Stefan Dormayer
2011-Feb-17 20:44 UTC
[zfs-discuss] disable zfs/zpool destroy for root user
Hi all, is there a way to disable the subcommand destroy of zpool/zfs for the root user? Best regards Stefan
Richard Elling
2011-Feb-17 21:07 UTC
[zfs-discuss] disable zfs/zpool destroy for root user
On Feb 17, 2011, at 12:44 PM, Stefan Dormayer wrote:> Hi all, > > is there a way to disable the subcommand destroy of zpool/zfs for the root user?Which OS? -- richard
Stefan Dormayer
2011-Feb-17 21:08 UTC
[zfs-discuss] disable zfs/zpool destroy for root user
It''s Solaris 11 Express... Stefan Am 17.02.2011 22:07, schrieb Richard Elling:> On Feb 17, 2011, at 12:44 PM, Stefan Dormayer wrote: > >> Hi all, >> >> is there a way to disable the subcommand destroy of zpool/zfs for the root user? > Which OS? > -- richard >
On Thu, Feb 17, 2011 at 3:07 PM, Richard Elling <richard.elling at gmail.com> wrote:> On Feb 17, 2011, at 12:44 PM, Stefan Dormayer wrote: > >> Hi all, >> >> is there a way to disable the subcommand destroy of zpool/zfs for the root user? > > Which OS?Heheh. Great answer. The real answer depends also on what the OP meant by "root". "root" in Solaris isn''t the all-powerful thing it used to be, or, rather, it is, but its power can be limited. And not just on Solaris either. The OP''s question is difficult to answer because the question isn''t the one the OP really wants to ask -- we must tease out that real question, or guess. I''d start with: just what is it that you want to accomplish? Nico --
Darren J Moffat
2011-Feb-18 10:09 UTC
[zfs-discuss] disable zfs/zpool destroy for root user
On 17/02/2011 20:44, Stefan Dormayer wrote:> is there a way to disable the subcommand destroy of zpool/zfs for the > root user?ZFS doesn''t actually require root for those it actually checks for individual privileges. Mostly that amounts to "sys_mount" and "sys_config" (for pool operations) - though those aren''t documented requirements. By default the root user ends up being able to do anything to any pool or dataset and all other users need to be granted access via ''zfs allow''. Would it be useful if you could remove the ability for a root user in a zone to do zfs operations on delegated datasets ? Doing this for the global zone is a little harder but for a local zone it can be done by extending the ''zfs allow'' mechanism. See: http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=7011365 -- Darren J Moffat