diff options
| author | johannst <johannst@users.noreply.github.com> | 2023-06-21 21:15:05 +0000 |
|---|---|---|
| committer | johannst <johannst@users.noreply.github.com> | 2023-06-21 21:15:05 +0000 |
| commit | a85e47072ff808846242da49295b4b73af23b840 (patch) | |
| tree | 82a9adba0c179a7c47b7ab7f59a7d121adcad8b5 /print.html | |
| parent | eaad036407c9546be0de27f61745fef4b6856e56 (diff) | |
| download | notes-a85e47072ff808846242da49295b4b73af23b840.tar.gz notes-a85e47072ff808846242da49295b4b73af23b840.zip | |
deploy: 35dc3c48a50594148554010ac626480161ad357a
Diffstat (limited to 'print.html')
| -rw-r--r-- | print.html | 306 |
1 files changed, 300 insertions, 6 deletions
@@ -84,7 +84,7 @@ <nav id="sidebar" class="sidebar" aria-label="Table of contents"> <div class="sidebar-scrollbox"> - <ol class="chapter"><li class="chapter-item expanded affix "><a href="intro.html">Introduction</a></li><li class="chapter-item expanded "><a href="tools/index.html"><strong aria-hidden="true">1.</strong> Tools</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="tools/zsh.html"><strong aria-hidden="true">1.1.</strong> zsh</a></li><li class="chapter-item expanded "><a href="tools/bash.html"><strong aria-hidden="true">1.2.</strong> bash</a></li><li class="chapter-item expanded "><a href="tools/fish.html"><strong aria-hidden="true">1.3.</strong> fish</a></li><li class="chapter-item expanded "><a href="tools/tmux.html"><strong aria-hidden="true">1.4.</strong> tmux</a></li><li class="chapter-item expanded "><a href="tools/git.html"><strong aria-hidden="true">1.5.</strong> git</a></li><li class="chapter-item expanded "><a href="tools/awk.html"><strong aria-hidden="true">1.6.</strong> awk</a></li><li class="chapter-item expanded "><a href="tools/emacs.html"><strong aria-hidden="true">1.7.</strong> emacs</a></li><li class="chapter-item expanded "><a href="tools/gpg.html"><strong aria-hidden="true">1.8.</strong> gpg</a></li><li class="chapter-item expanded "><a href="tools/gdb.html"><strong aria-hidden="true">1.9.</strong> gdb</a></li><li class="chapter-item expanded "><a href="tools/gdbserver.html"><strong aria-hidden="true">1.10.</strong> gdbserver</a></li><li class="chapter-item expanded "><a href="tools/radare2.html"><strong aria-hidden="true">1.11.</strong> radare2</a></li><li class="chapter-item expanded "><a href="tools/qemu.html"><strong aria-hidden="true">1.12.</strong> qemu</a></li><li class="chapter-item expanded "><a href="tools/pacman.html"><strong aria-hidden="true">1.13.</strong> pacman</a></li><li class="chapter-item expanded "><a href="tools/dot.html"><strong aria-hidden="true">1.14.</strong> dot</a></li></ol></li><li class="chapter-item expanded "><a href="monitor/index.html"><strong aria-hidden="true">2.</strong> Resource analysis & monitor</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="monitor/lsof.html"><strong aria-hidden="true">2.1.</strong> lsof</a></li><li class="chapter-item expanded "><a href="monitor/ss.html"><strong aria-hidden="true">2.2.</strong> ss</a></li><li class="chapter-item expanded "><a href="monitor/pidstat.html"><strong aria-hidden="true">2.3.</strong> pidstat</a></li><li class="chapter-item expanded "><a href="monitor/pgrep.html"><strong aria-hidden="true">2.4.</strong> pgrep</a></li><li class="chapter-item expanded "><a href="monitor/pmap.html"><strong aria-hidden="true">2.5.</strong> pmap</a></li><li class="chapter-item expanded "><a href="monitor/pstack.html"><strong aria-hidden="true">2.6.</strong> pstack</a></li></ol></li><li class="chapter-item expanded "><a href="trace_profile/index.html"><strong aria-hidden="true">3.</strong> Trace and Profile</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="trace_profile/strace.html"><strong aria-hidden="true">3.1.</strong> strace</a></li><li class="chapter-item expanded "><a href="trace_profile/ltrace.html"><strong aria-hidden="true">3.2.</strong> ltrace</a></li><li class="chapter-item expanded "><a href="trace_profile/perf.html"><strong aria-hidden="true">3.3.</strong> perf</a></li><li class="chapter-item expanded "><a href="trace_profile/oprofile.html"><strong aria-hidden="true">3.4.