Skip to content

Instantly share code, notes, and snippets.

@alanc

alanc/SRU81-man-page-changes.diff

Last active May 20, 2025 22:11
Show Gist options
  • Save alanc/067a51bfc04e63ffa4ee9eda0daf36f0 to your computer and use it in GitHub Desktop.
Save alanc/067a51bfc04e63ffa4ee9eda0daf36f0 to your computer and use it in GitHub Desktop.
Download ZIP
Changes to core OS man pages in Oracle Solaris 11.4 SRU 81
Raw
Solaris-11.4-SRU81-man-page-changes.txt
28562513 zone migration should enforce synced time on source and target
33536099 Create management knob to suppress ICMP dest unreachable messages
35664367 Improve ldmd's *-logctl capabilities; make available in non-debug builds
36835402 Update GRUB to 2.12
37006125 ssh-key logins fail even after auto unlock expires
37066513 nscd.8 is out of date w.r.t. s11u4 behaviors.
37106988 useradd should select a uid outside of vendor and dynamic range
37189557 want NIC drivers to report basic transceiver info
37229468 ovmtprop/ovmtconfig man pages need updates to clarify the usage of commands for setting properties on a guest domain
37264872 link-editor should support CTF generation
37264999 ctfconvert and ctfmerge -a mishandle archives
37331630 want native mdb support for redirecting text output
37365602 Correct man page errors for add-spconfig subcommand to ldm
37409530 CTF version 3
37417505 solaris10(7) man page needs more info on archive use
37417543 solaris10 branded zone installer should support compressed ustar/xustar/pax archives
37418435 SLEEPTIME should apply to SSH logins too
37444750 Assorted fixes for SVR4 packaging man pages
37484712 more minor issues in 3KSTAT2 man pages
37528844 sulogin should allow users with root role
37548731 getpeereid() is becoming standardized, add it to Solaris
37606902 Obsolete KMIP failover_limit
37607472 "ptree 0" should list init as it did before
37608035 pam_unix_auth(7) should document nosleeponfail
37679910 Fix typos in mdb(1) MAN page
37730817 Assorted fixes for ZFS man pages
37734256 Remove stackdiag man page
PSARC 2025/017 Implement getpeereid(3c)
PSARC/2024/086 GRUB 2.12
PSARC/2024/102 Tunables to prevent sending of ICMP unreachable messages
PSARC/2024/134 Enforce synchronized system time for zone migration
PSARC/2024/136 dladm(8) subcommand to show transceiver information
PSARC/2024/139 link-editor should support CTF generation
PSARC/2024/144 Auto-Unlock after timer expiry for non-password authentication
PSARC/2024/152 Move login SLEEPTIME to pam_unix_auth
PSARC/2025/009 sulogin: allow users with root role
PSARC/2025/013 CTF version 3
PSARC/2025/015 solaris10 branded zone compressed ustar/xustar/pax installation archives
PSARC/2025/018 Obsolete KMIP failover_limit
Copyright (c) 1983, 2025, Oracle and/or its affiliates.
The ctf.5 man page is covered by the license notice at:
http://pkg.oracle.com/solaris/release/info/0/developer%2Fbase-developer-utilities-ctf5%4011.4%2C5.11-11.4.81.0.0.193.1%3A20250402T150751Z
Raw
SRU81-man-page-changes.diff
diff -NurbBw 11.4.78/man1/ctfconvert.1 11.4.81/man1/ctfconvert.1
--- 11.4.78/man1/ctfconvert.1 2025-05-11 12:25:31.702138661 -0700
+++ 11.4.81/man1/ctfconvert.1 2025-05-11 12:25:45.846071948 -0700
@@ -4,7 +4,8 @@
ctfconvert - convert debug sections to CTF
SYNOPSIS
- ctfconvert [-irsS] [-l label] [-L labelenv] [-o outfile] file
+ ctfconvert [-irsS] [-l label] [-L labelenv] [-o outfile]
+ [-V version] file
DESCRIPTION
The ctfconvert utility reads debug sections from an ELF object file,
@@ -76,6 +77,14 @@
Strip compiler generated debug sections from the resulting object.
+ -V version
+
+ Specify the version of the CTF format produced. Valid versions are
+ 2 or 3. By default, ctfconvert produces version 3 CTF data, which
+ is recommended for most purposes. -V is a specialized option, pri-
+ marily of use for testing purposes. See ctf(5).
+
+
-v
Enable verbose mode.
@@ -93,10 +102,22 @@
file
- The ELF file for which CTF data should be produced.
+ The ELF file for which CTF data should be produced. Archive li-
+ braries cannot be specified. See Notes.
NOTES
+ ctfconvert is compatible with debug sections produced by the Studio
+ compilers, and with version 2 dwarf sections from the GNU Compiler Col-
+ lection (gcc). The -g compiler option should be specified when creating
+ objects, potentially in conjunction with another optimization option
+ such as -O. In addition, the -gdwarf-2 option should be used with gcc.
+
+
+ ctfconvert cannot process archive libraries. The individual objects may
+ be processed with ctfconvert before inserting them into the archive.
+
+
Historically, the ctfconvert utility defaulted to the removal of stabs
and dwarf sections after processing them. The -g option was used to
prevent this removal. In the current implementation, the behavior has
@@ -140,7 +161,11 @@
struction of Solaris since Sun Solaris 9. They were added as system
utilities in Oracle Solaris 11.4.75.
+
+ Support for CTF version 3, and the -V option, were added in Oracle So-
+ laris 11.4.75.81.
+
SEE ALSO
- ctfdump(1), ctfmerge(1)
+ ctfdump(1), ctfmerge(1), ctf(5)
-Oracle Solaris 11.4 6 Jan 2025 ctfconvert(1)
+Oracle Solaris 11.4 24 Jan 2025 ctfconvert(1)
diff -NurbBw 11.4.78/man1/ctfmerge.1 11.4.81/man1/ctfmerge.1
--- 11.4.78/man1/ctfmerge.1 2025-05-11 12:25:31.744638387 -0700
+++ 11.4.81/man1/ctfmerge.1 2025-05-11 12:25:45.888766867 -0700
@@ -4,18 +4,19 @@
ctfmerge - merge multiple input CTF
SYNOPSIS
- ctfmerge [-airsStv] [-l label] [-L label] -o outfile file...
+ ctfmerge [-airsStv] [-l label] [-L label] [-V version]
+ -o outfile file...
- ctfmerge [-airsStv] [-l label] [-L labelenv] -o outfile
- -d uniqfile [-D uniqlabel] file...
+ ctfmerge [-airsStv] [-l label] [-L labelenv] [-V version]
+ -o outfile -d uniqfile [-D uniqlabel] file...
- ctfmerge [-airsStv] [-l label] [-L labelenv] -o outfile
- -w withfile file...
+ ctfmerge [-airsStv] [-l label] [-L labelenv] [-V version]
+ -o outfile -w withfile file...
- ctfmerge [-rS] -c srcfile destfile
+ ctfmerge [-rS] [-V version] -c srcfile destfile
DESCRIPTION
The ctfmerge utility reads CTF (Compact C Type Format) data from input
@@ -47,7 +48,7 @@
does not already have a .SUNW_ctf section, and merge the CTF data
produced into the output. Unlike using the ctfconvert command,
which adds CTF to the input object, the -a option does not modify
- the input object.
+ the input object. See ctfconvert(1)
-c srcfile destfile
@@ -129,6 +130,14 @@
ducing CTF.
+ -V version
+
+ Specify the version of the CTF format produced. Valid versions are
+ 2 or 3. By default, ctfmerge produces version 3 CTF data, which is
+ recommended for most purposes. -V is a specialized option, primar-
+ ily of use for testing purposes. See ctf(5).
+
+
-v
Enable verbose mode.
@@ -275,8 +284,12 @@
tion of Solaris since Sun Solaris 9. They were added as system utili-
ties in Oracle Solaris 11.4.75.
+
+ Support for CTF version 3, and the -V option, were added in Oracle So-
+ laris 11.4.75.81.
+
SEE ALSO
- ctfconvert(1), ctfdump(1), ld(1), and Oracle Solaris 11.4 Linkers and
- Libraries Guide
+ ctfconvert(1), ctfdump(1), ld(1), ctf(5) and Oracle Solaris 11.4 Link-
+ ers and Libraries Guide
-Oracle Solaris 11.4 6 Jan 2025 ctfmerge(1)
+Oracle Solaris 11.4 24 Jan 2025 ctfmerge(1)
diff -NurbBw 11.4.78/man1/ld.1 11.4.81/man1/ld.1
--- 11.4.78/man1/ld.1 2025-05-11 12:25:31.873162096 -0700
+++ 11.4.81/man1/ld.1 2025-05-11 12:25:45.999577417 -0700
@@ -14,8 +14,8 @@
[-z ancillary[=outfile]] [-z assert-deflib[=libname]]
[-z compress-class=[!]class1,[!]class2,...]
[-z compress-sections[=cmp-type[,cmp-opt...]]]
- [-z deferred | nodeferred] [-z defs | nodefs]
- [-z direct | nodirect] [-z discap]
+ [-z ctf[=opt1,opt2,...] [-z deferred | nodeferred]
+ [-z defs | nodefs] [-z direct | nodirect] [-z discap]
[-z discard-unused=item1,item2,...] [-z endfiltee]
[-z fatal-warnings | nofatal-warnings] [-z finiarray=function]
[-z globalaudit] [-z guidance[=item1,item2,...]] [-z help]
@@ -907,6 +907,99 @@
+ -z ctf[=opt1,opt2,...]
+
+ Add a CTF (Compact C Type Format) section, .SUNW_ctf, to the output
+ object. CTF is used by observability tools such as mdb(1) and
+ dtrace(8). The -z ctf option provides the capabilities of the ctf-
+ convert and ctfmerge utilities from within the link-edit, eliminat-
+ ing the need to apply those operations separately. In many cases,
+ -z ctf will be simpler to use. Most options provided by -z ctf cor-
+ respond directly to ctfmerge options. For more detailed informa-
+ tion, see ctfconvert(1), and ctfmerge(1).
+
+ The following options can be specified.
+
+ additive-merge=withfile
+
+ Additive merge against the file given by withfile.
+
+
+ compress
+
+ Compress the contents of the resulting CTF section using native
+ CTF format compression. This form of compression is part of the
+ CTF data format, distinct from, and unrelated to, the general
+ ELF compression provided by the -z compress-sections option.
+
+
+ convert
+
+ Perform the ctfconvert operation on any input object that does
+ not already have a .SUNW_ctf section, and merge the CTF data
+ produced into the output. The input object is not modified.
+ Successful conversion depends on the presence of compatible de-
+ bug sections. For details, see ctfconvert(1).
+
+
+ dynsym
+
+ Associate the generated .SUNW_ctf section with the dynamic
+ .dynsym symbol table rather than the default .symtab.
+
+
+ ignore-non-c
+
+ When the convert option is used, ignore-non-c causes input ob-
+ ject files built from languages other than C to be silently ig-
+ nored. While CTF can be used with any language, the information
+ it captures corresponds directly to C level language concepts,
+ making CTF particularly useful with code written in C.
+
+
+ label=label
+
+ Specifies a label to be associated with the generated CTF. La-
+ bels are of use when employing uniquification to share defini-
+ tions between parent and children objects as a space saving
+ measure.
+
+
+ label-env=labelenv
+
+ Specifies a label to be associated with the generated CTF. The
+ value of the environment variable specified by labelenv pro-
+ vides the label to be used. If the environment variable is not
+ defined, no label is set, and the behavior is as if no label
+ were specified.
+
+
+ require
+
+ Require each input file to have a .SUNW_ctf section, or when
+ the convert option is specified, that the conversion operation
+ succeeds in producing CTF.
+
+
+ uniqify-file=uniqfile
+
+ Uniquify against the file given by uniqfile.
+
+
+ uniqify-label=uniqlabel
+
+ Uniquify against the label given by uniqlabel.
+
+
+ version=ctf-version
+
+ Specify the version of the CTF format produced. Valid versions
+ are 2 or 3. Version 3 CTF, which is recommended for most pur-
+ poses, is produced by default. This is a specialized option,
+ primarily of use for testing purposes. See ctf(5).
+
+
+
-z deferred | nodeferred
Enables or disables the identification of dynamic dependencies as
@@ -2426,9 +2519,10 @@
SEE ALSO
- as(1), crle(1), elfcompress(1), gprof(1), ld.so.1(1), ldd(1), mcs(1),
- pvs(1), strip(1), exec(2), stat(2), dldump(3C), zlib(3), dlopen(3C),
- elf(3ELF), ar.h(3HEAD), a.out(5), attributes(7), sxadm(8)
+ as(1), crle(1), ctfconvert(1), ctfmerge(1), elfcompress(1), gprof(1),
+ ld.so.1(1), ldd(1), mcs(1), pvs(1), strip(1), exec(2), stat(2), dl-
+ dump(3C), zlib(3), dlopen(3C), elf(3ELF), ar.h(3HEAD), a.out(5),
+ ctf(5), attributes(7), sxadm(8)
Oracle Solaris 11.4 Linkers and Libraries Guide
@@ -2466,4 +2560,4 @@
hard links to linker output files should explicitly remove and relink
the other file names.
-Oracle Solaris 11.4 9 July 2024 ld(1)
+Oracle Solaris 11.4 24 January 2025 ld(1)
diff -NurbBw 11.4.78/man1/login.1 11.4.81/man1/login.1
--- 11.4.78/man1/login.1 2025-05-11 12:25:31.913601177 -0700
+++ 11.4.81/man1/login.1 2025-05-11 12:25:46.039553584 -0700
@@ -513,11 +513,14 @@
failure other than PAM_ABORT. Another login attempt is allowed,
providing RETRIES has not been reached or the PAM framework is
returned PAM_MAXTRIES. Default is 4 seconds. Minimum is 0 sec-
- onds. Maximum is 5 seconds.
+ onds. Maximum is 30 seconds.
Both su(8) and sulogin(8) are also affected by the value of
SLEEPTIME.
+ In prior releases the sleep was implemented in login, it is now
+ implemented in pam_unix_auth(7).
+
RETRIES
@@ -610,6 +613,10 @@
tails.
HISTORY
+ The enforcement of SLEEPTIME was moved to pam_unix_auth(7) in Oracle
+ Solaris 11.4.81.
+
+
The quota(8) command was removed from the default login process in Ora-
cle Solaris 11.4.45. Prior to that, it was run from the default
/etc/profile and /etc/.login files unless the $HOME/.hushlogin file was
@@ -687,4 +694,4 @@
present in all Sun and Oracle releases of Solaris. Solaris 1.x releases
also supported a -p option that was not carried forward to Solaris 2.0.
-Oracle Solaris 11.4 29 Nov 2022 login(1)
+Oracle Solaris 11.4 15 Jan 2025 login(1)
diff -NurbBw 11.4.78/man1/mdb.1 11.4.81/man1/mdb.1
--- 11.4.78/man1/mdb.1 2025-05-11 12:25:32.039953056 -0700
+++ 11.4.81/man1/mdb.1 2025-05-11 12:25:46.161015935 -0700
@@ -153,24 +153,28 @@
Commands
A command is one of the following:
- pipeline [! word ...] [ ; ]
+ pipeline [! [>[>]] word ...] [ ; ]
A simple-command or pipeline can be optionally suffixed with the !
- character, indicating that the debugger should open a pipe(2) and
- send the standard output of the last dcmd in the mdb pipeline to an
- external process created by executing $SHELL -c followed by the
- string formed by concatenating the words after the ! character. For
- more details, refer to Shell Escapes below.
+ character, indicating that the debugger should redirect the output
+ to the operating system. If ! is followed by > or >> the rest of
+ the line is used as a file name, opened, and the output appended to
+ that file. If there is just one > the file is truncated before be-
+ ing written to. Otherwise open a pipe(2) and send the standard out-
+ put of the last dcmd in the mdb pipeline to an external process
+ created by executing $SHELL -c followed by the string formed by
+ concatenating the words after the ! character. For more details,
+ refer to Shell Escapes below.
- expression pipeline [! word ...] [ ; ]
+ expression pipeline [! [>[>]] word ...] [ ; ]
A simple-command or pipeline can be prefixed with an expression.
Before execution of the pipeline, the value of dot (the variable
denoted by '.') is set to the value of the expression.
- expression , expression pipeline [! word ...] [ ; ]
+ expression , expression pipeline [! [>[>]] word ...] [ ; ]
A simple-command or pipeline can be prefixed with two expressions.
The first is evaluated to determine the new value of dot, and the
@@ -180,14 +184,14 @@
the first dcmd in the pipeline.
- , expression pipeline [! word ...] [ ; ]
+ , expression pipeline [! [>[>]] word ...] [ ; ]
If the initial expression is omitted, dot is not modified but the
first dcmd in the pipeline is repeated according to the value of
the expression.
- expression [! word ...] [ ; ]
+ expression [! [>[>]] word ...] [ ; ]
A command can consist only of an arithmetic expression. The expres-
sion is evaluated and the dot variable is set to its value, and
@@ -195,7 +199,7 @@
value of dot.
- expression, expression [! word ...] [ ; ]
+ expression, expression [! [>[>]] word ...] [ ; ]
A command can consist only of a dot expression and repeat count ex-
pression. After dot is set to the value of the first expression,
@@ -203,7 +207,7 @@
of times specified by the value of the second expression.
- , expression [! word ...] [ ; ]
+ , expression [! [>[>]] word ...] [ ; ]
If the initial expression is omitted, dot is not modified but the
previous dcmd and arguments are repeatedly executed the number of
@@ -2184,9 +2188,9 @@
Display the list of software event specifiers. Each event specifier
is assigned a unique ID number that can be used to delete or modify
it at a later time. The debugger can also have its own internal
- events enabled for tracing. These events are only be displayed if
- the -a option is present. If the -v option is present, a more ver-
- bose display, including the reason for any specifier inactivity,
+ events enabled for tracing. These events are only to be displayed
+ if the -a option is present. If the -v option is present, a more
+ verbose display, including the reason for any specifier inactivity,
are shown. Here is some sample output:
@@ -2688,7 +2692,7 @@
& The values ANDed together are non zero.
- % The left value modulus the right is non zero.
+ % The left value modulo the right is non zero.
^ The values XORed together are non zero.
@@ -3378,8 +3382,8 @@
The option -i tells ::printf to treat the subsequent arguments as
immediate values. The +i option stops ::printf from treating argu-
ments as immediate values. There can be multiple -i and +i argu-
- ments allowing immediate and non-immediate arguments to mixed in a
- single line
+ ments allowing immediate and non-immediate arguments to be mixed in
+ a single line
address ::poke[ -AnFfS ][ type ][ member ][ operator ][ -AnFfS ][ -v
@@ -3402,15 +3406,15 @@
OPERATORS
- % Take the module of the contents of address by value
+ % Take the modulo of the contents of address by value
C equivalent: *address %= value
- & And the contents of address with value
+ & AND the contents of address with value
C equivalent: *address &= value
- * Multiply of the contents of address by value
+ * Multiply the contents of address by value
C equivalent: *address *= value
@@ -3443,7 +3447,7 @@
C equivalent: *address ^= 1 << value
- MASK And the contents of address with the ones compliment of
+ MASK AND the contents of address with the ones' complement of
value
C equivalent: *address &= ~value
@@ -3647,9 +3651,9 @@
the -p option displays the version information only for the load
objects that have been installed on the system as part of a patch.
Version information is not available for all load objects. Load ob-
- jects without version information is omitted from the output for
- the -p option and is listed as having a version of "Unknown" in the
- output for the -v option.
+ jects without version information are omitted from the output for
+ the -p option and are listed as having a version of "Unknown" in
+ the output for the -v option.
[signal] ::sigbp [+/-BCdDehstT] [-b function] [-c cmd] [-n count] SIG
@@ -3817,12 +3821,12 @@
address, a backtrace beginning at this virtual memory address is
displayed. Otherwise the stack of the representative thread is dis-
played. If an optional count value is given as an argument and the
- debugger can not determine how many arguments a function has the no
- more than count arguments are displayed for each stack frame in the
- output.
+ debugger can not determine how many arguments a function has then
+ no more than count arguments are displayed for each stack frame in
+ the output.
- -A Do not print an annotations
+ -A Do not print annotations
-r Print registers when available
@@ -3830,7 +3834,7 @@
-v Verbose, print the frame pointer
- -x Always print arguments as in hex
+ -x Always print arguments in hex
If mdb can not confirm the validity of a function argument it will
append ? to the value. When structures or unions are passed as ar-
@@ -3930,7 +3934,7 @@
When converting to and from the real-time clock no account is taken
of any adjustments that are made in the real clock by external fac-
- tors, like ntp.
+ tors, like NTP.
@@ -4174,7 +4178,7 @@
-t option is present, the user-defined tag associated with each
variable is set. If the +t option is present, the tag is cleared.
If the -C option is present any variables that are created will be
- context variables, this is the default unless the typeset_global
+ context variables. This is the default unless the typeset_global
option is set with ::set. If the +C is set any variables created
will be global. This is the default if typeset_global is not set.
If no variable names are specified, the list of variables and their
@@ -4867,7 +4871,7 @@
savehist
- When set save the current command line history to the history
+ When set, save the current command line history to the history
file when mdb exits.
@@ -5383,4 +5387,4 @@
provides source code for an example module in the directory
/usr/demo/mdb.
-Oracle Solaris 11.4 10 December 2024 mdb(1)
+Oracle Solaris 11.4 7 March 2025 mdb(1)
diff -NurbBw 11.4.78/man1/ptree.1 11.4.81/man1/ptree.1
--- 11.4.78/man1/ptree.1 2025-05-11 12:25:32.074993062 -0700
+++ 11.4.81/man1/ptree.1 2025-05-11 12:25:46.189780723 -0700
@@ -16,7 +16,8 @@
OPTIONS
The following options are supported:
- -a All. Print all processes, including system processes.
+ -a All. Print all processes, including system processes and
+ init (PID 1).
-c Contracts. Print process contract memberships in addition to
@@ -151,4 +152,4 @@
The ptree command, including support for the -a option, was introduced
in Solaris 2.5.
-Oracle Solaris 11.4 13 Sep 2024 ptree(1)
+Oracle Solaris 11.4 19 Feb 2025 ptree(1)
diff -NurbBw 11.4.78/man1/stackdiag.1 11.4.81/man1/stackdiag.1
--- 11.4.78/man1/stackdiag.1 2025-05-11 12:25:32.104023090 -0700
+++ 11.4.81/man1/stackdiag.1 1969-12-31 16:00:00.000000000 -0800
@@ -1,148 +0,0 @@
-stackdiag(1) User Commands stackdiag(1)
-
-NAME
- stackdiag - libstackdiag CLI for manual bug queries
-
-SYNOPSIS
- /usr/bin/stackdiag [-l] [-n max-results] [-d stackDB-path]
- [-s] stack-resource
-
-DESCRIPTION
- stackdiag queries the stackDB database of known bugs by using libstack-
- diag and displays potential bugs (Oracle CRs). It takes a standardized
- string representation of a thread stack as input from a file, standard
- input, or as an operand.
-
-
- The operand stack-resource tells stackdiag where to get the stack
- string from. If given a file path, the file is opened and its contents
- are assumed to be a stack string. If given "-", stackdiag reads the
- stack string from standard input until the EOF. If -s option is passed,
- stackdiag treats the operand itself as the stack string.
-
-
- The stack string format is a sequence of frames, separated by a pipe
- character, where each frame looks like:
-
- [module:]function[+offset][(arguments)]
-
-
-
- This is a representation of a thread stack frame with module, function
- name, instruction offset, and function arguments as components. The
- module, offset, and argument parts are optional.
-
-
- The argument part is a list of comma-separated hexadecimal integers
- representing pointers or integers passed, enclosed in a pair of paren-
- thesis. Offset should be a hexadecimal number, with an optional 0x pre-
- fix. Whitespace is ignored everywhere. The last pipe in the stack
- string is optional.
-
-OPTIONS
- The following options are supported:
-
- -n max-results
-
- The number following the -n option specifies the maximum number of
- potential bugs to output. The default is 5.
-
-
- -d stackDB-path
-
- The operand following the -d option specifies the location of the
- stackDB database file which stackdiag should use as the database to
- query. The default is /var/db/stackDB/stackDB.
-
-
- -s
-
- If passed, the operand stack-resource is assumed to be the stack
- string. Useful for manually entering stacks on the command line.
-
-
- -l
-
- Displays all results. Results are organized in groups if they are
- similar enough. By default, stackdiag only prints one result in
- each group.
-
-
-OPERANDS
- The following operand is supported:
-
- stack-resource
-
- Path to the file containing the stack string. If "-", then standard
- input is used. If -s option is passed, then the operand is taken as
- the stack string.
-
-
-EXIT STATUS
- 0 Successful execution.
-
-
- >0 An error occurred.
-
-
-FILES
- /var/db/stackDB/stackDB
-
- Default database mapping stacks to known bugs in the Oracle Solaris
- bug database. New versions of the data are provided by updating the
- pkg:/system/diagnostic/stackdb package. These updates may be auto-
- mated via the svc:/system/auto-update:stackdb service.
-
-
-EXAMPLES
- Example 1 Querying for bugs by stack string
-
-
-
- This command queries for bugs with the stack string containing the sym-
- bols "kadmin" and "uadmin", and reports a maximum of 3 bugs:
-
-
- $ stackdiag -n 3 -s "kadmin | uadmin"
-
-
- Example 2 Using a Different Stack Database, and the Stack in a File
-
-
-
- This command queries for bugs using a different stack database, and
- with the stack specified in a file:
-
-
- $ stackdiag -d ./mystackDB ./panicstack.txt
-
-
-ATTRIBUTES
- See attributes(7) for descriptions of the following attributes:
-
- +---------------------+-----------------------------------------+
- | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
- +---------------------+-----------------------------------------+
- | Availability | system/fault-management/fault-manage- |
- | | ment-utilities |
- +---------------------+-----------------------------------------+
- | CSI | Enabled |
- +---------------------+-----------------------------------------+
- | Interface Stability | Uncommitted |
- +---------------------+-----------------------------------------+
- | Standard | None |
- +---------------------+-----------------------------------------+
-
-
-SEE ALSO
- asr-notify(8), fmadm(8), smtp-notify(8), snmp-notify(8)
-
-HISTORY
- The svc:/system/auto-update:stackdb service was introduced in Oracle
- Solaris 11.4.36.
-
-
- The stackdiag command, with support for the -d, -l, -n, and -s options,
- was introduced in Oracle Solaris 11.4.0.
-
-Oracle Solaris 11.4 29 Nov 2022 stackdiag(1)
diff -NurbBw 11.4.78/man3c/getpeerucred.3c 11.4.81/man3c/getpeerucred.3c
--- 11.4.78/man3c/getpeerucred.3c 2025-05-11 12:25:32.134307434 -0700
+++ 11.4.81/man3c/getpeerucred.3c 2025-05-11 12:25:46.218639458 -0700
@@ -1,21 +1,28 @@
getpeerucred(3C) Standard C Library Functions getpeerucred(3C)
NAME
- getpeerucred - get connected socket or stream peer's credentials
+ getpeerucred, getpeereid - get connected socket or stream peer's cre-
+ dentials
SYNOPSIS
#include <ucred.h>
int getpeerucred(int fd, ucred_t **ucred);
+
+ #include <sys/types.h>
+ #include <sys/socket.h>
+
+ int getpeereid(int fd, uid_t *euidp, gid_t *egidp);
+
DESCRIPTION
- The getpeerucred() function returns the credentials of the peer end-
- point of a connection-oriented socket (SOCK_STREAM) or stream fd at the
- time the endpoint was created or the connection was established. A
- process that initiates a connection retrieves the credentials of its
- peer at the time the peer's endpoint was created. A process that lis-
- tens for connections retrieves the credentials of the peer at the time
- the peer initiated the connection.
+ The getpeerucred() and getpeereid() functions return the credentials of
+ the peer endpoint of a connection-oriented socket (SOCK_STREAM) or
+ stream fd at the time the endpoint was created or the connection was
+ established. A process that initiates a connection retrieves the cre-
+ dentials of its peer at the time the peer's endpoint was created. A
+ process that listens for connections retrieves the credentials of the
+ peer at the time the peer initiated the connection.
When successful, getpeerucred() stores the pointer to a freshly allo-
@@ -31,9 +38,14 @@
It is possible that all fields of the ucred_t are not available to all
peer endpoints and all callers.
+
+ When successful, getpeereid() stores the effective uid in the memory
+ location pointed to by euidp and the effective gid in the memory loca-
+ tion pointed to by egidp.
+
RETURN VALUES
- Upon successful completion, getpeerucred() returns 0. Otherwise, it re-
- turns -1 and errno is set to indicate the error.
+ Upon successful completion, getpeerucred() and getpeereid() return 0.
+ Otherwise, they return -1 and errno is set to indicate the error.
ERRORS
The getpeerucred() function will fail if:
@@ -87,4 +99,11 @@
using I_SENDFD as a result of the open of a named pipe with the
"connld" module pushed.
-Oracle Solaris 11.4 26 May 2004 getpeerucred(3C)
+HISTORY
+ The getpeerucred() function was added to Solaris in Solaris 10.
+
+
+ The getpeereid() function was added to Oracle Solaris in Solaris
+ 11.4.81.
+
+Oracle Solaris 11.4 10 Feb 2025 getpeerucred(3C)
diff -NurbBw 11.4.78/man3kstat2/kstat2_lookup_map.3kstat2 11.4.81/man3kstat2/kstat2_lookup_map.3kstat2
--- 11.4.78/man3kstat2/kstat2_lookup_map.3kstat2 2025-05-11 12:25:32.162994420 -0700
+++ 11.4.81/man3kstat2/kstat2_lookup_map.3kstat2 2025-05-11 12:25:46.247536196 -0700
@@ -13,7 +13,7 @@
DESCRIPTION
The kstat2_lookup_map() function obtains a reference to a kstat2 map
- given the URI of the map.
+ given the uri of the map.
