Provided by: zfsutils-linux_2.2.6-1ubuntu2_amd64 bug

NAME

     zfsprops — native and user-defined properties of ZFS datasets

DESCRIPTION

     Properties are divided into two types, native properties and user-defined (or "user")
     properties.  Native properties either export internal statistics or control ZFS behavior.
     In addition, native properties are either editable or read-only.  User properties have no
     effect on ZFS behavior, but you can use them to annotate datasets in a way that is
     meaningful in your environment.  For more information about user properties, see the User
     Properties section, below.

   Native Properties
     Every dataset has a set of properties that export statistics about the dataset as well as
     control various behaviors.  Properties are inherited from the parent unless overridden by
     the child.  Some properties apply only to certain types of datasets (file systems, volumes,
     or snapshots).

     The values of numeric properties can be specified using human-readable suffixes (for
     example, k, KB, M, Gb, and so forth, up to Z for zettabyte).  The following are all valid
     (and equal) specifications: 1536M, 1.5g, 1.50GB.

     The values of non-numeric properties are case sensitive and must be lowercase, except for
     mountpoint, sharenfs, and sharesmb.

     The following native properties consist of read-only statistics about the dataset.  These
     properties can be neither set, nor inherited.  Native properties apply to all dataset types
     unless otherwise noted.

     available             The amount of space available to the dataset and all its children,
                           assuming that there is no other activity in the pool.  Because space
                           is shared within a pool, availability can be limited by any number of
                           factors, including physical pool size, quotas, reservations, or other
                           datasets within the pool.

                           This property can also be referred to by its shortened column name,
                           avail.

     compressratio         For non-snapshots, the compression ratio achieved for the used space
                           of this dataset, expressed as a multiplier.  The used property
                           includes descendant datasets, and, for clones, does not include the
                           space shared with the origin snapshot.  For snapshots, the
                           compressratio is the same as the refcompressratio property.
                           Compression can be turned on by running: zfs set compression=on
                           dataset.  The default value is off.

     createtxg             The transaction group (txg) in which the dataset was created.
                           Bookmarks have the same createtxg as the snapshot they are initially
                           tied to.  This property is suitable for ordering a list of snapshots,
                           e.g. for incremental send and receive.

     creation              The time this dataset was created.

     clones                For snapshots, this property is a comma-separated list of filesystems
                           or volumes which are clones of this snapshot.  The clones' origin
                           property is this snapshot.  If the clones property is not empty, then
                           this snapshot can not be destroyed (even with the -r or -f options).
                           The roles of origin and clone can be swapped by promoting the clone
                           with the zfs promote command.

     defer_destroy         This property is on if the snapshot has been marked for deferred
                           destroy by using the zfs destroy -d command.  Otherwise, the property
                           is off.

     encryptionroot        For encrypted datasets, indicates where the dataset is currently
                           inheriting its encryption key from.  Loading or unloading a key for
                           the encryptionroot will implicitly load / unload the key for any
                           inheriting datasets (see zfs load-key and zfs unload-key for details).
                           Clones will always share an encryption key with their origin.  See the
                           Encryption section of zfs-load-key(8) for details.

     filesystem_count      The total number of filesystems and volumes that exist under this
                           location in the dataset tree.  This value is only available when a
                           filesystem_limit has been set somewhere in the tree under which the
                           dataset resides.

     keystatus             Indicates if an encryption key is currently loaded into ZFS.  The
                           possible values are none, available, and unavailable.  See zfs
                           load-key and zfs unload-key.

     guid                  The 64 bit GUID of this dataset or bookmark which does not change over
                           its entire lifetime.  When a snapshot is sent to another pool, the
                           received snapshot has the same GUID.  Thus, the guid is suitable to
                           identify a snapshot across pools.

     logicalreferenced     The amount of space that is "logically" accessible by this dataset.
                           See the referenced property.  The logical space ignores the effect of
                           the compression and copies properties, giving a quantity closer to the
                           amount of data that applications see.  However, it does include space
                           consumed by metadata.

                           This property can also be referred to by its shortened column name,
                           lrefer.

     logicalused           The amount of space that is "logically" consumed by this dataset and
                           all its descendents.  See the used property.  The logical space
                           ignores the effect of the compression and copies properties, giving a
                           quantity closer to the amount of data that applications see.  However,
                           it does include space consumed by metadata.

                           This property can also be referred to by its shortened column name,
                           lused.

     mounted               For file systems, indicates whether the file system is currently
                           mounted.  This property can be either yes or no.

     objsetid              A unique identifier for this dataset within the pool.  Unlike the
                           dataset's guid, the objsetid of a dataset is not transferred to other
                           pools when the snapshot is copied with a send/receive operation.  The
                           objsetid can be reused (for a new dataset) after the dataset is
                           deleted.

     origin                For cloned file systems or volumes, the snapshot from which the clone
                           was created.  See also the clones property.

     receive_resume_token  For filesystems or volumes which have saved partially-completed state
                           from zfs receive -s, this opaque token can be provided to zfs send -t
                           to resume and complete the zfs receive.

     redact_snaps          For bookmarks, this is the list of snapshot guids the bookmark
                           contains a redaction list for.  For snapshots, this is the list of
                           snapshot guids the snapshot is redacted with respect to.

     referenced            The amount of data that is accessible by this dataset, which may or
                           may not be shared with other datasets in the pool.  When a snapshot or
                           clone is created, it initially references the same amount of space as
                           the file system or snapshot it was created from, since its contents
                           are identical.

                           This property can also be referred to by its shortened column name,
                           refer.

     refcompressratio      The compression ratio achieved for the referenced space of this
                           dataset, expressed as a multiplier.  See also the compressratio
                           property.

     snapshot_count        The total number of snapshots that exist under this location in the
                           dataset tree.  This value is only available when a snapshot_limit has
                           been set somewhere in the tree under which the dataset resides.

     type                  The type of dataset: filesystem, volume, snapshot, or bookmark.

     used                  The amount of space consumed by this dataset and all its descendents.
                           This is the value that is checked against this dataset's quota and
                           reservation.  The space used does not include this dataset's
                           reservation, but does take into account the reservations of any
                           descendent datasets.  The amount of space that a dataset consumes from
                           its parent, as well as the amount of space that is freed if this
                           dataset is recursively destroyed, is the greater of its space used and
                           its reservation.