</strong> OProfile</a></li><li class="chapter-item expanded "><a href="trace_profile/time.html"><strong aria-hidden="true">3.5.</strong> time</a></li></ol></li><li class="chapter-item expanded "><a href="binary/index.html"><strong aria-hidden="true">4.</strong> Binary</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="binary/od.html"><strong aria-hidden="true">4.1.</strong> od</a></li><li class="chapter-item expanded "><a href="binary/xxd.html"><strong aria-hidden="true">4.2.</strong> xxd</a></li><li class="chapter-item expanded "><a href="binary/readelf.html"><strong aria-hidden="true">4.3.</strong> readelf</a></li><li class="chapter-item expanded "><a href="binary/objdump.html"><strong aria-hidden="true">4.4.</strong> objdump</a></li><li class="chapter-item expanded "><a href="binary/nm.html"><strong aria-hidden="true">4.5.</strong> nm</a></li></ol></li><li class="chapter-item expanded "><a href="development/index.html"><strong aria-hidden="true">5.</strong> Development</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="development/c++filt.html"><strong aria-hidden="true">5.1.</strong> c++filt</a></li><li class="chapter-item expanded "><a href="development/c++.html"><strong aria-hidden="true">5.2.</strong> c++</a></li><li class="chapter-item expanded "><a href="development/glibc.html"><strong aria-hidden="true">5.3.</strong> glibc</a></li><li class="chapter-item expanded "><a href="development/gcc.html"><strong aria-hidden="true">5.4.</strong> gcc</a></li><li class="chapter-item expanded "><a href="development/make.html"><strong aria-hidden="true">5.5.</strong> make</a></li><li class="chapter-item expanded "><a href="development/ld.so.html"><strong aria-hidden="true">5.6.</strong> ld.so</a></li><li class="chapter-item expanded "><a href="development/symbolver.html"><strong aria-hidden="true">5.7.</strong> symbol versioning</a></li><li class="chapter-item expanded "><a href="development/python.html"><strong aria-hidden="true">5.8.</strong> python</a></li><li class="chapter-item expanded "><a href="development/gcov.html"><strong aria-hidden="true">5.9.</strong> gcov</a></li></ol></li><li class="chapter-item expanded "><a href="linux/index.html"><strong aria-hidden="true">6.</strong> Linux</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="linux/systemd.html"><strong aria-hidden="true">6.1.</strong> systemd</a></li><li class="chapter-item expanded "><a href="linux/coredump.html"><strong aria-hidden="true">6.2.</strong> coredump</a></li><li class="chapter-item expanded "><a href="linux/ptrace_scope.html"><strong aria-hidden="true">6.3.</strong> ptrace_scope</a></li><li class="chapter-item expanded "><a href="linux/cryptsetup.html"><strong aria-hidden="true">6.4.</strong> cryptsetup</a></li><li class="chapter-item expanded "><a href="linux/swap.html"><strong aria-hidden="true">6.5.</strong> swap</a></li><li class="chapter-item expanded "><a href="linux/input.html"><strong aria-hidden="true">6.6.</strong> input</a></li></ol></li><li class="chapter-item expanded "><a href="network/index.html"><strong aria-hidden="true">7.</strong> Network</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="network/tcpdump.html"><strong aria-hidden="true">7.1.</strong> tcpdump</a></li><li class="chapter-item expanded "><a href="network/firewall-cmd.html"><strong aria-hidden="true">7.2.</strong> firewall-cmd</a></li><li class="chapter-item expanded "><a href="network/nftables.html"><strong aria-hidden="true">7.3.</strong> nftables</a></li></ol></li><li class="chapter-item expanded "><a href="web/index.html"><strong aria-hidden="true">8.</strong> Web</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="web/html.html"><strong aria-hidden="true">8.1.</strong> html</a></li><li class="chapter-item expanded "><a href="web/chartjs.html"><strong aria-hidden="true">8.2.</strong> chartjs</a></li></ol></li><li class="chapter-item expanded "><a href="arch/index.html"><strong aria-hidden="true">9.</strong> Arch</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="arch/x86_64.html"><strong aria-hidden="true">9.1.</strong> x86_64</a></li><li class="chapter-item expanded "><a href="arch/arm64.html"><strong aria-hidden="true">9.2.