ns = Ns Em size Ns | Ns Sy none
1644 but it limits number of objects a group can consume. Please refer to
1646 for more information about how objects are counted.
1647 .It Sy projectquota@ Ns Em project Ns = Ns Em size Ns | Ns Sy none
1648 Limits the amount of space consumed by the specified project. Project
1649 space consumption is identified by the
1650 .Sy projectused@ Ns Em project
1651 property. Please refer to
1653 for more information about how project is identified and set/changed.
1655 The root user, or a user who has been granted the
1659 can access all projects' quota.
1660 .It Sy projectobjquota@ Ns Em project Ns = Ns Em size Ns | Ns Sy none
1665 but it limits number of objects a project can consume. Please refer to
1667 for more information about how objects are counted.
1668 .It Sy readonly Ns = Ns Sy on Ns | Ns Sy off
1669 Controls whether this dataset can be modified.
1670 The default value is
1676 are equivalent to the
1682 This property can also be referred to by its shortened column name,
1684 .It Sy recordsize Ns = Ns Em size
1685 Specifies a suggested block size for files in the file system.
1686 This property is designed solely for use with database workloads that access
1687 files in fixed-size records.
1688 ZFS automatically tunes block sizes according to internal algorithms optimized
1689 for typical access patterns.
1691 For databases that create very large files but access them in small random
1692 chunks, these algorithms may be suboptimal.
1695 greater than or equal to the record size of the database can result in
1696 significant performance gains.
1697 Use of this property for general purpose file systems is strongly discouraged,
1698 and may adversely affect performance.
1700 The size specified must be a power of two greater than or equal to 512 and less
1701 than or equal to 128 Kbytes.
1704 feature is enabled on the pool, the size may be up to 1 Mbyte.
1706 .Xr zpool-features 5
1707 for details on ZFS feature flags.
1709 Changing the file system's
1711 affects only files created afterward; existing files are unaffected.
1713 This property can also be referred to by its shortened column name,
1715 .It Sy redundant_metadata Ns = Ns Sy all Ns | Ns Sy most
1716 Controls what types of metadata are stored redundantly.
1717 ZFS stores an extra copy of metadata, so that if a single block is corrupted,
1718 the amount of user data lost is limited.
1719 This extra copy is in addition to any redundancy provided at the pool level
1720 .Pq e.g. by mirroring or RAID-Z ,
1721 and is in addition to an extra copy specified by the
1724 .Pq up to a total of 3 copies .
1725 For example if the pool is mirrored,
1726 .Sy copies Ns = Ns 2 ,
1728 .Sy redundant_metadata Ns = Ns Sy most ,
1729 then ZFS stores 6 copies of most metadata, and 4 copies of data and some
1734 ZFS stores an extra copy of all metadata.
1735 If a single on-disk block is corrupt, at worst a single block of user data
1744 ZFS stores an extra copy of most types of metadata.
1745 This can improve performance of random writes, because less metadata must be
1747 In practice, at worst about 100 blocks
1752 of user data can be lost if a single on-disk block is corrupt.
1753 The exact behavior of which metadata blocks are stored redundantly may change in
1756 The default value is
1758 .It Sy refquota Ns = Ns Em size Ns | Ns Sy none
1759 Limits the amount of space a dataset can consume.
1760 This property enforces a hard limit on the amount of space used.
1761 This hard limit does not include space used by descendents, including file
1762 systems and snapshots.
1763 .It Sy refreservation Ns = Ns Em size Ns | Ns Sy none
1764 The minimum amount of space guaranteed to a dataset, not including its
1766 When the amount of space used is below this value, the dataset is treated as if
1767 it were taking up the amount of space specified by
1768 .Sy refreservation .
1771 reservation is accounted for in the parent datasets' space used, and counts
1772 against the parent datasets' quotas and reservations.
1776 is set, a snapshot is only allowed if there is enough free pool space outside of
1777 this reservation to accommodate the current number of
1779 bytes in the dataset.
1781 This property can also be referred to by its shortened column name,
1783 .It Sy relatime Ns = Ns Sy on Ns | Ns Sy off
1784 Controls the manner in which the access time is updated when
1786 is set. Turning this property on causes the access time to be updated relative
1787 to the modify or change time. Access time is only updated if the previous
1788 access time was earlier than the current modify or change time or if the
1789 existing access time hasn't been updated within the past 24 hours. The default
1796 are equivalent to the
1801 .It Sy reservation Ns = Ns Em size Ns | Ns Sy none
1802 The minimum amount of space guaranteed to a dataset and its descendants.
1803 When the amount of space used is below this value, the dataset is treated as if
1804 it were taking up the amount of space specified by its reservation.
1805 Reservations are accounted for in the parent datasets' space used, and count
1806 against the parent datasets' quotas and reservations.
1808 This property can also be referred to by its shortened column name,
1810 .It Sy secondarycache Ns = Ns Sy all Ns | Ns Sy none Ns | Ns Sy metadata
1811 Controls what is cached in the secondary cache
1813 If this property is set to
1815 then both user data and metadata is cached.
1816 If this property is set to
1818 then neither user data nor metadata is cached.
1819 If this property is set to
1821 then only metadata is cached.
1822 The default value is
1824 .It Sy setuid Ns = Ns Sy on Ns | Ns Sy off
1825 Controls whether the setuid bit is respected for the file system.
1826 The default value is
1832 are equivalent to the
1837 .It Sy sharesmb Ns = Ns Sy on Ns | Ns Sy off Ns | Ns Em opts
1838 Controls whether the file system is shared by using
1839 .Sy Samba USERSHARES
1840 and what options are to be used. Otherwise, the file system is automatically
1841 shared and unshared with the
1845 commands. If the property is set to on, the
1847 command is invoked to create a
1850 Because SMB shares requires a resource name, a unique resource name is
1851 constructed from the dataset name. The constructed name is a copy of the
1852 dataset name except that the characters in the dataset name, which would be
1853 invalid in the resource name, are replaced with underscore (_) characters.
1854 Linux does not currently support additional options which might be available
1861 the file systems are unshared.
1863 The share is created with the ACL (Access Control List) "Everyone:F" ("F"
1864 stands for "full permissions", ie. read and write permissions) and no guest
1865 access (which means Samba must be able to authenticate a real user, system
1866 passwd/shadow, LDAP or smbpasswd based) by default. This means that any
1867 additional access control (disallow specific user specific access etc) must
1868 be done on the underlying file system.
1869 .It Sy sharenfs Ns = Ns Sy on Ns | Ns Sy off Ns | Ns Em opts
1870 Controls whether the file system is shared via NFS, and what options are to be
1872 A file system with a
1878 command and entries in the
1881 Otherwise, the file system is automatically shared and unshared with the
1886 If the property is set to
1888 the dataset is shared using the default options:
1890 .Em sec=sys,rw,crossmnt,no_subtree_check,no_root_squash
1894 for the meaning of the default options. Otherwise, the
1896 command is invoked with options equivalent to the contents of this property.
1900 property is changed for a dataset, the dataset and any children inheriting the
1901 property are re-shared with the new options, only if the property was previously
1903 or if they were shared before the property was changed.
1904 If the new property is
1906 the file systems are unshared.
1907 .It Sy logbias Ns = Ns Sy latency Ns | Ns Sy throughput
1908 Provide a hint to ZFS about handling of synchronous requests in this dataset.
1914 ZFS will use pool log devices
1916 to handle the requests at low latency.
1921 ZFS will not use configured pool log devices.
1922 ZFS will instead optimize synchronous operations for global pool throughput and
1923 efficient use of resources.
1924 .It Sy snapdev Ns = Ns Sy hidden Ns | Ns Sy visible
1925 Controls whether the volume snapshot devices under
1926 .Em /dev/zvol/<pool>
1927 are hidden or visible. The default value is
1929 .It Sy snapdir Ns = Ns Sy hidden Ns | Ns Sy visible
1930 Controls whether the
1932 directory is hidden or visible in the root of the file system as discussed in
1936 The default value is
1938 .It Sy sync Ns = Ns Sy standard Ns | Ns Sy always Ns | Ns Sy disabled
1939 Controls the behavior of synchronous requests
1940 .Pq e.g. fsync, O_DSYNC .
1944 specified behavior of ensuring all synchronous requests are written to stable
1945 storage and all devices are flushed to ensure data is not cached by device
1947 .Pq this is the default .
1949 causes every file system transaction to be written and flushed before its
1950 system call returns.
1951 This has a large performance penalty.
1953 disables synchronous requests.
1954 File system transactions are only committed to stable storage periodically.
1955 This option will give the highest performance.
1956 However, it is very dangerous as ZFS would be ignoring the synchronous
1957 transaction demands of applications such as databases or NFS.
1958 Administrators should only use this option when the risks are understood.
1959 .It Sy version Ns = Ns Em N Ns | Ns Sy current
1960 The on-disk version of this file system, which is independent of the pool
1962 This property can only be set to later supported versions.
1966 .It Sy volsize Ns = Ns Em size
1967 For volumes, specifies the logical size of the volume.
1968 By default, creating a volume establishes a reservation of equal size.
1969 For storage pools with a version number of 9 or higher, a
1974 are reflected in an equivalent change to the reservation
1980 can only be set to a multiple of
1984 The reservation is kept equal to the volume's logical size to prevent unexpected
1985 behavior for consumers.
1986 Without the reservation, the volume could run out of space, resulting in
1987 undefined behavior or data corruption, depending on how the volume is used.
1988 These effects can also occur when the volume size is changed while it is in use
1989 .Pq particularly when shrinking the size .
1990 Extreme care should be used when adjusting the volume size.
1992 Though not recommended, a
1995 .Qq thin provisioning
1997 can be created by specifying the
2000 .Nm zfs Cm create Fl V
2001 command, or by changing the reservation after the volume has been created.
2004 is a volume where the reservation is less then the volume size.
