Merge ZFS version 15 and almost all OpenSolaris bugfixes referenced

in Solaris 10 updates 141445-09 and 142901-14.

Detailed information:
(OpenSolaris revisions and Bug IDs, Solaris 10 patch numbers)

7844:effed23820ae
6755435	zfs_open() and zfs_close() needs to use ZFS_ENTER/ZFS_VERIFY_ZP (141445-01)

7897:e520d8258820
6748436	inconsistent zpool.cache in boot_archive could panic a zfs root filesystem upon boot-up (141445-01)

7965:b795da521357
6740164	zpool attach can create an illegal root pool (141909-02)

8084:b811cc60d650
6769612	zpool_import() will continue to write to cachefile even if altroot is set (N/A)

8121:7fd09d4ebd9c
6757430	want an option for zdb to disable space map loading and leak tracking (141445-01)

8129:e4f45a0bfbb0
6542860	ASSERT: reason != VDEV_LABEL_REMOVE||vdev_inuse(vd, crtxg, reason, 0) (141445-01)

8188:fd00c0a81e80
6761100	want zdb option to select older uberblocks (141445-01)

8190:6eeea43ced42
6774886	zfs_setattr() won't allow ndmp to restore SUNWattr_rw (141445-01)

8225:59a9961c2aeb
6737463	panic while trying to write out config file if root pool import fails (141445-01)

8227:f7d7be9b1f56
6765294	Refactor replay (141445-01)

8228:51e9ca9ee3a5
6572357	libzfs should do more to avoid mnttab lookups (141909-01)
6572376	zfs_iter_filesystems and zfs_iter_snapshots get objset stats twice (141909-01)

8241:5a60f16123ba
6328632	zpool offline is a bit too conservative (141445-01)
6739487	ASSERT: txg <= spa_final_txg due to scrub/export race (141445-01)
6767129	ASSERT: cvd->vdev_isspare, in spa_vdev_detach() (141445-01)
6747698	checksum failures after offline -t / export / import / scrub (141445-01)
6745863	ZFS writes to disk after it has been offlined (141445-01)
6722540	50% slowdown on scrub/resilver with certain vdev configurations (141445-01)
6759999	resilver logic rewrites ditto blocks on both source and destination (141445-01)
6758107	I/O should never suspend during spa_load() (141445-01)
6776548	codereview(1) runs off the page when faced with multi-line comments (N/A)
6761406	AMD errata 91 workaround doesn't work on 64-bit systems (141445-01)

8242:e46e4b2f0a03
6770866	GRUB/ZFS should require physical path or devid, but not both (141445-01)

8269:03a7e9050cfd
6674216	"zfs share" doesn't work, but "zfs set sharenfs=on" does (141445-01)
6621164	$SRC/cmd/zfs/zfs_main.c seems to have a syntax error in the translation note (141445-01)
6635482	i18n problems in libzfs_dataset.c and zfs_main.c (141445-01)
6595194	"zfs get" VALUE column is as wide as NAME (141445-01)
6722991	vdev_disk.c: error checking for ddi_pathname_to_dev_t() must test for NODEV (141445-01)
6396518	ASSERT strings shouldn't be pre-processed (141445-01)

8274:846b39508aff
6713916	scrub/resilver needlessly decompress data (141445-01)

8343:655db2375fed
6739553	libzfs_status msgid table is out of sync (141445-01)
6784104	libzfs unfairly rejects numerical values greater than 2^63 (141445-01)
6784108	zfs_realloc() should not free original memory on failure (141445-01)

8525:e0e0e525d0f8
6788830	set large value to reservation cause core dump (141445-01)
6791064	want sysevents for ZFS scrub (141445-01)
6791066	need to be able to set cachefile on faulted pools (141445-01)
6791071	zpool_do_import() should not enable datasets on faulted pools (141445-01)
6792134	getting multiple properties on a faulted pool leads to confusion (141445-01)

8547:bcc7b46e5ff7
6792884	Vista clients cannot access .zfs (141445-01)

8632:36ef517870a3
6798384	It can take a village to raise a zio (141445-01)

8636:7e4ce9158df3
6551866	deadlock between zfs_write(), zfs_freesp(), and zfs_putapage() (141909-01)
6504953	zfs_getpage() misunderstands VOP_GETPAGE() interface (141909-01)
6702206	ZFS read/writer lock contention throttles sendfile() benchmark (141445-01)
6780491	Zone on a ZFS filesystem has poor fork/exec performance (141445-01)
6747596	assertion failed: DVA_EQUAL(BP_IDENTITY(&zio->io_bp_orig), BP_IDENTITY(zio->io_bp))); (141445-01)