</strong> arm64</a></li><li class="chapter-item expanded "><a href="arch/armv7.html"><strong aria-hidden="true">9.3.</strong> armv7</a></li><li class="chapter-item expanded "><a href="arch/riscv.html"><strong aria-hidden="true">9.4.</strong> riscv</a></li></ol></li></ol> + <ol class="chapter"><li class="chapter-item expanded affix "><a href="intro.html">Introduction</a></li><li class="chapter-item expanded "><a href="tools/index.html"><strong aria-hidden="true">1.</strong> Tools</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="tools/zsh.html"><strong aria-hidden="true">1.1.</strong> zsh</a></li><li class="chapter-item expanded "><a href="tools/bash.html"><strong aria-hidden="true">1.2.</strong> bash</a></li><li class="chapter-item expanded "><a href="tools/fish.html"><strong aria-hidden="true">1.3.</strong> fish</a></li><li class="chapter-item expanded "><a href="tools/tmux.html"><strong aria-hidden="true">1.4.</strong> tmux</a></li><li class="chapter-item expanded "><a href="tools/git.html"><strong aria-hidden="true">1.5.</strong> git</a></li><li class="chapter-item expanded "><a href="tools/awk.html"><strong aria-hidden="true">1.6.</strong> awk</a></li><li class="chapter-item expanded "><a href="tools/emacs.html"><strong aria-hidden="true">1.7.</strong> emacs</a></li><li class="chapter-item expanded "><a href="tools/gpg.html"><strong aria-hidden="true">1.8.</strong> gpg</a></li><li class="chapter-item expanded "><a href="tools/gdb.html"><strong aria-hidden="true">1.9.</strong> gdb</a></li><li class="chapter-item expanded "><a href="tools/gdbserver.html"><strong aria-hidden="true">1.10.</strong> gdbserver</a></li><li class="chapter-item expanded "><a href="tools/radare2.html"><strong aria-hidden="true">1.11.</strong> radare2</a></li><li class="chapter-item expanded "><a href="tools/qemu.html"><strong aria-hidden="true">1.12.</strong> qemu</a></li><li class="chapter-item expanded "><a href="tools/pacman.html"><strong aria-hidden="true">1.13.</strong> pacman</a></li><li class="chapter-item expanded "><a href="tools/dot.html"><strong aria-hidden="true">1.14.</strong> dot</a></li></ol></li><li class="chapter-item expanded "><a href="monitor/index.html"><strong aria-hidden="true">2.</strong> Resource analysis & monitor</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="monitor/lsof.html"><strong aria-hidden="true">2.1.</strong> lsof</a></li><li class="chapter-item expanded "><a href="monitor/ss.html"><strong aria-hidden="true">2.2.</strong> ss</a></li><li class="chapter-item expanded "><a href="monitor/pidstat.html"><strong aria-hidden="true">2.3.</strong> pidstat</a></li><li class="chapter-item expanded "><a href="monitor/pgrep.html"><strong aria-hidden="true">2.4.</strong> pgrep</a></li><li class="chapter-item expanded "><a href="monitor/pmap.html"><strong aria-hidden="true">2.5.</strong> pmap</a></li><li class="chapter-item expanded "><a href="monitor/pstack.html"><strong aria-hidden="true">2.6.</strong> pstack</a></li></ol></li><li class="chapter-item expanded "><a href="trace_profile/index.html"><strong aria-hidden="true">3.</strong> Trace and Profile</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="trace_profile/strace.html"><strong aria-hidden="true">3.1.</strong> strace</a></li><li class="chapter-item expanded "><a href="trace_profile/ltrace.html"><strong aria-hidden="true">3.2.</strong> ltrace</a></li><li class="chapter-item expanded "><a href="trace_profile/perf.html"><strong aria-hidden="true">3.3.</strong> perf</a></li><li class="chapter-item expanded "><a href="trace_profile/oprofile.html"><strong aria-hidden="true">3.4.</strong> OProfile</a></li><li class="chapter-item expanded "><a href="trace_profile/time.html"><strong aria-hidden="true">3.5.</strong> time</a></li></ol></li><li class="chapter-item expanded "><a href="binary/index.html"><strong aria-hidden="true">4.</strong> Binary</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="binary/od.html"><strong aria-hidden="true">4.1.</strong> od</a></li><li class="chapter-item expanded "><a href="binary/xxd.html"><strong aria-hidden="true">4.2.</strong> xxd</a></li><li class="chapter-item expanded "><a href="binary/readelf.html"><strong aria-hidden="true">4.3.