![]() Must also have the mount ability and the create ability in the new parent. Must also have the mount ability and the create ability. The ability to create descendent file system with the zfs receivecommand. Must also have the mount ability and promote ability The ability to promote a clone to a dataset. The ability to mount and unmount a dataset and create and destroy volume The ability to create descendent datasets. Must also have the create ability and the mount ability in the origin file system. The ability to clone any of the dataset's snapshots. Must also have the permission that is being allowed. The ability to grant permissions that you have to another user. The following table describes the operations that can be delegated andĪny dependent permissions that are required to do the delegated operations. Permissions can be granted either locally, which is to theĬurrent dataset only, or granted to all descendents of the current dataset. Groups of individual permissions can be granted as a permission Individual permissions can be granted to a user, group, or On ZFS datasets to non-root users in the following ways: You can use the zfs allow command to grant permissions You can modify the ability to use delegated administration with theīy default, the delegation property is enabled. Tasks, see Part III, Roles, Rights Profiles, and Privileges, in System AdministrationĨ.1.1. zfs/snapshot directory.Ĭonsider using delegated administration for distributing ZFS tasks.įor information about using RBAC to manage general Solaris administration For example, a user withĮxplicit permissions could create a snapshot over NFS in the appropriate. NewlyĬreated file systems can automatically pick up permissions. Permissions can be distributed to specific file systems. ![]() Provides dynamic inheritance and you can control how the permissionsĬan be configured so that only the creator of a file systemĬan destroy the file systems they create. Permissions follow the ZFS storage pool when the pool is migrated. However, ZFS delegated administration provides the following advantages forĪdministering ZFS storage pools and file systems: ZFS delegated administration provides similar features to the RBAC security. Restrictions as normal ZFS file system names. ![]() After the character, the remaining characters in the set name have the same ![]() Permission sets begin with the letter and are limited to 64 characters in length. Of the set automatically pick up the change. A permission set can later be updated and all of the consumers Groups of permissions called permission sets canīe defined. Individual permissions can be explicitly specified such aĬreate, destroy, mount and snapshot, and so on. Two styles of delegated permissions are supported: This feature enables you to distribute fine-grained permissions to specific Users to perform ZFS administration tasks.ĭisplaying ZFS Delegated Permissions (Examples)Ĩ.1. This chapter describes how to use delegated administration to allow non-privileged Previous ZFS Administration Guide Next ZFS Delegated Administration ZFS and Traditional File System Differences ZFS Delegated Administration - ZFS Administration Guide ![]()
0 Comments
Leave a Reply. |