                           The used space of a snapshot (see the Snapshots section of
                           zfsconcepts(7)) is space that is referenced exclusively by this
                           snapshot.  If this snapshot is destroyed, the amount of used space
                           will be freed.  Space that is shared by multiple snapshots isn't
                           accounted for in this metric.  When a snapshot is destroyed, space
                           that was previously shared with this snapshot can become unique to
                           snapshots adjacent to it, thus changing the used space of those
                           snapshots.  The used space of the latest snapshot can also be affected
                           by changes in the file system.  Note that the used space of a snapshot
                           is a subset of the written space of the snapshot.

                           The amount of space used, available, or referenced does not take into
                           account pending changes.  Pending changes are generally accounted for
                           within a few seconds.  Committing a change to a disk using fsync(2) or
                           O_SYNC does not necessarily guarantee that the space usage information
                           is updated immediately.

     usedby*               The usedby* properties decompose the used properties into the various
                           reasons that space is used.  Specifically, used = usedbychildren +
                           usedbydataset + usedbyrefreservation + usedbysnapshots.  These
                           properties are only available for datasets created on zpool "version
                           13" pools.

     usedbychildren        The amount of space used by children of this dataset, which would be
                           freed if all the dataset's children were destroyed.

     usedbydataset         The amount of space used by this dataset itself, which would be freed
                           if the dataset were destroyed (after first removing any refreservation
                           and destroying any necessary snapshots or descendents).

     usedbyrefreservation  The amount of space used by a refreservation set on this dataset,
                           which would be freed if the refreservation was removed.

     usedbysnapshots       The amount of space consumed by snapshots of this dataset.  In
                           particular, it is the amount of space that would be freed if all of
                           this dataset's snapshots were destroyed.  Note that this is not simply
                           the sum of the snapshots' used properties because space can be shared
                           by multiple snapshots.

     userused@user         The amount of space consumed by the specified user in this dataset.
                           Space is charged to the owner of each file, as displayed by ls -l.
                           The amount of space charged is displayed by du and ls -s.  See the zfs
                           userspace command for more information.

                           Unprivileged users can access only their own space usage.  The root
                           user, or a user who has been granted the userused privilege with zfs
                           allow, can access everyone's usage.

                           The userused@ properties are not displayed by zfs get all.  The
                           user's name must be appended after the @ symbol, using one of the
                           following forms:
                                  POSIX name ("joe")
                                  POSIX numeric ID ("789")
                                  SID name ("joe.smith@mydomain")
                                  SID numeric ID ("S-1-123-456-789")

                           Files created on Linux always have POSIX owners.

     userobjused@user      The userobjused property is similar to userused but instead it counts
                           the number of objects consumed by a user.  This property counts all
                           objects allocated on behalf of the user, it may differ from the
                           results of system tools such as df -i.

                           When the property xattr=on is set on a file system additional objects
                           will be created per-file to store extended attributes.  These
                           additional objects are reflected in the userobjused value and are
                           counted against the user's userobjquota.  When a file system is
                           configured to use xattr=sa no additional internal objects are normally
                           required.

     userrefs              This property is set to the number of user holds on this snapshot.
                           User holds are set by using the zfs hold command.

     groupused@group       The amount of space consumed by the specified group in this dataset.
                           Space is charged to the group of each file, as displayed by ls -l.
                           See the userused@user property for more information.

                           Unprivileged users can only access their own groups' space usage.  The
                           root user, or a user who has been granted the groupused privilege with
                           zfs allow, can access all groups' usage.

     groupobjused@group    The number of objects consumed by the specified group in this dataset.
                           Multiple objects may be charged to the group for each file when
                           extended attributes are in use.  See the userobjused@user property for
                           more information.

                           Unprivileged users can only access their own groups' space usage.  The
                           root user, or a user who has been granted the groupobjused privilege
                           with zfs allow, can access all groups' usage.

     projectused@project   The amount of space consumed by the specified project in this dataset.
                           Project is identified via the project identifier (ID) that is object-
                           based numeral attribute.  An object can inherit the project ID from
                           its parent object (if the parent has the flag of inherit project ID
                           that can be set and changed via chattr -/+P or zfs project -s) when
                           being created.  The privileged user can set and change object's
                           project ID via chattr -p or zfs project -s anytime.  Space is charged
                           to the project of each file, as displayed by lsattr -p or zfs project.
                           See the userused@user property for more information.

                           The root user, or a user who has been granted the projectused
                           privilege with zfs allow, can access all projects' usage.

     projectobjused@project
                           The projectobjused is similar to projectused but instead it counts the
                           number of objects consumed by project.  When the property xattr=on is
                           set on a fileset, ZFS will create additional objects per-file to store
                           extended attributes.  These additional objects are reflected in the
                           projectobjused value and are counted against the project's
                           projectobjquota.  When a filesystem is configured to use xattr=sa no
                           additional internal objects are required.  See the userobjused@user
                           property for more information.

                           The root user, or a user who has been granted the projectobjused
                           privilege with zfs allow, can access all projects' objects usage.

     snapshots_changed     Provides a mechanism to quickly determine whether snapshot list has
                           changed without having to mount a dataset or iterate the snapshot
                           list.  Specifies the time at which a snapshot for a dataset was last
                           created or deleted.

                           This allows us to be more efficient how often we query snapshots.  The
                           property is persistent across mount and unmount operations only if the
                           extensible_dataset feature is enabled.

     volblocksize          For volumes, specifies the block size of the volume.  The blocksize
                           cannot be changed once the volume has been written, so it should be
                           set at volume creation time.  The default blocksize for volumes is 16
                           Kbytes.  Any power of 2 from 512 bytes to 128 Kbytes is valid.

