Written by J. Moellenkamp
on March 13, 2021
Reading time: 1 minute
Solaris

Homedirectories

Even such venerable tools like useradd could use some extra features. In a recent SRU an option was added to set a default how the home directory is created. You have three options.

create is as a subdirectory
create it as an own zfs filesystem for the user
create it as an own zfs filesystem for the user and delegate the filesystem to the user.

Let’s try this out. When you chose yes, the home directory is created as it’s own home directory.

root@solaris:~# useradd -D -z yes
group=staff,10  project=default,3  basedir=/export/home
skel=/etc/skel  shell=/usr/bin/bash  inactive=0
expire=  auths=  roles=  profiles=  limitpriv=
defaultpriv=  lock_after_retries=  roleauth=
auth_profiles=  clearance=  min_label=  pam_policy=
project=  audit_flags=  access_times=  access_tz=
unlock_after=  tpd=  annotation=  zfshome=yes

Now i create a user with this defaults:

root@solaris:~# useradd -m userb

There is an own zfs filesystem for the homedirectory of user usera

root@solaris:/export/home# zfs list | grep "rpool/export/home/usera"
rpool/export/home/usera          35K     2G    35K  /export/home/usera

And if you check for the delegations, you will see that permissions have been passed to the user usera

root@solaris:/export/home# zfs allow rpool/export/home/usera
---- Permissions on rpool/export/home/usera -----------------------
Local+Descendent permissions:
        user usera create,mount,snapshot

Okay, now let’s try it with the setting nodelegation

root@solaris:~# useradd -D -z nodelegation
group=staff,10  project=default,3  basedir=/export/home
skel=/etc/skel  shell=/usr/bin/bash  inactive=0
expire=  auths=  roles=  profiles=  limitpriv=
defaultpriv=  lock_after_retries=  roleauth=
auth_profiles=  clearance=  min_label=  pam_policy=
project=  audit_flags=  access_times=  access_tz=
unlock_after=  tpd=  annotation=  zfshome=nodelegation

I create another user.

root@solaris:~# useradd -m userb

An own ZFS filesystem is still created.

root@solaris:/export/home# zfs list | grep "rpool/export/home/userb"
rpool/export/home/userb             35K     2G    35K  /export/home/userb

However when checking for delegations, there will be none.

root@solaris:~# zfs allow rpool/export/home/userb
root@solaris:~#

Okay. Last option to this setting. no tells the system not to create an ZFS filesystem for the user.

root@solaris:~# useradd -D -z no
group=staff,10  project=default,3  basedir=/export/home
skel=/etc/skel  shell=/usr/bin/bash  inactive=0
expire=  auths=  roles=  profiles=  limitpriv=
defaultpriv=  lock_after_retries=  roleauth=
auth_profiles=  clearance=  min_label=  pam_policy=
project=  audit_flags=  access_times=  access_tz=
unlock_after=  tpd=  annotation=  zfshome=no

Okay, yet another user.

root@solaris:~# useradd -m userc

There is no separate ZFS filesystem for this user.

root@solaris:~# zfs list | grep "userc"
root@solaris:~#

Instead the home directory has just been created as a normal directory.

root@solaris:/export/home# ls -l /export/home/ | grep userc
drwxr-xr-x   2 userc   staff          7 März  5 17:13 userc

And of course there are no delegations because there is no ZFS filesystem for this user.

← → Top