You can use the following command to display permissions:
# zfs allow dataset |
This command displays permissions that are set or allowed on this dataset. The output contains the following components:
Permissions sets
Specific permissions or create-time permissions
Local dataset
Local and descendent datasets
Descendent datasets only
The following output in this example indicates that user cindys has permissions to create, destroy, mount, snapshot in the tank/cindys file system.
# zfs allow tank/cindys ------------------------------------------------------------- Local+Descendent permissions on (tank/cindys) user cindys create,destroy,mount,snapshot |
The output in this example indicates the following permissions on the pool/fred and pool file systems.
For the pool/fred file system:
Two permission sets are defined:
@eng (create, destroy, snapshot, mount, clone, promote, rename)
@simple (create, mount)
Create-time permissions are set for the @eng permission set and the mountpoint property. Create-time means that after a dataset set is created, the @eng permission set and the mountpoint property are granted.
User tom is granted the @eng permission set, and user joe is granted create, destroy, and mount permissions for local file systems.
User fred is granted the @basic permission set, and share and rename permissions for the local and descendent file systems.
User barney and the staff group are granted the @basic permission set for descendent file systems only.
For the pool file system:
The permission set @simple (create, destroy, mount) is defined.
The group staff is granted the @simple permission set on the local file system.
Here is the output for this example:
$ zfs allow pool/fred ------------------------------------------------------------------------------ Permission sets on (pool/fred) @eng create,destroy,snapshot,mount,clone,promote,rename @simple create,mount Create time permissions on (pool/fred) @eng,mountpoint Local permissions on (pool/fred) user tom @eng user joe create,destroy,mount Local+Descendent permissions on (pool/fred) user fred @basic,share,rename Descendent permissions on (pool/fred) user barney @basic group staff @basic ------------------------------------------------------------------------------ Permission sets on (pool) @simple create,destroy,mount Local permissions on (pool) group staff @simple ------------------------------------------------------------------------------ |