</strong> readelf</a></li><li class="chapter-item expanded "><a href="binary/objdump.html"><strong aria-hidden="true">4.4.</strong> objdump</a></li><li class="chapter-item expanded "><a href="binary/nm.html"><strong aria-hidden="true">4.5.</strong> nm</a></li></ol></li><li class="chapter-item expanded "><a href="development/index.html"><strong aria-hidden="true">5.</strong> Development</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="development/c++filt.html"><strong aria-hidden="true">5.1.</strong> c++filt</a></li><li class="chapter-item expanded "><a href="development/c++.html"><strong aria-hidden="true">5.2.</strong> c++</a></li><li class="chapter-item expanded "><a href="development/glibc.html"><strong aria-hidden="true">5.3.</strong> glibc</a></li><li class="chapter-item expanded "><a href="development/gcc.html"><strong aria-hidden="true">5.4.</strong> gcc</a></li><li class="chapter-item expanded "><a href="development/make.html"><strong aria-hidden="true">5.5.</strong> make</a></li><li class="chapter-item expanded "><a href="development/ld.so.html"><strong aria-hidden="true">5.6.</strong> ld.so</a></li><li class="chapter-item expanded "><a href="development/symbolver.html"><strong aria-hidden="true">5.7.</strong> symbol versioning</a></li><li class="chapter-item expanded "><a href="development/python.html"><strong aria-hidden="true">5.8.</strong> python</a></li><li class="chapter-item expanded "><a href="development/gcov.html"><strong aria-hidden="true">5.9.</strong> gcov</a></li></ol></li><li class="chapter-item expanded "><a href="linux/index.html"><strong aria-hidden="true">6.</strong> Linux</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="linux/systemd.html"><strong aria-hidden="true">6.1.</strong> systemd</a></li><li class="chapter-item expanded "><a href="linux/coredump.html"><strong aria-hidden="true">6.2.</strong> coredump</a></li><li class="chapter-item expanded "><a href="linux/ptrace_scope.html"><strong aria-hidden="true">6.3.</strong> ptrace_scope</a></li><li class="chapter-item expanded "><a href="linux/cryptsetup.html"><strong aria-hidden="true">6.4.</strong> cryptsetup</a></li><li class="chapter-item expanded "><a href="linux/swap.html"><strong aria-hidden="true">6.5.</strong> swap</a></li><li class="chapter-item expanded "><a href="linux/input.html"><strong aria-hidden="true">6.6.</strong> input</a></li><li class="chapter-item expanded "><a href="linux/acl.html"><strong aria-hidden="true">6.7.</strong> acl</a></li><li class="chapter-item expanded "><a href="linux/zfs.html"><strong aria-hidden="true">6.8.</strong> zfs</a></li></ol></li><li class="chapter-item expanded "><a href="network/index.html"><strong aria-hidden="true">7.</strong> Network</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="network/tcpdump.html"><strong aria-hidden="true">7.1.</strong> tcpdump</a></li><li class="chapter-item expanded "><a href="network/firewall-cmd.html"><strong aria-hidden="true">7.2.</strong> firewall-cmd</a></li><li class="chapter-item expanded "><a href="network/nftables.html"><strong aria-hidden="true">7.3.</strong> nftables</a></li></ol></li><li class="chapter-item expanded "><a href="web/index.html"><strong aria-hidden="true">8.</strong> Web</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="web/html.html"><strong aria-hidden="true">8.1.</strong> html</a></li><li class="chapter-item expanded "><a href="web/chartjs.html"><strong aria-hidden="true">8.2.</strong> chartjs</a></li></ol></li><li class="chapter-item expanded "><a href="arch/index.html"><strong aria-hidden="true">9.</strong> Arch</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="arch/x86_64.html"><strong aria-hidden="true">9.1.</strong> x86_64</a></li><li class="chapter-item expanded "><a href="arch/arm64.html"><strong aria-hidden="true">9.2.</strong> arm64</a></li><li class="chapter-item expanded "><a href="arch/armv7.html"><strong aria-hidden="true">9.3.</strong> armv7</a></li><li class="chapter-item expanded "><a href="arch/riscv.html"><strong aria-hidden="true">9.4.