2005 Consequently, writes to a sparse volume can fail with
2007 when the pool is low on space.
2008 For a sparse volume, changes to
2010 are not reflected in the reservation.
2011 .It Sy volmode Ns = Ns Cm default | full | geom | dev | none
2012 This property specifies how volumes should be exposed to the OS.
2015 exposes volumes as fully fledged block devices, providing maximal
2016 functionality. The value
2018 is just an alias for
2020 and is kept for compatibility.
2023 hides its partitions.
2024 Volumes with property set to
2026 are not exposed outside ZFS, but can be snapshoted, cloned, replicated, etc,
2027 that can be suitable for backup purposes.
2030 means that volumes exposition is controlled by system-wide tunable
2037 are encoded as 1, 2 and 3 respectively.
2038 The default values is
2040 .It Sy vscan Ns = Ns Sy on Ns | Ns Sy off
2041 Controls whether regular files should be scanned for viruses when a file is
2043 In addition to enabling this property, the virus scan service must also be
2044 enabled for virus scanning to occur.
2045 The default value is
2047 This property is not used on Linux.
2048 .It Sy xattr Ns = Ns Sy on Ns | Ns Sy off Ns | Ns Sy sa
2049 Controls whether extended attributes are enabled for this file system. Two
2050 styles of extended attributes are supported either directory based or system
2053 The default value of
2055 enables directory based extended attributes. This style of extended attribute
2056 imposes no practical limit on either the size or number of attributes which
2057 can be set on a file. Although under Linux the
2061 system calls limit the maximum size to 64K. This is the most compatible
2062 style of extended attribute and is supported by all OpenZFS implementations.
2064 System attribute based xattrs can be enabled by setting the value to
2066 The key advantage of this type of xattr is improved performance. Storing
2067 extended attributes as system attributes significantly decreases the amount of
2068 disk IO required. Up to 64K of data may be stored per-file in the space
2069 reserved for system attributes. If there is not enough space available for
2070 an extended attribute then it will be automatically written as a directory
2071 based xattr. System attribute based extended attributes are not accessible
2072 on platforms which do not support the
2076 The use of system attribute based xattrs is strongly encouraged for users of
2077 SELinux or posix ACLs. Both of these features heavily rely of extended
2078 attributes and benefit significantly from the reduced access time.
2084 are equivalent to the
2089 .It Sy zoned Ns = Ns Sy on Ns | Ns Sy off
2090 Controls whether the dataset is managed from a non-global zone. Zones are a
2091 Solaris feature and are not relevant on Linux. The default value is
2095 The following three properties cannot be changed after the file system is
2096 created, and therefore, should be set when the file system is created.
2097 If the properties are not set with the
2101 commands, these properties are inherited from the parent dataset.
2102 If the parent dataset lacks these properties due to having been created prior to
2103 these features being supported, the new file system will have the default values
2104 for these properties.
2107 .Sy casesensitivity Ns = Ns Sy sensitive Ns | Ns
2108 .Sy insensitive Ns | Ns Sy mixed
2110 Indicates whether the file name matching algorithm used by the file system
2111 should be case-sensitive, case-insensitive, or allow a combination of both
2113 The default value for the
2121 file systems have case-sensitive file names.
2127 property indicates that the file system can support requests for both
2128 case-sensitive and case-insensitive matching behavior.
2129 Currently, case-insensitive matching behavior on a file system that supports
2130 mixed behavior is limited to the SMB server product.
2131 For more information about the
2133 value behavior, see the "ZFS Administration Guide".
2135 .Sy normalization Ns = Ns Sy none Ns | Ns Sy formC Ns | Ns
2136 .Sy formD Ns | Ns Sy formKC Ns | Ns Sy formKD
2138 Indicates whether the file system should perform a
2140 normalization of file names whenever two file names are compared, and which
2141 normalization algorithm should be used.
2142 File names are always stored unmodified, names are normalized as part of any
2144 If this property is set to a legal value other than
2148 property was left unspecified, the
2150 property is automatically set to
2152 The default value of the
2156 This property cannot be changed after the file system is created.
2157 .It Sy utf8only Ns = Ns Sy on Ns | Ns Sy off
2158 Indicates whether the file system should reject file names that include
2159 characters that are not present in the
2162 If this property is explicitly set to
2164 the normalization property must either not be explicitly set or be set to
2166 The default value for the
2170 This property cannot be changed after the file system is created.
2174 .Sy casesensitivity ,
2178 properties are also new permissions that can be assigned to non-privileged users
2179 by using the ZFS delegated administration feature.
2180 .Ss "Temporary Mount Point Properties"
2181 When a file system is mounted, either through
2183 for legacy mounts or the
2185 command for normal file systems, its mount options are set according to its
2187 The correlation between properties and mount options is as follows:
2189 PROPERTY MOUNT OPTION
2191 canmount auto/noauto
2195 relatime relatime/norelatime
2200 In addition, these options can be set on a per-mount basis using the
2202 option, without affecting the property that is stored on disk.
2203 The values specified on the command line override the values stored in the
2207 option is an alias for
2208 .Sy nodevices Ns \&, Ns Sy nosetuid .
2209 These properties are reported as
2214 If the properties are changed while the dataset is mounted, the new setting
2215 overrides any temporary settings.
2216 .Ss "User Properties"
2217 In addition to the standard native properties, ZFS supports arbitrary user
2219 User properties have no effect on ZFS behavior, but applications or
2220 administrators can use them to annotate datasets
2221 .Pq file systems, volumes, and snapshots .
2223 User property names must contain a colon
2225 character to distinguish them from native properties.
2226 They may contain lowercase letters, numbers, and the following punctuation
2235 The expected convention is that the property name is divided into two portions
2237 .Em module Ns \&: Ns Em property ,
2238 but this namespace is not enforced by ZFS.
2239 User property names can be at most 256 characters, and cannot begin with a dash
2242 When making programmatic use of user properties, it is strongly suggested to use
2247 component of property names to reduce the chance that two
2248 independently-developed packages use the same property name for different
2251 The values of user properties are arbitrary strings, are always inherited, and
2252 are never validated.
2253 All of the commands that operate on properties
2254 .Po Nm zfs Cm list ,
2259 can be used to manipulate both native properties and user properties.
2262 command to clear a user property.
2263 If the property is not defined in any parent dataset, it is removed entirely.
2264 Property values are limited to 8192 bytes.
2265 .Ss ZFS Volumes as Swap
2266 ZFS volumes may be used as swap devices. After creating the volume with the
2267 .Nm zfs Cm create Fl V
2268 command set up and enable the swap area using the
2272 commands. Do not swap to a file on a ZFS file system. A ZFS swap file
2273 configuration is not supported.
2277 feature allows for the creation of encrypted filesystems and volumes.
2279 will encrypt all user data including file and zvol data, file attributes,
2280 ACLs, permission bits, directory listings, FUID mappings, and userused /
2283 will not encrypt metadata related to the pool structure, including dataset
2284 names, dataset hierarchy, file size, file holes, and dedup tables. Key rotation
2285 is managed internally by the kernel module and changing the user's key does not
2286 require re-encrypting the entire dataset. Datasets can be scrubbed, resilvered,
2287 renamed, and deleted without the encryption keys being loaded (see the
2289 subcommand for more info on key loading).
2291 Creating an encrypted dataset requires specifying the
2295 properties at creation time, along with an optional
2299 After entering an encryption key, the
2300 created dataset will become an encryption root. Any descendant datasets will
2301 inherit their encryption key from the encryption root by default, meaning that
2302 loading, unloading, or changing the key for the encryption root will implicitly
2303 do the same for all inheriting datasets. If this inheritance is not desired,
2306 when creating the child dataset or use
2307 .Nm zfs Cm change-key
2308 to break an existing relationship, creating a new encryption root on the child.
2309 Note that the child's
2311 may match that of the parent while still creating a new encryption root, and
2314 property alone does not create a new encryption root; this would simply use a
2315 different cipher suite with the same key as its encryption root. The one
2316 exception is that clones will always use their origin's encryption key.
2317 As a result of this exception, some encryption-related properties (namely
2323 do not inherit like other ZFS properties and instead use the value determined
2324 by their encryption root. Encryption root inheritance can be tracked via the
2329 Encryption changes the behavior of a few
2331 operations. Encryption is applied after compression so compression ratios are
2332 preserved. Normally checksums in ZFS are 256 bits long, but for encrypted data
2333 the checksum is 128 bits of the user-chosen checksum and 128 bits of MAC from
2334 the encryption suite, which provides additional protection against maliciously
2335 altered data. Deduplication is still possible with encryption enabled but for
2336 security, datasets will only dedup against themselves, their snapshots, and
2339 There are a few limitations on encrypted datasets. Encrypted data cannot be
2342 feature. Encrypted datasets may not have
2343 .Sy copies Ns = Ns Em 3
2344 since the implementation stores some encryption metadata where the third copy
2345 would normally be. Since compression is applied before encryption datasets may
2346 be vulnerable to a CRIME-like attack if applications accessing the data allow
2347 for it. Deduplication with encryption will leak information about which blocks
2348 are equivalent in a dataset and will incur an extra CPU cost per block written.
2350 All subcommands that modify state are logged persistently to the pool in their
2354 Displays a help message.
2359 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
2362 Creates a new ZFS file system.
2363 The file system is automatically mounted according to the
2365 property inherited from the parent.
2366 .Bl -tag -width "-o"
2367 .It Fl o Ar property Ns = Ns Ar value
2368 Sets the specified property as if the command
2369 .Nm zfs Cm set Ar property Ns = Ns Ar value
2370 was invoked at the same time the dataset was created.
2371 Any editable ZFS property can also be set at creation time.
2374 options can be specified.
2375 An error results if the same property is specified in multiple
2379 Creates all the non-existing parent datasets.
2380 Datasets created in this manner are automatically mounted according to the
2382 property inherited from their parent.