RETURN VALUES
Upon successful completion, the kstat2_lookup_map() function will set
@@ -83,4 +83,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 03 Nov 2016 ks...p(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...p(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2_map_set_tree_cb.3kstat2 11.4.81/man3kstat2/kstat2_map_set_tree_cb.3kstat2
--- 11.4.78/man3kstat2/kstat2_map_set_tree_cb.3kstat2 2025-05-11 12:25:32.192728132 -0700
+++ 11.4.81/man3kstat2/kstat2_map_set_tree_cb.3kstat2 2025-05-11 12:25:46.302954090 -0700
@@ -83,7 +82,7 @@
kstat2_map_set_destroy_cb() establishes a callback that will be called
- immediately prior to the deletion of a kstat map. The callback must
+ immediately prior to the deletion of a kstat map. The callback musti
conform to the following typedef:
typedef void (*kstat2_map_cb_t)(kstat2_map_t map, void *user_data);
@@ -183,4 +182,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 06 Dec 2015 ks...b(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...b(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2_map_set_userdata.3kstat2 11.4.81/man3kstat2/kstat2_map_set_userdata.3kstat2
--- 11.4.78/man3kstat2/kstat2_map_set_userdata.3kstat2 2025-05-11 12:25:32.220677013 -0700
+++ 11.4.81/man3kstat2/kstat2_map_set_userdata.3kstat2 2025-05-11 12:25:46.341828233 -0700
@@ -9,12 +9,10 @@
#include <kstat2.h>
- kstat2_status_t kstat2_map_set_userdata(kstat2_map_t map,
- void *data);
+ kstat2_status_t kstat2_map_set_userdata(kstat2_map_t map, void *data);
- kstat2_status_t kstat2_map_get_userdata(kstat2_map_t map,
- void **data)
+ kstat2_status_t kstat2_map_get_userdata(kstat2_map_t map, void **data)
DESCRIPTION
The kstat2_map_set_userdata() function allows arbitrary user data to be
@@ -100,4 +98,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 06 Dec 2015 ks...a(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...a(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2_mapiter_start.3kstat2 11.4.81/man3kstat2/kstat2_mapiter_start.3kstat2
--- 11.4.78/man3kstat2/kstat2_mapiter_start.3kstat2 2025-05-11 12:25:32.251647269 -0700
+++ 11.4.81/man3kstat2/kstat2_mapiter_start.3kstat2 2025-05-11 12:25:46.371771114 -0700
@@ -11,7 +11,7 @@
kstat2_status_t kstat2_mapiter_start(kstat2_map_t map,
- kstat2_nv_type_t type, kstat2_mapiter_t *iter);
+ kstat2_nv_kind_t kind, kstat2_mapiter_t *iter);
kstat2_status_t kstat2_mapiter_hasnext(kstat2_mapiter_t iter,
@@ -29,7 +29,7 @@
DESCRIPTION
The kstat2_mapiter_start() function creates a new iterator that can be
- used to traverse the specified map. The type parameter specifies the
+ used to traverse the specified map. The kind parameter specifies the
type of map keys to be visited and is an ORed combination of
KSTAT2_NVK_SYS for kernel kstat values, KSTAT2_NVK_USR for user-added
values, KSTAT2_NVK_MAP for sub-maps, or KSTAT2_NVK_ALL to visit all
@@ -39,7 +39,7 @@
der.
- kstat2_mapiter_hasnext() sets has_next to true, if the map has unvis-
+ kstat2_mapiter_hasnext() sets has_next to B_TRUE, if the map has unvis-
ited values and to false if all values have been visited.
@@ -159,4 +159,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 27 Nov 2017 ks...t(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...t(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2_mapref_alloc.3kstat2 11.4.81/man3kstat2/kstat2_mapref_alloc.3kstat2
--- 11.4.78/man3kstat2/kstat2_mapref_alloc.3kstat2 2025-05-11 12:25:32.289867353 -0700
+++ 11.4.81/man3kstat2/kstat2_mapref_alloc.3kstat2 2025-05-11 12:25:46.403551995 -0700
@@ -32,20 +32,20 @@
retained reference.
- The kstat2_mapref_alloc() function obtains a new reference to a kstat
- map.
+ The kstat2_mapref_alloc() function obtains a new reference ref to a
+ kstat map.
- The kstat2_mapref_deref() function dereferences the reference. If the
- reference is still valid, KSTAT2_S_OK will be returned and map will be
- set to the kstat map. If the underlying kstat has been deleted and the
- reference is now invalid, an error of KSTAT2_S_DEL_MAP will be returned
- and map will be set to NULL.
+ The kstat2_mapref_deref() function dereferences the reference ref. If
+ the reference is still valid, KSTAT2_S_OK will be returned and map will
+ be set to the kstat map. If the underlying kstat has been deleted and
+ the reference is now invalid, an error of KSTAT2_S_DEL_MAP will be re-
+ turned and map will be set to NULL.
- The kstat2_mapref_free() function frees a reference to a map and must
- be called when the application has finished with the reference, irre-
- spective of the status of the underlying map.
+ The kstat2_mapref_free() function frees a reference ref to a map and
+ must be called when the application has finished with the reference,
+ irrespective of the status of the underlying map.
RETURN VALUES
On successful completion the kstat2_mapref_alloc(),
@@ -131,4 +131,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 27 Nov 2017 ks...c(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...c(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2_open.3kstat2 11.4.81/man3kstat2/kstat2_open.3kstat2
--- 11.4.78/man3kstat2/kstat2_open.3kstat2 2025-05-11 12:25:32.332966806 -0700
+++ 11.4.81/man3kstat2/kstat2_open.3kstat2 2025-05-11 12:25:46.435154288 -0700
@@ -18,8 +18,10 @@
kstat2_matcher_list_t *matchers);
- kstat2_status_t kstat2_add_matcher(kstat2_match_type_t type,
- const char *match, kstat2_matcher_list_t matchers);
+ kstat2_status_t kstat2_add_matcher(
+ kstat2_match_type_t type,
+ const char *matcher,
+ kstat2_matcher_list_t matchers);
kstat2_status_t kstat2_open(kstat2_handle_t *handle,
@@ -33,16 +35,18 @@
DESCRIPTION
The kstat2_alloc_matcher_list() function allocates a new matcher list
- to allow matchers to be provided to the kstat2_open() function.
+ matchers to allow matchers to be provided to the kstat2_open() func-
+ tion.
The kstat2_free_matcher_list() function frees the resources associated
- with the matcher list.
+ with the matcher list matchers.
The kstat2_add_matcher() function adds matchers to the provided matcher
- list. Each call appends the new matcher to the provided matcher list.
- Matches are on kstat URI, with the following match types supported:
+ list. Each call appends the new matcher to the provided matcher list
+ matchers. Matches are on kstat URI, with the following match types sup-
+ ported:
KSTAT2_M_STRING Performs a direct strcmp with the kstat URI. For
@@ -63,9 +67,8 @@
provides access to a specific view of the kernel statistics. Only
kstats that match one or more of the provided matchers will be avail-
able. If a NULL or empty matcher list is provided, all of the system's
- kstats will be available, which is equivalent to calling the
- kstat2_open() function. Restricting the number of kstats available will
- improve performance and reduce the memory footprint.
+ kstats will be available. Restricting the number of kstats available
+ will improve performance and reduce the memory footprint.
The kstat2_close() function frees all resources that are associated
@@ -144,7 +147,8 @@
The kstat2_add_matcher() function will fail if:
- KSTAT2_S_INVAL_ARG The type, match or matchers parameter was invalid
+ KSTAT2_S_INVAL_ARG The type, matcher or matchers parameter was in-
+ valid
KSTAT2_S_NO_MEM No memory could be allocated
@@ -246,4 +250,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 10 Aug 2017 ks...n(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...n(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2_optional_set_state.3kstat2 11.4.81/man3kstat2/kstat2_optional_set_state.3kstat2
--- 11.4.78/man3kstat2/kstat2_optional_set_state.3kstat2 2025-05-11 12:25:32.369728870 -0700
+++ 11.4.81/man3kstat2/kstat2_optional_set_state.3kstat2 2025-05-11 12:25:46.462634120 -0700
@@ -32,9 +32,9 @@
The kstat2_optional_list_free() function releases the memory associated
- with a list of optional kstats obtained in a call to the kstat2_op-
- tional_list() function. opt_array will contain NULL on return from this
- function.
+ with a list of optional kstats opt_array obtained in a call to the
+ kstat2_optional_list() function. opt_array will contain NULL on return
+ from this function.
RETURN VALUES
Upon successful completion, the kstat2_optional_set_state(), kstat2_op-
@@ -114,4 +114,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 23 Jan 2023 ks...e(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 ks...e(3KSTAT2)
diff -NurbBw 11.4.78/man3kstat2/kstat2.3kstat2 11.4.81/man3kstat2/kstat2.3kstat2
--- 11.4.78/man3kstat2/kstat2.3kstat2 2025-05-11 12:25:32.460693522 -0700
+++ 11.4.81/man3kstat2/kstat2.3kstat2 2025-05-11 12:25:46.545637431 -0700
@@ -184,8 +184,7 @@
kstat2_map_t map;
- stat = kstat2_lookup_map(handle,
- "kstat:/system/cpu/2/sys", &map);
+ stat = kstat2_lookup_map(handle, "kstat:/system/cpu/2/sys", &map);
if (stat != KSTAT2_S_OK) {
(void) printf("can't lookup kstat: %s\n",
kstat2_status_string(stat));
@@ -210,8 +209,7 @@
case KSTAT2_NVVT_INTS:
(void) printf("%s = ", val->name);
for (uint32_t i = 0, ip = val->kstat2_integers.array;
- i < val->kstat2_integers.length;
- i++, ip++) {
+ i < val->kstat2_integers.length; i++, ip++) {
if (i > 0) {
(void) printf(",");
}
@@ -225,8 +223,7 @@
case KSTAT2_NVVT_STRS:
(void) printf("%s = ", val->name);
for (uint32_t i = 0, sp = val->kstat2_strings.array;
- i < val->kstat2_strings.length;
- i++, sp++) {
+ i < val->kstat2_strings.length; i++, sp++) {
if (i > 0) {
(void) printf(",");
}
@@ -459,14 +455,14 @@
kstat2_map_t map;
stat = kstat2_lookup_map(handle, "kstat:/", &map);
if (stat != KSTAT2_S_OK) {
- (void) printf("can't retrieve map: %s\n"),
+ (void) printf("can't retrieve map: %s\n",
kstat2_status_string(stat));
exit(1);
}
kstat2_mapiter_t iter;
- stat = kstat2_mapiter_start(map, &iter);
+ stat = kstat2_mapiter_start(map, KSTAT2_NVK_ALL, &iter);
if (stat != KSTAT2_S_OK) {
- (void) printf("can't create iterator: %s\n"),
+ (void) printf("can't create iterator: %s\n",
kstat2_status_string(stat));
exit(1);
}
@@ -512,8 +508,7 @@
boolean_t has_next;
int matched = 0;
- while (kstat2_mapiter_hasnext(iter, &has_next) == KSTAT2_S_OK
- && has_next) {
+ while (kstat2_mapiter_hasnext(iter, &has_next) == KSTAT2_S_OK && has_next) {
kstat2_nv_t val;
(void) kstat2_mapiter_next(iter, &val);
if (need_to_delete(val)) {
@@ -533,13 +528,9 @@
Note -
-
-
-
- A call to kstat2_update() will invalidate any open iterators. So, all
- iterators must be closed with kstat2_mapiter_end() before calling the
- kstat2_update() function.
-
+ A call to kstat2_update() will invalidate any open iterators. So,
+ all iterators must be closed with kstat2_mapiter_end() before calling
+ the kstat2_update() function.
Obtaining all the Values in a Map
@@ -687,7 +673,7 @@
kstat2_map_t map = NULL;
(void) kstat2_lookup_map(handle, "kstat:/system/cpu/0/sys", &map);
kstat2_nv_t syscall = NULL;
- (void) kstat2_map_get(map, "syscall", &syscall));
+ (void) kstat2_map_get(map, "syscall", &syscall);
/* Allocate a reference to the map */
kstat2_mapref_t ref = NULL;
@@ -1260,4 +1245,4 @@
threads intend to share a kstat2_handle_t or any object obtained
through it. Synchronization is left to the application.
-Oracle Solaris 11.4 17 Nov 2024 kstat2(3KSTAT2)
+Oracle Solaris 11.4 21 Apr 2025 kstat2(3KSTAT2)
diff -NurbBw 11.4.78/man4fs/zfs.4fs 11.4.81/man4fs/zfs.4fs
--- 11.4.78/man4fs/zfs.4fs 2025-05-11 12:25:32.497969177 -0700
+++ 11.4.81/man4fs/zfs.4fs 2025-05-11 12:25:46.581461079 -0700
@@ -7,8 +7,8 @@
#include <libzfs.h>
DESCRIPTION
- ZFS is the default root file system in the Oracle Solaris release. ZFS
- is a disk based file system with the following features:
+ ZFS is the default root file system in the Oracle Solaris 11 release.
+ ZFS is a disk based file system with the following features:
o Uses a pooled storage model where whole disks can be added
to the pool so that all file systems use storage space from
@@ -41,7 +41,8 @@
o ZFS is a 128-bit file system, which means support for 64-bit
- file offsets, unlimited links, directory entries, and so on.
+ file offsets and timestamps, unlimited links and directory
+ entries, and so on.
o ZFS provides snapshots, a read-only point-in-time copy of a
@@ -49,6 +50,10 @@
snapshot.
+ o ZFS datasets can be encrypted at the filesystem level, as
+ described in zfs_encrypt(8).
+
+
A ZFS storage pool and ZFS file system are created in two steps:
@@ -59,8 +64,8 @@
A ZFS file system is mounted automatically when created and when the
system is rebooted by an SMF service. No need exists to edit the
- /etc/vfstab file manually. If you need to mount a ZFS file manually,
- use syntax similar to the following:
+ /etc/vfstab file manually. If you need to mount a ZFS file system manu-
+ ally, use syntax similar to the following:
# zfs mount tank/fs1
@@ -82,40 +87,44 @@
SEE ALSO
- du(1), attributes(7), fsattr(7), sysattr(7), df(8), zfs(8), zpool(8)
+ du(1), attributes(7), datasets(7), fsattr(7), sysattr(7), df(8),
+ zfs(8), zfs_allow(8), zfs_encrypt(8), zfs_share(8), zpool(8),
+ zstreamdump(8)
Managing ZFS File Systems in Oracle Solaris 11.4
NOTES
- 1. ZFS does not have an fsck-like repair feature because the
- data is always consistent on disk. ZFS provides a pool
- scrubbing operation that can find and repair bad data. In
- addition, because hardware can fail, ZFS pool recovery fea-
- tures are also available.
-
-
- 2. Use the zpool list and zfs list commands to identify ZFS
- space consumption. A limitation of using the du(1) command
- to determine ZFS file system sizes is that it also reports
- ZFS metadata space consumption. The df(8) command does not
- account for space that is consumed by ZFS snapshots, clones,
- or quotas.
-
-
- 3. A ZFS storage pool that is not used for booting should be
- created by using whole disks. When a ZFS storage pool is
- created by using whole disks, an EFI label is applied to the
- pool's disks. Due to a long-standing boot limitation, a ZFS
- root pool must be created with disks that contain a valid
- SMI (VTOC) label and a disk slice, usually slice 0.
+ ZFS does not have an fsck-like repair feature because the data is al-
+ ways consistent on disk. ZFS provides a pool scrubbing operation that
+ can find and repair bad data. In addition, because hardware can fail,
+ ZFS pool recovery features are also available.
+
+
+ Use the zpool list and zfs list commands to identify ZFS space consump-
+ tion. A limitation of using the du(1) command to determine ZFS file
+ system sizes is that it also reports ZFS metadata space consumption.
+ The df(8) command does not account for space that is consumed by ZFS
+ snapshots, clones, or quotas.
+
+
+ A ZFS storage pool that is not used for booting should be created by
+ using whole disks. When a ZFS storage pool is created by using whole
+ disks, an EFI label is applied to the pool's disks. Due to a long-
+ standing boot limitation, a ZFS root pool must be created with disks
+ that contain a valid SMI (VTOC) label and a disk slice, usually slice
+ 0.
+
+HISTORY
+ ZFS was introduced in the Solaris 10 6/06 (Update 2) release.
+ Support for booting Solaris off of a ZFS filesystem was added in So-
+ laris 10 8/08 (Update 6).
-HISTORY
- ZFS was introduced in the Solaris 10 6/06 (Update 2) release. History
- for the different versions of the ZFS pool and ZFS file system formats
- is provided in Appendix A of the Managing ZFS File Systems in Oracle
- Solaris 11.4 guide.
-Oracle Solaris 11.4 14 Jun 2024 zfs(4FS)
+ For a history of ZFS pool and file system versions, see Appendix A, Or-
+ acle Solaris ZFS Version Descriptions in Managing ZFS File Systems in
+ Oracle Solaris 11.4.
+
+Oracle Solaris 11.4 17 Mar 2025 zfs(4FS)
diff -NurbBw 11.4.78/man5/ctf.5 11.4.81/man5/ctf.5
--- 11.4.78/man5/ctf.5 1969-12-31 16:00:00.000000000 -0800
+++ 11.4.81/man5/ctf.5 2025-05-11 12:25:46.629025094 -0700
@@ -0,0 +1,1037 @@
+ctf(5) File Formats ctf(5)
+
+NAME
+ ctf - Compact C Type Format
+
+SYNOPSIS
+ #include <ctf.h>
+
+DESCRIPTION
+ CTF (Compact C Type Format) is designed to be a compact representation
+ of the C programming language's type information, focused on serving
+ the needs of dynamic tracing, debuggers, and other in-situ and post-
+ mortem introspection tools. CTF data is generally included in ELF ob-
+ jects, in a section named .SUNW_ctf, of type SHT_SUNW_CTF, to ensure
+ that the data is accessible in a running process and in subsequent core
+ dumps, if generated.
+
+
+ The CTF data contained in each file has information about the layout
+ and sizes of C types, including intrinsic types, enumerations, struc-
+ tures, typedefs, and unions, that are used by the corresponding ELF ob-
+ ject. The CTF data may also include information about the types of
+ global objects and the return type and arguments of functions in the
+ symbol table.
+
+
+ Because CTF is often embedded inside object files, rather than in a
+ standalone file, it can also be referred to as a container.
+
+
+ On Oracle Solaris systems, CTF data is consumed by DTrace and mdb. See
+ dtrace(8), and mdb(1). Programmatic access to CTF data is obtained
+ through the shared object libctf.
+
+
+ The CTF file format consists of a header, followed by sections provid-
+ ing information for labels, objects (data), functions, types, and
+ strings. The header starts with a preamble field that describes the
+ version, followed by links to other files, and the offsets within the
+ file at which the following sections can be accessed. The first section
+ that follows the header is the label section, which provides a way of
+ identifying similar groups of CTF data across multiple files. This is
+ followed by the object information section, which describes the types
+ of global symbols. The subsequent section is the function information
+ section, which describes the return types and arguments of functions.
+ The next section is the type information section, which describes the
+ format and layout of the C types used in the object, and finally the
+ last section is the string section, which contains the names of types,
+ enumerations, members, and labels.
+
+
+ To be well formed, a CTF file need only contain the header, but to be
+ minimally useful, the type and string sections must also be present.
+
+
+ A CTF file may contain the full set of type information required by the
+ associated object, or it may optionally provide a subset, and reference
+ another CTF file which provides the remaining types. When a CTF file
+ refers to another file, it is called the child, and the file it refers
+ to is called the parent. A given file may only refer to a single par-
+ ent. This process is called uniquification because it ensures each
+ child only has type information that is unique to it. A common example
+ of this is that most Solaris kernel modules are uniquified against the
+ genunix kernel module. This provides organizational and space saving
+ benefits, as the CTF for each such module only describes the types that
+ are unique to it, and the common types shared from the kernel are not
+ duplicated.
+
+FILE FORMAT
+ This document describes versions 2 and 3 of the CTF file format. The
+ versions are very similar, offering the same features, and differing
+ primarily in that version 3 is able to support a greatly expanded num-
+ ber of identifiers, and to describe larger types. All cases in which
+ the two versions differ are explicitly noted. When no CTF version is
+ specified, the description applies equally to both versions. The ctf-
+ convert(1), ctfmerge(1), and ld(1) utilities are capable of producing
+ either version 2 or 3. Unless explicitly requested, CTF version 3 is
+ produced by default. The libctf library provides access to CTF data in
+ a version independent manner. Applications that obtain CTF through the
+ use of libctf are therefore able to read all versions of CTF.
+
+
+ Every CTF file begins with a header that describes the remainder of the
+ file. The first field in the header is the preamble, which is defined
+ as follows.
+
+ typedef struct ctf_preamble {
+ uint16_t ctp_magic; /* magic number (CTF_MAGIC) */
+ uint8_t ctp_version; /* format version (CTF_VERSION) */
+ uint8_t ctp_flags; /* flags (see below) */
+ } ctf_preamble_t;
+
+
+
+ This preamble, which is four bytes long and must be four byte aligned,
+ identifies a CTF file, and provides the format version employed. All
+ versions of CTF are guaranteed to retain this definition of the pream-
+ ble, and to place it at the top of the file, ensuring that all CTF
+ reading applications can always identify all versions of CTF. The
+ ctp_version and ctp_flags fields are single byte values, and can be
+ read directly by both big and little endian machines without concern
+ for byte order. The fields in a preamble are as follows:
+
+ ctp_magic
+
+ A magic number that serves to identify the file as a CTF container.
+ Valid magic numbers are:
+
+
+ #define CTF_MAGIC 0xcff1 /* identifying magic number */
+ #define CTF_MAGIC_XLATE 0xf1cf /* CTF_MAGIC (rev. byte order) */
+
+ A value of CTF_MAGIC indicates a CTF file, while CTF_MAGIC_XLATE
+ indicates a CTF file that was produced on a machine that employs
+ the opposite byteorder from that of the examining machine. If an-
+ other value is encountered, then the file should not be treated as
+ CTF file.
+
+
+ ctp_version
+
+ The CTF format version. The following versions are currently de-
+ fined.
+
+
+ #define CTF_VERSION_1 1
+ #define CTF_VERSION_2 2
+ #define CTF_VERSION_3 3
+ #define CTF_VERSION CTF_VERSION_3 /* current version */
+
+ The current version is 3. It is possible to encounter an unsup-
+ ported version. In that case, software should not try to parse the
+ format, as it may have changed.
+
+
+ ctp_flags
+
+ ctp_flags describes aspects of the file which modify its interpre-
+ tation. Flags are defined independently for each version, so in
+ principle, the value of ctp_version must be taken into account when
+ evaluating ctp_flags. However, all versions of CTF to date define a
+ single flag which is the same in all versions:
+
+
+ #define CTF_F_COMPRESS 0x1 /* data buffer is compressed */
+
+ The flag CTF_F_COMPRESS indicates that the body of the file, all
+ the data following the header has been compressed using the libz
+ compression library deflate algorithm. See libz(3). If this flag is
+ not present, then the body has not been compressed and no special
+ action is needed to interpret it. All offsets into the data, as de-
+ scribed by the CTF header, always refer to the uncompressed data.
+
+
+
+ The first field in the header, for all CTF versions, is always the pre-
+ amble, described above. The remainder of the header can differ for each
+ version. However, versions 2 and 3 both use the following common defin-
+ ition. In addition to the preamble, this header describes whether or
+ not the CTF file is the child of another CTF file, and provides the po-
+ sition and size of the sections that follow the header. The structure
+ for the header starts with the preamble, and has an overall size of 36
+ bytes.
+
+ typedef struct ctf_header {
+ ctf_preamble_t cth_preamble;
+ uint32_t cth_parlabel; /* ref to parent lbl uniq'd against */
+ uint32_t cth_parname; /* ref to basename of parent */
+ uint32_t cth_lbloff; /* offset of label section */
+ uint32_t cth_objtoff; /* offset of object section */
+ uint32_t cth_funcoff; /* offset of function section */
+ uint32_t cth_typeoff; /* offset of type section */
+ uint32_t cth_stroff; /* offset of string section */
+ uint32_t cth_strlen; /* length of string section in bytes */
+ } ctf_header_t;
+
+
+
+ After the preamble, the next two fields, cth_parlabel and cth_parname,
+ are used to identify the parent. The value of both fields are offsets
+ into the string section which point to the start of a null-terminated
+ string. For more information on the encoding of strings, see String
+ Identifiers. If the value of either is 0, then there is no entry for
+ that field. If the field cth_parlabel is set, then the ctf_parname
+ field must be set, otherwise it will not be possible to find the par-
+ ent. If ctf_parname is set, it is not necessary to define cth_parlabel,
+ as the parent may not have a label. For more information on labels and
+ their interpretation, see The Label Section.
+
+
+ The remaining header fields, excepting cth_strlen, provide the offset
+ of each section, relative to the end of the header. To convert such an
+ offset into an offset taken relative to the top of the CTF file, it
+ suffices to add the size of ctf_header_t (36 bytes) to the offset. To
+ calculate the size of a given section, excepting the string section,
+ subtract the offset of the section from the that of the following one.
+ For example, the size of the type section can be calculated by sub-
+ tracting cth_typeoff from cth_stroff.
+
+
+ The offsets reflect the alignment requirements for each section. The
+ cth_objtoff and cth_funcoff sections must be two-byte aligned for CTF
+ version 2, and four-byte aligned for version 3. The sections cth_lbloff
+ and cth_typeoff must be four-byte aligned for both CTF versions. The
+ section cth_stroff has no alignment requirements.
+
+
+ Finally, cth_strlen provides the length of the string section. Since
+ the string section is the last section in a CTF file, its offset and
+ size can be used to determine the uncompressed size of the entire CTF
+ file: sizeof (ctf_header_t) + hdr->cth_stroff + hdr->cth_strlen.
+
+ Type Identifiers
+ CTF data types are referred to using integer values known as type iden-
+ tifiers. In all versions of CTF, type identifier 0 is a sentinel value
+ used to indicate that there is no type information available or it is
+ an unknown type. The first valid type identifier is 1. When a given CTF
+ file is a child, indicated by a non-zero entry for the cth_parname
+ field of the header, then the most significant bit of the type ID is
+ set. Macros are provided for detecting whether a given ID is for a par-
+ ent or child, and for manipulating the child bit.
+
+
+ Type identifiers are unsigned 16-bit values in CTF version 2, and
+ 32-bit values in version 3. As such, their range, and the bit used to
+ identify child types differ. However, the same general approach is used
+ for both.
+
+ CTF Version 2
+
+
+ #define CTF_V2_TYPE_ISPARENT(_id) ((_id) < 0x8000)
+ #define CTF_V2_TYPE_ISCHILD(_id) ((_id) > 0x7fff)
+ #define CTF_V2_TYPE_TO_INDEX(_id) ((_id) & 0x7fff)
+ #define CTF_V2_INDEX_TO_TYPE(_id, _ischild) \
+ ((_ischild) ? ((_id) | 0x8000) : (_id))
+
+ CTF version 2 uses 16-bit unsigned integers to represent type IDs,
+ and supports up to 32767 (0x7fff) types. In child CTF files, the
+ first valid type identifier is 0x8000 and the last is 0xffff. In
+ this case, type identifiers 1 through 0x7fff are references to the
+ parent.
+
+
+ CTF Version 3
+
+
+ #define CTF_V3_TYPE_ISPARENT(_id) ((uint32_t)(_id) < 0x80000000u)
+ #define CTF_V3_TYPE_ISCHILD(_id) ((uint32_t)(_id) > 0x7fffffffu)
+ #define CTF_V3_TYPE_TO_INDEX(_id) ((_id) & 0x7fffffffu)
+ #define CTF_V3_INDEX_TO_TYPE(_id, _ischild) \
+ (((_id) & 0x7fffffffu) | ((_ischild) != 0 ? 0x80000000u : 0))
+
+ CTF uses 32-bit unsigned integers to represent type IDs, and sup-
+ ports up to 2147483646 (0x7ffffffe) types. In child CTF files, the
+ first valid type identifier is 0x80000000 and the last is
+ 0xfffffffe. In this case, type identifiers 1 through 0x7ffffffe are
+ references to the parent. 0x7fffffff and 0xffffffff are not treated
+ as valid type identifiers so as to enable the use of -1 as an error
+ value.
+
+
+ String Identifiers
+ String identifiers are encoded as 32-bit unsigned integers which spec-
+ ify an offset into a string table. The CTF format supports two differ-
+ ent string tables which have an identifier of 0 or 1. This identifier
+ is stored in the high-order bit of the offset. Therefore, the maximum
+ supported offset into one of these tables is 0x7ffffffff.
+
+
+ Table identifier 0 refers to the string section that is included with
+ the CTF file, which is located using the cth_stroff field of the CTF
+ header. String table identifier 1 refers to the ELF string table asso-
+ ciated with the symbol table from the associated ELF object.
+
+ Type Encoding
+ Every CTF type begins with metadata encoded into an integer value. This
+ value is a 16-bit unsigned integer in CTF, and a 32-bit unsigned inte-
+ ger in CTF version 3. This encoded information provides the following
+ information:
+
+ o The kind of the type.
+
+
+ o Whether this type is a root type or not.
+
+
+ o The length of the variable data.
+
+
+ CTF Version 2
+
+ The 16 bits that make up the encoding are broken down into five
+ bits for the kind (bits 11 to 15), one bit for the root type flag
+ (bit 10), and 10 bits for the length of the variable data.
+
+ +------+--------+------+
+ | kind | isroot | vlen |
+ +------+--------+------+
+ 15 11 10 9 0
+
+
+
+ CTF Version 3
+
+ The 32 bits that make up the encoding are broken down into six bits
+ for the kind (bits 26 to 31), one bit for the root type flag (bit
+ 25), and 25 bits for the length of the variable data.
+
+ +--------+--------+----------------------------+
+ | kind | isroot | vlen |
+ +--------+--------+----------------------------+
+ 31 26 25 24 0
+
+
+
+
+ CTF currently defines the following 14 different kinds. The interpreta-
+ tion of these different kinds is discussed in The Type Section. If a
+ kind is encountered that is not in this list, the CTF file should be
+ considered to be invalid.
+
+ #define CTF_K_UNKNOWN 0
+ #define CTF_K_INTEGER 1
+ #define CTF_K_FLOAT 2
+ #define CTF_K_POINTER 3
+ #define CTF_K_ARRAY 4
+ #define CTF_K_FUNCTION 5
+ #define CTF_K_STRUCT 6
+ #define CTF_K_UNION 7
+ #define CTF_K_ENUM 8
+ #define CTF_K_FORWARD 9
+ #define CTF_K_TYPEDEF 10
+ #define CTF_K_VOLATILE 11
+ #define CTF_K_CONST 12
+ #define CTF_K_RESTRICT 13
+
+
+
+ Programs directly reference many types; however, other types are refer-
+ enced indirectly because they are part of some other structure. Types
+ that are referenced directly and used are called root types. Other
+ types may be used indirectly, for example, a program may reference a
+ structure directly, but not one of its members which has a type. That
+ type is not considered a root type. If a type is a root type, then it
+ will have the root flag set.
+
+
+ The meaning of the variable length (vlen) is specific to each kind and
+ is discussed in The Type Section.
+
+
+ The following macros are useful for constructing and deconstructing the
+ encoded info word. Note that there are different macros for CTF version
+ 2 and version 3, each usedto encode the details of the info word for
+ that version.
