Add Linux namespace delegation support

This allows ZFS datasets to be delegated to a user/mount namespace
Within that namespace, only the delegated datasets are visible
Works very similarly to Zones/Jailes on other ZFS OSes

As a user:
```
 $ unshare -Um
 $ zfs list
no datasets available
 $ echo $$
1234
```

As root:
```
 # zfs list
NAME                            ZONED  MOUNTPOINT
containers                      off    /containers
containers/host                 off    /containers/host
containers/host/child           off    /containers/host/child
containers/host/child/gchild    off    /containers/host/child/gchild
containers/unpriv               on     /unpriv
containers/unpriv/child         on     /unpriv/child
containers/unpriv/child/gchild  on     /unpriv/child/gchild

 # zfs zone /proc/1234/ns/user containers/unpriv
```

Back to the user namespace:
```
 $ zfs list
NAME                             USED  AVAIL     REFER  MOUNTPOINT
containers                       129M  47.8G       24K  /containers
containers/unpriv                128M  47.8G       24K  /unpriv
containers/unpriv/child          128M  47.8G      128M  /unpriv/child
```

Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Will Andrews <[email protected]>
Signed-off-by: Allan Jude <[email protected]>
Signed-off-by: Mateusz Piotrowski <[email protected]>
Co-authored-by: Allan Jude <[email protected]>
Co-authored-by: Mateusz Piotrowski <[email protected]>
Sponsored-by: Buddy <https://buddy.works>
Closes #12263

2 files changed, 117 insertions, 0 deletions

diff --git a/man/man8/zfs-unzone.8 b/man/man8/zfs-unzone.8
new file mode 120000
index 000000000..9052b28aa
--- /dev/null
+++ b/man/man8/zfs-unzone.8
@@ -0,0 +1 @@
+zfs-zone.8
\ No newline at end of file
diff --git a/man/man8/zfs-zone.8 b/man/man8/zfs-zone.8
new file mode 100644
index 000000000..2f975dde6
--- /dev/null
+++ b/man/man8/zfs-zone.8
@@ -0,0 +1,116 @@
+.\"
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved.
+.\" Copyright 2011 Joshua M. Clulow <[email protected]>
+.\" Copyright (c) 2011, 2019 by Delphix. All rights reserved.
+.\" Copyright (c) 2011, Pawel Jakub Dawidek <[email protected]>
+.\" Copyright (c) 2012, Glen Barber <[email protected]>
+.\" Copyright (c) 2012, Bryan Drewery <[email protected]>
+.\" Copyright (c) 2013, Steven Hartland <[email protected]>
+.\" Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
+.\" Copyright (c) 2014, Joyent, Inc. All rights reserved.
+.\" Copyright (c) 2014 by Adam Stevko. All rights reserved.
+.\" Copyright (c) 2014 Integros [integros.com]
+.\" Copyright (c) 2014, Xin LI <[email protected]>
+.\" Copyright (c) 2014-2015, The FreeBSD Foundation, All Rights Reserved.
+.\" Copyright (c) 2016 Nexenta Systems, Inc. All Rights Reserved.
+.\" Copyright 2019 Richard Laager. All rights reserved.
+.\" Copyright 2018 Nexenta Systems, Inc.
+.\" Copyright 2019 Joyent, Inc.
+.\" Copyright 2021 Klara, Inc.
+.\"
+.Dd June 3, 2022
+.Dt ZFS-ZONE 8
+.Os
+.
+.Sh NAME
+.Nm zfs-zone ,
+.Nm zfs-unzone
+.Nd attach and detach ZFS filesystems to user namespaces
+.Sh SYNOPSIS
+.Nm zfs Cm zone
+.Ar nsfile
+.Ar filesystem
+.Nm zfs Cm unzone
+.Ar nsfile
+.Ar filesystem
+.
+.Sh DESCRIPTION
+.Bl -tag -width ""
+.It Xo
+.Nm zfs
+.Cm zone
+.Ar nsfile
+.Ar filesystem
+.Xc
+Attach the specified
+.Ar filesystem
+to the user namespace identified by
+.Ar nsfile .
+From now on this file system tree can be managed from within a user namespace
+if the
+.Sy zoned
+property has been set.
+.Pp
+You cannot attach a zoned dataset's children to another user namespace.
+You can also not attach the root file system
+of the user namespace or any dataset
+which needs to be mounted before the zfs service
+is run inside the user namespace,
+as it would be attached unmounted until it is
+mounted from the service inside the user namespace.
+.Pp
+To allow management of the dataset from within a user namespace, the
+.Sy zoned
+property has to be set and the user namespaces needs access to the
+.Pa /dev/zfs
+device.
+The
+.Sy quota
+property cannot be changed from within a user namespace.
+.Pp
+After a dataset is attached to a user namespace and the
+.Sy zoned
+property is set,
+a zoned file system cannot be mounted outside the user namespace,
+since the user namespace administrator might have set the mount point
+to an unacceptable value.
+.It Xo
+.Nm zfs
+.Cm unzone
+.Ar nsfile
+.Ar filesystem
+.Xc
+Detach the specified
+.Ar filesystem
+from the user namespace identified by
+.Ar nsfile .
+.El
+.Sh EXAMPLES
+.Ss Example 1 : No Delegating a Dataset to a User Namespace
+The following example delegates the
+.Ar tank/users
+dataset to a user namespace identified by user namespace file
+.Pa /proc/1234/ns/user .
+.Dl # Nm zfs Cm zone Ar /proc/1234/ns/user Ar tank/users
+.
+.Sh SEE ALSO
+.Xr zfsprops 7