2383 Any property specified on the command line using the
2386 If the target filesystem already exists, the operation completes successfully.
2392 .Op Fl b Ar blocksize
2393 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
2394 .Fl V Ar size Ar volume
2396 Creates a volume of the given size.
2397 The volume is exported as a block device in
2398 .Pa /dev/zvol/path ,
2401 is the name of the volume in the ZFS namespace.
2402 The size represents the logical size as exported by the device.
2403 By default, a reservation of equal size is created.
2406 is automatically rounded up to the nearest 128 Kbytes to ensure that the volume
2407 has an integral number of blocks regardless of
2409 .Bl -tag -width "-b"
2410 .It Fl b Ar blocksize
2412 .Fl o Sy volblocksize Ns = Ns Ar blocksize .
2413 If this option is specified in conjunction with
2414 .Fl o Sy volblocksize ,
2415 the resulting behavior is undefined.
2416 .It Fl o Ar property Ns = Ns Ar value
2417 Sets the specified property as if the
2418 .Nm zfs Cm set Ar property Ns = Ns Ar value
2419 command was invoked at the same time the dataset was created.
2420 Any editable ZFS property can also be set at creation time.
2423 options can be specified.
2424 An error results if the same property is specified in multiple
2428 Creates all the non-existing parent datasets.
2429 Datasets created in this manner are automatically mounted according to the
2431 property inherited from their parent.
2432 Any property specified on the command line using the
2435 If the target filesystem already exists, the operation completes successfully.
2437 Creates a sparse volume with no reservation.
2441 .Sx Native Properties
2442 section for more information about sparse volumes.
2448 .Ar filesystem Ns | Ns Ar volume
2450 Destroys the given dataset.
2451 By default, the command unshares any file systems that are currently shared,
2452 unmounts any file systems that are currently mounted, and refuses to destroy a
2453 dataset that has active dependents
2454 .Pq children or clones .
2455 .Bl -tag -width "-R"
2457 Recursively destroy all dependents, including cloned file systems outside the
2460 Force an unmount of any file systems using the
2463 This option has no effect on non-file systems or unmounted file systems.
2468 No data will be deleted.
2469 This is useful in conjunction with the
2473 flags to determine what data would be deleted.
2475 Print machine-parsable verbose information about the deleted data.
2477 Recursively destroy all children.
2479 Print verbose information about the deleted data.
2482 Extreme care should be taken when applying either the
2486 options, as they can destroy large portions of a pool and cause unexpected
2487 behavior for mounted file systems in use.
2492 .Ar filesystem Ns | Ns Ar volume Ns @ Ns Ar snap Ns
2493 .Oo % Ns Ar snap Ns Oo , Ns Ar snap Ns Oo % Ns Ar snap Oc Oc Oc Ns ...
2495 The given snapshots are destroyed immediately if and only if the
2499 option would have destroyed it.
2500 Such immediate destruction would occur, for example, if the snapshot had no
2501 clones and the user-initiated reference count were zero.
2503 If a snapshot does not qualify for immediate destruction, it is marked for
2505 In this state, it exists as a usable, visible snapshot until both of the
2506 preconditions listed above are met, at which point it is destroyed.
2508 An inclusive range of snapshots may be specified by separating the first and
2509 last snapshots with a percent sign.
2510 The first and/or last snapshots may be left blank, in which case the
2511 filesystem's oldest or newest snapshot will be implied.
2514 .Pq or ranges of snapshots
2515 of the same filesystem or volume may be specified in a comma-separated list of
2517 Only the snapshot's short name
2518 .Po the part after the
2521 should be specified when using a range or comma-separated list to identify
2523 .Bl -tag -width "-R"
2525 Recursively destroy all clones of these snapshots, including the clones,
2526 snapshots, and children.
2527 If this flag is specified, the
2529 flag will have no effect.
2531 Defer snapshot deletion.
2536 No data will be deleted.
2537 This is useful in conjunction with the
2541 flags to determine what data would be deleted.
2543 Print machine-parsable verbose information about the deleted data.
2546 .Pq or mark for deferred deletion
2547 all snapshots with this name in descendent file systems.
2549 Print verbose information about the deleted data.
2551 Extreme care should be taken when applying either the
2555 options, as they can destroy large portions of a pool and cause unexpected
2556 behavior for mounted file systems in use.
2561 .Ar filesystem Ns | Ns Ar volume Ns # Ns Ar bookmark
2563 The given bookmark is destroyed.
2568 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
2569 .Ar filesystem Ns @ Ns Ar snapname Ns | Ns Ar volume Ns @ Ns Ar snapname Ns ...
2571 Creates snapshots with the given names.
2572 All previous modifications by successful system calls to the file system are
2573 part of the snapshots.
2574 Snapshots are taken atomically, so that all snapshots correspond to the same
2577 can be used as an alias for
2578 .Nm zfs Cm snapshot.
2581 section for details.
2582 .Bl -tag -width "-o"
2583 .It Fl o Ar property Ns = Ns Ar value
2584 Sets the specified property; see
2588 Recursively create snapshots of all descendent datasets
2596 Roll back the given dataset to a previous snapshot.
2597 When a dataset is rolled back, all data that has changed since the snapshot is
2598 discarded, and the dataset reverts to the state at the time of the snapshot.
2599 By default, the command refuses to roll back to a snapshot other than the most
2601 In order to do so, all intermediate snapshots and bookmarks must be destroyed by
2608 options do not recursively destroy the child snapshots of a recursive snapshot.
2609 Only direct snapshots of the specified filesystem are destroyed by either of
2611 To completely roll back a recursive snapshot, you must rollback the individual
2613 .Bl -tag -width "-R"
2615 Destroy any more recent snapshots and bookmarks, as well as any clones of those
2620 option to force an unmount of any clone file systems that are to be destroyed.
2622 Destroy any snapshots and bookmarks more recent than the one specified.
2628 .Oo Fl o Ar property Ns = Ns Ar value Oc Ns ...
2629 .Ar snapshot Ar filesystem Ns | Ns Ar volume
2631 Creates a clone of the given snapshot.
2634 section for details.
2635 The target dataset can be located anywhere in the ZFS hierarchy, and is created
2636 as the same type as the original.
2637 .Bl -tag -width "-o"
2638 .It Fl o Ar property Ns = Ns Ar value
2639 Sets the specified property; see
2643 Creates all the non-existing parent datasets.
2644 Datasets created in this manner are automatically mounted according to the
2646 property inherited from their parent.
2647 If the target filesystem or volume already exists, the operation completes
2653 .Ar clone-filesystem
2655 Promotes a clone file system to no longer be dependent on its
2658 This makes it possible to destroy the file system that the clone was created
2660 The clone parent-child dependency relationship is reversed, so that the origin
2661 file system becomes a clone of the specified file system.
2663 The snapshot that was cloned, and any snapshots previous to this snapshot, are
2664 now owned by the promoted clone.
2665 The space they use moves from the origin file system to the promoted clone, so
2666 enough space must be available to accommodate these snapshots.
2667 No new space is consumed by this operation, but the space accounting is
2669 The promoted clone must not have any conflicting snapshot names of its own.
2672 subcommand can be used to rename any conflicting snapshots.
2677 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
2678 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
2684 .Ar filesystem Ns | Ns Ar volume
2685 .Ar filesystem Ns | Ns Ar volume
2687 Renames the given dataset.
2688 The new target can be located anywhere in the ZFS hierarchy, with the exception
2690 Snapshots can only be renamed within the parent file system or volume.
2691 When renaming a snapshot, the parent file system of the snapshot does not need
2692 to be specified as part of the second argument.
2693 Renamed file systems can inherit new mount points, in which case they are
2694 unmounted and remounted at the new mount point.
2695 .Bl -tag -width "-a"
2697 Force unmount any filesystems that need to be unmounted in the process.
2699 Creates all the nonexistent parent datasets.
2700 Datasets created in this manner are automatically mounted according to the
2702 property inherited from their parent.
2708 .Ar snapshot Ar snapshot
2710 Recursively rename the snapshots of all descendent datasets.
2711 Snapshots are the only dataset that can be renamed recursively.
2715 .Op Fl r Ns | Ns Fl d Ar depth
2717 .Oo Fl o Ar property Ns Oo , Ns Ar property Oc Ns ... Oc
2718 .Oo Fl s Ar property Oc Ns ...
2719 .Oo Fl S Ar property Oc Ns ...
2720 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
2721 .Oo Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Oc Ns ...
2723 Lists the property information for the given datasets in tabular form.
2724 If specified, you can list property information by the absolute pathname or the
2726 By default, all file systems and volumes are displayed.
2727 Snapshots are displayed if the
2734 The following fields are displayed,
2735 .Sy name Ns \&, Ns Sy used Ns \&, Ns Sy available Ns \&, Ns Sy referenced Ns \&, Ns
2737 .Bl -tag -width "-H"
2739 Used for scripting mode.
2740 Do not print headers and separate fields by a single tab instead of arbitrary
2742 .It Fl S Ar property
2745 option, but sorts by property in descending order.
2747 Recursively display any children of the dataset, limiting the recursion to
2753 will display only the dataset and its direct children.
2754 .It Fl o Ar property
2755 A comma-separated list of properties to display.
2756 The property must be:
2759 One of the properties described in the
2760 .Sx Native Properties
2767 to display the dataset name
2771 to display space usage properties on file systems and volumes.
2772 This is a shortcut for specifying
2773 .Fl o Sy name Ns \&, Ns Sy avail Ns \&, Ns Sy used Ns \&, Ns Sy usedsnap Ns \&, Ns
2774 .Sy usedds Ns \&, Ns Sy usedrefreserv Ns \&, Ns Sy usedchild Fl t
2775 .Sy filesystem Ns \&, Ns Sy volume
2779 Display numbers in parsable
2783 Recursively display any children of the dataset on the command line.
2784 .It Fl s Ar property
2785 A property for sorting the output by column in ascending order based on the
2786 value of the property.