+
+ #define CTF_V2_MAX_VLEN 0x3ff /* max # variant data items */
+ #define CTF_V2_INFO_KIND(_info) (((_info) & 0xf800) >> 11)
+ #define CTF_V2_INFO_ISROOT(_info) (((_info) & 0x0400) >> 10)
+ #define CTF_V2_INFO_VLEN(_info) (((_info) & CTF_V2_MAX_VLEN))
+ #define CTF_V2_TYPE_INFO(_kind, _isroot, _vlen) \
+ (((_kind) << 11) | (((_isroot) ? 1 : 0) << 10) | \
+ ((_vlen) & CTF_V2_MAX_VLEN))
+
+ #define CTF_V3_MAX_VLEN 0x00ffffff
+ #define CTF_V3_INFO_KIND(info) (((info) & 0xfc000000) >> 26)
+ #define CTF_V3_INFO_ISROOT(info) (((info) & 0x02000000) >> 25)
+ #define CTF_V3_INFO_VLEN(info) (((info) & CTF_V3_MAX_VLEN))
+
+ #define CTF_V3_TYPE_INFO(kind, isroot, vlen) \
+ (((kind) << 26) | (((isroot) ? 1 : 0) << 25) | \
+ ((vlen) & CTF_V3_MAX_VLEN))
+
+
+ The Label Section
+ When consuming CTF data, it is often useful to know whether two differ-
+ ent CTF containers come from the same source base and version. For ex-
+ ample, many kernel modules are built against a single collection of
+ source code. A label is encoded into the CTF files that corresponds
+ with the particular build. This ensures that if files on the system
+ were to become mixed up from multiple releases, that they will not used
+ together by tools, particularly when a child needs to refer to a type
+ in the parent. Labels are used to prevent such a parent/child mismatch
+ from occurring.
+
+
+ Each label is encoded in the file format using the following eight byte
+ structure:
+
+ typedef struct ctf_lblent {
+ uint32_t ctl_label; /* ref to name of label */
+ uint32_t ctl_typeidx; /* last type associated with label */
+ } ctf_lblent_t;
+
+
+
+ Each label has two different components, a name and a type identifier.
+ The name is encoded in the ctl_label field which is in the format de-
+ fined in String Identifiers. Generally, the names of all labels are
+ found in the internal string section.
+
+
+ The type identifier encoded in the ctl_typeidx field refers to the last
+ type identifier that a label refers to in the current file. Labels only
+ refer to types in the current file, if the CTF file is a child, then it
+ will have the same label as its parent; however, its label will only
+ refer to its types, not its parent's.
+
+
+ It is also possible, though rather uncommon, for a CTF file to have
+ multiple labels. Labels are placed one after another, every eight
+ bytes. When multiple labels are present, types may only belong to a
+ single label.
+
+ The Object Section
+ The object section provides a mapping from ELF symbols of type STT_OB-
+ JECT in the symbol table, to a corresponding type identifier. These
+ type identifiers are 16-bit unsigned integers in CTF version 2, and
+ 32-bit unsigned integers in CTF version 3, encoded as described in Type
+ Identifiers. If there is no information for an object, then the type
+ identifier 0 is stored for that entry.
+
+
+ To interpret the object section requires access to the corresponding
+ symbol table in the associated ELF object. Starting with the first sym-
+ bol in the symbol table, each symbol is checked in turn to find the
+ STT_OBJECT symbols that correspond to entries in the object section.
+ Not every symbol found in the ELF symbol table is used. When searching
+ the symbol table, a symbol is skipped if it matches any of the follow-
+ ing conditions:
+
+ o The type is not STT_OBJECT.
+
+
+ o The section index is SHN_UNDEF.
+
+
+ o The name offset is 0, indicating no name.
+
+
+ o The section index is SHN_ABS and the value of the symbol is
+ 0.
+
+
+ o The symbol name is _START_ or _END_.
+
+
+
+ The entries in the object section are written in the same order as
+ their corresponding symbols in the symbol table, so each identified
+ symbol corresponds to the next available object section entry. The num-
+ ber of entries in the object section must correspond to the number of
+ STT_OBJECT symbols found.
+
+ The Function Section
+ The function section of a CTF file encodes the types of both the func-
+ tion's arguments and the function's return value. This section consists
+ of 16-bit unsigned integer values for CTF version 2, and of 32-bit un-
+ signed integer values for CTF version 3. Similar to The Object Section,
+ the function section encodes information for all symbols of type
+ STT_FUNCTION, excepting those that fit specific criteria. Unlike with
+ objects, because functions have a variable number of arguments, their
+ entries start with a type encoding as defined in Type Encoding.
+
+
+ Functions which have no type information available are encoded as fol-
+ lows. In this case, the entry is complete, and nothing else is written.
+ The next integer in the section starts the next entry:
+
+ CTF_V2_TYPE_INFO(CTF_K_UNKNOWN, 0, 0) /* CTF version 2 */
+ CTF_V3_TYPE_INFO(CTF_K_UNKNOWN, 0, 0) /* CTF version 3 */
+
+
+
+ Functions with type information are encoded as:
+
+ CTF_V2_TYPE_INFO(CTF_K_FUNCTION, 0, nargs) /* CTF version 2 */
+ CTF_V3_TYPE_INFO(CTF_K_FUNCTION, 0, nargs) /* CTF version 3 */
+
+
+
+ The encoding variable length (vlen) is used to convey the number of ar-
+ guments to the function. If a function is a varargs type function, then
+ the number of arguments is increased by one.
+
+
+ The next integer written provides the type identifier of the return
+ type of the function, and is followed by a type identifier for each ar-
+ gument, if any exist, in the order that they appear in the function.
+ When a function has a final varargs argument, it is encoded with the
+ type identifier 0.
+
+
+ In the same manner as described in The Object Section, the entries in
+ the function section match the order of the STT_FUNCTION symbols found
+ in the symbol table. The rules for matching symbol to entry are simi-
+ lar, but slightly different than those for objects. While iterating
+ over the symbol table, if any of the following conditions are true,
+ then the symbol is skipped and no corresponding entry is written:
+
+ o The type is not STT_FUNCTION.
+
+
+ o The section index is SHN_UNDEF.
+
+
+ o The name offset is 0, indicating no name.
+
+
+ o The symbol name is _START_ or _END_.
+
+
+ The Type Section
+ The type section is the heart of the CTF data, providing information
+ for the types used in the corresponding object. Each entry consists of
+ a type structure, potentially followed by kind-specific variable data.
+ There are two forms of type structure, a shorter one used for most pur-
+ poses, and a longer one used for larger sizes. The variable data, when
+ present, follows immediately after the type structure. The short and
+ long form of type structure are defined as follows. The CTF version 2
+ and 3 versions of these structures differ in that version 2 uses 16-bit
+ integers for some fields, while version 3 widens those fields. The ver-
+ sion 2 and 3 variants of each structure are shown side by side, and
+ differences are shown in boldface, to facilitate comparison.
+
+ #define CTF_V2_MAX_SIZE 0xfffe /* max size of a type (bytes) */
+ #define CTF_V2_LSIZE_SENT 0xffff /* sentinel for ctt_size */
+
+ #define CTF_V3_MAX_SIZE 0xfffffffe
+ #define CTF_V3_LSIZE_SENT 0xffffffff
+
+
+ |
+ |
+ typedef struct ctf_stype_v2 { | struct ctf_stype_v3 {
+ uint32_t ctt_name; | uint32_t ctt_name;
+ uint16_t ctt_info; | uint32_t ctt_info;
+ union { | union {
+ uint16_t _size; | uint32_t _size;
+ uint16_t _type; | uint32_t _type;
+ } _u; | } _u;
+ } ctf_stype_v2_t; | } ctf_stype_v3;
+ |
+ typedef struct ctf_type_v2 { | typedef struct ctf_type_v3 {
+ uint32_t ctt_name; | uint32_t ctt_name;
+ uint16_t ctt_info; | uint32_t ctt_info;
+ union { | union {
+ uint16_t _size; | uint32_t _size;
+ uint16_t _type; | uint32_t _type;
+ } _u; | } _u;
+ uint32_t ctt_lsizehi; | uint32_t ctt_lsizehi;
+ uint32_t ctt_lsizelo; | uint32_t ctt_lsizelo;
+ } ctf_type_v2_t; | } ctf_type_v3_t;
+ |
+ |
+
+
+ #define ctt_size _u._size /* for types that have a size */
+ #define ctt_type _u._type /* for types that ref. another type */
+
+
+
+ The long form is identical to the short, with the addition of 2 fields
+ at the end used to encode large sizes. Due to their common layout, it
+ is common for code that reads types to use a pointer to the large form
+ to access the data, paying attention to the type kind and size to de-
+ termine how to read the size, and the amount to increment the pointer
+ between items.
+
+
+ Types are written out in order, with no padding in between them. The
+ type ID for each type is implicit in its position within the type sec-
+ tion. The first type entry has type ID 1, the second has type ID 2, and
+ so forth. In a child object, the type ID has its child bit set, so in
+ that case, the first identifier will have value 0x8000 for CTF version
+ 2, or 0x80000000 for CTF version 3.
+
+
+ ctt_name is encoded as described in String Identifiers. The string that
+ it points to is the name of the type. If the identifier points to an
+ empty string (one that consists solely of a null terminator) then the
+ type does not have a name. This is common with anonymous structures and
+ unions that only have a typedef to identify them, as well as for point-
+ ers and qualifiers.
+
+
+ ctt_info, is encoded as described in Type Encoding. The type's kind
+ tells us how to interpret the remaining data in the type structure, and
+ any variable length (vlen) data that may exist.
+
+
+ Each type record has a kind. Some kinds convey size information, while
+ others reference another type. The ctt_size and ctt_type fields are
+ held in a union, so only one or the other can be used. The field used
+ is determined by the kind. The kind-specific sections below describe
+ the specific details.
+
+
+ The following kinds use ctt_type. CTF_K_UNKNOWN and CTF_K_FORWARD al-
+ ways set it to 0. The other types use it to hold a referenced type ID.
+ The short type structure is always used for these types.
+
+ #define CTF_K_UNKNOWN 0
+ #define CTF_K_FORWARD 9
+
+ #define CTF_K_POINTER 3
+ #define CTF_K_FUNCTION 5
+ #define CTF_K_TYPEDEF 10
+ #define CTF_K_VOLATILE 11
+ #define CTF_K_CONST 12
+ #define CTF_K_RESTRICT 13
+
+
+
+ The following kinds convey sizes, and use ctt_size. The short type
+ structure is used for sizes that fit within its limits, and the larger
+ type structure is used otherwise.
+
+ #define CTF_K_INTEGER 1
+ #define CTF_K_FLOAT 2
+ #define CTF_K_ARRAY 4
+ #define CTF_K_STRUCT 6
+ #define CTF_K_UNION 7
+ #define CTF_K_ENUM 8
+
+
+
+ Type sizes are measured in bytes. When the size to be represented will
+ fit in ctt_size, the short form of the type structure is used. If the
+ size is too large to fit, then a special sentinel value is written to
+ ctt_size to indicate that fact, and the large form of the type struc-
+ ture is used. Although versions 2 and 3 use different structures and
+ macros, the same approach applies to both.
+
+ CTF Version 2
+
+ CTF version 2 defines ctt_size as a uint16_t value. If the size to
+ be represented is less than or equal to CTF_V2_MAX_SIZE (0xfffe),
+ then the short type structure, ctf_stype_v2 is used. Otherwise, the
+ large form, ctf_type_v2, is used, ctt_size is set to a special sen-
+ tinel value CTF_V2_LSIZE_SENT (0xffff), and the size is instead
+ written to ctt_lsizehi and ctt_lsizelo.
+
+ ctf_type_v2 ctt;
+
+ if (size > CTF_V2_MAX_SIZE) { /* 0xfffe */
+ ctt.ctt_size = CTF_V2_LSIZE_SENT; /* 0xffff */
+ ctt.ctt_lsizehi = CTF_SIZE_TO_LSIZE_HI(size);
+ ctt.ctt_lsizelo = CTF_SIZE_TO_LSIZE_LO(size);
+ } else {
+ ctt.ctt_size = size;
+ }
+
+
+
+ CTF Version 3
+
+ CTF version 3 defines ctt_size as a uint32_t value. If the size to
+ be represented is less than or equal to CTF_V3_MAX_SIZE
+ (0xfffffffe), then the short type structure, ctf_stype_v3 is used.
+ Otherwise, the large form, ctf_type_v3, is used, ctt_size is set to
+ a special sentinel value CTF_V3_LSIZE_SENT (0xffffffff), and the
+ size is instead written to ctt_lsizehi and ctt_lsizelo.
+
+ ctf_type_v3 ctt;
+
+ if (size > CTF_V3_MAX_SIZE) { /* 0xfffffffe */
+ ctt.ctt_size = CTF_V3_LSIZE_SENT; /* 0xffffffff */
+ ctt.ctt_lsizehi = CTF_SIZE_TO_LSIZE_HI(size);
+ ctt.ctt_lsizelo = CTF_SIZE_TO_LSIZE_LO(size);
+ } else {
+ ctt.ctt_size = size;
+ }
+
+
+
+ Encoding of Integer Types (CTF_K_INTEGER)
+ Integers, which are of type CTF_K_INTEGER, have no variable length ar-
+ guments, and should specify a vlen of 0. The type structure is followed
+ by a 32-bit unsigned integer which describes the encoding. The ctt_size
+ field describes the size of the integer, in bytes. In general, integer
+ sizes will be rounded up to the closest power of two.
+
+
+ The integer encoding contains three different pieces of information:
+
+ o The encoding of the integer.
+
+
+ o The offset in bits of the type.
+
+
+ o The size in bits of the type.
+
+
+
+ This encoding can be expressed through the following macros:
+
+ #define CTF_INT_ENCODING(data) (((data) & 0xff000000) >> 24)
+ #define CTF_INT_OFFSET(data) (((data) & 0x00ff0000) >> 16)
+ #define CTF_INT_BITS(data) (((data) & 0x0000ffff))
+
+ #define CTF_INT_DATA(encoding, offset, bits) \
+ (((encoding) << 24) | ((offset) << 16) | (bits))
+
+
+
+ The following flags are defined for the encoding:
+
+ #define CTF_INT_SIGNED 0x01
+ #define CTF_INT_CHAR 0x02
+ #define CTF_INT_BOOL 0x04
+ #define CTF_INT_VARARGS 0x08
+
+
+
+ By default, an integer is considered to be unsigned, unless the
+ CTF_INT_SIGNED flag set. The flag CTF_INT_CHAR indicates that the inte-
+ ger is of a type that stores character data. For example, CTF_INT_CHAR
+ is set for the intrinsic C type char. CTF_INT_BOOL indicates that the
+ integer represents a boolean type. For example, CTF_INT_BOOL is set for
+ the intrinsic C type _Bool. CTF_INT_VARARGS indicates that the integer
+ is used as part of a variable number of arguments. This encoding is
+ rather uncommon.
+
+ Encoding of Float Types (CTF_K_FLOAT)
+ Floats, which are of type CTF_K_FLOAT, are similar to their integer
+ counterparts. They have no variable length arguments, specify a vlen of
+ 0, and the type structure is followed by a 32-bit unsigned integer
+ which describes the kind of float. The ctt_size field provides the size
+ of the float, in bytes. The float encoding provides three different
+ pieces of information:
+
+ o The specific kind of float.
+
+
+ o The offset in bits of the float.
+
+
+ o The size in bits of the float.
+
+
+
+ This encoding can be expressed through the following macros:
+
+ #define CTF_FP_ENCODING(data) (((data) & 0xff000000) >> 24)
+ #define CTF_FP_OFFSET(data) (((data) & 0x00ff0000) >> 16)
+ #define CTF_FP_BITS(data) (((data) & 0x0000ffff))
+
+ #define CTF_FP_DATA(encoding, offset, bits) \
+ (((encoding) << 24) | ((offset) << 16) | (bits))
+
+
+
+ Unlike CTF_K_INTEGER, which uses flags to describe various attributes,
+ CTF_K_FLOAT uses a simple integer to identify the floating format, each
+ of which fully describes all attributes of a specific floating format.
+
+ #define CTF_FP_SINGLE 1 /* IEEE 32-bit float */
+ #define CTF_FP_DOUBLE 2 /* IEEE 64-bit float */
+ #define CTF_FP_CPLX 3 /* Complex */
+ #define CTF_FP_DCPLX 4 /* Double complex */
+ #define CTF_FP_LDCPLX 5 /* Long double complex */
+ #define CTF_FP_LDOUBLE 6 /* Long double */
+ #define CTF_FP_INTRVL 7 /* Interval (2x32-bit) */
+ #define CTF_FP_DINTRVL 8 /* Double interval (2x64-bit) */
+ #define CTF_FP_LDINTRVL 9 /* Long double interval (2x128-bit) */
+ #define CTF_FP_IMAGRY 10 /* Imaginary (32-bit) */
+ #define CTF_FP_DIMAGRY 11 /* Long imaginary (64-bit) */
+ #define CTF_FP_LDIMAGRY 12 /* Long double imaginary (128-bit) */
+
+
+ Encoding of Array Types (CTF_K_ARRAY)
+ Arrays, which are of type CTF_K_ARRAY, have no variable list entries,
+ and therefore set vlen to 0. The type structure is followed by a struc-
+ ture which describes the number of elements in the array (cta_nelems),
+ the type identifier of the elements in the array (cta_contents), and
+ the type identifier of the index of the array (cta_index). With arrays,
+ ctt_size is set to 0.
+
+
+ The CTF version 2 and 3 versions of this structure differ in that ver-
+ sion 2 uses 16-bit integers for some fields, while version 3 widens
+ those fields. The version 2 and 3 variants of each structure are shown
+ side by side, and the differences are shown in boldface, to facilitate
+ comparison.
+
+ |
+ |
+ typedef struct ctf_array_v2 { | typedef struct ctf_array_v3 {
+ uint16_t cta_contents; | uint32_t cta_contents;
+ uint16_t cta_index; | uint32_t cta_index;
+ uint32_t cta_nelems; | uint32_t cta_nelems;
+ } ctf_array_v2_t; | } ctf_array_v3_t;
+ |
+ |
+
+
+
+ cta_contents and cta_index are type identifiers, encoded as described
+ in Type Identifiers. cta_nelems is an unsigned count of the number of
+ elements. This count will be 0 when describing C99 flexible array mem-
+ bers.
+
+ Encoding of Function Types (CTF_K_FUNCTION)
+ Function types, which are of kind CTF_K_FUNCTION, use the variable
+ length (vlen) to provide the number of arguments in the function. When
+ the function has a final argument which is a varargs, then the argument
+ count is incremented by one to account for the variable argument. The
+ ctt_type field is used to hold the type identifier of the function re-
+ turn type.
+
+
+ The variable data holds a list of type identifiers for the arguments of
+ the function, if any. For CTF version 2, each argument is represented
+ by a 16-bit uint16_t value, while for CTF version 3, each argument is a
+ 32-bit uint32_t value. Each is encoded as described in Type Identi-
+ fiers. If the function's last argument is of type varargs, it is writ-
+ ten using type identifier 0.
+
+
+ In CTF version 2, an extra type identifier with value 0 is added fol-
+ lowing the final argument, if needed to maintain four-byte alignment
+ for the data that follows. If present, this pad value is not included
+ in the argument count. In CTF version 3, four-byte alignment occurs
+ naturally and no padding is used.
+
+ Encoding of Structure (CTF_K_STRUCT) and Union (CTF_K_UNION) Types
+ Structures and Unions, which are encoded with CTF_K_STRUCT and
+ CTF_K_UNION respectively, are very similar constructs in C. As such,
+ their encoding in CTF is also very similar. The main difference between
+ structures and unions is that members of a structure are laid out in
+ memory, in order, one after the other, while in a union, all members
+ share the same memory.
+
+
+ The variable length (vlen) for structures and unions specifies the num-
+ ber of members. The value of ctt_size is set to the size of the struc-
+ ture or union. As with the type structure, the structure used to encode
+ members come in two forms, a smaller one one that serves most uses, and
+ a large form used for larger sizes. The overall size of the struct or
+ union determines which form is used to encode members in the variable
+ list. The following definitions describe these two member structures.
+ The CTF version 2 and 3 versions of these structures differ in that
+ version 2 uses 16-bit integers for some fields, while version 3 widens
+ those fields. The version 2 and 3 variants of each structure are shown
+ side by side, and differences are shown in boldface, to facilitate com-
+ parison.
+
+ #define CTF_V2_LSTRUCT_THRESH (1 << 13) /* 8192 */
+ #define CTF_V3_LSTRUCT_THRESH (1 << 29) /* 536870912 */
+
+ #define CTF_LMEM_OFFSET(_ctlmp) \
+ (((uint64_t)(_ctlmp)->ctlm_offsethi) << 32 | \
+ (_ctlmp)->ctlm_offsetlo)
+ #define CTF_OFFSET_TO_LMEMHI(_offset) \
+ ((uint32_t)((uint64_t)(_offset) >> 32))
+ #define CTF_OFFSET_TO_LMEMLO(_offset) ((uint32_t)(_offset))
+
+
+ |
+ |
+ typedef struct ctf_member_v2 { | typedef struct ctf_member_v3 {
+ uint32_t ctm_name; | uint32_t ctm_name;
+ uint16_t ctm_type; | uint32_t ctm_type;
+ uint16_t ctm_offset; | uint32_t ctm_offset;
+ } ctf_member_v2_t; | ctf_member_v3_t;
+ |
+ typedef struct ctf_lmember_v2 { | typedef struct ctf_lmember_v3 {
+ uint32_t ctlm_name; | uint32_t ctlm_name;
+ uint16_t ctlm_type; | uint32_t ctlm_type;
+ uint16_t ctlm_pad; |
+ uint32_t ctlm_offsethi; | uint32_t ctlm_offsethi;
+ uint32_t ctlm_offsetlo; | uint32_t ctlm_offsetlo;
+ } ctf_lmember_v2_t; | ctf_lmember_v3_t;
+ |
+ |
+
+
+
+ When the size of a structure or union is greater than or equal to the
+ large member threshold defined for the version of CTF
+ (CTF_V*_LSTRUCT_THRESH), then the large lmember structure is used to
+ encode members, rather than the smaller member structure. All members
+ are encoded using the same structure.
+
+
+ Both ctm_name and ctlm_name refer to the name of the member. The name
+ is encoded as an offset into the string table as described in String
+ Identifiers. The members ctm_type and ctlm_type both refer to the type
+ of the member. They are encoded as described in Type Identifiers.
+
+
+ The last piece of information that is present is the offset which de-
+ scribes the offset in memory at which the member begins. For unions,
+ this value will always be 0 because each member of a union has an off-
+ set of 0. For structures, this is the offset in bits at which the mem-
+ ber begins. Note that a compiler may lay out a type with padding. This
+ means that the difference in offset between two consecutive members may
+ be larger than the size of the member. When the size of the overall
+ structure is strictly less than the large member threshold, the smaller
+ member structure is used, and the offset in bits is stored in the mem-
+ ber ctm_offset. However, when the size of the structure exceeds the
+ large member threshold, the larger member structure is used, and the
+ number of bits is split into two 32-bit quantities. One member,
+ ctlm_offsethi, represents the upper 32 bits of the offset, while the
+ other member, ctlm_offsetlo, represents the lower 32 bits of the off-
+ set. These can be joined together to get a 64-bit sized offset in bits
+ using the CTF_LMEM_OFFSET macro shown above.
+
+ Encoding of Enumeration Types (CTF_K_ENUM)
+ Enumerations, which are of kind CTF_K_ENUM, map integer values to sym-
+ bolic names. The mappings are referred to as enumerators. Enumerations
+ use the variable length (vlen) to specify the number of enumerators. In
+ C, an enumeration is always equivalent to the intrinsic type int, thus
+ the value of ctt_size will be the size of an int, which on Solaris sys-
+ tems is always 4.
+
+
+ Each enumerator is described by the following structure in the variable
+ list:
+
+ typedef struct ctf_enum {
+ uint32_t cte_name; /* reference to name in strtab */
+ int32_t cte_value; /* value associated with this name */
+ } ctf_enum_t;
+
+
+
+ cte_name refers to the name of the enumerator's value, and is encoded
+ according to the rules described in String Identifiers. The cte_value
+ field provides the integer value of this enumerator.
+
+ Encoding of Forward References (CTF_K_FORWARD)
+ Forward references, which are of kind CTF_K_FORWARD, refer to types
+ which may not have a definition at all, only a name. If the CTF file is
+ a child, then it may be that the forward is resolved to an actual type
+ in the parent, otherwise the definition may be in another CTF con-
+ tainer, or may not be known at all. The only field of the type struc-
+ ture that is used for a forward declaration is ctt_name, which points
+ to the name of the forward reference in the string table. The ctt_type
+ field should be set to 0. This type has no variable list entries, and
+ vlen is set to 0. There is no other information recorded for forward
+ references.
+
+ Encoding of Pointers, Typedefs, Volatile, Const, and Restrict
+ Pointers, typedefs, volatile, const, and restrict all refer to another
+ type. In the case of typedefs, they provide an alternate name, while
+ volatile, const, and restrict change how the type is interpreted in the
+ C programming language. This covers the CTF kinds CTF_K_POINTER,
+ CTF_K_TYPEDEF, CTF_K_VOLATILE, CTF_K_RESTRICT, and CTF_K_CONST. These
+ types have no variable list entries, and vlen is set to 0. The ctt_type
+ field is used to refer to the modified base type.
+
+ Encoding of Unknown Types (CTF_K_UNKNOWN)
+ Types with the kind CTF_K_UNKNOWN are used to indicate gaps in the type
+ identifier space. Such entries consume an identifier, but do not define
+ anything. Nothing should refer to these gap identifiers. The ctt_name
+ and ctt_type fields should be set to 0. This type has no variable list
+ entries, and vlen is set to 0.
+
+ Dependencies Between Types
+ C types can be imagined as a directed, cyclic, graph. Structures and
+ unions may refer to each other in a way that creates a cyclic depen-
+ dency. In cases such as these, the entire type section must be read in
+ and processed. Consumers must not assume that every type can be laid
+ out in dependency order; they cannot.
+
+ The String Section
+ The string section is the final section of a CTF file. This section
+ contains the strings that are referenced throughout the other sections.
+ CTF string tables are modeled after ELF string table sections, and fol-
+ low the same rules.
+
+
+ The string table is an array of 8-bit character bytes. Each string is
+ written to the table in turn, including a NULL termination. The order
+ of the strings within the table, relative to each other, is unspeci-
+ fied, and should not be relied on. All references to the string table
+ are made by specifying the offset of its first character. The first
+ byte in the string table is always a null termination, so offset 0 al-
+ ways represents an empty string.
+
+
+ Generally, all characters in the string table come from the 7-bit ASCII
+ character set, as most C compilers limit the characters used in identi-
+ fiers to this range. However, any extended characters sets should be
+ written as UTF-8.
+
+ Data Encoding and ELF Considerations
+ CTF data is generally included in ELF objects. The ELF header specifies
+ information that identifies the machine architecture, and byte order,
+ for the file. A CTF container inside such an object must be written us-
+ ing the same byte order as that of the ELF object.
+
+
+ Other than byte order, CTF is a machine independent format, and there
+ should be no other differences between architectures. Where this docu-
+ ment refer to non-fixed size C integral types, definitions that match
+ those of the ILP32, and LP64 models should be assumed.
+
+
+ When placing a CTF container within an ELF object, there are conven-
+ tions that must be followed in order for that CTF data to be usable. In
+ particular, a given ELF object should only contain a single CTF sec-
+ tion. Multiple containers should be merged together into a single one.
+ See ctfmerge(1).
+
+
+ The CTF file should be included in its own ELF section. The section's
+ name must be .SUNW_ctf. The type of the section should be SHT_SUNW_CTF,
+ although for compatibility with historical use, SHT_PROGBITS is also
+ allowed. The section header for the ELF section containing the CTF data
+ should link to the symbol table (sh_link), and specify an address
+ alignment of 4 (sh_addralign).
+
+HISTORY
+ The CTF version 2 format has been used in the construction of Solaris
+ since Sun Solaris 9. Version 1, the initial development version, was
+ never included in a user visible release.
+
+
+ The required ELF section type for .SUNW_ctf sections was changed from
+ SHT_PROGBITS to SHT_SUNW_CTF in the Oracle Solaris 11.4.75 release.
+ Support for existing objects with CTF in SHT_PROGBITS sections is re-
+ tained to to support historical usage.
+
+
+ Support for CTF version 3, was added in the Oracle Solaris 11.4.81 re-
+ lease.
+
+SEE ALSO
+ ctfconvert(1), ctfdump(1), ctfmerge(1), ld(1), mdb(1), libz(3),
+ dtrace(8)
+
+Oracle Solaris 11.4 24 January 2025 ctf(5)
diff -NurbBw 11.4.78/man5/policy.conf.5 11.4.81/man5/policy.conf.5
--- 11.4.78/man5/policy.conf.5 2025-05-11 12:25:32.529045200 -0700
+++ 11.4.81/man5/policy.conf.5 2025-05-11 12:25:46.661326064 -0700
@@ -121,11 +121,13 @@
UNLOCK_AFTER=<n>[m | h | d | w]
- Specifies the time after which an account lock for failed logins
- will be unlocked upon a valid password entry. The time may be spec-
- ified as a number of minutes (m), hours (h), days (d), or weeks
- (w). If unspecified, no unlock will occur. The default is unspeci-
- fied. Individual account overrides are provided by user_attr(5).
+ Specifies the time duration since the account has been locked after
+ which it may be unlocked by a successful authentication; such as
+ password based or SSH public key. The time may be specified as a
+ number of minutes (m), hours (h), days (d), or weeks (w). <n>[m | h
+ | d | w]. If unspecified, no unlock will occur. The default is un-
+ specified. Individual account overrides are provided by
+ user_attr(5).
PAM_POLICY
@@ -264,4 +266,4 @@
NOTES
The console user is defined as the owner of /dev/console.
-Oracle Solaris 11.4 10 Mar 2023 policy.conf(5)
+Oracle Solaris 11.4 21 Jan 2025 policy.conf(5)
diff -NurbBw 11.4.78/man5/user_attr.5 11.4.81/man5/user_attr.5
--- 11.4.78/man5/user_attr.5 2025-05-11 12:25:32.574130058 -0700
+++ 11.4.81/man5/user_attr.5 2025-05-11 12:25:46.694609507 -0700
@@ -193,11 +193,12 @@
unlock_after
- Specifies the time since the account has been locked, that it
- may be unlocked by a successful authentication. The time may be
- specified as a number of minutes (m), hours (h), days (d), or
- weeks (w). <n>[m | h | d | w]. The default is unspecified. An
- administrator must unlock the account.
+ Specifies the time duration since the account has been locked
+ after which it may be unlocked by a successful authentication;
+ such as password based or SSH public key. The time may be spec-
+ ified as a number of minutes (m), hours (h), days (d), or weeks
+ (w). <n>[m | h | d | w]. If unspecified, no unlock will occur.
+ The default is unspecified.
pam_policy
@@ -479,4 +480,4 @@
/etc/user_attr was added in Solaris 8.
-Oracle Solaris 11.4 21 Jun 2021 user_attr(5)
+Oracle Solaris 11.4 21 Jan 2025 user_attr(5)
diff -NurbBw 11.4.78/man7/pam_unix_auth.7 11.4.81/man7/pam_unix_auth.7
--- 11.4.78/man7/pam_unix_auth.7 2025-05-11 12:25:32.613261621 -0700
+++ 11.4.81/man7/pam_unix_auth.7 2025-05-11 12:25:46.725389481 -0700
@@ -4,7 +4,7 @@
pam_unix_auth - PAM authentication module for UNIX
SYNOPSIS
- pam_unix_auth.so.1 [debug] [nolock] [nowarn] [server_policy]
+ pam_unix_auth.so.1 [debug] [nolock] [nosleeponfail] [nowarn] [server_policy]
DESCRIPTION
The pam_unix_auth module implements pam_sm_authenticate(3PAM), which
@@ -61,6 +61,11 @@
per service basis.
