1.\" 2.\" CDDL HEADER START 3.\" 4.\" The contents of this file are subject to the terms of the 5.\" Common Development and Distribution License (the "License"). 6.\" You may not use this file except in compliance with the License. 7.\" 8.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9.\" or http://www.opensolaris.org/os/licensing. 10.\" See the License for the specific language governing permissions 11.\" and limitations under the License. 12.\" 13.\" When distributing Covered Code, include this CDDL HEADER in each 14.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15.\" If applicable, add the following below this CDDL HEADER, with the 16.\" fields enclosed by brackets "[]" replaced with your own identifying 17.\" information: Portions Copyright [yyyy] [name of copyright owner] 18.\" 19.\" CDDL HEADER END 20.\" 21.\" Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved. 22.\" Copyright 2011 Joshua M. Clulow <josh@sysmgr.org> 23.\" Copyright (c) 2011, 2019 by Delphix. All rights reserved. 24.\" Copyright (c) 2013 by Saso Kiselkov. All rights reserved. 25.\" Copyright (c) 2014, Joyent, Inc. All rights reserved. 26.\" Copyright (c) 2014 by Adam Stevko. All rights reserved. 27.\" Copyright (c) 2014 Integros [integros.com] 28.\" Copyright 2019 Richard Laager. All rights reserved. 29.\" Copyright 2018 Nexenta Systems, Inc. 30.\" Copyright 2019 Joyent, Inc. 31.\" 32.Dd May 27, 2021 33.Dt ZFS-ALLOW 8 34.Os 35. 36.Sh NAME 37.Nm zfs-allow 38.Nd delegate ZFS administration permissions to unprivileged users 39.Sh SYNOPSIS 40.Nm zfs 41.Cm allow 42.Op Fl dglu 43.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns … 44.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 45.Ar setname Oc Ns … 46.Ar filesystem Ns | Ns Ar volume 47.Nm zfs 48.Cm allow 49.Op Fl dl 50.Fl e Ns | Ns Sy everyone 51.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 52.Ar setname Oc Ns … 53.Ar filesystem Ns | Ns Ar volume 54.Nm zfs 55.Cm allow 56.Fl c 57.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 58.Ar setname Oc Ns … 59.Ar filesystem Ns | Ns Ar volume 60.Nm zfs 61.Cm allow 62.Fl s No @ Ns Ar setname 63.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 64.Ar setname Oc Ns … 65.Ar filesystem Ns | Ns Ar volume 66.Nm zfs 67.Cm unallow 68.Op Fl dglru 69.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns … 70.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 71.Ar setname Oc Ns … Oc 72.Ar filesystem Ns | Ns Ar volume 73.Nm zfs 74.Cm unallow 75.Op Fl dlr 76.Fl e Ns | Ns Sy everyone 77.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 78.Ar setname Oc Ns … Oc 79.Ar filesystem Ns | Ns Ar volume 80.Nm zfs 81.Cm unallow 82.Op Fl r 83.Fl c 84.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 85.Ar setname Oc Ns … Oc 86.Ar filesystem Ns | Ns Ar volume 87.Nm zfs 88.Cm unallow 89.Op Fl r 90.Fl s No @ Ns Ar setname 91.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 92.Ar setname Oc Ns … Oc 93.Ar filesystem Ns | Ns Ar volume 94. 95.Sh DESCRIPTION 96.Bl -tag -width "" 97.It Xo 98.Nm zfs 99.Cm allow 100.Ar filesystem Ns | Ns Ar volume 101.Xc 102Displays permissions that have been delegated on the specified filesystem or 103volume. 104See the other forms of 105.Nm zfs Cm allow 106for more information. 107.Pp 108Delegations are supported under Linux with the exception of 109.Sy mount , 110.Sy unmount , 111.Sy mountpoint , 112.Sy canmount , 113.Sy rename , 114and 115.Sy share . 116These permissions cannot be delegated because the Linux 117.Xr mount 8 118command restricts modifications of the global namespace to the root user. 119.It Xo 120.Nm zfs 121.Cm allow 122.Op Fl dglu 123.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns … 124.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 125.Ar setname Oc Ns … 126.Ar filesystem Ns | Ns Ar volume 127.Xc 128.It Xo 129.Nm zfs 130.Cm allow 131.Op Fl dl 132.Fl e Ns | Ns Sy everyone 133.