2787 The property must be one of the properties described in the
2789 section, or the special value
2791 to sort by the dataset name.
2792 Multiple properties can be specified at one time using multiple
2797 options are evaluated from left to right in decreasing order of importance.
2798 The following is a list of sorting criteria:
2801 Numeric types sort in numeric order.
2803 String types sort in alphabetical order.
2805 Types inappropriate for a row sort that row to the literal bottom, regardless of
2806 the specified ordering.
2809 If no sorting options are specified the existing behavior of
2813 A comma-separated list of types to display, where
2822 For example, specifying
2824 displays only snapshots.
2829 .Ar property Ns = Ns Ar value Oo Ar property Ns = Ns Ar value Oc Ns ...
2830 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Ns ...
2832 Sets the property or list of properties to the given value(s) for each dataset.
2833 Only some properties can be edited.
2836 section for more information on what properties can be set and acceptable
2838 Numeric values can be specified as exact values, or in a human-readable form
2840 .Sy B , K , M , G , T , P , E , Z
2841 .Po for bytes, kilobytes, megabytes, gigabytes, terabytes, petabytes, exabytes,
2842 or zettabytes, respectively
2844 User properties can be set on snapshots.
2845 For more information, see the
2851 .Op Fl r Ns | Ns Fl d Ar depth
2853 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
2854 .Oo Fl s Ar source Ns Oo , Ns Ar source Oc Ns ... Oc
2855 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
2856 .Cm all | Ar property Ns Oo , Ns Ar property Oc Ns ...
2857 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Ns | Ns Ar bookmark Ns ...
2859 Displays properties for the given datasets.
2860 If no datasets are specified, then the command displays properties for all
2861 datasets on the system.
2862 For each property, the following columns are displayed:
2865 property Property name
2866 value Property value
2867 source Property source. Can either be local, default,
2868 temporary, inherited, or none (-).
2871 All columns are displayed by default, though this can be controlled by using the
2874 This command takes a comma-separated list of properties as described in the
2875 .Sx Native Properties
2882 can be used to display all properties that apply to the given dataset's type
2883 .Pq filesystem, volume, snapshot, or bookmark .
2884 .Bl -tag -width "-H"
2886 Display output in a form more easily parsed by scripts.
2887 Any headers are omitted, and fields are explicitly separated by a single tab
2888 instead of an arbitrary amount of space.
2890 Recursively display any children of the dataset, limiting the recursion to
2894 will display only the dataset and its direct children.
2896 A comma-separated list of columns to display.
2897 .Sy name Ns \&, Ns Sy property Ns \&, Ns Sy value Ns \&, Ns Sy source
2898 is the default value.
2900 Display numbers in parsable
2904 Recursively display properties for any children.
2906 A comma-separated list of sources to display.
2907 Those properties coming from a source other than those in this list are ignored.
2908 Each source must be one of the following:
2915 The default value is all sources.
2917 A comma-separated list of types to display, where
2931 .Ar property Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot Ns ...
2933 Clears the specified property, causing it to be inherited from an ancestor,
2934 restored to default if no ancestor has the property set, or with the
2936 option reverted to the received value if one exists.
2939 section for a listing of default values, and details on which properties can be
2941 .Bl -tag -width "-r"
2943 Recursively inherit the given property for all children.
2945 Revert the property to the received value if one exists; otherwise operate as
2948 option was not specified.
2954 Displays a list of file systems that are not the most recent version.
2960 Displays a list of currently supported file system versions.
2966 .Fl a | Ar filesystem
2968 Upgrades file systems to a new on-disk version.
2969 Once this is done, the file systems will no longer be accessible on systems
2970 running older versions of the software.
2972 streams generated from new snapshots of these file systems cannot be accessed on
2973 systems running older versions of the software.
2975 In general, the file system version is independent of the pool version.
2978 for information on the
2979 .Nm zpool Cm upgrade
2982 In some cases, the file system version and the pool version are interrelated and
2983 the pool version must be upgraded before the file system version can be
2985 .Bl -tag -width "-V"
2987 Upgrade to the specified
2991 flag is not specified, this command upgrades to the most recent version.
2993 option can only be used to increase the version number, and only up to the most
2994 recent version supported by this software.
2996 Upgrade all file systems on all imported pools.
2998 Upgrade the specified file system.
3000 Upgrade the specified file system and all descendent file systems.
3006 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
3007 .Oo Fl s Ar field Oc Ns ...
3008 .Oo Fl S Ar field Oc Ns ...
3009 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
3010 .Ar filesystem Ns | Ns Ar snapshot
3012 Displays space consumed by, and quotas on, each user in the specified filesystem
3014 This corresponds to the
3015 .Sy userused@ Ns Em user ,
3016 .Sy userobjused@ Ns Em user ,
3017 .Sy userquota@ Ns Em user,
3019 .Sy userobjquota@ Ns Em user
3021 .Bl -tag -width "-H"
3023 Do not print headers, use tab-delimited output.
3025 Sort by this field in reverse order.
3029 Translate SID to POSIX ID.
3030 The POSIX ID may be ephemeral if no mapping exists.
3031 Normal POSIX interfaces
3036 perform this translation, so the
3038 option allows the output from
3039 .Nm zfs Cm userspace
3040 to be compared directly with those utilities.
3043 may lead to confusion if some files were created by an SMB user before a
3044 SMB-to-POSIX name mapping was established.
3045 In such a case, some files will be owned by the SMB entity and some by the POSIX
3049 option will report that the POSIX entity has the total usage and quota for both.
3051 Print numeric ID instead of user/group name.
3052 .It Fl o Ar field Ns Oo , Ns Ar field Oc Ns ...
3053 Display only the specified fields from the following set:
3058 The default is to display all fields.
3064 Sort output by this field.
3069 flags may be specified multiple times to sort first by one field, then by
3072 .Fl s Sy type Fl s Sy name .
3073 .It Fl t Ar type Ns Oo , Ns Ar type Oc Ns ...
3074 Print only the specified types from the following set:
3081 .Fl t Sy posixuser Ns \&, Ns Sy smbuser .
3082 The default can be changed to include group types.
3088 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
3089 .Oo Fl s Ar field Oc Ns ...
3090 .Oo Fl S Ar field Oc Ns ...
3091 .Oo Fl t Ar type Ns Oo , Ns Ar type Oc Ns ... Oc
3092 .Ar filesystem Ns | Ns Ar snapshot
3094 Displays space consumed by, and quotas on, each group in the specified
3095 filesystem or snapshot.
3096 This subcommand is identical to
3097 .Nm zfs Cm userspace ,
3098 except that the default types to display are
3099 .Fl t Sy posixgroup Ns \&, Ns Sy smbgroup .
3104 .Oo Fl o Ar field Ns Oo , Ns Ar field Oc Ns ... Oc
3105 .Oo Fl s Ar field Oc Ns ...
3106 .Oo Fl S Ar field Oc Ns ...
3107 .Ar filesystem Ns | Ns Ar snapshot
3109 Displays space consumed by, and quotas on, each project in the specified
3110 filesystem or snapshot. This subcommand is identical to
3111 .Nm zfs Cm userspace ,
3112 except that the project identifier is numeral, not name. So need neither
3115 for SID to POSIX ID nor
3123 .Oo Fl d Ns | Ns Fl r Ns Oc
3124 .Ar file Ns | Ns Ar directory Ns ...
3126 List project identifier (ID) and inherit flag of file(s) or directories.
3127 .Bl -tag -width "-d"
3129 Show the directory project ID and inherit flag, not its childrens. It will
3130 overwrite the former specified
3134 Show on subdirectories recursively. It will overwrite the former specified
3143 .Ar file Ns | Ns Ar directory Ns ...
3145 Clear project inherit flag and/or ID on the file(s) or directories.
3146 .Bl -tag -width "-k"
3148 Keep the project ID unchanged. If not specified, the project ID will be reset
3151 Clear on subdirectories recursively.
3158 .Oo Fl d Ns | Ns Fl r Ns Oc
3160 .Ar file Ns | Ns Ar directory Ns ...
3162 Check project ID and inherit flag on the file(s) or directories, report the
3163 entries without project inherit flag or with different project IDs from the
3166 option) value or the target directory's project ID.
3167 .Bl -tag -width "-0"
3169 Print file name with a trailing NUL instead of newline (by default), like
3172 Check the directory project ID and inherit flag, not its childrens. It will
3173 overwrite the former specified
3177 Specify the referenced ID for comparing with the target file(s) or directories'
3178 project IDs. If not specified, the target (top) directory's project ID will be
3179 used as the referenced one.
3181 Check on subdirectories recursively. It will overwrite the former specified
3190 .Ar file Ns | Ns Ar directory Ns ...
3192 .Bl -tag -width "-p"
3193 Set project ID and/or inherit flag on the file(s) or directories.
3195 Set the file(s)' or directories' project ID with the given value.
3197 Set on subdirectories recursively.
3199 Set project inherit flag on the given file(s) or directories. It is usually used
3200 for setup tree quota on the directory target with
3202 option specified together. When setup tree quota, by default the directory's
3203 project ID will be set to all its descendants unless you specify the project
3212 Displays all ZFS file systems currently mounted.
3218 .Fl a | Ar filesystem
3220 Mounts ZFS file systems.
3221 .Bl -tag -width "-O"
3223 Perform an overlay mount.
3226 for more information.
3228 Mount all available ZFS file systems.
3229 Invoked automatically as part of the boot process.
3231 Mount the specified filesystem.
3233 An optional, comma-separated list of mount options to use temporarily for the
3234 duration of the mount.
3236 .Sx Temporary Mount Point Properties
3237 section for details.
3239 Load keys for encrypted filesystems as they are being mounted. This is
3240 equivalent to executing
3242 on each encryption root before mounting it. Note that if a filesystem has a
3246 this will cause the terminal to interactively block after asking for the key.