+ nosleeponfail
+
+ Do not sleep after authentication failure.
+
+
nowarn
Turn off warning messages.
@@ -73,6 +77,17 @@
name service switch.
+FILES
+ SLEEPTIME
+
+ If present in /etc/default/login, sets the number of seconds to
+ wait before the login failure returned. Default is 4 seconds. Mini-
+ mum is 0 seconds. Maximum is 30 seconds.
+
+ Previous releases performed the sleep directly in su(8), sulogin(8)
+ or login(8) are also affected by the value of SLEEPTIME.
+
+
RETURN VALUES
The following values are returned from pam_sm_authenticate():
@@ -153,6 +168,10 @@
set, a service module performs its default action.
HISTORY
+ The enforcement of SLEEPTIME was moved from login(1) and su(8) in Ora-
+ cle Solaris 11.4.81.
+
+
Support for unlocking accounts when either the UNLOCK_AFTER property is
set in policy.conf(5), or the unlock_after attribute is set in
user_attr(5), was added in Oracle Solaris 11.4.0.
@@ -175,4 +194,4 @@
bug and nowarn options. Prior to that, these checks were performed in
the pam_unix module.
-Oracle Solaris 11.4 12 Sep 2023 pa...h(7)
+Oracle Solaris 11.4 18 Feb 2025 pa...h(7)
diff -NurbBw 11.4.78/man7/solaris10.7 11.4.81/man7/solaris10.7
--- 11.4.78/man7/solaris10.7 2025-05-11 12:25:32.655002440 -0700
+++ 11.4.81/man7/solaris10.7 2025-05-11 12:25:46.769046494 -0700
@@ -155,7 +155,46 @@
or is set to a missing or invalid boot environment name, the zone will
transition to unavailable state on next zone or system boot. To resolve
this, the activebe property must be corrected, and the zone must be at-
- tached with zoneadm attach. For more information, see examples 4 and 5.
+ tached with zoneadm attach. For more information, see examples 7 and 8.
+
+ Creating and Using Installation Archives
+ The zoneadm(8) install subcommand is used to install a Solaris 10
+ zone. Aside from the path to the root directory of an installed Solaris
+ 10 system (via install -d path), the zone may be installed from several
+ archive formats. See the install subcommand in the section solaris10
+ Brand-Specific Subcommands in zoneadm(8) for further information.
+
+
+ Note that flash archives (flar) neither support archiving zones nor
+ archiving systems with zones. For more information on flash archives,
+ see flar and flarcreate commands on a Solaris 10 system.
+
+
+ For cpio, ustar, xustar, and pax file archives, those may be created
+ including the zone name directory (archiving e.g. the myzone directory
+ component from within /system/zones/ directory), from within the zone
+ path itself (i.e. archiving the root directory component from within
+ e.g. /system/zones/myzone/), and also archiving files and directories
+ from within zonepath/root, e.g. /system/zones/myzone/root/. In the case
+ of archiving the zone name directory component, the zone being later
+ installed must match its name with the zone name that was archived.
+ Note that in the case of archiving files and directories from within
+ zonepath/root, care needs to be taken to include dot files, if present,
+ into the archive.
+
+
+ For more detailed explanation of cpio, ustar, xustar, and pax formats,
+ see pax(1).
+
+
+ Due to limitations of some file archiver formats regarding filepath
+ maximum length, large file support, or large UIDs/GIDs, aside from Uni-
+ fied Archives and flash archives, the file archiver formats recommended
+ to create are xustar and pax. Both tar(1) and pax(1) only create ustar
+ archives by default. To create pax archives, use pax -x pax. To create
+ xustar archives, either pax -x xustar or the tar(1) 'E' function modi-
+ fier may be used. See examples below on how to create xustar and pax
+ file archives.
Network Firewall
Oracle Solaris 11.4 introduces the PF firewall, to replace the IPFilter
@@ -281,7 +320,43 @@
- Example 3 Creating a ZFS Archive for Install
+ Example 3 Creating a compressed xustar Zone Archive for Install
+
+
+
+ Note the use of the 'E' function modifier to create an extended USTAR
+ (xustar) archive which guarantees the inclusion of large files and
+ large UIDs/GIDs. Alternatively, one could use pax -x xustar.
+
+
+
+ s10# zoneadm -z s10zonename halt
+ s10# zoneadm -z s10zonename ready
+ s10# cd /export/zones/s10zonename # use actual zonepath
+ s10# tar cvEf /net/somehost/v2v/s10zonename.tar root
+ s10# gzip /net/somehost/v2v/s10zonename.tar
+
+
+
+ Example 4 Creating a compressed pax Zone Archive for Install
+
+
+
+ Note that the default output format for pax(1) is ustar so to make use
+ of the large file and large UID/GID support with the pax format, one
+ has to use pax -x pax.
+
+
+
+ s10# zoneadm -z s10zonename halt
+ s10# zoneadm -z s10zonename ready
+ s10# cd /export/zones/s10zonename # use actual zonepath
+ s10# pax -x pax -wvf /net/somehost/v2v/s10zonename.pax root
+ s10# bzip2 /net/somehost/v2v/s10zonename.pax
+
+
+
+ Example 5 Creating a ZFS Archive for Install
@@ -320,7 +395,7 @@
- Example 4 Installing a Zone Using a ZFS Archive
+ Example 6 Installing a Zone Using a ZFS Archive
@@ -334,7 +409,7 @@
- Example 5 Setting the Zone's Active Boot Environment From the Global
+ Example 7 Setting the Zone's Active Boot Environment From the Global
Zone
@@ -344,7 +419,7 @@
- Example 6 Creating a New Boot Environment From a Solaris10 Branded Zone
+ Example 8 Creating a New Boot Environment From a Solaris10 Branded Zone
@@ -385,7 +460,7 @@
- Example 7 Install Solaris 10 image earlier than Update 9
+ Example 9 Install Solaris 10 image earlier than Update 9
@@ -412,7 +487,7 @@
- Example 8 Disable the non-executable stack in the branded zone at boot
+ Example 10 Disable the non-executable stack in the branded zone at boot
@@ -438,11 +513,11 @@
SEE ALSO
- zlogin(1), zonename(1), attributes(7), brands(7), firewall(7),
- pf.conf(7), solaris-kz(7), zones(7), archiveadm(8), dladm(8), zfs(8),
- zoneadm(8), zonecfg(8)
+ pax(1), tar(1), zlogin(1), zonename(1), attributes(7), brands(7), fire-
+ wall(7), pf.conf(7), solaris-kz(7), zones(7), archiveadm(8), dladm(8),
+ zfs(8), zoneadm(8), zonecfg(8)
NOTES
This feature might be removed in a future release of Oracle Solaris.
-Oracle Solaris 11.4 10 Mar 2023 so...0(7)
+Oracle Solaris 11.4 19 Feb 2025 so...0(7)
diff -NurbBw 11.4.78/man7/zones.7 11.4.81/man7/zones.7
--- 11.4.78/man7/zones.7 2025-05-11 12:25:32.688058581 -0700
+++ 11.4.81/man7/zones.7 2025-05-11 12:25:46.818191797 -0700
@@ -324,6 +324,25 @@
+ Zone Migration
+ A zone can be migrated to a compatible host. All brands can be migrated
+ while in an inactive state but the solaris-kz brand also supports live
+ migration which means that the zone can be running while it is being
+ migrated.
+
+
+ Several requirements need to be met in order to be able to migrate a
+ zone:
+
+ o The zone must be hosted on shared storage available from
+ both hosts.
+
+
+ o The system time on both hosts must be synchronized.
+
+
+ See brand specific manual pages for other requirements.
+
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
@@ -341,4 +360,4 @@
gadm(8), sshd(8), svc.zones(8), sysdef(8), zfs(8), zoneadm(8),
zonecfg(8), crgetzoneid(9F)
-Oracle Solaris 11.4 17 Jan 2024 zo...s(7)
+Oracle Solaris 11.4 10 Jan 2025 zo...s(7)
diff -NurbBw 11.4.78/man8/bootadm.8 11.4.81/man8/bootadm.8
--- 11.4.78/man8/bootadm.8 2025-05-11 12:25:32.726996739 -0700
+++ 11.4.81/man8/bootadm.8 2025-05-11 12:25:46.874443472 -0700
@@ -24,7 +24,7 @@
x86 only
- /usr/sbin/bootadm install-bootloader [-BGMfrsv] [-P pool] [-R path]
+ /usr/sbin/bootadm install-bootloader [-BGMfv] [-P pool] [-R path]
[device1 ... deviceN]
@@ -410,7 +410,7 @@
moved.
- install-bootloader [-BGMfrsv] [-P pool] [-R path] [device1 ... deviceN]
+ install-bootloader [-BGMfv] [-P pool] [-R path] [device1 ... deviceN]
Install the system bootloader. If a list of devices is specified,
the bootloader will be installed only on the given devices. Other-
@@ -435,21 +435,8 @@
x86 with UEFI firmware only
- By default, the Secure Boot is disabled.
-
- To install the Secure Boot, use the -s option.
-
- To uninstall the Secure Boot, use the -r option.
-
- Note -
-
-
-
-
- After the uninstall operation, disable the Secure Boot in the
- UEFI BIOS setup on reboot.
-
-
+ GRUB as delivered in Solaris supports UEFI Secure Boot. To ac-
+ tivate it, enable Secure Boot in the system's UEFI firmware.
@@ -817,4 +804,4 @@
https://www.gnu.org/software/grub/
-Oracle Solaris 11.4 27 Nov 2017 bootadm(8)
+Oracle Solaris 11.4 12 July 2024 bootadm(8)
diff -NurbBw 11.4.78/man8/dladm.8 11.4.81/man8/dladm.8
--- 11.4.78/man8/dladm.8 2025-05-11 12:25:32.930992037 -0700
+++ 11.4.81/man8/dladm.8 2025-05-11 12:25:47.007150242 -0700
@@ -143,6 +143,10 @@
dladm delete-veth [-t] {veth_endpoint | peer_veth_endpoint}
+ dladm show-transceiver [-x] [[-p] -o field[,...]]
+ [-f parameter[,...]] [ether-link]
+
+
dladm help [subcommand-name]
DESCRIPTION
@@ -4069,6 +4073,62 @@
+
+
+ dladm show-transceiver [-x] [[-p] -o field[,...]]
+ [-f parameter[,...]] [ether-link]
+
+
+ Shows identification and state information provided by pluggable
+ transceiver for a single or all Ethernet datalinks. The subcommand
+ depends on support in underlying NIC driver and NIC firmware. The
+ following options are accepted:
+
+
+ -x, --extended
+
+ Extended output. Shows details about the transceiver including
+ diagnostic information if it is available.
+
+
+ -p, --parseable
+
+ Displays using a stable machine-parseable format. The -o option
+ is required with -p option. See "Parseable Output Format" be-
+ low.
+
+
+ -o field[,...], --output=field[,...]
+
+ A case-insensitive, comma-separated list of output fields to
+ display. The field name must be one of the fields listed below,
+ or the special value all, to display all fields. For each
+ transceiver's parameter, the following fields can be displayed:
+
+
+ LINK The name of the datalink.
+
+
+ NAME The name of the parameter.
+
+
+ VALUE The read-only value of the parameter.
+
+
+ UNIT The unit of measurement.
+
+
+
+
+ -f parameter[,...], --filter=parameter[,...]
+
+ Enables output filtering. The argument is a comma separated
+ list of transceiver parameter names. Parameters that are not on
+ the list are not displayed.
+
+
+
+
help [subcommand-name]
Displays all the supported dladm subcommands or usage for a given
@@ -6820,6 +6880,11 @@
fields: HWPOSSIBLE, SWPOSSIBLE, HWFLAGS, SWFLAGS and MODE have an in-
terface stability of Volatile.
+
+ Note that the set of parameter names and corresponding values displayed
+ by the dladm show-transceiver subcommand have an interface stability of
+ Volatile.
+
SEE ALSO
dlpi(4P), attributes(7), ieee802.3(7), acctadm(8), autopush(8),
datalink-management(5), dlstat(8), evsadm(8), ibadm(8), ifconfig(8),
@@ -6904,6 +6969,8 @@
+------------------------------------------------+-----------+
| SUBCOMMAND | RELEASE |
+------------------------------------------------+-----------+
+ | show-transceiver | 11.4.81 |
+ +------------------------------------------------+-----------+
| create-wlan, delete-wlan, reset-wlan, | 11.4.0 |
| set-wlan, show-wlan | |
+------------------------------------------------+-----------+
@@ -6937,4 +7004,4 @@
+------------------------------------------------+-----------+
-Oracle Solaris 11.4 13 Sep 2024 dladm(8)
+Oracle Solaris 11.4 20 Jan 2025 dladm(8)
diff -NurbBw 11.4.78/man8/ipadm.8 11.4.81/man8/ipadm.8
--- 11.4.78/man8/ipadm.8 2025-05-11 12:25:33.007087012 -0700
+++ 11.4.81/man8/ipadm.8 2025-05-11 12:25:47.139686168 -0700
@@ -2142,6 +2142,13 @@
Default is on.
+ send-unreachables (IP, IPMP)
+
+ Enables/disables sending of ICMP unreachable responses to packets
+ received via the specified interface. Possible values are on or
+ off. Default is on.
+
+
standby (IP)
Specifies whether the interface is configured as a standby inter-
@@ -3053,4 +3060,4 @@
Layers, Information Sciences Institute, University of Southern Califor-
nia, October 1989.
-Oracle Solaris 11.4 3 Nov 2021 ipadm(8)
+Oracle Solaris 11.4 5 Dec 2024 ipadm(8)
diff -NurbBw 11.4.78/man8/kmipcfg.8 11.4.81/man8/kmipcfg.8
--- 11.4.78/man8/kmipcfg.8 2025-05-11 12:25:33.063763236 -0700
+++ 11.4.81/man8/kmipcfg.8 2025-05-11 12:25:47.177726240 -0700
@@ -149,10 +149,8 @@
failover_limit=allowed_number_of_failovers
- The optional upper boundary of allowed failovers between KMIP
- servers defined in server_list. If failover_limit is not speci-
- fied or is set to 0, the failover limit defaults to 2. If
- failover_limit is set to -1, the failover will be disabled.
+ This setting is Obsolete and no longer used; each configured
+ server is tried once.
client_keystore=path_to_the_keystore
@@ -808,6 +806,9 @@
cluded.
HISTORY
+ The failover_limit property was Obsoleted in Oracle Solaris 11.4.81.
+
+
The version property was added in Oracle Solaris 11.4.42.
@@ -821,4 +822,4 @@
The kmipcfg command was introduced in Oracle Solaris 11.3.17.
-Oracle Solaris 11.4 13 Sep 2024 kmipcfg(8)
+Oracle Solaris 11.4 18 Feb 2025 kmipcfg(8)
diff -NurbBw 11.4.78/man8/ldm.8 11.4.81/man8/ldm.8
--- 11.4.78/man8/ldm.8 2025-05-11 12:25:33.336368383 -0700
+++ 11.4.81/man8/ldm.8 2025-05-11 12:25:47.426964222 -0700
@@ -4344,30 +4344,20 @@
o -r autosave-name applies the autosave configuration data to
- one of the following:
-
-
- o Configuration on the SP that has the same name
-
-
- o Newly created configuration, new-config-name, which does
- not exist on the SP
-
- If the target configuration does not exist on the SP, a configura-
- tion of that name is created and saved to the SP based on the con-
- tents of the corresponding autosave configuration. After the au-
- tosave configuration data is applied, those autosave files are
- deleted from the control domain. If autosave-name does not repre-
- sent the currently selected configuration, or if new-config-name is
- specified, the state of the current configuration on the SP and any
- autosave files for it on the control domain are unaffected.
-
- Updates the specified configuration based on the autosave informa-
- tion. Note that you must perform a power cycle after using this
- command to instantiate the updated configuration.
-
-
- o new-config-name is the name of the SP configuration to add.
+ either the existing configuration on the SP that has the
+ same name, or a newly created configuration, new-config-
+ name, which must not already exist on the SP.
+
+ The SP configuration is updated or created based on the con-
+ tents of the autosave configuration for autosave-name. After
+ the autosave configuration data is applied, the autosave
+ metadata is updated so it is no longer considered newer than
+ the saved configuration.
+
+ If autosave-name does not represent the currently selected
+ configuration, or if new-config-name is specified, the state
+ of the current configuration on the SP and any autosave
+ files for it on the control domain are unaffected.
Set an SP Configuration
@@ -4493,35 +4483,44 @@
Syntax:
- ldm set-logctl [cmd=[on|off|resp]] [debug=[on|off]] [history=num] [info=[on|off]] [notice=[on|off]] [warning=[on|off]] [defaults]
+ ldm set-logctl [cmd=[off|on|resp]] [debug=[off|on|func|v|vv]] [history=num] [info=[off|on|func]] [notice=[off|on|func]] [warning=[off|on|func]] [defaults]
where:
- o cmd=[on|off|resp] specifies how to treat command messages.
+ o cmd=[off|on|resp] specifies how to treat command messages.
Specify the on value to enable, the off value to disable, or
the resp value to log the command and its command response.
- o debug=[on|off] specifies how to treat debug messages. Spec-
- ify the on value to enable or the off value to disable these
- messages.
-
-
- o info=[on|off] specifies how to treat informational messages.
- Specify the on value to enable or the off value to disable
- these messages.
-
-
- o notice=[on|off] specifies how to treat messages that indi-
- cate that an event requires user attention. Specify the on
- value to enable or the off value to disable these messages.
-
-
- o warning=[on|off] specifies how to treat warning messages.
- Specify the on value to enable or the off value to disable
- these messages.
+ o debug=[off|on|func|v|vv] specifies how to treat debug mes-
+ sages. Specify the on value to enable or the off value to
+ disable these messages. Specify the func value to enable
+ these messages, including the name of the function request-
+ ing the log entry. Specify v to enable verbose debug log-
+ ging, and vv to enable very verbose debug logging.
+
+
+ o info=[off|on|func] specifies how to treat informational mes-
+ sages. Specify the on value to enable or the off value to
+ disable these messages. Specify the func value to enable
+ these messages, including the name of the function request-
+ ing the log entry.
+
+
+ o notice=[off|on|func] specifies how to treat messages that
+ indicate that an event requires user attention. Specify the
+ on value to enable or the off value to disable these mes-
+ sages. Specify the func value to enable these messages, in-
+ cluding the name of the function requesting the log entry.
+
+
+ o warning=[off|on|func] specifies how to treat warning mes-
+ sages. Specify the on value to enable or the off value to
+ disable these messages. Specify the func value to enable
+ these messages, including the name of the function request-
+ ing the log entry.
o history=num specifies the number of commands output by the
@@ -7205,4 +7204,4 @@
Oracle VM Server for SPARC 3.6 Administration Guide
-Oracle Solaris 11.4 14 Aug 2024 ldm(8)
+Oracle Solaris 11.4 14 Jan 2025 ldm(8)
diff -NurbBw 11.4.78/man8/nscd.8 11.4.81/man8/nscd.8
--- 11.4.78/man8/nscd.8 2025-05-11 12:25:33.372143114 -0700
+++ 11.4.81/man8/nscd.8 2025-05-11 12:25:47.458655332 -0700
@@ -18,20 +18,20 @@
[-L newlogfile]
DESCRIPTION
- The nscd daemon provides caching for most name service requests to im-
- prove performance. nscd provides a consistent dynamic name service con-
- figuration to all processes.
+ The SMF service svc:/system/name-service/cache is started at boot, it
+ runs the nscd daemon (as per the first command synposis). The service
+ provides caching for most name service requests to improve performance
+ and to provide a consistent dynamic name service configuration to all
+ processes. Once the service is started two or more nscd processes will
+ be running as viewed using any command that lists processes such as ps,
+ prstat or ptree. One process will be shown as /usr/sbin/nscd and an-
+ other as nscd-worker.
nscd is also an administrative tool that transparently passes options
to the running daemon (see the second command synopsis).
- The nscd daemon starts at system boot by the svc:/system/name-ser-
- vice/cache SMF service and requires no administrative interaction. To
- manually start the daemon, see the first nscd command synopsis.
-
-
The service's properties define the behavior of the cache daemon as
shown in the nscd.conf(5) man page.
@@ -43,9 +43,9 @@
nscd provides caching for the auth_attr, bootparams, ethers, exec_attr,
group, hosts, ipnodes, netmasks, networks, passwd, prof_attr, project
protocols, rpc, services, and user_attr, databases by using standard
- libc interfaces, such as getaddrinfo(), getnameinfo(), getpwnam(), and
- others. The shadow file is purposefully not cached. As a result, getsp-
- nam() calls are not cached.
+ libc(3LIB) interfaces, such as getaddrinfo(), getnameinfo(),
+ getpwnam(), and others. The shadow file is purposefully not cached. As
+ a result, getspnam() calls are not cached.
Each cache has a separate time-to-live (TTL) for its data. By default,
@@ -53,9 +53,13 @@
validated upon the next call to nscd.
- The nscd restarts when you update or refresh any of the following ser-
- vices that nscd optionally depends. When nscd restarts, the caches are
- effectively cleared.
+ The nscd worker process restarts when you update or refresh any of the
+ following services that nscd optionally depends. When nscd restarts,
+ the caches are effectively cleared.
+
+ o svc:/system/name-service/switch:default, see
+ nsswitch.conf(5)
+
o svc:/network/nis/client:default, see ypbind(8) and yp-
files(5)
@@ -64,64 +68,74 @@
o svc:/network/ldap/client:default, see ldapclient(8)
+ o svc:/network/dns/client:default, see resolv.conf(5)
+
+
o svc:/network/dns/multicast:default, see avahi-daemon(8)
The files and services monitoring provide a consistent dynamic name
- service configuration to all processes as all standard libc interfaces
- interact with nscd. So, when you commit a configuration change, nscd
- causes all subsequent calls to use that configuration. So, it is best
- to ensure that nscd is always running.
-
-
- For comparison, when nscd is not used, processes only gather configura-
- tion information upon their initial relevant libc call. Subsequent
- calls use that same configuration until those processes are restarted.
-
-
- For example, consider a system that does not have nscd running. Updat-
- ing that system to use LDAP or NIS, nsswitch.conf(5) is updated to add
- those sources. As nscd is not running, processes already started before
- the configuration change (such as svc.startd and svc.configd) would not
- use the new source. In that instance, you should start the nscd service
- (svcadm enable name-service/cache) so that all processes benefit from
- the change, or you should reboot the system to ensure that a consistent
- configuration is used by all processes.
-
-
- When running with per-user lookups enabled (enable_per_user_lookup in
- nscd.conf(5)), nscd forks exactly one child process (a per-user nscd)
- on behalf of the user who makes the request. The per-user nscd uses the
- credentials of the user to open a per-user connection to the name
- repository that is configured for the per-user style of lookups. The
- lookup will be performed in the child process. The results are cached
- in the process and are available only to the same user. The caches are
- managed exactly the same as the main nscd daemon manages its own
- caches. Subsequent requests from the user will be handled by that per-
- user nscd until it terminates. The per-user nscd uses a configurable
- inactivity time-to-live (TTL) value and terminates itself after the in-
- activity TTL expires.
+ service configuration to all processes as all standard libc(3LIB) in-
+ terfaces interact with svc:/system/name-service/cache:default daemon
+ process nscd. So, when you commit a configuration change, nscd causes
+ all subsequent calls to use that configuration.
+
+
+ When svc:/system/name-service/cache:default is disabled, processes mak-
+ ing libc(3LIB) calls that would perform a naming lookup will only per-
+ form local files or dns lookups. Other databases configured in
+ nsswitch.conf(5) are not used, meaning lookups using LDAP, NIS or any
+ other configured repository are not supported when nscd is not running.
+ When nscd is running, processes will send all requests to nscd. Lookups
+ are performed using the configuration nsswitch.conf(5) and all config-
+ ured and supported repositories according to their respective configu-
+ ration. Any changes made through the naming SMF services will automati-
+ cally refresh nscd configuration accordingly. The nscd command is de-
+ signed to handle configuration updates on a live system without the
+ need to restart user processes. The nscd will restart automatically, if
+ necessary, and use any updated configuration for all new lookup re-
+ quests. All processes benefit from the configuration change automati-
+ cally. There should be no reason to reboot the system as nscd will en-
+ sure that a consistent up to date configuration is used by all
+ processes.
+
+
+ For example, when updating a system to use LDAP or NIS, nss-
+ witch.conf(5) is updated to add those sources. The nscd process will be
+ notified of the updated configuration by SMF through one or more of the
+ SMF services such as svc:/system/name-service/switch and nscd will re-
+ fresh or restart accordingly. All existing and future processes benefit
+ from the changes. There is no need to restart processes or reboot the
+ system to ensure that the new configuration is used by all processes.
+
+ Per-User Lookups
+ With per-user lookups, see (enable_per_user_lookup in nscd.conf(5)),
+ enabled multiple other nscd processes may be running. When the nscd
+ daemon is started it checks to ensure all conditions are met before
+ getting ready to create a per-user nscd.
+
+
+ In this mode nscd forks exactly one child process, a per-user nscd, on
+ behalf of the user who makes the request. It uses the LDAP GSSAPI cre-
+ dentials of the user to open a per-user connection to the name reposi-
+ tory that is configured for the per-user style of lookups, and utilizes
+ the same configuration as the main nscd for its entire lifetime. See
+ ldap(7) for more details. The lookup will be performed in the child
+ nscd process. The results are cached in the process and are available
+ only to the same user. The caches are managed exactly the same as the
+ main nscd daemon manages its own caches. Subsequent requests from the
+ user will be handled by that per-user nscd until it terminates. The
+ per-user nscd uses a configurable inactivity time-to-live (TTL) value
+ and terminates itself after the inactivity TTL expires.
The maximum number of per-user nscd processes that can be created by
the main nscd is configurable (see nscd.conf(5)). After the maximum
number of them are created, the main nscd will use a Least Recently
Used (LRU) algorithm to terminate less active child nscd processes as
- needed.
-
-
- The main nscd daemon creates, monitors, and manages all the child nscd
- processes. It creates a user's own nscd upon receiving the user's first
- per-user lookup. When the nscd daemon is started, if per-user lookups
- are enabled, it checks to ensure all conditions are met before getting
- ready to create a per-user nscd. When the daemon is stopped, it termi-
- nates all the per-user nscd processes under its control.
-
-
- Per-user nscd processes use the same configuration as the main nscd.
- Once the configuration is read, the per-user nscd will use it for its
- entire lifetime.
+ needed. When the main daemon is stopped, it terminates all the per-user
+ nscd processes under its control.
OPTIONS
Several of the options described below require a cachename specifica-
@@ -264,10 +278,20 @@
svc:/system/name-service/cache, see nscd.conf(5).
- /etc/nsswitch.conf, /etc/resolv.conf
+ /etc/nsswitch.conf
+
+ Modifying this file by updating the svc:/system/name-service/switch
+ SMF service causes nscd-worker to restart and flush all caches. If
+ the SMF service is disabled, the system will require a reboot to
+ ensure that all user processes are updated with any changes. See
+ nsswitch.conf(5).
+
- Monitored. Modifying the file causes nscd to restart and flush all
- caches. See nsswitch.conf(5) and resolv.conf(5).
+ /etc/resolv.conf
+
+ Modifying the file by updating the svc:/network/dns/client:default
+ SMF service causes nscd and any process linked with libresolv(3LIB)
+ to update the current configuration. See resolv.conf(5).
/etc/bootparams, /etc/ethers, /etc/group, /etc/inet/hosts,
@@ -321,4 +345,7 @@
Starting with Oracle Solaris 11.4, the nscd daemon must be running for
ldap(7) services to function correctly.
-Oracle Solaris 11.4 17 Jan 2024 nscd(8)
+
+ The nscd-worker process was added in SRU78.
+
+Oracle Solaris 11.4 6 Jan 2025 nscd(8)
diff -NurbBw 11.4.78/man8/ovmtprop.8 11.4.81/man8/ovmtprop.8
--- 11.4.78/man8/ovmtprop.8 2025-05-11 12:25:33.400996642 -0700
+++ 11.4.81/man8/ovmtprop.8 2025-05-11 12:25:47.500860889 -0700
@@ -134,6 +134,112 @@
...
+ Example 5 Setting the com.oracle.solaris Properties on a Guest Domain
+ using ovmtconfig and ovmt_s10_sysidcfg.sh script
+
+
+
+ This example shows how to set the com.oracle.solaris properties to so-
+ laris 10 guest domain using ovmtconfig.
+
+
+
+ The ovmtconfig utility requires a configuration properties file that
+ provides the guest domain configuration parameters. The solaris.proper-
+ ties file is available in the /opt/ovmtutils/share/props directory.
+
+
+
+ Make a copy of the solaris.properties file to use for the guest do-
+ main's configuration properties file.
+
+
+ primary# cp -ip /opt/ovmtutils/share/props/solaris.properties /var/tmp/solaris10.props
+
+
+
+
+ Edit the file and enter the parameters that are appropriate for the
+ guest domain.
+
+
+
+ Here's an example of an edited solaris10.props file:
+
+
+ primary# cat /var/tmp/solaris10.props
+ com.oracle.solaris.system.computer-name=test
+ com.oracle.solaris.system.time-zone=US/Pacific
+ com.oracle.solaris.root-password=xxxxx
+ com.oracle.solaris.system.ifname=vnet0
+ com.oracle.solaris.network.ipaddr.0=192.168.10.10
+ com.oracle.solaris.network.netmask.0=255.255.255.0
+ com.oracle.solaris.network.gateway.0=192.168.10.1
+
+
+
+
+ Copy and modify the ovmt_s10_sysidcfg.sh script.
+
+
+
+ The ovmt_s10_sysidcfg.sh script is used by the ovmtconfig utility to
+ configure an Oracle Solaris 10 domain based on property values.
+
+
+
+ Caution - The default script resets the /export/home file system in the
+ guest domain. This action deletes all the potential local home directo-
+ ries of users that existed on the source system. If no users have their
+ home directories in the guest domain (for example, home directories are
+ provided by NFS servers), then there is no need to modify this script.
+
+
+
+ In this example, the database admin user has a local home directory
+ that must be preserved, therefore the script must be modified.
+
+
+
+ The sed command is used to copy and comment out the resetZFS line in
+ the file: Then the permissions are changed to enable the execution per-
+ mission.
+
+
+ primary# sed -e 's, resetZFS, #resetZFS,' /opt/ovmtutils/share/scripts/ovmt_s10_sysidcfg.sh > /var/tmp/ovmt_s10_sysidcfg.sh
+ primary# chmod a+rx /var/tmp/ovmt_s10_sysidcfg.sh
+
+
+
+
+ Login to the target guest domain as superuser and unconfigure the guest
+ domain
+
+
+
+ The sys-unconfig command resets a system's configuration so that it is
+ ready to be reconfigured. The system's configuration consists of the
+ hostname, Network Information Service (NIS) domain name, timezone, IP
+ address, IP subnet mask, and root password.