8692:692d4668b40d
6801507	ZFS read aggregation should not mind the gap (141445-01)

8697:e62d2612c14d
6633095	creating a filesystem with many properties set is slow (141445-01)

8768:dfecfdbb27ed
6775697	oracle crashes when overwriting after hitting quota on zfs (141909-01)

8811:f8deccf701cf
6790687	libzfs mnttab caching ignores external changes (141445-01)
6791101	memory leak from libzfs_mnttab_init (141445-01)

8845:91af0d9c0790
6800942	smb_session_create() incorrectly stores IP addresses (N/A)
6582163	Access Control List (ACL) for shares (141445-01)
6804954	smb_search - shortname field should be space padded following the NULL terminator (N/A)
6800184	Panic at smb_oplock_conflict+0x35() (N/A)

8876:59d2e67b4b65
6803822	Reboot after replacement of system disk in a ZFS mirror drops to grub> prompt (141445-01)

8924:5af812f84759
6789318	coredump when issue zdb -uuuu poolname/ (141445-01)
6790345 zdb -dddd -e poolname coredump (141445-01)
6797109 zdb: 'zdb -dddddd pool_name/fs_name inode' coredump if the file with inode was deleted (141445-01)
6797118 zdb: 'zdb -dddddd poolname inum' coredump if I miss the fs name (141445-01)
6803343 shareiscsi=on failed, iscsitgtd failed request to share (141445-01)

9030:243fd360d81f
6815893	hang mounting a dataset after booting into a new boot environment (141445-01)

9056:826e1858a846
6809691	'zpool create -f' no longer overwrites ufs infomation (141445-01)

9179:d8fbd96b79b3
6790064	zfs needs to determine uid and gid earlier in create process (141445-01)

9214:8d350e5d04aa
6604992	forced unmount + being in .zfs/snapshot/<snap1> = not happy (141909-01)
6810367	assertion failed: dvp->v_flag & VROOT, file: ../../common/fs/gfs.c, line: 426 (141909-01)

9229:e3f8b41e5db4
6807765	ztest_dsl_dataset_promote_busy needs to clean up after ENOSPC (141445-01)

9230:e4561e3eb1ef
6821169	offlining a device results in checksum errors (141445-01)
6821170	ZFS should not increment error stats for unavailable devices (141445-01)
6824006	need to increase issue and interrupt taskqs threads in zfs (141445-01)

9234:bffdc4fc05c4
6792139	recovering from a suspended pool needs some work (141445-01)
6794830	reboot command hangs on a failed zfs pool (141445-01)

9246:67c03c93c071
6824062	System panicked in zfs_mount due to NULL pointer dereference when running btts and svvs tests (141909-01)

9276:a8a7fc849933
6816124	System crash running zpool destroy on broken zpool (141445-03)

9355:09928982c591
6818183	zfs snapshot -r is slow due to set_snap_props() doing txg_wait_synced() for each new snapshot (141445-03)

9391:413d0661ef33
6710376	log device can show incorrect status when other parts of pool are degraded (141445-03)

9396:f41cf682d0d3 (part already merged)
6501037	want user/group quotas on ZFS (141445-03)
6827260	assertion failed in arc_read(): hdr == pbuf->b_hdr (141445-03)
6815592	panic: No such hold X on refcount Y from zfs_znode_move (141445-03)
6759986	zfs list shows temporary %clone when doing online zfs recv (141445-03)

9404:319573cd93f8
6774713	zfs ignores canmount=noauto when sharenfs property != off (141445-03)

9412:4aefd8704ce0
6717022	ZFS DMU needs zero-copy support (141445-03)

9425:e7ffacaec3a8
6799895	spa_add_spares() needs to be protected by config lock (141445-03)
6826466	want to post sysevents on hot spare activation (141445-03)
6826468	spa 'allowfaulted' needs some work (141445-03)
6826469	kernel support for storing vdev FRU information (141445-03)
6826470	skip posting checksum errors from DTL regions of leaf vdevs (141445-03)
6826471	I/O errors after device remove probe can confuse FMA (141445-03)
6826472	spares should enjoy some of the benefits of cache devices (141445-03)

9443:2a96d8478e95
6833711	gang leaders shouldn't have to be logical (141445-03)

9463:d0bd231c7518
6764124	want zdb to be able to checksum metadata blocks only (141445-03)