3248 Report mount progress.
3254 .Fl a | Ar filesystem Ns | Ns Ar mountpoint
3256 Unmounts currently mounted ZFS file systems.
3257 .Bl -tag -width "-a"
3259 Unmount all available ZFS file systems.
3260 Invoked automatically as part of the shutdown process.
3261 .It Ar filesystem Ns | Ns Ar mountpoint
3262 Unmount the specified filesystem.
3263 The command can also be given a path to a ZFS file system mount point on the
3266 Forcefully unmount the file system, even if it is currently in use.
3271 .Fl a | Ar filesystem
3273 Shares available ZFS file systems.
3274 .Bl -tag -width "-a"
3276 Share all available ZFS file systems.
3277 Invoked automatically as part of the boot process.
3279 Share the specified filesystem according to the
3284 File systems are shared when the
3293 .Fl a | Ar filesystem Ns | Ns Ar mountpoint
3295 Unshares currently shared ZFS file systems.
3296 .Bl -tag -width "-a"
3298 Unshare all available ZFS file systems.
3299 Invoked automatically as part of the shutdown process.
3300 .It Ar filesystem Ns | Ns Ar mountpoint
3301 Unshare the specified filesystem.
3302 The command can also be given a path to a ZFS file system shared on the system.
3307 .Ar snapshot bookmark
3309 Creates a bookmark of the given snapshot.
3310 Bookmarks mark the point in time when the snapshot was created, and can be used
3311 as the incremental source for a
3315 This feature must be enabled to be used.
3317 .Xr zpool-features 5
3318 for details on ZFS feature flags and the
3325 .Op Oo Fl I Ns | Ns Fl i Oc Ar snapshot
3328 Creates a stream representation of the second
3330 which is written to standard output.
3331 The output can be redirected to a file or to a different system
3332 .Po for example, using
3335 By default, a full stream is generated.
3336 .Bl -tag -width "-D"
3338 Generate a deduplicated stream.
3339 Blocks which would have been sent multiple times in the send stream will only be
3341 The receiving system must also support this feature to receive a deduplicated
3343 This flag can be used regardless of the dataset's
3345 property, but performance will be much better if the filesystem uses a
3346 dedup-capable checksum
3350 .It Fl I Ar snapshot
3351 Generate a stream package that sends all intermediary snapshots from the first
3352 snapshot to the second snapshot.
3356 .Fl i Em @a Em fs@b Ns \&; Fl i Em @b Em fs@c Ns \&; Fl i Em @c Em fs@d .
3357 The incremental source may be specified as with the
3360 .It Fl L, -large-block
3361 Generate a stream which may contain blocks larger than 128KB.
3362 This flag has no effect if the
3364 pool feature is disabled, or if the
3366 property of this filesystem has never been set above 128KB.
3367 The receiving system must have the
3369 pool feature enabled as well.
3371 .Xr zpool-features 5
3372 for details on ZFS feature flags and the
3376 Print machine-parsable verbose information about the stream package generated.
3377 .It Fl R, -replicate
3378 Generate a replication stream package, which will replicate the specified
3379 file system, and all descendent file systems, up to the named snapshot.
3380 When received, all properties, snapshots, descendent file systems, and clones
3387 flags are used in conjunction with the
3389 flag, an incremental replication stream is generated.
3390 The current values of properties, and current snapshot and file system names are
3391 set when the stream is received.
3394 flag is specified when this stream is received, snapshots and file systems that
3395 do not exist on the sending side are destroyed.
3397 Generate a more compact stream by using
3399 records for blocks which are stored more compactly on disk by the
3402 This flag has no effect if the
3404 feature is disabled.
3405 The receiving system must have the
3410 feature is active on the sending system, then the receiving system must have
3411 that feature enabled as well. Datasets that are sent with this flag may not be
3412 received as an encrypted dataset, since encrypted datasets cannot use the
3416 .Xr zpool-features 5
3417 for details on ZFS feature flags and the
3420 .It Fl c, -compressed
3421 Generate a more compact stream by using compressed WRITE records for blocks
3422 which are compressed on disk and in memory
3425 property for details
3429 feature is active on the sending system, then the receiving system must have
3430 that feature enabled as well.
3433 feature is enabled on the sending system but the
3435 option is not supplied in conjunction with
3437 then the data will be decompressed before sending so it can be split into
3438 smaller block sizes.
3440 For encrypted datasets, send data exactly as it exists on disk. This allows
3441 backups to be taken even if encryption keys are not currently loaded. The
3442 backup may then be received on an untrusted machine since that machine will
3443 not have the encryption keys to read the protected data or alter it without
3444 being detected. Upon being received, the dataset will have the same encryption
3445 keys as it did on the send side, although the
3447 property will be defaulted to
3449 if not otherwise provided. For unencrypted datasets, this flag will be
3452 Note that if you do not use this flag for sending encrypted datasets, data will
3453 be sent unencrypted and may be re-encrypted with a different encryption key on
3454 the receiving system, which will disable the ability to do a raw send to that
3455 system for incrementals.
3456 .It Fl i Ar snapshot
3457 Generate an incremental stream from the first
3459 .Pq the incremental source
3462 .Pq the incremental target .
3463 The incremental source can be specified as the last component of the snapshot
3467 character and following
3469 and it is assumed to be from the same file system as the incremental target.
3471 If the destination is a clone, the source may be the origin snapshot, which must
3474 .Em pool/fs@origin ,
3482 Do not generate any actual send data.
3483 This is useful in conjunction with the
3487 flags to determine what data will be sent.
3488 In this case, the verbose output will be written to standard output
3489 .Po contrast with a non-dry-run, where the stream is written to standard output
3490 and the verbose output goes to standard error
3493 Include the dataset's properties in the stream.
3494 This flag is implicit when
3497 The receiving system must also support this feature. Sends of encrypted datasets
3500 when using this flag.
3502 Print verbose information about the stream package generated.
3503 This information includes a per-second report of how much data has been sent.
3505 The format of the stream is committed.
3506 You will be able to receive your streams on future versions of ZFS.
3512 .Op Fl i Ar snapshot Ns | Ns Ar bookmark
3513 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
3515 Generate a send stream, which may be of a filesystem, and may be incremental
3517 If the destination is a filesystem or volume, the pool must be read-only, or the
3518 filesystem must not be mounted.
3519 When the stream generated from a filesystem or volume is received, the default
3520 snapshot name will be
3522 .Bl -tag -width "-L"
3523 .It Fl L, -large-block
3524 Generate a stream which may contain blocks larger than 128KB.
3525 This flag has no effect if the
3527 pool feature is disabled, or if the
3529 property of this filesystem has never been set above 128KB.
3530 The receiving system must have the
3532 pool feature enabled as well.
3534 .Xr zpool-features 5
3535 for details on ZFS feature flags and the
3539 Print machine-parsable verbose information about the stream package generated.
3540 .It Fl c, -compressed
3541 Generate a more compact stream by using compressed WRITE records for blocks
3542 which are compressed on disk and in memory
3545 property for details
3549 feature is active on the sending system, then the receiving system must have
3550 that feature enabled as well.
3553 feature is enabled on the sending system but the
3555 option is not supplied in conjunction with
3557 then the data will be decompressed before sending so it can be split into
3558 smaller block sizes.
3560 For encrypted datasets, send data exactly as it exists on disk. This allows
3561 backups to be taken even if encryption keys are not currently loaded. The
3562 backup may then be received on an untrusted machine since that machine will
3563 not have the encryption keys to read the protected data or alter it without
3564 being detected. Upon being received, the dataset will have the same encryption
3565 keys as it did on the send side, although the
3567 property will be defaulted to
3569 if not otherwise provided. For unencrypted datasets, this flag will be
3572 Note that if you do not use this flag for sending encrypted datasets, data will
3573 be sent unencrypted and may be re-encrypted with a different encryption key on
3574 the receiving system, which will disable the ability to do a raw send to that
3575 system for incrementals.
3577 Generate a more compact stream by using
3579 records for blocks which are stored more compactly on disk by the
3582 This flag has no effect if the
3584 feature is disabled.
3585 The receiving system must have the
3590 feature is active on the sending system, then the receiving system must have
3591 that feature enabled as well. Datasets that are sent with this flag may not be
3592 received as an encrypted dataset, since encrypted datasets cannot use the
3596 .Xr zpool-features 5
3597 for details on ZFS feature flags and the
3600 .It Fl i Ar snapshot Ns | Ns Ar bookmark
3601 Generate an incremental send stream.
3602 The incremental source must be an earlier snapshot in the destination's history.
3603 It will commonly be an earlier snapshot in the destination's file system, in
3604 which case it can be specified as the last component of the name
3609 character and following
3612 If the incremental target is a clone, the incremental source can be the origin
3613 snapshot, or an earlier snapshot in the origin's filesystem, or the origin's
3619 Do not generate any actual send data.
3620 This is useful in conjunction with the
3624 flags to determine what data will be sent.
3625 In this case, the verbose output will be written to standard output
3626 .Po contrast with a non-dry-run, where the stream is written to standard output
3627 and the verbose output goes to standard error
3630 Print verbose information about the stream package generated.
3631 This information includes a per-second report of how much data has been sent.
3638 .Ar receive_resume_token
3640 Creates a send stream which resumes an interrupted receive.
3642 .Ar receive_resume_token
3643 is the value of this property on the filesystem or volume that was being
3645 See the documentation for
3652 .Op Fl o Sy origin Ns = Ns Ar snapshot
3653 .Op Fl o Ar property Ns = Ns Ar value
3654 .Op Fl x Ar property
3655 .Ar filesystem Ns | Ns Ar volume Ns | Ns Ar snapshot
3661 .Op Fl d Ns | Ns Fl e
3662 .Op Fl o Sy origin Ns = Ns Ar snapshot
3663 .Op Fl o Ar property Ns = Ns Ar value
3664 .Op Fl x Ar property
3667 Creates a snapshot whose contents are as specified in the stream provided on
3669 If a full stream is received, then a new file system is created as well.
3670 Streams are created using the
3672 subcommand, which by default creates a full stream.