+
+
+ SourceGuestDomain:/# sys-unconfig
+
+
+
+
+ Apply the configuration (Make sure the guest domain is stopped, before
+ applying the confguration)
+
+
+ primary# /opt/ovmtutils/bin/ovmtconfig -d solaris10 -c /var/tmp/ovmt_s10_sysidcfg.sh -v -P /var/tmp/solaris10.props
+
+
+
+
+ Start the guest domain and verify the domain is coming up with config-
+ ured properties.
+
EXIT STATUS
The following exit values are returned:
@@ -169,4 +275,4 @@
Oracle VM Server for SPARC 3.6 Developer's Guide
-Oracle Solaris 11.4 14 Jun 2023 ovmtprop(8)
+Oracle Solaris 11.4 16 Jan 2025 ovmtprop(8)
diff -NurbBw 11.4.78/man8/su.8 11.4.81/man8/su.8
--- 11.4.78/man8/su.8 2025-05-11 12:25:33.439366619 -0700
+++ 11.4.81/man8/su.8 2025-05-11 12:25:47.540175009 -0700
@@ -201,11 +201,14 @@
SLEEPTIME If present, sets the number of seconds to wait before
login failure is printed to the screen and another lo-
gin attempt is allowed. Default is 4 seconds. Minimum
- is 0 seconds. Maximum is 5 seconds.
+ is 0 seconds. Maximum is 30 seconds.
Both su and login(1) are affected by the value of
SLEEPTIME.
+ In prior releases the sleep was implemented in su, it
+ is now implemented in pam_unix_auth(7).
+
ATTRIBUTES
@@ -225,4 +228,4 @@
passwd(5), profile(5), sulog(5), attributes(7), environ(7), sudo(8),
syslogd(8), account-policy(8S)
-Oracle Solaris 11.4 6 Oct 2022 su(8)
+Oracle Solaris 11.4 15 Jan 2025 su(8)
diff -NurbBw 11.4.78/man8/sulogin.8 11.4.81/man8/sulogin.8
--- 11.4.78/man8/sulogin.8 2025-05-11 12:25:33.465736158 -0700
+++ 11.4.81/man8/sulogin.8 2025-05-11 12:25:47.566763901 -0700
@@ -13,7 +13,7 @@
system maintenance mode (single-user mode) or to type EOF (typically
CTRL-D) for normal startup (multi-user mode). The user should never di-
rectly invoke sulogin. The user must have the solaris.system.mainte-
- nance authorization.
+ nance authorization, or have been granted the root role.
The sulogin utility can prompt the user to enter the root password on a
@@ -73,4 +73,4 @@
tem.maintenance authorization should be directly granted to appropriate
users rather than through the Console User Rights Profile.
-Oracle Solaris 11.4 21 Jun 2021 sulogin(8)
+Oracle Solaris 11.4 28 Jan 2025 sulogin(8)
diff -NurbBw 11.4.78/man8/useradd.8 11.4.81/man8/useradd.8
--- 11.4.78/man8/useradd.8 2025-05-11 12:25:33.516105469 -0700
+++ 11.4.81/man8/useradd.8 2025-05-11 12:25:47.605639771 -0700
@@ -376,9 +376,11 @@
The UID of the new user. This UID must be a non-negative decimal
integer below MAXUID as defined in <sys/param.h>. The UID defaults
to the next available (unique) number above the highest number cur-
- rently assigned. For example, if UIDs 100, 105, and 200 are as-
- signed, the next default UID number will be 201. UIDs 0-99 are re-
- served for allocation by the Solaris Operating System.
+ rently assigned, starting at 1000. For example, if UIDs 1000, 1005,
+ and 2000 are assigned, the next default UID number will be 2001.
+ UIDs 0-99 are reserved for allocation by the Solaris Operating Sys-
+ tem. UIDs 100-499 are reserved for dynamic allocation by package
+ installation via pkg(1).
EXAMPLES
@@ -724,10 +726,11 @@
SEE ALSO
- auths(1), passwd(1), profiles(1), roles(1), getdate(3C), auth_attr(5),
- group(5), passwd(5), prof_attr(5), project(5), shadow(5), user_attr(5),
- attributes(7), labels(7), rbac(7), groupadd(8), groupdel(8), group-
- mod(8), grpck(8), logins(8), pwck(8), pwconv(8), roledel(8), userdel(8)
+ auths(1), passwd(1), pkg(1) profiles(1), roles(1), getdate(3C),
+ auth_attr(5), group(5), passwd(5), prof_attr(5), project(5), shadow(5),
+ user_attr(5), attributes(7), labels(7), rbac(7), groupadd(8),
+ groupdel(8), groupmod(8), grpck(8), logins(8), pwck(8), pwconv(8),
+ roledel(8), userdel(8)
Managing User Accounts and User Environments in Oracle Solaris 11.4
@@ -846,4 +849,4 @@
The useradd and usermod commands were introduced in Solaris 2.0.
-Oracle Solaris 11.4 13 Sep 2024 useradd(8)
+Oracle Solaris 11.4 11 Feb 2025 useradd(8)
diff -NurbBw 11.4.78/man8/zdb.8 11.4.81/man8/zdb.8
--- 11.4.78/man8/zdb.8 2025-05-11 12:25:33.550645378 -0700
+++ 11.4.81/man8/zdb.8 2025-05-11 12:25:47.632190815 -0700
@@ -9,12 +9,12 @@
DESCRIPTION
The zdb command is used by support engineers to diagnose failures and
gather statistics. Since the ZFS file system is always consistent on
- disk and is self-repairing, zdb should only be run under the direction
- by a support engineer.
+ disk and is self-repairing, zdb should only be run by or under the di-
+ rection of a support engineer.
If no arguments are specified, zdb performs basic consistency checks on
- the pool and associated datasets, and report any problems detected.
+ the pool and associated datasets, and reports any problems detected.
Any options supported by this command are internal to Oracle and sub-
@@ -47,4 +47,4 @@
SEE ALSO
attributes(7), zfs(8), zpool(8)
-Oracle Solaris 11.4 10 Aug 2017 zdb(8)
+Oracle Solaris 11.4 17 Mar 2025 zdb(8)
diff -NurbBw 11.4.78/man8/zfs_allow.8 11.4.81/man8/zfs_allow.8
--- 11.4.78/man8/zfs_allow.8 2025-05-11 12:25:33.585391039 -0700
+++ 11.4.81/man8/zfs_allow.8 2025-05-11 12:25:47.674203803 -0700
@@ -5,10 +5,10 @@
privileged users
SYNOPSIS
- zfs help subcommand | help | property property-name | permission
+ zfs help [subcommand | [property] property-name | permission
- zfs help -l properties
+ zfs help [-l] properties
zfs allow filesystem|volume
@@ -80,9 +80,9 @@
send subcommand Allows sending of snapshots
share subcommand Allows sharing file systems over NFS or
SMB protocols
- snapshot subcommand Allows taking of snapshots
snapdestroy subcommand Also requires the 'mount' ability if
the snapshot is mounted.
+ snapshot subcommand Allows taking of snapshots
groupquota other Allows accessing any groupquota@...
property
groupused other Allows reading any groupused@...
@@ -111,20 +110,20 @@
Displays a help message.
- zfs help command | help | property property-name | permission
+ zfs help [command | [property] property-name | permission]
Displays zfs command usage information. You can display help for a
- specific command, property, or delegated permission. If you display
- help for a specific command or property, the command syntax or
- property value is displayed. Using zfs help without any arguments
- displays a complete list of zfs commands.
+ specific subcommand, property, or delegated permission. If you dis-
+ play help for a specific subcommand or property, the subcommand
+ syntax or property value is displayed. Using zfs help without any
+ arguments displays a complete list of zfs subcommands.
- zfs help -l properties
+ zfs help [-l] properties
- Displays zfs property information, including whether the property
- value is editable, inheritable, and delegatable, and their possible
- values.
+ Displays ZFS property information. If the -l option is specified,
+ the list includes whether the property value is editable, inherita-
+ ble, and delegatable, and the possible values for the property.
zfs allow filesystem | volume
@@ -141,7 +140,7 @@
Delegates ZFS administration permission for the file systems to
non-privileged users.
- [-ug] everyone|user|group[,...]
+ [-u|-g] everyone|user|group[,...]
Specifies to whom the permissions are delegated. Multiple enti-
ties can be specified as a comma-separated list. If neither of
@@ -149,7 +148,7 @@
preferentially as the keyword everyone, then as a user name,
and lastly as a group name. To specify a user or group named
"everyone", use the -u or -g options. To specify a group with
- the same name as a user, use the -g options.
+ the same name as a user, use the -g option.
[-e] perm|@setname[,...]
@@ -165,11 +164,11 @@
[-ld] filesystem|volume
Specifies where the permissions are delegated. If neither of
- the -ld options are specified, or both are, then the permis-
- sions are allowed for the file system or volume, and all of its
- descendents. If only the -l option is used, then is allowed
+ the -l or -d options are specified, or both are, then the per-
+ missions are allowed for the file system or volume, and all of
+ its descendants. If only the -l option is used, then is allowed
"locally" only for the specified file system. If only the -d
- option is used, then is allowed only for the descendent file
+ option is used, then is allowed only for the descendant file
systems.
@@ -178,14 +177,14 @@
zfs allow -c perm|@setname[,...] filesystem|volume
Sets "create time" permissions. These permissions are granted (lo-
- cally) to the creator of any newly-created descendent file system.
+ cally) to the creator of any newly-created descendant file system.
zfs allow -s @setname perm|@setname[,...] filesystem|volume
Defines or adds permissions to a permission set. The set can be
used by other zfs allow commands for the specified file system and
- its descendents. Sets are evaluated dynamically, so changes to a
+ its descendants. Sets are evaluated dynamically, so changes to a
set are immediately reflected. Permission sets follow the same nam-
ing restrictions as ZFS file systems, but the name must begin with
an "at sign" (@), and can be no more than 64 characters long.
@@ -194,8 +193,7 @@
zfs unallow [-rldug] everyone|user|group[,...] [perm|@setname[, ...]]
filesystem|volume
zfs unallow [-rld] -e [perm|@setname [,...]] filesystem|volume
- zfs unallow [-r] -c [perm|@setname[,...]]
- filesystem|volume
+ zfs unallow [-r] -c [perm|@setname[,...]] filesystem|volume
Removes permissions that were granted with the zfs allow command.
No permissions are explicitly denied, so other permissions granted
@@ -210,8 +208,7 @@
-r
Recursively remove the permissions from this file system and
- all descendents.
-
+ all descendants.
@@ -338,19 +335,13 @@
EXIT STATUS
The following exit values are returned:
- 0
+ 0 Successful completion.
- Successful completion.
+ 1 An error occurred.
- 1
- An error occurred.
-
-
- 2
-
- Invalid command line options were specified.
+ 2 Invalid command line options were specified.
ATTRIBUTES
@@ -366,11 +357,70 @@
SEE ALSO
- chmod(2), chown(2), attributes(7), zfs(8), zpool(8)
+ chmod(2), chown(2), acl(7), attributes(7), zfs(8), zfs_encrypt(8),
+ zfs_share(8), zpool(8)
- For information about using other ZFS features, see zfs_encrypt.8,
- zfs_share.8, zfs(8) and the Managing ZFS File Systems in Oracle Solaris
+ For information about using other ZFS features, see zfs_encrypt(8),
+ zfs_share(8), zfs(8), and Managing ZFS File Systems in Oracle Solaris
11.4.
-Oracle Solaris 11.4 16 Feb 2023 zfs_allow(8)
+HISTORY
+ ZFS delegated permissions were introduced in the Solaris 10 8/08 (Up-
+ date 6) release.
+
+
+ For the history of zfs subcommands, options, and native properties, see
+ zfs(8).
+
+
+ For a history of ZFS pool and file system versions, see Appendix A, Or-
+ acle Solaris ZFS Version Descriptions in Managing ZFS File Systems in
+ Oracle Solaris 11.4.
+
+ Permissions
+ Support for the following delegated permissions was added in the listed
+ Solaris release:
+
+ +---------------------------------------+---------------------+
+ | PERMISSION | RELEASE |
+ +---------------------------------------+---------------------+
+ | dump, swap | 11.4.60 |
+ +---------------------------------------+---------------------+
+ | snapdestroy | 11.4.54 |
+ +---------------------------------------+---------------------+
+ | unicode | 11.4.51 |
+ +---------------------------------------+---------------------+
+ | defaultreadlimit, defaultwritelimit, | 11.4.0 |
+ | readlimit, writelimit | |
+ +---------------------------------------+---------------------+
+ | defaultgroupquota, defaultuserquota | 11.2.8 |
+ +---------------------------------------+---------------------+
+ | multilevel | 11.1.0 |
+ +---------------------------------------+---------------------+
+ | dedup, encryption, key, keychange, | 11.0.0 |
+ | keysource, nbmand, shadow, sharesmb | |
+ +---------------------------------------+---------------------+
+ | diff, rstchown, sync | 10 8/11 (Update 10) |
+ +---------------------------------------+---------------------+
+ | hold, logbias, release | 10 9/10 (Update 9) |
+ +---------------------------------------+---------------------+
+ | groupquota, groupused, primarycache, | 10 10/09 (Update 8) |
+ | secondarycache, userquota, userused | |
+ +---------------------------------------+---------------------+
+ | aclinherit, aclmode, allow, atime, | 10 8/08 (Update 6) |
+ | canmount, casesensitivity, checksum, | |
+ | clone, compression, copies, create, | |
+ | destroy, devices, exec, mount, | |
+ | mountpoint, normalization, promote, | |
+ | quota, readonly, receive, recordsize, | |
+ | rename, refquota, refreservation, | |
+ | reservation, rollback, send, setuid, | |
+ | share, shareiscsi, sharenfs, snapdir, | |
+ | snapshot, userprop, utf8only, | |
+ | version, volblocksize, volsize, | |
+ | vscan, xattr, zoned | |
+ +---------------------------------------+---------------------+
+
+
+Oracle Solaris 11.4 17 Mar 2025 zfs_allow(8)
diff -NurbBw 11.4.78/man8/zfs_encrypt.8 11.4.81/man8/zfs_encrypt.8
--- 11.4.78/man8/zfs_encrypt.8 2025-05-11 12:25:33.642001059 -0700
+++ 11.4.81/man8/zfs_encrypt.8 2025-05-11 12:25:47.738928738 -0700
@@ -7,18 +7,14 @@
zfs [-?]
- zfs help subcommand | help | property property-name | permission
+ zfs help [subcommand | [property] property-name | permission]
- zfs help -l properties
+ zfs help [-l] properties
- zfs create -o encryption=on [-o keysource=raw | hex |
- passphrase,prompt | file://|pkcs11:|https://] ... dataset
-
-
- zfs create -o encryption=on [-o keysource=hex,cluster:keyname] ...
- dataset
+ zfs create [-p] -o encryption=on|algorithm [-o keysource=format,locator]
+ [-o property=value] ... dataset
zfs clone [-p] [-K] [-o property=value] ... snapshot filesystem|volume
@@ -56,8 +52,9 @@
Encryption is the process in which data is encoded for privacy and a
key is needed by the data owner to access the encoded data. You can set
an encryption policy when a ZFS dataset is created, but the policy can-
- not be changed. See the encryption and keysource property descriptions
- in the "Native Properties" section for details.
+ not be changed after creation. See the encryption and keysource prop-
+ erty descriptions in the "Native ZFS Encryption Properties" section for
+ details.
Dataset encryption is inherited permanently and cannot be removed dur-
@@ -65,7 +62,8 @@
destination dataset must have encryption enabled if encryption is de-
sired. Otherwise, the data is stored as clear text. A fully replicated
stream of an encrypted dataset results in an encrypted dataset but un-
- der a newly generated key. The stream itself is not encrypted.
+ der a newly generated key. The stream itself may or may not be en-
+ crypted, depending on the -w option to the zfs send command.
ZFS Send/Recv Considerations
A send stream created from an encrypted dataset in a source zpool that
@@ -163,10 +161,10 @@
- The following properties must be specified at creation time and can
- modified by using special commands:
+ The following properties must be specified at creation time and can be
+ modified later by using special commands:
- keysource=raw | hex | passphrase,prompt | file://|pkcs11:|https://
+ keysource=format,locator
Defines the format and location of the key that wraps the dataset
keys. The key must be present when the dataset is created, mounted,
@@ -176,46 +174,52 @@
the key is presented; locator identifies where the key is coming
from.
- format accepts three values:
+ format may be one of these values describing how the key is format-
+ ted in the specified location:
+
+
+ raw the raw key bytes
- o raw: the raw key bytes
+ hex a hexadecimal key string
- o hex: a hexadecimal key string
+ passphrase a character string that generates a key
+ locator may be one of these values:
- o passphrase: a character string that generates a key
- locator accepts two values:
+ prompt
+ You are prompted for a key or a passphrase when the dataset is
+ created or mounted.
- o prompt: You are prompted for a key or a passphrase when
- the dataset is created or mounted
+ file:///filename
- o file:///filename: the key or a passphrase file location
- in a file system
+ the key or a passphrase file location in a file system
- o pkcs11: A URI describing the location of a key or a
- passphrase in a PKCS#11 token
+ pkcs11:location
+ A URI describing the location of a key or a passphrase in a
+ PKCS#11 token.
- o https://location: The key or a passphrase file location
- on a secure server. Transporting key information in the
- clear using this method is not recommended. A GET on the
- URL returns just the key value or the passphrase, ac-
- cording to what was requested in the format part of the
- keysource.
- When using an https:// locator for the keysource, the
- certificate that the server presents must be one that is
- trusted by libcurl and OpenSSL. Add your own trust an-
- chor or self signed certificate to the certificate store
- in /etc/openssl/certs. Place the PEM format certificate
- into the /etc/certs/CA directory and run the svcadm re-
- fresh ca-certificates command.
+ https://location
+
+ The key or a passphrase file location on a secure server.
+ Transporting key information in the clear using this method is
+ not recommended. A GET on the URL returns just the key value or
+ the passphrase, according to what was requested in the format
+ part of the keysource.
+
+ When using an https:// locator for the keysource, the certifi-
+ cate that the server presents must be one that is trusted by
+ libcurl and OpenSSL. Add your own trust anchor or self signed
+ certificate to the certificate store in /etc/openssl/certs.
+ Place the PEM format certificate into the /etc/certs/CA direc-
+ tory and run the svcadm refresh ca-certificates command.
See "Examples" for examples of creating a key by using the https://
locator.
@@ -257,27 +261,28 @@
Displays a help message.
- zfs help command | help | property property-name | permission
+ zfs help [command | [property] property-name | permission]
Displays zfs command usage information. You can display help for a
- specific command, property, or delegated permission. If you display
- help for a specific command or property, the command syntax or
- property value is displayed. Using zfs help without any arguments
- displays a complete list of zfs commands.
+ specific subcommand, property, or delegated permission. If you dis-
+ play help for a specific subcommand or property, the subcommand
+ syntax or property value is displayed. Using zfs help without any
+ arguments displays a complete list of zfs subcommands.
- zfs help -l properties
+ zfs help [-l] properties
- Displays zfs property information, including whether the property
- value is editable and inheritable, and their possible values.
+ Displays ZFS property information. If the -l option is specified,
+ the list includes whether the property value is editable, inherita-
+ ble, or delegatable, and the possible values for the property.
- zfs create [-p] [-o encryption=on] [-o keysource=raw | hex |
- passphrase,prompt | file://|pkcs11:|https://] ... filesystem
+ zfs create [-p] -o encryption=on|algorithm
+ [-o keysource=format,locator] [-o property=value] ... filesystem
- Creates a new ZFS file system with encryption enabled, which uses
- aes-128-ccm See the encryption property description for a list of
- supported encryption algorithms.
+ Creates a new ZFS file system with encryption enabled. See the en-
+ cryption property description for a list of supported encryption
+ algorithms.
-p
@@ -289,19 +294,26 @@
pletes successfully.
- -o encryption=value
+ -o property=value
+
+ Sets the specified property as if the command zfs set prop-
+ erty=value was invoked at the same time the dataset was cre-
+ ated. Any editable ZFS property can also be set at creation
+ time. Multiple -o options can be specified. An error results if
+ the same property is specified in multiple -o options.
+
+ See the "Native ZFS Encryption Properties" section above, and
+ the "Native Properties" section of zfs(8) for available proper-
+ ties and their valid values.
- Sets the encryption property to value. Multiple -o options can
- be specified. An error results if the same property is speci-
- fied in multiple -o options.
zfs clone [-p] [-K] [-o property=value] ... snapshot filesystem|volume
- Creates a clone of the given snapshot. See the "Clones" section for
- details. The target dataset can be located anywhere in the ZFS hi-
- erarchy, and is created as the same type as the original.
+ Creates a clone of the given snapshot. See the "Clones" section of
+ zfs(8) for details. The target dataset can be located anywhere in
+ the ZFS hierarchy, and is created as the same type as the original.
-p
@@ -375,7 +387,7 @@
Loads the wrapping key to unlock the encrypted dataset and
datasets that inherit the key. This command loads the key based
- on what is defined by the key of the dataset.keysource prop-
+ on what is defined by the key of the dataset's keysource prop-
erty.
During a pool import, a key load operation is performed when a
@@ -465,7 +477,7 @@
-o property=value
Property to be changed as part of the key change operation. The
- keysource property is the only option that can be changed as
+ keysource property is the only property that can be changed as
part of a key change operation.
You must have permission to change the keysource properties.
@@ -520,9 +532,9 @@
zfs mount
- zfs mount [-vO] [-o options] -a | filesystem
+ zfs mount [-vO] [-o options] {-a | [-r] filesystem}
- Mounts ZFS file systems. Invoked automatically as part of the boot
+ Mounts ZFS file systems.' Invoked automatically as part of the boot
process. For a full description of zfs mount syntax, see zfs(8).
filesystem
@@ -537,7 +549,7 @@
- zfs unmount [-f] -a | filesystem|mountpoint
+ zfs unmount [-f] {-a | [-r] filesystem|mountpoint}
Unmounts currently mounted ZFS file systems. Invoked automatically
as part of the shutdown process. For a full description of zfs un-
@@ -589,7 +601,8 @@
# zfs create -o encryption=on \
- -o keysource=passphrase,https://keys.example.com/keys/42 tank/home/fs1
+ -o keysource=passphrase,https://keys.example.com/keys/42 \
+ tank/home/fs1
@@ -848,11 +849,24 @@
SEE ALSO
chmod(1), chown(1), pktool(1), ssh(1), chmod(2), chown(2), stat(2),
- write(2), attributes(7), mount(8), sshd(8), zfs(8), zpool(8)
+ write(2), attributes(7), pam_zfs_key(7), mount(8), sshd(8), zfs(8),
+ zpool(8)
For information about using other ZFS features, see zfs_allow(8),
zfs_share(8), zfs(8), and the Managing ZFS File Systems in Oracle So-
laris 11.4 book.
-Oracle Solaris 11.4 10 Mar 2023 zfs_encrypt(8)
+HISTORY
+ ZFS encryption was introduced in the Oracle Solaris 11.0.0 release.
+
+
+ For the history of zfs subcommands, options, and native properties, see
+ zfs(8).
+
+
+ For a history of ZFS pool and file system versions, see Appendix A, Or-
+ acle Solaris ZFS Version Descriptions in Managing ZFS File Systems in
+ Oracle Solaris 11.4.
+
+Oracle Solaris 11.4 17 Mar 2025 zfs_encrypt(8)
diff -NurbBw 11.4.78/man8/zfs_share.8 11.4.81/man8/zfs_share.8
--- 11.4.78/man8/zfs_share.8 2025-05-11 12:25:33.694107307 -0700
+++ 11.4.81/man8/zfs_share.8 2025-05-11 12:25:47.804327597 -0700
@@ -4,10 +4,10 @@
zfs_share - share and unshare a ZFS file system
SYNOPSIS
- zfs help subcommand | help | property property-name | permission
+ zfs help [subcommand | [property] property-name | permission]
- zfs help -l properties
+ zfs help [-l] properties
zfs create [-p] [-o share.nfs=on | share.smb=on [-o ...]] filesystem
@@ -23,10 +23,10 @@
zfs get share [filesystem]
- zfs set [-r] share.nfs=<on | off> filesystem
+ zfs set [-r] share.nfs=on|off filesystem
- zfs set [-r] share.smb=<on | off> filesystem
+ zfs set [-r] share.smb=on|off filesystem
zfs set [-r] property=value filesystem|volume|snapshot|share ...
@@ -51,8 +51,8 @@
DESCRIPTION
You can create an NFS share or an SMB share of a ZFS file system by
- setting share.nfs or share.smb property. You can also use the zfs share
- and zfs unshare commands to publish or unpublish a ZFS share.
+ setting the share.nfs or share.smb property. You can also use the zfs
+ share and zfs unshare commands to publish or unpublish a ZFS share.
Sharing ZFS File Systems
A file system can be shared by setting or inheriting the share.nfs=on
@@ -118,10 +116,11 @@
nbmand=on | off
- Controls whether the file system should be mounted with nbmand (Non
- Blocking mandatory locks). This is used for SMB clients. Changes to
- this property only take effect when the file system is unmounted
- and remounted. See mount(8) for more information on nbmand mounts.
+ Controls whether the file system should be mounted with nbmand
+ (Non-Blocking mandatory locks). This is used for SMB clients.
+ Changes to this property only take effect when the file system is
+ unmounted and remounted. See mount(8) for more information on
+ nbmand mounts.
readonly=on | off
@@ -199,8 +198,8 @@
insensitive matching behavior. Currently, case-insensitive matching
behavior on a file system that supports mixed behavior is limited
to the Solaris SMB server product. For more information about the
- mixed value behavior, see the Managing ZFS File Systems in Oracle
- Solaris 11.4.
+ mixed value behavior, see Managing ZFS File Systems in Oracle So-
+ laris 11.4.
normalization = none | formC | formD | formKC | formKD
@@ -329,7 +328,7 @@
share.nfs.charset.cp932
- Sets NFS character encoding to cp932 (MicroSoft-compatible Japan-
+ Sets NFS character encoding to cp932 (Microsoft-compatible Japan-
ese). Value: access-list
@@ -340,7 +339,7 @@
share.nfs.charset.euc-jpms
- Sets NFS character encoding to euc-jpms (MicroSoft-compatible
+ Sets NFS character encoding to euc-jpms (Microsoft-compatible
Japanese). Value: access-list
@@ -411,8 +410,8 @@
share.nfs.charset.koi8-r
- Sets NFS character encoding to ISO KOI8-R (Russian/Cyrillic).
- Value: access-list
+ Sets NFS character encoding to KOI8-R (Russian/Cyrillic). Value:
+ access-list
share.nfs.charset.shift_jis
@@ -685,18 +684,18 @@
This property is not implemented. Value: seconds
- share.nfs.sec.sys.resvport
-
- Sets whether the client requires a reserved port when accessing an
- AUTH_SYS share. Value: on or off.
-
-
share.nfs.sec.sys.none
Sets the SYS security mode to none for access-list. Value: access-
list
+ share.nfs.sec.sys.resvport
+
+ Sets whether the client requires a reserved port when accessing an
+ AUTH_SYS share. Value: on or off.
+
+
share.nfs.sec.sys.ro
Sets the SYS security mode to read-only access for access-list.
@@ -758,9 +757,8 @@
share.smb.csc Enables client-side disabled, manual, auto, or vdo
caching support. The de-
fault value is disabled.
- share.smb.dfsroot Enables a DFS root sup- on or off
- port. The default value
- is off.
+ share.smb.dfsroot Enables DFS root support. on or off
+ The default value is off.
share.smb.encrypt Enables SMB share level on or off
encryption. The default
value is off.
@@ -794,22 +792,24 @@
Displays a help message.
- zfs help command | help | property property-name | permission
+ zfs help [command | [property] property-name | permission]
Displays zfs command usage information. You can display help for a
- specific command, property, or delegated permission. If you display
- help for a specific command or property, the command syntax or
- property value is displayed. Using zfs help without any arguments
- displays a complete list of zfs commands.
+ specific subcommand, property, or delegated permission. If you dis-
+ play help for a specific subcommand or property, the subcommand
+ syntax or property value is displayed. Using zfs help without any
+ arguments displays a complete list of zfs sub commands.
- zfs help -l properties
+ zfs help [-l] properties
- Displays zfs property information, including whether the property
- value is editable and inheritable, and their possible values.
+ Displays ZFS property information. If the -l option is specified,
+ the list includes whether the property value is editable, inherita-
+ ble, or delegatable, and the possible values for the property.
- zfs create [-p] [-o share.nfs=on | share.smb=on [-o ...]] filesystem
+ zfs create [-p] [-o share.nfs=on] [share.smb=on]
+ [-o property=value ...]] filesystem
Creates a new ZFS file system. The file system is automatically
mounted according to the mountpoint property inherited from the
@@ -874,27 +875,19 @@
-o field
- Set of fields to display. One or more of:
-
-
- name,property,value,received,source
-
- Present multiple fields as a comma-separated list. The default
- value is:
-
+ A comma-separated list of fields to display. One or more of:
+ name, property, value, received, source.
- name,property,value,source
+ The default value is: name,property,value,source.
- The keyword all specifies all sources.
+ The keyword all specifies all fields.
-s source
- A comma-separated list of sources to display. Those properties
- coming from a source other than those in this list are ignored.
- Each source must be one of the following:
-
-
+ A comma-separated list of sources to display properties from.
+ Those properties coming from a source other than those in this
+ list are ignored. Each source must be one of the following:
local,default,inherited,temporary,received,none
The default value is all sources.
@@ -906,14 +899,15 @@
+
zfs get share filesystem
Displays all defined shares or the defined shares for a specified
file system.
- zfs set [-r] share.nfs=<on | off> filesystem
- zfs set [-r] share.smb=<on | off> filesystem
+ zfs set [-r] share.nfs=on|off filesystem
+ zfs set [-r] share.smb=on|off filesystem
Defines an NFS or SMB file sharing properties for a ZFS dataset by
setting the share.nfs or share.smb property to on or off.
@@ -924,10 +918,10 @@
Sets the property to the given value for each file system or file
system share or clears the file system share. Only some properties
- can be edited. See the section for more information on what proper-
- ties can be set and acceptable values. For more information, see
- NFS Share Property Descriptions section or the SMB Share Property
- Descriptions section.
+ can be edited. See the "Native Share File System Properties" and
+ "Specific NFS or SMB Properties" sections above, and the "Native
+ Properties" section of zfs(8), for more information on what proper-
+ ties can be set and acceptable values.
-r
@@ -1136,23 +1125,16 @@
tank/workspace/fs1% share.nfs on inherited from tank/workspace
-
EXIT STATUS
The following exit values are returned:
- 0
+ 0 Successful completion.
- Successful completion.
+ 1 An error occurred.
- 1
- An error occurred.
