删除 ZFS 委托权限(示例)
可以使用 zfs unallow 命令删除已委托的权限。例如,用户 cindys 具有在 tank/cindys 文件系统上的 create、destroy、mount 和 snapshot 权限。
# zfs allow cindys create,destroy,mount,snapshot tank/cindys
# zfs allow tank/cindys
-------------------------------------------------------------
Local+Descendent permissions on (tank/cindys)
user cindys create,destroy,mount,snapshot
-------------------------------------------------------------
|
以下 zfs unallow 语法将从 tank/cindys 文件系统中删除用户 cindys 的快照权限:
# zfs unallow cindys snapshot tank/cindys
# zfs allow tank/cindys
-------------------------------------------------------------
Local+Descendent permissions on (tank/cindys)
user cindys create,destroy,mount
-------------------------------------------------------------
cindys% zfs create tank/cindys/data
cindys% zfs snapshot tank/cindys@today
cannot create snapshot 'tank/cindys@today': permission denied
|
作为另一个示例,用户 marks 具有 tank/marks 文件系统上的以下权限:
# zfs allow tank/marks
-------------------------------------------------------------
Local+Descendent permissions on (tank/marks)
user marks create,destroy,mount
-------------------------------------------------------------
|
以下 zfs unallow 语法将从 tank/marks 文件系统中删除用户 marks 的所有权限:
# zfs unallow marks tank/marks |
以下 zfs unallow 语法将删除对 tank 文件系统的权限集。
# zfs allow tank
-------------------------------------------------------------
Permission sets on (tank)
@myset clone,create,destroy,mount,promote,readonly,snapshot
Create time permissions on (tank)
create,destroy,mount
Local+Descendent permissions on (tank)
group staff create,mount
-------------------------------------------------------------
# zfs unallow -s @myset tank
$ zfs allow tank
-------------------------------------------------------------
Create time permissions on (tank)
create,destroy,mount
Local+Descendent permissions on (tank)
group staff create,mount
-------------------------------------------------------------
|
- © 2010, Oracle Corporation and/or its affiliates