</strong> riscv</a></li></ol></li></ol> </div> <div id="sidebar-resize-handle" class="sidebar-resize-handle"></div> </nav> @@ -3459,6 +3459,19 @@ $(realpath fname1 fname2 ..) =symbols show search path for symbol lookup =bindings show against which definition a symbol is bound </code></pre> +<h3 id="ld_library_path-and-dlopen3"><a class="header" href="#ld_library_path-and-dlopen3">LD_LIBRARY_PATH and dlopen(3)</a></h3> +<p>When dynamically loading a shared library during program runtime with +<code>dlopen(3)</code>, only the <code>LD_LIBRARY_PATH</code> as it was during program startup is +evaluated. +Therefore the following is a code smell:</p> +<pre><code class="language-c">// at startup LD_LIBRARY_PATH=/moose + +// Assume /foo/libbar.so +setenv("LD_LIBRARY_PATH", "/foo", true /* overwrite */); + +// Will look in /moose and NOT in /foo. +dlopen("libbar.so", RTLD_LAZY); +</code></pre> <h2 id="ld_preload-initialization-order-and-link-map"><a class="header" href="#ld_preload-initialization-order-and-link-map">LD_PRELOAD: Initialization Order and Link Map</a></h2> <p>Libraries specified in <code>LD_PRELOAD</code> are loaded from <code>left-to-right</code> but initialized from <code>right-to-left</code>.</p> @@ -3952,6 +3965,8 @@ clean: <li><a href="linux/./cryptsetup.html">cryptsetup</a></li> <li><a href="linux/./swap.html">swap</a></li> <li><a href="linux/./input.html">input</a></li> +<li><a href="linux/./acl.html">acl</a></li> +<li><a href="linux/./zfs.html">zfs</a></li> </ul> <div style="break-before: page; page-break-before: always;"></div><h1 id="systemd"><a class="header" href="#systemd">systemd</a></h1> <h2 id="systemctl"><a class="header" href="#systemctl">systemctl</a></h2> @@ -4333,6 +4348,285 @@ int main(int argc, char* argv[]) { </code></pre> <p>[mousedev]: TODO /home/johannst/dev/linux/drivers/input/mousedev.c [evdev]: TODO /home/johannst/dev/linux/drivers/input/evdev.c</p> +<div style="break-before: page; page-break-before: always;"></div><h1 id="access-control-list-acl"><a class="header" href="#access-control-list-acl">access control list (acl)</a></h1> +<blockquote> +<p>This describes <code>POSIX</code> acl.</p> +</blockquote> +<p>The access control list provides a flexibel permission mechanism next to the +<code>UNIX</code> file permissions. This allows to specify fine grained permissions for +users/groups on filesystems.</p> +<p>Filesystems which support acl typically have an <code>acl</code> option, which must be +specified while mounting when it is not a default option. +Filesystems must be mounted with the <code>acl</code> option if not enabled as default +option.</p> +<p>Files or folder that have an <code>acl</code> defined, can be identified by the <code>+</code> sign +next to the UNIX permissions.</p> +<p>The following shows on example for a zfs filesystem.</p> +<pre><code class="language-bash"># mount | grep tank +tank on /tank type zfs (rw,xattr,noacl) +tank/foo on /tank/foo type zfs (rw,xattr,posixacl) + +# ls -h /tank +drwxrwxr-x+ 2 root root 4 11. Jun 14:26 foo/ +</code></pre> +<h2 id="show-acl-entries"><a class="header" href="#show-acl-entries">Show acl entries</a></h2> +<pre><code class="language-bash"># List current acl entries. +getfacl /tank/foo +</code></pre> +<h2 id="modify-acl-entries"><a class="header" href="#modify-acl-entries">Modify acl entries</a></h2> +<pre><code class="language-bash"># Add acl entry for user "user123". +setfacl -m "u:user123:rwx" /tank/foo + +# Remove entry for user "user123". +setfacl -x "u:user123" /tank/foo + +# Add acl entry for group "group456". +setfacl -m "g:group456:rx" /tank/foo + +# Add acl entry for others. +setfacl -m "o:rx" /tank/foo + +# Remove extended acl entries. +setfacl -b /tank/foo +</code></pre> +<h2 id="masking-of-acl-entries"><a class="header" href="#masking-of-acl-entries">Masking of acl entries</a></h2> +<p>The <code>mask</code> defines the maximum access rights that can be given to <strong>users</strong> and +<strong>groups</strong>.