Oracle^® ZFS Storage Appliance Administration Guide, Release OS8.8.0

Editing Exceptions for a User (CLI)

Use the following procedure to edit exceptions for a user.

1. Go to configuration users.
2. Type select followed by the username.
3. Type exceptions.
4. Type create.
5. Type set scope= followed by the scope name. Use tab-completion to see the list.
6. Type show to list properties.
7. Type set to set the desired properties to true.
8. Type commit.

   The exception has now been added.

Example 3  Adding an Exception to Exclude Scope Authorizations

This example adds an exception to exclude svc scope authorizations for the user "brendan":

hostname:configuration users brendan > exceptions
hostname:configuration users brendan exceptions > create
hostname:configuration users brendan auth (uncommitted) > show
Properties:
                         scope = (unset)
hostname:configuration users brendan auth (uncommitted) > set scope=svc
                         scope = svc 
hostname:configuration users brendan auth (uncommitted) > show
Properties:
                         scope = svc
                       service = *
              allow_administer = false
               allow_configure = false
                 allow_restart = false
hostname:configuration users brendan auth (uncommitted) > commit
hostname:configuration users brendan exceptions > show
Auths:

NAME            OBJECT                               PERMISSIONS
auth-000        svc.*                                none 

hostname:configuration users brendan exceptions > select auth-000
hostname:configuration users brendan auth-000 > show
Properties:
                         scope = svc
                       service = *
              allow_administer = false
               allow_configure = false
                 allow_restart = false

hostname:configuration users brendan auth-000 >

Example 4  Adding an Exception to Include Scope Authorizations

This example adds an exception to include a scope authorization that is not part of the role "webadmin":

hostname:configuration users brendan exceptions > create
hostname:configuration users brendan auth (uncommitted) > set scope=appliance
                         scope = appliance 
hostname:configuration users brendan auth (uncommitted) > show
Properties:
                         scope = appliance
                       service = *
                   allow_audit = false
            allow_factoryReset = false
                allow_powerOff = false
                  allow_reboot = false
                 allow_setName = false
                   allow_shell = false
                   
hostname:configuration users brendan auth (uncommitted) > set allow_audit=true
                   allow_audit = true (uncommitted) 
hostname:configuration users brendan auth (uncommitted) > commit
hostname:configuration users brendan exceptions > show
Auths:

NAME            OBJECT                               PERMISSIONS
auth-000        svc.*                                none 
auth-001        appliance.*                          audit 

hostname:configuration users brendan exceptions > 

Related Topics

• Understanding Users and Roles

• User Authorizations

• Managing User Properties