                           This property can also be referred to by its shortened column name,
                           volblock.

     written               The amount of space referenced by this dataset, that was written since
                           the previous snapshot (i.e. that is not referenced by the previous
                           snapshot).

     written@snapshot      The amount of referenced space written to this dataset since the
                           specified snapshot.  This is the space that is referenced by this
                           dataset but was not referenced by the specified snapshot.

                           The snapshot may be specified as a short snapshot name (just the part
                           after the @), in which case it will be interpreted as a snapshot in
                           the same filesystem as this dataset.  The snapshot may be a full
                           snapshot name (filesystem@snapshot), which for clones may be a
                           snapshot in the origin's filesystem (or the origin of the origin's
                           filesystem, etc.)

     The following native properties can be used to change the behavior of a ZFS dataset.

     aclinherit=discard|noallow|restricted|passthrough|passthrough-x
       Controls how ACEs are inherited when files and directories are created.
           discard        does not inherit any ACEs.
           noallow        only inherits inheritable ACEs that specify "deny" permissions.
           restricted     default, removes the write_acl and write_owner permissions when the ACE
                          is inherited.
           passthrough    inherits all inheritable ACEs without any modifications.
           passthrough-x  same meaning as passthrough, except that the owner@, group@, and
                          everyone@ ACEs inherit the execute permission only if the file creation
                          mode also requests the execute bit.

       When the property value is set to passthrough, files are created with a mode determined by
       the inheritable ACEs.  If no inheritable ACEs exist that affect the mode, then the mode is
       set in accordance to the requested mode from the application.

       The aclinherit property does not apply to POSIX ACLs.

     aclmode=discard|groupmask|passthrough|restricted
       Controls how an ACL is modified during chmod(2) and how inherited ACEs are modified by the
       file creation mode:
           discard      default, deletes all ACEs except for those representing the mode of the
                        file or directory requested by chmod(2).
           groupmask    reduces permissions granted in all ALLOW entries found in the ACL such
                        that they are no greater than the group permissions specified by
                        chmod(2).
           passthrough  indicates that no changes are made to the ACL other than creating or
                        updating the necessary ACL entries to represent the new mode of the file
                        or directory.
           restricted   will cause the chmod(2) operation to return an error when used on any
                        file or directory which has a non-trivial ACL whose entries can not be
                        represented by a mode.  chmod(2) is required to change the set user ID,
                        set group ID, or sticky bits on a file or directory, as they do not have
                        equivalent ACL entries.  In order to use chmod(2) on a file or directory
                        with a non-trivial ACL when aclmode is set to restricted, you must first
                        remove all ACL entries which do not represent the current mode.

     acltype=off|nfsv4|posix
       Controls whether ACLs are enabled and if so what type of ACL to use.  When this property
       is set to a type of ACL not supported by the current platform, the behavior is the same as
       if it were set to off.
           off       default on Linux, when a file system has the acltype property set to off
                     then ACLs are disabled.
           noacl     an alias for off
           nfsv4     default on FreeBSD, indicates that NFSv4-style ZFS ACLs should be used.
                     These ACLs can be managed with the getfacl(1) and setfacl(1).  The nfsv4 ZFS
                     ACL type is not yet supported on Linux.
           posix     indicates POSIX ACLs should be used.  POSIX ACLs are specific to Linux and
                     are not functional on other platforms.  POSIX ACLs are stored as an extended
                     attribute and therefore will not overwrite any existing NFSv4 ACLs which may
                     be set.
           posixacl  an alias for posix

       To obtain the best performance when setting posix users are strongly encouraged to set the
       xattr=sa property.  This will result in the POSIX ACL being stored more efficiently on
       disk.  But as a consequence, all new extended attributes will only be accessible from
       OpenZFS implementations which support the xattr=sa property.  See the xattr property for
       more details.

     atime=on|off
       Controls whether the access time for files is updated when they are read.  Turning this
       property off avoids producing write traffic when reading files and can result in
       significant performance gains, though it might confuse mailers and other similar
       utilities.  The values on and off are equivalent to the atime and noatime mount options.
       The default value is on.  See also relatime below.

     canmount=on|off|noauto
       If this property is set to off, the file system cannot be mounted, and is ignored by zfs
       mount -a.  Setting this property to off is similar to setting the mountpoint property to
       none, except that the dataset still has a normal mountpoint property, which can be
       inherited.  Setting this property to off allows datasets to be used solely as a mechanism
       to inherit properties.  One example of setting canmount=off is to have two datasets with
       the same mountpoint, so that the children of both datasets appear in the same directory,
       but might have different inherited characteristics.

       When set to noauto, a dataset can only be mounted and unmounted explicitly.  The dataset
       is not mounted automatically when the dataset is created or imported, nor is it mounted by
       the zfs mount -a command or unmounted by the zfs unmount -a command.

       This property is not inherited.

     checksum=on|off|fletcher2|fletcher4|sha256|noparity|sha512|skein|edonr|blake3
       Controls the checksum used to verify data integrity.  The default value is on, which
       automatically selects an appropriate algorithm (currently, fletcher4, but this may change
       in future releases).  The value off disables integrity checking on user data.  The value
       noparity not only disables integrity but also disables maintaining parity for user data.
       This setting is used internally by a dump device residing on a RAID-Z pool and should not
       be used by any other dataset.  Disabling checksums is NOT a recommended practice.

       The sha512, skein, edonr, and blake3 checksum algorithms require enabling the appropriate
       features on the pool.

       Please see zpool-features(7) for more information on these algorithms.

       Changing this property affects only newly-written data.

     compression=on|off|gzip|gzip-N|lz4|lzjb|zle|zstd|zstd-N|zstd-fast|zstd-fast-N
       Controls the compression algorithm used for this dataset.

       When set to on (the default), indicates that the current default compression algorithm
       should be used.  The default balances compression and decompression speed, with
       compression ratio and is expected to work well on a wide variety of workloads.  Unlike all
       other settings for this property, on does not select a fixed compression type.  As new
       compression algorithms are added to ZFS and enabled on a pool, the default compression
       algorithm may change.  The current default compression algorithm is either lzjb or, if the
       lz4_compress feature is enabled, lz4.