3674 can be used as an alias for
3677 If an incremental stream is received, then the destination file system must
3678 already exist, and its most recent snapshot must match the incremental stream's
3682 the destination device link is destroyed and recreated, which means the
3684 cannot be accessed during the
3688 When a snapshot replication package stream that is generated by using the
3689 .Nm zfs Cm send Fl R
3690 command is received, any snapshots that do not exist on the sending location are
3691 destroyed by using the
3692 .Nm zfs Cm destroy Fl d
3696 .Fl o Em property Ns = Ns Ar value
3699 is specified, it applies to the effective value of the property throughout
3700 the entire subtree of replicated datasets. Effective property values will be
3705 ) on the topmost in the replicated subtree. In descendant datasets, if the
3706 property is set by the send stream, it will be overridden by forcing the
3707 property to be inherited from the top‐most file system. Received properties
3708 are retained in spite of being overridden and may be restored with
3709 .Nm zfs Cm inherit Fl S .
3711 .Fl o Sy origin Ns = Ns Em snapshot
3712 is a special case because, even if
3714 is a read-only property and cannot be set, it's allowed to receive the send
3715 stream as a clone of the given snapshot.
3717 Raw encrypted send streams (created with
3718 .Nm zfs Cm send Fl w
3719 ) may only be received as is, and cannot be re-encrypted, decrypted, or
3720 recompressed by the receive process. Unencrypted streams can be received as
3721 encrypted datasets, either through inheritance or by specifying encryption
3726 The name of the snapshot
3727 .Pq and file system, if a full stream is received
3728 that this subcommand creates depends on the argument type and the use of the
3734 If the argument is a snapshot name, the specified
3737 If the argument is a file system or volume name, a snapshot with the same name
3738 as the sent snapshot is created within the specified
3746 options are specified, the provided target snapshot name is used exactly as
3753 options cause the file system name of the target snapshot to be determined by
3754 appending a portion of the sent snapshot's name to the specified target
3758 option is specified, all but the first element of the sent snapshot's file
3760 .Pq usually the pool name
3761 is used and any required intermediate file systems within the specified one are
3765 option is specified, then only the last element of the sent snapshot's file
3767 .Pq i.e. the name of the source file system itself
3768 is used as the target file system name.
3769 .Bl -tag -width "-F"
3771 Force a rollback of the file system to the most recent snapshot before
3772 performing the receive operation.
3773 If receiving an incremental replication stream
3774 .Po for example, one generated by
3775 .Nm zfs Cm send Fl R Op Fl i Ns | Ns Fl I
3777 destroy snapshots and file systems that do not exist on the sending side.
3779 Discard the first element of the sent snapshot's file system name, using the
3780 remaining elements to determine the name of the target file system for the new
3781 snapshot as described in the paragraph above.
3783 Discard all but the last element of the sent snapshot's file system name, using
3784 that element to determine the name of the target file system for the new
3785 snapshot as described in the paragraph above.
3787 Do not actually receive the stream.
3788 This can be useful in conjunction with the
3790 option to verify the name the receive operation would use.
3791 .It Fl o Sy origin Ns = Ns Ar snapshot
3792 Forces the stream to be received as a clone of the given snapshot.
3793 If the stream is a full send stream, this will create the filesystem
3794 described by the stream as a clone of the specified snapshot.
3795 Which snapshot was specified will not affect the success or failure of the
3796 receive, as long as the snapshot does exist.
3797 If the stream is an incremental send stream, all the normal verification will be
3799 .It Fl o Em property Ns = Ns Ar value
3800 Sets the specified property as if the command
3801 .Nm zfs Cm set Em property Ns = Ns Ar value
3802 was invoked immediately before the receive. When receiving a stream from
3803 .Nm zfs Cm send Fl R ,
3804 causes the property to be inherited by all descendant datasets, as through
3805 .Nm zfs Cm inherit Em property
3806 was run on any descendant datasets that have this property set on the
3809 Any editable property can be set at receive time. Set-once properties bound
3810 to the received data, such as
3813 .Sy casesensitivity ,
3814 cannot be set at receive time even when the datasets are newly created by
3815 .Nm zfs Cm receive .
3816 Additionally both settable properties
3820 cannot be set at receive time.
3824 option may be specified multiple times, for different properties. An error
3825 results if the same property is specified in multiple
3831 If the receive is interrupted, save the partially received state, rather
3833 Interruption may be due to premature termination of the stream
3834 .Po e.g. due to network failure or failure of the remote system
3835 if the stream is being read over a network connection
3837 a checksum error in the stream, termination of the
3839 process, or unclean shutdown of the system.
3841 The receive can be resumed with a stream generated by
3842 .Nm zfs Cm send Fl t Ar token ,
3846 .Sy receive_resume_token
3847 property of the filesystem or volume which is received into.
3849 To use this flag, the storage pool must have the
3850 .Sy extensible_dataset
3853 .Xr zpool-features 5
3854 for details on ZFS feature flags.
3856 File system that is associated with the received stream is not mounted.
3858 Print verbose information about the stream and the time required to perform the
3860 .It Fl x Em property
3861 Ensures that the effective value of the specified property after the
3862 receive is unaffected by the value of that property in the send stream (if any),
3863 as if the property had been excluded from the send stream.
3865 If the specified property is not present in the send stream, this option does
3868 If a received property needs to be overridden, the effective value will be
3869 set or inherited, depending on whether the property is inheritable or not.
3871 In the case of an incremental update,
3873 leaves any existing local setting or explicit inheritance unchanged.
3877 restrictions on set-once and special properties apply equally to
3884 .Ar filesystem Ns | Ns Ar volume
3886 Abort an interrupted
3887 .Nm zfs Cm receive Fl s ,
3888 deleting its saved partially received state.
3892 .Ar filesystem Ns | Ns Ar volume
3894 Displays permissions that have been delegated on the specified filesystem or
3896 See the other forms of
3898 for more information.
3900 Delegations are supported under Linux with the exception of
3908 These permissions cannot be delegated because the Linux
3910 command restricts modifications of the global namespace to the root user.
3915 .Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns ...
3916 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
3917 .Ar setname Oc Ns ...
3918 .Ar filesystem Ns | Ns Ar volume
3923 .Fl e Ns | Ns Sy everyone
3924 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
3925 .Ar setname Oc Ns ...
3926 .Ar filesystem Ns | Ns Ar volume
3928 Delegates ZFS administration permission for the file systems to non-privileged
3930 .Bl -tag -width "-d"
3932 Allow only for the descendent file systems.
3933 .It Fl e Ns | Ns Sy everyone
3934 Specifies that the permissions be delegated to everyone.
3935 .It Fl g Ar group Ns Oo , Ns Ar group Oc Ns ...
3936 Explicitly specify that permissions are delegated to the group.
3940 only for the specified file system.
3941 .It Fl u Ar user Ns Oo , Ns Ar user Oc Ns ...
3942 Explicitly specify that permissions are delegated to the user.
3943 .It Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns ...
3944 Specifies to whom the permissions are delegated.
3945 Multiple entities can be specified as a comma-separated list.
3948 options are specified, then the argument is interpreted preferentially as the
3951 then as a user name, and lastly as a group name.
3952 To specify a user or group named
3959 To specify a group with the same name as a user, use the
3963 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
3964 .Ar setname Oc Ns ...
3966 The permissions to delegate.
3967 Multiple permissions may be specified as a comma-separated list.
3968 Permission names are the same as ZFS subcommand and property names.
3969 See the property list below.
3970 Property set names, which begin with
3975 form below for details.
3980 options are specified, or both are, then the permissions are allowed for the
3981 file system or volume, and all of its descendents.
3983 Permissions are generally the ability to use a ZFS subcommand or change a ZFS
3985 The following permissions are available:
3988 allow subcommand Must also have the permission that is
3990 clone subcommand Must also have the 'create' ability and
3991 'mount' ability in the origin file system
3992 create subcommand Must also have the 'mount' ability
3993 destroy subcommand Must also have the 'mount' ability
3994 diff subcommand Allows lookup of paths within a dataset
3995 given an object number, and the ability
3996 to create snapshots necessary to
3998 load-key subcommand Allows loading and unloading of encryption key
3999 (see 'zfs load-key' and 'zfs unload-key').
4000 change-key subcommand Allows changing an encryption key via
4002 mount subcommand Allows mount/umount of ZFS datasets
4003 promote subcommand Must also have the 'mount' and 'promote'
4004 ability in the origin file system
4005 receive subcommand Must also have the 'mount' and 'create'
4007 rename subcommand Must also have the 'mount' and 'create'
4008 ability in the new parent
4009 rollback subcommand Must also have the 'mount' ability
4011 share subcommand Allows sharing file systems over NFS
4013 snapshot subcommand Must also have the 'mount' ability
4015 groupquota other Allows accessing any groupquota@...
4017 groupused other Allows reading any groupused@... property
4018 userprop other Allows changing any user property
4019 userquota other Allows accessing any userquota@...
4021 userused other Allows reading any userused@... property
4022 projectobjquota other Allows accessing any projectobjquota@...
4024 projectquota other Allows accessing any projectquota@... property
4025 projectobjused other Allows reading any projectobjused@... property
4026 projectused other Allows reading any projectused@... property
4032 casesensitivity property
4034 compression property
4038 filesystem_limit property
4041 normalization property
4042 primarycache property
4047 refreservation property
4048 reservation property
4049 secondarycache property
4054 snapshot_limit property
4057 volblocksize property
4067 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
4068 .Ar setname Oc Ns ...
4069 .Ar filesystem Ns | Ns Ar volume
4074 These permissions are granted
4076 to the creator of any newly-created descendent file system.
4080 .Fl s No @ Ns Ar setname
4081 .Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
4082 .Ar setname Oc Ns ...