-
-
- 2
-
- Invalid command line options were specified.
+ 2 Invalid command line options were specified.
ATTRIBUTES
@@ -1168,9 +1150,9 @@
SEE ALSO
- chmod(2), chown(2), stat(2), write(2), fsync(3C), dfstab(5), vfstab(5),
- attributes(7), share(8), share_nfs(8), share_smb(8), unshare(8),
- zfs(8), zpool(8)
+ chmod(2), chown(2), stat(2), write(2), fsync(3C), dfstab(5), nfs(5),
+ smb(5), vfstab(5), attributes(7), share(8), share_nfs(8), share_smb(8),
+ sharectl(8), unshare(8), zfs(8), zpool(8)
For information about using other ZFS features, see zfs_allow(8),
@@ -1180,4 +1162,7 @@
The Unicode Standard (https://www.unicode.org/standard/standard.html)
-Oracle Solaris 11.4 15 Jun 2024 zfs_share(8)
+HISTORY
+ See the History section of zfs(8).
+
+Oracle Solaris 11.4 17 Mar 2025 zfs_share(8)
diff -NurbBw 11.4.78/man8/zfs.8 11.4.81/man8/zfs.8
--- 11.4.78/man8/zfs.8 2025-05-11 12:25:33.841185533 -0700
+++ 11.4.81/man8/zfs.8 2025-05-11 12:25:47.930982443 -0700
@@ -7,10 +7,10 @@
zfs [-?]
- zfs help subcommand | help | property property-name | permission
+ zfs help [subcommand | [property] property-name | permission]
- zfs help -l properties
+ zfs help [-l] properties
zfs allow filesystem|volume
@@ -71,6 +71,9 @@
zfs holds [-r] snapshot...
+ zfs inherit [-rS] property filesystem|volume|snapshot|share ...
+
+
zfs key -l {-a | [-r] filesystem|volume}
@@ -88,9 +91,6 @@
[filesystem|volume|snapshot|share|path] ...
- zfs inherit [-rS] property filesystem|volume|snapshot|share ...
-
-
zfs mount
@@ -136,15 +136,14 @@
zfs rollback [-rRf] snapshot
- zfs send [-vbpnC] [-Rr[c]] [-w compress|crypto|none]
- [-D [-m memsize]]
- [-iI snapshot] [-s subopt] snapshot
+ zfs send [-vbpnC] [-R|-r [-c]] [-w compress|crypto|none]
+ [-D [-m memsize]] [-i|-I snapshot] [-s option] snapshot
zfs set [-f|-r] property=value filesystem|volume|snapshot ...
- zfs set -c [-r] share=name=value filesystem|volume|snapshot|share ...
+ zfs set -c share=name=value filesystem|volume|snapshot|share ...
zfs share -u [-o property=value] filesystem%share
@@ -209,7 +208,7 @@
where the maximum length of a dataset name is MAXNAMELEN (256 bytes).
- A dataset can be one of the following:
+ A dataset can be one of the following types, as listed by zfs get type:
file system
@@ -224,7 +223,8 @@
volume
A logical volume exported as a raw or block device. This type of
- dataset should only be used under special circumstances. File sys-
+ dataset should only be used under special circumstances, such as
+ providing swap or dump volumes for the operating system. File sys-
tems are typically used in most environments.
@@ -403,8 +403,8 @@
be deleted. File retention is only available for regular files.
- A filesystem may have retention enabled by setting the retention.policy
- property. This can only be enabled during filesystem creation.
+ A file system may have retention enabled by setting the retention.pol-
+ icy property. This can only be enabled during file system creation.
The period for which a file is retained may be specified in touch -R or
@@ -433,24 +433,64 @@
dataset as well as control various behaviors. Properties are inherited
from the parent unless overridden by the child. Some properties apply
only to certain types of datasets (file systems, volumes, or snap-
- shots).
+ shots). Native properties apply to all dataset types unless otherwise
+ noted.
- The values of numeric properties can be specified using human-readable
- suffixes (for example, k, KB, M, Gb, and so forth, up to Z for
- zettabyte). The following are all valid (and equal) specifications:
+ Numeric values that represent sizes can be specified as exact values,
+ or in a human-readable form with a suffix of B, K, M, G, T, P, E, Z
+ (for bytes, kilobytes, megabytes, gigabytes, terabytes, petabytes, ex-
+ abytes, or zettabytes, respectively). These suffixes are not case sen-
+ sitive and other than the B suffix, may be followed by an optional B
+ character. The following are all valid (and equal) specifications:
1536M, 1.5g, 1.50GB
+ Numeric values that represent time intervals can be specified as an ex-
+ act number of seconds, or in a human-readable form consisting of an in-
+ teger number followed by a unit specifier. The following unit speci-
+ fiers are recognized:
+
+ +------------------------------+-----------------------------+
+ | SPECIFIERS |UNIT |
+ +------------------------------+-----------------------------+
+ | s, second, seconds |second |
+ +------------------------------+-----------------------------+
+ | minute, minutes |minute |
+ +------------------------------+-----------------------------+
+ | h, hour, hours |hour |
+ +------------------------------+-----------------------------+
+ | d, day, days |day (24 hours) |
+ +------------------------------+-----------------------------+
+ | w, week, weeks |week (7 days) |
+ +------------------------------+-----------------------------+
+ | m, month, months |month (30 days) |
+ +------------------------------+-----------------------------+
+ | y, year, years |year (365 days) |
+ +------------------------------+-----------------------------+
+
+
+
+ Note that the unit of m is months, not minutes. If no unit specifier is
+ listed, the default unit of seconds is used.
+
+
+ Internally, these are stored as seconds in the property but displayed
+ s/h/d/w/m/y by zfs get.
+
+
+ Only a single unit may be used, i.e. a value of 1w3d is not allowed.
+ Instead that should be expressed as 10d.
+
+
The values of non-numeric properties are case-sensitive and must be
lowercase, except for the mountpoint property.
The following native properties consist of read-only statistics about
- the dataset. These properties can be neither set, nor inherited. Native
- properties apply to all dataset types unless otherwise noted.
+ the dataset. These properties can be neither set, nor inherited.
available
@@ -483,6 +523,28 @@
erty is off.
+ effectivereadlimit
+ effectivewritelimit
+
+ These properties provide a view of what the effective limit is on a
+ dataset. The value displayed indicates the maximum throughput the
+ dataset is governed by. The reported effective limit is the lowest
+ data limit at any point between the root and the indicated dataset.
+ See readlimit and writelimit for more details on limit behavior.
+
+
+
+ groupused@group
+
+ The amount of space consumed by the specified group in this
+ dataset. Space is charged to the group of each file, as displayed
+ by ls -l. See the userused@user property for more information.
+
+ Unprivileged users can only access their own groups' space usage.
+ The root user, or a user who has been granted the groupused privi-
+ lege with zfs allow, can access all groups' usage.
+
+
keychangedate
For more information, see zfs_encrypt(8).
@@ -523,6 +585,28 @@
For more information, see zfs_encrypt(8).
+ retention.status.expiry
+
+ The latest-expiring retention timestamp of a file is shown by this
+ read-only filesystem property. If that time has passed, the prop-
+ erty will also display (expired) indicating that all file reten-
+ tions have expired.
+
+ The expiry provides no protection from destruction for privileged
+ retention policy filesystems, and therefore is not maintained. It
+ will always appear as 0.
+
+
+ retention.status.files
+
+ A count of retained files is shown by this read-only filesystem
+ property. This count increases when a file is retained. It does not
+ change when a file's retention expires; it is only reduced when a
+ retained file is deleted. This count does not reflect files which
+ auto-retention hasn't yet retained, but those will be included on
+ their next access.
+
+
type
The type of dataset: filesystem, volume, or snapshot.
@@ -531,11 +615,11 @@
used
The amount of space consumed by this dataset and all its descen-
- dents. This is the value that is checked against this dataset's
+ dants. This is the value that is checked against this dataset's
quota and reservation. The space used does not include this
dataset's reservation, but does take into account refreservation
(through usedbyrefreservation) and the reservations of any descen-
- dent datasets (through usedbychildren). The amount of space that a
+ dant datasets (through usedbychildren). The amount of space that a
dataset consumes from its parent, as well as the amount of space
that are freed if this dataset is recursively destroyed, is the
greater of its space used and its reservation.
@@ -575,7 +659,7 @@
The amount of space used by this dataset itself, which would be
freed if the dataset was destroyed (after first removing any re-
freservation and destroying any necessary snapshots or descen-
- dents).
+ dants).
usedbyrefreservation
@@ -601,6 +685,12 @@
shared by multiple snapshots.
+ userrefs
+
+ This property shows the number of user holds on this snapshot. User
+ holds are set by using the zfs hold command.
+
+
userused@user
The amount of space consumed by the specified user in this dataset.
@@ -629,105 +719,12 @@
- userrefs
-
- This property is set to the number of user holds on this snapshot.
- User holds are set by using the zfs hold command.
-
-
- groupused@group
-
- The amount of space consumed by the specified group in this
- dataset. Space is charged to the group of each file, as displayed
- by ls -l. See the userused@user property for more information.
-
- Unprivileged users can only access their own groups' space usage.
- The root user, or a user who has been granted the groupused privi-
- lege with zfs allow, can access all groups' usage.
-
-
- volblocksize=blocksize
-
- For volumes, specifies the block size of the volume. The blocksize
- cannot be changed once the volume has been written, so it should be
- set at volume creation time. The default blocksize for volumes is 8
- KB. Any power of 2 from 512 bytes to 1 MB is valid.
-
- This property can also be referred to by its shortened column name,
- volblock.
-
-
- effectivereadlimit
- effectivewritelimit
-
- These properties provide a view of what the effective limit is on a
- dataset. The value displayed indicates the maximum throughput the
- dataset is governed by. The reported effective limit is the lowest
- data limit at any point between the root and the indicated dataset.
- See readlimit and writelimit for more details on limit behavior.
-
-
-
The following native properties can be used to change the behavior of a
ZFS dataset.
- aclmode=discard | mask | passthrough
-
- Controls how an ACL is modified during chmod(2). A file system with
- an aclmode property of discard (the default) deletes all ACL en-
- tries that do not represent the mode of the file. An aclmode prop-
- erty of mask reduces user or group permissions. The permissions are
- reduced so that they are no greater than the group permission bits,
- unless it is a user entry that has the same UID as the owner of the
- file or directory. In this case, the ACL permissions are reduced so
- that they are no greater than owner permission bits. mask also pre-
- serves the ACL across mode changes (without an explicit ACL set [by
- means of chmod(1)] between the mode changes). A file system with an
- aclmode property of passthrough indicates that no changes will be
- made to the ACL other than generating the necessary ACL entries to
- represent the new mode of the file or directory.
-
-
- refreservation=size | none | auto
-
- The minimum amount of space guaranteed to a dataset, not including
- its descendents. The default refreservation is none for file sys-
- tems.
-
- For ZFS volumes, the refreservation is automatically set to a
- slightly larger size than the actual volume size to account for ZFS
- metadata overhead. You can use the dense value to reserve enough
- space for both data and metadata for the current volume size. For
- example, if you need more space for other file systems, you can
- temporarily reduce a volume's refreservation value, which converts
- this to a sparse volume. Then, you can revert the volume refreser-
- vation value back to the original value when it was created by
- specifying the dense value.
-
- When the usedbydataset space is below this value, the dataset is
- treated as if it were taking up the amount of space specified by
- refreservation. The usedbyrefreservation figure represents this ex-
- tra space, adding to the total used space charged to the dataset,
- and in turn consuming from the parent datasets' usage, quotas, and
- reservations. This protects the dataset from overcommitment of pool
- resources, by ensuring that space for future writes is reserved in
- advance.
-
- Space shared with snapshots can later be replaced with new data,
- and the snapshot represents a commitment to keep both copies. If
- refreservation is set, usedbyrefreservation must be increased to
- the full size of refreservation when taking a new snapshot, ac-
- counting for this commitment. If there is insufficient space avail-
- able to the dataset for this increase, snapshot creation will be
- denied.
-
- This property can also be referred to by its shortened column name,
- refreserv.
-
-
aclinherit=discard | noallow | restricted | passthrough | passthrough-x
- passthrough-mode-preserve
+ | passthrough-mode-preserve
Controls how ACL entries are inherited when files and directories
are created. A file system with an aclinherit property of discard
@@ -753,6 +750,23 @@
to the requested mode from the application.
+ aclmode=discard | mask | passthrough
+
+ Controls how an ACL is modified during chmod(2). A file system with
+ an aclmode property of discard (the default) deletes all ACL en-
+ tries that do not represent the mode of the file. An aclmode prop-
+ erty of mask reduces user or group permissions. The permissions are
+ reduced so that they are no greater than the group permission bits,
+ unless it is a user entry that has the same UID as the owner of the
+ file or directory. In this case, the ACL permissions are reduced so
+ that they are no greater than owner permission bits. mask also pre-
+ serves the ACL across mode changes (without an explicit ACL set [by
+ means of chmod(1)] between the mode changes). A file system with an
+ aclmode property of passthrough indicates that no changes will be
+ made to the ACL other than generating the necessary ACL entries to
+ represent the new mode of the file or directory.
+
+
atime=on | off
Controls whether the access time for files is updated when they are
@@ -832,8 +846,8 @@
maximum of 2.
When the dataset is an auto-provisioned ZFS volume, change of the
- copies induces change to the refreservation as well. See the "re-
- freservation" for details.
+ copies induces change to the refreservation as well. See the re-
+ freservation property description for details.
dedup=on | off | verify | sha256[,verify]
@@ -855,6 +869,14 @@
The default value is on.
+ dump=on | off
+
+ Controls whether a ZFS volume is configured at boot to be a dump
+ device. This property is managed by the dumpadm(8) command. The de-
+ fault value is off. Only one ZFS volume per system should have the
+ dump property set to on.
+
+
exec=on | off
Controls whether processes can be executed from within this file
@@ -918,7 +940,7 @@
If the filesystem is a clone, then the mountpoint property may be
set to clonedir. You can determine whether a filesystem is a clone
by checking whether the origin property is non-NULL. In that case,
- the filesysem will be mounted in the .zfs/clone directory of the
+ the file system will be mounted in the .zfs/clone directory of the
filesystem this is a clone of.
@@ -938,13 +960,13 @@
quota=size | none
- Limits the amount of space a dataset and its descendents can con-
- sume. This includes all space consumed by descendents, including
+ Limits the amount of space a dataset and its descendants can con-
+ sume. This includes all space consumed by descendants, including
file systems and snapshots. Enforcement of quotas may be delayed by
several seconds. This delay means that a user might exceed their
quota before the system notices that the user is over quota. The
system would then begin to refuse additional writes. Setting a
- quota on a descendent of a dataset that already has a quota does
+ quota on a descendant of a dataset that already has a quota does
not override the ancestor's quota, but rather imposes an additional
limit. Quotas cannot be set on volumes, as the volsize property
acts as an implicit quota.
@@ -955,13 +977,12 @@
Limits the rate in bytes/second at which a dataset will be read or
written to. A limit imposed on a dataset will apply to that dataset
- and all of its descendents. A value of 'none' overrides any default
- set by a parent. A value of 'default' will return the dataset to
- any default that was set by a parent. These values are not a guar-
- anteed bandwidth and the actual bandwidth can be limited by other
- factors, including usage and limits set on other datasets in the
- hierarchy. Enforcement of these limits may be delayed by several
- seconds.
+ and all of its descendants. A value of none overrides any default
+ set by a parent. A value of default will return the dataset to any
+ default that was set by a parent. These values are not a guaranteed
+ bandwidth and the actual bandwidth can be limited by other factors,
+ including usage and limits set on other datasets in the hierarchy.
+ Enforcement of these limits may be delayed by several seconds.
@@ -972,7 +993,7 @@
dataset will be read or written to. A default limit imposed on a
dataset will only apply to the datasets descendants. This value is
inherited by the descendants and can be overridden by setting the
- readlimit or writelimit value on the descendent. These values are
+ readlimit or writelimit value on the descendant. These values are
not a guaranteed bandwidth and the actual bandwidth can be limited
by other factors including usage and limits set on other datasets
in the hierarchy. Enforcement of these limits may be delayed by
@@ -980,6 +1001,53 @@
+ refreservation=size | none | auto
+
+ The minimum amount of space guaranteed to a dataset, not including
+ its descendants. The default refreservation is none for file sys-
+ tems.
+
+ For ZFS volumes, the refreservation is automatically set to a
+ slightly larger size than the actual volume size to account for ZFS
+ metadata overhead. You can use the dense value to reserve enough
+ space for both data and metadata for the current volume size. For
+ example, if you need more space for other file systems, you can
+ temporarily reduce a volume's refreservation value, which converts
+ this to a sparse volume. Then, you can revert the volume refreser-
+ vation value back to the original value when it was created by
+ specifying the dense value.
+
+ When the usedbydataset space is below this value, the dataset is
+ treated as if it were taking up the amount of space specified by
+ refreservation. The usedbyrefreservation figure represents this ex-
+ tra space, adding to the total used space charged to the dataset,
+ and in turn consuming from the parent datasets' usage, quotas, and
+ reservations. This protects the dataset from overcommitment of pool
+ resources, by ensuring that space for future writes is reserved in
+ advance.
+
+ Space shared with snapshots can later be replaced with new data,
+ and the snapshot represents a commitment to keep both copies. If
+ refreservation is set, usedbyrefreservation must be increased to
+ the full size of refreservation when taking a new snapshot, ac-
+ counting for this commitment. If there is insufficient space avail-
+ able to the dataset for this increase, snapshot creation will be
+ denied.
+
+ This property can also be referred to by its shortened column name,
+ refreserv.
+
+
+ swap=on | off | none
+
+ Controls whether a zfs volume is configured at boot to be a swap
+ device. This property is managed by the swap(8) command. The de-
+ fault value is none.
+
+ ZFS volumes used as a swap device will always be encrypted regard-
+ less of the value of the encryption property for the ZFS volume.
+
+
sync=standard | always | disabled
Determines the degree to which file system transactions are syn-
@@ -1037,7 +1105,7 @@
Limits the amount of space consumed by the specified user. Similar
to the refquota property, the userquota space calculation does not
- include space that is used by descendent datasets, such as snap-
+ include space that is used by descendant datasets, such as snap-
shots and clones. User space consumption is identified by the user-
space@user property.
@@ -1123,7 +1191,7 @@
refquota=size | none
Limits the amount of space a dataset can consume. This limit does
- not include space used by descendents, including file systems and
+ not include space used by descendants, including file systems and
snapshots. Enforcement of refquotas may be delayed by several sec-
onds. This delay means that a user might exceed their quota before
the system notices that the user is over quota. The system would
@@ -1133,7 +1201,7 @@
refreservation=size | none | auto
The minimum amount of space guaranteed to a dataset, not including
- its descendents.
+ its descendants.
The default refreservation is auto for ZFS volumes and none for
other types of datasets. When refreservation=auto, sufficient space
@@ -1171,7 +1239,7 @@
reservation=size | none
The minimum amount of space guaranteed to a dataset and its descen-
- dents. When the amount of space used is below this value, the
+ dants. When the amount of space used is below this value, the
dataset is treated as if it were taking up the amount of space
specified by its reservation. Reservations are accounted for in the
parent datasets' space used, and count against the parent datasets'
@@ -1181,6 +1249,102 @@
reserv.
+ retention.period.default=timeinterval
+
+ This value is used as the retention period for a file when no time
+ was specified using touch prior to retention.
+
+ Retention period values must be less than 100 years.
+
+
+ retention.period.deletegrace=timeinterval
+
+ When retention.policy.onexpiry is set to delete, the file is imme-
+ diately deleted once the retention expires. This property allows
+ the deletion to be delayed by the specified amount of time.
+
+ Retention period values must be less than 100 years.
+
+
+ retention.period.grace=timeinterval
+
+ The retention grace period controls automatic file retention. If it
+ is set to zero seconds, automatic retention is disabled. If it is
+ set to a period greater than zero seconds, automatic retention is
+ enabled. Once a file has remained unmodified for that non-zero
+ grace period it is automatically retained for the period specified
+ by retention.period.default.
+
+ On mandatory retention policy filesystems, once automatic retention
+ is enabled, it cannot be turned off. That is, the grace period
+ value, once changed from zero to a positive integer, cannot be set
+ back to zero. Further, on mandatory retention policy filesystems,
+ the grace period value may never be increased, but may be reduced
+ with a minimum of 1 second.
+
+ On a filesystem with privileged retention policy, the grace period
+ value may be adjusted as desired.
+
+ Retention period values must be less than 100 years.
+
+
+ retention.period.min=timeinterval
+ retention.period.max=timeinterval
+
+ These values constrain the range of time for which a file may be
+ retained. The retention.period.default may not be less than reten-
+ tion.period.min or greater than retention.period.max. A retention
+ time specified with touch -a or touch -R that is less than reten-
+ tion.period.min will be increased to retention.period.min and one
+ that is greater than retention.period.max will be decreased to re-
+ tention.period.max.
+
+ Retention period values must be less than 100 years.
+
+
+
+ retention.policy.changeacl=on | off
+
+ This controls whether changes can be made to the file permissions
+ or ACL on a retained file. If this is set to on, the file permis-
+ sions may be changed, excluding write. Additionally, the ACL may be
+ changed, excluding adding any allow entries for write_data. Allow
+ entries for append_data are also rejected unless the file has the
+ appendonly system attribute. The default is off.
+
+
+ retention.policy.onexpiry=off | delete | hold
+
+ This controls what happens to retained files after the retention
+ expires.
+
+
+ off
+
+ Nothing is done to the file. On retention expiration, the file
+ may be manually deleted as normal.
+
+
+ delete
+
+ On retention expiration, the file is deleted. Note that this
+ cannot be set unless the default retention period is greater
+ than zero.
+
+ The deletion may be delayed by setting the retention.pe-
+ riod.deletegrace to greater than zero. See retention.pe-
+ riod.deletegrace above.
+
+
+ hold
+
+ This causes the retention expiration time for files to be ig-
+ nored, and retained files may not be deleted until this is
+ turned off.
+
+
+
+
rstchown=on | off
Indicates whether the file system restricts users from giving away
@@ -1257,11 +1421,24 @@
more information on the contents of this directory.
- version=1 | 2 | current
+ version=version | current
The on-disk version of this file system, which is independent of
the pool version. This property can only be set to later supported
- versions. See the zfs upgrade command.
+ versions. See the zfs upgrade command, and Appendix A, Oracle So-
+ laris ZFS Version Descriptions in Managing ZFS File Systems in Ora-
+ cle Solaris 11.4.
+
+
+ volblocksize=blocksize
+
+ For volumes, specifies the block size of the volume. The blocksize
+ cannot be changed once the volume has been written, so it should be
+ set at volume creation time. The default blocksize for volumes is 8
+ KB. Any power of 2 from 512 bytes to 1 MB is valid.
+
+ This property can also be referred to by its shortened column name,
+ volblock.
volsize=size
@@ -1281,7 +1458,7 @@
when shrinking the size). Extreme care should be used when adjust-
ing the volume size. If the volume is auto-provisioned, change of
its size also induces a change to the refreservation. For more in-
- formation, see the "refreservation" section.
+ formation, see the refreservation section.
Though not recommended, a sparse volume (also known as thin provi-
sioning) can be created by specifying the -s option to the zfs cre-
@@ -1323,16 +1500,6 @@
For more information, see zfs_share(8).
- normalization = none | formC | formD | formKC | formKD
-
- For more information, see zfs_share(8).
-
-
- utf8only=on | off
-
- For more information, see zfs_share(8).
-
-
encryption=off | on | aes-128-ccm | aes-192-ccm | aes-256-ccm |
aes-128-gcm | aes-192-gcm | aes-256-gcm
@@ -1342,8 +1509,8 @@
multilevel=on | off
- The default value is off. It cannot be turned off after it set to
- on.
+ The default value is off. It cannot be turned off after it has been
+ set to on.
Objects in a multilevel file system are individually labeled with
an explicit sensitivity label attribute that is automatically gen-
@@ -1370,13 +1537,9 @@
policy based on mlslabel does not apply to multilevel file systems.
+ normalization=none | formC | formD | formKC | formKD
- The following property must be specified at creation time and can modi-
- fied by using special commands:
-
- keysource=raw | hex | passphrase,prompt | file
-
- For more information, see zfs_encrypt(8).
+ For more information, see zfs_share(8).
retention.policy=off | privileged | mandatory
@@ -1411,124 +1574,18 @@
- retention.period.min=timeinterval
- retention.period.max=timeinterval
-
- These values constrain the range of time for which a file may be
- retained. The retention.period.default may not be less than reten-
- tion.period.min or greater than retention.period.max. A retention
- time specified with touch -a or touch -R that is less than reten-
- tion.period.min will be increased to retention.period.min and one
- that is greater than retention.period.max will be decreased to re-
- tention.period.max.
-
- Retention period values must be less than 100 years.
-
-
-
- retention.period.default=timeinterval
-
- This value is used as the retention period for a file when no time
- was specified using touch prior to retention.
-
- Retention period values must be less than 100 years.
-
-
- retention.period.grace=timeinterval
-
- The retention grace period controls automatic file retention. If it
- is set to zero seconds, automatic retention is disabled. If it is
- set to a period greater than zero seconds, automatic retention is
- enabled. Once a file has remained unmodified for that non-zero
- grace period it is automatically retained for the period specified
- by retention.period.default.
-
- On mandatory retention policy filesystems, once automatic retention
- is enabled, it cannot be turned off. That is, the grace period
- value, once changed from zero to a positive integer, cannot be set
- back to zero. Further, on mandatory retention policy filesystems,
- the grace period value may never be increased, but may be reduced
- with a minimum of 1 second.
-
- On a filesystem with privileged retention policy, the grace period
- value may be adjusted as desired.
-
- Retention period values must be less than 100 years.
-
-
- retention.policy.changeacl=on | off
-
- This controls whether changes can be made to the file permissions
- or ACL on a retained file. If this is set to on, the file permis-
- sions may be changed, excluding write. Additionally, he ACL may be
- changed, excluding adding any allow entries for write_data. Allow
- entries for append_data are also rejected unless the file has the
- appendonly system attribute. The default is off.
-
-
- retention.policy.onexpiry=off | delete | hold
-
- This controls what happens to retained files after the retention
- expires.
-
-
- off
-
- Nothing is done to the file. On retention expiration, the file
- may be manually deleted as normal.
-
-
- delete
-
- On retention expiration, the file is deleted. Note that this
- cannot be set unless the default retention period is greater
- than zero.
-
- The deletion may be delayed by setting the retention.pe-
- riod.deletegrace to greater than zero. See retention.pe-
- riod.deletegrace below.
-
-
- hold
-
- This causes the retention expiration time for files to be ig-
- nored, and retained files may not be deleted until this is
- turned off.
-
-
-
-
- retention.period.deletegrace
-
- When retention.policy.onexpiry is set to delete, the file is imme-
- diately deleted once the retention expires. This property allows
- the deletion to be delayed by the specified amount of time.
-
- As with the other retention period values, this one too must be
- less than 100 years.
-
-
- retention.status.expiry
+ utf8only=on | off
- The latest-expiring retention timestamp of a file is shown by this
- read-only filesystem property. If that time has passed, the prop-
- erty will also display (expired) indicating that all file reten-
- tions have expired.
+ For more information, see zfs_share(8).
- The expiry provides no protection from destruction for privileged
- retention policy filesystems, and therefore is not maintained. It
- will always appear as 0.
- retention.status.files
+ The following property must be specified at creation time and can be
+ modified by using special commands:
- A count of retained files is shown by this read-only filesystem
- property. This count increases when a file is retained. It does not
- change when a file's retention expires; it is only reduced when a
- retained file is deleted. This count does not reflect files which
- auto-retention hasn't yet retained yet, but those will be included
- on their next access.
+ keysource=format,locator
+ For more information, see zfs_encrypt(8).
Temporary Mount Point Properties
@@ -1562,9 +1619,9 @@
the new persistent mountpoint.
- Please note that remount is also a supported temporary mount option.
- And it is not a filesystem property, but a qualifier to the mount oper-
- ation.
+ Please note that remount is also a supported temporary mount option,
+ though it is not a filesystem property, but a qualifier to the mount
+ operation.
User Properties
In addition to the standard native properties, ZFS supports arbitrary
@@ -1586,10 +1643,10 @@
gested to use a reversed DNS domain name for the module component of
property names to reduce the chance that two independently-developed
packages use the same property name for different purposes. In the Ora-
- cle Solaris release, the com.oracle user property is reserved for beadm
- command and library. The com.oracle:rootfs is reserved for Oracle So-
- laris boot. It defines the root filesystem dataset associated with a
- bootable dataset.
+ cle Solaris release, user properties starting with com.oracle.libe: are
+ reserved for the beadm command and library. The com.oracle:rootfs user
+ property is reserved for Oracle Solaris boot. It defines the root
+ filesystem dataset associated with a bootable dataset.
The values of user properties are arbitrary strings, are always inher-
@@ -1607,10 +1664,10 @@
file system. A ZFS swap file configuration is not supported.
- You can encrypt a ZFS volume used as a swap device by specifying the
- encryption property for that device and specifying the encrypted option
- in vfstab(5). For more information about the encryption property, see
- zfs_encrypt(8).
+ ZFS volumes used as a swap device will always be encrypted regardless
+ of the value of the encryption property for the ZFS volume. Encryption
+ will be performed using ephemeral keys generated automatically by the
+ system, and do not require administrators to set or manage the keys.
If you need to change your swap area or dump device after the system is
@@ -1627,20 +1684,20 @@
Displays a help message.
- zfs help command | help | property property-name | permission
+ zfs help [command | [property] property-name | permission]
Displays zfs command usage information. You can display help for a
- specific command, property, or delegated permission. If you display
- help for a specific command or property, the command syntax or
- property value is displayed. Using zfs help without any arguments
- displays a complete list of zfs commands.
+ specific subcommand, property, or delegated permission. If you dis-
+ play help for a specific subcommand or property, the subcommand
+ syntax or property value is displayed. Using zfs help without any
+ arguments displays a complete list of zfs subcommands.
- zfs help -l properties
+ zfs help [-l] properties
- Displays zfs property information, including whether the property
- value is editable, inheritable, or delegatable, and their possible
- values.
+ Displays ZFS property information. If the -l option is specified,
+ the list includes whether the property value is editable, inherita-
+ ble, or delegatable, and the possible values for the property.
zfs allow filesystem | volume
@@ -1820,7 +1877,7 @@
-r
Destroy (or mark for deferred deletion) all snapshots with this
- name in descendent file systems.
+ name in descendant file systems.
-R
@@ -1838,7 +1895,7 @@
- zfs destroy [share
+ zfs destroy share
The specified file system share is destroyed.
@@ -1847,14 +1904,14 @@
zfs diff -E [-FHNqrt] [-o field] ... snapshot | filesystem
Gives a high-level description of the differences between a snap-
- shot and a descendent dataset. The descendent can be either a snap-
+ shot and a descendant dataset. The descendant can be either a snap-
shot of the dataset or the current dataset.