       The lz4 compression algorithm is a high-performance replacement for the lzjb algorithm.
       It features significantly faster compression and decompression, as well as a moderately
       higher compression ratio than lzjb, but can only be used on pools with the lz4_compress
       feature set to enabled.  See zpool-features(7) for details on ZFS feature flags and the
       lz4_compress feature.

       The lzjb compression algorithm is optimized for performance while providing decent data
       compression.

       The gzip compression algorithm uses the same compression as the gzip(1) command.  You can
       specify the gzip level by using the value gzip-N, where N is an integer from 1 (fastest)
       to 9 (best compression ratio).  Currently, gzip is equivalent to gzip-6 (which is also the
       default for gzip(1)).

       The zstd compression algorithm provides both high compression ratios and good performance.
       You can specify the zstd level by using the value zstd-N, where N is an integer from 1
       (fastest) to 19 (best compression ratio).  zstd is equivalent to zstd-3.

       Faster speeds at the cost of the compression ratio can be requested by setting a negative
       zstd level.  This is done using zstd-fast-N, where N is an integer in [1-10, 20, 30, …,
       100, 500, 1000] which maps to a negative zstd level.  The lower the level the faster the
       compression — 1000 provides the fastest compression and lowest compression ratio.
       zstd-fast is equivalent to zstd-fast-1.

       The zle compression algorithm compresses runs of zeros.

       This property can also be referred to by its shortened column name compress.  Changing
       this property affects only newly-written data.

       When any setting except off is selected, compression will explicitly check for blocks
       consisting of only zeroes (the NUL byte).  When a zero-filled block is detected, it is
       stored as a hole and not compressed using the indicated compression algorithm.

       Any block being compressed must be no larger than 7/8 of its original size after
       compression, otherwise the compression will not be considered worthwhile and the block
       saved uncompressed.  Note that when the logical block is less than 8 times the disk sector
       size this effectively reduces the necessary compression ratio; for example, 8 KiB blocks
       on disks with 4 KiB disk sectors must compress to 1/2 or less of their original size.

     context=none|SELinux-User:SELinux-Role:SELinux-Type:Sensitivity-Level
       This flag sets the SELinux context for all files in the file system under a mount point
       for that file system.  See selinux(8) for more information.

     fscontext=none|SELinux-User:SELinux-Role:SELinux-Type:Sensitivity-Level
       This flag sets the SELinux context for the file system file system being mounted.  See
       selinux(8) for more information.

     defcontext=none|SELinux-User:SELinux-Role:SELinux-Type:Sensitivity-Level
       This flag sets the SELinux default context for unlabeled files.  See selinux(8) for more
       information.

     rootcontext=none|SELinux-User:SELinux-Role:SELinux-Type:Sensitivity-Level
       This flag sets the SELinux context for the root inode of the file system.  See selinux(8)
       for more information.

     copies=1|2|3
       Controls the number of copies of data stored for this dataset.  These copies are in
       addition to any redundancy provided by the pool, for example, mirroring or RAID-Z.  The
       copies are stored on different disks, if possible.  The space used by multiple copies is
       charged to the associated file and dataset, changing the used property and counting
       against quotas and reservations.

       Changing this property only affects newly-written data.  Therefore, set this property at
       file system creation time by using the -o copies=N option.

       Remember that ZFS will not import a pool with a missing top-level vdev.  Do NOT create,
       for example a two-disk striped pool and set copies=2 on some datasets thinking you have
       setup redundancy for them.  When a disk fails you will not be able to import the pool and
       will have lost all of your data.

       Encrypted datasets may not have copies=3 since the implementation stores some encryption
       metadata where the third copy would normally be.

     devices=on|off
       Controls whether device nodes can be opened on this file system.  The default value is on.
       The values on and off are equivalent to the dev and nodev mount options.

     dedup=off|on|verify|sha256[,verify]|sha512[,verify]|skein[,verify]|edonr,verify|blake3[,verify]
       Configures deduplication for a dataset.  The default value is off.  The default
       deduplication checksum is sha256 (this may change in the future).  When dedup is enabled,
       the checksum defined here overrides the checksum property.  Setting the value to verify
       has the same effect as the setting sha256,verify.

       If set to verify, ZFS will do a byte-to-byte comparison in case of two blocks having the
       same signature to make sure the block contents are identical.  Specifying verify is
       mandatory for the edonr algorithm.

       Unless necessary, deduplication should not be enabled on a system.  See the Deduplication
       section of zfsconcepts(7).

     dnodesize=legacy|auto|1k|2k|4k|8k|16k
       Specifies a compatibility mode or literal value for the size of dnodes in the file system.
       The default value is legacy.  Setting this property to a value other than legacy requires
       the large_dnode pool feature to be enabled.

       Consider setting dnodesize to auto if the dataset uses the xattr=sa property setting and
       the workload makes heavy use of extended attributes.  This may be applicable to SELinux-
       enabled systems, Lustre servers, and Samba servers, for example.  Literal values are
       supported for cases where the optimal size is known in advance and for performance
       testing.

       Leave dnodesize set to legacy if you need to receive a send stream of this dataset on a
       pool that doesn't enable the large_dnode feature, or if you need to import this pool on a
       system that doesn't support the large_dnode feature.

       This property can also be referred to by its shortened column name, dnsize.

     encryption=off|on|aes-128-ccm|aes-192-ccm|aes-256-ccm|aes-128-gcm|aes-192-gcm|aes-256-gcm
       Controls the encryption cipher suite (block cipher, key length, and mode) used for this
       dataset.  Requires the encryption feature to be enabled on the pool.  Requires a keyformat
       to be set at dataset creation time.

       Selecting encryption=on when creating a dataset indicates that the default encryption
       suite will be selected, which is currently aes-256-gcm.  In order to provide consistent
       data protection, encryption must be specified at dataset creation time and it cannot be
       changed afterwards.

       For more details and caveats about encryption see the Encryption section of
       zfs-load-key(8).

     keyformat=raw|hex|passphrase
       Controls what format the user's encryption key will be provided as.  This property is only
       set when the dataset is encrypted.