</p> +<pre><code class="language-bash"># Update the mask. +setfacl -m "m:rx" /tank/foo + +# List acl entries. +getfacl /tank/foo +# file: tank/foo +# owner: root +# group: root +user::rwx +user:user123:rwx # effective:r-x +group::r-x +mask::r-x +other::rwx +</code></pre> +<h2 id="references-4"><a class="header" href="#references-4">References</a></h2> +<ul> +<li><a href="https://www.man7.org/linux/man-pages/man5/acl.5.html">acl(5)</a></li> +<li><a href="https://www.man7.org/linux/man-pages/man1/getfacl.1.html">getfacl(1)</a></li> +<li><a href="https://www.man7.org/linux/man-pages/man1/setfacl.1.html">setfacl(1)</a></li> +</ul> +<div style="break-before: page; page-break-before: always;"></div><h1 id="zfs"><a class="header" href="#zfs">zfs</a></h1> +<p>Pools are managed with the <a href="https://openzfs.github.io/openzfs-docs/man/8/zpool.8.html"><code>zpool(8)</code></a> command and have the +following hierarchy:</p> +<ul> +<li><code>pool</code>: consists of one or more virtual devices (<code>vdev</code>)</li> +<li><code>vdev</code>: consists of one or more physical devices (<code>dev</code>) and come in +different kinds such as <a href="https://openzfs.github.io/openzfs-docs/man/7/zpoolconcepts.7.html#Virtual_Devices_(vdevs)"><code>disk</code>, <code>mirror</code>, <code>raidzX</code>, ...</a> +<ul> +<li><code>disk</code>: single physical disk (<code>vdev == dev</code>)</li> +<li><code>mirror</code>: data is identically replicated on all <code>devs</code> (requires at least 2 +physical devices).</li> +</ul> +</li> +</ul> +<p>Data stored in a pool is distributed and stored across all <code>vdevs</code> by zfs. +Therefore a total failure of a single <code>vdev</code> can lead to total loss of a pool.</p> +<p>A <code>dataset</code> is a logical volume which can be created on top of a <code>pool</code>. Each +<code>dataset</code> can be configured with its own set of <code>properties</code> like +<a href="https://openzfs.github.io/openzfs-docs/man/7/zfsprops.7.html"><code>encryption</code>, <code>quota</code>, ...</a>. +Datasets are managed with the <a href="https://openzfs.github.io/openzfs-docs/man/8/zfs.8.html"><code>zfs(8)</code></a> command.</p> +<h2 id="zfs-pool-management"><a class="header" href="#zfs-pool-management">zfs pool management</a></h2> +<p>Pools are by default mounted at <code>/<POOL></code>.</p> +<h3 id="create-modify-and-destroy-zfs-pools"><a class="header" href="#create-modify-and-destroy-zfs-pools">Create, modify and destroy zfs pools</a></h3> +<pre><code class="language-bash"># Create a pool MOOSE with a two mirror vdevs. +zpool create moose mirror <dev1> <dev2> mirror <dev3> <dev4>.. + +# Add new raidz1 vdev to a pool. +zpool add moose raidz1 <devA> <devB> <devC>.. + +# Remove a vdev from a pool. +zpool remove moose <vdevX> + +# Destroy a pool. +zpool destroy moose +</code></pre> +<blockquote> +<p>For stable device names in small home setups it is recommended to use names +from <a href="https://openzfs.github.io/openzfs-docs/Project%20and%20Community/FAQ.html#selecting-dev-names-when-creating-a-pool-linux"><code>/dev/disk/by-id</code></a>.</p> +</blockquote> +<h3 id="inspect-zfs-pools"><a class="header" href="#inspect-zfs-pools">Inspect zfs pools</a></h3> +<pre><code class="language-bash"># Show status of all pools or a single one. +zpool status [<pool>] + +# Show information / statistics about pools or single one. +zpool list [<pool>] + +# Show statistics for all devices. +zpool list -v + +# Show command history for pools. +zpool history +</code></pre> +<h3 id="modify-vdevs"><a class="header" href="#modify-vdevs">Modify <code>vdevs</code></a></h3> +<pre><code class="language-bash"># vdev MIRROR-0 with two devs. +zpool status + NAME STATE READ WRITE CKSUM + moose ONLINE 0 0 0 + mirror-0 ONLINE 0 0 0 + virtio-200 ONLINE 0 0 0 + virtio-300 ONLINE 0 0 0 + +# Attach new device to an existing vdev. +zpool attach moose virtio-200 virtio-400 + +# vdev MIRROR-0 with three devs. +zpool status + NAME STATE READ WRITE CKSUM + moose ONLINE 0 0 0 + mirror-0 ONLINE 0 0 0 + virtio-200 ONLINE 0 0 0 + virtio-300 ONLINE 0 0 0 + virtio-400 ONLINE 0 0 0 + +# Detach device from vdev. +zpool detach moose virtio-200 +</code></pre> +<h3 id="replace-faulty-disk"><a class="header" href="#replace-faulty-disk">Replace faulty disk</a></h3> +<pre><code class="language-bash"># MIRROR-0 is degraded as one disk failed, but still intact. +zpool status + NAME STATE READ WRITE