If a single snapshot is specified, then differences between that
snapshot and the current dataset are given.
For each file that has undergone a change between the original
- snapshot and the descendent, the type of change is described along
+ snapshot and the descendant, the type of change is described along
with the name of the file. In the case of a rename, both the old
and new names are shown. Whitespace characters, backslash charac-
ters, and other non-printable or non-7-bit ASCII characters found
@@ -2051,28 +2108,20 @@
-o field
- Set of fields to display. One or more of:
-
-
- name,property,value,received,source
+ A comma-separated list of fields to display. One or more of:
+ name, property, value, received, source.
- Present multiple fields as a comma-separated list. The default
- value is:
+ The default value is: name,property,value,source.
-
- name,property,value,source
-
- The keyword all specifies all sources.
+ The keyword all specifies all fields.
-s source
A comma-separated list of sources to display. Those properties
coming from a source other than those in this list are ignored.
- Each source must be one of the following:
-
-
- local,default,inherited,temporary,received,none
+ Each source must be one of the following: local, default,
+ inherited, temporary, received, none
The default value is all sources.
@@ -2080,11 +2129,11 @@
-I state
A comma-separated list of dataset states to display instead of
- the 'normal' datasets that are usually displayed. The state pa-
+ the "normal" datasets that are usually displayed. The state pa-
rameter can include the following non-normal states: receiving,
resumable, hidden, or all. For instance, specifying -I resum-
- able will display only resumable datasets. The state value
- 'all' will display datasets with receiving, resumable or hidden
+ able will display only resumable datasets. The state value all
+ will display datasets with receiving, resumable or hidden
states.
@@ -2121,7 +2170,7 @@
-r
Specifies that a hold with the given tag is applied recursively
- to the snapshots of all descendent file systems.
+ to the snapshots of all descendant file systems.
@@ -2132,7 +2181,7 @@
-r
- Lists the holds that are set on the named descendent snapshots,
+ Lists the holds that are set on the named descendant snapshots,
in addition to listing the holds on the named snapshot.
@@ -2161,7 +2210,7 @@
zfs key -l | {-a | [-r] filesystem|volume}
- zfs key -u [-f] | {-a | [-r] filesystem | volume
+ zfs key -u [-f] | {-a | [-r] filesystem|volume}
zfs key -c [-o keysource=value] {-a | [-r] filesystem|volume}
zfs key -K {-a | [-r] filesystem|volume}
@@ -2280,12 +2329,11 @@
-I state
A comma-separated list of dataset states to display instead of
- the 'normal' datasets that are usually displayed. The state pa-
+ the "normal" datasets that are usually displayed. The state pa-
rameter can include the following non-normal states: receiving,
resumable, hidden, or all. For instance, specifying -I resum-
- able will display only resumable datasets. The state value
- 'all' will list all datasets in states other than the 'normal'
- state.
+ able will display only resumable datasets. The state value all
+ will list all datasets in states other than the "normal" state.
-p
@@ -2308,9 +2356,9 @@
-o options
An optional, comma-separated list of mount options to use tem-
- porarily for the duration of the mount. And this cannot be used
- to change a filesystem permanently. See the "Temporary Mount
- Point Properties" section for details.
+ porarily for the duration of the mount. This cannot be used to
+ change a filesystem permanently. See the "Temporary Mount Point
+ Properties" section for details.
-O
@@ -2320,7 +2368,7 @@
-r
- Mounts all descendent file systems of the specified filesystem
+ Mounts all descendant file systems of the specified filesystem
or ZFS file systems which are mounted at or beneath the speci-
fied mountpoint.
@@ -2510,12 +2558,11 @@
-r
Recursively releases a hold with the given tag on the snapshots
- of all descendent file systems.
+ of all descendant file systems.
- zfs rename filesystem|volume|snapshot
- filesystem|volume|snapshot
+ zfs rename filesystem|volume|snapshot filesystem|volume|snapshot
zfs rename [-p] filesystem|volume filesystem|volume
Renames the given dataset. The new target can be located anywhere
@@ -2548,11 +2594,10 @@
Note that all data written to rpool/parent after creating the @re-
name snapshot will be lost.
- Renaming root dataset is not allowed. The root dataset can only be
- renamed by renaming the pool, which will rename the root dataset to
- the new pool name. Use zpool export pool command and then zpool im-
- port pool newpoolname command to rename the root dataset to the new
- pool name.
+ Renaming the root dataset is not allowed. The root dataset can only
+ be renamed by renaming the pool, which will rename the root dataset
+ to the new pool name. Use zpool export pool and then zpool import
+ pool newpoolname to rename the root dataset to the new pool name.
-p
@@ -2563,10 +2608,9 @@
-
zfs rename -r snapshot snapshot
- Recursively renames the snapshots of all descendent datasets. Snap-
+ Recursively renames the snapshots of all descendant datasets. Snap-
shots are the only dataset that can be renamed recursively.
@@ -2609,7 +2653,7 @@
-r
- If the -r option is included, all descendent datasets with re-
+ If the -r option is included, all descendant datasets with re-
tained files are also displayed.
@@ -2680,8 +2724,8 @@
- zfs send [-vbpnC] [-[Rr[c]]] [-w compress|crypto|none] [-D [-m mem-
- size]] [-[iI] snapshot] [-s subopt] snapshot
+ zfs send [-vbpnC] [-R|-r [-c]] [-w compress|crypto|none]
+ [-D [-m memsize]] [-i|-I snapshot] [-s option] snapshot
Creates a stream representation of the second snapshot, which is
written to standard output. The output can be redirected to a file
@@ -2703,11 +2747,12 @@
Creates a self-contained stream. A self-contained stream is one
that is not dependent on any datasets not included in the
- stream package. Valid with the -r and -R options. If used with
- the -R option and if clones are present, no snapshot preceding
- the clone origin will be included in the stream. If used with
- the -i or -I option, the stream will be dependent on the snap-
- shot specified as an argument to the -i or -I option.
+ stream package. This option is only valid when used with the -r
+ or -R options. If used with the -R option and if clones are
+ present, no snapshot preceding the clone origin will be in-
+ cluded in the stream. If used with the -i or -I option, the
+ stream will be dependent on the snapshot specified as an argu-
+ ment to the -i or -I option.
See Saving, Sending, and Receiving ZFS Data in Managing ZFS
File Systems in Oracle Solaris 11.4 for details.
@@ -2753,6 +2798,15 @@
the -i option.
+ -m memsize
+
+ Limits the amount of memory used by deduplication processing to
+ the value specified in bytes, kbytes, mbytes, or gbytes by us-
+ ing the appropriate suffix. For example, 2G, 2048M, 2097152K,
+ or 2147483648. The -m option is only valid when used with the
+ -D option.
+
+
-n
Do not actually send the stream. This option can also be used
@@ -2770,9 +2824,9 @@
-R
Generates a replication stream package that replicates the
- specified file system, and all descendent file systems, up to
+ specified file system, and all descendant file systems, up to
the named snapshot. When received, all properties, snapshots,
- descendent file systems, and clones are preserved.
+ descendant file systems, and clones are preserved.
If the -i or -I flags are used in conjunction with the -R flag,
an incremental replication stream is generated. The current
@@ -2793,7 +2847,7 @@
Generates a recursive stream package. A recursive stream pack-
age contains a series of full and/or incremental streams. When
- received, all properties and descendent file systems are pre-
+ received, all properties and descendant file systems are pre-
served. Unlike with the replication stream packages generated
with the -R flag, intermediate snapshots are not preserved un-
less the intermediate snapshot is the origin of a clone that is
@@ -2818,81 +2872,91 @@
sive stream package differs from a replication stream package.
- -s streamsize
+ -s option
The -s switch is used to specify a set of stream options that
modify the format of the stream or the operation of the send
command. Later options take precedence over earlier options.
- Any option can be preceded by 'no' to turn the option off. For
+ Any option can be preceded by no to turn the option off. For
example -s nocheck requests the use of a stream format without
per-record checksums.
- Specifies that the size of the stream, in bytes, that will be
- output to stderr. -v suppresses the -s streamsize option.
+ Options that may be specified with -s are:
- -s check
+ check
- Specifies that the output stream will use a send stream format
- that uses per-record checksums. This format is the system-wide
- default. When an interrupted transfer is resumed by using a re-
- ceive checkpoint (see zfs send -C), the use of the 'check'
- format before the outage enables the resumed transfer to pre-
- serve and reuse the portions of the interrupted snapshot that
- were already successfully received.
+ Specifies that the output stream will use a send stream
+ format that uses per-record checksums. This format is the
+ system-wide default. When an interrupted transfer is re-
+ sumed by using a receive checkpoint (see zfs send -C), the
+ use of the check format before the outage enables the re-
+ sumed transfer to preserve and reuse the portions of the
+ interrupted snapshot that were already successfully re-
+ ceived.
- -s nocheck
+ nocheck
- Specifies that the output stream will use a legacy send stream
- format without per-record checksums. This format is suitable
- for transmission to older systems that do not support the new
- format.
+ Specifies that the output stream will use a legacy send
+ stream format without per-record checksums. This format is
+ suitable for transmission to older systems that do not sup-
+ port the new format.
- -v
+ memsize
- Displays verbose information about the stream package gener-
- ated.
+ Specifies that the deduplication memory size, in bytes,
+ will be output to stderr. The -s memsize option cannot be
+ used with the -v option. The -s memsize option is only
+ valid when used with the -D option.
- -w compress
+ streamsize
- Send the compressed filesystem blocks compressed in the stream,
- that is, without decompressing them. compress also implicitly
- enables the -p option, and is mutually exclusive with the -D
- option. compress is the default argument when the -w option is
- not specified.
+ Specifies that the size of the stream, in bytes, will be
+ output to stderr. The -s streamsize option cannot be used
+ with the -v option.
+ If both -s streamsize and -s memsize options are specified, the
+ values are output on successive lines in the order specified on
+ the command line.
- -w crypto
- Send filesystem blocks as they are on disk, without decompress-
- ing or decrypting them. crypto also implicitly enables the -p
- and -compress options, and is mutually exclusive with the -D
- option.
+ -v
+ Displays verbose information about the stream package gener-
+ ated. The -v option cannot be used with the -s memsize or -s
+ streamsize options.
- -w none
- The none argument disables the compress behaviour.
+ -w compress|crypto|none
+ Specify how the blocks should be sent in the stream. Can be one
+ of these values:
- -m memsize
+ compress
+
+ Send the compressed filesystem blocks compressed in the
+ stream, that is, without decompressing them. compress also
+ implicitly enables the -p option, and is mutually exclusive
+ with the -D option. compress is the default argument when
+ the -w option is not specified.
- Limits the amount of memory used by deduplication processing to
- the value specified in bytes, kbytes, mbytes, or gbytes by us-
- ing the appropriate suffix. For example, 2G, 2048M, 2097152K,
- or 2147483648.
+ crypto
- -s memsize
+ Send filesystem blocks as they are on disk, without decom-
+ pressing or decrypting them. crypto also implicitly enables
+ the -p and -w compress options, and is mutually exclusive
+ with the -D option.
+
+
+ none
+
+ The none argument disables the compress and crypto behav-
+ iors.
- Specifies that the deduplication memory size, in bytes, will be
- output to stderr. If both -s streamsize and -s memsize op-
- tions are specified, the values are output on successive lines
- in the order specified on the command line. -s option is incom-
- patible with -v option.
The format of the stream is committed. You will be able to receive
your streams on future versions of ZFS.
@@ -2915,17 +2979,15 @@
erty.
+
zfs set [-f|-r] property=value filesystem|volume|snapshot ...
- zfs set -c [-r] share=name=value filesystem|volume|snapshot|share ...
+ zfs set -c share=name=value filesystem|volume|snapshot|share ...
Sets the property to the given value for each dataset. Only some
- properties can be edited. See the "Properties" section for more in-
- formation on what properties can be set and acceptable values. Nu-
- meric values can be specified as exact values, or in a human-read-
- able form with a suffix of B, K, M, G, T, P, E, Z (for bytes, kilo-
- bytes, megabytes, gigabytes, terabytes, petabytes, exabytes, or
- zettabytes, respectively). User properties can be set on snapshots.
- For more information, see the "User Properties" section.
+ properties can be edited. See the "Native Properties" section for
+ more information on what properties can be set and acceptable val-
+ ues. Only user properties can be set on snapshots. For more infor-
+ mation, see the "User Properties" section.
-f
@@ -2975,7 +3037,7 @@
-r
- Recursively creates snapshots of all descendent datasets. Snap-
+ Recursively creates snapshots of all descendant datasets. Snap-
shots are taken atomically, so that all recursive snapshots
correspond to the same moment in time.
@@ -2989,10 +3051,8 @@
zfs unallow [-rldug] everyone|user|group[,...] [perm|@setname[, ...]]
filesystem|volume
zfs unallow [-rld] -e [perm|@setname [,...]] filesystem|volume
- zfs unallow [-r] -c [perm|@setname[,...]]
- filesystem|volume
- zfs unallow [-r] -s @setname [perm|@setname[,...]]
- filesystem|volume
+ zfs unallow [-r] -c [perm|@setname[,...]] filesystem|volume
+ zfs unallow [-r] -s @setname [perm|@setname[,...]] filesystem|volume
For a full description of the zfs unallow syntax and examples, see
zfs_allow(8).
@@ -3024,7 +3082,7 @@
-r
- Unmounts all descendent file systems of the specified filesys-
+ Unmounts all descendant file systems of the specified filesys-
tem or ZFS file systems which are mounted at or beneath the
specified mountpoint.
@@ -3093,7 +3151,7 @@
-r
- Upgrades the specified file system and all descendent file sys-
+ Upgrades the specified file system and all descendant file sys-
tems.
@@ -3219,13 +3276,12 @@
# zfs snapshot pool/home/bob@yesterday
-
Example 3 Creating and Destroying Multiple Snapshots
The following command creates snapshots named yesterday of pool/home
- and all of its descendent file systems. Each snapshot is mounted on de-
+ and all of its descendant file systems. Each snapshot is mounted on de-
mand in the .zfs/snapshot directory at the root of its file system. The
second command destroys the newly created snapshots.
@@ -3434,8 +3481,8 @@
# zfs send pool/fs@a | \
ssh host zfs receive poolB/received/fs@a
- # zfs send -i a pool/fs@b | ssh host \
- zfs receive poolB/received/fs
+ # zfs send -i a pool/fs@b | \
+ ssh host zfs receive poolB/received/fs
@@ -3493,13 +3538,12 @@
# zfs snapshot -r pool/users@today
-
Example 16 Displaying ZFS Snapshot Differences
- The following example is output of the zfs diff -F and -t options
- specified:
+ The following example shows output of zfs diff with the -F and -t op-
+ tions specified:
# zfs diff -Ft myfiles@snap1
@@ -3585,28 +3625,19 @@
xargs -i -n1 zfs destroy "{}"
-
EXIT STATUS
The following exit values are returned:
- 0
+ 0 Successful completion.
- Successful completion.
+ 1 An error occurred.
- 1
- An error occurred.
+ 2 Invalid command line options were specified.
- 2
-
- Invalid command line options were specified.
-
-
- 3
-
- A fatal error occurred.
+ 3 A fatal error occurred.
ATTRIBUTES
@@ -3623,15 +3654,16 @@
SEE ALSO
chmod(1), chown(1), gzip(1), pktool(1), setlabel(1), ssh(1), chmod(2),
- chown(2), stat(2), write(2), fsync(3C), setflabel(3TSOL), dfstab(5),
- vfstab(5), attributes(7), datasets(7), filesystem(7), sysattr(7),
- mount(8), shadowd(8), share(8), share_nfs(8), share_smb(8), unshare(8),
- zfs_allow(8), zfs_encrypt(8), zfs_share(8), zonecfg(8), zpool(8)
+ chown(2), stat(2), write(2), fsync(3C), setflabel(3TSOL), zfs(4fs),
+ dfstab(5), vfstab(5), acl(7), attributes(7), datasets(7),
+ filesystem(7), sysattr(7), mount(8), shadowd(8), share(8),
+ share_nfs(8), share_smb(8), unshare(8), zfs_allow(8), zfs_encrypt(8),
+ zfs_share(8), zonecfg(8), zpool(8)
- For information about other ZFS features, see zfs_allow(8), zfs_en-
- crypt(8), zfs_share(8), and the Managing ZFS File Systems in Oracle So-
- laris 11.4 book.
+ For information about other ZFS features, see zfs_allow(8),
+ zfs_encrypt(8), zfs_share(8), and the Managing ZFS File Systems in Ora-
+ cle Solaris 11.4 book.
WARNINGS
Files in filesystems with mandatory retention that are retained but the
@@ -3677,7 +3709,7 @@
+---------------------------------------+---------------------+
| promote | 10 11/06 (Update 3) |
+---------------------------------------+---------------------+
- | clone, create, destroy, get, inherit, | 10 8/08 (Update 2) |
+ | clone, create, destroy, get, inherit, | 10 6/06 (Update 2) |
| list, mount, receive, recv, rename, | |
| rollback, send, set, share, snapshot, | |
| unmount, unshare | |
@@ -3781,6 +3813,10 @@
Native Properties
+ Automatic encryption of swap volumes was enabled in Oracle Solaris
+ 11.4.24.
+
+
The shareiscsi native property was removed in Oracle Solaris 11.0.0.
@@ -3809,6 +3845,8 @@
| retention.period.changeacl, |11.4.63 |
| retention.policy.onexpiry | |
+--------------------------------------------------+--------------------+
+ | dump, swap |11.4.60 |
+ +--------------------------------------------------+--------------------+
| unicode |11.4.51 |
+--------------------------------------------------+--------------------+
| retention.period.default, |11.4.45 |
@@ -3841,8 +3879,8 @@
| usedbysnapshots, userquota@user, userused@user | |
+--------------------------------------------------+--------------------+
| casesensitivity, copies, normalization, |10 8/08 (Update 6) |
- | refreservation, refquota, version, vscan, | |
- | utf8only | |
+ | refquota, refreservation, utf8only, version, | |
+ | vscan | |
+--------------------------------------------------+--------------------+
| canmount, iscsioptions, shareiscsi, xattr |10 8/07 (Update 4) |
+--------------------------------------------------+--------------------+
@@ -3860,51 +3898,56 @@
Support for the following values of the specified native properties was
added in the listed Solaris release:
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| PROPERTY | VALUE | RELEASE |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| mountpoint | clonedir | 11.4.72 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| retention.policy.onexpiry | off, delete, hold | 11.4.63 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| unicode | 5.0.0, 14.0.0 | 11.4.51 |
- +---------------------------+---------------------------------------+----------------+
- | retention.policy | off, privileged, mandatory | 11.4.45 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
+ | retention.policy | off, privileged, | 11.4.45 |
+ | | mandatory | |
+ +---------------------------+---------------------------+---------------+
| aclinherit | passthrough-mode-preserve | 11.4.0 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| compression | lz4 | 11.3.0 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| refreservation | auto | 11.2.8 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| checksum | sha256-mac | 11.0.0 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| compression | zle | 11.0.0 |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| aclmode | mask | 10 8/11 (U10) |
- +---------------------------+---------------------------------------+----------------+
- | sync | standard, always, disabled | 10 8/11 (U10) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
+ | sync | standard, always, | 10 8/11 (U10) |
+ | | disabled | |
+ +---------------------------+---------------------------+---------------+
| aclinherit | passthrough-x | 10 10/09 (U8) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| aclinherit | restricted | 10 8/08 (U6) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| canmount | noauto | 10 8/08 (U6) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| compression | gzip, gzip-1...gzip-9 | 10 8/08 (U6) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| canmount | on, off | 10 8/07 (U4) |
- +---------------------------+---------------------------------------+----------------+
- | aclinherit | discard, noallow, secure, passthrough | 10 6/06 (U2) |
- +---------------------------+---------------------------------------+----------------+
- | aclmode | discard, groupmask, passthrough | 10 6/06 (U2) |
- +---------------------------+---------------------------------------+----------------+
- | checksum | on, off, fletcher2, fletcher4, sha256 | 10 6/06 (U2) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
+ | aclinherit | discard, noallow, | 10 6/06 (U2) |
+ | | secure, passthrough | |
+ +---------------------------+---------------------------+---------------+
+ | aclmode | discard, groupmask, | 10 6/06 (U2) |
+ | | passthrough | |
+ +---------------------------+---------------------------+---------------+
+ | checksum | on, off, fletcher2, | 10 6/06 (U2) |
+ | | fletcher4, sha256 | |
+ +---------------------------+---------------------------+---------------+
| compression | lzjb, on, off | 10 6/06 (U2) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
| mountpoint | legacy, none, path | 10 6/06 (U2) |
- +---------------------------+---------------------------------------+----------------+
+ +---------------------------+---------------------------+---------------+
-Oracle Solaris 11.4 6 Jan 2025 zfs(8)
+Oracle Solaris 11.4 17 Mar 2025 zfs(8)
diff -NurbBw 11.4.78/man8/zoneadm.8 11.4.81/man8/zoneadm.8
--- 11.4.78/man8/zoneadm.8 2025-05-11 12:25:33.936714435 -0700
+++ 11.4.81/man8/zoneadm.8 2025-05-11 12:25:48.018645410 -0700
@@ -279,8 +279,8 @@
taching the zone. The state of the zone on the originating sys-
tem is not changed. The zone manifest is sent to stdout. The
global administrator can direct this output to a file or pipe
- it to a remote command to be immediately validated on the tar-
- get host.
+ it to a remote command to be immediately validated on the des-
+ tination host.
@@ -613,6 +613,17 @@
abled for live migration. With the default configuration, there-
fore, ports 8102 and 12302 must be accessible.
+ The system time across the source and the destination hosts should
+ be synchronized using for example the NTP, see the ntpd(8) man
+ page. The difference in system time between the source and destina-
+ tion hosts must not exceed a couple of seconds otherwise the zone
+ migration will refuse to start. This check can be disabled by set-
+ ting the options/migration_requires_synchronized_time property of
+ svc:/system/zones/zone service to false. Setting the property at
+ the service level will disable the check globally for all zones.
+ Setting it at the instance level will disable it only for the given
+ zone.
+
zoneadm migrate takes the following options:
-n Do a dry run: checks if the zone could be live migrated
@@ -929,8 +940,8 @@
This option can be used to force the zone into the installed
state with no software compatibility tests. The option should
be used with care since it can leave the zone in an unsupport-
- able state if it was moved from a source system to a target
- system that is unable to properly host the zone.
+ able state if it was moved from a source system to a destina-
+ tion system that is unable to properly host the zone.
-u
@@ -1607,12 +1618,8 @@
[-P patch_dir> [-O patch_order_file]]
The solaris10 brand installer supports installing the zone from an
- image of an installed Solaris 10 system. This can be a Unified
- Archive, cpio(1), pax(1), xustar, or ZFS archive. The cpio or ZFS
- archive can be compressed with gzip(1) or bzip2(1). The image can
- also be a level 0 ufsdump(8), or a path to the top-level of a So-
- laris 10 system's root directory tree. The zone cannot be installed
- from standard Solaris 10 distribution media.
+ image of an installed Solaris 10 system. The zone cannot be in-
+ stalled from standard Solaris 10 distribution media.
To install the zone from a system or zone image, either the -a or
-d options is required. If either the -a or -d options is used, ei-
@@ -1620,10 +1627,16 @@
-a archive
- The path or file, http, or https URI of a Unified Archive. Al-
- ternatively, the path of a cpio(1), pax(1) xustar, ZFS
- archive, or a level 0 ufsdump(8) of an installed global zone or
- non-global zone.
+ The path or file, http, or https URI of a Unified Archive,
+ uar(7). Alternatively, the path of a flash archive (flar),
+ cpio(1), ustar, xustar, pax(1), ZFS archive, or a level 0 ufs-
+ dump(8) of an installed global zone or non-global zone.
+
+ The cpio, ustar, xustar, pax, or ZFS archive may be compressed
+ with gzip(1) or bzip(1).
+
+ For more information on file archives, see Creating and Using
+ Installation Archives section in solaris10(7).
If a Unified Archive is specified, the -z option may be used to
select which archived zone is to be installed. If the Unified
@@ -1903,6 +1916,41 @@
+ Example 13 Disabling the system time pre-migration check for all zones
+
+
+
+ The following commands show how to globally disable the pre-migration
+ check which verifies that the source and destination hosts have the
+ same system time.
+
+
+
+ # svccfg -s svc:/system/zones/zone
+ svc:/system/zones/zone> setprop options/migration_requires_synchronized_time = false
+ svc:/system/zones/zone> refresh
+ svc:/system/zones/zone> exit
+
+
+
+ Example 14 Disabling the system time pre-migration check for specified
+ zone
+
+
+
+ The following commands show how to disable the pre-migration check
+ which verifies that the source and destination hosts have the same sys-
+ tem time for the specified zone only.
+
+
+
+ # svccfg -s svc:/system/zones/zone:myzone
+ svc:/system/zones/zone> setprop options/migration_requires_synchronized_time = false
+ svc:/system/zones/zone> refresh
+ svc:/system/zones/zone> exit
+
+
+
EXIT STATUS
The following exit values are returned:
@@ -1960,4 +2008,4 @@
when the zone is booted with -w/-W, the write-only protection is dis-
abled. Care must be taken that the zone is otherwise protected.
-Oracle Solaris 11.4 10 Dec 2023 zoneadm(8)
+Oracle Solaris 11.4 19 Feb 2025 zoneadm(8)
diff -NurbBw 11.4.78/man8/zpool.8 11.4.81/man8/zpool.8
--- 11.4.78/man8/zpool.8 2025-05-11 12:25:34.015686183 -0700
+++ 11.4.81/man8/zpool.8 2025-05-11 12:25:48.114771599 -0700
@@ -7,23 +7,24 @@
zpool [-?]
- zpool help command | help | property property-name
+ zpool help [subcommand | [property] property-name | device [column] |
+ statussections [column]]
- zpool help -l properties
+ zpool help [-l] properties
- zpool add [-f] [-o property=value] ... [-n [-l]] pool vdev ...
+ zpool add [-f] [-o property=value ...] [-n [-l]] pool vdev ...
zpool attach [-f] pool device new_device
- zpool clear [-nF [-f]] pool [device]
+ zpool clear [-f] [-F [-n]] pool [device]
- zpool create [-f] [-n [-l]] [-B] [-N] [-o property=value] ...
- [-O file-system-property=value] ... [-m mountpoint]
+ zpool create [-f] [-n [-l]] [-B] [-N] [-o property=value ...]
+ [-O file-system-property=value ...] [-m mountpoint]
[-R root] pool vdev ...
@@ -37,26 +38,22 @@
zpool get [-Hp] [-o all | field[,...]] [-s source[,...]]
- all | property[,...] pool ...
+ {all | property[,...]} pool ...
zpool history [-il] [pool] ...
- zpool import [-d path ... | -c cachefile] [-D] [-l]
+ zpool import [-Dl] [-d path ... | -c cachefile]
[-S section[,...]] [-s all | field[,...]]
- zpool import [-d path ... |-c cachefile] [-D] [-F [-n]] pool|id
-
-
- zpool import [-o mntopts] [-o property=value] ... [-d path ... |
- -c cachefile] [-D] [-f] [-m] [-N] [-R root] [-F [-n]] -a
- pool|id [newpool]
+ zpool import [-lmN] [-o mntopts] [-o property=value ...]
+ [-d path ... | -c cachefile] [-R root] [-F [-n]] [-f [-D]] -a
- zpool import [-o mntopts] [-o property=value] ... [-d path ... |
- -c cachefile] [-D] [-f] [-m] [-N] [-R root] [-F [-n [-l]]]
+ zpool import [-lmN] [-o mntopts] [-o property=value ...]
+ [-d path ... | -c cachefile] [-R root] [-F [-n]] [-f [-D]]
[-t tmppool] pool|id [newpool]
@@ -95,7 +92,8 @@
zpool replace [-f] pool device [new_device]
- zpool retained [-euandhr] [-A | -f | [-p] -o field[,...]] [pool] ...
+ zpool retained [-r] [-e | -u] [-a | -n] [-d | -h]
+ [-A | -f | [-p] -o field[,...]] [pool]
zpool scrub [-s] pool ...
@@ -540,8 +538,8 @@
health
- The current health of the pool. Health can be ONLINE, DEGRADED, UN-
- AVAIL, CLEARED, UNKNOWN, or SUSPENDED.
+ The current health of the pool. Health can be ONLINE, DEGRADED,
+ UNAVAIL, CLEARED, UNKNOWN, or SUSPENDED.
lastscrub=timestamp
@@ -573,16 +571,16 @@
This sets the allocation unit ZFS will use to read and write from
and to the vdev. In general this property should not need to be set
- by hand. The value for 'allocunit' must be a power of 2 number be-
- tween 512 and 8192(8K). If an invalid or unsupported 'allocunit' is
- specified (for example a smaller 'allocunit' than the logical sec-
- torsize of the device), an error will be returned.
-
- Please note that the allocunit is used by zfs to do allocations and
- that has a consequence that allocated blocks that zfs write and
- read later will be aligned on this boundary. Overriding it manually
- may have performance and/or space usage implications, so it should
- not be done without a clear need for that.
+ by hand. The value for allocunit must be a power of 2 number be-
+ tween 512 and 8192 (8K). If an invalid or unsupported allocunit is
+ specified (for example a smaller value than the logical sector size
+ of the device), an error will be returned.
+
+ Please note that the allocunit is used by ZFS to do allocations and
+ that has a consequence that allocated blocks that ZFS writes and
+ reads later will be aligned on this boundary. Overriding it manu-
+ ally may have performance and/or space usage implications, so it
+ should not be done without a clear need for that.
@@ -724,10 +718,8 @@
canmount
mountpoint
zoned
-
-
- A ZFS file system must have its "zoned" property set to "off" for a
- global mount to succeed. Attempts to set the "zoned" property of a
+ A ZFS file system must have its zoned property set to off for a
+ global mount to succeed. Attempts to set the zoned property of a
global mounted ZFS file system will fail.
Some of the above restrictions may be lifted in the future.
@@ -744,8 +736,8 @@
Controls whether a non-privileged user is granted access based on
the dataset permissions defined on the dataset. The default value
- is on. See zfs(8) for more information on ZFS delegated administra-
- tion.
+ is on. See zfs_allow(8) for more information on ZFS delegated ad-
+ ministration.
failmode=wait | continue | panic
@@ -827,10 +819,34 @@
since the start of the last scrub, which had either completed suc-
cessfully or been canceled explicitly via zpool scrub -s.
- The following units are recognized: s (second, default), h (hour),
- d (day), w (week, 7 days), m (month, 30 days) and y (year, 365
- days); internally, these are stored as seconds in the property but
- displayed s/h/d/w/m/y by "zfs get".