       Raw keys and hex keys must be 32 bytes long (regardless of the chosen encryption suite)
       and must be randomly generated.  A raw key can be generated with the following command:
             # dd if=/dev/urandom bs=32 count=1 of=/path/to/output/key

       Passphrases must be between 8 and 512 bytes long and will be processed through PBKDF2
       before being used (see the pbkdf2iters property).  Even though the encryption suite cannot
       be changed after dataset creation, the keyformat can be with zfs change-key.

     keylocation=prompt|file:///absolute/file/path|https://address|http://address
       Controls where the user's encryption key will be loaded from by default for commands such
       as zfs load-key and zfs mount -l.  This property is only set for encrypted datasets which
       are encryption roots.  If unspecified, the default is prompt.

       Even though the encryption suite cannot be changed after dataset creation, the keylocation
       can be with either zfs set or zfs change-key.  If prompt is selected ZFS will ask for the
       key at the command prompt when it is required to access the encrypted data (see zfs
       load-key for details).  This setting will also allow the key to be passed in via the
       standard input stream, but users should be careful not to place keys which should be kept
       secret on the command line.  If a file URI is selected, the key will be loaded from the
       specified absolute file path.  If an HTTPS or HTTP URL is selected, it will be GETted
       using fetch(3), libcurl, or nothing, depending on compile-time configuration and run-time
       availability.  The SSL_CA_CERT_FILE environment variable can be set to set the location of
       the concatenated certificate store.  The SSL_CA_CERT_PATH environment variable can be set
       to override the location of the directory containing the certificate authority bundle.
       The SSL_CLIENT_CERT_FILE and SSL_CLIENT_KEY_FILE environment variables can be set to
       configure the path to the client certificate and its key.

     pbkdf2iters=iterations
       Controls the number of PBKDF2 iterations that a passphrase encryption key should be run
       through when processing it into an encryption key.  This property is only defined when
       encryption is enabled and a keyformat of passphrase is selected.  The goal of PBKDF2 is to
       significantly increase the computational difficulty needed to brute force a user's
       passphrase.  This is accomplished by forcing the attacker to run each passphrase through a
       computationally expensive hashing function many times before they arrive at the resulting
       key.  A user who actually knows the passphrase will only have to pay this cost once.  As
       CPUs become better at processing, this number should be raised to ensure that a brute
       force attack is still not possible.  The current default is 350000 and the minimum is
       100000.  This property may be changed with zfs change-key.

     exec=on|off
       Controls whether processes can be executed from within this file system.  The default
       value is on.  The values on and off are equivalent to the exec and noexec mount options.

     filesystem_limit=count|none
       Limits the number of filesystems and volumes that can exist under this point in the
       dataset tree.  The limit is not enforced if the user is allowed to change the limit.
       Setting a filesystem_limit to on a descendent of a filesystem that already has a
       filesystem_limit does not override the ancestor's filesystem_limit, but rather imposes an
       additional limit.  This feature must be enabled to be used (see zpool-features(7)).

     special_small_blocks=size
       This value represents the threshold block size for including small file blocks into the
       special allocation class.  Blocks smaller than or equal to this value will be assigned to
       the special allocation class while greater blocks will be assigned to the regular class.
       Valid values are zero or a power of two from 512 up to 1048576 (1 MiB).  The default size
       is 0 which means no small file blocks will be allocated in the special class.

       Before setting this property, a special class vdev must be added to the pool.  See
       zpoolconcepts(7) for more details on the special allocation class.

     mountpoint=path|none|legacy
       Controls the mount point used for this file system.  See the Mount Points section of
       zfsconcepts(7) for more information on how this property is used.

       When the mountpoint property is changed for a file system, the file system and any
       children that inherit the mount point are unmounted.  If the new value is legacy, then
       they remain unmounted.  Otherwise, they are automatically remounted in the new location if
       the property was previously legacy or none.  In addition, any shared file systems are
       unshared and shared in the new location.

       When the mountpoint property is set with zfs set -u , the mountpoint property is updated
       but dataset is not mounted or unmounted and remains as it was before.

     nbmand=on|off
       Controls whether the file system should be mounted with nbmand (Non-blocking mandatory
       locks).  Changes to this property only take effect when the file system is umounted and
       remounted.  This was only supported by Linux prior to 5.15, and was buggy there, and is
       not supported by FreeBSD.  On Solaris it's used for SMB clients.

     overlay=on|off
       Allow mounting on a busy directory or a directory which already contains files or
       directories.  This is the default mount behavior for Linux and FreeBSD file systems.  On
       these platforms the property is on by default.  Set to off to disable overlay mounts for
       consistency with OpenZFS on other platforms.

     primarycache=all|none|metadata
       Controls what is cached in the primary cache (ARC).  If this property is set to all, then
       both user data and metadata is cached.  If this property is set to none, then neither user
       data nor metadata is cached.  If this property is set to metadata, then only metadata is
       cached.  The default value is all.

     quota=size|none
       Limits the amount of space a dataset and its descendents can consume.  This property
       enforces a hard limit on the amount of space used.  This includes all space consumed by
       descendents, including file systems and snapshots.  Setting a quota on a descendent of a
       dataset that already has a quota does not override the ancestor's quota, but rather
       imposes an additional limit.

       Quotas cannot be set on volumes, as the volsize property acts as an implicit quota.

     snapshot_limit=count|none
       Limits the number of snapshots that can be created on a dataset and its descendents.
       Setting a snapshot_limit on a descendent of a dataset that already has a snapshot_limit
       does not override the ancestor's snapshot_limit, but rather imposes an additional limit.
       The limit is not enforced if the user is allowed to change the limit.  For example, this
       means that recursive snapshots taken from the global zone are counted against each
       delegated dataset within a zone.  This feature must be enabled to be used (see
       zpool-features(7)).

     userquota@user=size|none
       Limits the amount of space consumed by the specified user.  User space consumption is
       identified by the userspace@user property.

       Enforcement of user quotas may be delayed by several seconds.  This delay means that a
       user might exceed their quota before the system notices that they are over quota and
       begins to refuse additional writes with the EDQUOT error message.  See the zfs userspace
       command for more information.