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 134.Ar setname Oc Ns … 135.Ar filesystem Ns | Ns Ar volume 136.Xc 137Delegates ZFS administration permission for the file systems to non-privileged 138users. 139.Bl -tag -width "-d" 140.It Fl d 141Allow only for the descendent file systems. 142.It Fl e Ns | Ns Sy everyone 143Specifies that the permissions be delegated to everyone. 144.It Fl g Ar group Ns Oo , Ns Ar group Oc Ns … 145Explicitly specify that permissions are delegated to the group. 146.It Fl l 147Allow 148.Qq locally 149only for the specified file system. 150.It Fl u Ar user Ns Oo , Ns Ar user Oc Ns … 151Explicitly specify that permissions are delegated to the user. 152.It Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns … 153Specifies to whom the permissions are delegated. 154Multiple entities can be specified as a comma-separated list. 155If neither of the 156.Fl gu 157options are specified, then the argument is interpreted preferentially as the 158keyword 159.Sy everyone , 160then as a user name, and lastly as a group name. 161To specify a user or group named 162.Qq everyone , 163use the 164.Fl g 165or 166.Fl u 167options. 168To specify a group with the same name as a user, use the 169.Fl g 170options. 171.It Xo 172.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 173.Ar setname Oc Ns … 174.Xc 175The permissions to delegate. 176Multiple permissions may be specified as a comma-separated list. 177Permission names are the same as ZFS subcommand and property names. 178See the property list below. 179Property set names, which begin with 180.Sy @ , 181may be specified. 182See the 183.Fl s 184form below for details. 185.El 186.Pp 187If neither of the 188.Fl dl 189options are specified, or both are, then the permissions are allowed for the 190file system or volume, and all of its descendents. 191.Pp 192Permissions are generally the ability to use a ZFS subcommand or change a ZFS 193property. 194The following permissions are available: 195.TS 196l l l . 197NAME TYPE NOTES 198_ _ _ 199allow subcommand Must also have the permission that is being allowed 200bookmark subcommand 201clone subcommand Must also have the \fBcreate\fR ability and \fBmount\fR ability in the origin file system 202create subcommand Must also have the \fBmount\fR ability. Must also have the \fBrefreservation\fR ability to create a non-sparse volume. 203destroy subcommand Must also have the \fBmount\fR ability 204diff subcommand Allows lookup of paths within a dataset given an object number, and the ability to create snapshots necessary to \fBzfs diff\fR. 205hold subcommand Allows adding a user hold to a snapshot 206load subcommand Allows loading and unloading of encryption key (see \fBzfs load-key\fR and \fBzfs unload-key\fR). 207change subcommand Allows changing an encryption key via \fBzfs change-key\fR. 208mount subcommand Allows mounting/umounting ZFS datasets 209promote subcommand Must also have the \fBmount\fR and \fBpromote\fR ability in the origin file system 210receive subcommand Must also have the \fBmount\fR and \fBcreate\fR ability 211release subcommand Allows releasing a user hold which might destroy the snapshot 212rename subcommand Must also have the \fBmount\fR and \fBcreate\fR ability in the new parent 213rollback subcommand Must also have the \fBmount\fR ability 214send subcommand 215share subcommand Allows sharing file systems over NFS or SMB protocols 216snapshot subcommand Must also have the \fBmount\fR ability 217 218groupquota other Allows accessing any \fBgroupquota@\fI...\fR property 219groupused other Allows reading any \fBgroupused@\fI...\fR property 220userprop other Allows changing any user property 221userquota other Allows accessing any \fBuserquota@\fI...