9465:8372081b8019
6830237	zfs panic in zfs_groupmember() (141445-03)

9466:1fdfd1fed9c4
6833162	phantom log device in zpool status (141445-03)

9469:4f68f041ddcd
6824968	add ZFS userquota support to rquotad (141445-03)

9470:6d827468d7b5
6834217	godfather I/O should reexecute (141445-03)

9480:fcff33da767f
6596237	Stop looking and start ganging (141909-02)

9493:9933d599bc93
6623978	lwb->lwb_buf != NULL, file ../../../uts/common/fs/zfs/zil.c, line 787, function zil_lwb_commit (141445-06)

9512:64cafcbcc337
6801810	Commit of aligned streaming rewrites to ZIL device causes unwanted disk reads (N/A)

9515:d3b739d9d043
6586537	async zio taskqs can block out userland commands (142901-09)

9554:787363635b6a
6836768	zfs_userspace() callback has no way to indicate failure (N/A)

9574:1eb6a6ab2c57
6838062	zfs panics when an error is encountered in space_map_load() (141909-02)

9583:b0696cd037cc
6794136	Panic BAD TRAP: type=e when importing degraded zraid pool. (141909-03)

9630:e25a03f552e0
6776104	"zfs import" deadlock between spa_unload() and spa_async_thread() (141445-06)

9653:a70048a304d1
6664765	Unable to remove files when using fat-zap and quota exceeded on ZFS filesystem (141445-06)

9688:127be1845343
6841321	zfs userspace / zfs get userused@ doesn't work on mounted snapshot (N/A)
6843069	zfs get userused@S-1-... doesn't work (N/A)

9873:8ddc892eca6e
6847229	assertion failed: refcount_count(&tx->tx_space_written) + delta <= tx->tx_space_towrite in dmu_tx.c (141445-06)

9904:d260bd3fd47c
6838344	kernel heap corruption detected on zil while stress testing (141445-06)

9951:a4895b3dd543
6844900	zfs_ioc_userspace_upgrade leaks (N/A)

10040:38b25aeeaf7a
6857012	zfs panics on zpool import (141445-06)

10000:241a51d8720c
6848242	zdb -e no longer works as expected (N/A)

10100:4a6965f6bef8
6856634	snv_117 not booting: zfs_parse_bootfs: error2 (141445-07)

10160:a45b03783d44
6861983	zfs should use new name <-> SID interfaces (N/A)
6862984	userquota commands can hang (141445-06)

10299:80845694147f
6696858	zfs receive of incremental replication stream can dereference NULL pointer and crash (N/A)

10302:a9e3d1987706
6696858	zfs receive of incremental replication stream can dereference NULL pointer and crash (fix lint) (N/A)

10575:2a8816c5173b (partial merge)
6882227 spa_async_remove() shouldn't do a full clear (142901-14)

10800:469478b180d9
6880764	fsync on zfs is broken if writes are greater than 32kb on a hard crash and no log attached (142901-09)
6793430 zdb -ivvvv assertion failure: bp->blk_cksum.zc_word[2] == dmu_objset_id(zilog->zl_os) (N/A)

10801:e0bf032e8673 (partial merge)
6822816 assertion failed: zap_remove_int(ds_next_clones_obj) returns ENOENT (142901-09)

10810:b6b161a6ae4a
6892298 buf->b_hdr->b_state != arc_anon, file: ../../common/fs/zfs/arc.c, line: 2849 (142901-09)

10890:499786962772
6807339	spurious checksum errors when replacing a vdev (142901-13)

11249:6c30f7dfc97b
6906110 bad trap panic in zil_replay_log_record (142901-13)
6906946 zfs replay isn't handling uid/gid correctly (142901-13)

11454:6e69bacc1a5a
6898245 suspended zpool should not cause rest of the zfs/zpool commands to hang (142901-10)

11546:42ea6be8961b (partial merge)
6833999 3-way deadlock in dsl_dataset_hold_ref() and dsl_sync_task_group_sync() (142901-09)

Discussed with:	pjd
Approved by:	delphij (mentor)
Obtained from:	OpenSolaris (multiple Bug IDs)
MFC after:	2 months