CKSUM + moose DEGRADED 0 0 0 + mirror-0 DEGRADED 0 0 0 + virtio-200 UNAVAIL 0 0 0 invalid label + virtio-300 ONLINE 0 0 0 + +# Replace faulty disk, in mirror. +# No data is lost since mirror still has one good disk. +zpool replace moose virtio-200 virtio-400 + +# MIRROR-0 back in ONLINE (good) state. +zpool status + NAME STATE READ WRITE CKSUM + moose ONLINE 0 0 0 + mirror-0 ONLINE 0 0 0 + virtio-400 ONLINE 0 0 0 + virtio-300 ONLINE 0 0 0 +</code></pre> +<h3 id="import-or-export-zfs-pools"><a class="header" href="#import-or-export-zfs-pools">Import or export zfs pools</a></h3> +<p>When moving pools between hosts, the pool must be <code>exported</code> on the currently +active host and <code>imported</code> on the new host.</p> +<pre><code class="language-bash"># Export a pool called MOOSE. +zpool export moose + +# List pools that can be imported using BY-ID deivce names (for example). +zpool import -d /dev/disk/by-id + +# Import pool MOOSE using BY-ID device names (for example). +zpool import -d /dev/disk/by-id moose +</code></pre> +<blockquote> +<p>Device names used by an existing pool can be changed by <a href="https://openzfs.github.io/openzfs-docs/Project%20and%20Community/FAQ.html#changing-dev-names-on-an-existing-pool">exporting and +importing</a> a pool again.</p> +</blockquote> +<h2 id="zfs-dataset-management"><a class="header" href="#zfs-dataset-management">zfs dataset management</a></h2> +<p>Datasets are by default mounted at <code>/<POOL>/<DATASET></code>.</p> +<h3 id="create-and-destroy-zfs-datasets"><a class="header" href="#create-and-destroy-zfs-datasets">Create and destroy zfs datasets</a></h3> +<pre><code class="language-bash"># Create dataset FOO on pool MOOSE. +zfs create moose/foo + +# Destroy dataset. +zfs destroy moose/foo +</code></pre> +<h3 id="list-all-zfs-datasets"><a class="header" href="#list-all-zfs-datasets">List all zfs datasets</a></h3> +<pre><code class="language-bash"># List all zfs datasets. +zfs list +</code></pre> +<h3 id="mount-zfs-datasets"><a class="header" href="#mount-zfs-datasets">Mount zfs datasets</a></h3> +<pre><code class="language-bash"># List currently mounted datasets. +zfs mount + +# Mount dataset. +zfs mount moose/foo + +# Unmount dataset. +zfs unmount moose/foo +</code></pre> +<h3 id="encrypted-datasets"><a class="header" href="#encrypted-datasets">Encrypted datasets</a></h3> +<p>Encryption is a readonly property, can only be set when creating a dataset.</p> +<pre><code class="language-bash"># Create encrypted dataset ENC on pool MOOSE. +zfs create -o encryption=on -o keyformat=passphrase moose/foo + +# Mount encrypte dataset (if key is not loaded). +zfs mount -l moose/foo + +# Unmount dataset and unload encryption key (unload is optional). +zfs umount -u moose/foo +</code></pre> +<h3 id="manage-zfs-encryption-keys"><a class="header" href="#manage-zfs-encryption-keys">Manage zfs encryption keys</a></h3> +<pre><code class="language-bash"># Preload encryption key for dataset. +zfs load-key moose/foo + +# Preload encryption key for all datasets. +zfs load-key -a + +# Change encryption key for dataset. +zfs change-key moose/foo + +# Unload encryption key for dataset. +zfs unload-key moose/foo +</code></pre> +<h3 id="manage-dataset-properties"><a class="header" href="#manage-dataset-properties">Manage dataset properties</a></h3> +<pre><code class="language-bash"># Get all properties for dataset. +zfs get quota moose/foo + +# Get single property for dataset. +zfs get all moose/foo + +# Get single property for all datasets. +zfs get quota + +# Set property on dataset. +zfs set quota=10G moose/foo +</code></pre> +<h3 id="snapshots"><a class="header" href="#snapshots">Snapshots</a></h3> +<pre><code class="language-bash"># Create snapshot called V2 for dataset moose/foo. +zfs snapshot moose/foo@v2 + +# List all snapshots. +zfs list -t snapshot + +# Make .zfs direcotry visible in the root of the dataset. +zfs set snapdir=visible moose/foo + +# Browse available snapshots in visible .zfs direcotry (readonly). +ls /moose/foo/.zfs/snapshot +v1/ v2/ + +# Create a new dataset based on the V1 snapshot +zfs clone moose/foo@v1 moose/foov1 + +# Destroy snapshot. +zfs destroy moose/foo@v1 +</code></pre> +<h3 id="access-control-list"><a class="header" href="#access-control-list">Access control list</a></h3> +<p>Focus on <a href="linux/./acl.html">posix acl</a>.