       Unprivileged users can only access their own groups' space usage.  The root user, or a
       user who has been granted the userquota privilege with zfs allow, can get and set
       everyone's quota.

       This property is not available on volumes, on file systems before version 4, or on pools
       before version 15.  The userquota@ properties are not displayed by zfs get all.  The
       user's name must be appended after the @ symbol, using one of the following forms:
              POSIX name ("joe")
              POSIX numeric ID ("789")
              SID name ("joe.smith@mydomain")
              SID numeric ID ("S-1-123-456-789")

       Files created on Linux always have POSIX owners.

     userobjquota@user=size|none
       The userobjquota is similar to userquota but it limits the number of objects a user can
       create.  Please refer to userobjused for more information about how objects are counted.

     groupquota@group=size|none
       Limits the amount of space consumed by the specified group.  Group space consumption is
       identified by the groupused@group property.

       Unprivileged users can access only their own groups' space usage.  The root user, or a
       user who has been granted the groupquota privilege with zfs allow, can get and set all
       groups' quotas.

     groupobjquota@group=size|none
       The groupobjquota is similar to groupquota but it limits number of objects a group can
       consume.  Please refer to userobjused for more information about how objects are counted.

     projectquota@project=size|none
       Limits the amount of space consumed by the specified project.  Project space consumption
       is identified by the projectused@project property.  Please refer to projectused for more
       information about how project is identified and set/changed.

       The root user, or a user who has been granted the projectquota privilege with zfs allow,
       can access all projects' quota.

     projectobjquota@project=size|none
       The projectobjquota is similar to projectquota but it limits number of objects a project
       can consume.  Please refer to userobjused for more information about how objects are
       counted.

     readonly=on|off
       Controls whether this dataset can be modified.  The default value is off.  The values on
       and off are equivalent to the ro and rw mount options.

       This property can also be referred to by its shortened column name, rdonly.

     recordsize=size
       Specifies a suggested block size for files in the file system.  This property is designed
       solely for use with database workloads that access files in fixed-size records.  ZFS
       automatically tunes block sizes according to internal algorithms optimized for typical
       access patterns.

       For databases that create very large files but access them in small random chunks, these
       algorithms may be suboptimal.  Specifying a recordsize greater than or equal to the record
       size of the database can result in significant performance gains.  Use of this property
       for general purpose file systems is strongly discouraged, and may adversely affect
       performance.

       The size specified must be a power of two greater than or equal to 512 B and less than or
       equal to 128 KiB.  If the large_blocks feature is enabled on the pool, the size may be up
       to 1 MiB.  See zpool-features(7) for details on ZFS feature flags.

       Changing the file system's recordsize affects only files created afterward; existing files
       are unaffected.

       This property can also be referred to by its shortened column name, recsize.

     redundant_metadata=all|most|some|none
       Controls what types of metadata are stored redundantly.  ZFS stores an extra copy of
       metadata, so that if a single block is corrupted, the amount of user data lost is limited.
       This extra copy is in addition to any redundancy provided at the pool level (e.g. by
       mirroring or RAID-Z), and is in addition to an extra copy specified by the copies property
       (up to a total of 3 copies).  For example if the pool is mirrored, copies=2, and
       redundant_metadata=most, then ZFS stores 6 copies of most metadata, and 4 copies of data
       and some metadata.

       When set to all, ZFS stores an extra copy of all metadata.  If a single on-disk block is
       corrupt, at worst a single block of user data (which is recordsize bytes long) can be
       lost.

       When set to most, ZFS stores an extra copy of most types of metadata.  This can improve
       performance of random writes, because less metadata must be written.  In practice, at
       worst about 1000 blocks (of recordsize bytes each) of user data can be lost if a single
       on-disk block is corrupt.  The exact behavior of which metadata blocks are stored
       redundantly may change in future releases.

       When set to some, ZFS stores an extra copy of only critical metadata.  This can improve
       file create performance since less metadata needs to be written.  If a single on-disk
       block is corrupt, at worst a single user file can be lost.

       When set to none, ZFS does not store any copies of metadata redundantly.  If a single on-
       disk block is corrupt, an entire dataset can be lost.

       The default value is all.

     refquota=size|none
       Limits the amount of space a dataset can consume.  This property enforces a hard limit on
       the amount of space used.  This hard limit does not include space used by descendents,
       including file systems and snapshots.

     refreservation=size|none|auto
       The minimum amount of space guaranteed to a dataset, not including its descendents.  When
       the amount of space used is below this value, the dataset is treated as if it were taking
       up the amount of space specified by refreservation.  The refreservation reservation is
       accounted for in the parent datasets' space used, and counts against the parent datasets'
       quotas and reservations.

       If refreservation is set, a snapshot is only allowed if there is enough free pool space
       outside of this reservation to accommodate the current number of "referenced" bytes in the
       dataset.

       If refreservation is set to auto, a volume is thick provisioned (or "not sparse").
       refreservation=auto is only supported on volumes.  See volsize in the Native Properties
       section for more information about sparse volumes.

       This property can also be referred to by its shortened column name, refreserv.

     relatime=on|off
       Controls the manner in which the access time is updated when atime=on is set.  Turning
       this property on causes the access time to be updated relative to the modify or change
       time.  Access time is only updated if the previous access time was earlier than the
       current modify or change time or if the existing access time hasn't been updated within
       the past 24 hours.  The default value is on.  The values on and off are equivalent to the
       relatime and norelatime mount options.

     reservation=size|none
       The minimum amount of space guaranteed to a dataset and its descendants.  When the amount
       of space used is below this value, the dataset is treated as if it were taking up the
       amount of space specified by its reservation.  Reservations are accounted for in the
       parent datasets' space used, and count against the parent datasets' quotas and
       reservations.

