On Mon, Jul 17, 2006 at 09:44:28AM -0700, Bart Smaalders wrote: > Mark Shellenbaum wrote: > >PERMISSION GRANTING > > > > zfs allow -c <ability>[,<ability>...] <dataset> > > > >-c "Create" means that the permission will be granted (Locally) to the > >creator on any newly-created descendant filesystems. > > > >ALLOW EXAMPLE > > > >Lets setup a public build machine where engineers in group "staff" can > >create ZFS file systems,clones,snapshots and so on, but you want to allow > >only creator of the file system to destroy it. > > > ># zpool create sandbox <disks> > ># chmod 1777 /sandbox > ># zfs allow -l staff create sandbox > ># zfs allow -c create,destroy,snapshot,clone,promote,mount sandbox > > So as administrator what do I need to do to set > /export/home up for users to be able to create their own > snapshots, create dependent filesystems (but still mounted > underneath their /export/home/usrname)? > > In other words, is there a way to specify the rights of the > owner of a filesystem rather than the individual - eg, delayed > evaluation of the owner?
I think you're asking for the -c "Creator" flag. This allows permissions (eg, to take snapshots) to be granted to whoever creates the filesystem. The above example shows how this might be done. --matt _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