1 files changed, 394 insertions, 0 deletions

diff --git a/cddl/contrib/opensolaris/lib/pyzfs/common/allow.py b/cddl/contrib/opensolaris/lib/pyzfs/common/allow.py
new file mode 100644
index 0000000..d3a03c7
--- /dev/null
+++ b/cddl/contrib/opensolaris/lib/pyzfs/common/allow.py
@@ -0,0 +1,394 @@
+#! /usr/bin/python2.4
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+# Use is subject to license terms.
+#
+
+"""This module implements the "zfs allow" and "zfs unallow" subcommands.
+The only public interface is the zfs.allow.do_allow() function."""
+
+import zfs.util
+import zfs.dataset
+import optparse
+import sys
+import pwd
+import grp
+import errno
+
+_ = zfs.util._
+
+class FSPerms(object):
+	"""This class represents all the permissions that are set on a
+	particular filesystem (not including those inherited)."""
+
+	__slots__ = "create", "sets", "local", "descend", "ld"
+	__repr__ = zfs.util.default_repr
+
+	def __init__(self, raw):
+		"""Create a FSPerms based on the dict of raw permissions
+		from zfs.ioctl.get_fsacl()."""
+		# set of perms
+		self.create = set()
+
+		# below are { "Ntype name": set(perms) }
+		# where N is a number that we just use for sorting,
+		# type is "user", "group", "everyone", or "" (for sets)
+		# name is a user, group, or set name, or "" (for everyone)
+		self.sets = dict()
+		self.local = dict()
+		self.descend = dict()
+		self.ld = dict()
+
+		# see the comment in dsl_deleg.c for the definition of whokey
+		for whokey in raw.keys():
+			perms = raw[whokey].keys()
+			whotypechr = whokey[0].lower()
+			ws = whokey[3:]
+			if whotypechr == "c":
+				self.create.update(perms)
+			elif whotypechr == "s":
+				nwho = "1" + ws
+				self.sets.setdefault(nwho, set()).update(perms)
+			else:
+				if whotypechr == "u":
+					try:
+						name = pwd.getpwuid(int(ws)).pw_name
+					except KeyError:
+						name = ws
+					nwho = "1user " + name
+				elif whotypechr == "g":
+					try:
+						name = grp.getgrgid(int(ws)).gr_name
+					except KeyError:
+						name = ws
+					nwho = "2group " + name
+				elif whotypechr == "e":
+					nwho = "3everyone"
+				else:
+					raise ValueError(whotypechr)
+
+				if whokey[1] == "l":
+					d = self.local
+				elif whokey[1] == "d":
+					d = self.descend
+				else:
+					raise ValueError(whokey[1])
+
+				d.setdefault(nwho, set()).update(perms)
+
+		# Find perms that are in both local and descend, and
+		# move them to ld.
+		for nwho in self.local:
+			if nwho not in self.descend:
+				continue
+			# note: these are set operations
+			self.ld[nwho] = self.local[nwho] & self.descend[nwho]
+			self.local[nwho] -= self.ld[nwho]
+			self.descend[nwho] -= self.ld[nwho]
+
+	@staticmethod
+	def __ldstr(d, header):
+		s = ""
+		for (nwho, perms) in sorted(d.items()):
+			# local and descend may have entries where perms
+			# is an empty set, due to consolidating all
+			# permissions into ld
+			if perms:
+				s += "\t%s %s\n" % \
+				    (nwho[1:], ",".join(sorted(perms)))
+		if s:
+			s = header + s
+		return s
+
+	def __str__(self):
+		s = self.__ldstr(self.sets, _("Permission sets:\n"))
+
+		if self.create:
+			s += _("Create time permissions:\n")
+			s += "\t%s\n" % ",".join(sorted(self.create))
+
+		s += self.__ldstr(self.local, _("Local permissions:\n"))
+		s += self.__ldstr(self.descend, _("Descendent permissions:\n"))
+		s += self.__ldstr(self.ld, _("Local+Descendent permissions:\n"))
+		return s.rstrip()
+
+def args_to_perms(parser, options, who, perms):
+	"""Return a dict of raw perms {"whostr" -> {"perm" -> None}}
+	based on the command-line input."""
+
+	# perms is not set if we are doing a "zfs unallow <who> <fs>" to
+	# remove all of someone's permissions
+	if perms:
+		setperms = dict(((p, None) for p in perms if p[0] == "@"))
+		baseperms = dict(((canonicalized_perm(p), None)
+		    for p in perms if p[0] != "@"))
+	else:
+		setperms = None
+		baseperms = None
+
+	d = dict()
+	