4083 .Ar filesystem Ns | Ns Ar volume
4085 Defines or adds permissions to a permission set.
4086 The set can be used by other
4088 commands for the specified file system and its descendents.
4089 Sets are evaluated dynamically, so changes to a set are immediately reflected.
4090 Permission sets follow the same naming restrictions as ZFS file systems, but the
4091 name must begin with
4093 and can be no more than 64 characters long.
4098 .Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns ...
4099 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
4100 .Ar setname Oc Ns ... Oc
4101 .Ar filesystem Ns | Ns Ar volume
4106 .Fl e Ns | Ns Sy everyone
4107 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
4108 .Ar setname Oc Ns ... Oc
4109 .Ar filesystem Ns | Ns Ar volume
4115 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
4116 .Ar setname Oc Ns ... Oc
4117 .Ar filesystem Ns | Ns Ar volume
4119 Removes permissions that were granted with the
4122 No permissions are explicitly denied, so other permissions granted are still in
4124 For example, if the permission is granted by an ancestor.
4125 If no permissions are specified, then all permissions for the specified
4137 only removes the permissions that were granted to everyone, not all permissions
4138 for every user and group.
4141 command for a description of the
4144 .Bl -tag -width "-r"
4146 Recursively remove the permissions from this file system and all descendents.
4152 .Fl s No @ Ns Ar setname
4153 .Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
4154 .Ar setname Oc Ns ... Oc
4155 .Ar filesystem Ns | Ns Ar volume
4157 Removes permissions from a permission set.
4158 If no permissions are specified, then all permissions are removed, thus removing
4164 .Ar tag Ar snapshot Ns ...
4166 Adds a single reference, named with the
4168 argument, to the specified snapshot or snapshots.
4169 Each snapshot has its own tag namespace, and tags must be unique within that
4172 If a hold exists on a snapshot, attempts to destroy that snapshot by using the
4176 .Bl -tag -width "-r"
4178 Specifies that a hold with the given tag is applied recursively to the snapshots
4179 of all descendent file systems.
4187 Lists all existing user references for the given snapshot or snapshots.
4188 .Bl -tag -width "-r"
4190 Lists the holds that are set on the named descendent snapshots, in addition to
4191 listing the holds on the named snapshot.
4197 .Ar tag Ar snapshot Ns ...
4199 Removes a single reference, named with the
4201 argument, from the specified snapshot or snapshots.
4202 The tag must already exist for each snapshot.
4203 If a hold exists on a snapshot, attempts to destroy that snapshot by using the
4207 .Bl -tag -width "-r"
4209 Recursively releases a hold with the given tag on the snapshots of all
4210 descendent file systems.
4216 .Ar snapshot Ar snapshot Ns | Ns Ar filesystem
4218 Display the difference between a snapshot of a given filesystem and another
4219 snapshot of that filesystem from a later time or the current contents of the
4221 The first column is a character indicating the type of change, the other columns
4222 indicate pathname, new pathname
4223 .Pq in case of rename ,
4224 change in link count, and optionally file type and/or change time.
4225 The types of change are:
4227 - The path has been removed
4228 + The path has been created
4229 M The path has been modified
4230 R The path has been renamed
4232 .Bl -tag -width "-F"
4234 Display an indication of the type of file, in a manner similar to the
4250 Give more parsable tab-separated output, without header lines and without
4253 Display the path's inode change time as the first column of output.
4260 .Op Fl m Ar memory_limit
4266 as a ZFS channel program on
4269 program interface allows ZFS administrative operations to be run
4270 programmatically via a Lua script.
4271 The entire script is executed atomically, with no other administrative
4272 operations taking effect concurrently.
4273 A library of ZFS calls is made available to channel program scripts.
4274 Channel programs may only be run with root privileges.
4276 For full documentation of the ZFS channel program interface, see the manual
4281 Executes a read-only channel program, which runs faster.
4282 The program cannot change on-disk state by calling functions from
4283 the zfs.sync submodule.
4284 The program can be used to gather information such as properties and
4285 determining if changes would succeed (zfs.check.*).
4286 Without this flag, all pending changes must be synced to disk before
4287 a channel program can complete.
4289 Execution time limit, in milliseconds.
4290 If a channel program executes for longer than the provided timeout, it will
4291 be stopped and an error will be returned.
4292 The default timeout is 1000 ms, and can be set to a maximum of 10000 ms.
4293 .It Fl m Ar memory-limit
4294 Memory limit, in bytes.
4295 If a channel program attempts to allocate more memory than the given limit,
4296 it will be stopped and an error returned.
4297 The default memory limit is 10 MB, and can be set to a maximum of 100 MB.
4299 All remaining argument strings are passed directly to the channel program as
4303 for more information.
4309 .Op Fl L Ar keylocation
4310 .Fl a | Ar filesystem
4314 allowing it and all children that inherit the
4316 property to be accessed. The key will be expected in the format specified by the
4318 and location specified by the
4320 property. Note that if the
4324 the terminal will interactively wait for the key to be entered. Loading a key
4325 will not automatically mount the dataset. If that functionality is desired,
4326 .Nm zfs Cm mount Sy -l
4327 will ask for the key and mount the dataset. Once the key is loaded the
4329 property will become
4331 .Bl -tag -width "-r"
4333 Recursively loads the keys for the specified filesystem and all descendent
4336 Loads the keys for all encryption roots in all imported pools.
4340 load-key. This will cause zfs to simply check that the
4341 provided key is correct. This command may be run even if the key is already
4343 .It Fl L Ar keylocation
4348 property. This will not change the value of the property on the dataset. Note
4349 that if used with either
4354 may only be given as
4361 .Fl a | Ar filesystem
4363 Unloads a key from ZFS, removing the ability to access the dataset and all of
4364 its children that inherit the
4366 property. This requires that the dataset is not currently open or mounted. Once
4367 the key is unloaded the
4369 property will become
4371 .Bl -tag -width "-r"
4373 Recursively unloads the keys for the specified filesystem and all descendent
4376 Unloads the keys for all encryption roots in all imported pools.
4382 .Op Fl o Ar keylocation Ns = Ns Ar value
4383 .Op Fl o Ar keyformat Ns = Ns Ar value
4384 .Op Fl o Ar pbkdf2iters Ns = Ns Ar value
4394 Allows a user to change the encryption key used to access a dataset. This
4395 command requires that the existing key for the dataset is already loaded into
4396 ZFS. This command may also be used to change the
4401 properties as needed. If the dataset was not previously an encryption root it
4402 will become one. Alternatively, the
4404 flag may be provided to cause an encryption root to inherit the parent's key
4406 .Bl -tag -width "-r"
4408 Ensures the key is loaded before attempting to change the key. This is
4409 effectively equivalent to
4410 .Qq Nm zfs Cm load-key Ar filesystem ; Nm zfs Cm change-key Ar filesystem
4411 .It Fl o Ar property Ns = Ns Ar value
4412 Allows the user to set encryption key properties (
4417 ) while changing the key. This is the only way to alter
4421 after the dataset has been created.
4423 Indicates that zfs should make
4425 inherit the key of its parent. Note that this command can only be run on an
4426 encryption root that has an encrypted parent.
4432 utility exits 0 on success, 1 if an error occurs, and 2 if invalid command line
4433 options were specified.
4436 .It Sy Example 1 No Creating a ZFS File System Hierarchy
4437 The following commands create a file system named
4439 and a file system named
4443 is set for the parent file system, and is automatically inherited by the child
4446 # zfs create pool/home
4447 # zfs set mountpoint=/export/home pool/home
4448 # zfs create pool/home/bob
4450 .It Sy Example 2 No Creating a ZFS Snapshot
4451 The following command creates a snapshot named
4453 This snapshot is mounted on demand in the
4455 directory at the root of the
4459 # zfs snapshot pool/home/bob@yesterday
4461 .It Sy Example 3 No Creating and Destroying Multiple Snapshots
4462 The following command creates snapshots named
4466 and all of its descendent file systems.
4467 Each snapshot is mounted on demand in the
4469 directory at the root of its file system.
4470 The second command destroys the newly created snapshots.
4472 # zfs snapshot -r pool/home@yesterday
4473 # zfs destroy -r pool/home@yesterday
4475 .It Sy Example 4 No Disabling and Enabling File System Compression
4476 The following command disables the
4478 property for all file systems under
4480 The next command explicitly enables
4483 .Em pool/home/anne .
4485 # zfs set compression=off pool/home
4486 # zfs set compression=on pool/home/anne
4488 .It Sy Example 5 No Listing ZFS Datasets
4489 The following command lists all active file systems and volumes in the system.
4490 Snapshots are displayed if the
4498 for more information on pool properties.
