Well, when I set something similar up, I added the "ZFS File System Management" profile to the user with the users-admin GUI, and used "pfexec zfs receive ..." for the receive command. As I understand it, it means that it is allowed to run "zfs" with root privileges, so it wouldn't be limited to one pool, or to specific subcommands, so perhaps it is more than you want. I haven't used it with comstar, but I would expect root privileges to be enough.
Tim On Sun, Sep 2, 2012 at 6:03 AM, Florian <flor...@acw.at> wrote: > Hello, > > I want to create a user to do a backup of my OI Server. > > I created it with: > useradd -m -d /home/backup -s /bin/bash backup > then: > zfs allow -s @adminrole create,destroy,snapshot,** > rollback,clone,promote,rename,**mount,send,receive,quota,**reservation > tank > zfs allow backup @adminrole tank > > With this user, I can send and receive snapshots, but I usually use > COMSTAR devices and with them, I get the following problem: > receiving full stream of tank/raid1-0@20120831-2017 into > tank/backup_raid/raid1-0@**20120831-2017 *cannot receive stmf_sbd_lu > property on tank/backup_raidreceived 5.01GB stream in 209 seconds > (24.5MB/sec) : permission denied* > > I used this command: > zfs send -R tank/raid1-0@20120831-2017 | ssh > backup@192.168.10.201"/usr/sbin/zfs receive -Fduv tank/backup_raid" > > My big question is now: > How can I create an user who is able to do a whole zfs send and receive > backup, with all properties. > > This command won't work: > *chmod A+user:marks:add_subdirectory:**fd:allow /tank* > This command is listed in the oracle howto to delegate zfs permissions to > other users. > > > Best regards, > Florian > ______________________________**_________________ > OpenIndiana-discuss mailing list > OpenIndiana-discuss@**openindiana.org<OpenIndiana-discuss@openindiana.org> > http://openindiana.org/**mailman/listinfo/openindiana-**discuss<http://openindiana.org/mailman/listinfo/openindiana-discuss> > _______________________________________________ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
