1. Oracle ZFS Storage Appliance Administration Guide, Release OS8.8.x
  2. Shares and Projects
  3. File Retention Management
  4. Prerequisites

Prerequisites

Before you can use the file retention feature, apply the File Retention deferred update, and assign user role authorizations. To set the policy for behavior after individual file retention expiry, apply deferred update File Retention on Expiry, and assign the appropriate user role authorization. Also, if mandatory file retention will be used, appropriately configure the appliance. Optionally, you can configure the appliance to allow root users on other systems to delete unexpired files with privileged retention via NFS. Also optionally, you can configure the appliance to allow SMB users in the Administrators group to delete unexpired files with privileged retention.

Apply the File Retention Deferred Updates

To use the file retention feature, apply deferred update File Retention, which is available in software release OS8.8.45 or later.

To set the policy for behavior after individual file retention expiry, apply deferred update File Retention on Expiry, which is available in software release OS8.8.63 or later.

For information on applying deferred updates, see Deferred Updates in Oracle ZFS Storage Appliance Customer Service Manual, Release OS8.8.x.

Assign Authorizations to User Roles

Per the retention type, assign authorizations, under the Projects and Shares scope, to the appropriate user roles. For information on assigning authorizations to user roles, see Editing Authorizations for a Role - BUI, CLI.

These are the user role authorizations for file retention:

  • retentionMandatory - User can enable mandatory file retention when creating a filesystem. The root user automatically has this authorization. After the appliance is configured for mandatory file retention, though, the root user cannot log in to the appliance except via the system console. Therefore, it is important to assign this authorization to the appropriate user role.

  • retentionPeriods - User can modify the retention periods, except the grace period, for both mandatory and privileged file retention. Although a file cannot be retained for less than the minimum period, a user could change the other periods such that the file can be deleted earlier than originally set.

  • retentionAuto - For both mandatory and privileged file retention, user can modify the grace retention period, which controls automatic file retention. When the grace period expires and the file has not been modified during the grace period, the file is automatically retained at the default retention period setting.

  • retentionOnexpiry - For both mandatory and privileged file retention, user can set the behavior for files after their retention has expired by setting property retention.policy.onexpiry. The property can be set to off (default), delete, or hold.

    This authorization and its accompanying property are supported in deferred update File Retention on Expiry, which is available with software release OS8.8.63 or later. For more information, see File Retention on Expiry Policy.

Note that no special authorization is required to create a share with privileged file retention.

Configure the System for Mandatory File Retention

Before mandatory file retention can be used, the appliance must be configured properly, and the System Settings' Retention service must be enabled. Configure the appliance and enable the service by following these steps:

  1. Ensure that the NTP service is enabled and that its property Sync all time offsets is enabled. While the system contains shares with mandatory retention, the NTP service must remain enabled with at least one responding NTP server. All changes to the list of servers are validated.

  2. In the SSH service, set property permit_root_login to false. This disallows the root user to log in via the CLI, except for system console operations. This property cannot be modified while the system contains shares with mandatory retention enabled.

  3. In the HTTPS service, set property Permit Root Login to BUI/REST to false. This disallows the root user to log in via the BUI or RESTful API. This property cannot be modified while the system contains a mandatorily retained file.

  4. Enable the System Settings' Retention service.

If the system is not properly configured and the retention service enabled, no new mandatory file retention can be created.

For information on appliance service viewing, enabling/disabling, and setting properties, see Managing Services.

Configuring NFS to Allow Retained File Deletion (Optional)

Optionally, you can configure the NFS service to give root users (UID 0) on other systems the ability to delete files before their retention has expired.

The filesystem should be shared with root access to an appropriate, and ideally very limited, set of client systems. The root user on those client systems will be able to delete retained files when the filesystem retention policy is privileged, but not mandatory. For information on setting up these NFS client systems and granting root access, see NFS Protocol Share Mode Exceptions.

For non-Solaris NFS clients, the retention time can be displayed in the atime field by disabling atime updates on the share: set atime=false. Solaris clients can see the retentiontime by running ls -l%all <filename>.

Configuring SMB to Allow Retained File Deletion (Optional)

SMB users in the Administrators group can delete retained files before the expiry date when property retention.policy is set to privileged. Users can be added either to the Administrators group in Active Directory or to a local SMB group as an Administrator. For information on local SMB groups, see Adding a User to an SMB Local Group.