4501 NAME USED AVAIL REFER MOUNTPOINT
4502 pool 450K 457G 18K /pool
4503 pool/home 315K 457G 21K /export/home
4504 pool/home/anne 18K 457G 18K /export/home/anne
4505 pool/home/bob 276K 457G 276K /export/home/bob
4507 .It Sy Example 6 No Setting a Quota on a ZFS File System
4508 The following command sets a quota of 50 Gbytes for
4511 # zfs set quota=50G pool/home/bob
4513 .It Sy Example 7 No Listing ZFS Properties
4514 The following command lists all properties for
4517 # zfs get all pool/home/bob
4518 NAME PROPERTY VALUE SOURCE
4519 pool/home/bob type filesystem -
4520 pool/home/bob creation Tue Jul 21 15:53 2009 -
4521 pool/home/bob used 21K -
4522 pool/home/bob available 20.0G -
4523 pool/home/bob referenced 21K -
4524 pool/home/bob compressratio 1.00x -
4525 pool/home/bob mounted yes -
4526 pool/home/bob quota 20G local
4527 pool/home/bob reservation none default
4528 pool/home/bob recordsize 128K default
4529 pool/home/bob mountpoint /pool/home/bob default
4530 pool/home/bob sharenfs off default
4531 pool/home/bob checksum on default
4532 pool/home/bob compression on local
4533 pool/home/bob atime on default
4534 pool/home/bob devices on default
4535 pool/home/bob exec on default
4536 pool/home/bob setuid on default
4537 pool/home/bob readonly off default
4538 pool/home/bob zoned off default
4539 pool/home/bob snapdir hidden default
4540 pool/home/bob acltype off default
4541 pool/home/bob aclinherit restricted default
4542 pool/home/bob canmount on default
4543 pool/home/bob xattr on default
4544 pool/home/bob copies 1 default
4545 pool/home/bob version 4 -
4546 pool/home/bob utf8only off -
4547 pool/home/bob normalization none -
4548 pool/home/bob casesensitivity sensitive -
4549 pool/home/bob vscan off default
4550 pool/home/bob nbmand off default
4551 pool/home/bob sharesmb off default
4552 pool/home/bob refquota none default
4553 pool/home/bob refreservation none default
4554 pool/home/bob primarycache all default
4555 pool/home/bob secondarycache all default
4556 pool/home/bob usedbysnapshots 0 -
4557 pool/home/bob usedbydataset 21K -
4558 pool/home/bob usedbychildren 0 -
4559 pool/home/bob usedbyrefreservation 0 -
4562 The following command gets a single property value.
4564 # zfs get -H -o value compression pool/home/bob
4567 The following command lists all properties with local settings for
4570 # zfs get -r -s local -o name,property,value all pool/home/bob
4572 pool/home/bob quota 20G
4573 pool/home/bob compression on
4575 .It Sy Example 8 No Rolling Back a ZFS File System
4576 The following command reverts the contents of
4578 to the snapshot named
4580 deleting all intermediate snapshots.
4582 # zfs rollback -r pool/home/anne@yesterday
4584 .It Sy Example 9 No Creating a ZFS Clone
4585 The following command creates a writable file system whose initial contents are
4587 .Em pool/home/bob@yesterday .
4589 # zfs clone pool/home/bob@yesterday pool/clone
4591 .It Sy Example 10 No Promoting a ZFS Clone
4592 The following commands illustrate how to test out changes to a file system, and
4593 then replace the original file system with the changed one, using clones, clone
4594 promotion, and renaming:
4596 # zfs create pool/project/production
4597 populate /pool/project/production with data
4598 # zfs snapshot pool/project/production@today
4599 # zfs clone pool/project/production@today pool/project/beta
4600 make changes to /pool/project/beta and test them
4601 # zfs promote pool/project/beta
4602 # zfs rename pool/project/production pool/project/legacy
4603 # zfs rename pool/project/beta pool/project/production
4604 once the legacy version is no longer needed, it can be destroyed
4605 # zfs destroy pool/project/legacy
4607 .It Sy Example 11 No Inheriting ZFS Properties
4608 The following command causes
4614 property from their parent.
4616 # zfs inherit checksum pool/home/bob pool/home/anne
4618 .It Sy Example 12 No Remotely Replicating ZFS Data
4619 The following commands send a full stream and then an incremental stream to a
4620 remote machine, restoring them into
4621 .Em poolB/received/fs@a
4623 .Em poolB/received/fs@b ,
4626 must contain the file system
4627 .Em poolB/received ,
4628 and must not initially contain
4629 .Em poolB/received/fs .
4631 # zfs send pool/fs@a | \e
4632 ssh host zfs receive poolB/received/fs@a
4633 # zfs send -i a pool/fs@b | \e
4634 ssh host zfs receive poolB/received/fs
4636 .It Sy Example 13 No Using the zfs receive -d Option
4637 The following command sends a full stream of
4638 .Em poolA/fsA/fsB@snap
4639 to a remote machine, receiving it into
4640 .Em poolB/received/fsA/fsB@snap .
4643 portion of the received snapshot's name is determined from the name of the sent
4646 must contain the file system
4647 .Em poolB/received .
4649 .Em poolB/received/fsA
4650 does not exist, it is created as an empty file system.
4652 # zfs send poolA/fsA/fsB@snap | \e
4653 ssh host zfs receive -d poolB/received
4655 .It Sy Example 14 No Setting User Properties
4656 The following example sets the user-defined
4657 .Sy com.example:department
4658 property for a dataset.
4660 # zfs set com.example:department=12345 tank/accounting
4662 .It Sy Example 15 No Performing a Rolling Snapshot
4663 The following example shows how to maintain a history of snapshots with a
4664 consistent naming scheme.
4665 To keep a week's worth of snapshots, the user destroys the oldest snapshot,
4666 renames the remaining snapshots, and then creates a new snapshot, as follows:
4668 # zfs destroy -r pool/users@7daysago
4669 # zfs rename -r pool/users@6daysago @7daysago
4670 # zfs rename -r pool/users@5daysago @6daysago
4671 # zfs rename -r pool/users@yesterday @5daysago
4672 # zfs rename -r pool/users@yesterday @4daysago
4673 # zfs rename -r pool/users@yesterday @3daysago
4674 # zfs rename -r pool/users@yesterday @2daysago
4675 # zfs rename -r pool/users@today @yesterday
4676 # zfs snapshot -r pool/users@today
4678 .It Sy Example 16 No Setting sharenfs Property Options on a ZFS File System
4679 The following commands show how to set
4681 property options to enable
4685 addresses and to enable root access for system
4691 # zfs set sharenfs='rw=@123.123.0.0/16,root=neo' tank/home
4696 for host name resolution, specify the fully qualified hostname.
4697 .It Sy Example 17 No Delegating ZFS Administration Permissions on a ZFS Dataset
4698 The following example shows how to set permissions so that user
4700 can create, destroy, mount, and take snapshots on
4706 # zfs allow cindys create,destroy,mount,snapshot tank/cindys
4707 # zfs allow tank/cindys
4708 ---- Permissions on tank/cindys --------------------------------------
4709 Local+Descendent permissions:
4710 user cindys create,destroy,mount,snapshot
4715 mount point permission is set to 755 by default, user
4717 will be unable to mount file systems under
4719 Add an ACE similar to the following syntax to provide mount point access:
4721 # chmod A+user:cindys:add_subdirectory:allow /tank/cindys
4723 .It Sy Example 18 No Delegating Create Time Permissions on a ZFS Dataset
4724 The following example shows how to grant anyone in the group
4726 to create file systems in
4728 This syntax also allows staff members to destroy their own file systems, but not
4729 destroy anyone else's file system.
4734 # zfs allow staff create,mount tank/users
4735 # zfs allow -c destroy tank/users
4736 # zfs allow tank/users
4737 ---- Permissions on tank/users ---------------------------------------
4740 Local+Descendent permissions:
4741 group staff create,mount
4743 .It Sy Example 19 No Defining and Granting a Permission Set on a ZFS Dataset
4744 The following example shows how to define and grant a permission set on the
4751 # zfs allow -s @pset create,destroy,snapshot,mount tank/users
4752 # zfs allow staff @pset tank/users
4753 # zfs allow tank/users
4754 ---- Permissions on tank/users ---------------------------------------
4756 @pset create,destroy,mount,snapshot
4757 Local+Descendent permissions:
4760 .It Sy Example 20 No Delegating Property Permissions on a ZFS Dataset
4761 The following example shows to grant the ability to set quotas and reservations
4769 # zfs allow cindys quota,reservation users/home
4770 # zfs allow users/home
4771 ---- Permissions on users/home ---------------------------------------
4772 Local+Descendent permissions:
4773 user cindys quota,reservation
4774 cindys% zfs set quota=10G users/home/marks
4775 cindys% zfs get quota users/home/marks
4776 NAME PROPERTY VALUE SOURCE
4777 users/home/marks quota 10G local
4779 .It Sy Example 21 No Removing ZFS Delegated Permissions on a ZFS Dataset
4780 The following example shows how to remove the snapshot permission from the
4789 # zfs unallow staff snapshot tank/users
4790 # zfs allow tank/users
4791 ---- Permissions on tank/users ---------------------------------------
4793 @pset create,destroy,mount,snapshot
4794 Local+Descendent permissions:
4797 .It Sy Example 22 No Showing the differences between a snapshot and a ZFS Dataset
4798 The following example shows how to see what has changed between a prior
4799 snapshot of a ZFS dataset and its current state.
4802 option is used to indicate type information for the files affected.
4804 # zfs diff -F tank/test@before tank/test
4806 M F /tank/test/linked (+1)
4807 R F /tank/test/oldname -> /tank/test/newname
4808 - F /tank/test/deleted
4809 + F /tank/test/created
4810 M F /tank/test/modified
4812 .It Sy Example 23 No Creating a bookmark
4813 The following example create a bookmark to a snapshot. This bookmark
4814 can then be used instead of snapshot in send streams.
4816 # zfs bookmark rpool@snapshot rpool#bookmark
4818 .It Sy Example 24 No Setting sharesmb Property Options on a ZFS File System
4819 The following example show how to share SMB filesystem through ZFS. Note that
4820 that a user and his/her password must be given.
4822 # smbmount //127.0.0.1/share_tmp /mnt/tmp \\
4823 -o user=workgroup/turbo,password=obrut,uid=1000
4827 .Em /etc/samba/smb.conf
4828 configuration required:
4830 Samba will need to listen to 'localhost' (127.0.0.1) for the ZFS utilities to
4831 communicate with Samba. This is the default behavior for most Linux
4834 Samba must be able to authenticate a user. This can be done in a number of
4835 ways, depending on if using the system password file, LDAP or the Samba
4836 specific smbpasswd file. How to do this is outside the scope of this manual.
4839 man page for more information.
4842 .Sy USERSHARE section
4845 man page for all configuration options in case you need to modify any options
4846 to the share afterwards. Do note that any changes done with the
4848 command will be undone if the share is ever unshared (such as at a reboot etc).
4850 .Sh INTERFACE STABILITY