+	def storeperm(typechr, inheritchr, arg):
+		assert typechr in "ugecs"
+		assert inheritchr in "ld-"
+
+		def mkwhokey(t):
+			return "%c%c$%s" % (t, inheritchr, arg)
+
+		if baseperms or not perms:
+			d[mkwhokey(typechr)] = baseperms
+		if setperms or not perms:
+			d[mkwhokey(typechr.upper())] = setperms
+
+	def decodeid(w, toidfunc, fmt):
+		try:
+			return int(w)
+		except ValueError:
+			try:
+				return toidfunc(w)[2]
+			except KeyError:
+				parser.error(fmt % w)
+
+	if options.set:
+		storeperm("s", "-", who)
+	elif options.create:
+		storeperm("c", "-", "")
+	else:
+		for w in who:
+			if options.user:
+				id = decodeid(w, pwd.getpwnam,
+				    _("invalid user %s"))
+				typechr = "u"
+			elif options.group:
+				id = decodeid(w, grp.getgrnam,
+				    _("invalid group %s"))
+				typechr = "g"
+			elif w == "everyone":
+				id = ""
+				typechr = "e"
+			else:
+				try:
+					id = pwd.getpwnam(w)[2]
+					typechr = "u"
+				except KeyError:
+					try:
+						id = grp.getgrnam(w)[2]
+						typechr = "g"
+					except KeyError:
+						parser.error(_("invalid user/group %s") % w)
+			if options.local:
+				storeperm(typechr, "l", id)
+			if options.descend:
+				storeperm(typechr, "d", id)
+	return d
+
+perms_subcmd = dict(
+    create=_("Must also have the 'mount' ability"),
+    destroy=_("Must also have the 'mount' ability"),
+    snapshot=_("Must also have the 'mount' ability"),
+    rollback=_("Must also have the 'mount' ability"),
+    clone=_("""Must also have the 'create' ability and 'mount'
+\t\t\t\tability in the origin file system"""),
+    promote=_("""Must also have the 'mount'
+\t\t\t\tand 'promote' ability in the origin file system"""),
+    rename=_("""Must also have the 'mount' and 'create'
+\t\t\t\tability in the new parent"""),
+    receive=_("Must also have the 'mount' and 'create' ability"),
+    allow=_("Must also have the permission that is being\n\t\t\t\tallowed"),
+    mount=_("Allows mount/umount of ZFS datasets"),
+    share=_("Allows sharing file systems over NFS or SMB\n\t\t\t\tprotocols"),
+    send="",
+)
+
+perms_other = dict(
+    userprop=_("Allows changing any user property"),
+    userquota=_("Allows accessing any userquota@... property"),
+    groupquota=_("Allows accessing any groupquota@... property"),
+    userused=_("Allows reading any userused@... property"),
+    groupused=_("Allows reading any groupused@... property"),
+)
+
+def hasset(ds, setname):
+	"""Return True if the given setname (string) is defined for this
+	ds (Dataset)."""
+	# It would be nice to cache the result of get_fsacl().
+	for raw in ds.get_fsacl().values():
+		for whokey in raw.keys():
+			if whokey[0].lower() == "s" and whokey[3:] == setname:
+				return True
+	return False
+
+def canonicalized_perm(permname):
+	"""Return the canonical name (string) for this permission (string).
+	Raises ZFSError if it is not a valid permission."""
+	if permname in perms_subcmd.keys() or permname in perms_other.keys():
+		return permname
+	try:
+		return zfs.dataset.getpropobj(permname).name
+	except KeyError:
+		raise zfs.util.ZFSError(errno.EINVAL, permname,
+		    _("invalid permission"))
+		
+def print_perms():
+	"""Print the set of supported permissions."""
+	print(_("\nThe following permissions are supported:\n"))
+	fmt = "%-16s %-14s\t%s"
+	print(fmt % (_("NAME"), _("TYPE"), _("NOTES")))
+
+	for (name, note) in sorted(perms_subcmd.iteritems()):
+		print(fmt % (name, _("subcommand"), note))
+
+	for (name, note) in sorted(perms_other.iteritems()):
+		print(fmt % (name, _("other"), note))
+
+	for (name, prop) in sorted(zfs.dataset.proptable.iteritems()):
+		if prop.visible and prop.delegatable():
+			print(fmt % (name, _("property"), ""))
+
+def do_allow():
+	"""Implementes the "zfs allow" and "zfs unallow" subcommands."""
+	un = (sys.argv[1] == "unallow")
+
+	def usage(msg=None):
+		parser.print_help()
+		print_perms()
+		if msg:
+			print
+			parser.exit("zfs: error: " + msg)
