Removing ZFS Delegated Permissions Examples
You can use the zfs unallow command to remove delegated permissions. For
example, user mindy has create,
destroy, mount, and
snapshot permissions on the system1/mindy
file system.
$ zfs allow mindy create,destroy,mount,snapshot system1/home/mindy $ zfs allow system1/home/mindy ---- Permissions on system1/home/mindy ---------------------------------- Local+descendant permissions: user mindy create,destroy,mount,snapshot
The following zfs unallow syntax removes user mindy's
snapshot permission from the
system1/home/mindy file system:
$ zfs unallow mindy snapshot system1/home/mindy $ zfs allow system1/home/mindy ---- Permissions on system1/home/mindy ---------------------------------- Local+descendant permissions: user mindy create,destroy,mount mindy% zfs create system1/home/mindy/data mindy% zfs snapshot system1/home/mindy@today cannot create snapshot 'system1/home/mindy@today': permission denied
As another example, user mork has the following permissions on the
system1/home/mork file system:
$ zfs allow system1/home/mork
---- Permissions on system1/home/mork ----------------------------------
Local+descendant permissions:
user mork create,destroy,mount
-------------------------------------------------------------The following zfs unallow syntax removes all permissions for user
mork from the system1/home/mork file
system:
$ zfs unallow mork system1/home/mork
The following zfs unallow syntax removes a permission set on the system1 file system.
$ zfs allow system1 ---- Permissions on system1 --------------------------------------------- Permission sets: @myset clone,create,destroy,mount,promote,readonly,snapshot Create time permissions: create,destroy,mount Local+descendant permissions: group staff create,mount $ zfs unallow -s @myset system1 $ zfs allow system1 ---- Permissions on system1 --------------------------------------------- Create time permissions: create,destroy,mount Local+descendant permissions: group staff create,mount