       This property can also be referred to by its shortened column name, reserv.

     secondarycache=all|none|metadata
       Controls what is cached in the secondary cache (L2ARC).  If this property is set to all,
       then both user data and metadata is cached.  If this property is set to none, then neither
       user data nor metadata is cached.  If this property is set to metadata, then only metadata
       is cached.  The default value is all.

     prefetch=all|none|metadata
       Controls what speculative prefetch does.  If this property is set to all, then both user
       data and metadata are prefetched.  If this property is set to none, then neither user data
       nor metadata are prefetched.  If this property is set to metadata, then only metadata are
       prefetched.  The default value is all.

       Please note that the module parameter zfs_disable_prefetch=1 can be used to totally
       disable speculative prefetch, bypassing anything this property does.

     setuid=on|off
       Controls whether the setuid bit is respected for the file system.  The default value is
       on.  The values on and off are equivalent to the suid and nosuid mount options.

     sharesmb=on|off|opts
       Controls whether the file system is shared by using Samba USERSHARES and what options are
       to be used.  Otherwise, the file system is automatically shared and unshared with the zfs
       share and zfs unshare commands.  If the property is set to on, the net(8) command is
       invoked to create a USERSHARE.

       Because SMB shares requires a resource name, a unique resource name is constructed from
       the dataset name.  The constructed name is a copy of the dataset name except that the
       characters in the dataset name, which would be invalid in the resource name, are replaced
       with underscore (_) characters.  Linux does not currently support additional options which
       might be available on Solaris.

       If the sharesmb property is set to off, the file systems are unshared.

       The share is created with the ACL (Access Control List) "Everyone:F" ("F" stands for "full
       permissions", i.e. read and write permissions) and no guest access (which means Samba must
       be able to authenticate a real user — passwd(5)/shadow(5)-, LDAP- or smbpasswd(5)-based)
       by default.  This means that any additional access control (disallow specific user
       specific access etc) must be done on the underlying file system.

       When the sharesmb property is updated with zfs set -u , the property is set to desired
       value, but the operation to share, reshare or unshare the the dataset is not performed.

     sharenfs=on|off|opts
       Controls whether the file system is shared via NFS, and what options are to be used.  A
       file system with a sharenfs property of off is managed with the exportfs(8) command and
       entries in the /etc/exports file.  Otherwise, the file system is automatically shared and
       unshared with the zfs share and zfs unshare commands.  If the property is set to on, the
       dataset is shared using the default options:
             sec=sys,rw,crossmnt,no_subtree_check

       Please note that the options are comma-separated, unlike those found in exports(5).  This
       is done to negate the need for quoting, as well as to make parsing with scripts easier.

       See exports(5) for the meaning of the default options.  Otherwise, the exportfs(8) command
       is invoked with options equivalent to the contents of this property.

       When the sharenfs property is changed for a dataset, the dataset and any children
       inheriting the property are re-shared with the new options, only if the property was
       previously off, or if they were shared before the property was changed.  If the new
       property is off, the file systems are unshared.

       When the sharenfs property is updated with zfs set -u , the property is set to desired
       value, but the operation to share, reshare or unshare the the dataset is not performed.

     logbias=latency|throughput
       Provide a hint to ZFS about handling of synchronous requests in this dataset.  If logbias
       is set to latency (the default), ZFS will use pool log devices (if configured) to handle
       the requests at low latency.  If logbias is set to throughput, ZFS will not use configured
       pool log devices.  ZFS will instead optimize synchronous operations for global pool
       throughput and efficient use of resources.

     snapdev=hidden|visible
       Controls whether the volume snapshot devices under /dev/zvol/pool⟩ are hidden or visible.
       The default value is hidden.

     snapdir=hidden|visible
       Controls whether the .zfs directory is hidden or visible in the root of the file system as
       discussed in the Snapshots section of zfsconcepts(7).  The default value is hidden.

     sync=standard|always|disabled
       Controls the behavior of synchronous requests (e.g. fsync, O_DSYNC).  standard is the
       POSIX-specified behavior of ensuring all synchronous requests are written to stable
       storage and all devices are flushed to ensure data is not cached by device controllers
       (this is the default).  always causes every file system transaction to be written and
       flushed before its system call returns.  This has a large performance penalty.  disabled
       disables synchronous requests.  File system transactions are only committed to stable
       storage periodically.  This option will give the highest performance.  However, it is very
       dangerous as ZFS would be ignoring the synchronous transaction demands of applications
       such as databases or NFS.  Administrators should only use this option when the risks are
       understood.

     version=N|current
       The on-disk version of this file system, which is independent of the pool version.  This
       property can only be set to later supported versions.  See the zfs upgrade command.

     volsize=size
       For volumes, specifies the logical size of the volume.  By default, creating a volume
       establishes a reservation of equal size.  For storage pools with a version number of 9 or
       higher, a refreservation is set instead.  Any changes to volsize are reflected in an
       equivalent change to the reservation (or refreservation).  The volsize can only be set to
       a multiple of volblocksize, and cannot be zero.

       The reservation is kept equal to the volume's logical size to prevent unexpected behavior
       for consumers.  Without the reservation, the volume could run out of space, resulting in
       undefined behavior or data corruption, depending on how the volume is used.  These effects
       can also occur when the volume size is changed while it is in use (particularly when
       shrinking the size).  Extreme care should be used when adjusting the volume size.

       Though not recommended, a "sparse volume" (also known as "thin provisioned") can be
       created by specifying the -s option to the zfs create -V command, or by changing the value
       of the refreservation property (or reservation property on pool version 8 or earlier)
       after the volume has been created.  A "sparse volume" is a volume where the value of
       refreservation is less than the size of the volume plus the space required to store its
       metadata.  Consequently, writes to a sparse volume can fail with ENOSPC when the pool is
       low on space.  For a sparse volume, changes to volsize are not reflected in the
       refreservation.  A volume that is not sparse is said to be "thick provisioned".  A sparse
       volume can become thick provisioned by setting refreservation to auto.

     volmode=default|full|geom|dev|none
       This property specifies how volumes should be exposed to the OS.  Setting it to full
       exposes volumes as fully fledged block devices, providing maximal functionality.  The
       value geom is just an alias for full and is kept for compatibility.  Setting it to dev
       hides its partitions.  Volumes with property set to none are not exposed outside ZFS, but
       can be snapshotted, cloned, replicated, etc, that can be suitable for backup purposes.
       Value default means that volumes exposition is controlled by system-wide tunable
       zvol_volmode, where full, dev and none are encoded as 1, 2 and 3 respectively.  The
       default value is full.

     vscan=on|off
       Controls whether regular files should be scanned for viruses when a file is opened and
       closed.  In addition to enabling this property, the virus scan service must also be
       enabled for virus scanning to occur.  The default value is off.  This property is not used
       by OpenZFS.

     xattr=on|off|sa
       Controls whether extended attributes are enabled for this file system.  Two styles of
       extended attributes are supported: either directory-based or system-attribute-based.