+		else:
+			parser.exit()
+
+	if un:
+		u = _("""unallow [-rldug] <"everyone"|user|group>[,...]
+	    [<perm|@setname>[,...]] <filesystem|volume>
+	unallow [-rld] -e [<perm|@setname>[,...]] <filesystem|volume>
+	unallow [-r] -c [<perm|@setname>[,...]] <filesystem|volume>
+	unallow [-r] -s @setname [<perm|@setname>[,...]] <filesystem|volume>""")
+		verb = _("remove")
+		sstr = _("undefine permission set")
+	else:
+		u = _("""allow <filesystem|volume>
+	allow [-ldug] <"everyone"|user|group>[,...] <perm|@setname>[,...]
+	    <filesystem|volume>
+	allow [-ld] -e <perm|@setname>[,...] <filesystem|volume>
+	allow -c <perm|@setname>[,...] <filesystem|volume>
+	allow -s @setname <perm|@setname>[,...] <filesystem|volume>""")
+		verb = _("set")
+		sstr = _("define permission set")
+
+	parser = optparse.OptionParser(usage=u, prog="zfs")
+
+	parser.add_option("-l", action="store_true", dest="local",
+	    help=_("%s permission locally") % verb)
+	parser.add_option("-d", action="store_true", dest="descend",
+	    help=_("%s permission for descendents") % verb)
+	parser.add_option("-u", action="store_true", dest="user",
+	    help=_("%s permission for user") % verb)
+	parser.add_option("-g", action="store_true", dest="group",
+	    help=_("%s permission for group") % verb)
+	parser.add_option("-e", action="store_true", dest="everyone",
+	    help=_("%s permission for everyone") % verb)
+	parser.add_option("-c", action="store_true", dest="create",
+	    help=_("%s create time permissions") % verb)
+	parser.add_option("-s", action="store_true", dest="set", help=sstr)
+	if un:
+		parser.add_option("-r", action="store_true", dest="recursive",
+		    help=_("remove permissions recursively"))
+
+	if len(sys.argv) == 3 and not un:
+		# just print the permissions on this fs
+
+		if sys.argv[2] == "-h":
+			# hack to make "zfs allow -h" work
+			usage()
+		ds = zfs.dataset.Dataset(sys.argv[2])
+
+		p = dict()
+		for (fs, raw) in ds.get_fsacl().items():
+			p[fs] = FSPerms(raw)
+
+		for fs in sorted(p.keys(), reverse=True):
+			s = _("---- Permissions on %s ") % fs
+			print(s + "-" * (70-len(s)))
+			print(p[fs])
+		return
+	
+
+	(options, args) = parser.parse_args(sys.argv[2:])
+
+	if sum((bool(options.everyone), bool(options.user),
+	    bool(options.group))) > 1:
+		parser.error(_("-u, -g, and -e are mutually exclusive"))
+
+	def mungeargs(expected_len):
+		if un and len(args) == expected_len-1:
+			return (None, args[expected_len-2])
+		elif len(args) == expected_len:
+			return (args[expected_len-2].split(","),
+			    args[expected_len-1])
+		else:
+			usage(_("wrong number of parameters"))
+
+	if options.set:
+		if options.local or options.descend or options.user or \
+		    options.group or options.everyone or options.create:
+			parser.error(_("invalid option combined with -s"))
+		if args[0][0] != "@":
+			parser.error(_("invalid set name: missing '@' prefix"))
+
+		(perms, fsname) = mungeargs(3)
+		who = args[0]
+	elif options.create:
+		if options.local or options.descend or options.user or \
+		    options.group or options.everyone or options.set:
+			parser.error(_("invalid option combined with -c"))
+
+		(perms, fsname) = mungeargs(2)
+		who = None
+	elif options.everyone:
+		if options.user or options.group or \
+		    options.create or options.set:
+			parser.error(_("invalid option combined with -e"))
+
+		(perms, fsname) = mungeargs(2)
+		who = ["everyone"]
+	else:
+		(perms, fsname) = mungeargs(3)
+		who = args[0].split(",")
+
+	if not options.local and not options.descend:
+		options.local = True
+		options.descend = True
+
+	d = args_to_perms(parser, options, who, perms)
+
+	ds = zfs.dataset.Dataset(fsname, snaps=False)
+
+	if not un and perms:
+		for p in perms:
+			if p[0] == "@" and not hasset(ds, p):
+				parser.error(_("set %s is not defined") % p)
+
+	ds.set_fsacl(un, d)
+	if un and options.recursive:
+		for child in ds.descendents():
+			child.set_fsacl(un, d)