跳过导航链接 | |
退出打印视图 | |
Oracle Solaris 管理:ZFS 文件系统 Oracle Solaris 11 Information Library (简体中文) |
1. Oracle Solaris ZFS 文件系统(介绍)
3. Oracle Solaris ZFS 与传统文件系统之间的差别
7. 使用 Oracle Solaris ZFS 快照和克隆
8. 使用 ACL 和属性保护 Oracle Solaris ZFS 文件
可以使用 zfs unallow 命令删除已授予的委托权限。例如,用户 cindy 在 tank/cindy 文件系统上具有 create、destroy、mount 和 snapshot 权限。
# zfs allow cindy create,destroy,mount,snapshot tank/home/cindy # zfs allow tank/home/cindy ---- Permissions on tank/home/cindy ---------------------------------- Local+Descendent permissions: user cindy create,destroy,mount,snapshot
以下 zfs unallow 语法将从 tank/home/cindy 文件系统中删除用户 cindy 的 snapshot 权限:
# zfs unallow cindy snapshot tank/home/cindy # zfs allow tank/home/cindy ---- Permissions on tank/home/cindy ---------------------------------- Local+Descendent permissions: user cindy create,destroy,mount cindy% zfs create tank/home/cindy/data cindy% zfs snapshot tank/home/cindy@today cannot create snapshot 'tank/home/cindy@today': permission denied
作为另一个示例,用户 mark 在 tank/home/mark 文件系统上具有以下权限:
# zfs allow tank/home/mark ---- Permissions on tank/home/mark ---------------------------------- Local+Descendent permissions: user mark create,destroy,mount -------------------------------------------------------------
以下 zfs unallow 语法将从 tank/home/mark 文件系统中删除用户 mark 的所有权限:
# zfs unallow mark tank/home/mark
以下 zfs unallow 语法将删除对 tank 文件系统的权限集。
# zfs allow tank ---- Permissions on tank --------------------------------------------- Permission sets: @myset clone,create,destroy,mount,promote,readonly,snapshot Create time permissions: create,destroy,mount Local+Descendent permissions: group staff create,mount # zfs unallow -s @myset tank # zfs allow tank ---- Permissions on tank --------------------------------------------- Create time permissions: create,destroy,mount Local+Descendent permissions: group staff create,mount