       The default value of on enables directory-based extended attributes.  This style of
       extended attribute imposes no practical limit on either the size or number of attributes
       which can be set on a file.  Although under Linux the getxattr(2) and setxattr(2) system
       calls limit the maximum size to 64K.  This is the most compatible style of extended
       attribute and is supported by all ZFS implementations.

       System-attribute-based xattrs can be enabled by setting the value to sa.  The key
       advantage of this type of xattr is improved performance.  Storing extended attributes as
       system attributes significantly decreases the amount of disk I/O required.  Up to 64K of
       data may be stored per-file in the space reserved for system attributes.  If there is not
       enough space available for an extended attribute then it will be automatically written as
       a directory-based xattr.  System-attribute-based extended attributes are not accessible on
       platforms which do not support the xattr=sa feature.  OpenZFS supports xattr=sa on both
       FreeBSD and Linux.

       The use of system-attribute-based xattrs is strongly encouraged for users of SELinux or
       POSIX ACLs.  Both of these features heavily rely on extended attributes and benefit
       significantly from the reduced access time.

       The values on and off are equivalent to the xattr and noxattr mount options.

     jailed=off|on
       Controls whether the dataset is managed from a jail.  See zfs-jail(8) for more
       information.  Jails are a FreeBSD feature and this property is not available on other
       platforms.

     zoned=off|on
       Controls whether the dataset is managed from a non-global zone or namespace.  See
       zfs-zone(8) for more information.  Zoning is a Linux feature and this property is not
       available on other platforms.

     The following three properties cannot be changed after the file system is created, and
     therefore, should be set when the file system is created.  If the properties are not set
     with the zfs create or zpool create commands, these properties are inherited from the parent
     dataset.  If the parent dataset lacks these properties due to having been created prior to
     these features being supported, the new file system will have the default values for these
     properties.

     casesensitivity=sensitive|insensitive|mixed
       Indicates whether the file name matching algorithm used by the file system should be case-
       sensitive, case-insensitive, or allow a combination of both styles of matching.  The
       default value for the casesensitivity property is sensitive.  Traditionally, UNIX and
       POSIX file systems have case-sensitive file names.

       The mixed value for the casesensitivity property indicates that the file system can
       support requests for both case-sensitive and case-insensitive matching behavior.
       Currently, case-insensitive matching behavior on a file system that supports mixed
       behavior is limited to the SMB server product.  For more information about the mixed value
       behavior, see the "ZFS Administration Guide".

     normalization=none|formC|formD|formKC|formKD
       Indicates whether the file system should perform a unicode normalization of file names
       whenever two file names are compared, and which normalization algorithm should be used.
       File names are always stored unmodified, names are normalized as part of any comparison
       process.  If this property is set to a legal value other than none, and the utf8only
       property was left unspecified, the utf8only property is automatically set to on.  The
       default value of the normalization property is none.  This property cannot be changed
       after the file system is created.

     utf8only=on|off
       Indicates whether the file system should reject file names that include characters that
       are not present in the UTF-8 character code set.  If this property is explicitly set to
       off, the normalization property must either not be explicitly set or be set to none.  The
       default value for the utf8only property is off.  This property cannot be changed after the
       file system is created.

     The casesensitivity, normalization, and utf8only properties are also new permissions that
     can be assigned to non-privileged users by using the ZFS delegated administration feature.

   Temporary Mount Point Properties
     When a file system is mounted, either through mount(8) for legacy mounts or the zfs mount
     command for normal file systems, its mount options are set according to its properties.  The
     correlation between properties and mount options is as follows:
           atime         atime/noatime
           canmount      auto/noauto
           devices       dev/nodev
           exec          exec/noexec
           readonly      ro/rw
           relatime      relatime/norelatime
           setuid        suid/nosuid
           xattr         xattr/noxattr
           nbmand        mand/nomand
           context=      context=
           fscontext=    fscontext=
           defcontext=   defcontext=
           rootcontext=  rootcontext=

     In addition, these options can be set on a per-mount basis using the -o option, without
     affecting the property that is stored on disk.  The values specified on the command line
     override the values stored in the dataset.  The nosuid option is an alias for
     nodevices,nosetuid.  These properties are reported as "temporary" by the zfs get command.
     If the properties are changed while the dataset is mounted, the new setting overrides any
     temporary settings.

   User Properties
     In addition to the standard native properties, ZFS supports arbitrary user properties.  User
     properties have no effect on ZFS behavior, but applications or administrators can use them
     to annotate datasets (file systems, volumes, and snapshots).

     User property names must contain a colon (":") character to distinguish them from native
     properties.  They may contain lowercase letters, numbers, and the following punctuation
     characters: colon (":"), dash ("-"), period ("."), and underscore ("_").  The expected
     convention is that the property name is divided into two portions such as module:property,
     but this namespace is not enforced by ZFS.  User property names can be at most 256
     characters, and cannot begin with a dash ("-").

     When making programmatic use of user properties, it is strongly suggested to use a reversed
     DNS domain name for the module component of property names to reduce the chance that two
     independently-developed packages use the same property name for different purposes.

     The values of user properties are arbitrary strings, are always inherited, and are never
     validated.  All of the commands that operate on properties (zfs list, zfs get, zfs set, and
     so forth) can be used to manipulate both native properties and user properties.  Use the zfs
     inherit command to clear a user property.  If the property is not defined in any parent
     dataset, it is removed entirely.  Property values are limited to 8192 bytes.