Trying to learn ZFS send – I have a FreeBSD 15 box and an Ubuntu 24.04, both with zfs pools. I hoped to do a simple send from BSD, so I took a snapshot of a small (50MB) node. I came to wrack and ruin with
As you can maybe guess though, the pipe command is not pausing for user input of password. I’d specifically not like to set sudo to the “no password” option for the user(s). And frankly I’d rather not run everything as root. Is this impossible?
I tried sudo -v on the receiving and remote systems, but that didn’t work.
Just wondering if I’m missing something obvious here.
How I handle push or pull backup commands, whether it is zfs send/recv, syncoid, rsync, or rdiff-backup, AND when I need my user to run the command with elevated privileges on the remote end, my method is to set up a single purpose user. That user has permission to run a single command with elevated permissions and with no password required, and nothing more. It can run no other elevated commands & it’s a skinny user with no /home and no membership to any critical groups. I think on Ubuntu it’s the sudoers file that accomodates configuring user based sudo priviledges.
You can run zfs commands without privilege escalation. I followed the guide for setting up syncoid without using sudo here: Syncoid - jimsalterjrs/sanoid GitHub Wiki
It should work fine for non-syncoid applications as well
You likely do not need elevated privileges on the remote end unless you need the remote target to be root owned. Probably not so for sending most ZFS datasets.
You could give a user the appropriate permissions to perform ZFS send and then you won’t need root at all.
check the manpage for zfs-allow
you could also check out this blog for suggestions though it presumes your using syncoid (a perl script that make dealing with zfs send easier)