diff --git a/FreeBSD-EN-23:22.vfs b/FreeBSD-EN-23:22.vfs --- /dev/null +++ b/FreeBSD-EN-23:22.vfs @@ -0,0 +1,131 @@ +============================================================================= +FreeBSD-EN-23:22.vfs Errata Notice + The FreeBSD Project + +Topic: ZFS snapshot directories not accessible over NFS + +Category: core +Module: vfs +Announced: 2023-XX-XX +Affects: FreeBSD 14.0 +Corrected: 2023-XX-XX XX:XX:XX UTC (stable/14, 14.0-STABLE) + 2023-XX-XX XX:XX:XX UTC (releng/14.0, 14.0-RELEASE-pXX) + 2023-XX-XX XX:XX:XX UTC (stable/13, 13.2-STABLE) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +ZFS is one of several filesystems available on FreeBSD. ZFS supports many +advanced features, including checksumming, transparent compression, and +snapshots. + +Snapshots of a ZFS dataset can be accessed through a hidden directory, +.zfs/snapshots, located in the root of the mounted dataset. + +II. Problem Description + +When a process attempts to access a snapshot under //.zfs/snapshot, +the snapshot is automounted. However, without this patch, the automount does +not properly set some metadata in the kernel's representation of the mount +point, which results in the snapshot not being accessible over NFS. + +III. Impact + +Workflows which rely on ZFS snapshots being accessible over NFS are broken. + +IV. Workaround + +No workaround is available. + +V. Solution + + + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. A reboot is required after +the upgrade procedure has been completed. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms, +or the i386 platfrom on FreeBSD 13 and earlier, can be updated via +the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r now + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-23:22/vfs.patch +# fetch https://security.FreeBSD.org/patches/EN-23:22/vfs.patch.asc +# gpg --verify vfs.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +VI. Correction details + +This issue is corrected as of the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +------------------------------------------------------------------------- +stable/14/ 62304a0c3b8b stable/14-n265867 +releng/14.0/ XXXXXXXXXXXX releng/14.0-nXXXXXX +stable/13/ XXXXXXXXXXXX stable/13-nXXXXXX +------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + +The latest revision of this advisory is available at +