+ Time intervals are specified as an integer number followed by an
+ optional unit specifier. The following unit specifiers are recog-
+ nized:
+
+
+ +------------------------------+-----------------------------+
+ | SPECIFIERS |UNIT |
+ +------------------------------+-----------------------------+
+ | s, second, seconds |second |
+ +------------------------------+-----------------------------+
+ | minute, minutes |minute |
+ +------------------------------+-----------------------------+
+ | h, hour, hours |hour |
+ +------------------------------+-----------------------------+
+ | d, day, days |day (24 hours) |
+ +------------------------------+-----------------------------+
+ | w, week, weeks |week (7 days) |
+ +------------------------------+-----------------------------+
+ | m, month, months |month (30 days) |
+ +------------------------------+-----------------------------+
+ | y, year, years |year (365 days) |
+ +------------------------------+-----------------------------+
+
+ Note that the unit of m is months, not minutes. If no unit speci-
+ fier is listed, the default unit of seconds is used.
+
+ Internally, these are stored as seconds in the property but dis-
+ played s/h/d/w/m/y by zpool get.
Only a single unit may be used, i.e. this is not allowed:
@@ -846,13 +862,14 @@
The current on-disk version of the pool. This can be increased, but
never decreased. The preferred method of updating pools is with the
- zpool upgrade command, though this property can be used when a spe-
- cific version is needed for backward compatibility. This property
- can be any number between 1 and the current version reported by
- zpool upgrade -v.
+ zpool upgrade command. The -V option to the zpool upgrade command
+ can be used when a specific version is needed for backward compati-
+ bility. This property can be any number between 1 and the current
+ version reported by zpool upgrade -v.
If the pool is a boot pool then this property can not be set with
- the zpool set command.
+ the zpool set command, and can only be changed by the zpool upgrade
+ command.
Device status properties
@@ -860,9 +877,9 @@
status can report various device specific information using a -s op-
tion. This section lists those device specific properties that are cur-
rently supported and their descriptions. These properties are specific
- to the context it is reported in, for example if 'checksum' property is
- reported against a vdev that is a number of checksum errors detected
- specifically on that vdev
+ to the context it is reported in, for example if the checksum property
+ is reported against a vdev, that is the number of checksum errors de-
+ tected specifically on that vdev.
allocunit
@@ -963,22 +980,26 @@
Displays a help message.
- zpool help command | help | property property-name
+ zpool help [subcommand | [property] property-name | device [column] |
+ statussections [column]]
Displays zpool command usage. You can display help for a specific
- command or property. If you display help for a specific command or
- property, the command syntax or available property values are dis-
- played. Using zpool help without any arguments displays a complete
- list of zpool commands.
+ subcommand, pool property, device status property, or zpool status
+ -S section argument. If you display help for a specific command,
+ the command syntax is displayed. If you display help for a specific
+ pool property, the property attributes and available property val-
+ ues are displayed. If you display help for a device status property
+ or status section, a brief description is displayed. Using zpool
+ help without any arguments displays a complete list of zpool com-
+ mands.
+
- zpool help -l properties
-
- Displays zpool property information, including whether the property
- value is editable and their possible values. If you display help
- for a specific subcommand or property, the command syntax or prop-
- erty value is displayed. Using zpool help without any arguments
- displays a complete list of zpool subcommands.
+ zpool help [-l] properties
+
+ Lists all available zpool properties. If the -l option is speci-
+ fied, the list includes whether the property value is editable and
+ the possible values for the property.
zpool add [-f] [-o property=value] ... [-n [-l]] pool vdev ...
@@ -999,7 +1020,7 @@
-o property=value
Sets the specified property for all vdevs specified in a com-
- mand. Only 'allocunit' is supported at the moment.
+ mand. Only allocunit is supported at the moment.
-n
@@ -1036,7 +1057,7 @@
- zpool clear [-nF [-f]] pool [device] ...
+ zpool clear [-f] [-F [-n]] pool [device] ...
Clears device errors in a pool. If no arguments are specified, all
device errors within the pool are cleared. If one or more devices
@@ -1069,15 +1090,15 @@
- zpool create [-f] [-n [-l]] [-B] [-N] [-o property=value] ... [-O
- file-system-property=value] ... [-m mountpoint] [-R root] pool vdev
- ...
+ zpool create [-f] [-n [-l]] [-B] [-N] [-o property=value ...]
+ [-O file-system-property=value ...] [-m mountpoint] [-R root]
+ pool vdev ...
Creates a new storage pool containing the virtual devices specified
on the command line. The pool name must begin with a letter, and
- can contain alphanumeric characters, as well as underscore (_),
- dash (-), colon (:), space ( ), and period (.). The pool names mir-
- ror, raidz, spare, and log, and meta are reserved, as are names be-
+ can contain alphanumeric ASCII characters, as well as underscore
+ (_), dash (-), colon (:), space ( ), and period (.). The pool names
+ mirror, raidz, spare, log, and meta are reserved, as are names be-
ginning with the pattern c[0-9]. The vdev specification is de-
scribed in the "Virtual Devices" section.
@@ -1144,8 +1165,8 @@
[-O file-system-property=value] ...
Sets the given properties for the pool's top-level file system.
- See the "Properties" section of zfs(8) for a list of valid
- properties that can be set.
+ See the "Native Properties" section of zfs(8) for a list of
+ valid properties that can be set.
@@ -1163,13 +1184,15 @@
+
+
zpool destroy [-f] pool
- Attempts to destroy a pool that is no longer required, and the pool
- devices are no longer available or accessible to the system. The -f
- option might be required. Then, use the zpool label command to re-
- move the destroyed pool information from the pool devices, if you
- want to use the remaining pool devices again.
+ Attempts to destroy a pool that is no longer required. If the pool
+ devices are no longer available or accessible to the system, the -f
+ option might be required. After destroying the pool, use the zpool
+ label command to remove the destroyed pool information from the
+ pool devices, if you want to use the remaining pool devices again.
-f
@@ -1205,14 +1228,15 @@
-f
- Forcibly unmount all datasets, using the unmount -f command.
+ Forcibly unmount all datasets, using the zfs unmount -f com-
+ mand.
This command will forcibly export the pool.
- zpool get [-Hp] [-o all | field[,...]] [-s source[,...]] all |
- property[,...] pool ...
+ zpool get [-Hp] [-o all | field[,...]] [-s source[,...]]
+ {all | property[,...]} pool ...
Retrieves the given list of properties (or all properties if all is
used) for the specified storage pool(s).
@@ -1220,41 +1244,39 @@
See the "Properties" section for more information on the available
pool properties.
+ -H
+ Scripted mode. Does not display headers and separates fields by
+ a single tab instead of arbitrary space.
- -H Scripted mode. Does not display headers and separates
- fields by a single tab instead of arbitrary space.
+ -p
- -p Displays numbers in parseable (exact) values.
+ Displays numbers in parseable (exact) values.
- -o fields Comma-separated list of fields to display. By default,
- the properties are displayed with the following
- fields:
+ -o fields
+ Comma-separated list of fields to display. By default, the
+ properties are displayed with the following fields:
name Name of storage pool
property Property name
value Property value
- source Property source, either 'default' or 'local'.
-
-
+ source Property source, either default or local.
- -s source A comma-separated list of sources to display. Those
- properties coming from a source other than those in
- this list are ignored. Each source must be one of the
- following:
+ -s source
+ A comma-separated list of sources to display properties from.
+ Those properties coming from a source other than those in this
+ list are ignored. Each source must be one of the following:
local, default, none
The default value is all sources.
- See the "Properties" section for more information on the available
- pool properties.
zpool history [-il] [pool] ...
@@ -1276,18 +1298,17 @@
- zpool import [-d path ... | -c cachefile] [-D] [-l] [-S section[,...]]
+ zpool import [-Dl] [-d path ... | -c cachefile] [-S section[,...]]
[-s all | field[,...]]
Lists pools available to import. If the -d option is not specified,
- this command searches for devices in /dev/dsk. The -d option can be
- specified multiple times, and all directories and device paths are
- searched. If the device appears to be part of an exported pool,
- this command displays a summary of the pool with the name of the
- pool, a numeric identifier, as well as the vdev layout and current
- health of the device for each device or file. Pools that were pre-
- viously destroyed with the zpool destroy command, are not listed
- unless the -D option is specified.
+ this command searches for devices in /dev/dsk. If the device ap-
+ pears to be part of an exported pool, this command displays a sum-
+ mary of the pool with the name of the pool, a numeric identifier,
+ as well as the vdev layout and current health of the device for
+ each device or file. Pools that were previously destroyed with the
+ zpool destroy command are not listed unless the -D option is speci-
+ fied.
The numeric identifier is unique, and can be used instead of the
pool name when multiple exported pools of the same name are avail-
@@ -1296,7 +1317,7 @@
-c cachefile
Reads configuration from the given cachefile that was created
- with the "cachefile" pool property. This cachefile is used in-
+ with the cachefile pool property. This cachefile is used in-
stead of searching for devices.
@@ -1304,7 +1325,9 @@
Searches for devices or files in path, where path can be a di-
rectory or a device path. The -d option can be specified multi-
- ple times.
+ ple times, in which case, all specified directories and device
+ paths are searched. This option is incompatible with the -c op-
+ tion.
-D
@@ -1326,7 +1349,7 @@
psize, lsize, alloc, free and pctfull. See 'Device status prop-
erties' section for more details.
- When used in combination with -S, 'config' section is implic-
+ When used in combination with -S, the config section is implic-
itly included in the sections displayed.
@@ -1334,19 +1357,21 @@
A comma-separated list of sections to display. The list of sta-
tus sections available are: pool, id, state, retained, scan,
- config, dedup, errors.
+ config, dedup, errors. An up-to-date list of sections is avail-
+ able from 'zpool help statussections'.
- Without -S option all available sections will be displayed.
+ Without -S all available sections will be displayed.
- zpool import [-o mntopts] [ -o property= value] ... [-d path ... |
- -c cachefile] [-D] [-f] [-m] [-N] [-R root] [-F [-n [-l]]] -a
+
+ zpool import [-lmN] [-o mntopts] [-o property=value] ...]
+ [-d path ... | -c cachefile] [-f [-D]] [-R root] [-F [-n]] -a
Imports all pools found in the search directories or device paths.
Identical to the previous command, except that all pools with a
sufficient number of devices available are imported. Pools that
- were previously destroyed with the zpool destroy command, are not
+ were previously destroyed with the zpool destroy command are not
imported unless the -D option is specified.
-o mntopts
@@ -1366,15 +1391,16 @@
-c cachefile
Reads configuration from the given cachefile that was created
- with the "cachefile" pool property. This cachefile is used in-
+ with the cachefile pool property. This cachefile is used in-
stead of searching for devices.
-d path
Searches for devices or files in path. The -d option can be
- specified multiple times. This option is incompatible with the
- -c option.
+ specified multiple times, in which case, all specified directo-
+ ries and device paths are searched. This option is incompatible
+ with the -c option.
-D
@@ -1429,21 +1455,21 @@
-l
- If possible, have -n display information in current /dev/chas-
- sis location form.
+ If possible, display information in current /dev/chassis loca-
+ tion form.
- zpool import [-d path ... |-c cachefile] [-D] [-F [-n]] pool|id
- zpool import [-o mntopts] [ -o property= value] ... [-d path ... |
- -c cachefile] [-D] [-f] [-m] [-N] [-R root] [-F [-n]] [-l] [-t tmp-
- pool] pool|id [newpool]
+
+ zpool import [-lmN] [-o mntopts] [-o property=value ...]
+ [-d path ... | -c cachefile] [-f [-D]] [-R root] [-F [-n]]
+ [-t tmppool] pool|id [newpool]
Imports a specific pool. A pool can be identified by its name or
the numeric identifier. If newpool is specified, the pool is im-
ported using the persistent name newpool. Otherwise, it is imported
with the same name as its exported name. Do not import a root pool
- with a new name. Otherwise, the system might not boot.
+ with a new name, or the system might not boot.
If a device is removed from a system without running zpool export
first, the device appears as potentially active. It cannot be de-
@@ -1475,8 +1501,9 @@
-d path
Searches for devices or files in path. The -d option can be
- specified multiple times. This option is incompatible with the
- -c option.
+ specified multiple times, in which case, all specified directo-
+ ries and device paths are searched. This option is incompatible
+ with the -c option.
-D
@@ -1521,8 +1548,8 @@
-l
- If possible, have -n display information in current /dev/chas-
- sis location form.
+ If possible, display information in current /dev/chassis loca-
+ tion form.
-m
@@ -1576,19 +1604,21 @@
A pool can be identified by its name or the numeric identifier. If
a device is specified, this command clears the pool's metadata
found only on the given device. If the -d option is not specified,
- this command searches for devices in /dev/dsk directory.
+ this command searches for devices in the /dev/dsk directory.
+ -c cachefile
- -c cachefile Reads the configuration from the given cachefile
- that was created with the cachefile pool property.
- This cachefile is used instead of searching for de-
- vices.
+ Reads the configuration from the given cachefile that was cre-
+ ated with the cachefile pool property. This cachefile is used
+ instead of searching for devices.
- -d path Searches for devices or files in path. The -d op-
- tion can be specified multiple times. This option
- is incompatible with the -c option.
+ -d path
+ Searches for devices or files in path. The -d option can be
+ specified multiple times, in which case, all specified directo-
+ ries and device paths are searched. This option is incompatible
+ with the -c option.
@@ -1609,20 +1639,23 @@
A pool can be identified by its name or the numerical identifier.
If the -d option is not specified, this command searches for de-
- vices in /dev/dsk directory. A device must be specified using its
- full path and name.
+ vices in the /dev/dsk directory. A device must be specified using
+ its full path and name.
+ -c cachefile
- -c cachefile Reads the configuration from the given cachefile
- that was created with the cachefile pool property.
- This cachefile is used instead of searching for de-
- vices.
+ Reads the configuration from the given cachefile that was cre-
+ ated with the cachefile pool property. This cachefile is used
+ instead of searching for devices.
- -d path Searches for devices or files in path, where path
- can be a directory or a device path. The -d option
- can be specified multiple times.
+ -d path
+ Searches for devices or files in path, where path can be a di-
+ rectory or a device path. The -d option can be specified multi-
+ ple times, in which case, all specified directories and device
+ paths are searched. This option is incompatible with the -c op-
+ tion.
@@ -1635,6 +1668,7 @@
zpool list [-H] [-o props[,...]] [-T d|u] [pool] ...
+ [interval [count]]
Lists the given pools along with a health status and space usage.
When given no arguments, all pools in the system are listed.
@@ -1675,26 +1710,30 @@
til Ctrl-C is pressed. If count is specified, the command exits af-
ter count reports are printed.
+ -o field[,...]
+
+ Display only selected field(s).
- -o field[,. . .] Display only selected field(s).
+ -p
- -p Display using a stable machine-parseable for-
- mat. For more information, see 'Parseable Out-
- put Format', below.
+ Display using a stable machine-parseable format. For more in-
+ formation, see 'Parseable Output Format', below.
- -t provider Display data from the listed providers. Current
- providers are send, receive (or recv), destroy,
- scrub, and resilver. An up-to-date list of
- providers is available from 'zpool help moni-
+ -t provider
+
+ Display data from the listed providers. Current providers are
+ send, receive (or recv), destroy, scrub, and resilver. An up-
+ to-date list of providers is available from 'zpool help moni-
tor'.
- -T d|u Display a time stamp. Specify d for standard
- date format. See date(1). Specify u for a
- printed representation of the internal repre-
- sentation of time. See time(2).
+ -T d|u
+
+ Display a time stamp. Specify d for standard date format. See
+ date(1). Specify u for a printed representation of the internal
+ representation of time. See time(2).
@@ -1754,13 +1793,13 @@
zpool remove -s pool
- The inprogress top-level data device removing operation may be can-
+ An in-progress top-level data device removing operation may be can-
celled by zpool remove -s before its completion.
+ -s
- -s Cancel removing a top-level data device and returns the pool
- to its original state.
-
+ Cancel removing a top-level data device and returns the pool to
+ its original state.
@@ -1796,7 +1835,8 @@
- zpool retained [-euandhr] [-A | -f | [-p] -o field[,...]] [pool]
+ zpool retained [-r] [-e | -u] [-a | -n] [-d | -h]
+ [-A | -f | [-p] -o field[,...]] [pool]
Lists the mandatory retention filesystems with retained files in
the specified pool. If no pools are specified, then all pools with
@@ -1978,23 +2018,24 @@
A comma-separated list of device status property fields to dis-
play. The list of status fields available are: name, state,
read, write, checksum, repair, resilver, slow, allocunit,
- psize, lsize, alloc, free and pctfull. See 'Device status prop-
- erties' section for more details.
+ psize, lsize, alloc, free and pctfull. See the 'Device status
+ properties' section for more details.
- When used in combination with -S, 'config' section is implic-
+ When used in combination with -S, the config section is implic-
itly included in the sections displayed.
- Without -s option, the default fields (name, state, read,
- write, checksum) will be displayed.
+ Without -s the default fields (name, state, read, write, check-
+ sum) will be displayed.
-S section[,...]]
A comma-separated list of sections to display. The list of sta-
tus sections available are: pool, id, state, retained, scan,
- config, dedup, errors.
+ config, dedup, errors. An up-to-date list of sections is avail-
+ able from 'zpool help statussections'.
- Without -S option all available sections will be displayed.
+ Without -S all available sections will be displayed.
-l
@@ -2046,11 +2088,15 @@
zpool upgrade [-n] [-V version [-f]] -a | pool ...
- Upgrades the specified pool to the latest on-disk version. If this
- command reveals that a pool is out-of-date, the pool can subse-
- quently be upgraded using the zpool upgrade -a command. A pool
- that is upgraded will not be accessible on a system that runs an
- earlier software release.
+ Upgrades the specified pool to the latest on-disk version. A pool
+ that is upgraded will not be accessible on a system that runs a
+ software release earlier than the one which added support for that
+ pool version. Boot environments for operating systems earlier than
+ the one in which a given version was introduced will not be able to
+ boot if the root pool containing them is upgraded to that version.
+ See Appendix A, Oracle Solaris ZFS Version Descriptions in Managing
+ ZFS File Systems in Oracle Solaris 11.4 for a list of the minimum
+ operating system version that supports each pool version.
-a
@@ -2086,7 +2132,8 @@
If a bootable pool is listed or the -a flag is present and the pool
can be updated without making any more boot environments un-
- bootable then the upgrade will be done unless the -n is given.
+ bootable then the upgrade will be done unless the -n option is
+ given.
Display Fields
@@ -2111,8 +2157,8 @@
POOL Pool information was retrieved from.
- PROVIDER Task providing the information. One of send, receive, de-
- stroy, scrub, or resilver.
+ PROVIDER Task providing the information. One of send, receive,
+ destroy, scrub, or resilver.
SPEED Units per second. Usually bytes, but is dependent on what
@@ -2253,13 +2294,12 @@
pool version 34 default
-
Example 6 Destroying a ZFS Storage Pool
- The following command destroys the pool "tank" and any datasets con-
- tained within.
+ The following command forcibly destroys the pool tank and any datasets
+ contained within.
# zpool destroy -f tank
@@ -2277,13 +2316,12 @@
# zpool export tank
-
Example 8 Importing a ZFS Storage Pool
The following command displays available pools, and then imports the
- pool "tank" for use on the system.
+ pool tank for use on the system.
@@ -2305,17 +2343,16 @@
# zpool import tank
-
Example 9 Upgrading All ZFS Storage Pools to the Current Version
- The following command upgrades all ZFS Storage pools to the current
+ The following command upgrades all ZFS storage pools to the current
version of the software.
# zpool upgrade -a
- This system is currently running ZFS pool version 22.
+ This system is currently running ZFS pool version 53.
All pools are formatted using this version.
@@ -2381,7 +2415,7 @@
Once added, the cache devices gradually fill with content from main
memory. Depending on the size of your cache devices, it could take over
an hour for them to fill. Capacity and reads can be monitored using the
- iostat option as follows:
+ iostat subcommand as follows:
# zpool iostat -v pool 5
@@ -2491,7 +2521,7 @@
exist for
the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
- see: http://www.support.oracle.com/msg/ZFS-8000-2Q
+ see: http://support.oracle.com/msg/ZFS-8000-2Q
scan: none requested
config:
@@ -2525,7 +2555,7 @@
status: One or more devices could not be opened. Sufficient replicas
exist for the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
- see: http://www.support.oracle.com/msg/ZFS-8000-2Q
+ see: http://support.oracle.com/msg/ZFS-8000-2Q
scan: none requested
config:
@@ -2621,9 +2653,12 @@
errors: No known data errors
- After the resilvering completes, mirror-0 and mirror-1 are
- removed from the pool configuration and the pool returns to
- ONLINE state.
+
+
+
+ After the resilvering completes, mirror-0 and mirror-1 are removed from
+ the pool configuration and the pool returns to ONLINE state.
+
# zpool status tank
pool: tank
@@ -2828,8 +2853,12 @@
errors: No known data errors
- After the resilvering completes, raidz1-0 is removed from the pool
- configuration and the pool returns to ONLINE state.
+
+
+
+ After the resilvering completes, raidz1-0 is removed from the pool con-
+ figuration and the pool returns to ONLINE state.
+
# zpool status tank
pool: tank
@@ -2882,8 +2909,11 @@
# zpool remove tank c6t0d0 c6t2d0
- zpool status shows c6t0d0 and
- c6t2d0 are being removed.
+
+
+
+ zpool status shows c6t0d0 and c6t2d0 are being removed.
+
pool: tank
state: ONLINE
@@ -2911,9 +2941,12 @@
errors: No known data errors
- After the resilver completes, c6t0d0 and
- c6t2d0 are removed from the pool configuration
- and the pool returns to ONLINE state.
+
+
+
+ After the resilver completes, c6t0d0 and c6t2d0 are removed from the
+ pool configuration and the pool returns to ONLINE state.
+
# zpool status tank
pool: tank
@@ -2960,19 +2992,13 @@
EXIT STATUS
The following exit values are returned:
- 0
-
- Successful completion.
-
-
- 1
+ 0 Successful completion.
- An error occurred.
+ 1 An error occurred.
- 2
- Invalid command line options were specified.
+ 2 Invalid command line options were specified.
ATTRIBUTES
@@ -2988,7 +3014,11 @@
SEE ALSO
- ps(1), SDC(4), attributes(7), beadm(8), zfs(8), datasets(7)
+ ps(1), SDC(4), attributes(7), datasets(7), beadm(8), zfs(8),
+ zfs_allow(8)
+
+
+ Managing ZFS File Systems in Oracle Solaris 11.4
WARNINGS
For making more space for a zpool, which is available by expanding the
@@ -3016,4 +3046,199 @@
ble in such tools as ps(1). A user has no interaction with these
processes. For more information, see the SDC(4) man page.
-Oracle Solaris 11.4 17 Jan 2024 zpool(8)
+HISTORY
+ ZFS was introduced in the Solaris 10 6/06 (Update 2) release.
+
+
+ For a history of ZFS pool and file system versions, see Appendix A, Or-
+ acle Solaris ZFS Version Descriptions in Managing ZFS File Systems in
+ Oracle Solaris 11.4.
+
+ Virtual Devices (vdevs)
+ Support for the following Virtual Device types was added in the listed
+ Solaris release:
+
+ +---------------------------------------+---------------------+
+ | VIRTUAL DEVICE | RELEASE |
+ +---------------------------------------+---------------------+
+ | meta | 11.4.0 |
+ +---------------------------------------+---------------------+
+ | raidz3 | 10 9/10 (Update 9) |
+ +---------------------------------------+---------------------+
+ | cache, log | 10 8/08 (Update 6) |
+ +---------------------------------------+---------------------+
+ | raidz1, raidz2, spare | 10 11/06 (Update 3) |
+ +---------------------------------------+---------------------+
+ | disk, file, mirror, raidz | 10 6/06 (Update 2) |
+ +---------------------------------------+---------------------+
+
+
+ Subcommands
+ Support for the following subcommands of the zpool command was added in
+ the listed Solaris release:
+
+ +---------------------------------------+---------------------+
+ | SUBCOMMAND | RELEASE |
+ +---------------------------------------+---------------------+
+ | retained | 11.4.45 |
+ +---------------------------------------+---------------------+
+ | reguid | 11.4.0 |
+ +---------------------------------------+---------------------+
+ | label | 11.3.20 |
+ +---------------------------------------+---------------------+
+ | monitor | 11.3.0 |
+ +---------------------------------------+---------------------+
+ | help | 10 8/11 (Update 10) |
+ +---------------------------------------+---------------------+
+ | split | 10 9/10 (Update 9) |
+ +---------------------------------------+---------------------+
+ | get, set | 10 8/08 (Update 6) |
+ +---------------------------------------+---------------------+
+ | history | 10 8/07 (Update 4) |
+ +---------------------------------------+---------------------+
+ | remove | 10 11/06 (Update 3) |
+ +---------------------------------------+---------------------+
+ | add, attach, clear, create, destroy, | 10 6/06 (Update 2) |
+ | detach, export, import, iostat, list, | |
+ | offline, online, replace, scrub, | |
+ | status, upgrade | |
+ +---------------------------------------+---------------------+
+
+
+
+ Support for the following options of the specified subcommands was
+ added in the listed Solaris release:
+
+ +----------------------+------------------------+---------------------+
+ | SUBCOMMAND | OPTIONS | RELEASE |
+ +----------------------+------------------------+---------------------+
+ | retained | -d, -h | 11.4.63 |
+ +----------------------+------------------------+---------------------+
+ | retained | -A, -a, -e, -f, -n, | 11.4.45 |
+ | | -o, -p, -r, -u | |
+ +----------------------+------------------------+---------------------+
+ | import, status | -S | 11.4.39 |
+ +----------------------+------------------------+---------------------+
+ | help | statussections | 11.4.39 |
+ +----------------------+------------------------+---------------------+
+ | help | device | 11.4.33 |
+ +----------------------+------------------------+---------------------+
+ | add | -o | 11.4.30 |
+ +----------------------+------------------------+---------------------+
+ | import, status | -s | 11.4.30 |
+ +----------------------+------------------------+---------------------+
+ | upgrade | -f, -n | 11.4.30 |
+ +----------------------+------------------------+---------------------+
+ | monitor | -t destroy | 11.4.0 |
+ | | -t ddtmigrate | |
+ +----------------------+------------------------+---------------------+
+ | remove | -s | 11.4.0 |
+ +----------------------+------------------------+---------------------+
+ | label | -C, -c, -d, -R | 11.3.20 |
+ +----------------------+------------------------+---------------------+
+ | get | -H, -o, -p, -s | 11.3.12 |
+ +----------------------+------------------------+---------------------+
+ | monitor | -o, -p, -T, -t | 11.3.0 |
+ +----------------------+------------------------+---------------------+
+ | create | -N | 11.2.0 |
+ +----------------------+------------------------+---------------------+
+ | create, import | -t | 11.2.0 |
+ +----------------------+------------------------+---------------------+
+ | clear | -f | 11.1.0 |
+ +----------------------+------------------------+---------------------+
+ | create | -B | 11.1.0 |
+ +----------------------+------------------------+---------------------+
+ | help | -l | 11.1.0 |
+ +----------------------+------------------------+---------------------+
+ | add, create, import, | -l | 11.0.0 |
+ | iostat, status, | | |
+ | split | | |
+ +----------------------+------------------------+---------------------+
+ | help | property, properties | 10 8/11 (Update 10) |
+ +----------------------+------------------------+---------------------+
+ | import | -N, -m | 10 8/11 (Update 10) |
+ +----------------------+------------------------+---------------------+
+ | iostat, list, status | -T | 10 8/11 (Update 10) |
+ +----------------------+------------------------+---------------------+
+ | list, status | interval, count | 10 8/11 (Update 10) |
+ +----------------------+------------------------+---------------------+
+ | clear, import | -F, -n | 10 9/10 (Update 9) |
+ +----------------------+------------------------+---------------------+
+ | online | -e | 10 9/10 (Update 9) |
+ +----------------------+------------------------+---------------------+
+ | split | -n, -o, -R | 10 9/10 (Update 9) |
+ +----------------------+------------------------+---------------------+
+ | create | -O | 10 10/09 (Update 8) |
+ +----------------------+------------------------+---------------------+
+ | create, import | -o | 10 8/08 (Update 6) |
+ +----------------------+------------------------+---------------------+
+ | history | -i, -l | 10 8/08 (Update 6) |
+ +----------------------+------------------------+---------------------+
+ | import | -c | 10 8/08 (Update 6) |
+ +----------------------+------------------------+---------------------+
+ | upgrade | -V | 10 8/08 (Update 6) |
+ +----------------------+------------------------+---------------------+
+ | add | -f, -n | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | attach | -f | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | create | -f, -m, -n, -R | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | destroy | -f | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | export | -f | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | import | -a, -D, -d, -f, -o, -R | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | iostat | -v | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | list | -H, -o | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | offline | -t | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | replace | -f | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | scrub | -s | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | status | -v, -x | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+ | upgrade | -a, -v | 10 6/06 (Update 2) |
+ +----------------------+------------------------+---------------------+
+
+
+ Properties
+ The allocated and free properties replaced the available and used prop-
+ erties in Solaris 10 9/10 (Update 9).
+
+
+ Support for the following properties was added in the listed Solaris
+ release:
+
+ +-----------------------------------------------+---------------------+
+ | PROPERTY | RELEASE |
+ +-----------------------------------------------+---------------------+
+ | retentionheldfs | 11.4.63 |
+ +-----------------------------------------------+---------------------+
+ | retainedfilesystems, retentionexpiry | 11.4.45 |
+ +-----------------------------------------------+---------------------+
+ | allocunit | 11.4.30 |
+ +-----------------------------------------------+---------------------+
+ | clustered, lastscrub, scrubinterval | 11.4.0 |
+ +-----------------------------------------------+---------------------+
+ | listshares | 11.1.0 |
+ +-----------------------------------------------+---------------------+
+ | dedupditto, dedupratio | 11.0.0 |
+ +-----------------------------------------------+---------------------+
+ | readonly | 10 8/11 (Update 10) |
+ +-----------------------------------------------+---------------------+
+ | allocated, autoexpand, free | 10 9/10 (Update 9) |
+ +-----------------------------------------------+---------------------+
+ | listsnapshots | 10 10/09 (Update 8) |
+ +-----------------------------------------------+---------------------+
+ | altroot, autoreplace, available, bootfs, | 10 8/08 (Update 6) |
+ | cachefile, capacity, delegation, failmode, | |
+ | guid, health, size, used, version | |
+ +-----------------------------------------------+---------------------+
+
+
+Oracle Solaris 11.4 17 Mar 2025 zpool(8)
diff -NurbBw 11.4.78/man8/zstreamdump.8 11.4.81/man8/zstreamdump.8
--- 11.4.78/man8/zstreamdump.8 2025-05-11 12:25:34.050438560 -0700
+++ 11.4.81/man8/zstreamdump.8 2025-05-11 12:25:48.152733916 -0700
@@ -38,4 +38,8 @@
SEE ALSO
attributes(7), zfs(8)
-Oracle Solaris 11.4 21 Sep 2009 zstreamdump(8)
+HISTORY
+ The zstreamdump utility, including support for the -C and -v options,
+ was introduced in the Solaris 10 9/10 (Update 9) release.
+
+Oracle Solaris 11.4 17 Mar 2025 zstreamdump(8)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment