Experimenting with Ubuntu’s “new” (relatively so) ZFS installation option is all very well, but encryption is not optional for a laptop that is taken around the place.
Whether I should have spent more time poking around the installer to find the option is a possibility, but post-install enabling encryption isn’t so difficult.
The first step is to create an encrypted filesystem – encryption only works on newly created filesystems and cannot be turned on later :-
zfs create -o encryption=on \ -o keyformat=passphrase \ rpool/USERDATA/ehome
You will be asked for the passphrase as it is created. Forgetting this is extremely inadvisable!
One created, reboot to check that :-
- You get prompted for the passphrase (as of Ubuntu 20.04 you do).
- That the encrypted filesystem gets mounted automatically (likewise).
At this point you should be able to create the filesystems for the relevant home directories :-
zfs create rpool/USERDATA/ehome/root cd /root rsync -arv . /ehome/root cd / zfs set mountpoint=/root rpool/USERDATA/ehome/root (An error will result as there is something already there but it does the important bit) zfs set mountpoint=none rpool/USERDATA/root_xyzzy (A similar error)
Repeat this for each user on the system, and reboot. See if you can login and your files are present.
This leaves the old unencrypted home directories around (which can be removed with zfs destroy -r rpool/USERDATA/root_xyzzy). It is possible that this re-arrangement of how home directories work will break some of Ubuntu’s features – such as scheduled snapshots of home directories (which is why the destroy command needs the “-r” flag before).
But it’s getting there.
A number of those who have experimented with Ubuntu’s ZFS install option (which as of 20.04 is marked as “experimental”) have expressed bewilderment over the number of filesystems created :-
The short answer as to why is that there are two schools of thought amongst grizzled old Unix veterans as to whether one big filesystem should be the way to go or lots of little ones. There are pros and cons to both approaches, and whilst I have a preference for lots of filesystems (especially on servers), I don’t care enough to change it on a laptop install.
Even though those who insist on one big filesystem are wrong.
As to the longer explanation …
A long time ago – the 1970s or the 1980s – Unix systems lacked sophisticated disk management software, and the disks were very much smaller (I started off with 80Mbyte disks and no that isn’t a typo, and many started with much smaller disks). On larger Unix servers, you couldn’t fit everything onto one disk, so we got used to splitting up the filesystem into many separate filesystem – / on one disk partition (or slice), /usr on another, /var on a third, /home on yet another, etc.
These very frequently got further subdivided – /var/mail, /var/tmp, /var/spool, etc. as Unix servers got larger and busier.
Those days are long past, and nobody is keen to go back to those days so why do some still like to split things up?
The Fringe Benefits of Splitting
It turns out that there was a fringe benefit to splitting up the filesystems – disk space exhaustion on one wouldn’t cause a problem elsewhere. For example if a mail server had a separate /var/spool/mail filesystem for operating within it would still continue to operate if /var filled up; similarly a DNS server wouldn’t crash and burn if it had a /var/named filesystem and /var filled up.
Both of those examples are known to me personally – and there are many other examples.
Of course there is also a downside – if you create a separate /var/spool/mail filesystem you need to make sure it is large enough to operate not just normally but in reasonable exceptional circumstances. Or your mail server crashes and burns.
On the other hand, if you don’t separate things out then when something goes berserk and fills up all the disk space then you will have a good deal of trouble actually logging in to fix things.
In a sense, the “everything in one” camp and “lots of little filesystems” camp are determined by what troubles we’ve seen over the years (and in some cases decades).
With something like ZFS you can set quotas to limit the size of any filesystem so managing the sizes of these separate filesystems is a great deal easier than it ever was in the past! Ubuntu does not set quotas by default on a desktop installation; for a server it may well be worth checking quotas and setting them appropriately.
And Snapshots …
One of the other things that Ubuntu does with ZFS and filesystem snapshots (we’ll worry about what those are another time) is to offer to rollback a broken update. People worry that upgrading their system will break things and the ability to quickly revert to the previous state is very comforting.
But the Unix file layout “standard” and the later Linux file layout standard were not designed with snapshots in mind, and simply rolling back the whole of “/” would have negative effects – not least you would lose any file changes you had made in /home and any mail stashed away in /var/mail.
So to implement the ability to rollback updates requires numerous separate filesystems to avoid losing important data.
It is also likely that it would be beneficial to tune separate filesystems for different requirements.
In short, don’t worry about it. It’ll have very little effect on your operation of a normal Ubuntu machine unless you choose to take advantage of it. And it makes possible certain features that you will probably like – such as the ability to revert updates.
… is a slogan invented by Pierre-Joseph Proudhon. Frequently used and abused by those with no clear understanding of what it means.
The first thing to note is that it is just a slogan and a nineteenth century slogan at that. It isn’t necessary for it to be taken literally.
Secondly it does not refer to all property but specifically to land ownership, and needs to be understood in the context of nineteenth century grand estates owned by aristocrats.
Aristocrats had built up huge estates over many centuries; and not always by simply buying it. Feudal land grants from kings were originally more like rents – “I give you this land for your lifetime; in return you owe me military service to include 10 knights and 200 men at arms when I call”. Originally for a lifetime but gradually became inheritable and the military service that was owed as “rent”? That gradually faded away as kings found more professional armies were more reliable.
Laws were often arranged to protect large land holdings – for instance Scotland had a law that protected estates from being broken up and sold off during bankruptcy – effectively protecting the fundamental wealth of an aristocratic family from their creditors.
Lastly those close to the bottom of the rung of the rural community who saw in just a few short generations change from protected feudal client (roughly the equivalent of a tenant farmer) through to a day worker who could be discarded on a moment’s notice. At the same time, enclosures took away “common land” (which every member of the community could use for grazing, etc.) and gave it to local land owners.
In a real sense, this is where the notion that property is theft comes from – in many ways, although legally done, land was in some cases stolen.
When you come down to it, is it any wonder 19th century radicals were steaming at the ears at the land ownership of the elites?
But is it still relevant or appropriate today?
Well yes and no. Certainly as a campaigning slogan it does apply.
In the intervening decades, a number of laws have been introduced to mitigate the worst aspects of the landlord (in the most general sense of the word) tenant relationship, but there are still many, many opportunities for abuse.
It is one thing when a landlord is the owner of one or two properties and quite another when a landlord owns a large enough portfolio of properties to distort the local market. And in my history of renting homes, the later is far more common than the former (although this might be peculiar to my location).
One of the biggest problems is that property prices (and rents) have inflated far faster than salaries (or wages) which is fundamentally a problem of supply and demand. Supply is always going to be limited (creating new land is rare).
Demand is split into property investment by the rich, and homes for everyone. The former limits the supply for the later, and in the case of property shortages (and excess costs), it is arguably true that the former should be suppressed in some manner.
Before considering how to get from a world of private ownership of property to a world where that doesn’t exist, let us consider how a world without land ownership might work.
Land could be “owned” by the community as a whole, and a lifetime tenancy granted to people with an appropriate use case. With an appropriate rent owed – a monthly payment, profit share, etc.
At the end of the leasehold (when the leaseholder dies or gives up the lease for whatever reason), the community compensates the leaseholder for improvements – buildings constructed, land improvements, etc. And the leaseholder compensates the community for any neglect of the land (and any buildings on it) – environmental, necessary repairs, etc.
The community could look at any land returned to it and make decisions on such matters as whether it should be sub-divided – is a 6-bedroom house on a half-acre of land suitable for an inner city?
There are undoubtedly problems large and small with a solution to land such as this; but there are problems large and small with our current solution to land.
Whilst we have tinkered with land ownership rights and wrongs, we have not yet thrown the rulebook away and started again. Don’t give up on the idea just because it is not done the way it has “always been done”.
Now that we’re in the middle of a pandemic (or close to the beginning of it), everyone is proclaiming health care workers to be heroes. Not that I disagree.
But if they’re heroes, why have you been cutting their pay for the last ten years? For seven years there was a 1% cap on cost of living pay increases, which came to an end with a 6.5% increase over three years – which is nowhere near enough to make up for the shortfall.
Today a nurse is earning less in real terms (i.e. stuff he can buy) than a nurse earned in 2008.
Is this how you treat heros?
Now we are not individually responsible for taking a few more of life’s little luxuries away each year, but collectively we are.
So make a resolution: Never under any circumstances vote for a Tory ever again.