</p> +<pre><code class="language-bash"># Set the ACL type for the FOO dataset to POSIXACL. +zfs set acltype=posixacl moose/foo + +# Get the ACL type of a given dataset. +zfs get acltype moose/foo +</code></pre> +<blockquote> +<p>For performance reasons it is recommended to also set <code>zfs set xattr=sa moose/foo</code> [<a href="https://github.com/openzfs/zfs/issues/170#issuecomment-27348094">ref</a>].</p> +</blockquote> +<h2 id="example-zfs-pool-import-during-startup-systemd"><a class="header" href="#example-zfs-pool-import-during-startup-systemd">Example: zfs pool import during startup (<code>systemd</code>)</a></h2> +<p>The default zpool cache file is <code>/etc/zfs/zpool.cache</code>. When pools are imported +the cache is updated.</p> +<p>Enable the following targets / services to automatically import pools from the +cache.</p> +<pre><code class="language-bash">systemctl list-dependencies + ... + └─zfs.target + └─zfs-import.target + └─zfs-import-cache.service +</code></pre> <div style="break-before: page; page-break-before: always;"></div><h1 id="network-1"><a class="header" href="#network-1">Network</a></h1> <ul> <li><a href="network/./tcpdump.html">tcpdump</a></li> @@ -4396,7 +4690,7 @@ firewall-cmd --remove-port 8000/tcp # Remove rich rule. firewall-cmd --remove-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"' </code></pre> -<h2 id="references-4"><a class="header" href="#references-4">References</a></h2> +<h2 id="references-5"><a class="header" href="#references-5">References</a></h2> <ul> <li>man <a href="https://firewalld.org/documentation/man-pages/firewall-cmd.html">firewall-cmd(1)</a></li> <li>man <a href="https://firewalld.org/documentation/man-pages/firewalld.html">firewalld(1)</a></li> @@ -4995,7 +5289,7 @@ greeting_len: <pre><code class="language-bash">> gcc -o greet greet.s -nostartfiles -nostdlib && ./greet Hi ASM-World! </code></pre> -<h2 id="references-5"><a class="header" href="#references-5">References</a></h2> +<h2 id="references-6"><a class="header" href="#references-6">References</a></h2> <ul> <li><a href="https://www.uclibc.org/docs/psABI-x86_64.pdf">SystemV AMD64 ABI</a></li> <li><a href="https://www.amd.com/system/files/TechDocs/24592.pdf">AMD64 Vol1: Application Programming</a></li> @@ -5224,7 +5518,7 @@ Hi ASM-World! distributions. Explicitly specifying the dynamic linker should not be required when compiling natively on arm64.</p> </blockquote> -<h2 id="references-6"><a class="header" href="#references-6">References</a></h2> +<h2 id="references-7"><a class="header" href="#references-7">References</a></h2> <ul> <li><a href="https://github.com/ARM-software/abi-aa/blob/master/aapcs64/aapcs64.rst">Procedure Call Standard ARM64</a></li> <li><a href="https://developer.arm.com/documentation/den0024/latest">ARMv8-A Programmer's Guide</a></li> @@ -5468,7 +5762,7 @@ Hi ASM-World! distributions. Explicitly specifying the dynamic linker should not be required when compiling natively on arm.</p> </blockquote> -<h2 id="references-7"><a class="header" href="#references-7">References</a></h2> +<h2 id="references-8"><a class="header" href="#references-8">References</a></h2> <ul> <li><a href="https://github.com/ARM-software/abi-aa/blob/master/aapcs32/aapcs32.rst">Procedure Call Standard ARM</a></li> <li><a href="https://developer.arm.com/documentation/den0013/latest">ARMv7-A Programmer's Guide</a></li> @@ -5549,7 +5843,7 @@ distributions. Explicitly specifying the dynamic linker should not be required when compiling natively on riscv.</p> <p>Select dynamic linker according to abi used during compile & link.</p> </blockquote> -<h2 id="references-8"><a class="header" href="#references-8">References</a></h2> +<h2 id="references-9"><a class="header" href="#references-9">References</a></h2> <ul> <li><a href="https://sourceware.org/binutils/docs/as">GNU Assembler</a></li> <li><a href="https://sourceware.org/binutils/docs/as/Pseudo-Ops.html#Pseudo-Ops">GNU Assembler Directives</a></li> |