\fR property 222userused other Allows reading any \fBuserused@\fI...\fR property 223projectobjquota other Allows accessing any \fBprojectobjquota@\fI...\fR property 224projectquota other Allows accessing any \fBprojectquota@\fI...\fR property 225projectobjused other Allows reading any \fBprojectobjused@\fI...\fR property 226projectused other Allows reading any \fBprojectused@\fI...\fR property 227 228aclinherit property 229acltype property 230atime property 231canmount property 232casesensitivity property 233checksum property 234compression property 235copies property 236devices property 237exec property 238filesystem_limit property 239mountpoint property 240nbmand property 241normalization property 242primarycache property 243quota property 244readonly property 245recordsize property 246refquota property 247refreservation property 248reservation property 249secondarycache property 250setuid property 251sharenfs property 252sharesmb property 253snapdir property 254snapshot_limit property 255utf8only property 256version property 257volblocksize property 258volsize property 259vscan property 260xattr property 261zoned property 262.TE 263.It Xo 264.Nm zfs 265.Cm allow 266.Fl c 267.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 268.Ar setname Oc Ns … 269.Ar filesystem Ns | Ns Ar volume 270.Xc 271Sets 272.Qq create time 273permissions. 274These permissions are granted 275.Pq locally 276to the creator of any newly-created descendent file system. 277.It Xo 278.Nm zfs 279.Cm allow 280.Fl s No @ Ns Ar setname 281.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 282.Ar setname Oc Ns … 283.Ar filesystem Ns | Ns Ar volume 284.Xc 285Defines or adds permissions to a permission set. 286The set can be used by other 287.Nm zfs Cm allow 288commands for the specified file system and its descendents. 289Sets are evaluated dynamically, so changes to a set are immediately reflected. 290Permission sets follow the same naming restrictions as ZFS file systems, but the 291name must begin with 292.Sy @ , 293and can be no more than 64 characters long. 294.It Xo 295.Nm zfs 296.Cm unallow 297.Op Fl dglru 298.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns … 299.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 300.Ar setname Oc Ns … Oc 301.Ar filesystem Ns | Ns Ar volume 302.Xc 303.It Xo 304.Nm zfs 305.Cm unallow 306.Op Fl dlr 307.Fl e Ns | Ns Sy everyone 308.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 309.Ar setname Oc Ns … Oc 310.Ar filesystem Ns | Ns Ar volume 311.Xc 312.It Xo 313.Nm zfs 314.Cm unallow 315.Op Fl r 316.Fl c 317.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 318.Ar setname Oc Ns … Oc 319.Ar filesystem Ns | Ns Ar volume 320.Xc 321Removes permissions that were granted with the 322.Nm zfs Cm allow 323command. 324No permissions are explicitly denied, so other permissions granted are still in 325effect. 326For example, if the permission is granted by an ancestor. 327If no permissions are specified, then all permissions for the specified 328.Ar user , 329.Ar group , 330or 331.Sy everyone 332are removed. 333Specifying 334.Sy everyone 335.Po or using the 336.Fl e 337option 338.Pc 339only removes the permissions that were granted to everyone, not all permissions 340for every user and group. 341See the 342.Nm zfs Cm allow 343command for a description of the 344.Fl ldugec 345options. 346.Bl -tag -width "-r" 347.It Fl r 348Recursively remove the permissions from this file system and all descendents. 349.El 350.It Xo 351.Nm zfs 352.Cm unallow 353.Op Fl r 354.Fl s No @ Ns Ar setname 355.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns 356.Ar setname Oc Ns … Oc 357.Ar filesystem Ns | Ns Ar volume 358.Xc 359Removes permissions from a permission set. 360If no permissions are specified, then all permissions are removed, thus removing 361the set entirely. 362.El 363